From 2fe5f61e1a68f1550390fb7efd8a19626c6df50c Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:08:57 +0100 Subject: [PATCH 01/40] Add generic codes for syntactic and semantic message parsing errors Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 7 +++---- include/mbedtls/ssl.h | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 2835fd55c3..82c88dcf7b 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,10 +101,9 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 23 (Started from top, plus 0x6000, gaps at - * 0x6600) - * SSL 7 28 (Started from 0x7080, gaps at - * 0x7300, 0x7500, 0x7580, 0x7800) + * SSL 6 24 (Started from top, plus 0x6000) + * SSL 7 29 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7800) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 02b59ed737..7187533422 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -68,7 +68,7 @@ #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /**< A message could not be parsed due to a syntactic error. */ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ @@ -112,7 +112,7 @@ #define MBEDTLS_ERR_SSL_CLIENT_RECONNECT -0x6780 /**< The client initiated a reconnect from the same port. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_RECORD -0x6700 /**< Record header looks valid but is not expected. */ #define MBEDTLS_ERR_SSL_NON_FATAL -0x6680 /**< The alert message received indicates a non-fatal error. */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER -0x6600 /**< A field in a message was incorrect or inconsistent with other fields. */ #define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ #define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ From 93636cce4ab753cebb56b07df5d65ae9318ce0f8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:32:17 +0100 Subject: [PATCH 02/40] Add MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 82c88dcf7b..294e218009 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 29 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7800) + * SSL 7 30 (Started from 0x7080, gaps at + * 0x7500, 0x7580) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7187533422..0a31d79cec 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -78,7 +78,7 @@ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ From bc00044279e3c702b99cf4f6d6f7f47556faef10 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:18:19 +0100 Subject: [PATCH 03/40] Rename MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION New name is MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 2 +- tests/suites/test_suite_ssl.function | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 0a31d79cec..ba5b0beea8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -95,7 +95,7 @@ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ -#define MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ +#define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ #define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 30e64c4843..4ea8321f6d 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1887,7 +1887,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } cookie_len = *p++; @@ -2041,7 +2041,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, current time: %lu", diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 47151298d4..e92887417f 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1405,7 +1405,7 @@ read_record_header: ssl->conf->min_major_ver, ssl->conf->min_minor_ver ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } if( ssl->major_ver > ssl->conf->max_major_ver ) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index d5123fac19..98ed11fd44 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -1842,7 +1842,7 @@ void perform_handshake( handshake_test_options* options ) if( options->expected_negotiated_version == TEST_SSL_MINOR_VERSION_NONE ) { - expected_handshake_result = MBEDTLS_ERR_SSL_BAD_HS_PROTOCOL_VERSION; + expected_handshake_result = MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION; } TEST_ASSERT( mbedtls_move_handshake_to_state( &(client.ssl), From 241c19707b68ebd42dd74859c2d743696f0860e7 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:44:26 +0100 Subject: [PATCH 04/40] Remove MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 3 ++- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 294e218009..9d48c9ae46 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,7 +101,8 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 24 (Started from top, plus 0x6000) + * SSL 6 23 (Started from top, plus 0x6000, gaps at + * 0x6E00) * SSL 7 30 (Started from 0x7080, gaps at * 0x7500, 0x7580) * diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ba5b0beea8..df6b629eb7 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,7 +96,7 @@ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET -0x6E00 /**< Processing of the NewSessionTicket handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4ea8321f6d..149b6c16ae 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -4121,7 +4121,7 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } msg = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); @@ -4136,7 +4136,7 @@ static int ssl_parse_new_session_ticket( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad new session ticket message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_NEW_SESSION_TICKET ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "ticket length: %" MBEDTLS_PRINTF_SIZET, ticket_len ) ); From d01fc5f583741ed4fdc8c772122db5fb5441ae4b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:51:27 +0100 Subject: [PATCH 05/40] Introduce MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE error code Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 3 +-- include/mbedtls/ssl.h | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 9d48c9ae46..479a63ebcb 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,10 +101,9 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 6 23 (Started from top, plus 0x6000, gaps at - * 0x6E00) * SSL 7 30 (Started from 0x7080, gaps at * 0x7500, 0x7580) + * SSL 6 24 (Started from top, plus 0x6000) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index df6b629eb7..728b546952 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,7 +96,7 @@ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -/* Error space gap */ +#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< Handshake negotiation failed because of incompatible parameter sets supported by client and server. */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ From b24e74bff7774877e899b0e1b7b999381fd2af9f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 09:52:01 +0100 Subject: [PATCH 06/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP error code Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 479a63ebcb..d8253a1fc3 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -101,9 +101,9 @@ * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) - * SSL 7 30 (Started from 0x7080, gaps at - * 0x7500, 0x7580) * SSL 6 24 (Started from top, plus 0x6000) + * SSL 7 29 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7C80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 728b546952..903ef51b69 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -87,7 +87,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP -0x7C80 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Read Public. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index e92887417f..36281c98b5 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3404,7 +3404,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } *p += n; @@ -3769,7 +3769,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) p, end - p) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, @@ -3915,7 +3915,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) p, end - p ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_read_public", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_RP ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_USE_PSA_CRYPTO) From 029cc2f97b2d2d7ec7cb8809ef1b87a9b3b72bae Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:09:50 +0100 Subject: [PATCH 07/40] Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d8253a1fc3..46021204d6 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 29 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7C80) + * SSL 7 28 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7B80, 0x7C80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 903ef51b69..7a70185b05 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -85,7 +85,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE -0x7B80 /**< Processing of the ServerHelloDone handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ /* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 149b6c16ae..e7e18c67d4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3479,7 +3479,7 @@ static int ssl_parse_server_hello_done( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello done message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO_DONE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->state++; From 