From 3ce3bbdc00a54c18832c101bf04d908465f2d7ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 11 Oct 2013 16:53:50 +0200 Subject: [PATCH 1/7] Add support for ECDHE_PSK key exchange --- include/polarssl/config.h | 17 +++++ include/polarssl/ssl_ciphersuites.h | 1 + library/ssl_cli.c | 103 ++++++++++++++++++++++++++-- library/ssl_srv.c | 88 ++++++++++++++++++++---- library/ssl_tls.c | 12 ++-- 5 files changed, 197 insertions(+), 24 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index bd12343963..ed5ae2c8ce 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -280,6 +280,18 @@ */ #define POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED +/** + * \def POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED + * + * Enable the ECDHE-PSK based ciphersuite modes in SSL / TLS. + * + * Requires: POLARSSL_ECDH_C + * + * This enables the following ciphersuites (if other requisites are + * enabled as well): + */ +#define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED + /** * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED * @@ -1736,6 +1748,11 @@ #error "POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED defined, but not all prerequisites" #endif +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) && \ + !defined(POLARSSL_ECDH_C) +#error "POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" +#endif + #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) && \ ( !defined(POLARSSL_DHM_C) || !defined(POLARSSL_RSA_C) || \ !defined(POLARSSL_X509_CRT_PARSE_C) || !defined(POLARSSL_PKCS1_V15) ) diff --git a/include/polarssl/ssl_ciphersuites.h b/include/polarssl/ssl_ciphersuites.h index 73d626067a..715762282a 100644 --- a/include/polarssl/ssl_ciphersuites.h +++ b/include/polarssl/ssl_ciphersuites.h @@ -166,6 +166,7 @@ typedef enum { POLARSSL_KEY_EXCHANGE_PSK, POLARSSL_KEY_EXCHANGE_DHE_PSK, POLARSSL_KEY_EXCHANGE_RSA_PSK, + POLARSSL_KEY_EXCHANGE_ECDHE_PSK, } key_exchange_type_t; typedef struct _ssl_ciphersuite_t ssl_ciphersuite_t; diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 81d8e88347..178393a972 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1106,7 +1106,8 @@ static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p, POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) static int ssl_parse_server_ecdh_params( ssl_context *ssl, unsigned char **p, unsigned char *end ) @@ -1143,10 +1144,12 @@ static int ssl_parse_server_ecdh_params( ssl_context *ssl, return( ret ); } #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) static int ssl_parse_server_psk_hint( ssl_context *ssl, unsigned char **p, unsigned char *end ) @@ -1177,7 +1180,8 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl, return( ret ); } #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_SSL_PROTO_TLS1_2) #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ @@ -1254,7 +1258,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_PSK && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK && + ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; @@ -1352,6 +1357,25 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) } else #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + { + unsigned char *p = ssl->in_msg + 4; + unsigned char *end = ssl->in_msg + ssl->in_hslen; + + if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } + else +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); } @@ -1880,6 +1904,75 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) } else #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + { + unsigned char *p = ssl->handshake->premaster; + + /* + * ECDHE_PSK key exchange: RFC 5489, section 2 + * + * opaque psk_identity<0..2^16-1>; + * ClientECDiffieHellmanPublic public; + */ + if( ssl->psk == NULL ) + return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + + if( sizeof(ssl->handshake->premaster) < 4 + ssl->psk_identity_len ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + i = 4; + n = ssl->psk_identity_len; + ssl->out_msg[4] = (unsigned char)( n >> 8 ); + ssl->out_msg[5] = (unsigned char)( n ); + + memcpy( ssl->out_msg + 6, ssl->psk_identity, ssl->psk_identity_len ); + + ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, + &ssl->out_msg[8 + ssl->psk_identity_len], 512, + ssl->f_rng, ssl->p_rng ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "ecdh_make_public", ret ); + return( ret ); + } + + ssl->out_msg[6 + ssl->psk_identity_len] = (unsigned char)( n >> 8 ); + ssl->out_msg[7 + ssl->psk_identity_len] = (unsigned char)( n ); + + SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + + /* + * PMS = struct { + * opaque other_secret<0..2^16-1>; + * opaque psk<0..2^16-1>; + * }; + * with "other_secret" containing Z from ECDH + */ + if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &n, + p + 2, POLARSSL_MPI_MAX_SIZE, + ssl->f_rng, ssl->p_rng ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + return( ret ); + } + + *(p++) = (unsigned char)( n >> 8 ); + *(p++) = (unsigned char)( n ); + p += n; + + SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + + *(p++) = (unsigned char)( ssl->psk_len >> 8 ); + *(p++) = (unsigned char)( ssl->psk_len ); + memcpy( p, ssl->psk, ssl->psk_len ); + p += ssl->psk_len; + + ssl->handshake->pmslen = 4 + n + ssl->psk_len; + n = ssl->handshake->pmslen; + } + else +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 15d14fa885..b128d9dadd 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1750,7 +1750,8 @@ static int ssl_write_certificate_request( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); ssl->state++; @@ -1776,6 +1777,7 @@ static int ssl_write_certificate_request( ssl_context *ssl ) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || ssl->authmode == SSL_VERIFY_NONE ) { SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); @@ -1928,15 +1930,18 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) if( ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_RSA && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK && + ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); ssl->state++; return( 0 ); } -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) +#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { /* TODO: Support identity hints */ *(p++) = 0x00; @@ -1944,7 +1949,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) n += 2; } -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) @@ -1991,9 +1997,12 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { /* * Ephemeral ECDH parameters: @@ -2031,7 +2040,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q ); } #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ @@ -2278,10 +2288,11 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) + defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) static int ssl_parse_client_ecdh_public( ssl_context *ssl ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; + int ret; size_t n; /* @@ -2308,7 +2319,8 @@ static int ssl_parse_client_ecdh_public( ssl_context *ssl ) return( ret ); } #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ + POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) @@ -2380,7 +2392,8 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, const unsigned char *end ) { @@ -2447,7 +2460,8 @@ static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, return( ret ); } #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ static int ssl_parse_client_key_exchange( ssl_context *ssl ) { @@ -2490,7 +2504,6 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) ssl->handshake->pmslen = ssl->handshake->dhm_ctx.len; - /* No blinding needed for DHE, but will be needed for fixed DH! */ if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, ssl->handshake->premaster, &ssl->handshake->pmslen, @@ -2584,7 +2597,6 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) n = ssl->handshake->dhm_ctx.len; - /* No blinding needed since this is ephemeral DHM */ if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, p, &n, ssl->f_rng, ssl->p_rng ) ) != 0 ) { @@ -2605,6 +2617,52 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) } else #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + { + size_t n; + unsigned char *p = ssl->in_msg + 4; + unsigned char *end = ssl->in_msg + ssl->in_msglen; + + if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) + { + SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + if( ( ret = ssl_parse_client_ecdh_public( ssl ) ) != 0 ) + { + SSL_DEBUG_RET( 1, ( "ssl_parse_client_ecdh_public" ), ret ); + return( ret ); + } + + // Set up the premaster secret + // + p = ssl->handshake->premaster; + + if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &n, + p + 2, POLARSSL_MPI_MAX_SIZE, + ssl->f_rng, ssl->p_rng ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + return( ret ); + } + + *(p++) = (unsigned char)( n >> 8 ); + *(p++) = (unsigned char)( n ); + p += n; + + SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + + *(p++) = (unsigned char)( ssl->psk_len >> 8 ); + *(p++) = (unsigned char)( ssl->psk_len ); + memcpy( p, ssl->psk, ssl->psk_len ); + p += ssl->psk_len; + + ssl->handshake->pmslen = 4 + n + ssl->psk_len; + n = ssl->handshake->pmslen; + } + else +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 39291fa43a..d3b4ce3a09 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2241,7 +2241,8 @@ int ssl_write_certificate( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); ssl->state++; @@ -2260,7 +2261,8 @@ int ssl_parse_certificate( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); ssl->state++; @@ -2281,7 +2283,8 @@ int ssl_write_certificate( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) ); ssl->state++; @@ -2390,7 +2393,8 @@ int ssl_parse_certificate( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) ); ssl->state++; From 225d6aa78610f334df212d7d9c32b0530bdb5c07 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 11 Oct 2013 19:07:56 +0200 Subject: [PATCH 2/7] Add ECDHE_PSK ciphersuites --- include/polarssl/config.h | 11 +++ include/polarssl/ssl_ciphersuites.h | 28 ++++-- library/ssl_ciphersuites.c | 129 ++++++++++++++++++++++++++-- 3 files changed, 151 insertions(+), 17 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index ed5ae2c8ce..f23f540f0f 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -193,6 +193,9 @@ * TLS_RSA_PSK_WITH_NULL * TLS_RSA_PSK_WITH_NULL256 * TLS_RSA_PSK_WITH_NULL384 + * TLS_ECDHE_PSK_WITH_NULL_SHA + * TLS_ECDHE_PSK_WITH_NULL_SHA256 + * TLS_ECDHE_PSK_WITH_NULL_SHA384 * * Uncomment this macro to enable the NULL cipher and ciphersuites #define POLARSSL_CIPHER_NULL_CIPHER @@ -289,6 +292,14 @@ * * This enables the following ciphersuites (if other requisites are * enabled as well): + * TLS_ECDHE_PSK_WITH_RC4_128_SHA + * TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA + * TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 + * TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 */ #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED diff --git a/include/polarssl/ssl_ciphersuites.h b/include/polarssl/ssl_ciphersuites.h index 715762282a..cbea2989a9 100644 --- a/include/polarssl/ssl_ciphersuites.h +++ b/include/polarssl/ssl_ciphersuites.h @@ -144,18 +144,30 @@ extern "C" { #define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */ #define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */ +#define TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */ +#define TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */ +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */ +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA 0xC036 /**< Not in SSL3! */ +#define TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 0xC037 /**< TLS 1.2 */ +#define TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 0xC038 /**< TLS 1.2 */ +#define TLS_ECDHE_PSK_WITH_NULL_SHA 0xC039 /**< Weak! No SSL3! */ +#define TLS_ECDHE_PSK_WITH_NULL_SHA256 0xC03A /**< Weak! TLS 1.2 */ +#define TLS_ECDHE_PSK_WITH_NULL_SHA384 0xC03B /**< Weak! TLS 1.2 */ + #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< TLS 1.2 */ #define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< TLS 1.2 */ -#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< TLS 1.2 */ +#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< TLS 1.2 */ +#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< TLS 1.2 */ -#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 /**< TLS 1.2 */ -#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 /**< TLS 1.2 */ -#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 /**< TLS 1.2 */ -#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 /**< TLS 1.2 */ -#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 /**< TLS 1.2 */ +#define TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC094 /**< TLS 1.2 */ +#define TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC095 /**< TLS 1.2 */ +#define TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC096 /**< TLS 1.2 */ +#define TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC097 /**< TLS 1.2 */ +#define TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC098 /**< TLS 1.2 */ +#define TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC099 /**< TLS 1.2 */ +#define TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 0xC09A /**< TLS 1.2 */ +#define TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 0xC09B /**< TLS 1.2 */ typedef enum { POLARSSL_KEY_EXCHANGE_NONE = 0, diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 71094fa599..1efd403ebe 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -73,7 +73,7 @@ static const int ciphersuite_preference[] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, - /* All remaining > 128-bit ephemeral suites */ + /* All remaining >= 128-bit ephemeral suites */ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, @@ -81,6 +81,14 @@ static const int ciphersuite_preference[] = TLS_ECDHE_RSA_WITH_RC4_128_SHA, /* The PSK ephemeral suites */ + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, + TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, + TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, + TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, + TLS_ECDHE_PSK_WITH_RC4_128_SHA, TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, TLS_DHE_PSK_WITH_AES_256_CBC_SHA, TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, @@ -110,7 +118,7 @@ static const int ciphersuite_preference[] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, - /* All remaining > 128-bit suites */ + /* All remaining >= 128-bit suites */ TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_RC4_128_MD5, @@ -139,23 +147,28 @@ static const int ciphersuite_preference[] = TLS_PSK_WITH_3DES_EDE_CBC_SHA, TLS_PSK_WITH_RC4_128_SHA, - /* Weak or NULL suites */ + /* Weak suites */ TLS_DHE_RSA_WITH_DES_CBC_SHA, TLS_RSA_WITH_DES_CBC_SHA, + + /* NULL suites */ TLS_ECDHE_ECDSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, - TLS_RSA_WITH_NULL_SHA256, - TLS_RSA_WITH_NULL_SHA, - TLS_RSA_WITH_NULL_MD5, - TLS_PSK_WITH_NULL_SHA384, - TLS_PSK_WITH_NULL_SHA256, - TLS_PSK_WITH_NULL_SHA, + TLS_ECDHE_PSK_WITH_NULL_SHA384, + TLS_ECDHE_PSK_WITH_NULL_SHA256, + TLS_ECDHE_PSK_WITH_NULL_SHA, TLS_DHE_PSK_WITH_NULL_SHA384, TLS_DHE_PSK_WITH_NULL_SHA256, TLS_DHE_PSK_WITH_NULL_SHA, + TLS_RSA_WITH_NULL_SHA256, + TLS_RSA_WITH_NULL_SHA, + TLS_RSA_WITH_NULL_MD5, TLS_RSA_PSK_WITH_NULL_SHA384, TLS_RSA_PSK_WITH_NULL_SHA256, TLS_RSA_PSK_WITH_NULL_SHA, + TLS_PSK_WITH_NULL_SHA384, + TLS_PSK_WITH_NULL_SHA256, + TLS_PSK_WITH_NULL_SHA, 0 }; @@ -728,6 +741,79 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_AES_C) + +#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA256_C) + { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256", + POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_SHA256_C */ + +#if defined(POLARSSL_SHA512_C) + { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384", + POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_SHA512_C */ + + { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", + POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, + + { TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA", + POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_AES_C */ + +#if defined(POLARSSL_CAMELLIA_C) +#if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA256_C) + { TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256", + POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_SHA256_C */ + +#if defined(POLARSSL_SHA512_C) + { TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384", + POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_SHA512_C */ +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_CAMELLIA_C */ + +#if defined(POLARSSL_DES_C) +#if defined(POLARSSL_CIPHER_MODE_CBC) + { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", + POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_DES_C */ + +#if defined(POLARSSL_ARC4_C) + { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", + POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + 0 }, +#endif /* POLARSSL_ARC4_C */ +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) #if defined(POLARSSL_AES_C) #if defined(POLARSSL_GCM_C) @@ -856,6 +942,30 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = POLARSSL_CIPHERSUITE_WEAK }, #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", + POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + POLARSSL_CIPHERSUITE_WEAK }, + +#if defined(POLARSSL_SHA256_C) + { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", + POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + POLARSSL_CIPHERSUITE_WEAK }, +#endif + +#if defined(POLARSSL_SHA512_C) + { TLS_ECDHE_PSK_WITH_NULL_SHA384, "TLS-ECDHE-PSK-WITH-NULL-SHA384", + POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + POLARSSL_CIPHERSUITE_WEAK }, +#endif +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, @@ -998,6 +1108,7 @@ int ssl_ciphersuite_uses_ec( const ssl_ciphersuite_t *info ) { case POLARSSL_KEY_EXCHANGE_ECDHE_RSA: case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA: + case POLARSSL_KEY_EXCHANGE_ECDHE_PSK: return( 1 ); default: From b59d699a650219b49b707aaad86c036c7bdcb715 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 12:00:45 +0200 Subject: [PATCH 3/7] Fix bugs in ECDHE_PSK key exchange --- library/ssl_cli.c | 25 ++++++++---------- library/ssl_srv.c | 65 +++++++++++++++++------------------------------ 2 files changed, 34 insertions(+), 56 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 178393a972..699bcb6fd4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1908,6 +1908,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { unsigned char *p = ssl->handshake->premaster; + size_t zlen; /* * ECDHE_PSK key exchange: RFC 5489, section 2 @@ -1922,14 +1923,14 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); i = 4; - n = ssl->psk_identity_len; - ssl->out_msg[4] = (unsigned char)( n >> 8 ); - ssl->out_msg[5] = (unsigned char)( n ); + ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len >> 8 ); + ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len ); - memcpy( ssl->out_msg + 6, ssl->psk_identity, ssl->psk_identity_len ); + memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); + i += ssl->psk_identity_len; ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, - &ssl->out_msg[8 + ssl->psk_identity_len], 512, + &ssl->out_msg[i], 1000, ssl->f_rng, ssl->p_rng ); if( ret != 0 ) { @@ -1937,9 +1938,6 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) return( ret ); } - ssl->out_msg[6 + ssl->psk_identity_len] = (unsigned char)( n >> 8 ); - ssl->out_msg[7 + ssl->psk_identity_len] = (unsigned char)( n ); - SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); /* @@ -1949,7 +1947,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) * }; * with "other_secret" containing Z from ECDH */ - if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &n, + if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, p + 2, POLARSSL_MPI_MAX_SIZE, ssl->f_rng, ssl->p_rng ) ) != 0 ) { @@ -1957,9 +1955,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) return( ret ); } - *(p++) = (unsigned char)( n >> 8 ); - *(p++) = (unsigned char)( n ); - p += n; + *(p++) = (unsigned char)( zlen >> 8 ); + *(p++) = (unsigned char)( zlen ); + p += zlen; SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); @@ -1968,8 +1966,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) memcpy( p, ssl->psk, ssl->psk_len ); p += ssl->psk_len; - ssl->handshake->pmslen = 4 + n + ssl->psk_len; - n = ssl->handshake->pmslen; + ssl->handshake->pmslen = p - ssl->handshake->premaster; } else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index b128d9dadd..158877090b 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2287,41 +2287,6 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -static int ssl_parse_client_ecdh_public( ssl_context *ssl ) -{ - int ret; - size_t n; - - /* - * Receive client public key and calculate premaster - */ - n = ssl->in_msg[3]; - - if( n < 1 || n > mpi_size( &ssl->handshake->ecdh_ctx.grp.P ) * 2 + 2 || - n + 4 != ssl->in_hslen ) - { - SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); - } - - if( ( ret = ecdh_read_public( &ssl->handshake->ecdh_ctx, - ssl->in_msg + 4, n ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "ecdh_read_public", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); - } - - SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); - - return( ret ); -} -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ - #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) { @@ -2522,12 +2487,24 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) { - if( ( ret = ssl_parse_client_ecdh_public( ssl ) ) != 0 ) + size_t n = ssl->in_msg[3]; + + if( n < 1 || n > mpi_size( &ssl->handshake->ecdh_ctx.grp.P ) * 2 + 2 || + n + 4 != ssl->in_hslen ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_ecdh_public" ), ret ); - return( ret ); + SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } + if( ( ret = ecdh_read_public( &ssl->handshake->ecdh_ctx, + ssl->in_msg + 4, n ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ecdh_read_public", ret ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + } + + SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); + if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &ssl->handshake->pmslen, ssl->handshake->premaster, @@ -2629,12 +2606,16 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); return( ret ); } - if( ( ret = ssl_parse_client_ecdh_public( ssl ) ) != 0 ) + + if( ( ret = ecdh_read_public( &ssl->handshake->ecdh_ctx, + p, end - p ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_ecdh_public" ), ret ); - return( ret ); + SSL_DEBUG_RET( 1, "ecdh_read_public", ret ); + return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); } + SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); + // Set up the premaster secret // p = ssl->handshake->premaster; @@ -2668,7 +2649,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) { if( ( ret = ssl_parse_encrypted_pms_secret( ssl ) ) != 0 ) { - SSL_DEBUG_RET( 1, ( "ssl_parse_client_ecdh_public" ), ret ); + SSL_DEBUG_RET( 1, ( "ssl_parse_parse_ecrypted_pms_secret" ), ret ); return( ret ); } } From bd1ae24449e47937306161439e14c1d028014d21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 13:09:25 +0200 Subject: [PATCH 4/7] Factor PSK pms computation to ssl_tls.c --- include/polarssl/ssl.h | 6 +++ library/ssl_cli.c | 106 ++++++++++------------------------------- library/ssl_srv.c | 80 +++++++------------------------ library/ssl_tls.c | 90 ++++++++++++++++++++++++++++++++++ 4 files changed, 136 insertions(+), 146 deletions(-) diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index cf18ea7517..b8d798b18c 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -1520,6 +1520,12 @@ int ssl_write_finished( ssl_context *ssl ); void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info ); +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ); +#endif + #if defined(POLARSSL_PK_C) unsigned char ssl_sig_from_pk( pk_context *pk ); pk_type_t ssl_pk_alg_from_sig( unsigned char sig ); diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 699bcb6fd4..bc67957791 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1805,8 +1805,6 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) { - unsigned char *p = ssl->handshake->premaster; - /* * PSK key exchange * @@ -1815,35 +1813,26 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) if( ssl->psk == NULL ) return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); - if( sizeof(ssl->handshake->premaster) < 4 + 2 * ssl->psk_len ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - + i = 4; n = ssl->psk_identity_len; - - ssl->out_msg[4] = (unsigned char)( n >> 8 ); - ssl->out_msg[5] = (unsigned char)( n ); - i = 6; + ssl->out_msg[i++] = (unsigned char)( n >> 8 ); + ssl->out_msg[i++] = (unsigned char)( n ); memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); + i += ssl->psk_identity_len; - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - p += ssl->psk_len; - - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; - - ssl->handshake->pmslen = 4 + 2 * ssl->psk_len; + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + return( ret ); + } } else #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { - unsigned char *p = ssl->handshake->premaster; - /* * DHE_PSK key exchange * @@ -1853,24 +1842,21 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) if( ssl->psk == NULL ) return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); - if( sizeof(ssl->handshake->premaster) < 4 + ssl->psk_identity_len + - ssl->handshake->dhm_ctx.len ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - i = 4; n = ssl->psk_identity_len; - ssl->out_msg[4] = (unsigned char)( n >> 8 ); - ssl->out_msg[5] = (unsigned char)( n ); + ssl->out_msg[i++] = (unsigned char)( n >> 8 ); + ssl->out_msg[i++] = (unsigned char)( n ); - memcpy( ssl->out_msg + 6, ssl->psk_identity, ssl->psk_identity_len ); + memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); + i += ssl->psk_identity_len; n = ssl->handshake->dhm_ctx.len; - ssl->out_msg[6 + ssl->psk_identity_len] = (unsigned char)( n >> 8 ); - ssl->out_msg[7 + ssl->psk_identity_len] = (unsigned char)( n ); + ssl->out_msg[i++] = (unsigned