mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:55:39 +01:00
Merged ECDSA-based key-exchange and ciphersuites into development
Conflicts: include/polarssl/config.h library/ssl_cli.c library/ssl_srv.c library/ssl_tls.c
This commit is contained in:
commit
577e006c2f
@ -363,6 +363,28 @@
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
|
||||
/**
|
||||
* \def POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
*
|
||||
* Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS
|
||||
*
|
||||
* Requires: POLARSSL_ECDH_C, POLARSSL_ECDSA_C, POLARSSL_X509_PARSE_C
|
||||
*
|
||||
* This enables the following ciphersuites (if other requisites are
|
||||
* enabled as well):
|
||||
* TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
* TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
* TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
*/
|
||||
#define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
|
||||
|
||||
/**
|
||||
* \def POLARSSL_ERROR_STRERROR_BC
|
||||
*
|
||||
@ -1128,6 +1150,21 @@
|
||||
*/
|
||||
#define POLARSSL_PEM_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PK_C
|
||||
*
|
||||
* Enable the generic public (asymetric) key layer.
|
||||
*
|
||||
* Module: library/pk.c
|
||||
* Caller: library/x509parse.c
|
||||
* library/ssl_tls.c
|
||||
* library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
*
|
||||
* Uncomment to enable generic public key wrappers.
|
||||
*/
|
||||
#define POLARSSL_PK_C
|
||||
|
||||
/**
|
||||
* \def POLARSSL_PKCS5_C
|
||||
*
|
||||
@ -1146,11 +1183,10 @@
|
||||
*
|
||||
* Enable wrapper for PKCS#11 smartcard support.
|
||||
*
|
||||
* Module: library/ssl_srv.c
|
||||
* Caller: library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
* Module: library/pkcs11.c
|
||||
* Caller: library/pk.c
|
||||
*
|
||||
* Requires: POLARSSL_SSL_TLS_C
|
||||
* Requires: POLARSSL_PK_C
|
||||
*
|
||||
* This module enables SSL/TLS PKCS #11 smartcard support.
|
||||
* Requires the presence of the PKCS#11 helper library (libpkcs11-helper)
|
||||
@ -1283,8 +1319,8 @@
|
||||
* Caller: library/ssl_cli.c
|
||||
* library/ssl_srv.c
|
||||
*
|
||||
* Requires: POLARSSL_CIPHER_C and at least one of the
|
||||
* POLARSSL_SSL_PROTO_* defines
|
||||
* Requires: POLARSSL_CIPHER_C, POLARSSL_PK_C, POLARSSL_MD_C
|
||||
* and at least one of the POLARSSL_SSL_PROTO_* defines
|
||||
*
|
||||
* This module is required for SSL/TLS.
|
||||
*/
|
||||
@ -1324,7 +1360,7 @@
|
||||
* library/ssl_tls.c
|
||||
*
|
||||
* Requires: POLARSSL_ASN1_PARSE_C, POLARSSL_BIGNUM_C, POLARSSL_OID_C,
|
||||
* POLARSSL_RSA_C
|
||||
* POLARSSL_PK_C
|
||||
*
|
||||
* This module is required for X.509 certificate parsing.
|
||||
*/
|
||||
@ -1477,6 +1513,12 @@
|
||||
#error "POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
|
||||
( !defined(POLARSSL_ECDH_C) || !defined(POLARSSL_ECDSA_C) || \
|
||||
!defined(POLARSSL_X509_PARSE_C) )
|
||||
#error "POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) && \
|
||||
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_X509_PARSE_C) )
|
||||
#error "POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED defined, but not all prerequisites"
|
||||
@ -1499,7 +1541,7 @@
|
||||
#error "POLARSSL_PEM_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_SSL_TLS_C)
|
||||
#if defined(POLARSSL_PKCS11_C) && !defined(POLARSSL_PK_C)
|
||||
#error "POLARSSL_PKCS11_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
@ -1512,7 +1554,8 @@
|
||||
#error "POLARSSL_SSL_CLI_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SSL_TLS_C) && !defined(POLARSSL_CIPHER_C)
|
||||
#if defined(POLARSSL_SSL_TLS_C) && ( !defined(POLARSSL_CIPHER_C) || \
|
||||
!defined(POLARSSL_PK_C) || !defined(POLARSSL_MD_C) )
|
||||
#error "POLARSSL_SSL_TLS_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
@ -1549,7 +1592,7 @@
|
||||
|
||||
#if defined(POLARSSL_X509_PARSE_C) && ( !defined(POLARSSL_BIGNUM_C) || \
|
||||
!defined(POLARSSL_OID_C) || !defined(POLARSSL_ASN1_PARSE_C) || \
|
||||
!defined(POLARSSL_RSA_C) )
|
||||
!defined(POLARSSL_PK_C) )
|
||||
#error "POLARSSL_X509_PARSE_C defined, but not all prerequisites"
|
||||
#endif
|
||||
|
||||
|
@ -34,8 +34,9 @@
|
||||
*/
|
||||
#define POLARSSL_ERR_ECP_BAD_INPUT_DATA -0x4F80 /**< Bad input parameters to function. */
|
||||
#define POLARSSL_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 /**< The buffer is too small to write to. */
|
||||
#define POLARSSL_ERR_ECP_GENERIC -0x4E80 /**< Generic ECP error */
|
||||
#define POLARSSL_ERR_ECP_GENERIC -0x4E80 /**< Generic ECP error. */
|
||||
#define POLARSSL_ERR_ECP_FEATURE_UNAVAILABLE -0x4E00 /**< Requested curve not available. */
|
||||
#define POLARSSL_ERR_ECP_VERIFY_FAILED -0x4E00 /**< The signature is not valid. */
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
|
@ -82,6 +82,7 @@ typedef enum {
|
||||
POLARSSL_PK_ECKEY,
|
||||
POLARSSL_PK_ECKEY_DH,
|
||||
POLARSSL_PK_ECDSA,
|
||||
POLARSSL_PK_RSA_ALT,
|
||||
} pk_type_t;
|
||||
|
||||
/**
|
||||
@ -129,6 +130,25 @@ typedef struct
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len );
|
||||
|
||||
/** Make signature */
|
||||
int (*sign_func)( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/** Decrypt message */
|
||||
int (*decrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/** Encrypt message */
|
||||
int (*encrypt_func)( void *ctx, const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng );
|
||||
|
||||
/** Allocate a new context */
|
||||
void * (*ctx_alloc_func)( void );
|
||||
|
||||
@ -149,6 +169,18 @@ typedef struct
|
||||
void * pk_ctx; /**< Underlying public key context */
|
||||
} pk_context;
|
||||
|
||||
/**
|
||||
* \brief Types for RSA-alt abstraction
|
||||
*/
|
||||
typedef int (*pk_rsa_alt_decrypt_func)( void *ctx, int mode, size_t *olen,
|
||||
const unsigned char *input, unsigned char *output,
|
||||
size_t output_max_len );
|
||||
typedef int (*pk_rsa_alt_sign_func)( void *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
||||
int mode, int hash_id, unsigned int hashlen,
|
||||
const unsigned char *hash, unsigned char *sig );
|
||||
typedef size_t (*pk_rsa_alt_key_len_func)( void *ctx );
|
||||
|
||||
/**
|
||||
* \brief Return information associated with the given PK type
|
||||
*
|
||||
@ -163,6 +195,11 @@ const pk_info_t *pk_info_from_type( pk_type_t pk_type );
|
||||
*/
|
||||
void pk_init( pk_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Free a pk_context
|
||||
*/
|
||||
void pk_free( pk_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Initialize a PK context with the information given
|
||||
* and allocates the type-specific PK subcontext.
