diff --git a/library/ssl_client.c b/library/ssl_client.c index f173097103..731b44f6e9 100644 --- a/library/ssl_client.c +++ b/library/ssl_client.c @@ -602,9 +602,8 @@ static int ssl_write_client_hello_body( mbedtls_ssl_context *ssl, * In all cases this is the TLS 1.2 version. */ MBEDTLS_SSL_CHK_BUF_PTR( p, end, 2 ); - mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3, - ssl->conf->transport, p ); + mbedtls_ssl_write_version( p, ssl->conf->transport, + MBEDTLS_SSL_VERSION_TLS1_2 ); p += 2; /* ... diff --git a/library/ssl_misc.h b/library/ssl_misc.h index 9202300b6c..672659d4a1 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -59,35 +59,6 @@ #define inline __inline #endif -/* Legacy minor version numbers as defined by: - * - RFC 2246: ProtocolVersion version = { 3, 1 }; // TLS v1.0 - * - RFC 4346: ProtocolVersion version = { 3, 2 }; // TLS v1.1 - * - * We no longer support these versions, but some code still references those - * constants as part of negotiating with the peer, so keep them available - * internally. - */ -#define MBEDTLS_SSL_MINOR_VERSION_1 1 -#define MBEDTLS_SSL_MINOR_VERSION_2 2 - -/* Determine minimum supported version */ -#define MBEDTLS_SSL_MIN_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 - -#if defined(MBEDTLS_SSL_PROTO_TLS1_2) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 -#elif defined(MBEDTLS_SSL_PROTO_TLS1_3) -#define MBEDTLS_SSL_MIN_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_4 -#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - -/* Determine maximum supported version */ -#define MBEDTLS_SSL_MAX_MAJOR_VERSION MBEDTLS_SSL_MAJOR_VERSION_3 - -#if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_4 -#elif defined(MBEDTLS_SSL_PROTO_TLS1_2) -#define MBEDTLS_SSL_MAX_MINOR_VERSION MBEDTLS_SSL_MINOR_VERSION_3 -#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ - /* Shorthand for restartable ECC */ #if defined(MBEDTLS_ECP_RESTARTABLE) && \ defined(MBEDTLS_SSL_CLI_C) && \ @@ -1457,10 +1428,10 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, uint32_t *flags ); #endif /* MBEDTLS_X509_CRT_PARSE_C */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ); -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ); +void mbedtls_ssl_write_version( unsigned char version[2], int transport, + mbedtls_ssl_protocol_version tls_version ); +uint16_t mbedtls_ssl_read_version( const unsigned char version[2], + int transport ); static inline size_t mbedtls_ssl_in_hdr_len( const mbedtls_ssl_context *ssl ) { diff --git a/library/ssl_msg.c b/library/ssl_msg.c index 011295154b..f1e852e21e 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -2682,8 +2682,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush ) if( tls_ver == MBEDTLS_SSL_VERSION_TLS1_3 ) tls_ver = MBEDTLS_SSL_VERSION_TLS1_2; #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ - mbedtls_ssl_write_version( tls_ver >> 8, tls_ver & 0xFF, - ssl->conf->transport, ssl->out_hdr + 1 ); + mbedtls_ssl_write_version( ssl->out_hdr + 1, ssl->conf->transport, + tls_ver ); memcpy( ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN ); MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0); @@ -2698,8 +2698,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, int force_flush ) rec.data_offset = ssl->out_msg - rec.buf; memcpy( &rec.ctr[0], ssl->out_ctr, sizeof( rec.ctr ) ); - mbedtls_ssl_write_version( tls_ver >> 8, tls_ver & 0xFF, - ssl->conf->transport, rec.ver ); + mbedtls_ssl_write_version( rec.ver, ssl->conf->transport, tls_ver ); rec.type = ssl->out_msgtype; #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) @@ -3421,7 +3420,7 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, size_t len, mbedtls_record *rec ) { - int major_ver, minor_ver; + mbedtls_ssl_protocol_version tls_version; size_t const rec_hdr_type_offset = 0; size_t const rec_hdr_type_len = 1; @@ -3531,11 +3530,10 