char)( n >> 8 ); + ssl->out_msg[i++] = (unsigned char)( n ); ret = dhm_make_public( &ssl->handshake->dhm_ctx, mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[8 + ssl->psk_identity_len], n, + &ssl->out_msg[i], n, ssl->f_rng, ssl->p_rng ); if( ret != 0 ) { @@ -1878,38 +1864,18 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) return( ret ); } - SSL_DEBUG_MPI( 3, "DHM: X ", &ssl->handshake->dhm_ctx.X ); - SSL_DEBUG_MPI( 3, "DHM: GX", &ssl->handshake->dhm_ctx.GX ); - - *(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len >> 8 ); - *(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len ); - if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, - p, &n, ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); return( ret ); } - - SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - - p += ssl->handshake->dhm_ctx.len; - - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; - - ssl->handshake->pmslen = 4 + ssl->handshake->dhm_ctx.len + ssl->psk_len; - n = ssl->handshake->pmslen; } else #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { - unsigned char *p = ssl->handshake->premaster; - size_t zlen; - /* * ECDHE_PSK key exchange: RFC 5489, section 2 * @@ -1919,9 +1885,6 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) if( ssl->psk == NULL ) return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); - if( sizeof(ssl->handshake->premaster) < 4 + ssl->psk_identity_len ) - return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); - i = 4; ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len >> 8 ); ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len ); @@ -1930,7 +1893,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) i += ssl->psk_identity_len; ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, - &ssl->out_msg[i], 1000, + &ssl->out_msg[i], SSL_MAX_CONTENT_LEN - i, ssl->f_rng, ssl->p_rng ); if( ret != 0 ) { @@ -1940,33 +1903,12 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); - /* - * PMS = struct { - * opaque other_secret<0..2^16-1>; - * opaque psk<0..2^16-1>; - * }; - * with "other_secret" containing Z from ECDH - */ - if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, - p + 2, POLARSSL_MPI_MAX_SIZE, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); return( ret ); } - - *(p++) = (unsigned char)( zlen >> 8 ); - *(p++) = (unsigned char)( zlen ); - p += zlen; - - SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); - - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; - - ssl->handshake->pmslen = p - ssl->handshake->premaster; } else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 158877090b..f09b924672 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2022,10 +2022,9 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "ECDH curve size: %d", (int) ssl->handshake->ecdh_ctx.grp.nbits ) ); - if( ( ret = ecdh_make_params( &ssl->handshake->ecdh_ctx, - &len, - p, - 1000, ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = ecdh_make_params( &ssl->handshake->ecdh_ctx, &len, + p, SSL_MAX_CONTENT_LEN - n, + ssl->f_rng, ssl->p_rng ) ) != 0 ) { SSL_DEBUG_RET( 1, "ecdh_make_params", ret ); return( ret ); @@ -2532,26 +2531,18 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) return( ret ); } - // Set up the premaster secret - // - p = ssl->handshake->premaster; - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - p += ssl->psk_len; - - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; - - ssl->handshake->pmslen = 4 + 2 * ssl->psk_len; + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + return( ret ); + } } else #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { - size_t n; unsigned char *p = ssl->in_msg + 4; unsigned char *end = ssl->in_msg + ssl->in_msglen; @@ -2566,38 +2557,18 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) return( ret ); } - // Set up the premaster secret - // - p = ssl->handshake->premaster; - *(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len >> 8 ); - *(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len ); - - n = ssl->handshake->dhm_ctx.len; - - if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, - p, &n, ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); - return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + return( ret ); } - - SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); - - p += ssl->handshake->dhm_ctx.len; - - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; - - ssl->handshake->pmslen = 4 + ssl->handshake->dhm_ctx.len + ssl->psk_len; } else #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { - size_t n; unsigned char *p = ssl->in_msg + 4; unsigned char *end = ssl->in_msg + ssl->in_msglen; @@ -2616,31 +2587,12 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) SSL_DEBUG_ECP( 3, "ECDH: Qp ", &ssl->handshake->ecdh_ctx.Qp ); - // Set up the premaster secret - // - p = ssl->handshake->premaster; - - if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &n, - p + 2, POLARSSL_MPI_MAX_SIZE, - ssl->f_rng, ssl->p_rng ) ) != 0 ) + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) { - SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); return( ret ); } - - *(p++) = (unsigned char)( n >> 8 ); - *(p++) = (unsigned char)( n ); - p += n; - - SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); - - *(p++) = (unsigned char)( ssl->psk_len >> 8 ); - *(p++) = (unsigned char)( ssl->psk_len ); - memcpy( p, ssl->psk, ssl->psk_len ); - p += ssl->psk_len; - - ssl->handshake->pmslen = 4 + n + ssl->psk_len; - n = ssl->handshake->pmslen; } else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d3b4ce3a09..e4ae682297 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -825,6 +825,96 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] ) #endif /* POLARSSL_SHA512_C */ #endif /* POLARSSL_SSL_PROTO_TLS1_2 */ +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) +{ + int ret; + unsigned char *p = ssl->handshake->premaster; + unsigned char *end = p + sizeof( ssl->handshake->premaster ); + + /* + * PMS = struct { + * opaque other_secret<0..2^16-1>; + * opaque psk<0..2^16-1>; + * }; + * with "other_secret" depending on the particular key exchange + */ +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) + if( key_ex == POLARSSL_KEY_EXCHANGE_PSK ) + { + if( end - p < 2 + (int) ssl->psk_len ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + *(p++) = (unsigned char)( ssl->psk_len >> 8 ); + *(p++) = (unsigned char)( ssl->psk_len ); + p += ssl->psk_len; + } + else +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK ) + { + size_t len = ssl->handshake->dhm_ctx.len; + + if( end - p < 2 + (int) len ) + return( POLARSSL_ERR_SSL_BAD_INPUT_DATA ); + + *(p++) = (unsigned char)( len >> 8 ); + *(p++) = (unsigned char)( len ); + if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx, + p, &len, ssl->f_rng, ssl->p_rng ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_calc_secret", ret ); + return( ret ); + } + p += len; + + SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); + } + else +#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( key_ex == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + { + size_t zlen; + + if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, + p + 2, end - (p + 2), + ssl->f_rng, ssl->p_rng ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ecdh_calc_secret", ret ); + return( ret ); + } + + *(p++) = (unsigned char)( zlen >> 8 ); + *(p++) = (unsigned char)( zlen ); + p += zlen; + + SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z ); + } + else +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + { + SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } + + /* opaque psk<0..2^16-1>; */ + *(p++) = (unsigned char)( ssl->psk_len >> 8 ); + *(p++) = (unsigned char)( ssl->psk_len ); + memcpy( p, ssl->psk, ssl->psk_len ); + p += ssl->psk_len; + + ssl->handshake->pmslen = p - ssl->handshake->premaster; + + return( 0 ); +} +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + #if defined(POLARSSL_SSL_PROTO_SSL3) /* * SSLv3.0 MAC functions From 72fb62daa22285f7d79f83346efae91f799e2816 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 14:01:58 +0200 Subject: [PATCH 5/7] More *-PSK refactoring --- library/ssl_cli.c | 155 +++++++++++++++++++--------------------------- 1 file changed, 65 insertions(+), 90 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index bc67957791..eaa80015ff 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1802,106 +1802,79 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + { + /* + * opaque psk_identity<0..2^16-1>; + */ + if( ssl->psk == NULL || ssl->psk_identity == NULL ) + return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); + + i = 4; + n = ssl->psk_identity_len; + ssl->out_msg[i++] = (unsigned char)( n >> 8 ); + ssl->out_msg[i++] = (unsigned char)( n ); + + memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); + i += ssl->psk_identity_len; + #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) - { - /* - * PSK key exchange - * - * opaque psk_identity<0..2^16-1>; - */ - if( ssl->psk == NULL ) - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); - - i = 4; - n = ssl->psk_identity_len; - ssl->out_msg[i++] = (unsigned char)( n >> 8 ); - ssl->out_msg[i++] = (unsigned char)( n ); - - memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); - i += ssl->psk_identity_len; - - if( ( ret = ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); - return( ret ); + n = 0; } - } - else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ + else +#endif #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) - { - /* - * DHE_PSK key exchange - * - * opaque psk_identity<0..2^16-1>; - * ClientDiffieHellmanPublic public (DHM send G^X mod P) - */ - if( ssl->psk == NULL ) - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); - - i = 4; - n = ssl->psk_identity_len; - ssl->out_msg[i++] = (unsigned char)( n >> 8 ); - ssl->out_msg[i++] = (unsigned char)( n ); - - memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); - i += ssl->psk_identity_len; - - n = ssl->handshake->dhm_ctx.len; - ssl->out_msg[i++] = (unsigned char)( n >> 8 ); - ssl->out_msg[i++] = (unsigned char)( n ); - - ret = dhm_make_public( &ssl->handshake->dhm_ctx, - mpi_size( &ssl->handshake->dhm_ctx.P ), - &ssl->out_msg[i], n, - ssl->f_rng, ssl->p_rng ); - if( ret != 0 ) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { - SSL_DEBUG_RET( 1, "dhm_make_public", ret ); - return( ret ); - } + /* + * ClientDiffieHellmanPublic public (DHM send G^X mod P) + */ + n = ssl->handshake->dhm_ctx.len; + ssl->out_msg[i++] = (unsigned char)( n >> 8 ); + ssl->out_msg[i++] = (unsigned char)( n ); - if( ( ret = ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) - { - SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); - return( ret ); + ret = dhm_make_public( &ssl->handshake->dhm_ctx, + mpi_size( &ssl->handshake->dhm_ctx.P ), + &ssl->out_msg[i], n, + ssl->f_rng, ssl->p_rng ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "dhm_make_public", ret ); + return( ret ); + } } - } - else + else #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) - { - /* - * ECDHE_PSK key exchange: RFC 5489, section 2 - * - * opaque psk_identity<0..2^16-1>; - * ClientECDiffieHellmanPublic public; - */ - if( ssl->psk == NULL ) - return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED ); - - i = 4; - ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len >> 8 ); - ssl->out_msg[i++] = (unsigned char)( ssl->psk_identity_len ); - - memcpy( ssl->out_msg + i, ssl->psk_identity, ssl->psk_identity_len ); - i += ssl->psk_identity_len; - - ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, - &ssl->out_msg[i], SSL_MAX_CONTENT_LEN - i, - ssl->f_rng, ssl->p_rng ); - if( ret != 0 ) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { - SSL_DEBUG_RET( 1, "ecdh_make_public", ret ); - return( ret ); - } + /* + * ClientECDiffieHellmanPublic public; + */ + ret = ecdh_make_public( &ssl->handshake->ecdh_ctx, &n, + &ssl->out_msg[i], SSL_MAX_CONTENT_LEN - i, + ssl->f_rng, ssl->p_rng ); + if( ret != 0 ) + { + SSL_DEBUG_RET( 1, "ecdh_make_public", ret ); + return( ret ); + } - SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + SSL_DEBUG_ECP( 3, "ECDH: Q", &ssl->handshake->ecdh_ctx.Q ); + } + else +#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ + { + SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); + } if( ( ret = ssl_psk_derive_premaster( ssl, ciphersuite_info->key_exchange ) ) != 0 ) @@ -1911,7 +1884,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) } } else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { From 1b62c7f93dd5f5b51dccf3a7f417e0de3507ff0f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 14:02:19 +0200 Subject: [PATCH 6/7] Fix dependencies and related issues --- include/polarssl/ssl.h | 16 ++++++++++++---- library/ssl_cli.c | 2 ++ library/ssl_srv.c | 3 +++ library/ssl_tls.c | 15 +++++++++++---- programs/ssl/ssl_client2.c | 24 ++++++++++++++++++------ programs/ssl/ssl_server2.c | 24 ++++++++++++++++++------ 6 files changed, 64 insertions(+), 20 deletions(-) diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index b8d798b18c..b6944f1343 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -614,7 +614,9 @@ struct _ssl_context void *p_vrfy; /*!