mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-19 18:39:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

mbedtls_ssl_(read|write)_version using tls_version

Browse Source 
remove use of MBEDTLS_SSL_MINOR_VERSION_*
remove use of MBEDTLS_SSL_MAJOR_VERSION_*
(only remaining use is in tests/suites/test_suite_ssl.data)

Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
This commit is contained in:
Glenn Strauss 2022-03-15 03:23:42 -04:00
parent 60bfe60d0f
commit e3af4cb72a
9 changed files with 119 additions and 180 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
library/ssl_client.c
View File

@ -602,9 +602,8 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl,
* In all cases this is the TLS 1.2 version.
*/
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 );
mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3,
ssl->conf->transport, p );
mbedtls_ssl_write_version( p, ssl->conf->transport,
MBEDTLS_SSL_VERSION_TLS1_2 );
p += 2;
/* ...

37
library/ssl_misc.h
View File

@ -59,35 +59,6 @@
#define inline __inline
#endif
/* Legacy minor version numbers as defined by:
* - RFC 2246: ProtocolVersion version = { 3, 1 }; // TLS v1.0
* - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1
*
* We no longer support these versions, but some code still references those
* constants as part of negotiating with the peer, so keep them available
* internally.
*/
#define MBEDTLS_SSL_MINOR_VERSION_1 1
#define MBEDTLS_SSL_MINOR_VERSION_2 2
/* Determine minimum supported version */
#define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
#elif defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_4
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
/* Determine maximum supported version */
#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_4
#elif defined(MBEDTLS_SSL_PROTO_TLS1_2)
#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* Shorthand for restartable ECC */
#if defined(MBEDTLS_ECP_RESTARTABLE) && \
defined(MBEDTLS_SSL_CLI_C) && \
@ -1457,10 +1428,10 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
uint32_t *flags );
#endif /* MBEDTLS_X509_CRT_PARSE_C */
void mbedtls_ssl_write_version( int major, int minor, int transport,
unsigned char ver[2] );
void mbedtls_ssl_read_version( int *major, int *minor, int transport,
const unsigned char ver[2] );
void mbedtls_ssl_write_version( unsigned char version[2], int transport,
mbedtls_ssl_protocol_version tls_version );
uint16_t mbedtls_ssl_read_version( const unsigned char version[2],
int transport );
static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl )
{

