From da0d169faeb26cc2169cde2fe20601a90f2b8864 Mon Sep 17 00:00:00 2001 From: Norbert Fabritius Date: Mon, 23 Jan 2023 15:24:59 +0100 Subject: [PATCH 01/23] Guard ticket specific TLS 1.3 function with macro Guard ssl_tls13_write_new_session_ticket_coordinate with MBEDTLS_SSL_SESSION_TICKETS macro. Signed-off-by: Norbert Fabritius --- library/ssl_tls13_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 2760d76a5d..c0d1f8d20f 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -3109,6 +3109,7 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl) return 0; } +#if defined(MBEDTLS_SSL_SESSION_TICKETS) /* * Handler for MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET */ @@ -3138,7 +3139,6 @@ static int ssl_tls13_write_new_session_ticket_coordinate(mbedtls_ssl_context *ss return SSL_NEW_SESSION_TICKET_WRITE; } -#if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_prepare_new_session_ticket(mbedtls_ssl_context *ssl, unsigned char *ticket_nonce, From 5e297b984db6c387857ed5dcae6be585f7b29826 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 25 Mar 2024 13:37:07 +0100 Subject: [PATCH 02/23] tls13: srv: Fix guards of _is_psk_(ephemeral_)available Signed-off-by: Ronald Cron --- library/ssl_tls13_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index c0d1f8d20f..20d724bb6b 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -172,12 +172,12 @@ static int ssl_tls13_parse_key_exchange_modes_ext(mbedtls_ssl_context *ssl, #define SSL_TLS1_3_PSK_IDENTITY_MATCH_BUT_PSK_NOT_USABLE 1 #define SSL_TLS1_3_PSK_IDENTITY_MATCH 0 -#if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_is_psk_available(mbedtls_ssl_context *ssl); MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_key_exchange_is_psk_ephemeral_available(mbedtls_ssl_context *ssl); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_offered_psks_check_identity_match_ticket( mbedtls_ssl_context *ssl, From b6ff6101d967ca1afc797fc3141b8c8d04f17d6b Mon Sep 17 00:00:00 2001 From: Norbert Fabritius Date: Tue, 24 Jan 2023 17:38:22 +0100 Subject: [PATCH 03/23] Unconditionally define session variable Signed-off-by: Norbert Fabritius --- library/ssl_tls13_server.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 20d724bb6b..6fe8caeca4 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -575,10 +575,8 @@ static int ssl_tls13_parse_pre_shared_key_ext( psa_algorithm_t psk_hash_alg; int allowed_key_exchange_modes; -#if defined(MBEDTLS_SSL_SESSION_TICKETS) mbedtls_ssl_session session; mbedtls_ssl_session_init(&session); -#endif MBEDTLS_SSL_CHK_BUF_READ_PTR(p_identity_len, identities_end, 2 + 1 + 4); identity_len = MBEDTLS_GET_UINT16_BE(p_identity_len, 0); From ba1de9fa4e12d614d03d49295b8f20ed8509c90d Mon Sep 17 00:00:00 2001 From: Norbert Fabritius Date: Tue, 24 Jan 2023 17:58:13 +0100 Subject: [PATCH 04/23] Enable ssl_tls13_get_ciphersuite_hash_alg only if macro is active Signed-off-by: Norbert Fabritius --- library/ssl_tls13_client.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c index 7fcc394319..162e3a3146 100644 --- a/library/ssl_tls13_client.c +++ b/library/ssl_tls13_client.c @@ -666,6 +666,7 @@ static int ssl_tls13_write_psk_key_exchange_modes_ext(mbedtls_ssl_context *ssl, return 0; } +#if defined(MBEDTLS_SSL_SESSION_TICKETS) static psa_algorithm_t ssl_tls13_get_ciphersuite_hash_alg(int ciphersuite) { const mbedtls_ssl_ciphersuite_t *ciphersuite_info = NULL; @@ -678,7 +679,6 @@ static psa_algorithm_t ssl_tls13_get_ciphersuite_hash_alg(int ciphersuite) return PSA_ALG_NONE; } -#if defined(MBEDTLS_SSL_SESSION_TICKETS) static int ssl_tls13_has_configured_ticket(mbedtls_ssl_context *ssl) { mbedtls_ssl_session *session = ssl->session_negotiate; From 93b2c32ece12f960a83a5bfe1462cd074c1c5359 Mon Sep 17 00:00:00 2001 From: Norbert Fabritius Date: Tue, 24 Jan 2023 17:48:29 +0100 Subject: [PATCH 05/23] Constify parameter of ssl_tls13_session_load Signed-off-by: Norbert Fabritius --- library/ssl_tls.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index c5e06491c1..931fdaf04a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4049,7 +4049,7 @@ static int ssl_tls13_session_save(const mbedtls_ssl_session *session, } static int ssl_tls13_session_load(const mbedtls_ssl_session *session, - unsigned char *buf, + const unsigned char *buf, size_t buf_len) { ((void) session); From 819636994e46a39d10c6ba5c58eaa3987605c00a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 26 Mar 2024 10:15:08 +0100 Subject: [PATCH 06/23] tests: ssl: Fix session field guards Signed-off-by: Ronald Cron --- tests/src/test_helpers/ssl_helpers.c | 40 +++++++++++++++++----------- tests/suites/test_suite_ssl.function | 26 +++++++++++------- 2 files changed, 41 insertions(+), 25 deletions(-) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 55201c0b78..d4d82f6ed7 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1791,30 +1791,33 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, session->endpoint = endpoint_type == MBEDTLS_SSL_IS_CLIENT ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER; session->ciphersuite = 0xabcd; + +#if defined(MBEDTLS_SSL_SESSION_TICKETS) session->ticket_age_add = 0x87654321; session->ticket_flags = 0x7; - session->resumption_key_len = 32; memset(session->resumption_key, 0x99, sizeof(session->resumption_key)); - -#if defined(MBEDTLS_SSL_EARLY_DATA) - session->max_early_data_size = 0x87654321; -#if defined(MBEDTLS_SSL_ALPN) && defined(MBEDTLS_SSL_SRV_C) - int ret = mbedtls_ssl_session_set_ticket_alpn(session, "ALPNExample"); - if (ret != 0) { - return -1; - } -#endif /* MBEDTLS_SSL_ALPN && MBEDTLS_SSL_SRV_C */ -#endif /* MBEDTLS_SSL_EARLY_DATA */ - -#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_SRV_C) - if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { - session->ticket_creation_time = mbedtls_ms_time() - 42; - } #endif +#if defined(MBEDTLS_SSL_SRV_C) + if (session->endpoint == MBEDTLS_SSL_IS_SERVER) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) + int ret = mbedtls_ssl_session_set_ticket_alpn(session, "ALPNExample"); + if (ret != 0) { + return -1; + } +#endif +#if defined(MBEDTLS_HAVE_TIME) + session->ticket_creation_time = mbedtls_ms_time() - 42; +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ + } +#endif /* MBEDTLS_SSL_SRV_C */ + #if defined(MBEDTLS_SSL_CLI_C) if (session->endpoint == MBEDTLS_SSL_IS_CLIENT) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_HAVE_TIME) session->ticket_reception_time = mbedtls_ms_time() - 40; #endif @@ -1828,9 +1831,14 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, } memset(session->ticket, 33, ticket_len); } +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ } #endif /* MBEDTLS_SSL_CLI_C */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + session->max_early_data_size = 0x87654321; +#endif /* MBEDTLS_SSL_EARLY_DATA */ + #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) session->record_size_limit = 2048; #endif diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 67d97e47ce..b41a2513f4 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2094,6 +2094,7 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { TEST_ASSERT(original.ciphersuite == restored.ciphersuite); +#if defined(MBEDTLS_SSL_SESSION_TICKETS) TEST_ASSERT(original.ticket_age_add == restored.ticket_age_add); TEST_ASSERT(original.ticket_flags == restored.ticket_flags); TEST_ASSERT(original.resumption_key_len == restored.resumption_key_len); @@ -2104,22 +2105,24 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, restored.resumption_key, original.resumption_key_len) == 0); } +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_EARLY_DATA) - TEST_ASSERT( - original.max_early_data_size == restored.max_early_data_size); -#if defined(MBEDTLS_SSL_ALPN) && defined(MBEDTLS_SSL_SRV_C) +#if defined(MBEDTLS_SSL_SRV_C) if (endpoint_type == MBEDTLS_SSL_IS_SERVER) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) +#if defined(MBEDTLS_SSL_EARLY_DATA) && defined(MBEDTLS_SSL_ALPN) TEST_ASSERT(original.ticket_alpn != NULL); TEST_ASSERT(restored.ticket_alpn != NULL); TEST_MEMORY_COMPARE(original.ticket_alpn, strlen(original.ticket_alpn), restored.ticket_alpn, strlen(restored.ticket_alpn)); +#endif +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ } -#endif -#endif +#endif /* MBEDTLS_SSL_SRV_C */ -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) +#if defined(MBEDTLS_SSL_CLI_C) if (endpoint_type == MBEDTLS_SSL_IS_CLIENT) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_HAVE_TIME) TEST_ASSERT(original.ticket_reception_time == restored.ticket_reception_time); #endif @@ -2132,12 +2135,17 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, restored.ticket, original.ticket_len) == 0); } - +#endif /* MBEDTLS_SSL_SESSION_TICKETS */ } -#endif +#endif /* MBEDTLS_SSL_CLI_C */ } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ +#if defined(MBEDTLS_SSL_EARLY_DATA) + TEST_ASSERT( + original.max_early_data_size == restored.max_early_data_size); +#endif + #if defined(MBEDTLS_SSL_RECORD_SIZE_LIMIT) TEST_ASSERT(original.record_size_limit == restored.record_size_limit); #endif From 1fb585492d271250ece4afc749bcc17d90b1d4a4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 27 Mar 2024 09:18:04 +0100 Subject: [PATCH 07/23] tests: ssl: Remove redundant test Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.function | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index b41a2513f4..b5367f59c0 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2093,7 +2093,6 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { - TEST_ASSERT(original.ciphersuite == restored.ciphersuite); #if defined(MBEDTLS_SSL_SESSION_TICKETS) TEST_ASSERT(original.ticket_age_add == restored.ticket_age_add); TEST_ASSERT(original.ticket_flags == restored.ticket_flags); From 346b81877d75b7629d11d183cde6483b49ceaa47 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Wed, 27 Mar 2024 09:30:13 +0100 Subject: [PATCH 08/23] tests: ssl: Add hostname checks in session serialization tests Signed-off-by: Ronald Cron --- tests/src/test_helpers/ssl_helpers.c | 8 ++++++++ tests/suites/test_suite_ssl.function | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index d4d82f6ed7..255849fdc2 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -1831,6 +1831,14 @@ int mbedtls_test_ssl_tls13_populate_session(mbedtls_ssl_session *session, } memset(session->ticket, 33, ticket_len); } +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + char hostname[] = "hostname example"; + session->hostname = mbedtls_calloc(1, sizeof(hostname)); + if (session->hostname == NULL) { + return -1; + } + memcpy(session->hostname, hostname, sizeof(hostname)); +#endif #endif /* MBEDTLS_SSL_SESSION_TICKETS */ } #endif /* MBEDTLS_SSL_CLI_C */ diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index b5367f59c0..840af7d2d9 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -2134,6 +2134,12 @@ void ssl_serialize_session_save_load(int ticket_len, char *crt_file, restored.ticket, original.ticket_len) == 0); } +#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) + TEST_ASSERT(original.hostname != NULL); + TEST_ASSERT(restored.hostname != NULL); + TEST_MEMORY_COMPARE(original.hostname, strlen(original.hostname), + restored.hostname, strlen(restored.hostname)); +#endif #endif /* MBEDTLS_SSL_SESSION_TICKETS */ } #endif /* MBEDTLS_SSL_CLI_C */ From 094f55333d38f4d3c94cd06a72cd46b41cd44bb3 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 26 Mar 2024 10:21:06 +0100 Subject: [PATCH 09/23] tests: ssl: Fix dependencies of TLS 1.3 session serialization tests Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index 734b945148..c4498ce14a 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -930,35 +930,35 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2 ssl_session_serialize_version_check:0:0:0:1:0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: session serialization: Wrong major version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:1:0:0:0:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: CLI: session serialization: Wrong minor version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:1:0:0:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: CLI: session serialization: Wrong patch version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:0:1:0:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: CLI: session serialization: Wrong config -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong major