diff --git a/library/ssl_misc.h b/library/ssl_misc.h index f8f5fe6c93..fb843848bf 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -1363,39 +1363,39 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight ); /* * Helper functions around key exchange modes. */ -static inline unsigned mbedtls_ssl_conf_tls13_kex_modes_check( mbedtls_ssl_context *ssl, +static inline unsigned mbedtls_ssl_conf_tls13_check_kex_modes( mbedtls_ssl_context *ssl, int kex_mode_mask ) { return( ( ssl->conf->tls13_kex_modes & kex_mode_mask ) != 0 ); } -static inline int mbedtls_ssl_conf_tls13_pure_psk_enabled( mbedtls_ssl_context *ssl ) +static inline int mbedtls_ssl_conf_tls13_psk_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_conf_tls13_kex_modes_check( ssl, + return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK ) ); } static inline int mbedtls_ssl_conf_tls13_psk_ephemeral_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_conf_tls13_kex_modes_check( ssl, + return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_EPHEMERAL ) ); } -static inline int mbedtls_ssl_conf_tls13_pure_ephemeral_enabled( mbedtls_ssl_context *ssl ) +static inline int mbedtls_ssl_conf_tls13_ephemeral_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_conf_tls13_kex_modes_check( ssl, + return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL ) ); } static inline int mbedtls_ssl_conf_tls13_some_ephemeral_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_conf_tls13_kex_modes_check( ssl, + return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) ); } static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *ssl ) { - return( mbedtls_ssl_conf_tls13_kex_modes_check( ssl, + return( mbedtls_ssl_conf_tls13_check_kex_modes( ssl, MBEDTLS_SSL_TLS13_KEY_EXCHANGE_MODE_PSK_ALL ) ); } @@ -1452,7 +1452,7 @@ static inline int mbedtls_ssl_conf_is_hybrid_tls12_tls13( const mbedtls_ssl_conf /* * Helper functions for NamedGroup. */ -static inline int mbedtls_ssl_named_group_is_ecdhe( uint16_t named_group ) +static inline int mbedtls_ssl_tls13_named_group_is_ecdhe( uint16_t named_group ) { return( named_group == MBEDTLS_SSL_TLS13_NAMED_GROUP_SECP256R1 || named_group == MBEDTLS_SSL_TLS13_NAMED_GROUP_SECP384R1 || @@ -1461,7 +1461,7 @@ static inline int mbedtls_ssl_named_group_is_ecdhe( uint16_t named_group ) named_group == MBEDTLS_SSL_TLS13_NAMED_GROUP_X448 ); } -static inline int mbedtls_ssl_named_group_is_dhe( uint16_t named_group ) +static inline int mbedtls_ssl_tls13_named_group_is_dhe( uint16_t named_group ) { return( named_group >= MBEDTLS_SSL_TLS13_NAMED_GROUP_FFDHE2048 && named_group <= MBEDTLS_SSL_TLS13_NAMED_GROUP_FFDHE8192 ); diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 8323b67782..d3eab84490 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -53,13 +53,11 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) ); - /* - * Check space for extension header. - * - * extension_type 2 - * extension_data_length 2 - * version_length 1 - * versions 2 + /* Check if we have space for header and length fields: + * - extension_type (2 bytes) + * - extension_data_length (2 bytes) + * - versions_length (1 byte ) + * - versions (2 bytes) */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 ); @@ -111,16 +109,15 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, * NamedGroup named_group_list<2..2^16-1>; * } NamedGroupList; */ -/* Find out available ecdhe named groups in current configuration */ #if defined(MBEDTLS_ECDH_C) /* * In versions of TLS prior to TLS 1.3, this extension was named * 'elliptic_curves' and only contained elliptic curve groups. */ -static int ssl_tls13_write_named_group_ecdhe( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { unsigned char *p = buf; #if !defined(MBEDTLS_ECP_C) @@ -144,7 +141,7 @@ static int ssl_tls13_write_named_group_ecdhe( mbedtls_ssl_context *ssl, info++ ) { #endif - if( !mbedtls_ssl_named_group_is_ecdhe( info->tls_id ) ) + if( !mbedtls_ssl_tls13_named_group_is_ecdhe( info->tls_id ) ) continue; MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2); @@ -161,10 +158,10 @@ static int ssl_tls13_write_named_group_ecdhe( mbedtls_ssl_context *ssl, return( 0 ); } #else -static int ssl_tls13_write_named_group_ecdhe( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +static int ssl_tls13_write_named_group_list_ecdhe( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); @@ -174,11 +171,10 @@ static int ssl_tls13_write_named_group_ecdhe( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_ECDH_C */ -/* Find out available dhe named groups in current configuration */ -static int ssl_tls13_write_named_group_dhe( mbedtls_ssl_context *ssl, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +static int ssl_tls13_write_named_group_list_dhe( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { ((void) ssl); ((void) buf); @@ -188,18 +184,15 @@ static int ssl_tls13_write_named_group_dhe( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE ); } -/* - * Supported Groups Extension (supported_groups) - */ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ) { unsigned char *p = buf ; - unsigned char *named_group_ptr; /* Start of named_group_list */ - size_t named_group_len = 0; - int ret = 0, ret_ecdhe, ret_dhe; + unsigned char *name_group_list_ptr; /* Start of named_group_list */ + size_t output_len = 0; + int ret_ecdhe, ret_dhe; *olen = 0; @@ -208,24 +201,28 @@ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_groups extension" ) ); - /* Check there is space for extension header */ + /* Check if we have space for header and length fields: + * - extension_type (2 bytes) + * - extension_data_length (2 bytes) + * - named_group_list_length (2 bytes) + */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); p += 6; - named_group_ptr = p; - ret_ecdhe = ssl_tls13_write_named_group_ecdhe( ssl, p, end, &named_group_len ); + name_group_list_ptr = p; + ret_ecdhe = ssl_tls13_write_named_group_list_ecdhe( ssl, p, end, &output_len ); if( ret_ecdhe != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls13_write_named_group_ecdhe", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls13_write_named_group_list_ecdhe", ret_ecdhe ); } - p += named_group_len; + p += output_len; - ret_dhe = ssl_tls13_write_named_group_dhe( ssl, p, end, &named_group_len ); + ret_dhe = ssl_tls13_write_named_group_list_dhe( ssl, p, end, &output_len ); if( ret_dhe != 0 ) { - MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls13_write_named_group_dhe", ret ); + MBEDTLS_SSL_DEBUG_RET( 1, "ssl_tls13_write_named_group_list_dhe", ret_dhe ); } - p += named_group_len; + p += output_len; /* Both ECDHE and DHE Fail. */ if( ret_ecdhe != 0 && ret_dhe != 0 ) @@ -235,8 +232,8 @@ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, } /* Length of named_group_list*/ - named_group_len = p - named_group_ptr; - if( named_group_len == 0 ) + size_t named_group_list_len = p - name_group_list_ptr; + if( named_group_list_len == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "No Named Group Available." ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -245,31 +242,31 @@ static int ssl_tls13_write_supported_groups_ext( mbedtls_ssl_context *ssl, /* Write extension_type */ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_GROUPS, buf, 0 ); /* Write extension_data_length */ - MBEDTLS_PUT_UINT16_BE( named_group_len + 2, buf, 2 ); + MBEDTLS_PUT_UINT16_BE( named_group_list_len + 2, buf, 2 ); /* Write length of named_group_list */ - MBEDTLS_PUT_UINT16_BE( named_group_len, buf, 4 ); + MBEDTLS_PUT_UINT16_BE( named_group_list_len, buf, 4 ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, named_group_len + 2 ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Supported groups extension", buf + 4, named_group_list_len + 2 ); *olen = p - buf; ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_GROUPS; - return( ret ); + return( 0 ); } /* * Functions for writing key_share extension. */ #if defined(MBEDTLS_ECDH_C) -static int ssl_key_share_gen_and_write_ecdhe( mbedtls_ssl_context *ssl, - uint16_t named_group, - unsigned char *buf, - unsigned char *end, - size_t *olen ) +static int ssl_tls13_generate_and_write_ecdh_key_exchange( + mbedtls_ssl_context *ssl, + uint16_t named_group, + unsigned char *buf, + unsigned char *end, + size_t *olen ) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_tls_id( named_group ); @@ -300,8 +297,8 @@ static int ssl_key_share_gen_and_write_ecdhe( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_ECDH_C */ -static int ssl_named_group_get_default_id( mbedtls_ssl_context *ssl, - uint16_t *named_group_id ) +static int ssl_tls13_get_default_group_id( mbedtls_ssl_context *ssl, + uint16_t *group_id ) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; @@ -329,15 +326,15 @@ static int ssl_named_group_get_default_id( mbedtls_ssl_context *ssl, info++ ) { #endif - if( info != NULL && mbedtls_ssl_named_group_is_ecdhe( info->tls_id ) ) + if( info != NULL && mbedtls_ssl_tls13_named_group_is_ecdhe( info->tls_id ) ) { - *named_group_id = info->tls_id; + *group_id = info->tls_id; return( 0 ); } } #else ((void) ssl); - ((void) named_group_id); + ((void) group_id); #endif /* MBEDTLS_ECDH_C */ /* @@ -368,8 +365,8 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, { unsigned char *p = buf; unsigned char *client_shares_ptr; /* Start of client_shares */ + size_t client_shares_len; /* Length of client_shares */ uint16_t group_id; - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; *olen = 0; @@ -377,7 +374,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, if( !mbedtls_ssl_conf_tls13_some_ephemeral_enabled( ssl ) ) return( 0 ); - /* Check if we have space for headers and length