63
library/ssl_msg.c
View File

@ -2682,8 +2682,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush )
if( tls_ver == MBEDTLS_SSL_VERSION_TLS1_3 )
tls_ver = MBEDTLS_SSL_VERSION_TLS1_2;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
mbedtls_ssl_write_version( tls_ver >> 8, tls_ver & 0xFF,
ssl->conf->transport, ssl->out_hdr + 1 );
mbedtls_ssl_write_version( ssl->out_hdr + 1, ssl->conf->transport,
tls_ver );
memcpy( ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0);
@ -2698,8 +2698,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush )
rec.data_offset = ssl->out_msg - rec.buf;
memcpy( &rec.ctr[0], ssl->out_ctr, sizeof( rec.ctr ) );
mbedtls_ssl_write_version( tls_ver >> 8, tls_ver & 0xFF,
ssl->conf->transport, rec.ver );
mbedtls_ssl_write_version( rec.ver, ssl->conf->transport, tls_ver );
rec.type = ssl->out_msgtype;
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
@ -3421,7 +3420,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
size_t len,
mbedtls_record *rec )
{
int major_ver, minor_ver;
mbedtls_ssl_protocol_version tls_version;
size_t const rec_hdr_type_offset = 0;
size_t const rec_hdr_type_len = 1;
@ -3531,11 +3530,10 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
rec->ver[0] = buf[ rec_hdr_version_offset + 0 ];
rec->ver[1] = buf[ rec_hdr_version_offset + 1 ];
mbedtls_ssl_read_version( &major_ver, &minor_ver,
ssl->conf->transport,
&rec->ver[0] );
tls_version = mbedtls_ssl_read_version( buf + rec_hdr_version_offset,
ssl->conf->transport );
if( ( ( major_ver << 8 ) | minor_ver ) > ssl->conf->max_tls_version )
if( tls_version > ssl->conf->max_tls_version )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS version mismatch" ) );
return( MBEDTLS_ERR_SSL_INVALID_RECORD );
@ -3569,9 +3567,8 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl,
MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %u, "
"version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET,
rec->type,
major_ver, minor_ver, rec->data_len ) );
"version = [0x%x], msglen = %" MBEDTLS_PRINTF_SIZET,
rec->type, (unsigned)tls_version, rec->data_len ) );
rec->buf = buf;
rec->buf_len = rec->data_offset + rec->data_len;
@ -5810,51 +5807,35 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl,
* and, for DTLS, to/from TLS equivalent.
*
* For TLS this is the identity.
* For DTLS, use 1's complement (v -> 255 - v, and then map as follows:
* For DTLS, map as follows, then use 1's complement (v -> ~v):
* 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2)
* DTLS 1.0 is stored as TLS 1.1 internally
*/
void mbedtls_ssl_write_version( int major, int minor, int transport,
unsigned char ver[2] )
void mbedtls_ssl_write_version( unsigned char version[2], int transport,
mbedtls_ssl_protocol_version tls_version )
{
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
if( minor == MBEDTLS_SSL_MINOR_VERSION_2 )
--minor; /* DTLS 1.0 stored as TLS 1.1 internally */
ver[0] = (unsigned char)( 255 - ( major - 2 ) );
ver[1] = (unsigned char)( 255 - ( minor - 1 ) );
}
else
tls_version =
~( tls_version - ( tls_version == 0x0302 ? 0x0202 : 0x0201 ) );
#else
((void) transport);
#endif
{
ver[0] = (unsigned char) major;
ver[1] = (unsigned char) minor;
}
MBEDTLS_PUT_UINT16_BE( tls_version, version, 0 );
}
void mbedtls_ssl_read_version( int *major, int *minor, int transport,
const unsigned char ver[2] )
uint16_t mbedtls_ssl_read_version( const unsigned char version[2],
int transport )
{
uint16_t tls_version = MBEDTLS_GET_UINT16_BE( version, 0 );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
*major = 255 - ver[0] + 2;
*minor = 255 - ver[1] + 1;
if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 )
++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */
}
else
tls_version =
~( tls_version - ( tls_version == 0xfeff ? 0x0202 : 0x0201 ) );
#else
((void) transport);
#endif
{
*major = ver[0];
*minor = ver[1];
}
return tls_version;
}
/*

23
library/ssl_tls12_client.c
View File

@ -1121,7 +1121,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl,
static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
{
const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl );
int major_ver, minor_ver;
mbedtls_ssl_protocol_version tls_version;
unsigned char cookie_len;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) );
@ -1146,16 +1146,15 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl )
* } HelloVerifyRequest;
*/
MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 );
mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p );
tls_version = mbedtls_ssl_read_version( p, ssl->conf->transport );
p += 2;
/*
* Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1)
* even is lower than our min version.
* even if lower than our min version.
*/
if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 ||
minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 ||
( ( major_ver << 8 ) | minor_ver ) > ssl->conf->max_tls_version )
if( tls_version < 0x0302 || /* TLSv1.1 */
tls_version > ssl->conf->max_tls_version )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) );
@ -1212,7 +1211,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
#endif
int handshake_failure = 0;
const mbedtls_ssl_ciphersuite_t *suite_info;
int major_ver, minor_ver;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) );
@ -1297,10 +1295,8 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
*/
buf += mbedtls_ssl_hs_hdr_len( ssl );
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 );
mbedtls_ssl_read_version( &major_ver, &minor_ver,
ssl->conf->transport, buf + 0 );
ssl->tls_version = ( major_ver << 8 ) | minor_ver;
MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf, 2 );
ssl->tls_version = mbedtls_ssl_read_version( buf, ssl->conf->transport );
ssl->session_negotiate->tls_version = ssl->tls_version;
if( ssl->tls_version < ssl->conf->min_tls_version ||
@ -1988,9 +1984,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
* opaque random[46];
* } PreMasterSecret;
*/
mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3,
ssl->conf->transport, p );
mbedtls_ssl_write_version( p, ssl->conf->transport,
MBEDTLS_SSL_VERSION_TLS1_2 );
if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 )
{