version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:1:0:0:0:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong minor version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:1:0:0:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong patch version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:0:1:0:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong config -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 Test Session id & Ciphersuite accessors TLS 1.2 @@ -2971,7 +2971,7 @@ depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_X509_USE_C:MBED ssl_serialize_session_save_load:1023:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: Session serialization, save-load: no ticket -depends_on:MBEDTLS_SSL_PROTO_TLS1_3 +depends_on:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_PROTO_TLS1_3 ssl_serialize_session_save_load:0:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: CLI: Session serialization, save-load: small ticket @@ -3091,7 +3091,7 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_ ssl_serialize_session_load_buf_size:1023:"data_files/server5.crt":0:MBEDTLS_SSL_VERSION_TLS1_2 TLS 1.3: CLI: Session serialization, load buffer size: no ticket -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_C ssl_serialize_session_load_buf_size:0:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: CLI: Session serialization, load buffer size: small ticket @@ -3103,7 +3103,7 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_CLI_ ssl_serialize_session_load_buf_size:1023:"":MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: Session serialization, load buffer size -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SESSION_TICKETS:MBEDTLS_SSL_SRV_C ssl_serialize_session_load_buf_size:0:"":MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 Test configuration of groups for DHE through mbedtls_ssl_conf_curves() From 06d9934b853534cf4d05499bf334a8b71534edbb Mon Sep 17 00:00:00 2001 From: Norbert Fabritius Date: Tue, 11 Apr 2023 15:40:05 +0200 Subject: [PATCH 10/23] all.sh: Add component testing default minus session tickets Signed-off-by: Norbert Fabritius Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index a1203f7726..7953b1cc48 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -6061,6 +6061,17 @@ component_test_tls13_no_compatibility_mode () { tests/ssl-opt.sh } +component_test_default_minus_session_tickets() { + msg "build: default config without session tickets" + scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS + CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . + make + msg "test: default config without session tickets" + make test + msg "ssl-opt.sh (default config without session tickets)" + tests/ssl-opt.sh +} + component_build_mingw () { msg "build: Windows cross build - mingw64, make (Link Library)" # ~ 30s make CC=i686-w64-mingw32-gcc AR=i686-w64-mingw32-ar LD=i686-w64-minggw32-ld CFLAGS='-Werror -Wall -Wextra -maes -msse2 -mpclmul' WINDOWS_BUILD=1 lib programs From c93fc8651701434bf291e3e672462179887fff50 Mon Sep 17 00:00:00 2001 From: Norbert Fabritius Date: Wed, 12 Apr 2023 09:50:30 +0200 Subject: [PATCH 11/23] ssl-opt.sh: Add missing MBEDTLS_SSL_SESSION_TICKETS dependencies Signed-off-by: Norbert Fabritius Signed-off-by: Jerry Yu Signed-off-by: Ronald Cron --- tests/opt-testcases/tls13-misc.sh | 3 ++ tests/ssl-opt.sh | 54 +++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 5e43921710..5c7be7feca 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -813,6 +813,7 @@ run_test "TLS 1.3 m->m: resumption, cli/tkt kex modes psk_all/psk_all" \ requires_openssl_tls1_3_with_compatible_ephemeral requires_all_configs_enabled MBEDTLS_SSL_CLI_C \ + MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ @@ -858,6 +859,7 @@ run_test "TLS 1.3 m->O: resumption with early data" \ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_CLI_C \ + MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ @@ -873,6 +875,7 @@ run_test "TLS 1.3 m->G: resumption" \ requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_CLI_C \ + MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_HAVE_TIME \ MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_any_configs_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED \ diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index a7c402004f..76be941422 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -3731,6 +3731,7 @@ run_test "CBC Record splitting: TLS 1.2, no splitting" \ # Tests for Session Tickets +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: basic" \ "$P_SRV debug_level=3 tickets=1" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3745,6 +3746,7 @@ run_test "Session resume using tickets: basic" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: manual rotation" \ "$P_SRV debug_level=3 tickets=1 ticket_rotate=1" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3759,6 +3761,7 @@ run_test "Session resume using tickets: manual rotation" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: cache disabled" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3773,6 +3776,7 @@ run_test "Session resume using tickets: cache disabled" \ -s "a session has been resumed" \ -c "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: timeout" \ "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1 reco_delay=2000" \ @@ -3787,6 +3791,7 @@ run_test "Session resume using tickets: timeout" \ -S "a session has been resumed" \ -C "a session has been resumed" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: session copy" \ "$P_SRV debug_level=3 tickets=1 cache_max=0" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1 reco_mode=0" \ @@ -3802,6 +3807,7 @@ run_test "Session resume using tickets: session copy" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: openssl server" \ "$O_SRV -tls1_2" \ "$P_CLI debug_level=3 tickets=1 reconnect=1" \ @@ -3812,6 +3818,7 @@ run_test "Session resume using tickets: openssl server" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: openssl client" \ "$P_SRV debug_level=3 tickets=1" \ "( $O_CLI -sess_out $SESSION; \ @@ -3825,6 +3832,7 @@ run_test "Session resume using tickets: openssl client" \ -s "a session has been resumed" requires_cipher_enabled "AES" "GCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: AES-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3840,6 +3848,7 @@ run_test "Session resume using tickets: AES-128-GCM" \ -c "a session has been resumed" requires_cipher_enabled "AES" "GCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: AES-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3855,6 +3864,7 @@ run_test "Session resume using tickets: AES-192-GCM" \ -c "a session has been resumed" requires_cipher_enabled "AES" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: AES-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3870,6 +3880,7 @@ run_test "Session resume using tickets: AES-128-CCM" \ -c "a session has been resumed" requires_cipher_enabled "AES" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: AES-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3885,6 +3896,7 @@ run_test "Session resume using tickets: AES-192-CCM" \ -c "a session has been resumed" requires_cipher_enabled "AES" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: AES-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3900,6 +3912,7 @@ run_test "Session resume using tickets: AES-256-CCM" \ -c "a session has been resumed" requires_cipher_enabled "CAMELLIA" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: CAMELLIA-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3915,6 +3928,7 @@ run_test "Session resume using tickets: CAMELLIA-128-CCM" \ -c "a session has been resumed" requires_cipher_enabled "CAMELLIA" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: CAMELLIA-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3930,6 +3944,7 @@ run_test "Session resume using tickets: CAMELLIA-192-CCM" \ -c "a session has been resumed" requires_cipher_enabled "CAMELLIA" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: CAMELLIA-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3945,6 +3960,7 @@ run_test "Session resume using tickets: CAMELLIA-256-CCM" \ -c "a session has been resumed" requires_cipher_enabled "ARIA" "GCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: ARIA-128-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3960,6 +3976,7 @@ run_test "Session resume using tickets: ARIA-128-GCM" \ -c "a session has been resumed" requires_cipher_enabled "ARIA" "GCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: ARIA-192-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3975,6 +3992,7 @@ run_test "Session resume using tickets: ARIA-192-GCM" \ -c "a session has been resumed" requires_cipher_enabled "ARIA" "GCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: ARIA-256-GCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -3990,6 +4008,7 @@ run_test "Session resume using tickets: ARIA-256-GCM" \ -c "a session has been resumed" requires_cipher_enabled "ARIA" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: ARIA-128-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4005,6 +4024,7 @@ run_test "Session resume using tickets: ARIA-128-CCM" \ -c "a session has been resumed" requires_cipher_enabled "ARIA" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: ARIA-192-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4020,6 +4040,7 @@ run_test "Session resume using tickets: ARIA-192-CCM" \ -c "a session has been resumed" requires_cipher_enabled "ARIA" "CCM" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: ARIA-256-CCM" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4035,6 +4056,7 @@ run_test "Session resume using tickets: ARIA-256-CCM" \ -c "a session has been resumed" requires_cipher_enabled "CHACHA20" +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets: CHACHA20-POLY1305" \ "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4052,6 +4074,7 @@ run_test "Session resume using tickets: CHACHA20-POLY1305" \ # Tests for Session Tickets with DTLS requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: basic" \ "$P_SRV debug_level=3 dtls=1 tickets=1" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \ @@ -4067,6 +4090,7 @@ run_test "Session resume using tickets, DTLS: basic" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: cache disabled" \ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \ @@ -4082,6 +4106,7 @@ run_test "Session resume using tickets, DTLS: cache disabled" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: timeout" \ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_delay=2000" \ @@ -4097,6 +4122,7 @@ run_test "Session resume using tickets, DTLS: timeout" \ -C "a session has been resumed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: session copy" \ "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_mode=0" \ @@ -4112,6 +4138,7 @@ run_test "Session resume using tickets, DTLS: session copy" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: openssl server" \ "$O_SRV -dtls" \ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ @@ -4125,6 +4152,7 @@ run_test "Session resume using tickets, DTLS: openssl server" \ # probability with OpenSSL 1.0.2g on the CI, see #5012. requires_openssl_next requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using tickets, DTLS: openssl client" \ "$P_SRV dtls=1 debug_level=3 tickets=1" \ "( $O_NEXT_CLI -dtls -sess_out $SESSION; \ @@ -4140,6 +4168,7 @@ run_test "Session resume using tickets, DTLS: openssl client" \ # Tests for Session Resume based on session-ID and cache requires_config_enabled MBEDTLS_SSL_CACHE_C +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using cache: tickets enabled on client" \ "$P_SRV debug_level=3 tickets=0" \ "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ @@ -4155,6 +4184,7 @@ run_test "Session resume using cache: tickets enabled on client" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_CACHE_C +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using cache: tickets enabled on server" \ "$P_SRV debug_level=3 tickets=1" \ "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ @@ -4246,6 +4276,7 @@ run_test "Session resume using cache: session copy" \ -c "a session has been resumed" requires_config_enabled MBEDTLS_SSL_CACHE_C +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using cache: openssl client" \ "$P_SRV force_version=tls12 debug_level=3 tickets=0" \ "( $O_CLI -sess_out $SESSION; \ @@ -4295,6 +4326,7 @@ run_test "Session resume and connection ID" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using cache, DTLS: tickets enabled on client" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \ @@ -4311,6 +4343,7 @@ run_test "Session resume using cache, DTLS: tickets enabled on client" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using cache, DTLS: tickets enabled on server" \ "$P_SRV dtls=1 debug_level=3 tickets=1" \ "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ @@ -4396,6 +4429,7 @@ run_test "Session resume using cache, DTLS: session copy" \ requires_openssl_next requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_CACHE_C +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Session resume using cache, DTLS: openssl client" \ "$P_SRV dtls=1 debug_level=3 tickets=0" \ "( $O_NEXT_CLI -dtls -sess_out $SESSION; \ @@ -6656,6 +6690,7 @@ run_test "Non-blocking I/O: client auth" \ -c "Read from server: .* bytes read" requires_key_exchange_with_cert_in_tls12_or_tls13_enabled +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Non-blocking I/O: ticket" \ "$P_SRV nbio=2 tickets=1 auth_mode=none" \ "$P_CLI nbio=2 tickets=1" \ @@ -6665,6 +6700,7 @@ run_test "Non-blocking I/O: ticket" \ -c "Read from server: .* bytes read" requires_key_exchange_with_cert_in_tls12_or_tls13_enabled +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Non-blocking I/O: ticket + client auth" \ "$P_SRV nbio=2 tickets=1 auth_mode=required" \ "$P_CLI nbio=2 tickets=1" \ @@ -6674,6 +6710,7 @@ run_test "Non-blocking I/O: ticket + client auth" \ -c "Read from server: .* bytes read" requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Non-blocking I/O: TLS 1.2 + ticket + client auth + resume" \ "$P_SRV nbio=2 tickets=1 auth_mode=required" \ "$P_CLI force_version=tls12 nbio=2 tickets=1 reconnect=1" \ @@ -6685,6 +6722,7 @@ run_test "Non-blocking I/O: TLS 1.2 + ticket + client auth + resume" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Non-blocking I/O: TLS 1.3 + ticket + client auth + resume" \ "$P_SRV nbio=2 tickets=1 auth_mode=required" \ "$P_CLI nbio=2 tickets=1 reconnect=1" \ @@ -6694,6 +6732,7 @@ run_test "Non-blocking I/O: TLS 1.3 + ticket + client auth + resume" \ -c "Read from server: .* bytes read" requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Non-blocking I/O: TLS 1.2 + ticket + resume" \ "$P_SRV nbio=2 tickets=1 auth_mode=none" \ "$P_CLI force_version=tls12 nbio=2 tickets=1 reconnect=1" \ @@ -6705,6 +6744,7 @@ run_test "Non-blocking I/O: TLS 1.2 + ticket + resume" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Non-blocking I/O: TLS 1.3 + ticket + resume" \ "$P_SRV nbio=2 tickets=1 auth_mode=none" \ "$P_CLI nbio=2 tickets=1 reconnect=1" \ @@ -6743,6 +6783,7 @@ run_test "Event-driven I/O: client auth" \ -c "Read from server: .* bytes read" requires_key_exchange_with_cert_in_tls12_or_tls13_enabled +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O: ticket" \ "$P_SRV event=1 tickets=1 auth_mode=none" \ "$P_CLI event=1 tickets=1" \ @@ -6752,6 +6793,7 @@ run_test "Event-driven I/O: ticket" \ -c "Read from server: .* bytes read" requires_key_exchange_with_cert_in_tls12_or_tls13_enabled +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O: ticket + client auth" \ "$P_SRV event=1 tickets=1 auth_mode=required" \ "$P_CLI event=1 tickets=1" \ @@ -6761,6 +6803,7 @@ run_test "Event-driven I/O: ticket + client auth" \ -c "Read from server: .* bytes read" requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O: TLS 1.2 + ticket + client auth + resume" \ "$P_SRV event=1 tickets=1 auth_mode=required" \ "$P_CLI force_version=tls12 event=1 tickets=1 reconnect=1" \ @@ -6772,6 +6815,7 @@ run_test "Event-driven I/O: TLS 1.2 + ticket + client auth + resume" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O: TLS 1.3 + ticket + client auth + resume" \ "$P_SRV event=1 tickets=1 auth_mode=required" \ "$P_CLI event=1 tickets=1 reconnect=1" \ @@ -6781,6 +6825,7 @@ run_test "Event-driven I/O: TLS 1.3 + ticket + client auth + resume" \ -c "Read from server: .* bytes read" requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O: TLS 1.2 + ticket + resume" \ "$P_SRV event=1 tickets=1 auth_mode=none" \ "$P_CLI force_version=tls12 event=1 tickets=1 reconnect=1" \ @@ -6792,6 +6837,7 @@ run_test "Event-driven I/O: TLS 1.2 + ticket + resume" \ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O: TLS 1.3 + ticket + resume" \ "$P_SRV event=1 tickets=1 auth_mode=none" \ "$P_CLI event=1 tickets=1 reconnect=1" \ @@ -6824,6 +6870,7 @@ run_test "Event-driven I/O, DTLS: client auth" \ -c "Read from server: .* bytes read" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O, DTLS: ticket" \ "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ "$P_CLI dtls=1 event=1 tickets=1" \ @@ -6831,6 +6878,7 @@ run_test "Event-driven I/O, DTLS: ticket" \ -c "Read from server: .* bytes read" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O, DTLS: ticket + client auth" \ "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ "$P_CLI dtls=1 event=1 tickets=1" \ @@ -6838,6 +6886,7 @@ run_test "Event-driven I/O, DTLS: ticket + client auth" \ -c "Read from server: .* bytes read" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \ "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \ @@ -6845,6 +6894,7 @@ run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \ -c "Read from server: .* bytes read" requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "Event-driven I/O, DTLS: ticket + resume" \ "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \ @@ -11797,6 +11847,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ requires_certificate_authentication requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ -p "$P_PXY delay_srv=NewSessionTicket" \ "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ @@ -11917,6 +11968,7 @@ run_test "DTLS proxy: 3d, FS, client auth" \ client_needs_more_time 2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "DTLS proxy: 3d, FS, ticket" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \ @@ -11927,6 +11979,7 @@ run_test "DTLS proxy: 3d, FS, ticket" \ client_needs_more_time 2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \ @@ -11937,6 +11990,7 @@ run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ client_needs_more_time 2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS run_test "DTLS proxy: 3d, max handshake, nbio" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \ From 6071f611f6faed050ba09d3fabc59e12d0c47cb2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 25 Mar 2024 13:42:07 +0100 Subject: [PATCH 12/23] tls13: cli: Ignore tickets if not supported If a TLS 1.3 client receives a ticket and the feature is not enabled, ignore it. Signed-off-by: Ronald Cron --- library/ssl_msg.