|
||||
@ -173,13 +210,30 @@ void pk_init( pk_context *ctx );
|
||||
* \return 0 on success,
|
||||
* POLARSSL_ERR_PK_BAD_INPUT_DATA on invalid input,
|
||||
* POLARSSL_ERR_PK_MALLOC_FAILED on allocation failure.
|
||||
*
|
||||
* \note For contexts holding an RSA-alt key, use
|
||||
* \c pk_init_ctx_rsa_alt() instead.
|
||||
*/
|
||||
int pk_init_ctx( pk_context *ctx, const pk_info_t *info );
|
||||
|
||||
/**
|
||||
* \brief Free a pk_context
|
||||
* \brief Initialiaze an RSA-alt context
|
||||
*
|
||||
* \param ctx Context to initialize. Must be empty (type NONE).
|
||||
* \param key RSA key pointer
|
||||
* \param decrypt_func Decryption function
|
||||
* \param sign_func Signing function
|
||||
* \param key_len_func Function returning key length
|
||||
*
|
||||
* \return 0 on success, or POLARSSL_ERR_PK_BAD_INPUT_DATA if the
|
||||
* context wasn't already initialized as RSA_ALT.
|
||||
*
|
||||
* \note This function replaces \c pk_init_ctx() for RSA-alt.
|
||||
*/
|
||||
void pk_free( pk_context *ctx );
|
||||
int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
|
||||
pk_rsa_alt_decrypt_func decrypt_func,
|
||||
pk_rsa_alt_sign_func sign_func,
|
||||
pk_rsa_alt_key_len_func key_len_func );
|
||||
|
||||
/**
|
||||
* \brief Get the size in bits of the underlying key
|
||||
@ -190,6 +244,17 @@ void pk_free( pk_context *ctx );
|
||||
*/
|
||||
size_t pk_get_size( const pk_context *ctx );
|
||||
|
||||
/**
|
||||
* \brief Get the length in bytes of the underlying key
|
||||
* \param ctx Context to use
|
||||
*
|
||||
* \return Key lenght in bytes, or 0 on error
|
||||
*/
|
||||
static inline size_t pk_get_len( const pk_context *ctx )
|
||||
{
|
||||
return( ( pk_get_size( ctx ) + 7 ) / 8 );
|
||||
}
|
||||
|
||||
/**
|
||||
* \brief Tell if a context can do the operation given by type
|
||||
*
|
||||
@ -205,19 +270,82 @@ int pk_can_do( pk_context *ctx, pk_type_t type );
|
||||
* \brief Verify signature
|
||||
*
|
||||
* \param ctx PK context to use
|
||||
* \param md_alg Hash algorithm used
|
||||
* \param md_alg Hash algorithm used (see notes)
|
||||
* \param hash Hash of the message to sign
|
||||
* \param hash_len Hash length
|
||||
* \param hash_len Hash length or 0 (see notes)
|
||||
* \param sig Signature to verify
|
||||
* \param sig_len Signature length
|
||||
*
|
||||
* \return 0 on success (signature is valid),
|
||||
* or a specific error code.
|
||||
*
|
||||
* \note If hash_len is 0, then the length associated with md_alg
|
||||
* is used instead, or an error returned if it is invalid.
|
||||
*
|
||||
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
|
||||
*/
|
||||
int pk_verify( pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len );
|
||||
|
||||
/**
|
||||
* \brief Make signature
|
||||
*
|
||||
* \param ctx PK context to use
|
||||
* \param md_alg Hash algorithm used (see notes)
|
||||
* \param hash Hash of the message to sign
|
||||
* \param hash_len Hash length or 0 (see notes)
|
||||
* \param sig Place to write the signature
|
||||
* \param sig_len Number of bytes written
|
||||
* \param f_rng RNG function
|
||||
* \param p_rng RNG parameter
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*
|
||||
* \note If hash_len is 0, then the length associated with md_alg
|
||||
* is used instead, or an error returned if it is invalid.