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, rec->ver[0] = buf[ rec_hdr_version_offset + 0 ]; rec->ver[1] = buf[ rec_hdr_version_offset + 1 ]; - mbedtls_ssl_read_version( &major_ver, &minor_ver, - ssl->conf->transport, - &rec->ver[0] ); + tls_version = mbedtls_ssl_read_version( buf + rec_hdr_version_offset, + ssl->conf->transport ); - if( ( ( major_ver << 8 ) | minor_ver ) > ssl->conf->max_tls_version ) + if( tls_version > ssl->conf->max_tls_version ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "TLS version mismatch" ) ); return( MBEDTLS_ERR_SSL_INVALID_RECORD ); @@ -3569,9 +3567,8 @@ static int ssl_parse_record_header( mbedtls_ssl_context const *ssl, MBEDTLS_SSL_DEBUG_BUF( 4, "input record header", buf, rec->data_offset ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "input record: msgtype = %u, " - "version = [%d:%d], msglen = %" MBEDTLS_PRINTF_SIZET, - rec->type, - major_ver, minor_ver, rec->data_len ) ); + "version = [0x%x], msglen = %" MBEDTLS_PRINTF_SIZET, + rec->type, (unsigned)tls_version, rec->data_len ) ); rec->buf = buf; rec->buf_len = rec->data_offset + rec->data_len; @@ -5810,51 +5807,35 @@ static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, * and, for DTLS, to/from TLS equivalent. * * For TLS this is the identity. - * For DTLS, use 1's complement (v -> 255 - v, and then map as follows: + * For DTLS, map as follows, then use 1's complement (v -> ~v): * 1.x <-> 3.x+1 for x != 0 (DTLS 1.2 based on TLS 1.2) + * DTLS 1.0 is stored as TLS 1.1 internally */ -void mbedtls_ssl_write_version( int major, int minor, int transport, - unsigned char ver[2] ) +void mbedtls_ssl_write_version( unsigned char version[2], int transport, + mbedtls_ssl_protocol_version tls_version ) { #if defined(MBEDTLS_SSL_PROTO_DTLS) if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - if( minor == MBEDTLS_SSL_MINOR_VERSION_2 ) - --minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - - ver[0] = (unsigned char)( 255 - ( major - 2 ) ); - ver[1] = (unsigned char)( 255 - ( minor - 1 ) ); - } - else + tls_version = + ~( tls_version - ( tls_version == 0x0302 ? 0x0202 : 0x0201 ) ); #else ((void) transport); #endif - { - ver[0] = (unsigned char) major; - ver[1] = (unsigned char) minor; - } + MBEDTLS_PUT_UINT16_BE( tls_version, version, 0 ); } -void mbedtls_ssl_read_version( int *major, int *minor, int transport, - const unsigned char ver[2] ) +uint16_t mbedtls_ssl_read_version( const unsigned char version[2], + int transport ) { + uint16_t tls_version = MBEDTLS_GET_UINT16_BE( version, 0 ); #if defined(MBEDTLS_SSL_PROTO_DTLS) if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) - { - *major = 255 - ver[0] + 2; - *minor = 255 - ver[1] + 1; - - if( *minor == MBEDTLS_SSL_MINOR_VERSION_1 ) - ++*minor; /* DTLS 1.0 stored as TLS 1.1 internally */ - } - else + tls_version = + ~( tls_version - ( tls_version == 0xfeff ? 0x0202 : 0x0201 ) ); #else ((void) transport); #endif - { - *major = ver[0]; - *minor = ver[1]; - } + return tls_version; } /* diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c index 451d871140..8f5ab9bc4e 100644 --- a/library/ssl_tls12_client.c +++ b/library/ssl_tls12_client.c @@ -1121,7 +1121,7 @@ static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) { const unsigned char *p = ssl->in_msg + mbedtls_ssl_hs_hdr_len( ssl ); - int major_ver, minor_ver; + mbedtls_ssl_protocol_version tls_version; unsigned char cookie_len; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse hello verify request" ) ); @@ -1146,16 +1146,15 @@ static int ssl_parse_hello_verify_request( mbedtls_ssl_context *ssl ) * } HelloVerifyRequest; */ MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); - mbedtls_ssl_read_version( &major_ver, &minor_ver, ssl->conf->transport, p ); + tls_version = mbedtls_ssl_read_version( p, ssl->conf->transport ); p += 2; /* * Since the RFC is not clear on this point, accept DTLS 1.0 (TLS 1.1) - * even is lower than our