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index b07cd96f1b..a9b94e6f0a 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5570,25 +5570,19 @@ static int ssl_check_ctr_renegotiate(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_PROTO_TLS1_3) -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) +#if defined(MBEDTLS_SSL_CLI_C) MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_check_new_session_ticket(mbedtls_ssl_context *ssl) { if ((ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl)) || (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET)) { - return 0; + return -1; } - ssl->keep_current_message = 1; - - MBEDTLS_SSL_DEBUG_MSG(3, ("NewSessionTicket received")); - mbedtls_ssl_handshake_set_state(ssl, - MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); - - return MBEDTLS_ERR_SSL_WANT_READ; + return 0; } -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_CLI_C */ MBEDTLS_CHECK_RETURN_CRITICAL static int ssl_tls13_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) @@ -5596,14 +5590,24 @@ static int ssl_tls13_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) MBEDTLS_SSL_DEBUG_MSG(3, ("received post-handshake message")); -#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) +#if defined(MBEDTLS_SSL_CLI_C) if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { int ret = ssl_tls13_check_new_session_ticket(ssl); - if (ret != 0) { - return ret; + if (ret == 0) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) + MBEDTLS_SSL_DEBUG_MSG(3, ("NewSessionTicket received")); + ssl->keep_current_message = 1; + + mbedtls_ssl_handshake_set_state(ssl, + MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET); + return MBEDTLS_ERR_SSL_WANT_READ; +#else + MBEDTLS_SSL_DEBUG_MSG(3, ("Ignore NewSessionTicket, not supported.")); + return 0; +#endif } } -#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ +#endif /* MBEDTLS_SSL_CLI_C */ /* Fail in all other cases. */ return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE; From 54a9b11bb5d1fe1127dd2f3178877e44591efa51 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 26 Mar 2024 11:17:10 +0100 Subject: [PATCH 13/23] ssl-opt.sh: Add tests where tickets are ignored Add tests where we explicitely check that tickets are ignored on client side when the support is not enabled. Signed-off-by: Ronald Cron --- tests/opt-testcases/tls13-misc.sh | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/opt-testcases/tls13-misc.sh b/tests/opt-testcases/tls13-misc.sh index 5c7be7feca..10bbf19d74 100755 --- a/tests/opt-testcases/tls13-misc.sh +++ b/tests/opt-testcases/tls13-misc.sh @@ -827,6 +827,20 @@ run_test "TLS 1.3 m->O: resumption" \ -c "Reconnecting with saved session... ok" \ -c "HTTP/1.0 200 ok" +requires_openssl_tls1_3_with_compatible_ephemeral +requires_all_configs_enabled MBEDTLS_SSL_CLI_C \ + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_disabled MBEDTLS_SSL_SESSION_TICKETS +run_test "TLS 1.3 m->O: resumption fails, no ticket support" \ + "$O_NEXT_SRV -msg -tls1_3 -no_resume_ephemeral -no_cache --num_tickets 1" \ + "$P_CLI debug_level=3 reco_mode=1 reconnect=1" \ + 1 \ + -c "Protocol is TLSv1.3" \ + -C "Saving session for reuse... ok" \ + -C "Reconnecting with saved session... ok" \ + -c "Ignore NewSessionTicket, not supported." + # No early data m->O tests for the time being. The option -early_data is needed # to enable early data on OpenSSL server and it is not compatible with the # -www option we usually use for testing with OpenSSL server (see @@ -873,6 +887,20 @@ run_test "TLS 1.3 m->G: resumption" \ -c "Reconnecting with saved session... ok" \ -c "HTTP/1.0 200 OK" +requires_gnutls_tls1_3 +requires_all_configs_enabled MBEDTLS_SSL_CLI_C \ + MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \ + MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED +requires_config_disabled MBEDTLS_SSL_SESSION_TICKETS +run_test "TLS 1.3 m->G: resumption fails, no ticket support" \ + "$G_NEXT_SRV -d 5 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 --disable-client-cert" \ + "$P_CLI debug_level=3 reco_mode=1 reconnect=1" \ + 1 \ + -c "Protocol is TLSv1.3" \ + -C "Saving session for reuse... ok" \ + -C "Reconnecting with saved session... ok" \ + -c "Ignore NewSessionTicket, not supported." + requires_gnutls_tls1_3 requires_all_configs_enabled MBEDTLS_SSL_CLI_C \ MBEDTLS_SSL_SESSION_TICKETS MBEDTLS_HAVE_TIME \ From f02af2d1c50a9a900172fc2a0163293f5c8bd78e Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 2 Apr 2024 12:25:56 +0200 Subject: [PATCH 14/23] tests: ssl: Fix dependencies of SRV TLS 1.3 session serialization tests Signed-off-by: Ronald Cron --- tests/suites/test_suite_ssl.data | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/suites/test_suite_ssl.data b/tests/suites/test_suite_ssl.data index c4498ce14a..d6bf16a673 100644 --- a/tests/suites/test_suite_ssl.data +++ b/tests/suites/test_suite_ssl.data @@ -946,19 +946,19 @@ depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKET ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong major version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:1:0:0:0:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong minor version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:1:0:0:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong patch version -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:0:1:0:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 TLS 1.3: SRV: session serialization: Wrong config -depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_CLI_C:MBEDTLS_SSL_SESSION_TICKETS +depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C:MBEDTLS_SSL_SESSION_TICKETS