19
library/ssl_tls12_server.c
View File

@ -1147,7 +1147,6 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl )
int handshake_failure = 0;
const int *ciphersuites;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
int major, minor;
/* If there is no signature-algorithm extension present,
* we need to fall back to the default values for allowed
@ -1206,13 +1205,11 @@ read_record_header:
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, protocol version: [%d:%d]",
buf[1], buf[2] ) );
mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 );
/* According to RFC 5246 Appendix E.1, the version here is typically
* "{03,00}, the lowest version number supported by the client, [or] the
* value of ClientHello.client_version", so the only meaningful check here
* is the major version shouldn't be less than 3 */
if( major < MBEDTLS_SSL_MAJOR_VERSION_3 )
if( mbedtls_ssl_read_version( buf + 1, ssl->conf->transport ) < 0x0300 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) );
return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION );
@ -1405,8 +1402,7 @@ read_record_header:
*/
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 );
mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf );
ssl->tls_version = ( major << 8 ) | minor;
ssl->tls_version = mbedtls_ssl_read_version( buf, ssl->conf->transport );
ssl->session_negotiate->tls_version = ssl->tls_version;
if( ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_2 )
@ -2354,8 +2350,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl )
/* The RFC is not clear on this point, but sending the actual negotiated
* version looks like the most interoperable thing to do. */
mbedtls_ssl_write_version( ssl->tls_version >> 8, ssl->tls_version & 0xFF,
ssl->conf->transport, p );
mbedtls_ssl_write_version( p, ssl->conf->transport, ssl->tls_version );
MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 );
p += 2;
@ -2494,8 +2489,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
buf = ssl->out_msg;
p = buf + 4;
mbedtls_ssl_write_version( ssl->tls_version >> 8, ssl->tls_version & 0xFF,
ssl->conf->transport, p );
mbedtls_ssl_write_version( p, ssl->conf->transport, ssl->tls_version );
p += 2;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]",
@ -3734,9 +3728,8 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl,
return( ret );
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3,
ssl->conf->transport, ver );
mbedtls_ssl_write_version( ver, ssl->conf->transport,
ssl->session_negotiate->tls_version );
/* Avoid data-dependent branches while checking for invalid
* padding, to protect against timing-based Bleichenbacher-type

18
library/ssl_tls13_client.c
View File

@ -75,17 +75,15 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
* They are defined by the configuration.
* Currently, we advertise only TLS 1.3 or both TLS 1.3 and TLS 1.2.
*/
mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_4,
MBEDTLS_SSL_TRANSPORT_STREAM, p );
mbedtls_ssl_write_version( p, MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_VERSION_TLS1_3 );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [3:4]" ) );
if( ssl->handshake->min_minor_ver <= MBEDTLS_SSL_MINOR_VERSION_3 )
{
mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_TRANSPORT_STREAM, p + 2 );
mbedtls_ssl_write_version( p + 2, MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_VERSION_TLS1_2 );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [3:3]" ) );
}
@ -101,8 +99,8 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl,
((void) ssl);
MBEDTLS_SSL_CHK_BUF_READ_PTR( buf, end, 2 );
if( buf[0] != MBEDTLS_SSL_MAJOR_VERSION_3 ||
buf[1] != MBEDTLS_SSL_MINOR_VERSION_4 )
if( mbedtls_ssl_read_version( buf, ssl->conf->transport ) !=
MBEDTLS_SSL_VERSION_TLS1_3 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected version" ) );
@ -1026,8 +1024,8 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl,
* with ProtocolVersion defined as:
* uint16 ProtocolVersion;
*/
if( !( p[0] == MBEDTLS_SSL_MAJOR_VERSION_3 &&
p[1] == MBEDTLS_SSL_MINOR_VERSION_3 ) )
if( mbedtls_ssl_read_version( p, ssl->conf->transport ) !=
MBEDTLS_SSL_VERSION_TLS1_2 )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported version of TLS." ) );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION,