min version. + * even if lower than our min version. */ - if( major_ver < MBEDTLS_SSL_MAJOR_VERSION_3 || - minor_ver < MBEDTLS_SSL_MINOR_VERSION_2 || - ( ( major_ver << 8 ) | minor_ver ) > ssl->conf->max_tls_version ) + if( tls_version < 0x0302 || /* TLSv1.1 */ + tls_version > ssl->conf->max_tls_version ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server version" ) ); @@ -1212,7 +1211,6 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) #endif int handshake_failure = 0; const mbedtls_ssl_ciphersuite_t *suite_info; - int major_ver, minor_ver; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); @@ -1297,10 +1295,8 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) */ buf += mbedtls_ssl_hs_hdr_len( ssl ); - MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf + 0, 2 ); - mbedtls_ssl_read_version( &major_ver, &minor_ver, - ssl->conf->transport, buf + 0 ); - ssl->tls_version = ( major_ver << 8 ) | minor_ver; + MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, version", buf, 2 ); + ssl->tls_version = mbedtls_ssl_read_version( buf, ssl->conf->transport ); ssl->session_negotiate->tls_version = ssl->tls_version; if( ssl->tls_version < ssl->conf->min_tls_version || @@ -1988,9 +1984,8 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl, * opaque random[46]; * } PreMasterSecret; */ - mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3, - ssl->conf->transport, p ); + mbedtls_ssl_write_version( p, ssl->conf->transport, + MBEDTLS_SSL_VERSION_TLS1_2 ); if( ( ret = ssl->conf->f_rng( ssl->conf->p_rng, p + 2, 46 ) ) != 0 ) { diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 3ce7fb20d0..49cda3ff90 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -1147,7 +1147,6 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) int handshake_failure = 0; const int *ciphersuites; const mbedtls_ssl_ciphersuite_t *ciphersuite_info; - int major, minor; /* If there is no signature-algorithm extension present, * we need to fall back to the default values for allowed @@ -1206,13 +1205,11 @@ read_record_header: MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, protocol version: [%d:%d]", buf[1], buf[2] ) ); - mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf + 1 ); - /* According to RFC 5246 Appendix E.1, the version here is typically * "{03,00}, the lowest version number supported by the client, [or] the * value of ClientHello.client_version", so the only meaningful check here * is the major version shouldn't be less than 3 */ - if( major < MBEDTLS_SSL_MAJOR_VERSION_3 ) + if( mbedtls_ssl_read_version( buf + 1, ssl->conf->transport ) < 0x0300 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); return( MBEDTLS_ERR_SSL_BAD_PROTOCOL_VERSION ); @@ -1405,8 +1402,7 @@ read_record_header: */ MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, version", buf, 2 ); - mbedtls_ssl_read_version( &major, &minor, ssl->conf->transport, buf ); - ssl->tls_version = ( major << 8 ) | minor; + ssl->tls_version = mbedtls_ssl_read_version( buf, ssl->conf->transport ); ssl->session_negotiate->tls_version = ssl->tls_version; if( ssl->tls_version != MBEDTLS_SSL_VERSION_TLS1_2 ) @@ -2354,8 +2350,7 @@ static int ssl_write_hello_verify_request( mbedtls_ssl_context *ssl ) /* The RFC is not clear on this point, but sending the actual negotiated * version looks like the most interoperable thing to do. */ - mbedtls_ssl_write_version( ssl->tls_version >> 8, ssl->tls_version & 0xFF, - ssl->conf->transport, p ); + mbedtls_ssl_write_version( p, ssl->conf->transport, ssl->tls_version ); MBEDTLS_SSL_DEBUG_BUF( 3, "server version", p, 2 ); p += 2; @@ -2494,8 +2489,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) buf = ssl->out_msg; p = buf + 4; - mbedtls_ssl_write_version( ssl->tls_version >> 8, ssl->tls_version & 0xFF, - ssl->conf->transport, p ); + mbedtls_ssl_write_version( p, ssl->conf->transport, ssl->tls_version ); p += 2; MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen version: [%d:%d]", @@ -3734,9 +3728,8 @@ static int ssl_parse_encrypted_pms( mbedtls_ssl_context *ssl, return( ret ); #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ - mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3, - ssl->conf->transport, ver ); + mbedtls_ssl_write_version( ver, ssl->conf->transport, + ssl->session_negotiate->tls_version ); /* Avoid data-dependent branches while checking for invalid * padding, to protect against timing-based Bleichenbacher-type diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index d7748b78ae..acb4865d6c 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -75,17 +75,15 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl, * They are defined by the configuration. * Currently, we advertise only TLS 1.3 or both TLS 1.3 and TLS 1.2. */ - mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_4, - MBEDTLS_SSL_TRANSPORT_STREAM, p ); + mbedtls_ssl_write_version( p, MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_VERSION_TLS1_3 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [3:4]" ) ); if( ssl->handshake->min_minor_ver <= MBEDTLS_SSL_MINOR_VERSION_3 ) { - mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_TRANSPORT_STREAM, p + 2 ); + mbedtls_ssl_write_version( p + 2, MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_VERSION_TLS1_2 ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "supported version: [3:3]" ) ); } @@ -101,8 +99,8 @@ static int ssl_tls13_parse_supported_versions_ext( mbedtls_ssl_context *ssl, ((void) ssl); MBEDTLS_SSL_CHK_BUF_READ_PTR( buf, end, 2 ); - if( buf[0] != MBEDTLS_SSL_MAJOR_VERSION_3 || - buf[1] != MBEDTLS_SSL_MINOR_VERSION_4 ) + if( mbedtls_ssl_read_version( buf, ssl->conf->transport ) != + MBEDTLS_SSL_VERSION_TLS1_3 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "unexpected version" ) ); @@ -1026,8 +1024,8 @@ static int ssl_tls13_parse_server_hello( mbedtls_ssl_context *ssl, * with ProtocolVersion defined as: * uint16 ProtocolVersion; */ - if( !( p[0] == MBEDTLS_SSL_MAJOR_VERSION_3 && - p[1] == MBEDTLS_SSL_MINOR_VERSION_3 ) ) + if( mbedtls_ssl_read_version( p, ssl->conf->transport ) != + MBEDTLS_SSL_VERSION_TLS1_2 ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "Unsupported version of TLS." ) ); MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_ALERT_MSG_PROTOCOL_VERSION, diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index d4fd9f1a97..cd6098682e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1132,10 +1132,10 @@ int main( int argc, char *argv[] ) { if( strcmp( q, "tls12" ) == 0 || strcmp( q, "dtls12" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) else if( strcmp( q, "tls13" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3; #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ else goto usage; @@ -1144,10 +1144,10 @@ int main( int argc, char *argv[] ) { if( strcmp( q, "tls12" ) == 0 || strcmp( q, "dtls12" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) else if( strcmp( q, "tls13" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3; #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ else goto usage; @@ -1165,20 +1165,20 @@ int main( int argc, char *argv[] ) { if( strcmp( q, "tls12" ) == 0 ) { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2; } else if( strcmp( q, "dtls12" ) == 0 ) { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } #if defined(MBEDTLS_SSL_PROTO_TLS1_3) else if( strcmp( q, "tls13" ) == 0 ) { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3; } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ else @@ -1372,14 +1372,14 @@ int main( int argc, char *argv[] ) mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); if( opt.max_version != -1 && - ( ciphersuite_info->min_tls_version & 0xFF ) > opt.max_version ) + ciphersuite_info->min_tls_version > opt.max_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; goto