ssl_session_serialize_version_check:0:0:0:1:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 Test Session id & Ciphersuite accessors TLS 1.2 From 6a8e4eb8d132d260c694b29d121782ce11552b70 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 2 Apr 2024 12:34:24 +0200 Subject: [PATCH 15/23] all.sh: Use full instead of default as the base for the new component Signed-off-by: Ronald Cron --- tests/scripts/all.sh | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index 7953b1cc48..3aabec41d4 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -6061,14 +6061,16 @@ component_test_tls13_no_compatibility_mode () { tests/ssl-opt.sh } -component_test_default_minus_session_tickets() { - msg "build: default config without session tickets" +component_test_full_minus_session_tickets() { + msg "build: full config without session tickets" + scripts/config.py full scripts/config.py unset MBEDTLS_SSL_SESSION_TICKETS + scripts/config.py unset MBEDTLS_SSL_EARLY_DATA CC=gcc cmake -D CMAKE_BUILD_TYPE:String=Asan . make - msg "test: default config without session tickets" + msg "test: full config without session tickets" make test - msg "ssl-opt.sh (default config without session tickets)" + msg "ssl-opt.sh (full config without session tickets)" tests/ssl-opt.sh } From 698c8e902e9ad3a2fe03b364782eeae46e970a25 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 2 Apr 2024 13:19:57 +0200 Subject: [PATCH 16/23] ssl_msg.c: Rename _check_new_session_ticket to _is_new_session_ticket Signed-off-by: Ronald Cron --- library/ssl_msg.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/library/ssl_msg.c b/library/ssl_msg.c index a9b94e6f0a..2bdad848a9 100644 --- a/library/ssl_msg.c +++ b/library/ssl_msg.c @@ -5572,15 +5572,15 @@ static int ssl_check_ctr_renegotiate(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_CLI_C) MBEDTLS_CHECK_RETURN_CRITICAL -static int ssl_tls13_check_new_session_ticket(mbedtls_ssl_context *ssl) +static int ssl_tls13_is_new_session_ticket(mbedtls_ssl_context *ssl) { if ((ssl->in_hslen == mbedtls_ssl_hs_hdr_len(ssl)) || (ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET)) { - return -1; + return 0; } - return 0; + return 1; } #endif /* MBEDTLS_SSL_CLI_C */ @@ -5592,8 +5592,7 @@ static int ssl_tls13_handle_hs_message_post_handshake(mbedtls_ssl_context *ssl) #if defined(MBEDTLS_SSL_CLI_C) if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) { - int ret = ssl_tls13_check_new_session_ticket(ssl); - if (ret == 0) { + if (ssl_tls13_is_new_session_ticket(ssl)) { #if defined(MBEDTLS_SSL_SESSION_TICKETS) MBEDTLS_SSL_DEBUG_MSG(3, ("NewSessionTicket received")); ssl->keep_current_message = 1; From 48e29a12716f233fa65db689a55c2aa2a263ec96 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 09:53:07 +0200 Subject: [PATCH 17/23] tls: Fix doc of mbedtls_ssl_session_save() Fix documentation of mbedtls_ssl_session_save() regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS in TLS 1.3 session case. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 172d4693b2..f788208101 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3309,8 +3309,16 @@ int mbedtls_ssl_session_load(mbedtls_ssl_session *session, * to determine the necessary size by calling this function * with \p buf set to \c NULL and \p buf_len to \c 0. * + * \note For TLS 1.3 sessions, this feature is supported only if the + * MBEDTLS_SSL_SESSION_TICKETS configuration option is enabled, + * as in TLS 1.3 session resumption is possible only with + * tickets. + * * \return \c 0 if successful. * \return #MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL if \p buf is too small. + * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the + * MBEDTLS_SSL_SESSION_TICKETS configuration option is disabled + * and the session is a TLS 1.3 session. */ int mbedtls_ssl_session_save(const mbedtls_ssl_session *session, unsigned char *buf, From de4183f5806098725ec72649b32d7e1def2415a8 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 15:30:55 +0200 Subject: [PATCH 18/23] tls13: Fix doc of mbedtls_ssl_session_get() - 1 The API has eventually not been changed to return multiple tickets through multiple subsequent call to it. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 15 ++------------- 1 file changed, 2 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f788208101..4064ab28c5 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -4845,23 +4845,12 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl * \note This function can handle a variety of mechanisms for session * resumption: For TLS 1.2, both session ID-based resumption and * ticket-based resumption will be considered. For TLS 1.3, - * once implemented, sessions equate to tickets, and calling - * this function multiple times will export the available - * tickets one a time until no further tickets are available, - * in which case MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE will - * be returned. - * - * \note Calling this function multiple times will only be useful - * once TLS 1.3 is supported. For TLS 1.2 connections, this - * function should be called at most once. + * sessions equate to tickets, and this function exports the + * last received ticket. * * \return \c 0 if successful. In this case, \p session can be used for * session resumption by passing it to mbedtls_ssl_set_session(), * and serialized for storage via mbedtls_ssl_session_save(). - * \return #MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if no further session - * is available for export. - * This error is a non-fatal, and has no observable effect on - * the SSL context or the destination session. * \return Another negative error code on other kinds of failure. * * \sa mbedtls_ssl_set_session() From e221f67f158f5248437f3419f09363c345fa1d2d Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 15:34:22 +0200 Subject: [PATCH 19/23] tls13: Fix doc of mbedtls_ssl_session_get() - 2 Fix documentation of mbedtls_ssl_session_get() regarding its interaction with session ticket enablement. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 4064ab28c5..02737cb13d 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -4845,8 +4845,12 @@ const mbedtls_x509_crt *mbedtls_ssl_get_peer_cert(const mbedtls_ssl_context *ssl * \note This function can handle a variety of mechanisms for session * resumption: For TLS 1.2, both session ID-based resumption and * ticket-based resumption will be considered. For TLS 1.3, - * sessions equate to tickets, and this function exports the - * last received ticket. + * sessions equate to tickets, and if session tickets are + * enabled (see #MBEDTLS_SSL_SESSION_TICKETS configuration + * option), this function exports the last received ticket and + * the exported session may be used to resume the TLS 1.3 + * session. If session tickets are disabled, exported sessions + * cannot be used to resume a TLS 1.3 session. * * \return \c 0 if successful. In this case, \p session can be used for * session resumption by passing it to mbedtls_ssl_set_session(), From 7fb4343ee966839e4d596ed297b56db53d73f15a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 10:34:21 +0200 Subject: [PATCH 20/23] tls13: Fix doc of mbedtls_ssl_session_set() - 1 It was eventually decided to not support multiple tickets in TLS 1.3 ClientHello messages thus removing the parts in mbedtls_ssl_session_set() documentation that were anticipating that. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 02737cb13d..11e447ba82 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3216,16 +3216,11 @@ void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, * a full handshake. * * \note This function can handle a variety of mechanisms for session - * resumption: For TLS 1.2, both session ID-based resumption and - * ticket-based resumption will be considered. For TLS 1.3, - * once implemented, sessions equate to tickets, and loading - * one or more sessions via this call will lead to their - * corresponding tickets being advertised as resumption PSKs - * by the client. - * - * \note Calling this function multiple times will only be useful - * once TLS 1.3 is supported. For TLS 1.2 connections, this - * function should be called at most once. + * resumption: For TLS 1.2, both session ID-based resumption + * and ticket-based resumption will be considered. For TLS 1.3, + * sessions equate to tickets, and loading one session by + * calling this function will lead to its corresponding ticket + * being advertised as resumption PSK by the client. * * \param ssl The SSL context representing the connection which should * be attempted to be setup using session resumption. This @@ -3240,9 +3235,10 @@ void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, * * \return \c 0 if successful. * \return \c MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE if the session - * could not be loaded because of an implementation limitation. - * This error is non-fatal, and has no observable effect on - * the SSL context or the session that was attempted to be loaded. + * could not be loaded because one session has already been + * loaded. This error is non-fatal, and has no observable + * effect on the SSL context or the session that was attempted + * to be loaded. * \return Another negative error code on other kinds of failure. * * \sa mbedtls_ssl_get_session() From fccfa69de88223379a25d1ef6be4d23845074664 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 13:40:11 +0200 Subject: [PATCH 21/23] tls13: Fix doc of mbedtls_ssl_session_set() - 2 Fix documentation of mbedtls_ssl_session_set() regarding its dependency on MBEDTLS_SSL_SESSION_TICKETS in TLS 1.3 case. Signed-off-by: Ronald Cron --- include/mbedtls/ssl.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 11e447ba82..ca130a3fbd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3220,7 +3220,12 @@ void mbedtls_ssl_conf_session_cache(mbedtls_ssl_config *conf, * and ticket-based resumption will be considered. For TLS 1.3, * sessions equate to tickets, and loading one session by * calling this function will lead to its corresponding ticket - * being advertised as resumption PSK by the client. + * being advertised as resumption PSK by the client. This + * depends on session tickets being enabled (see + * #MBEDTLS_SSL_SESSION_TICKETS configuration option) though. + * If session tickets are disabled, a call to this function + * with a TLS 1.3 session, will not have any effect on the next + * handshake for the SSL context \p ssl. * * \param ssl The SSL context representing the connection which should * be attempted to be setup using session resumption. This From 8d63084bd11279e35ead5d870112e99840f051c7 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 14:05:21 +0200 Subject: [PATCH 22/23] tls13: Do not initiate at all resumption if tickets not supported Signed-off-by: Ronald Cron --- library/ssl_tls.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 931fdaf04a..c2c2b6f795 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -1760,6 +1760,7 @@ int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session #if defined(MBEDTLS_SSL_PROTO_TLS1_3) if (session->tls_version == MBEDTLS_SSL_VERSION_TLS1_3) { +#if defined(MBEDTLS_SSL_SESSION_TICKETS) const mbedtls_ssl_ciphersuite_t *ciphersuite_info = mbedtls_ssl_ciphersuite_from_id(session->ciphersuite); @@ -1770,6 +1771,14 @@ int mbedtls_ssl_set_session(mbedtls_ssl_context *ssl, const mbedtls_ssl_session session->ciphersuite)); return MBEDTLS_ERR_SSL_BAD_INPUT_DATA; } +#else + /* + * If session tickets are not enabled, it is not possible to resume a + * TLS 1.3 session, thus do not make any change to the SSL context in + * the first place. + */ + return 0; +#endif } #endif /* MBEDTLS_SSL_PROTO_TLS1_3 */ From 05c1ba22f0dadab4a39a8919e339af8ddc2cec5a Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 4 Apr 2024 14:49:09 +0200 Subject: [PATCH 23/23] Add change log Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-without-tickets.txt | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 ChangeLog.d/tls13-without-tickets.txt diff --git a/ChangeLog.d/tls13-without-tickets.txt b/ChangeLog.d/tls13-without-tickets.txt new file mode 100644 index 0000000000..8ceef21ee5 --- /dev/null +++ b/ChangeLog.d/tls13-without-tickets.txt @@ -0,0 +1,3 @@ +Bugfix + * Fix TLS 1.3 client build and runtime when support for session tickets is + disabled (MBEDTLS_SSL_SESSION_TICKETS configuration option). Fixes #6395.