44
programs/ssl/ssl_client2.c
View File

@ -1132,10 +1132,10 @@ int main( int argc, char *argv[] )
{
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
@ -1144,10 +1144,10 @@ int main( int argc, char *argv[] )
{
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
@ -1165,20 +1165,20 @@ int main( int argc, char *argv[] )
{
if( strcmp( q, "tls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2;
}
else if( strcmp( q, "dtls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
@ -1372,14 +1372,14 @@ int main( int argc, char *argv[] )
mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
if( opt.max_version != -1 &&
( ciphersuite_info->min_tls_version & 0xFF ) > opt.max_version )
ciphersuite_info->min_tls_version > opt.max_version )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
goto usage;
}
if( opt.min_version != -1 &&
( ciphersuite_info->max_tls_version & 0xFF ) < opt.min_version )
ciphersuite_info->max_tls_version < opt.min_version )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
@ -1389,17 +1389,17 @@ int main( int argc, char *argv[] )
/* If the server selects a version that's not supported by
* this suite, then there will be no common ciphersuite... */
if( opt.max_version == -1 ||
opt.max_version > ( ciphersuite_info->max_tls_version & 0xFF ) )
opt.max_version > ciphersuite_info->max_tls_version )
{
opt.max_version = ( ciphersuite_info->max_tls_version & 0xFF );
opt.max_version = ciphersuite_info->max_tls_version;
}
if( opt.min_version < ( ciphersuite_info->min_tls_version & 0xFF ) )
if( opt.min_version < ciphersuite_info->min_tls_version )
{
opt.min_version = ( ciphersuite_info->min_tls_version & 0xFF );
opt.min_version = ciphersuite_info->min_tls_version;
/* DTLS starts with TLS 1.2 */
if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM &&
opt.min_version < MBEDTLS_SSL_MINOR_VERSION_3 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version < MBEDTLS_SSL_VERSION_TLS1_2 )
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@ -1410,7 +1410,7 @@ int main( int argc, char *argv[] )
* the ciphersuite in advance to set the correct policy for the
* PSK key slot. This limitation might go away in the future. */
if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 )
{
mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
ret = 2;
@ -1967,12 +1967,10 @@ int main( int argc, char *argv[] )
#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
if( opt.min_version != DFL_MIN_VERSION )
mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
opt.min_version );
mbedtls_ssl_conf_min_tls_version( &conf, opt.min_version );
if( opt.max_version != DFL_MAX_VERSION )
mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3,
opt.max_version );
mbedtls_ssl_conf_max_tls_version( &conf, opt.max_version );
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{

