From b1f60163ba3aff6c8209c48f85d398fdfb19a901 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 15:46:15 +0800 Subject: [PATCH 1/5] ssl_tls: remove RSA sig-algs in ssl_preset_suiteb_sig_algs Signed-off-by: Yanray Wang --- library/ssl_tls.c | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index b163e93c25..08f5a5b9b9 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5143,16 +5143,6 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = { // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384) #endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA256) - MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256*/ - -#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA256) - MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA256, -#endif /* MBEDTLS_RSA_C && MBEDTLS_MD_CAN_SHA256*/ - MBEDTLS_TLS_SIG_NONE }; From 69ceb391a0bb216f6c1fc1ca9b8c2d7718fd94a6 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 16:32:39 +0800 Subject: [PATCH 2/5] ssl_tls: remove RSA sig-algs in ssl_tls12_preset_suiteb_sig_algs Signed-off-by: Yanray Wang --- library/ssl_tls.c | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 08f5a5b9b9..830278243d 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5153,17 +5153,12 @@ static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif -#if defined(MBEDTLS_RSA_C) - MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256), -#endif #endif /* MBEDTLS_MD_CAN_SHA256*/ + #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif -#if defined(MBEDTLS_RSA_C) - MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384), -#endif #endif /* MBEDTLS_MD_CAN_SHA256*/ MBEDTLS_TLS_SIG_NONE }; From 55933a3e9c93db693e53a8a61e4e07d36be6a2f9 Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 16:34:15 +0800 Subject: [PATCH 3/5] tls13: fix a wrong RFC reference section Signed-off-by: Yanray Wang --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3c2696fe40..0ca802bc1b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -447,7 +447,7 @@ /* * TLS 1.3 signature algorithms - * RFC 8446, Section 4.2.2 + * RFC 8446, Section 4.2.3 */ /* RSASSA-PKCS1-v1_5 algorithms */ From 1136fad1263216e88c8cf32d85977b55bddbdc9b Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 16:54:31 +0800 Subject: [PATCH 4/5] ssl_tls: improve readability in ssl_*_preset_*_sig_algs - fix wrong comment in #endif - no semantics changes Signed-off-by: Yanray Wang --- library/ssl_tls.c | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 830278243d..511e4360ef 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -5054,23 +5054,17 @@ static uint16_t ssl_preset_default_sig_algs[] = { // == MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512) #endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA512) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA512 */ +#endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA384) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA384) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA384 */ +#endif -#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && \ - defined(MBEDTLS_MD_CAN_SHA256) +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) && defined(MBEDTLS_MD_CAN_SHA256) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif \ - /* MBEDTLS_X509_RSASSA_PSS_SUPPORT && MBEDTLS_MD_CAN_SHA256 */ +#endif #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_MD_CAN_SHA512) MBEDTLS_TLS1_3_SIG_RSA_PKCS1_SHA512, @@ -5090,42 +5084,47 @@ static uint16_t ssl_preset_default_sig_algs[] = { /* NOTICE: see above */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) static uint16_t ssl_tls12_preset_default_sig_algs[] = { + #if defined(MBEDTLS_MD_CAN_SHA512) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA512), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA512, -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA512), #endif -#endif /* MBEDTLS_MD_CAN_SHA512*/ +#endif /* MBEDTLS_MD_CAN_SHA512 */ + #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA384, -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA384), #endif -#endif /* MBEDTLS_MD_CAN_SHA384*/ +#endif /* MBEDTLS_MD_CAN_SHA384 */ + #if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) MBEDTLS_TLS1_3_SIG_RSA_PSS_RSAE_SHA256, -#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ +#endif #if defined(MBEDTLS_RSA_C) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_RSA, MBEDTLS_SSL_HASH_SHA256), #endif -#endif /* MBEDTLS_MD_CAN_SHA256*/ +#endif /* MBEDTLS_MD_CAN_SHA256 */ + MBEDTLS_TLS_SIG_NONE }; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ + /* NOTICE: see above */ static uint16_t ssl_preset_suiteb_sig_algs[] = { @@ -5149,17 +5148,19 @@ static uint16_t ssl_preset_suiteb_sig_algs[] = { /* NOTICE: see above */ #if defined(MBEDTLS_SSL_PROTO_TLS1_2) static uint16_t ssl_tls12_preset_suiteb_sig_algs[] = { + #if defined(MBEDTLS_MD_CAN_SHA256) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA256), #endif -#endif /* MBEDTLS_MD_CAN_SHA256*/ +#endif /* MBEDTLS_MD_CAN_SHA256 */ #if defined(MBEDTLS_MD_CAN_SHA384) #if defined(MBEDTLS_KEY_EXCHANGE_ECDSA_CERT_REQ_ALLOWED_ENABLED) MBEDTLS_SSL_TLS12_SIG_AND_HASH_ALG(MBEDTLS_SSL_SIG_ECDSA, MBEDTLS_SSL_HASH_SHA384), #endif -#endif /* MBEDTLS_MD_CAN_SHA256*/ +#endif /* MBEDTLS_MD_CAN_SHA384 */ + MBEDTLS_TLS_SIG_NONE }; #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ From d8c899cb179f2bae8a89740c0f9819681a9a83be Mon Sep 17 00:00:00 2001 From: Yanray Wang Date: Wed, 22 Nov 2023 18:14:38 +0800 Subject: [PATCH 5/5] TLS Suite B fix: add ChangeLog entry Signed-off-by: Yanray Wang --- ChangeLog.d/fix-tls-SuiteB.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/fix-tls-SuiteB.txt diff --git a/ChangeLog.d/fix-tls-SuiteB.txt b/ChangeLog.d/fix-tls-SuiteB.txt new file mode 100644 index 0000000000..0be753ac5e --- /dev/null +++ b/ChangeLog.d/fix-tls-SuiteB.txt @@ -0,0 +1,3 @@ +Bugfix + * Remove accidental introduction of RSA signature algorithms + in TLS Suite B Profile. Fixes #8221.