|
||||
*
|
||||
* \note md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
|
||||
*/
|
||||
int pk_sign( pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Decrypt message
|
||||
*
|
||||
* \param ctx PK context to use
|
||||
* \param input Input to decrypt
|
||||
* \param ilen Input size
|
||||
* \param output Decrypted output
|
||||
* \param olen Decrypted message lenght
|
||||
* \param osize Size of the output buffer
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*/
|
||||
int pk_decrypt( pk_context *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Encrypt message
|
||||
*
|
||||
* \param ctx PK context to use
|
||||
* \param input Message to encrypt
|
||||
* \param ilen Message size
|
||||
* \param output Encrypted output
|
||||
* \param olen Encrypted output length
|
||||
* \param osize Size of the output buffer
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*/
|
||||
int pk_encrypt( pk_context *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
|
||||
|
||||
/**
|
||||
* \brief Export debug information
|
||||
*
|
||||
|
@ -32,6 +32,15 @@
|
||||
|
||||
#include "pk.h"
|
||||
|
||||
/* Container for RSA-alt */
|
||||
typedef struct
|
||||
{
|
||||
void *key;
|
||||
pk_rsa_alt_decrypt_func decrypt_func;
|
||||
pk_rsa_alt_sign_func sign_func;
|
||||
pk_rsa_alt_key_len_func key_len_func;
|
||||
} rsa_alt_context;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
extern const pk_info_t rsa_info;
|
||||
#endif
|
||||
@ -45,4 +54,6 @@ extern const pk_info_t eckeydh_info;
|
||||
extern const pk_info_t ecdsa_info;
|
||||
#endif
|
||||
|
||||
extern const pk_info_t rsa_alt_info;
|
||||
|
||||
#endif /* POLARSSL_PK_WRAP_H */
|
||||
|
@ -29,8 +29,6 @@
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
|
||||
#include "bignum.h"
|
||||
#include "md.h"
|
||||
|
||||
@ -59,6 +57,12 @@
|
||||
#define RSA_SIGN 1
|
||||
#define RSA_CRYPT 2
|
||||
|
||||
/*
|
||||
* The above constants may be used even if the RSA module is compile out,
|
||||
* eg for alternative (PKCS#11) RSA implemenations in the PK layers.
|
||||
*/
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
@ -244,6 +244,7 @@
|
||||
|
||||
/*
|
||||
* Supported Signature and Hash algorithms (For TLS 1.2)
|
||||
* RFC 5246 section 7.4.1.4.1
|
||||
*/
|
||||
#define SSL_HASH_NONE 0
|
||||
#define SSL_HASH_MD5 1
|
||||
@ -253,12 +254,16 @@
|
||||
#define SSL_HASH_SHA384 5
|
||||
#define SSL_HASH_SHA512 6
|
||||
|
||||
#define SSL_SIG_ANON 0
|
||||
#define SSL_SIG_RSA 1
|
||||
#define SSL_SIG_ECDSA 3
|
||||
|
||||
/*
|
||||
* Client Certificate Types
|
||||
* RFC 5246 section 7.4.4 plus RFC 4492 section 5.5
|
||||
*/
|
||||
#define SSL_CERT_TYPE_RSA_SIGN 1
|
||||
#define SSL_CERT_TYPE_ECDSA_SIGN 64
|
||||
|
||||
/*
|
||||
* Message, alert and handshake types
|
||||
@ -453,9 +458,9 @@ struct _ssl_transform
|
||||
md_context_t md_ctx_enc; /*!< MAC (encryption) */
|
||||
md_context_t md_ctx_dec; /*!< MAC (decryption) */
|
||||
|
||||
/* 151 == 604 bytes is size of gcm_context (largest context in PolarSSL) */
|
||||
uint32_t ctx_enc[151]; /*!< encryption context */
|
||||
uint32_t ctx_dec[151]; /*!< decryption context */
|
||||
/* 154 == 616 bytes is size of gcm_context (largest context in PolarSSL) */
|
||||
uint32_t ctx_enc[154]; /*!< encryption context */
|
||||
uint32_t ctx_dec[154]; /*!< decryption context */
|
||||
|
||||
/*
|
||||
* Session specific compression layer
|
||||
@ -638,12 +643,8 @@ struct _ssl_context
|
||||
/*
|
||||
* PKI layer
|
||||
*/
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
void *rsa_key; /*!< own RSA private key */
|
||||
rsa_decrypt_func rsa_decrypt; /*!< function for RSA decrypt*/
|
||||
rsa_sign_func rsa_sign; /*!< function for RSA sign */
|
||||
rsa_key_len_func rsa_key_len; /*!< function for RSA key len*/
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
pk_context *pk_key; /*!< own private key */
|
||||
int pk_key_own_alloc; /*!< did we allocate pk_key? */
|
||||
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
x509_cert *own_cert; /*!< own X.509 certificate */
|
||||
@ -965,13 +966,31 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
|
||||
*
|
||||
* \param ssl SSL context
|
||||
* \param own_cert own public certificate chain
|
||||
* \param rsa_key own private RSA key
|
||||
* \param pk_key own private key
|
||||
*/
|
||||
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
pk_context *pk_key );
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/**
|
||||
* \brief Set own certificate chain and private RSA key
|
||||
*
|
||||
* Note: own_cert should contain IN order from the bottom
|
||||
* up your certificate chain. The top certificate (self-signed)
|
||||
* can be omitted.
|
||||
*
|
||||
* \param ssl SSL context
|
||||
* \param own_cert own public certificate chain
|
||||
* \param rsa_key own private RSA key
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*/
|
||||
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
|
||||
rsa_context *rsa_key );
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
/**
|
||||
* \brief Set own certificate and alternate non-PolarSSL private
|
||||
* \brief Set own certificate and alternate non-PolarSSL RSA private
|
||||
* key and handling callbacks, such as the PKCS#11 wrappers
|
||||
* or any other external private key handler.
|
||||
* (see the respective RSA functions in rsa.h for documentation
|
||||
@ -988,8 +1007,10 @@ void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
* \param rsa_decrypt_func alternate implementation of \c rsa_pkcs1_decrypt()
|
||||
* \param rsa_sign_func alternate implementation of \c rsa_pkcs1_sign()
|
||||
* \param rsa_key_len_func function returning length of RSA key in bytes
|
||||
*
|
||||
* \return 0 on success, or a specific error code.
