mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-04 15:39:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix binder value security issue

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2022-08-20 19:21:15 +08:00
parent 24b8c813c4
commit e9d4fc09a3
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
library/ssl_tls13_server.c
View File

@ -100,8 +100,8 @@ static int ssl_tls13_parse_key_exchange_modes_ext( mbedtls_ssl_context *ssl,
return( 0 ); return( 0 );
} }
#define SSL_TLS1_3_OFFERED_PSK_NOT_MATCH 0 #define SSL_TLS1_3_OFFERED_PSK_NOT_MATCH 1
#define SSL_TLS1_3_OFFERED_PSK_MATCH 1 #define SSL_TLS1_3_OFFERED_PSK_MATCH 0
MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_offered_psks_check_identity_match( static int ssl_tls13_offered_psks_check_identity_match(
mbedtls_ssl_context *ssl, mbedtls_ssl_context *ssl,
@ -286,7 +286,6 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_CHK_BUF_READ_PTR( binder, binders_end, binder_len ); MBEDTLS_SSL_CHK_BUF_READ_PTR( binder, binders_end, binder_len );
p_binder_len += binder_len + 1; p_binder_len += binder_len + 1;
identity_id++; identity_id++;
if( matched_identity != -1 ) if( matched_identity != -1 )
continue; continue;
@ -298,8 +297,11 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
ret = ssl_tls13_offered_psks_check_binder_match( ret = ssl_tls13_offered_psks_check_binder_match(
ssl, binder, binder_len, &alg ); ssl, binder, binder_len, &alg );
if( ret < 0 ) /* For the security rationale, handshake should be abort when binder
* value mismatch. See RFC 8446 section 4.2.11.2 and appendix E.6. */
if( ret != SSL_TLS1_3_OFFERED_PSK_MATCH )
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "Binder is not matched." ) );
MBEDTLS_SSL_DEBUG_RET( 1, MBEDTLS_SSL_DEBUG_RET( 1,
"ssl_tls13_offered_psks_check_binder_match" , ret ); "ssl_tls13_offered_psks_check_binder_match" , ret );
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_PEND_FATAL_ALERT(
@ -308,9 +310,6 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
return( ret ); return( ret );
} }
if( ret != SSL_TLS1_3_OFFERED_PSK_MATCH )
continue;
matched_identity = identity_id; matched_identity = identity_id;
*psk_alg = alg; *psk_alg = alg;
} }
@ -329,7 +328,7 @@ static int ssl_tls13_parse_pre_shared_key_ext( mbedtls_ssl_context *ssl,
(size_t)( binders_end - identities_end ) ); (size_t)( binders_end - identities_end ) );
if( matched_identity == -1 ) if( matched_identity == -1 )
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "No matched pre shared key found" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "No matched PSK or ticket." ) );
return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY ); return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
} }
@ -1306,7 +1305,7 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl,
pre_shared_key_ext_start, pre_shared_key_ext_start,
pre_shared_key_ext_end, pre_shared_key_ext_end,
&psk_alg ); &psk_alg );
if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY) if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
{ {
ssl->handshake->extensions_present &= ~MBEDTLS_SSL_EXT_PRE_SHARED_KEY; ssl->handshake->extensions_present &= ~MBEDTLS_SSL_EXT_PRE_SHARED_KEY;
} }