< context for verification */ #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t); void *p_psk; /*!< context for PSK retrieval */ #endif @@ -712,7 +714,9 @@ struct _ssl_context mpi dhm_G; /*!< generator for DHM */ #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) /* * PSK values */ @@ -1054,7 +1058,9 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, rsa_key_len_func rsa_key_len ); #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) /** * \brief Set the Pre Shared Key (PSK) and the identity name connected * to it. @@ -1094,7 +1100,9 @@ void ssl_set_psk_cb( ssl_context *ssl, int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t), void *p_psk ); -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_DHM_C) /** diff --git a/library/ssl_cli.c b/library/ssl_cli.c index eaa80015ff..77a18ed35f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1973,6 +1973,7 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); @@ -1997,6 +1998,7 @@ static int ssl_write_certificate_verify( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index f09b924672..336add2e3a 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1915,6 +1915,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) unsigned char *p = ssl->out_msg + 4; unsigned char *dig_signed = p; @@ -2637,6 +2638,7 @@ static int ssl_parse_certificate_verify( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); @@ -2664,6 +2666,7 @@ static int ssl_parse_certificate_verify( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e4ae682297..2be20163f7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -830,7 +830,6 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] ) defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) { - int ret; unsigned char *p = ssl->handshake->premaster; unsigned char *end = p + sizeof( ssl->handshake->premaster ); @@ -856,6 +855,7 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { + int ret; size_t len = ssl->handshake->dhm_ctx.len; if( end - p < 2 + (int) len ) @@ -878,6 +878,7 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) if( key_ex == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { + int ret; size_t zlen; if( ( ret = ecdh_calc_secret( &ssl->handshake->ecdh_ctx, &zlen, @@ -3659,7 +3660,9 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, } #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len ) { @@ -3695,7 +3698,9 @@ void ssl_set_psk_cb( ssl_context *ssl, ssl->f_psk = f_psk; ssl->p_psk = p_psk; } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_DHM_C) int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ) @@ -4363,7 +4368,9 @@ void ssl_free( ssl_context *ssl ) } #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) if( ssl->psk != NULL ) { memset( ssl->psk, 0, ssl->psk_len ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 2093d1a6a5..7b978411f5 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -166,13 +166,17 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) #define USAGE_IO "" #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) #define USAGE_PSK \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #else #define USAGE_PSK "" -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ @@ -240,7 +244,9 @@ int main( int argc, char *argv[] ) { int ret = 0, len, server_fd, i, written, frags; unsigned char buf[1024]; -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) unsigned char psk[256]; size_t psk_len = 0; #endif @@ -494,7 +500,9 @@ int main( int argc, char *argv[] ) opt.min_version = ciphersuite_info->min_minor_ver; } -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ @@ -542,7 +550,9 @@ int main( int argc, char *argv[] ) psk[ j / 2 ] |= c; } } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ /* * 0. Initialize the RNG and the session data @@ -710,7 +720,9 @@ int main( int argc, char *argv[] ) ssl_set_own_cert( &ssl, &clicert, &pkey ); #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ); #endif diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 43d7d79b70..0148103e02 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -144,13 +144,17 @@ static void my_debug( void *ctx, int level, const char *str ) #define USAGE_IO "" #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) #define USAGE_PSK \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #else #define USAGE_PSK "" -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ @@ -209,7 +213,9 @@ int main( int argc, char *argv[] ) int listen_fd; int client_fd = -1; unsigned char buf[1024]; -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) unsigned char psk[256]; size_t psk_len = 0; #endif @@ -467,7 +473,9 @@ int main( int argc, char *argv[] ) opt.min_version = ciphersuite_info->min_minor_ver; } -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ @@ -515,7 +523,9 @@ int main( int argc, char *argv[] ) psk[ j / 2 ] |= c; } } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ /* * 0. Initialize the RNG and the session data @@ -729,7 +739,9 @@ int main( int argc, char *argv[] ) ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ); #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ); #endif From 057e0cf2636c56a56c08cc3dc75d59795449e83b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 14:19:31 +0200 Subject: [PATCH 7/7] Fix ciphersuites dependencies on MD5 and SHA1 --- include/polarssl/config.h | 18 +++++----- library/cipher_wrap.c | 2 +- library/ssl_ciphersuites.c | 74 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 10 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index f23f540f0f..dc22c6df43 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -184,15 +184,15 @@ * TLS_RSA_WITH_NULL_SHA * TLS_RSA_WITH_NULL_SHA256 * TLS_ECDHE_RSA_WITH_NULL_SHA - * TLS_PSK_WITH_NULL - * TLS_PSK_WITH_NULL256 - * TLS_PSK_WITH_NULL384 - * TLS_DHE_PSK_WITH_NULL - * TLS_DHE_PSK_WITH_NULL256 - * TLS_DHE_PSK_WITH_NULL384 - * TLS_RSA_PSK_WITH_NULL - * TLS_RSA_PSK_WITH_NULL256 - * TLS_RSA_PSK_WITH_NULL384 + * TLS_PSK_WITH_NULL_SHA + * TLS_PSK_WITH_NULL_SHA256 + * TLS_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_RSA_PSK_WITH_NULL_SHA + * TLS_RSA_PSK_WITH_NULL_SHA256 + * TLS_RSA_PSK_WITH_NULL_SHA384 * TLS_ECDHE_PSK_WITH_NULL_SHA * TLS_ECDHE_PSK_WITH_NULL_SHA256 * TLS_ECDHE_PSK_WITH_NULL_SHA384 diff --git a/library/cipher_wrap.c b/library/cipher_wrap.c index 342923dccb..7466b959b3 100644 --- a/library/cipher_wrap.c +++ b/library/cipher_wrap.c @@ -1178,7 +1178,7 @@ const cipher_definition_t