|
||||
*/
|
||||
void ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
|
||||
int ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
|
||||
void *rsa_key,
|
||||
rsa_decrypt_func rsa_decrypt,
|
||||
rsa_sign_func rsa_sign,
|
||||
@ -1435,6 +1456,10 @@ int ssl_write_finished( ssl_context *ssl );
|
||||
|
||||
void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info );
|
||||
|
||||
unsigned char ssl_sig_from_pk( pk_context *pk );
|
||||
pk_type_t ssl_pk_alg_from_sig( unsigned char sig );
|
||||
md_type_t ssl_md_alg_from_hash( unsigned char hash );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
@ -27,6 +27,7 @@
|
||||
#ifndef POLARSSL_SSL_CIPHERSUITES_H
|
||||
#define POLARSSL_SSL_CIPHERSUITES_H
|
||||
|
||||
#include "pk.h"
|
||||
#include "cipher.h"
|
||||
#include "md.h"
|
||||
|
||||
@ -119,18 +120,33 @@ extern "C" {
|
||||
#define TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
|
||||
#define TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
|
||||
|
||||
#define TLS_ECDHE_ECDSA_WITH_NULL_SHA 0xC006 /**< Weak! */
|
||||
#define TLS_ECDHE_ECDSA_WITH_RC4_128_SHA 0xC007 /**< Not in SSL3! */
|
||||
#define TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA 0xC008 /**< Not in SSL3! */
|
||||
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 /**< Not in SSL3! */
|
||||
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA 0xC00A /**< Not in SSL3! */
|
||||
|
||||
#define TLS_ECDHE_RSA_WITH_NULL_SHA 0xC010 /**< Weak! */
|
||||
#define TLS_ECDHE_RSA_WITH_RC4_128_SHA 0xC011 /**< Not in SSL3! */
|
||||
#define TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 0xC012 /**< Not in SSL3! */
|
||||
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 0xC013 /**< Not in SSL3! */
|
||||
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 0xC014 /**< Not in SSL3! */
|
||||
|
||||
#define TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 0xC023 /**< TLS 1.2 */
|
||||
#define TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 /**< TLS 1.2 */
|
||||
|
||||
#define TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 0xC027 /**< TLS 1.2 */
|
||||
#define TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 0xC028 /**< TLS 1.2 */
|
||||
|
||||
#define TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B /**< TLS 1.2 */
|
||||
#define TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C /**< TLS 1.2 */
|
||||
|
||||
#define TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 0xC02F /**< TLS 1.2 */
|
||||
#define TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 0xC030 /**< TLS 1.2 */
|
||||
|
||||
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 0xC072 /**< TLS 1.2 */
|
||||
#define TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 0xC073 /**< TLS 1.2 */
|
||||
|
||||
#define TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xC076 /**< TLS 1.2 */
|
||||
#define TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 0xC077 /**< TLS 1.2 */
|
||||
|
||||
@ -146,6 +162,7 @@ typedef enum {
|
||||
POLARSSL_KEY_EXCHANGE_RSA,
|
||||
POLARSSL_KEY_EXCHANGE_DHE_RSA,
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA,
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
POLARSSL_KEY_EXCHANGE_PSK,
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK,
|
||||
POLARSSL_KEY_EXCHANGE_RSA_PSK,
|
||||
@ -181,6 +198,8 @@ const int *ssl_ciphersuites_list( void );
|
||||
const ssl_ciphersuite_t *ssl_ciphersuite_from_string( const char *ciphersuite_name );
|
||||
const ssl_ciphersuite_t *ssl_ciphersuite_from_id( int ciphersuite_id );
|
||||
|
||||
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info );
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
@ -1980,7 +1980,7 @@ cleanup:
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif
|
||||
#endif /* POLARSSL_GENPRIME */
|
||||
|
||||
#if defined(POLARSSL_SELF_TEST)
|
||||
|
||||
@ -2092,7 +2092,6 @@ int mpi_self_test( int verbose )
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n" );
|
||||
|
||||
#if defined(POLARSSL_GENPRIME)
|
||||
MPI_CHK( mpi_inv_mod( &X, &A, &N ) );
|
||||
|
||||
MPI_CHK( mpi_read_string( &U, 16,
|
||||
@ -2113,7 +2112,6 @@ int mpi_self_test( int verbose )
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n" );
|
||||
#endif
|
||||
|
||||
if( verbose != 0 )
|
||||
printf( " MPI test #5 (simple gcd): " );
|
||||
|
@ -27,6 +27,77 @@
|
||||
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
const char test_ca_crt[] =
|
||||
"-----BEGIN CERTIFICATE-----\r\n"
|
||||
"MIICEjCCAbmgAwIBAgIJAK1CeXaecvbhMAkGByqGSM49BAEwPjELMAkGA1UEBhMC\r\n"
|
||||
"TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD\r\n"
|
||||
"IENBMB4XDTEzMDgwOTA3NDk0NloXDTIzMDgwNzA3NDk0NlowPjELMAkGA1UEBhMC\r\n"
|
||||
"TkwxETAPBgNVBAoTCFBvbGFyU1NMMRwwGgYDVQQDExNQb2xhcnNzbCBUZXN0IEVD\r\n"
|
||||
"IENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAElrizLPspIX2+kNvC+BOpJnw1\r\n"
|
||||
"9tnAi5nsUnt8r6N+KDybdaVUWmLIqZCrjuaGKwOdOZtl/bBp8KOpLZ4UDujV/qOB\r\n"
|
||||
"oDCBnTAdBgNVHQ4EFgQUvEDvue6auzY54S2porosu6a9EHEwbgYDVR0jBGcwZYAU\r\n"
|
||||