666b5b45f7ea6efef3a20010edb580ec55d8049a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:13:31 +0100 Subject: [PATCH 08/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 24 ++++++++++++------------ 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 46021204d6..989d31e229 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 28 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7B80, 0x7C80) + * SSL 7 27 (Started from 0x7080, gaps at + * 0x7500, 0x7580, 0x7B80, 0x7C00, 0x7C80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 7a70185b05..e067cded2b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -86,7 +86,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE -0x7C00 /**< Processing of the ClientKeyExchange handshake message failed. */ +/* Error space gap */ /* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 36281c98b5..8facacfc44 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3389,7 +3389,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * if( *p + 2 > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } n = ( (*p)[0] << 8 ) | (*p)[1]; @@ -3398,7 +3398,7 @@ static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char * if( *p + n > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ( ret = mbedtls_dhm_read_public( &ssl->handshake->dhm_ctx, *p, n ) ) != 0 ) @@ -3466,20 +3466,20 @@ static int ssl_decrypt_encrypted_pms( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_TLS1_2) if ( p + 2 > end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( *p++ != ( ( len >> 8 ) & 0xFF ) || *p++ != ( ( len ) & 0xFF ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #endif if( p + len != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -3640,7 +3640,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha if( end - *p < 2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } n = ( (*p)[0] << 8 ) | (*p)[1]; @@ -3649,7 +3649,7 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha if( n == 0 || n > end - *p ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ssl->conf->f_psk != NULL ) @@ -3718,13 +3718,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CLIENT_KEY_EXCHANGE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) @@ -3739,7 +3739,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ( ret = mbedtls_dhm_calc_secret( &ssl->handshake->dhm_ctx, @@ -3805,7 +3805,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -3890,7 +3890,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( p != end ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client key exchange" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, From d3eec7825831cafdf57f8eeb311de635ffdb713a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:21:46 +0100 Subject: [PATCH 09/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 989d31e229..63a529f1c8 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 27 (Started from 0x7080, gaps at - * 0x7500, 0x7580, 0x7B80, 0x7C00, 0x7C80) + * SSL 7 26 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7D00) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index e067cded2b..6ee4cd8be2 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -88,7 +88,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS -0x7D00 /**< Processing of the ClientKeyExchange handshake message failed in DHM / ECDH Calculate Secret. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 8facacfc44..b667d016c8 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3749,7 +3749,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_dhm_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K ); @@ -3782,7 +3782,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) ssl->conf->f_rng, ssl->conf->p_rng ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecdh_calc_secret", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE_CS ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_ECDH( 3, &ssl->handshake->ecdh_ctx, From d934a2aafc3f23710250765cf9b5e8215b30b815 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:23:45 +0100 Subject: [PATCH 10/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 14 +++++++------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 63a529f1c8..d64f0d097e 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 26 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7D00) + * SSL 7 25 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7D80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 6ee4cd8be2..85c3649f1b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -89,7 +89,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY -0x7D80 /**< Processing of the CertificateVerify handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index b667d016c8..c6749af3b0 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -4061,7 +4061,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE_VERIFY ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } i = mbedtls_ssl_hs_hdr_len( ssl ); @@ -4089,7 +4089,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( i + 2 > ssl->in_hslen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -4101,7 +4101,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #if !defined(MBEDTLS_MD_SHA1) @@ -4122,7 +4122,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg" " for verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -4131,7 +4131,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( !mbedtls_pk_can_do( peer_pk, pk_alg ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } i++; @@ -4146,7 +4146,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( i + 2 > ssl->in_hslen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sig_len = ( ssl->in_msg[i] << 8 ) | ssl->in_msg[i+1]; @@ -4155,7 +4155,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) if( i + sig_len != ssl->in_hslen ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Calculate hash and verify signature */ From d200296f17b65a5a0ba275cdcdaa90fb9022ad68 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:25:40 +0100 Subject: [PATCH 11/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index d64f0d097e..6ba280ab13 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 25 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7D80) + * SSL 7 24 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7E00) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 85c3649f1b..d8d7f579ed 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -90,7 +90,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_CHANGE_CIPHER_SPEC -0x7E00 /**< Processing of the ChangeCipherSpec handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ From a0ca87eb68cda0d9e20644a4c81ec38f70e51690 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:27:37 +0100 Subject: [PATCH 12/40] Remove MBEDTLS_ERR_SSL_BAD_HS_FINISHED Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 16 +++++++++++----- 3 files changed, 14 insertions(+), 8 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 6ba280ab13..54465149f0 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 24 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7E00) + * SSL 7 23 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index d8d7f579ed..2751aa25a0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -91,7 +91,7 @@ /* Error space gap */ /* Error space gap */ /* Error space gap */ -#define MBEDTLS_ERR_SSL_BAD_HS_FINISHED -0x7E80 /**< Processing of the Finished handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_ALLOC_FAILED -0x7F00 /**< Memory allocation failed */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1396400ceb..d11658217f 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -2903,13 +2903,19 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) hash_len = 12; - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED || - ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_FINISHED ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_hslen != mbedtls_ssl_hs_hdr_len( ssl ) + hash_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( mbedtls_ssl_safer_memcmp( ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ), @@ -2917,8 +2923,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_FINISHED ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #if defined(MBEDTLS_SSL_RENEGOTIATION) From cbc8f6fd5d5c8d154e518fb85de15a541013f605 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:32:31 +0100 Subject: [PATCH 13/40] Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE Signed-off-by: Hanno Becker Signed-off-by: Dave Rodgman --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 52 ++++++++++++++++++++--------------------- library/ssl_srv.c | 2 +- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 54465149f0..2f9e8d4ae9 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 23 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B80-0x7E80) + * SSL 7 22 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7B00-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 2751aa25a0..3e6037b52c 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -84,7 +84,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE -0x7B00 /**< Processing of the ServerKeyExchange handshake