38
programs/ssl/ssl_server2.c
View File

@ -1845,10 +1845,10 @@ int main( int argc, char *argv[] )
{
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
@ -1857,10 +1857,10 @@ int main( int argc, char *argv[] )
{
if( strcmp( q, "tls12" ) == 0 ||
strcmp( q, "dtls12" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3;
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
goto usage;
@ -1878,20 +1878,20 @@ int main( int argc, char *argv[] )
{
if( strcmp( q, "tls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2;
}
else if( strcmp( q, "dtls12" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2;
opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM;
}
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
else if( strcmp( q, "tls13" ) == 0 )
{
opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4;
opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3;
opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3;
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
else
@ -2164,14 +2164,14 @@ int main( int argc, char *argv[] )
mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] );
if( opt.max_version != -1 &&
( ciphersuite_info->min_tls_version & 0xFF ) > opt.max_version )
ciphersuite_info->min_tls_version > opt.max_version )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
goto usage;
}
if( opt.min_version != -1 &&
( ciphersuite_info->max_tls_version & 0xFF ) < opt.min_version )
ciphersuite_info->max_tls_version < opt.min_version )
{
mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" );
ret = 2;
@ -2181,13 +2181,13 @@ int main( int argc, char *argv[] )
/* If we select a version that's not supported by
* this suite, then there will be no common ciphersuite... */
if( opt.max_version == -1 ||
opt.max_version > ( ciphersuite_info->max_tls_version & 0xFF ) )
opt.max_version > ciphersuite_info->max_tls_version )
{
opt.max_version = ( ciphersuite_info->max_tls_version & 0xFF );
opt.max_version = ciphersuite_info->max_tls_version;
}
if( opt.min_version < ( ciphersuite_info->min_tls_version & 0xFF ) )
if( opt.min_version < ciphersuite_info->min_tls_version )
{
opt.min_version = ( ciphersuite_info->min_tls_version & 0xFF );
opt.min_version = ciphersuite_info->min_tls_version;
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
@ -2198,7 +2198,7 @@ int main( int argc, char *argv[] )
* the ciphersuite in advance to set the correct policy for the
* PSK key slot. This limitation might go away in the future. */
if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK ||
opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 )
opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 )
{
mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" );
ret = 2;
@ -3086,10 +3086,10 @@ int main( int argc, char *argv[] )
#endif
if( opt.min_version != DFL_MIN_VERSION )
mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version );
mbedtls_ssl_conf_min_tls_version( &conf, opt.min_version );
if( opt.max_version != DFL_MIN_VERSION )
mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version );
mbedtls_ssl_conf_max_tls_version( &conf, opt.max_version );
if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 )
{