"vEDvue6auzY54S2porosu6a9EHGhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQK\r\n"
|
||||
"EwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAK1CeXae\r\n"
|
||||
"cvbhMAwGA1UdEwQFMAMBAf8wCQYHKoZIzj0EAQNIADBFAiBs5rd9NzQs/wQZVS6D\r\n"
|
||||
"rjpOpzFteqBkqe6YgKWkG5kDVwIhAKr4Lr4v+MU1G5D5oSZXYxvUPBa4yARcD7QM\r\n"
|
||||
"espQnlFX\r\n"
|
||||
"-----END CERTIFICATE-----\r\n";
|
||||
|
||||
const char test_ca_key[] =
|
||||
"-----BEGIN EC PRIVATE KEY-----\r\n"
|
||||
"Proc-Type: 4,ENCRYPTED\r\n"
|
||||
"DEK-Info: AES-128-CBC,2A7435F5137D68C6402DB35E5BFD277A\r\n"
|
||||
"\r\n"
|
||||
"Sw5YgGVvNxXMvnGKYPuUqiDfjXhK/VTQ6dE9+33jwobKJvqR4pIrelw5QbJ5MCi2\r\n"
|
||||
"dRGEMi4hT+EiS1UZtagqYUQyYZegZB48eoSRySsfW3kqQ4aG99+4iDLCY+JhICs9\r\n"
|
||||
"aZdJhyUSOy2KRnFN/ZUy/Hvlsy10dw/Cp73TpJZmTz4=\r\n"
|
||||
"-----END EC PRIVATE KEY-----\r\n";
|
||||
|
||||
const char test_ca_pwd[] = "PolarSSLTest";
|
||||
|
||||
const char test_srv_crt[] =
|
||||
"-----BEGIN CERTIFICATE-----\r\n"
|
||||
"MIIB7TCCAZSgAwIBAgIBAzAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYD\r\n"
|
||||
"VQQKEwhQb2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0x\r\n"
|
||||
"MzA4MDkwNzU3NDBaFw0yMzA4MDcwNzU3NDBaMDQxCzAJBgNVBAYTAk5MMREwDwYD\r\n"
|
||||
"VQQKEwhQb2xhclNTTDESMBAGA1UEAxMJbG9jYWxob3N0MEkwEwYHKoZIzj0CAQYI\r\n"
|
||||
"KoZIzj0DAQEDMgAEy0Lh3ZfhEwBiC8jmJfEg8NGxCDqHEtz+hPgYs37hDz9wTOoY\r\n"
|
||||
"+CJDtEUcDedgFCpqo4GdMIGaMAkGA1UdEwQCMAAwHQYDVR0OBBYEFKItALYotNzi\r\n"
|
||||
"cfBPd7LwETtkYmdBMG4GA1UdIwRnMGWAFLxA77numrs2OeEtqaK6LLumvRBxoUKk\r\n"
|
||||
"QDA+MQswCQYDVQQGEwJOTDERMA8GA1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1Bv\r\n"
|
||||
"bGFyc3NsIFRlc3QgRUMgQ0GCCQCtQnl2nnL24TAJBgcqhkjOPQQBA0gAMEUCIE/J\r\n"
|
||||
"rb3TrYL+z1OsZ2rtCmji7hrPj570X4Qkm1Pb5QEvAiEAiq46sM0+1DSAU0u8FcuL\r\n"
|
||||
"jbRvSP9W7EJjb9QR3zNYbX4=\r\n"
|
||||
"-----END CERTIFICATE-----\r\n";
|
||||
|
||||
const char test_srv_key[] =
|
||||
"-----BEGIN EC PRIVATE KEY-----\r\n"
|
||||
"MF8CAQEEGO82j8OXBoUhVyauCA8XZ288l595u7BXWqAKBggqhkjOPQMBAaE0AzIA\r\n"
|
||||
"BMtC4d2X4RMAYgvI5iXxIPDRsQg6hxLc/oT4GLN+4Q8/cEzqGPgiQ7RFHA3nYBQq\r\n"
|
||||
"ag==\r\n"
|
||||
"-----END EC PRIVATE KEY-----\r\n";
|
||||
|
||||
const char test_cli_crt[] =
|
||||
"-----BEGIN CERTIFICATE-----\r\n"
|
||||
"MIIBUjCB+gIBEjAJBgcqhkjOPQQBMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ\r\n"
|
||||
"b2xhclNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQTAeFw0xMzA4MjIx\r\n"
|
||||
"NDQyMTdaFw0yMzA4MjAxNDQyMTdaMD8xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQ\r\n"
|
||||
"b2xhclNTTDEdMBsGA1UEAxMUUG9sYXJTU0wgVGVzdCBDbGllbnQwSTATBgcqhkjO\r\n"
|
||||
"PQIBBggqhkjOPQMBAQMyAATnnXkhKuPh1tou3B+DV9lyE4IlISuYVm86E776WBm5\r\n"
|
||||
"+hNTqK0AaV6gqEL/XdLEGVwwCQYHKoZIzj0EAQNIADBFAiEA/xaze0PZk51nJJSR\r\n"
|
||||
"Z5SmN9VlzqgN2aSmL4JQRPzjDr0CIFOmuwP8WRdPUJvXh7NQgvl4kW3xkcrmfd6a\r\n"
|
||||
"zJbBMLxH\r\n"
|
||||
"-----END CERTIFICATE-----\r\n";
|
||||
|
||||
const char test_cli_key[] =
|
||||
"-----BEGIN EC PRIVATE KEY-----\r\n"
|
||||
"MF8CAQEEGCTQxP5vTfEwCWdeLdPqgGQ4AuxGG3gPA6AKBggqhkjOPQMBAaE0AzIA\r\n"
|
||||
"BOedeSEq4+HW2i7cH4NX2XITgiUhK5hWbzoTvvpYGbn6E1OorQBpXqCoQv9d0sQZ\r\n"
|
||||
"XA==\r\n"
|
||||
"-----END EC PRIVATE KEY-----\r\n";
|
||||
|
||||
#else /* !POLARSSL_ECDSA_C, so POLARSSL_RSA_C */
|
||||
const char test_ca_crt[] =
|
||||
"-----BEGIN CERTIFICATE-----\r\n"
|
||||
"MIIDhzCCAm+gAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQGEwJOTDER\r\n"
|
||||
@ -123,7 +194,7 @@ const char test_srv_key[] =
|
||||
"oArQJGgkAdaq0pcTyOIjtTQVMFygdVmCEJmxh/3RutPcTeydqW9fphKDMej32J8e\r\n"
|
||||
"GniGmNGiclbcfNOS8E5TGp445yZb9P1+7AHng16bGg3Ykj5EA4G+HCcCgYEAyHAl\r\n"
|
||||
"//ekk8YjQElm+8izLtFkymIK0aCtEe9C/RIRhFYBeFaotC5dStNhBOncn4ovMAPD\r\n"
|
||||
"lX/92yDi9OP8PPLN3a4B9XpW3k/SS5GrbT5cwOivBHNllZSmu/2qz5WPGcjVCOrB\r\n"
|
||||
"Lx/92YdI9op8ppln3a4B9XpW3k/SS5GrbT5cwOivBHNllZSmu/2qz5WPGcjVCOrB\r\n"
|
||||
"LYl3YWr2h3EGKICT03kEoTkiDBvCeOpW7cCGl2cCgYBD5whoXHz1+ptPlI4YVjZt\r\n"
|
||||
"Xh86aU+ajpVPiEyJ84I6xXmO4SZXv8q6LaycR0ZMbcL+zBelMb4Z2nBv7jNrtuR7\r\n"
|
||||
"ZF28cdPv+YVr3esaybZE/73VjXup4SQPH6r3l7qKTVi+y6+FeJ4b2Xn8/MwgnT23\r\n"
|
||||
@ -185,6 +256,7 @@ const char test_cli_key[] =
|
||||
"bHFVW2r0dBTqegP2/KTOxKzaHfC1qf0RGDsUoJCNJrd1cwoCLG8P2EF4w3OBrKqv\r\n"
|
||||
"8u4ytY0F+Vlanj5lm3TaoHSVF1+NWPyOTiwevIECGKwSxvlki4fDAA==\r\n"
|
||||
"-----END RSA PRIVATE KEY-----\r\n";
|
||||
#endif /* !POLARSSL_ECDSA_C, so POLARSSL_RSA_C */
|
||||
|
||||
const char test_dhm_params[] =
|
||||
"-----BEGIN DH PARAMETERS-----\r\n"
|
||||
@ -193,4 +265,4 @@ const char test_dhm_params[] =
|
||||
"9mLJKudlVudV0Qxk5qUJaPZ/xupz0NyoVpviuiBOI1gNi8ovSXWzAgEC\r\n"
|
||||
"-----END DH PARAMETERS-----\r\n";
|
||||
|
||||
#endif
|
||||
#endif /* POLARSSL_CERTS_C */
|
||||
|
@ -134,7 +134,7 @@ int ecdsa_verify( const ecp_group *grp,
|
||||
if( mpi_cmp_int( r, 1 ) < 0 || mpi_cmp_mpi( r, &grp->N ) >= 0 ||
|
||||
mpi_cmp_int( s, 1 ) < 0 || mpi_cmp_mpi( s, &grp->N ) >= 0 )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
|
||||
