mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-25 00:39:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Pend a illeagal allert when selected_identity isn't 0

Browse Source 
Handshake should abort will illeagal parameter allert when
receiving early data extentions but the selected_identity
parsed from pre-share key isn't equal to 0.

Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
This commit is contained in:
Xiaokang Qian 2023-01-04 03:15:09 +00:00
parent 5b410075cf
commit 2a674937dd
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
library/ssl_tls13_client.c
View File

@ -1093,6 +1093,7 @@ static int ssl_tls13_parse_server_pre_shared_key_ext(mbedtls_ssl_context *ssl,
MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 2); MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end, 2);
selected_identity = MBEDTLS_GET_UINT16_BE(buf, 0); selected_identity = MBEDTLS_GET_UINT16_BE(buf, 0);
ssl->handshake->selected_identity = (uint16_t) selected_identity;
MBEDTLS_SSL_DEBUG_MSG(3, ("selected_identity = %d", selected_identity)); MBEDTLS_SSL_DEBUG_MSG(3, ("selected_identity = %d", selected_identity));
@ -2096,6 +2097,18 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
MBEDTLS_ERR_SSL_DECODE_ERROR); MBEDTLS_ERR_SSL_DECODE_ERROR);
return MBEDTLS_ERR_SSL_DECODE_ERROR; return MBEDTLS_ERR_SSL_DECODE_ERROR;
} }
if (ssl->handshake->selected_identity != 0) {
/* RFC8446 4.2.11
* If the server supplies an "early_data" extension, the
* client MUST verify that the server's selected_identity
* is 0. If any other value is returned, the client MUST
* abort the handshake with an "illegal_parameter" alert.
*/
MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
}
break; break;
#endif /* MBEDTLS_SSL_EARLY_DATA */ #endif /* MBEDTLS_SSL_EARLY_DATA */