message failed. */ +/* Error space gap */ /* Error space gap */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e7e18c67d4..714ae304c1 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2482,7 +2482,7 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %" MBEDTLS_PRINTF_SIZET " < %u", dhm_actual_bitlen, ssl->conf->dhm_min_bitlen ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: P ", &ssl->handshake->dhm_ctx.P ); @@ -2554,11 +2554,11 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, */ if( end - *p < 4 ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); /* First byte is curve_type; only named_curve is handled */ if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); /* Next two bytes are the namedcurve value */ tls_id = *(*p)++; @@ -2569,10 +2569,10 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, if( ( handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) { - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( ecdh_bits > 0xffff ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); handshake->ecdh_bits = (uint16_t) ecdh_bits; /* @@ -2581,7 +2581,7 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, ecpoint_len = *(*p)++; if( (size_t)( end - *p ) < ecpoint_len ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); if( mbedtls_psa_tls_ecpoint_to_psa_ec( *p, ecpoint_len, @@ -2631,7 +2631,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } return( ret ); @@ -2658,7 +2658,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } len = (*p)[0] << 8 | (*p)[1]; *p += 2; @@ -2667,7 +2667,7 @@ static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -2791,7 +2791,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, } if( (*p) + 2 > end ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); /* * Get hash algorithm @@ -2801,7 +2801,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -2812,7 +2812,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -2822,7 +2822,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used HashAlgorithm %d that was not offered", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", @@ -3007,7 +3007,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } /* FALLTROUGH */ #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ @@ -3031,8 +3031,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -3050,8 +3050,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -3071,8 +3071,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -3090,8 +3090,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } } else @@ -3129,7 +3129,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( pk_alg != @@ -3141,7 +3141,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else @@ -3162,7 +3162,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sig_len = ( p[0] << 8 ) | p[1]; p += 2; @@ -3174,7 +3174,7 @@ start_processing: ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "signature", p, sig_len ); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c6749af3b0..6ac8d9d858 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -3955,7 +3955,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ecjpake_read_round_two", ret ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); } ret = mbedtls_ecjpake_derive_secret( &ssl->handshake->ecjpake_ctx, From 5697af0d3d0bf404c0f50203a0afaf53db397766 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 10:33:51 +0100 Subject: [PATCH 14/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 ++-- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 2f9e8d4ae9..0c4e47dd2c 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 22 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7B00-0x7E80) + * SSL 7 21 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 3e6037b52c..ccdb8d634b 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -83,7 +83,7 @@ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST -0x7A80 /**< Processing of the CertificateRequest handshake message failed. */ +/* Error space gap */ /* Error space gap */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 714ae304c1..4ff8a935aa 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3363,7 +3363,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } cert_type_len = buf[mbedtls_ssl_hs_hdr_len( ssl )]; n = cert_type_len; @@ -3383,7 +3383,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* supported_signature_algorithms */ @@ -3418,7 +3418,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_DEBUG_C) @@ -3445,7 +3445,7 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate request message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE_REQUEST ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } exit: From 9ed1ba5926bcb842d19eb5d72f5811067596e262 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:03:13 +0100 Subject: [PATCH 15/40] Rename MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE New name MBEDTLS_ERR_SSL_BAD_CERTIFICATE Also, replace some instances of MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE by MBEDTLS_ERR_SSL_DECODE_ERROR and MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER as fit. Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 2 +- library/ssl_tls.c | 30 ++++++++++++++++++------------ 3 files changed, 20 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ccdb8d634b..4e44b11961 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -82,7 +82,7 @@ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ #define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ +#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ /* Error space gap */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4ff8a935aa..b4634c27c4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2876,7 +2876,7 @@ static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl ) if( ssl_check_server_ecdh_params( ssl ) != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server certificate (ECDH curve)" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d11658217f..e8ca5e11f6 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1855,13 +1855,19 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } - if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE || - ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) + if( ssl->in_msg[0] != MBEDTLS_SSL_HS_CERTIFICATE ) + { + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); + } + + if( ssl->in_hslen < mbedtls_ssl_hs_hdr_len( ssl ) + 3 + 3 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } i = mbedtls_ssl_hs_hdr_len( ssl ); @@ -1877,7 +1883,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Make &ssl->in_msg[i] point to the beginning of the CRT chain. */ @@ -1892,7 +1898,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ @@ -1902,7 +1908,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Read length of the next CRT in the chain. */ @@ -1916,7 +1922,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Check if we're handling the first CRT in the chain. */ @@ -1937,8 +1943,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); - return( MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* Now we can safely free the original chain. */ @@ -2148,7 +2154,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) ); if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } } #endif /* MBEDTLS_ECP_C */ @@ -2160,7 +2166,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (usage extensions)" ) ); if( ret == 0 ) - ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE; + ret = MBEDTLS_ERR_SSL_BAD_CERTIFICATE; } /* mbedtls_x509_crt_verify_with_profile is supposed to report a @@ -2171,7 +2177,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, * ssl_parse_certificate even if verification was optional. */ if( authmode == MBEDTLS_SSL_VERIFY_OPTIONAL && ( ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED || - ret == MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE ) ) + ret == MBEDTLS_ERR_SSL_BAD_CERTIFICATE ) ) { ret = 0; } From c3411d4041d71102288fdb54b2de684b7393a7af Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:09:00 +0100 Subject: [PATCH 16/40] Remove MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 +- include/mbedtls/ssl.h | 2 +- library/ssl_cli.c | 90 ++++++++++++++++++++--------------------- 3 files changed, 48 insertions(+), 48 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 0c4e47dd2c..15265bb52b 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 21 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7A80-0x7E80) + * SSL 7 20 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 4e44b11961..b7eea479f8 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -81,7 +81,7 @@ #define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ #define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO -0x7980 /**< Processing of the ServerHello handshake message failed. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ /* Error space gap */ /* Error space gap */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index b4634c27c4..adcac44404 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1389,8 +1389,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else @@ -1403,8 +1403,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1431,8 +1431,8 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } return( 0 ); @@ -1453,16 +1453,16 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( len == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } peer_cid_len = *buf++; @@ -1472,16 +1472,16 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( len != peer_cid_len ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; @@ -1508,8 +1508,8 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ((void) buf); @@ -1533,8 +1533,8 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ((void) buf); @@ -1558,8 +1558,8 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ((void) buf); @@ -1584,7 +1584,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_size = buf[0]; @@ -1612,7 +1612,7 @@ static int ssl_parse_supported_point_formats_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "no point format in common" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ @@ -1665,8 +1665,8 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -1684,7 +1684,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_len = ( buf[0] << 8 ) | buf[1]; @@ -1692,7 +1692,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } name_len = buf[2]; @@ -1700,7 +1700,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Check that the server chosen protocol was in our list and save it */ @@ -1717,7 +1717,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "ALPN extension: no matching protocol" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif /* MBEDTLS_SSL_ALPN */ @@ -1759,7 +1759,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * and optional srtp_mki */ if( ( len < 5 ) || ( len != ( buf[4] + 5u ) ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); /* * get the server protection profile @@ -1770,7 +1770,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, * one protection profile in server Hello */ if( ( buf[0] != 0 ) || ( buf[1] != 2 ) ) - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); server_protection_profile_value = ( buf[2] << 8 ) | buf[3]; server_protection = mbedtls_ssl_check_srtp_profile_value( @@ -1804,7 +1804,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* If server does not use mki in its reply, make sure the client won't keep @@ -1825,7 +1825,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #if defined (MBEDTLS_DEBUG_C) if( len > 5 ) @@ -1860,7 +1860,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) ( "incoming HelloVerifyRequest message is too short" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -1897,7 +1897,7 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) ( "cookie length does not match incoming message size" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "cookie", p, cookie_len ); @@ -2005,7 +2005,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -2061,7 +2061,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( ssl->in_hslen > mbedtls_ssl_hs_hdr_len( ssl ) + 39 + n ) @@ -2077,7 +2077,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else if( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) + 38 + n ) @@ -2089,7 +2089,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* ciphersuite (used later) */ @@ -2186,7 +2186,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( ssl->conf->ciphersuite_list[i++] == @@ -2205,8 +2205,8 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 3, @@ -2228,7 +2228,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->session_negotiate->compression = comp; @@ -2250,7 +2250,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } switch( ext_id ) @@ -2395,7 +2395,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) if( ext_len > 0 && ext_len < 4 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } @@ -2443,7 +2443,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse server hello" ) ); From 90d59dddf58ac927e307a8e33c67ec1340d6e5db Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:17:13 +0100 Subject: [PATCH 17/40] Remove MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO Signed-off-by: Hanno Becker --- include/mbedtls/error.h | 4 +- include/mbedtls/ssl.h | 2 +- library/ssl_msg.c | 6 +-- library/ssl_srv.c | 116 ++++++++++++++++++++-------------------- 4 files changed, 64 insertions(+), 64 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 15265bb52b..49e9f1b02f 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -102,8 +102,8 @@ * SSL 5 2 (Started from 0x5F00) * CIPHER 6 8 (Started from 0x6080) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 20 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7980, 0x7A80-0x7E80) + * SSL 7 19 (Started from 0x7080, gaps at + * 0x7500-0x7580, 0x7900-0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b7eea479f8..b96fe07c49 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -80,7 +80,7 @@ #define MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE -0x7780 /**< A fatal alert message was received from our peer. */ #define MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME -0x7800 /**< No server could be identified matching the client's SNI. */ #define MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY -0x7880 /**< The peer notified us that the connection is going to be closed. */ -#define MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO -0x7900 /**< Processing of the ClientHello handshake message failed. */ +/* Error space gap */ /* Error space gap */ #define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 /**< Processing of the Certificate handshake message failed. */ /* Error space gap */ diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 0fa206b592..11896ca740 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -3112,16 +3112,16 @@ static int ssl_check_dtls_clihlo_cookie( in[3] != 0 || in[4] != 0 || in[19] != 0 || in[20] != 0 || in[21] != 0 ) { - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sid_len = in[59]; if( sid_len > in_len - 61 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); cookie_len = in[60 + sid_len]; if( cookie_len > in_len - 60 ) - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); if( f_cookie_check( p_cookie, in + sid_len + 61, cookie_len, cli_id, cli_id_len ) == 0 ) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 6ac8d9d858..a7de9f451b 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -91,7 +91,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } servername_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( servername_list_size + 2 != len ) @@ -99,7 +99,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } p = buf + 2; @@ -111,7 +111,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } if( p[0] == MBEDTLS_TLS_EXT_SERVERNAME_HOSTNAME ) @@ -123,7 +123,7 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_RET( 1, "ssl_sni_wrapper", ret ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME ); } return( 0 ); } @@ -136,8 +136,8 @@ static int ssl_parse_servername_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } return( 0 ); @@ -201,8 +201,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else @@ -212,8 +212,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -253,7 +253,7 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } sig_alg_list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( sig_alg_list_size + 2 != len || @@ -262,7 +262,7 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Currently we only guarantee signing the ServerKeyExchange message according @@ -327,7 +327,7 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_size = ( ( buf[0] << 8 ) | ( buf[1] ) ); if( list_size + 2 != len || @@ -336,7 +336,7 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Should never happen unless client duplicates the extension */ @@ -344,8 +344,8 @@ static int ssl_parse_supported_elliptic_curves( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* Don't allow our peer to make us allocate too much memory, @@ -393,7 +393,7 @@ static int ssl_parse_supported_point_formats( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_size = buf[0]; @@ -462,7 +462,7 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->session_negotiate->mfl_code = buf[0]; @@ -484,7 +484,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } /* @@ -500,8 +500,8 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } peer_cid_len = *buf++; @@ -511,8 +511,8 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Ignore CID if the user has disabled its use. */ @@ -529,7 +529,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; @@ -553,7 +553,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ((void) buf); @@ -577,7 +577,7 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ((void) buf); @@ -690,7 +690,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } list_len = ( buf[0] << 8 ) | buf[1]; @@ -698,7 +698,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -715,7 +715,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Empty strings MUST NOT be included */ @@ -723,7 +723,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } @@ -749,7 +749,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, /* If