52
tests/suites/test_suite_ssl.function
View File

@ -89,7 +89,7 @@ void init_handshake_options( handshake_test_options *opts )
opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE;
opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE;
opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE;
opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3;
opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2;
opts->pk_alg = MBEDTLS_PK_RSA;
opts->psk_str = NULL;
opts->dtls = 0;
@ -1868,7 +1868,7 @@ int check_ssl_version( int expected_negotiated_version,
mbedtls_ssl_protocol_version version_number =
mbedtls_ssl_get_version_number( ssl );
TEST_EQUAL( ssl->tls_version, ( 0x0300 | expected_negotiated_version ) );
TEST_EQUAL( ssl->tls_version, expected_negotiated_version );
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
{
@ -1878,12 +1878,12 @@ int check_ssl_version( int expected_negotiated_version,
switch( expected_negotiated_version )
{
case MBEDTLS_SSL_MINOR_VERSION_3:
case MBEDTLS_SSL_VERSION_TLS1_2:
TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_TLS1_2 );
TEST_ASSERT( strcmp( version_string, "TLSv1.2" ) == 0 );
break;
case MBEDTLS_SSL_MINOR_VERSION_4:
case MBEDTLS_SSL_VERSION_TLS1_3:
TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_TLS1_3 );
TEST_ASSERT( strcmp( version_string, "TLSv1.3" ) == 0 );
break;
@ -1952,13 +1952,13 @@ void perform_handshake( handshake_test_options* options )
if( options->client_min_version != TEST_SSL_MINOR_VERSION_NONE )
{
mbedtls_ssl_conf_min_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
mbedtls_ssl_conf_min_tls_version( &client.conf,
options->client_min_version );
}
if( options->client_max_version != TEST_SSL_MINOR_VERSION_NONE )
{
mbedtls_ssl_conf_max_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
mbedtls_ssl_conf_max_tls_version( &client.conf,
options->client_max_version );
}
@ -1999,13 +1999,13 @@ void perform_handshake( handshake_test_options* options )
if( options->server_min_version != TEST_SSL_MINOR_VERSION_NONE )
{
mbedtls_ssl_conf_min_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
mbedtls_ssl_conf_min_tls_version( &server.conf,
options->server_min_version );
}
if( options->server_max_version != TEST_SSL_MINOR_VERSION_NONE )
{
mbedtls_ssl_conf_max_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3,
mbedtls_ssl_conf_max_tls_version( &server.conf,
options->server_max_version );
}
@ -3800,8 +3800,8 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac,
/* Prepare a dummy record header */
memset( rec.ctr, 0, sizeof( rec.ctr ) );
rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA;
rec.ver[0] = MBEDTLS_SSL_MAJOR_VERSION_3;
rec.ver[1] = MBEDTLS_SSL_MINOR_VERSION_3;
mbedtls_ssl_write_version( rec.ver, MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_VERSION_TLS1_2 );
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
rec.cid_len = 0;
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@ -4461,10 +4461,9 @@ void ssl_tls13_record_protection( int ciphersuite,
rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA;
/* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */
mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3,
MBEDTLS_SSL_MINOR_VERSION_3,
mbedtls_ssl_write_version( rec.ver,
MBEDTLS_SSL_TRANSPORT_STREAM,
rec.ver );
MBEDTLS_SSL_VERSION_TLS1_2 );
/* Copy plaintext into record structure */
rec.buf = buf;
@ -4914,12 +4913,17 @@ void handshake_version( int dtls, int client_min_version, int client_max_version
handshake_test_options options;
init_handshake_options( &options );
options.client_min_version = client_min_version;
options.client_max_version = client_max_version;
options.server_min_version = server_min_version;
options.server_max_version = server_max_version;
if ( client_min_version != TEST_SSL_MINOR_VERSION_NONE )
options.client_min_version = 0x0300 | client_min_version;
if ( client_max_version != TEST_SSL_MINOR_VERSION_NONE )
options.client_max_version = 0x0300 | client_max_version;
if ( server_min_version != TEST_SSL_MINOR_VERSION_NONE )
options.server_min_version = 0x0300 | server_min_version;
if ( server_max_version != TEST_SSL_MINOR_VERSION_NONE )
options.server_max_version = 0x0300 | server_max_version;
options.expected_negotiated_version = expected_negotiated_version;
if ( expected_negotiated_version != TEST_SSL_MINOR_VERSION_NONE )
options.expected_negotiated_version = 0x0300 | expected_negotiated_version;
options.dtls = dtls;
perform_handshake( &options );
@ -5442,11 +5446,11 @@ void conf_curve()
mbedtls_ssl_config conf;
mbedtls_ssl_config_init( &conf );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
mbedtls_ssl_conf_max_version( &conf, 3, 3 );
mbedtls_ssl_conf_min_version( &conf, 3, 3 );
mbedtls_ssl_conf_max_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 );
mbedtls_ssl_conf_min_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 );
#else
mbedtls_ssl_conf_max_version( &conf, 3, 4 );
mbedtls_ssl_conf_min_version( &conf, 3, 4 );
mbedtls_ssl_conf_max_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_3 );
mbedtls_ssl_conf_min_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_3 );
#endif
mbedtls_ssl_conf_curves( &conf, curve_list );
@ -5478,8 +5482,8 @@ void conf_group()
mbedtls_ssl_config conf;
mbedtls_ssl_config_init( &conf );
mbedtls_ssl_conf_max_version( &conf, 3, 3 );
mbedtls_ssl_conf_min_version( &conf, 3, 3 );
mbedtls_ssl_conf_max_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 );
mbedtls_ssl_conf_min_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 );
mbedtls_ssl_conf_groups( &conf, iana_tls_group_list );