usage; } if( opt.min_version != -1 && - ( ciphersuite_info->max_tls_version & 0xFF ) < opt.min_version ) + ciphersuite_info->max_tls_version < opt.min_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; @@ -1389,17 +1389,17 @@ int main( int argc, char *argv[] ) /* If the server selects a version that's not supported by * this suite, then there will be no common ciphersuite... */ if( opt.max_version == -1 || - opt.max_version > ( ciphersuite_info->max_tls_version & 0xFF ) ) + opt.max_version > ciphersuite_info->max_tls_version ) { - opt.max_version = ( ciphersuite_info->max_tls_version & 0xFF ); + opt.max_version = ciphersuite_info->max_tls_version; } - if( opt.min_version < ( ciphersuite_info->min_tls_version & 0xFF ) ) + if( opt.min_version < ciphersuite_info->min_tls_version ) { - opt.min_version = ( ciphersuite_info->min_tls_version & 0xFF ); + opt.min_version = ciphersuite_info->min_tls_version; /* DTLS starts with TLS 1.2 */ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && - opt.min_version < MBEDTLS_SSL_MINOR_VERSION_3 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version < MBEDTLS_SSL_VERSION_TLS1_2 ) + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1410,7 +1410,7 @@ int main( int argc, char *argv[] ) * the ciphersuite in advance to set the correct policy for the * PSK key slot. This limitation might go away in the future. */ if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || - opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) + opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 ) { mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); ret = 2; @@ -1967,12 +1967,10 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */ if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.min_version ); + mbedtls_ssl_conf_min_tls_version( &conf, opt.min_version ); if( opt.max_version != DFL_MAX_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, - opt.max_version ); + mbedtls_ssl_conf_max_tls_version( &conf, opt.max_version ); if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) { diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 4409d1bf41..948d2e016e 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -1845,10 +1845,10 @@ int main( int argc, char *argv[] ) { if( strcmp( q, "tls12" ) == 0 || strcmp( q, "dtls12" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) else if( strcmp( q, "tls13" ) == 0 ) - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3; #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ else goto usage; @@ -1857,10 +1857,10 @@ int main( int argc, char *argv[] ) { if( strcmp( q, "tls12" ) == 0 || strcmp( q, "dtls12" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2; #if defined(MBEDTLS_SSL_PROTO_TLS1_3) else if( strcmp( q, "tls13" ) == 0 ) - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3; #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ else goto usage; @@ -1878,20 +1878,20 @@ int main( int argc, char *argv[] ) { if( strcmp( q, "tls12" ) == 0 ) { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2; } else if( strcmp( q, "dtls12" ) == 0 ) { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_2; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_2; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } #if defined(MBEDTLS_SSL_PROTO_TLS1_3) else if( strcmp( q, "tls13" ) == 0 ) { - opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; - opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.min_version = MBEDTLS_SSL_VERSION_TLS1_3; + opt.max_version = MBEDTLS_SSL_VERSION_TLS1_3; } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ else @@ -2164,14 +2164,14 @@ int main( int argc, char *argv[] ) mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); if( opt.max_version != -1 && - ( ciphersuite_info->min_tls_version & 0xFF ) > opt.max_version ) + ciphersuite_info->min_tls_version > opt.max_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; goto usage; } if( opt.min_version != -1 && - ( ciphersuite_info->max_tls_version & 0xFF ) < opt.min_version ) + ciphersuite_info->max_tls_version < opt.min_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; @@ -2181,13 +2181,13 @@ int main( int argc, char *argv[] ) /* If we select a version that's not supported by * this suite, then there will be no common ciphersuite... */ if( opt.max_version == -1 || - opt.max_version > ( ciphersuite_info->max_tls_version & 0xFF ) ) + opt.max_version > ciphersuite_info->max_tls_version ) { - opt.max_version = ( ciphersuite_info->max_tls_version & 0xFF ); + opt.max_version = ciphersuite_info->max_tls_version; } - if( opt.min_version < ( ciphersuite_info->min_tls_version & 0xFF ) ) + if( opt.min_version < ciphersuite_info->min_tls_version ) { - opt.min_version = ( ciphersuite_info->min_tls_version & 0xFF ); + opt.min_version = ciphersuite_info->min_tls_version; } #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -2198,7 +2198,7 @@ int main( int argc, char *argv[] ) * the ciphersuite in advance to set the correct policy for the * PSK key slot. This limitation might go away in the future. */ if( ciphersuite_info->key_exchange != MBEDTLS_KEY_EXCHANGE_PSK || - opt.min_version != MBEDTLS_SSL_MINOR_VERSION_3 ) + opt.min_version != MBEDTLS_SSL_VERSION_TLS1_2 ) { mbedtls_printf( "opaque PSKs are only supported in conjunction with forcing TLS 1.2 and a PSK-only ciphersuite through the 'force_ciphersuite' option.\n" ); ret = 2; @@ -3086,10 +3086,10 @@ int main( int argc, char *argv[] ) #endif if( opt.min_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_min_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.min_version ); + mbedtls_ssl_conf_min_tls_version( &conf, opt.min_version ); if( opt.max_version != DFL_MIN_VERSION ) - mbedtls_ssl_conf_max_version( &conf, MBEDTLS_SSL_MAJOR_VERSION_3, opt.max_version ); + mbedtls_ssl_conf_max_tls_version( &conf, opt.max_version ); if( ( ret = mbedtls_ssl_setup( &ssl, &conf ) ) != 0 ) { diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 2460deb75d..a4c56395cd 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -89,7 +89,7 @@ void init_handshake_options( handshake_test_options *opts ) opts->client_max_version = TEST_SSL_MINOR_VERSION_NONE; opts->server_min_version = TEST_SSL_MINOR_VERSION_NONE; opts->server_max_version = TEST_SSL_MINOR_VERSION_NONE; - opts->expected_negotiated_version = MBEDTLS_SSL_MINOR_VERSION_3; + opts->expected_negotiated_version = MBEDTLS_SSL_VERSION_TLS1_2; opts->pk_alg = MBEDTLS_PK_RSA; opts->psk_str = NULL; opts->dtls = 0; @@ -1868,7 +1868,7 @@ int check_ssl_version( int expected_negotiated_version, mbedtls_ssl_protocol_version version_number = mbedtls_ssl_get_version_number( ssl ); - TEST_EQUAL( ssl->tls_version, ( 0x0300 | expected_negotiated_version ) ); + TEST_EQUAL( ssl->tls_version, expected_negotiated_version ); if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) { @@ -1878,12 +1878,12 @@ int check_ssl_version( int expected_negotiated_version, switch( expected_negotiated_version ) { - case MBEDTLS_SSL_MINOR_VERSION_3: + case MBEDTLS_SSL_VERSION_TLS1_2: TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_TLS1_2 ); TEST_ASSERT( strcmp( version_string, "TLSv1.2" ) == 0 ); break; - case MBEDTLS_SSL_MINOR_VERSION_4: + case MBEDTLS_SSL_VERSION_TLS1_3: TEST_EQUAL( version_number, MBEDTLS_SSL_VERSION_TLS1_3 ); TEST_ASSERT( strcmp( version_string, "TLSv1.3" ) == 0 ); break; @@ -1952,13 +1952,13 @@ void perform_handshake( handshake_test_options* options ) if( options->client_min_version != TEST_SSL_MINOR_VERSION_NONE ) { - mbedtls_ssl_conf_min_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + mbedtls_ssl_conf_min_tls_version( &client.conf, options->client_min_version ); } if( options->client_max_version != TEST_SSL_MINOR_VERSION_NONE ) { - mbedtls_ssl_conf_max_version( &client.