we get there, no match was found */ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif /* MBEDTLS_SSL_ALPN */ @@ -793,8 +793,8 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, if( len < size_of_lengths ) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->dtls_srtp_info.chosen_dtls_srtp_profile = MBEDTLS_TLS_SRTP_UNSET; @@ -808,8 +808,8 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, profile_length % 2 != 0 ) /* profiles are 2 bytes long, so the length must be even */ { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* * parse the extension list values are defined in @@ -853,8 +853,8 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, mki_length + profile_length + size_of_lengths != len ) { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* Parse the mki only if present and mki is supported locally */ @@ -1183,7 +1183,7 @@ read_record_header: if( buf[0] != MBEDTLS_SSL_MSG_HANDSHAKE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, message len.: %d", @@ -1201,7 +1201,7 @@ read_record_header: if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); } /* For DTLS if this is the initial handshake, remember the client sequence @@ -1217,7 +1217,7 @@ read_record_header: if( ssl->in_ctr[0] != 0 || ssl->in_ctr[1] != 0 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } memcpy( ssl->cur_out_ctr + 2, ssl->in_ctr + 2, 6 ); @@ -1251,7 +1251,7 @@ read_record_header: if( msg_len > MBEDTLS_SSL_IN_CONTENT_LEN ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } if( ( ret = mbedtls_ssl_fetch_input( ssl, @@ -1287,7 +1287,7 @@ read_record_header: if( msg_len < mbedtls_ssl_hs_hdr_len( ssl ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake type: %d", buf[0] ) ); @@ -1295,7 +1295,7 @@ read_record_header: if( buf[0] != MBEDTLS_SSL_HS_CLIENT_HELLO ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE ); } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello v3, handshake len.: %d", @@ -1306,7 +1306,7 @@ read_record_header: msg_len != mbedtls_ssl_hs_hdr_len( ssl ) + ( ( buf[2] << 8 ) | buf[3] ) ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } #if defined(MBEDTLS_SSL_PROTO_DTLS) @@ -1328,7 +1328,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message_seq: " "%u (expected %u)", cli_msg_seq, ssl->handshake->in_msg_seq ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ssl->handshake->in_msg_seq++; @@ -1382,7 +1382,7 @@ read_record_header: if( msg_len < 38 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* @@ -1434,7 +1434,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, session id", buf + 35, sess_len ); @@ -1458,8 +1458,8 @@ read_record_header: { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, cookie", @@ -1493,7 +1493,7 @@ read_record_header: { /* This may be an attacker's probe, so don't send an alert */ MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "cookie verification skipped" ) ); @@ -1518,7 +1518,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, ciphersuitelist", @@ -1538,7 +1538,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, compression", @@ -1561,7 +1561,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ext_len = ( buf[ext_offset + 0] << 8 ) @@ -1572,7 +1572,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } else @@ -1589,7 +1589,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } ext_id = ( ( ext[0] << 8 ) | ( ext[1] ) ); ext_size = ( ( ext[2] << 8 ) | ( ext[3] ) ); @@ -1599,7 +1599,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } switch( ext_id ) { @@ -1785,7 +1785,7 @@ read_record_header: "during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1830,7 +1830,7 @@ read_record_header: { mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* From 2e3ecda684f867a6304d1611e13859ea1312e5c3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 11:22:22 +0100 Subject: [PATCH 18/40] Adust migration guide for SSL error codes Signed-off-by: Hanno Becker --- .../ssl-error-code-cleanup.md | 25 +++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md index 49d1a0f223..cad5a61b52 100644 --- a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md +++ b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md @@ -1,20 +1,41 @@ -Removal of some SSL error codes +Changes in the SSL error code space ----------------------------------------------------------------- +# Removals + This affects users manually checking for the following error codes: - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` - `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` +- `MBEDTLS_ERR_SSL_BAD_HS_XXX` Migration paths: + - `MBEDTLS_ERR_SSL_CERTIFICATE_REQUIRED` and `MBEDTLS_ERR_SSL_INVALID_VERIFY_HASH` should never be returned from Mbed TLS, and there is no need to check for it. + Users should simply remove manual checks for those codes, and let the Mbed TLS team know if -- contrary to the team's understanding -- there is in fact a situation where one of them was ever returned. + - `MBEDTLS_ERR_SSL_CERTIFICATE_TOO_LARGE` has been removed, and `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` is returned instead if the user's own certificate - is too large to fit into the output buffers. Users should check for + is too large to fit into the output buffers. + + Users should check for `MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL` instead, and potentially compare the size of their own certificate against the configured size of the output buffer to understand if the error is due to an overly large certificate. + +- All `MBEDTLS_ERR_SSL_BAD_HS_XXX` error code have been removed. + + Users should check for the newly introduced generic error codes + * `MBEDTLS_ERR_SSL_DECODE_ERROR` + * `MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER`, + * `MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE` + * `MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION` + * `MBEDTLS_ERR_SSL_BAD_CERTIFICATE` + * `MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME` + instead. + + Users should check for the generic error codes instead. From 2fc9a652bca2ba715e90d68b7bb0cbbd998db085 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 15:40:11 +0100 Subject: [PATCH 19/40] Address review feedback Signed-off-by: Hanno Becker --- docs/3.0-migration-guide.d/ssl-error-code-cleanup.md | 2 -- library/ssl_cli.c | 8 ++++---- library/ssl_srv.c | 2 +- library/ssl_tls.c | 4 ++-- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md index cad5a61b52..ce795e5d90 100644 --- a/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md +++ b/docs/3.0-migration-guide.d/ssl-error-code-cleanup.md @@ -37,5 +37,3 @@ Migration paths: * `MBEDTLS_ERR_SSL_BAD_CERTIFICATE` * `MBEDTLS_ERR_SSL_UNRECOGNIZED_NAME` instead. - - Users should check for the generic error codes instead. diff --git a/library/ssl_cli.c b/library/ssl_cli.c index adcac44404..1acb3d0195 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2558,7 +2558,7 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, /* First byte is curve_type; only named_curve is handled */ if( *(*p)++ != MBEDTLS_ECP_TLS_NAMED_CURVE ) - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); /* Next two bytes are the namedcurve value */ tls_id = *(*p)++; @@ -2569,7 +2569,7 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl, if( ( handshake->ecdh_psa_type = mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) { - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } if( ecdh_bits > 0xffff ) return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); @@ -2631,7 +2631,7 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (ECDHE curve)" ) ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } return( ret ); @@ -2801,7 +2801,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* diff --git a/library/ssl_srv.c b/library/ssl_srv.c index a7de9f451b..2c801ef766 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1785,7 +1785,7 @@ read_record_header: "during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e8ca5e11f6..eb3dcc2ca8 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1907,8 +1907,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* Read length of the next CRT in the chain. */ From 77b4a6592ae9eaf86d0bd6e71b0f749596f4094f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 16:27:09 +0100 Subject: [PATCH 20/40] Address review feedback Signed-off-by: Hanno Becker --- library/ssl_cli.