fields: + /* Check if we have space for header and length fields: * - extension_type (2 bytes) * - extension_data_length (2 bytes) * - client_shares_length (2 bytes) @@ -389,10 +386,10 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, /* HRR could already have requested something else. */ group_id = ssl->handshake->offered_group_id; - if( !mbedtls_ssl_named_group_is_ecdhe( group_id ) && - !mbedtls_ssl_named_group_is_dhe( group_id ) ) + if( !mbedtls_ssl_tls13_named_group_is_ecdhe( group_id ) && + !mbedtls_ssl_tls13_named_group_is_dhe( group_id ) ) { - MBEDTLS_SSL_PROC_CHK( ssl_named_group_get_default_id( ssl, + MBEDTLS_SSL_PROC_CHK( ssl_tls13_get_default_group_id( ssl, &group_id ) ); } @@ -406,7 +403,7 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, */ client_shares_ptr = p; #if defined(MBEDTLS_ECDH_C) - if( mbedtls_ssl_named_group_is_ecdhe( group_id ) ) + if( mbedtls_ssl_tls13_named_group_is_ecdhe( group_id ) ) { /* Pointer of group */ unsigned char *group_id_ptr = p; @@ -419,9 +416,9 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 4 ); p += 4; - ret = ssl_key_share_gen_and_write_ecdhe( ssl, group_id, - p, end, - &key_exchange_len ); + ret = ssl_tls13_generate_and_write_ecdh_key_exchange( ssl, group_id, + p, end, + &key_exchange_len ); p += key_exchange_len; if( ret != 0 ) return( ret ); @@ -440,12 +437,19 @@ static int ssl_tls13_write_key_share_ext( mbedtls_ssl_context *ssl, else return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + /* Length of client_shares */ + client_shares_len = p - client_shares_ptr; + if( client_shares_len == 0) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "No key share defined." ) ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + } /* Write extension_type */ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_KEY_SHARE, buf, 0 ); /* Write extension_data_length */ - MBEDTLS_PUT_UINT16_BE( p - client_shares_ptr + 2, buf, 2 ); + MBEDTLS_PUT_UINT16_BE( client_shares_len + 2, buf, 2 ); /* Write client_shares_length */ - MBEDTLS_PUT_UINT16_BE( p - client_shares_ptr, buf, 4 ); + MBEDTLS_PUT_UINT16_BE( client_shares_len, buf, 4 ); /* Update offered_group_id field */ ssl->handshake->offered_group_id = group_id; diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c index 79ecfff3ea..5c20f29283 100644 --- a/library/ssl_tls13_generic.c +++ b/library/ssl_tls13_generic.c @@ -28,7 +28,6 @@ #include "ssl_misc.h" - int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl, unsigned hs_type, unsigned char **buf, @@ -101,15 +100,14 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl, * * Only if we handle at least one key exchange that needs signatures. */ - int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, unsigned char *buf, unsigned char *end, size_t *olen ) { unsigned char *p = buf; - unsigned char *sig_alg_ptr; /* Start of supported_signature_algorithms */ - size_t sig_alg_len = 0; /* Length of supported_signature_algorithms */ + unsigned char *supported_sig_alg_ptr; /* Start of supported_signature_algorithms */ + size_t supported_sig_alg_len = 0; /* Length of supported_signature_algorithms */ *olen = 0; @@ -125,14 +123,18 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "adding signature_algorithms extension" ) ); - /* Check there is space for extension header */ + /* Check if we have space for header and length field: + * - extension_type (2 bytes) + * - extension_data_length (2 bytes) + * - supported_signature_algorithms_length (2 bytes) + */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 6 ); p += 6; /* * Write supported_signature_algorithms */ - sig_alg_ptr = p; + supported_sig_alg_ptr = p; for( const uint16_t *sig_alg = ssl->conf->tls13_sig_algs; *sig_alg != MBEDTLS_TLS13_SIG_NONE; sig_alg++ ) { @@ -142,9 +144,9 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 3, ( "signature scheme [%x]", *sig_alg ) ); } - /* Length of supported_signature_algorithms*/ - sig_alg_len = p - sig_alg_ptr; - if( sig_alg_len == 0 ) + /* Length of supported_signature_algorithms */ + supported_sig_alg_len = p - supported_sig_alg_ptr; + if( supported_sig_alg_len == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "No signature algorithms defined." ) ); return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); @@ -153,9 +155,9 @@ int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl, /* Write extension_type */ MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SIG_ALG, buf, 0 ); /* Write extension_data_length */ - MBEDTLS_PUT_UINT16_BE( sig_alg_len + 2, buf, 2 ); + MBEDTLS_PUT_UINT16_BE( supported_sig_alg_len + 2, buf, 2 ); /* Write length of supported_signature_algorithms */ - MBEDTLS_PUT_UINT16_BE( sig_alg_len, buf, 4 ); + MBEDTLS_PUT_UINT16_BE( supported_sig_alg_len, buf, 4 ); /* Output the total length of signature algorithms extension. */ *olen = p - buf;