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + mbedtls_ssl_conf_max_tls_version( &client.conf, options->client_max_version ); } @@ -1999,13 +1999,13 @@ void perform_handshake( handshake_test_options* options ) if( options->server_min_version != TEST_SSL_MINOR_VERSION_NONE ) { - mbedtls_ssl_conf_min_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + mbedtls_ssl_conf_min_tls_version( &server.conf, options->server_min_version ); } if( options->server_max_version != TEST_SSL_MINOR_VERSION_NONE ) { - mbedtls_ssl_conf_max_version( &server.conf, MBEDTLS_SSL_MAJOR_VERSION_3, + mbedtls_ssl_conf_max_tls_version( &server.conf, options->server_max_version ); } @@ -3800,8 +3800,8 @@ void ssl_decrypt_non_etm_cbc( int cipher_type, int hash_id, int trunc_hmac, /* Prepare a dummy record header */ memset( rec.ctr, 0, sizeof( rec.ctr ) ); rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; - rec.ver[0] = MBEDTLS_SSL_MAJOR_VERSION_3; - rec.ver[1] = MBEDTLS_SSL_MINOR_VERSION_3; + mbedtls_ssl_write_version( rec.ver, MBEDTLS_SSL_TRANSPORT_STREAM, + MBEDTLS_SSL_VERSION_TLS1_2 ); #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID) rec.cid_len = 0; #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */ @@ -4461,10 +4461,9 @@ void ssl_tls13_record_protection( int ciphersuite, rec.type = MBEDTLS_SSL_MSG_APPLICATION_DATA; /* TLS 1.3 uses the version identifier from TLS 1.2 on the wire. */ - mbedtls_ssl_write_version( MBEDTLS_SSL_MAJOR_VERSION_3, - MBEDTLS_SSL_MINOR_VERSION_3, + mbedtls_ssl_write_version( rec.ver, MBEDTLS_SSL_TRANSPORT_STREAM, - rec.ver ); + MBEDTLS_SSL_VERSION_TLS1_2 ); /* Copy plaintext into record structure */ rec.buf = buf; @@ -4914,12 +4913,17 @@ void handshake_version( int dtls, int client_min_version, int client_max_version handshake_test_options options; init_handshake_options( &options ); - options.client_min_version = client_min_version; - options.client_max_version = client_max_version; - options.server_min_version = server_min_version; - options.server_max_version = server_max_version; + if ( client_min_version != TEST_SSL_MINOR_VERSION_NONE ) + options.client_min_version = 0x0300 | client_min_version; + if ( client_max_version != TEST_SSL_MINOR_VERSION_NONE ) + options.client_max_version = 0x0300 | client_max_version; + if ( server_min_version != TEST_SSL_MINOR_VERSION_NONE ) + options.server_min_version = 0x0300 | server_min_version; + if ( server_max_version != TEST_SSL_MINOR_VERSION_NONE ) + options.server_max_version = 0x0300 | server_max_version; - options.expected_negotiated_version = expected_negotiated_version; + if ( expected_negotiated_version != TEST_SSL_MINOR_VERSION_NONE ) + options.expected_negotiated_version = 0x0300 | expected_negotiated_version; options.dtls = dtls; perform_handshake( &options ); @@ -5442,11 +5446,11 @@ void conf_curve() mbedtls_ssl_config conf; mbedtls_ssl_config_init( &conf ); #if defined(MBEDTLS_SSL_PROTO_TLS1_2) - mbedtls_ssl_conf_max_version( &conf, 3, 3 ); - mbedtls_ssl_conf_min_version( &conf, 3, 3 ); + mbedtls_ssl_conf_max_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 ); + mbedtls_ssl_conf_min_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 ); #else - mbedtls_ssl_conf_max_version( &conf, 3, 4 ); - mbedtls_ssl_conf_min_version( &conf, 3, 4 ); + mbedtls_ssl_conf_max_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_3 ); + mbedtls_ssl_conf_min_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_3 ); #endif mbedtls_ssl_conf_curves( &conf, curve_list ); @@ -5478,8 +5482,8 @@ void conf_group() mbedtls_ssl_config conf; mbedtls_ssl_config_init( &conf ); - mbedtls_ssl_conf_max_version( &conf, 3, 3 ); - mbedtls_ssl_conf_min_version( &conf, 3, 3 ); + mbedtls_ssl_conf_max_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 ); + mbedtls_ssl_conf_min_tls_version( &conf, MBEDTLS_SSL_VERSION_TLS1_2 ); mbedtls_ssl_conf_groups( &conf, iana_tls_group_list );