cipher_definitions[] = #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_CIPHER_NULL_CIPHER) - { POLARSSL_CIPHER_NULL, &null_info }, + { POLARSSL_CIPHER_NULL, &null_cipher_info }, #endif /* POLARSSL_CIPHER_NULL_CIPHER */ { 0, NULL } diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 1efd403ebe..7de532238e 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -181,6 +181,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) #if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA1_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, @@ -193,6 +194,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256", @@ -248,33 +250,40 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #if defined(POLARSSL_CIPHER_NULL_CIPHER) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) #if defined(POLARSSL_AES_C) +#if defined(POLARSSL_SHA1_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, @@ -287,6 +296,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256", @@ -342,28 +352,34 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS-ECDHE-RSA-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #if defined(POLARSSL_CIPHER_NULL_CIPHER) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_RSA_WITH_NULL_SHA, "TLS-ECDHE-RSA-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */ @@ -402,6 +418,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_SHA256_C */ #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_AES_128_CBC_SHA, "TLS-DHE-RSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -413,6 +430,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -432,6 +450,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA256_C */ +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA", POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -443,16 +462,19 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_CAMELLIA_C */ #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ @@ -491,6 +513,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_SHA256_C */ +#if defined(POLARSSL_SHA1_C) #if defined(POLARSSL_CIPHER_MODE_CBC) { TLS_RSA_WITH_AES_128_CBC_SHA, "TLS-RSA-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, @@ -504,6 +527,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, #endif /* POLARSSL_CIPHER_MODE_CBC */ +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_AES_C */ #if defined(POLARSSL_CAMELLIA_C) @@ -522,6 +546,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA256_C */ +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, "TLS-RSA-WITH-CAMELLIA-128-CBC-SHA", POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -533,31 +558,38 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_CAMELLIA_C */ #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_MD5_C) { TLS_RSA_WITH_RC4_128_MD5, "TLS-RSA-WITH-RC4-128-MD5", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_RC4_128_SHA, "TLS-RSA-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ @@ -598,6 +630,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_AES_128_CBC_SHA, "TLS-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -609,6 +642,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -634,20 +668,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_RC4_128_SHA, "TLS-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ @@ -688,6 +726,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_AES_128_CBC_SHA, "TLS-DHE-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -699,6 +738,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -724,20 +764,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_RC4_128_SHA, "TLS-DHE-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ @@ -761,6 +805,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, "TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -772,6 +817,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -797,20 +843,24 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_RC4_128_SHA, "TLS-ECDHE-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ @@ -851,6 +901,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = 0 }, #endif /* POLARSSL_SHA512_C */ +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_AES_128_CBC_SHA, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA", POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, @@ -862,6 +913,7 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_AES_C */ @@ -887,67 +939,83 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA, "TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA", POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */ #if defined(POLARSSL_ARC4_C) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_RC4_128_SHA, "TLS-RSA-PSK-WITH-RC4-128-SHA", POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, 0 }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_ARC4_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(POLARSSL_ENABLE_WEAK_CIPHERSUITES) #if defined(POLARSSL_CIPHER_NULL_CIPHER) #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) +#if defined(POLARSSL_MD5_C) { TLS_RSA_WITH_NULL_MD5, "TLS-RSA-WITH-NULL-MD5", POLARSSL_CIPHER_NULL, POLARSSL_MD_MD5, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_NULL_SHA, "TLS-RSA-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif +#if defined(POLARSSL_SHA256_C) { TLS_RSA_WITH_NULL_SHA256, "TLS-RSA-WITH-NULL-SHA256", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_PSK_WITH_NULL_SHA, "TLS-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_PSK_WITH_NULL_SHA, "TLS-DHE-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_ECDHE_PSK_WITH_NULL_SHA, "TLS-ECDHE-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #if defined(POLARSSL_SHA256_C) { TLS_ECDHE_PSK_WITH_NULL_SHA256, "TLS-ECDHE-PSK-WITH-NULL-SHA256", @@ -967,30 +1035,36 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_PSK_WITH_NULL_SHA, "TLS-RSA-PSK-WITH-NULL-SHA", POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA_PSK, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ #if defined(POLARSSL_DES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_DHE_RSA_WITH_DES_CBC_SHA, "TLS-DHE-RSA-WITH-DES-CBC-SHA", POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_DHE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) +#if defined(POLARSSL_SHA1_C) { TLS_RSA_WITH_DES_CBC_SHA, "TLS-RSA-WITH-DES-CBC-SHA", POLARSSL_CIPHER_DES_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_RSA, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_0, SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA1_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ #endif /* POLARSSL_CIPHER_MODE_CBC */ #endif /* POLARSSL_DES_C */