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -168,7 +168,7 @@ int ecdsa_verify( const ecp_group *grp,
|
||||
|
||||
if( ecp_is_zero( &R ) )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
|
||||
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
@ -177,7 +177,7 @@ int ecdsa_verify( const ecp_group *grp,
|
||||
*/
|
||||
if( mpi_cmp_mpi( &R.X, r ) != 0 )
|
||||
{
|
||||
ret = POLARSSL_ERR_ECP_BAD_INPUT_DATA;
|
||||
ret = POLARSSL_ERR_ECP_VERIFY_FAILED;
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
|
@ -251,7 +251,7 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
|
||||
if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) )
|
||||
snprintf( buf, buflen, "PK - Memory alloation failed" );
|
||||
if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) )
|
||||
snprintf( buf, buflen, "PK - Type mismatch, eg attempt to use a RSA key as EC, or to modify key type" );
|
||||
snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
|
||||
if( use_ret == -(POLARSSL_ERR_PK_BAD_INPUT_DATA) )
|
||||
snprintf( buf, buflen, "PK - Bad input parameters to function" );
|
||||
#endif /* POLARSSL_PK_C */
|
||||
|
112
library/pk.c
112
library/pk.c
@ -25,6 +25,8 @@
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_PK_C)
|
||||
|
||||
#include "polarssl/pk.h"
|
||||
#include "polarssl/pk_wrap.h"
|
||||
|
||||
@ -84,6 +86,7 @@ const pk_info_t * pk_info_from_type( pk_type_t pk_type )
|
||||
case POLARSSL_PK_ECDSA:
|
||||
return &ecdsa_info;
|
||||
#endif
|
||||
/* POLARSSL_PK_RSA_ALT ommited on purpose */
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
@ -105,6 +108,35 @@ int pk_init_ctx( pk_context *ctx, const pk_info_t *info )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Initialize an RSA-alt context
|
||||
*/
|
||||
int pk_init_ctx_rsa_alt( pk_context *ctx, void * key,
|
||||
pk_rsa_alt_decrypt_func decrypt_func,
|
||||
pk_rsa_alt_sign_func sign_func,
|
||||
pk_rsa_alt_key_len_func key_len_func )
|
||||
{
|
||||
rsa_alt_context *rsa_alt;
|
||||
const pk_info_t *info = &rsa_alt_info;
|
||||
|
||||
if( ctx == NULL || ctx->pk_info != NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
|
||||
return( POLARSSL_ERR_PK_MALLOC_FAILED );
|
||||
|
||||
ctx->pk_info = info;
|
||||
|
||||
rsa_alt = (rsa_alt_context *) ctx->pk_ctx;
|
||||
|
||||
rsa_alt->key = key;
|
||||
rsa_alt->decrypt_func = decrypt_func;
|
||||
rsa_alt->sign_func = sign_func;
|
||||
rsa_alt->key_len_func = key_len_func;
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Tell if a PK can do the operations of the given type
|
||||
*/
|
||||
@ -117,6 +149,23 @@ int pk_can_do( pk_context *ctx, pk_type_t type )
|
||||
return( ctx->pk_info->can_do( type ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Helper for pk_sign and pk_verify
|
||||
*/
|
||||
static inline int pk_hashlen_helper( md_type_t md_alg, size_t *hash_len )
|
||||
{
|
||||
const md_info_t *md_info;
|
||||
|
||||
if( *hash_len != 0 )
|
||||
return( 0 );
|
||||
|
||||
if( ( md_info = md_info_from_type( md_alg ) ) == NULL )
|
||||
return( -1 );
|
||||
|
||||
*hash_len = md_info->size;
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
/*
|
||||
* Verify a signature
|
||||
*/
|
||||
@ -124,17 +173,72 @@ int pk_verify( pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
if( ctx == NULL || ctx->pk_info == NULL ||
|
||||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->verify_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg,
|
||||
hash, hash_len,
|
||||
return( ctx->pk_info->verify_func( ctx->pk_ctx, md_alg, hash, hash_len,
|
||||
sig, sig_len ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Make a signature
|
||||
*/
|
||||
int pk_sign( pk_context *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL ||
|
||||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->sign_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->sign_func( ctx->pk_ctx, md_alg, hash, hash_len,
|
||||
sig, sig_len, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Decrypt message
|
||||
*/
|
||||
int pk_decrypt( pk_context *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->decrypt_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->decrypt_func( ctx->pk_ctx, input, ilen,
|
||||
output, olen, osize, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Encrypt message
|
||||
*/
|
||||
int pk_encrypt( pk_context *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
if( ctx == NULL || ctx->pk_info == NULL )
|
||||
return( POLARSSL_ERR_PK_BAD_INPUT_DATA );
|
||||
|
||||
if( ctx->pk_info->encrypt_func == NULL )
|
||||
return( POLARSSL_ERR_PK_TYPE_MISMATCH );
|
||||
|
||||
return( ctx->pk_info->encrypt_func( ctx->pk_ctx, input, ilen,
|
||||
output, olen, osize, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get key size in bits
|
||||
*/
|
||||
@ -168,3 +272,5 @@ const char * pk_get_name( const pk_context *ctx )
|
||||
|
||||
return( ctx->pk_info->name );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_PK_C */
|
||||
|
@ -25,11 +25,12 @@
|
||||
|
||||
#include "polarssl/config.h"
|
||||
|
||||
#if defined(POLARSSL_PK_C)
|
