From a1255e6b8c8063319b9420239c0fce8fc3eb843a Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Fri, 24 Jun 2022 10:10:47 +0800 Subject: [PATCH] fix various issues Signed-off-by: Jerry Yu --- library/ssl_misc.h | 6 ++---- library/ssl_tls.c | 13 ++++++------- library/ssl_tls13_generic.c | 9 +++++---- programs/ssl/ssl_test_common_source.c | 13 ++++++------- 4 files changed, 19 insertions(+), 22 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 6786632a89..a79869f40d 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1980,7 +1980,6 @@ static inline int mbedtls_ssl_tls13_get_pk_type_and_md_alg_from_sig_alg( switch( sig_alg ) { -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) #if defined(MBEDTLS_SHA256_C) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256: *md_alg = MBEDTLS_MD_SHA256; @@ -1999,7 +1998,6 @@ static inline int mbedtls_ssl_tls13_get_pk_type_and_md_alg_from_sig_alg( *pk_type = MBEDTLS_PK_RSASSA_PSS; break; #endif /* MBEDTLS_SHA512_C */ -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ default: return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); @@ -2008,7 +2006,7 @@ static inline int mbedtls_ssl_tls13_get_pk_type_and_md_alg_from_sig_alg( } #if defined(MBEDTLS_SSL_PROTO_TLS1_3) -static inline int mbedtls_ssl_tls13_sig_alg_is_supported_for_certificate( +static inline int mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( const uint16_t sig_alg ) { switch( sig_alg ) @@ -2069,7 +2067,7 @@ static inline int mbedtls_ssl_tls13_sig_alg_is_supported( #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_PKCS1_V15 && MBEDTLS_RSA_C */ default: - return( mbedtls_ssl_tls13_sig_alg_is_supported_for_certificate( + return( mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( sig_alg ) ); } return( 1 ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index f8e7cc28df..2bec6b18b6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4095,13 +4095,12 @@ static int ssl_preset_suiteb_ciphersuites[] = { * - ssl_tls12_present* is for TLS 1.2 use only. * - ssl_preset_* is for TLS 1.3 only or hybrid TLS 1.3/1.2 handshakes. * - * `rsa_pss_rsae_*` MUST BE PUT ARTER `rsa_pkcs1_*` before below compitable fixed - * The compitable issue is When - * - GnuTLS/OpenSSL is configured as tls12 server with rsa key - * - `mebedTLS` is configured as hybrid mode. - * - The order is `rsa_pss_rsae_*`, `rsa_pkcs1_*`. - * GnuTLS/OpenSSL will return `rsa_pss_rsae_*` which are not supported by - * TLS 1.2 in mbedTLS. + * When GnuTLS/Openssl server is configured in TLS 1.2 mode with a certificate + * declaring an RSA public key and Mbed TLS is configured in hybrid mode, if + * `rsa_pss_rsae_*` algorithms are before `rsa_pkcs1_*` ones in this list then + * the GnuTLS/Openssl server chooses an `rsa_pss_rsae_*` signature algorithm + * for its signature in the key exchange message and as Mbed TLS 1.2 does not + * support them, the handshake fails. */ static uint16_t ssl_preset_default_sig_algs[] = { diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index d470b707a2..418fc130b2 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -898,17 +898,17 @@ int mbedtls_ssl_tls13_check_sig_alg_cert_key_match( #if defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_SHA256_C) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256: - return( key_size <= 2048 ); + return( key_size <= 3072 ); #endif /* MBEDTLS_SHA256_C */ #if defined(MBEDTLS_SHA384_C) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384: - return( key_size <= 3072 ); + return( key_size <= 7680 ); #endif /* MBEDTLS_SHA384_C */ #if defined(MBEDTLS_SHA512_C) case MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512: - return( key_size <= 4096 ); + return( 1 ); #endif /* MBEDTLS_SHA512_C */ #endif /* MBEDTLS_PKCS1_V21 */ @@ -935,7 +935,8 @@ static int ssl_tls13_select_sig_alg_for_certificate_verify( *algorithm = MBEDTLS_TLS1_3_SIG_NONE; for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE ; sig_alg++ ) { - if( mbedtls_ssl_tls13_sig_alg_is_supported_for_certificate( *sig_alg ) && + if( mbedtls_ssl_tls13_sig_alg_for_cert_verify_is_supported( + *sig_alg ) && mbedtls_ssl_tls13_check_sig_alg_cert_key_match( *sig_alg, own_key ) ) { diff --git a/programs/ssl/ssl_test_common_source.c b/programs/ssl/ssl_test_common_source.c index b720fd3b08..a155cebd84 100644 --- a/programs/ssl/ssl_test_common_source.c +++ b/programs/ssl/ssl_test_common_source.c @@ -265,13 +265,12 @@ int send_cb( void *ctx, unsigned char const *buf, size_t len ) #if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) /* - * `rsa_pss_rsae_*` MUST BE PUT ARTER `rsa_pkcs1_*` before below compitable fixed - * The compitable issue is When - * - GnuTLS/OpenSSL is configured as tls12 server with rsa key - * - `mebedTLS` is configured as hybrid mode. - * - The order is `rsa_pss_rsae_*`, `rsa_pkcs1_*`. - * GnuTLS/OpenSSL will return `rsa_pss_rsae_*` which are not supported by - * TLS 1.2 in mbedTLS. + * When GnuTLS/Openssl server is configured in TLS 1.2 mode with a certificate + * declaring an RSA public key and Mbed TLS is configured in hybrid mode, if + * `rsa_pss_rsae_*` algorithms are before `rsa_pkcs1_*` ones in this list then + * the GnuTLS/Openssl server chooses an `rsa_pss_rsae_*` signature algorithm + * for its signature in the key exchange message and as Mbed TLS 1.2 does not + * support them, the handshake fails. */ #define MBEDTLS_SSL_SIG_ALG( hash ) (( hash << 8 ) | MBEDTLS_SSL_SIG_ECDSA), \ (( hash << 8 ) | MBEDTLS_SSL_SIG_RSA), \