From 11e1857f5ec8dcbc69923cdcfe8f87d51f872117 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Thu, 17 Mar 2022 13:44:33 +0100
Subject: [PATCH] ssl_client.c: Fix key share code guards

In TLS 1.3 key sharing is not restricted to key
exchange with certificate authentication. It
happens in the PSK and ephemeral key exchange
mode as well where there is no certificate
authentication.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 library/ssl_client.c       |  6 +++++-
 library/ssl_misc.h         |  6 ++----
 library/ssl_tls13_client.c | 12 ------------
 3 files changed, 7 insertions(+), 17 deletions(-)

diff --git a/library/ssl_client.c b/library/ssl_client.c
index 769a8f293e..33c02e69de 100644
--- a/library/ssl_client.c
+++ b/library/ssl_client.c
@@ -434,7 +434,7 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
 #endif
 
 #if defined(MBEDTLS_SSL_PROTO_TLS1_3)
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
+#if defined(MBEDTLS_ECDH_C)
     if( mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
     {
         ret = mbedtls_ssl_write_supported_groups_ext( ssl, p, end, &output_len );
@@ -442,7 +442,11 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
             return( ret );
         p += output_len;
     }
+#endif /* MBEDTLS_ECDH_C */
+#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
 
+#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
+#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     if( mbedtls_ssl_conf_tls13_ephemeral_enabled( ssl ) )
     {
         ret = mbedtls_ssl_write_sig_alg_ext( ssl, p, end, &output_len );
diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index 2586c6d253..204c44890b 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1897,16 +1897,14 @@ static inline int mbedtls_ssl_tls13_named_group_is_dhe( uint16_t named_group )
             named_group <= MBEDTLS_SSL_IANA_TLS_GROUP_FFDHE8192 );
 }
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) || \
-    defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
+#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \
     defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
 int mbedtls_ssl_write_supported_groups_ext( mbedtls_ssl_context *ssl,
                                             unsigned char *buf,
                                             const unsigned char *end,
                                             size_t *out_len );
 
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED ||
-          MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
+#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C ||
           MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
 /*
  * Return supported signature algorithms.
diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 88cd22ad4b..f701215dae 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c
@@ -159,8 +159,6 @@ static int ssl_tls13_parse_alpn_ext( mbedtls_ssl_context *ssl,
 }
 #endif /* MBEDTLS_SSL_ALPN */
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-
 static int ssl_tls13_reset_key_share( mbedtls_ssl_context *ssl )
 {
     uint16_t group_id = ssl->handshake->offered_group_id;
@@ -584,8 +582,6 @@ static int ssl_tls13_parse_key_share_ext( mbedtls_ssl_context *ssl,
     return( ret );
 }
 
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
 /*
  * ssl_tls13_parse_cookie_ext()
  *      Parse cookie extension in Hello Retry Request
@@ -699,7 +695,6 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
         return( ret );
     p += ext_len;
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     if( mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
     {
         ret = ssl_tls13_write_key_share_ext( ssl, p, end, &ext_len );
@@ -707,7 +702,6 @@ int mbedtls_ssl_tls13_write_client_hello_exts( mbedtls_ssl_context *ssl,
             return( ret );
         p += ext_len;
     }
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
     *out_len = p - buf;
 
@@ -1093,7 +1087,6 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
                 fatal_alert = MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT;
                 goto cleanup;
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
             case MBEDTLS_TLS_EXT_KEY_SHARE:
                 MBEDTLS_SSL_DEBUG_MSG( 3, ( "found key_shares extension" ) );
                 if( ! mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) )
@@ -1116,7 +1109,6 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
                     goto cleanup;
                 }
                 break;
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
             default:
                 MBEDTLS_SSL_DEBUG_MSG(
@@ -1271,7 +1263,6 @@ cleanup:
 
 static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl )
 {
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
 
 #if defined(MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE)
@@ -1296,9 +1287,6 @@ static int ssl_tls13_postprocess_hrr( mbedtls_ssl_context *ssl )
     ret = ssl_tls13_reset_key_share( ssl );
     if( ret != 0 )
         return( ret );
-#else
-    ((void) ssl);
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
 
     return( 0 );
 }