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 1acb3d0195..6ea7865c62 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3090,8 +3090,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } } else From b561bedadd61d9845ed647a4290ebf1cc0e961f8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 24 Jun 2021 16:41:01 +0100 Subject: [PATCH 21/40] Make MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE more generic Signed-off-by: Hanno Becker --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b96fe07c49..df085974fe 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -96,7 +96,7 @@ #define MBEDTLS_ERR_SSL_HW_ACCEL_FAILED -0x7F80 /**< Hardware acceleration function returned with error */ #define MBEDTLS_ERR_SSL_HW_ACCEL_FALLTHROUGH -0x6F80 /**< Hardware acceleration function skipped / left alone data */ #define MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION -0x6E80 /**< Handshake protocol not within min/max boundaries */ -#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< Handshake negotiation failed because of incompatible parameter sets supported by client and server. */ +#define MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE -0x6E00 /**< The handshake negotiation failed. */ #define MBEDTLS_ERR_SSL_SESSION_TICKET_EXPIRED -0x6D80 /**< Session ticket has expired. */ #define MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH -0x6D00 /**< Public key type mismatch (eg, asked for RSA key exchange and presented EC key) */ #define MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY -0x6C80 /**< Unknown identity received (eg, PSK identity) */ From 8f127397f87c32083ee77dadc442f5d4abc1d25a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 12:02:21 +0100 Subject: [PATCH 22/40] Update alert message for parsing PSK hint Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 6ea7865c62..fb33b54fa8 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3006,7 +3006,7 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } } /* FALLTROUGH */ From 5f8c18b0d0d0d90f0c9ef7e6ae47370350bc6c33 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 11:58:00 +0100 Subject: [PATCH 23/40] Update error code from ssl_parse_signature_algorithm Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index fb33b54fa8..558755d4ea 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -2812,7 +2812,7 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } /* From e8dbd539661e7e3b67abe72eb7afb45e25162495 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 12:05:06 +0100 Subject: [PATCH 24/40] Update error code for cert parsing failure Signed-off-by: Dave Rodgman --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index eb3dcc2ca8..97f9c1b842 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1898,7 +1898,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); + return( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ From 43fcb8d7c126a725d40783f382f13a5609986b39 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Mon, 28 Jun 2021 21:49:15 +0100 Subject: [PATCH 25/40] Address review feedback Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_fragment_len_return.txt | 5 +++++ ChangeLog.d/update_ssl_error_codes.txt | 3 +++ library/ssl_cli.c | 12 ++++++------ library/ssl_srv.c | 8 ++++---- library/ssl_tls.c | 14 +++++++------- 5 files changed, 25 insertions(+), 17 deletions(-) create mode 100644 ChangeLog.d/fix_fragment_len_return.txt create mode 100644 ChangeLog.d/update_ssl_error_codes.txt diff --git a/ChangeLog.d/fix_fragment_len_return.txt b/ChangeLog.d/fix_fragment_len_return.txt new file mode 100644 index 0000000000..bfbf93cd21 --- /dev/null +++ b/ChangeLog.d/fix_fragment_len_return.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix the error returned when a client requests an invalid + * fragment length, as per RFC6066 section 4. We now return + * MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER, and raise the corresponding + * alert. diff --git a/ChangeLog.d/update_ssl_error_codes.txt b/ChangeLog.d/update_ssl_error_codes.txt new file mode 100644 index 0000000000..0630b54759 --- /dev/null +++ b/ChangeLog.d/update_ssl_error_codes.txt @@ -0,0 +1,3 @@ +Changes + * Various changes to which alert and/or error code may be returned + * during the TLS handshake. diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 558755d4ea..fc791d6bd9 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1389,8 +1389,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } } else @@ -1403,8 +1403,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; @@ -1453,7 +1453,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } @@ -1508,7 +1508,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 2c801ef766..75beb6e937 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -201,8 +201,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } } else @@ -212,8 +212,8 @@ static int ssl_parse_renegotiation_info( mbedtls_ssl_context *ssl, { MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-zero length renegotiation info" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 97f9c1b842..1cfda4a081 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1898,7 +1898,7 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); + return( MBEDTLS_ERR_SSL_DECODE_ERROR ); } /* In theory, the CRT can be up to 2**24 Bytes, but we don't support * anything beyond 2**16 ~ 64K. */ @@ -1907,8 +1907,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } /* Read length of the next CRT in the chain. */ @@ -1943,8 +1943,8 @@ static int ssl_parse_certificate_chain( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "new server cert during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED ); + return( MBEDTLS_ERR_SSL_BAD_CERTIFICATE ); } /* Now we can safely free the original chain. */ @@ -2929,8 +2929,8 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad finished message" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #if defined(MBEDTLS_SSL_RENEGOTIATION) From 858894056dc3bf7bc49b7ed6b7ce4c5e328a60b6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 09:43:55 +0100 Subject: [PATCH 26/40] Improve changelog Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_fragment_len_return.txt | 5 ----- ChangeLog.d/fix_tls_alert_codes.txt | 6 ++++++ 2 files changed, 6 insertions(+), 5 deletions(-) delete mode 100644 ChangeLog.d/fix_fragment_len_return.txt create mode 100644 ChangeLog.d/fix_tls_alert_codes.txt diff --git a/ChangeLog.d/fix_fragment_len_return.txt b/ChangeLog.d/fix_fragment_len_return.txt deleted file mode 100644 index bfbf93cd21..0000000000 --- a/ChangeLog.d/fix_fragment_len_return.txt +++ /dev/null @@ -1,5 +0,0 @@ -Bugfix - * Fix the error returned when a client requests an invalid - * fragment length, as per RFC6066 section 4. We now return - * MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER, and raise the corresponding - * alert. diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt new file mode 100644 index 0000000000..abe3a5e6df --- /dev/null +++ b/ChangeLog.d/fix_tls_alert_codes.txt @@ -0,0 +1,6 @@ +Bugfix + * Fix the alert raised when a client requests an invalid + * fragment length, as per RFC6066 section 4. We now alert with + * MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER. Similarly, raise + * MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR for an invalid finished + * message, as per RFC5247 section 7.2.2. From 096c41111e28b221ec2f46540a9c6da1949178f2 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 09:52:06 +0100 Subject: [PATCH 27/40] Remove MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE Signed-off-by: Dave Rodgman --- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index df085974fe..95cf1fbfcd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -105,7 +105,7 @@ #define MBEDTLS_ERR_SSL_WAITING_SERVER_HELLO_RENEGO -0x6B00 /**< Unexpected message at ServerHello in renegotiation. */ #define MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED -0x6A80 /**< DTLS client must retry for hello verification */ #define MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL -0x6A00 /**< A buffer is too small to receive or write a message */ -#define MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE -0x6980 /**< None of the common ciphersuites is usable (eg, no suitable certificate, see debug messages). */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_WANT_READ -0x6900 /**< No data of requested type currently available on underlying transport. */ #define MBEDTLS_ERR_SSL_WANT_WRITE -0x6880 /**< Connection requires a write call. */ #define MBEDTLS_ERR_SSL_TIMEOUT -0x6800 /**< The operation timed out. */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 75beb6e937..c41eff233d 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1885,7 +1885,7 @@ read_record_header: "but none of them usable" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } else { From 53c8689e886f274f29751b58febeacd752a4d6be Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 10:02:06 +0100 Subject: [PATCH 28/40] Introduce new TLS error codes Introduce new codes: * MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION * MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL These are returned when the corresponding alert is raised. Signed-off-by: Dave Rodgman --- include/mbedtls/ssl.h | 4 ++-- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 95cf1fbfcd..64f90fecd0 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -72,8 +72,8 @@ #define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ -/* NOTE: Error space gap */ -/* NOTE: Error space gap */ +#define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 /**< Client received an extended server hello containing an unsupported extension */ +#define MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL -0x7580 /**< No ALPN protocols supported that the client advertises */ #define MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED -0x7600 /**< The own private key or pre-shared key is not set, but needed. */ #define MBEDTLS_ERR_SSL_CA_CHAIN_REQUIRED -0x7680 /**< No CA Chain is set, but required to operate. */ #define MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE -0x7700 /**< An unexpected message was received from our peer. */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index fc791d6bd9..d588fcd229 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1454,7 +1454,7 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } if( len == 0 ) @@ -1509,7 +1509,7 @@ static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } ((void) buf); diff --git a/library/ssl_srv.c b/library/ssl_srv.c index c41eff233d..7e94102548 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -749,7 +749,7 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, /* If we get there, no match was found */ mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL ); } #endif /* MBEDTLS_SSL_ALPN */ From bb05cd09b726b1c2116c33462db8633a773408a7 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 10:37:43 +0100 Subject: [PATCH 29/40] Remove MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN Signed-off-by: Dave Rodgman --- include/mbedtls/ssl.h | 2 +- library/ssl_srv.c | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 64f90fecd0..492fe93d98 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -69,7 +69,7 @@ #define MBEDTLS_ERR_SSL_INVALID_RECORD -0x7200 /**< An invalid SSL record was received. */ #define MBEDTLS_ERR_SSL_CONN_EOF -0x7280 /**< The connection indicated an EOF. */ #define MBEDTLS_ERR_SSL_DECODE_ERROR -0x7300 /**< A message could not be parsed due to a syntactic error. */ -#define MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN -0x7380 /**< The server has no ciphersuites in common with the client. */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_NO_RNG -0x7400 /**< No RNG was provided to the SSL module. */ #define MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE -0x7480 /**< No client certification received from the client, but required by the authentication mode. */ #define MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION -0x7500 /**< Client received an extended server hello containing an unsupported extension */ diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 7e94102548..9de18be934 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1892,7 +1892,7 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no ciphersuites in common" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } have_ciphersuite: @@ -3054,7 +3054,7 @@ curve_matching_done: if( curve == NULL || *curve == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "no matching curve for ECDHE" ) ); - return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) ); From 03edc8614fbb9206aee7759c0c9b394827c25d85 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 11:06:18 +0100 Subject: [PATCH 30/40] Fix docs in error.h Signed-off-by: Dave Rodgman --- include/mbedtls/error.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index 49e9f1b02f..cc79d4f073 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -100,10 +100,10 @@ * MD 5 5 * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) - * CIPHER 6 8 (Started from 0x6080) + * CIPHER 6 7 (Started from 0x6080, gap at 0x6980) * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 19 (Started from 0x7080, gaps at - * 0x7500-0x7580, 0x7900-0x7980, 0x7A80-0x7E80) + * SSL 7 20 (Started from 0x7080, gaps at + * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) */ From bed8927538447ca9ca3397ba08387bf2d0952995 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 12:06:32 +0100 Subject: [PATCH 31/40] Correct some TLS alerts and error codes Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index d588fcd229..e3c1ef63bb 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1533,8 +1533,8 @@ static int ssl_parse_extended_ms_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } ((void) buf); @@ -1558,8 +1558,8 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } ((void) buf); @@ -1665,8 +1665,8 @@ static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT ); + return( MBEDTLS_ERR_SSL_UNSUPPORTED_EXTENSION ); } /* @@ -3031,8 +3031,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else From 6ce10be0ce203a96505358fa7d497d5e22162432 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:20:31 +0100 Subject: [PATCH 32/40] Fix test failure The test was checking for an obsolete error. Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c8e49853ed..674485e4c4 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5375,7 +5375,7 @@ run_test "PSK callback: no psk, no callback" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 1 \ - -s "SSL - None of the common ciphersuites is usable" \ + -s "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" From c628fc980f075ae6dfdcd4d0fce75a61897995cb Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:32:46 +0100 Subject: [PATCH 33/40] Correct and clarify the SSL error code documentation Signed-off-by: Dave Rodgman --- include/mbedtls/error.h | 6 +++--- include/mbedtls/ssl.h | 10 +++++++++- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h index cc79d4f073..5c7fb61416 100644 --- a/include/mbedtls/error.h +++ b/include/mbedtls/error.h @@ -100,9 +100,9 @@ * MD 5 5 * HKDF 5 1 (Started from top) * SSL 5 2 (Started from 0x5F00) - * CIPHER 6 7 (Started from 0x6080, gap at 0x6980) - * SSL 6 24 (Started from top, plus 0x6000) - * SSL 7 20 (Started from 0x7080, gaps at + * CIPHER 6 8 (Started from 0x6080) + * SSL 6 22 (Started from top, plus 0x6000) + * SSL 7 20 (Started from 0x7000, gaps at * 0x7380, 0x7900-0x7980, 0x7A80-0x7E80) * * Module dependent error code (5 bits 0x.00.-0x.F8.) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 492fe93d98..45e4054757 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -63,6 +63,7 @@ /* * SSL Error codes */ +#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ #define MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE -0x7080 /**< The requested feature is not available. */ #define MBEDTLS_ERR_SSL_BAD_INPUT_DATA -0x7100 /**< Bad input parameters to function. */ #define MBEDTLS_ERR_SSL_INVALID_MAC -0x7180 /**< Verification of the message MAC failed. */ @@ -116,9 +117,16 @@ #define MBEDTLS_ERR_SSL_CONTINUE_PROCESSING -0x6580 /**< Internal-only message signaling that further message-processing should be done */ #define MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS -0x6500 /**< The asynchronous operation is not completed yet. */ #define MBEDTLS_ERR_SSL_EARLY_MESSAGE -0x6480 /**< Internal-only message signaling that a message arrived early. */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ +/* Error space gap */ #define MBEDTLS_ERR_SSL_UNEXPECTED_CID -0x6000 /**< An encrypted DTLS-frame with an unexpected CID was received. */ #define MBEDTLS_ERR_SSL_VERSION_MISMATCH -0x5F00 /**< An operation failed due to an unexpected version or configuration. */ -#define MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS -0x7000 /**< A cryptographic operation is in progress. Try again later. */ #define MBEDTLS_ERR_SSL_BAD_CONFIG -0x5E80 /**< Invalid value in SSL config */ /* From 4b60e0742b4888235b90e3fcf55269f1d9bb48d6 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:40:02 +0100 Subject: [PATCH 34/40] Improve Changelog wording Signed-off-by: Dave Rodgman --- ChangeLog.d/fix_tls_alert_codes.txt | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/ChangeLog.d/fix_tls_alert_codes.txt b/ChangeLog.d/fix_tls_alert_codes.txt index abe3a5e6df..10235d7bc3 100644 --- a/ChangeLog.d/fix_tls_alert_codes.txt +++ b/ChangeLog.d/fix_tls_alert_codes.txt @@ -1,6 +1,5 @@ Bugfix - * Fix the alert raised when a client requests an invalid - * fragment length, as per RFC6066 section 4. We now alert with - * MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER. Similarly, raise - * MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR for an invalid finished - * message, as per RFC5247 section 7.2.2. + * Fix which alert is sent in some cases to conform to the + applicable RFC: on an invalid Finished message value, an + invalid max_fragment_length extension, or an + unsupported extension used by the server. From c50b717a192fe84a0cdc183d7b207eb70032775a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 14:40:23 +0100 Subject: [PATCH 35/40] Update a couple of ssl error codes Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 4 ++-- library/ssl_srv.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index e3c1ef63bb..0e763e63ac 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3050,8 +3050,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 9de18be934..38ccc72abd 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1785,7 +1785,7 @@ read_record_header: "during renegotiation" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE ); } #endif ssl->secure_renegotiation = MBEDTLS_SSL_SECURE_RENEGOTIATION; From 39bd5a655e146348f47c71778867a696f5afd67a Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 15:25:21 +0100 Subject: [PATCH 36/40] Address review comment Signed-off-by: Dave Rodgman --- library/ssl_cli.