||||
|
||||
#include "polarssl/pk_wrap.h"
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/* Even if RSA not activated, for the sake of RSA-alt */
|
||||
#include "polarssl/rsa.h"
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
#include "polarssl/ecp.h"
|
||||
@ -47,12 +48,13 @@
|
||||
#define polarssl_free free
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
/* Used by RSA-alt too */
|
||||
static int rsa_can_do( pk_type_t type )
|
||||
{
|
||||
return( type == POLARSSL_PK_RSA );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
static size_t rsa_get_size( const void *ctx )
|
||||
{
|
||||
return( 8 * ((rsa_context *) ctx)->len );
|
||||
@ -69,6 +71,45 @@ static int rsa_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
RSA_PUBLIC, md_alg, hash_len, hash, sig ) );
|
||||
}
|
||||
|
||||
static int rsa_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
*sig_len = ((rsa_context *) ctx)->len;
|
||||
|
||||
return( rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, RSA_PRIVATE,
|
||||
md_alg, hash_len, hash, sig ) );
|
||||
}
|
||||
|
||||
static int rsa_decrypt_wrap( void *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
((void) f_rng);
|
||||
((void) p_rng);
|
||||
|
||||
if( ilen != ((rsa_context *) ctx)->len )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
return( rsa_pkcs1_decrypt( (rsa_context *) ctx,
|
||||
RSA_PRIVATE, olen, input, output, osize ) );
|
||||
}
|
||||
|
||||
static int rsa_encrypt_wrap( void *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
((void) osize);
|
||||
|
||||
*olen = ((rsa_context *) ctx)->len;
|
||||
|
||||
return( rsa_pkcs1_encrypt( (rsa_context *) ctx,
|
||||
f_rng, p_rng, RSA_PUBLIC, ilen, input, output ) );
|
||||
}
|
||||
|
||||
static void *rsa_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( rsa_context ) );
|
||||
@ -104,6 +145,9 @@ const pk_info_t rsa_info = {
|
||||
rsa_get_size,
|
||||
rsa_can_do,
|
||||
rsa_verify_wrap,
|
||||
rsa_sign_wrap,
|
||||
rsa_decrypt_wrap,
|
||||
rsa_encrypt_wrap,
|
||||
rsa_alloc_wrap,
|
||||
rsa_free_wrap,
|
||||
rsa_debug,
|
||||
@ -127,11 +171,16 @@ static size_t eckey_get_size( const void *ctx )
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
/* Forward declaration */
|
||||
/* Forward declarations */
|
||||
static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len );
|
||||
|
||||
static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng );
|
||||
|
||||
static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
const unsigned char *sig, size_t sig_len )
|
||||
@ -141,13 +190,33 @@ static int eckey_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
|
||||
ecdsa_init( &ecdsa );
|
||||
|
||||
ret = ecdsa_from_keypair( &ecdsa, ctx ) ||
|
||||
ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
|
||||
if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
|
||||
ret = ecdsa_verify_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len );
|
||||
|
||||
ecdsa_free( &ecdsa );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
static int eckey_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
ecdsa_context ecdsa;
|
||||
|
||||
ecdsa_init( &ecdsa );
|
||||
|
||||
if( ( ret = ecdsa_from_keypair( &ecdsa, ctx ) ) == 0 )
|
||||
ret = ecdsa_sign_wrap( &ecdsa, md_alg, hash, hash_len, sig, sig_len,
|
||||
f_rng, p_rng );
|
||||
|
||||
ecdsa_free( &ecdsa );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
|
||||
static void *eckey_alloc_wrap( void )
|
||||
@ -180,9 +249,13 @@ const pk_info_t eckey_info = {
|
||||
eckey_can_do,
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
eckey_verify_wrap,
|
||||
eckey_sign_wrap,
|
||||
#else
|
||||
NULL,
|
||||
NULL,
|
||||
#endif
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_alloc_wrap,
|
||||
eckey_free_wrap,
|
||||
eckey_debug,
|
||||
@ -203,6 +276,9 @@ const pk_info_t eckeydh_info = {
|
||||
eckey_get_size, /* Same underlying key structure */
|
||||
eckeydh_can_do,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
NULL,
|
||||
eckey_alloc_wrap, /* Same underlying key structure */
|
||||
eckey_free_wrap, /* Same underlying key structure */
|
||||
eckey_debug, /* Same underlying key structure */
|
||||
@ -225,6 +301,17 @@ static int ecdsa_verify_wrap( void *ctx, md_type_t md_alg,
|
||||
hash, hash_len, sig, sig_len ) );
|
||||
}
|
||||
|
||||
static int ecdsa_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
((void) md_alg);
|
||||
|
||||
return( ecdsa_write_signature( (ecdsa_context *) ctx,
|
||||
hash, hash_len, sig, sig_len, f_rng, p_rng ) );
|
||||
}
|
||||
|
||||
static void *ecdsa_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( ecdsa_context ) );
|
||||
@ -247,8 +334,83 @@ const pk_info_t ecdsa_info = {
|
||||
eckey_get_size, /* Compatible key structures */
|
||||
ecdsa_can_do,
|
||||
ecdsa_verify_wrap,
|
||||
ecdsa_sign_wrap,
|
||||
NULL,
|
||||
NULL,
|
||||
ecdsa_alloc_wrap,
|
||||
ecdsa_free_wrap,
|
||||
eckey_debug, /* Compatible key structures */
|
||||
};
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
|
||||
/*
|
||||
