ssl_client.c: Fix key share code guards

In TLS 1.3 key sharing is not restricted to key exchange with certificate authentication. It happens in the PSK and ephemeral key exchange mode as well where there is no certificate authentication. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2025-01-29 21:33:02 +00:00 · 2022-03-17 13:44:33 +01:00 · 2022-03-17 13:44:33 +01:00 · 11e1857f5e
commit 11e1857f5e
parent df823bf39b
3 changed files with 7 additions and 17 deletions
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@ -434,7 +434,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
 #endif

 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_ECDH_C)
    if( mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
    {
        ret = mbedtls_ssl_write_supported_groups_ext( ssl, p, end, &output_len );
@ -442,7 +442,11 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
            return( ret );
        p += output_len;
    }
+#endif /* MBEDTLS_ECDH_C */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */

+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    if( mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) )
    {
        ret = mbedtls_ssl_write_sig_alg_ext( ssl, p, end, &output_len );
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@ -1897,16 +1897,14 @@ static inline int mbedtls_ssl_tls13_named_group_is_dhe( uint16_t named_group )
            named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 );
 }

-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) || \
-    defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
 int mbedtls_ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
                                            unsigned char *buf,
                                            const unsigned char *end,
                                            size_t *out_len );

-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED ||
-          MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
          MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
 /*
 * Return supported signature algorithms.
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@ -159,8 +159,6 @@ static int ssl_tls13_parse_alpn_ext( mbedtls_ssl_context *ssl,
 }
 #endif /* MBEDTLS_SSL_ALPN */

-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-
 static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl )
 {
    uint16_t group_id = ssl->handshake->offered_group_id;
@ -584,8 +582,6 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
    return( ret );
 }

-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
 /*
 * ssl_tls13_parse_cookie_ext()
 *      Parse cookie extension in Hello Retry Request
@ -699,7 +695,6 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
        return( ret );
    p += ext_len;

-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    if( mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
    {
        ret = ssl_tls13_write_key_share_ext( ssl, p, end, &ext_len );
@ -707,7 +702,6 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
            return( ret );
        p += ext_len;
    }
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */

    *out_len = p - buf;

@ -1093,7 +1087,6 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
                fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT;
                goto cleanup;

-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
            case MBEDTLS_TLS_EXT_KEY_SHARE:
                MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) );
                if( ! mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
@ -1116,7 +1109,6 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
                    goto cleanup;
                }
                break;
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */

            default:
                MBEDTLS_SSL_DEBUG_MSG(
@ -1271,7 +1263,6 @@ cleanup:

 static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl )
 {
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
    int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;

 #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
@ -1296,9 +1287,6 @@ static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl )
    ret = ssl_tls13_reset_key_share( ssl );
    if( ret != 0 )
        return( ret );
-#else
-    ((void) ssl);
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */

    return( 0 );
 }