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 0e763e63ac..a80da545f8 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -3071,8 +3071,8 @@ start_processing: mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); } } else From 737237fe37ef5a43b8cb2d898c0ee1e3a9032551 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:07:57 +0100 Subject: [PATCH 37/40] Fix ECJPAKE test failures Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 674485e4c4..c11507bbd0 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5438,7 +5438,7 @@ run_test "ECJPAKE: client not configured" \ -S "ciphersuite mismatch: ecjpake not configured" \ -S "server hello, ecjpake kkpp extension" \ -C "found ecjpake_kkpp extension" \ - -S "None of the common ciphersuites is usable" + -S "SSL - The handshake negotiation failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: server not configured" \ @@ -5453,7 +5453,7 @@ run_test "ECJPAKE: server not configured" \ -s "ciphersuite mismatch: ecjpake not configured" \ -S "server hello, ecjpake kkpp extension" \ -C "found ecjpake_kkpp extension" \ - -s "None of the common ciphersuites is usable" + -s "SSL - The handshake negotiation failed" requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, TLS" \ @@ -5469,7 +5469,7 @@ run_test "ECJPAKE: working, TLS" \ -S "ciphersuite mismatch: ecjpake not configured" \ -s "server hello, ecjpake kkpp extension" \ -c "found ecjpake_kkpp extension" \ - -S "None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Verification of the message MAC failed" server_needs_more_time 1 From bec7cafbe11d4898b591be694f4691b376ab3300 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:05:34 +0100 Subject: [PATCH 38/40] Correct required config flag in ECJPAKE tests Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c11507bbd0..236da498fb 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5473,7 +5473,7 @@ run_test "ECJPAKE: working, TLS" \ -S "SSL - Verification of the message MAC failed" server_needs_more_time 1 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: password mismatch, TLS" \ "$P_SRV debug_level=3 ecjpake_pw=bla" \ "$P_CLI debug_level=3 ecjpake_pw=bad \ @@ -5482,7 +5482,7 @@ run_test "ECJPAKE: password mismatch, TLS" \ -C "re-using cached ecjpake parameters" \ -s "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, DTLS" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ @@ -5491,7 +5491,7 @@ run_test "ECJPAKE: working, DTLS" \ -c "re-using cached ecjpake parameters" \ -S "SSL - Verification of the message MAC failed" -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, DTLS, no cookie" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ @@ -5501,7 +5501,7 @@ run_test "ECJPAKE: working, DTLS, no cookie" \ -S "SSL - Verification of the message MAC failed" server_needs_more_time 1 -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: password mismatch, DTLS" \ "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ @@ -5511,7 +5511,7 @@ run_test "ECJPAKE: password mismatch, DTLS" \ -s "SSL - Verification of the message MAC failed" # for tests with configs/config-thread.h -requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE +requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED run_test "ECJPAKE: working, DTLS, nolog" \ "$P_SRV dtls=1 ecjpake_pw=bla" \ "$P_CLI dtls=1 ecjpake_pw=bla \ From e5b828cb32ba0cb3f6c3cd56c4e8ff4281a5c3f3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:05:34 +0100 Subject: [PATCH 39/40] Fix error string checked for by ssl-opt.sh negative tests Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 46 +++++++++++++++++++++++----------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 236da498fb..e75ff4b011 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -269,7 +269,7 @@ maybe_requires_ciphersuite_enabled() { shift case "$*" in - *"-s SSL - The server has no ciphersuites in common"*) + *"-s SSL - The handshake negotiation failed"*) # This test case expects a ciphersuite mismatch, so it doesn't # require the ciphersuite to be enabled. ;; @@ -5132,7 +5132,7 @@ run_test "PSK callback: psk, no callback" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 0 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5146,7 +5146,7 @@ run_test "PSK callback: opaque psk on client, no callback" \ -S "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5160,7 +5160,7 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ -S "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5174,7 +5174,7 @@ run_test "PSK callback: opaque psk on client, no callback, EMS" \ -S "skip PMS generation for opaque PSK"\ -c "session hash for extended master secret"\ -s "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5188,7 +5188,7 @@ run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ -S "skip PMS generation for opaque PSK"\ -c "session hash for extended master secret"\ -s "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5202,7 +5202,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5216,7 +5216,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5231,7 +5231,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5246,7 +5246,7 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5260,7 +5260,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5274,7 +5274,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5289,7 +5289,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5304,7 +5304,7 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS -s "session hash for extended master secret"\ -C "skip PMS generation for opaque PSK"\ -s "skip PMS generation for opaque PSK"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5318,7 +5318,7 @@ run_test "PSK callback: raw psk on client, mismatching static raw PSK on serv -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5332,7 +5332,7 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -s "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5345,7 +5345,7 @@ run_test "PSK callback: raw psk on client, mismatching static opaque PSK on s -C "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5358,7 +5358,7 @@ run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on s -C "skip PMS generation for opaque PSK"\ -C "session hash for extended master secret"\ -S "session hash for extended master secret"\ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5384,7 +5384,7 @@ run_test "PSK callback: callback overrides other settings" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=foo psk=abc123" \ 1 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -s "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5393,7 +5393,7 @@ run_test "PSK callback: first id matches" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=abc psk=dead" \ 0 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5402,7 +5402,7 @@ run_test "PSK callback: second id matches" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=def psk=beef" \ 0 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5411,7 +5411,7 @@ run_test "PSK callback: no match" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=ghi psk=beef" \ 1 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -s "SSL - Unknown identity received" \ -S "SSL - Verification of the message MAC failed" @@ -5420,7 +5420,7 @@ run_test "PSK callback: wrong key" \ "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ psk_identity=abc psk=beef" \ 1 \ - -S "SSL - None of the common ciphersuites is usable" \ + -S "SSL - The handshake negotiation failed" \ -S "SSL - Unknown identity received" \ -s "SSL - Verification of the message MAC failed" From c42409820b3b596d0ed45e60927c287080d0eae3 Mon Sep 17 00:00:00 2001 From: Dave Rodgman Date: Tue, 29 Jun 2021 19:53:16 +0100 Subject: [PATCH 40/40] Change exceptional case for running negative tests Update maybe_requires_ciphersuite_enabled so that it will not skip the ciphersuite requirement when running a test case where the test expects a ciphersuite mismatch Signed-off-by: Dave Rodgman --- tests/ssl-opt.sh | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e75ff4b011..2b77037b2d 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -257,8 +257,7 @@ requires_ciphersuite_enabled() { # maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...] # If CMD (call to a TLS client or server program) requires a specific # ciphersuite, arrange to only run the test case if this ciphersuite is -# enabled. As an exception, do run the test case if it expects a ciphersuite -# mismatch. +# enabled. maybe_requires_ciphersuite_enabled() { case "$1" in *\ force_ciphersuite=*) :;; @@ -268,15 +267,7 @@ maybe_requires_ciphersuite_enabled() { ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}" shift - case "$*" in - *"-s SSL - The handshake negotiation failed"*) - # This test case expects a ciphersuite mismatch, so it doesn't - # require the ciphersuite to be enabled. - ;; - *) - requires_ciphersuite_enabled "$ciphersuite" - ;; - esac + requires_ciphersuite_enabled "$ciphersuite" unset ciphersuite }