* Support for alternative RSA-private implementations
|
||||
*/
|
||||
|
||||
static size_t rsa_alt_get_size( const void *ctx )
|
||||
{
|
||||
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
|
||||
|
||||
return( rsa_alt->key_len_func( rsa_alt->key ) );
|
||||
}
|
||||
|
||||
static int rsa_alt_sign_wrap( void *ctx, md_type_t md_alg,
|
||||
const unsigned char *hash, size_t hash_len,
|
||||
unsigned char *sig, size_t *sig_len,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
|
||||
|
||||
*sig_len = rsa_alt->key_len_func( rsa_alt->key );
|
||||
|
||||
return( rsa_alt->sign_func( rsa_alt->key, f_rng, p_rng, RSA_PRIVATE,
|
||||
md_alg, hash_len, hash, sig ) );
|
||||
}
|
||||
|
||||
static int rsa_alt_decrypt_wrap( void *ctx,
|
||||
const unsigned char *input, size_t ilen,
|
||||
unsigned char *output, size_t *olen, size_t osize,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng )
|
||||
{
|
||||
rsa_alt_context *rsa_alt = (rsa_alt_context *) ctx;
|
||||
|
||||
((void) f_rng);
|
||||
((void) p_rng);
|
||||
|
||||
if( ilen != rsa_alt->key_len_func( rsa_alt->key ) )
|
||||
return( POLARSSL_ERR_RSA_BAD_INPUT_DATA );
|
||||
|
||||
return( rsa_alt->decrypt_func( rsa_alt->key,
|
||||
RSA_PRIVATE, olen, input, output, osize ) );
|
||||
}
|
||||
|
||||
static void *rsa_alt_alloc_wrap( void )
|
||||
{
|
||||
void *ctx = polarssl_malloc( sizeof( rsa_alt_context ) );
|
||||
|
||||
if( ctx != NULL )
|
||||
memset( ctx, 0, sizeof( rsa_alt_context ) );
|
||||
|
||||
return ctx;
|
||||
}
|
||||
|
||||
static void rsa_alt_free_wrap( void *ctx )
|
||||
{
|
||||
polarssl_free( ctx );
|
||||
}
|
||||
|
||||
const pk_info_t rsa_alt_info = {
|
||||
POLARSSL_PK_RSA_ALT,
|
||||
"RSA-alt",
|
||||
rsa_alt_get_size,
|
||||
rsa_can_do,
|
||||
NULL,
|
||||
rsa_alt_sign_wrap,
|
||||
rsa_alt_decrypt_wrap,
|
||||
NULL,
|
||||
rsa_alt_alloc_wrap,
|
||||
rsa_alt_free_wrap,
|
||||
NULL,
|
||||
};
|
||||
|
||||
#endif /* POLARSSL_PK_C */
|
||||
|
@ -40,34 +40,44 @@
|
||||
static const int ciphersuite_preference[] =
|
||||
{
|
||||
/* All AES-256 ephemeral suites */
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
|
||||
|
||||
/* All CAMELLIA-256 ephemeral suites */
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,
|
||||
|
||||
/* All AES-128 ephemeral suites */
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
|
||||
|
||||
/* All CAMELLIA-128 ephemeral suites */
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,
|
||||
|
||||
/* All remaining > 128-bit ephemeral suites */
|
||||
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,
|
||||
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
|
||||
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
|
||||
TLS_ECDHE_RSA_WITH_RC4_128_SHA,
|
||||
|
||||
/* The PSK ephemeral suites */
|
||||
@ -132,6 +142,7 @@ static const int ciphersuite_preference[] =
|
||||
/* Weak or NULL suites */
|
||||
TLS_DHE_RSA_WITH_DES_CBC_SHA,
|
||||
TLS_RSA_WITH_DES_CBC_SHA,
|
||||
TLS_ECDHE_ECDSA_WITH_NULL_SHA,
|
||||
TLS_ECDHE_RSA_WITH_NULL_SHA,
|
||||
TLS_RSA_WITH_NULL_SHA256,
|
||||
TLS_RSA_WITH_NULL_SHA,
|
||||
@ -149,12 +160,96 @@ static const int ciphersuite_preference[] =
|
||||
0
|
||||
};
|
||||
|
||||
#define MAX_CIPHERSUITES 60
|
||||
#define MAX_CIPHERSUITES 128
|
||||
static int supported_ciphersuites[MAX_CIPHERSUITES];
|
||||
static int supported_init = 0;
|
||||
|
||||
static const ssl_ciphersuite_t ciphersuite_definitions[] =
|
||||
{
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
#if defined(POLARSSL_AES_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA",
|
||||
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256",
|
||||
POLARSSL_CIPHER_AES_128_GCM, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384",
|
||||
POLARSSL_CIPHER_AES_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#if defined(POLARSSL_GCM_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384",
|
||||
POLARSSL_CIPHER_AES_256_GCM, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_GCM_C */
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_AES_C */
|
||||
|
||||
#if defined(POLARSSL_CAMELLIA_C)
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256",
|
||||
POLARSSL_CIPHER_CAMELLIA_128_CBC, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_SHA256_C */
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384, "TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384",
|
||||
POLARSSL_CIPHER_CAMELLIA_256_CBC, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_SHA512_C */
|
||||
#endif /* POLARSSL_CAMELLIA_C */
|
||||
|
||||
#if defined(POLARSSL_DES_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, "TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA",
|
||||
POLARSSL_CIPHER_DES_EDE3_CBC, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_DES_C */
|
||||
|
||||
#if defined(POLARSSL_ARC4_C)
|
||||
{ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS-ECDHE-ECDSA-WITH-RC4-128-SHA",
|
||||
POLARSSL_CIPHER_ARC4_128, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC },
|
||||
#endif /* POLARSSL_ARC4_C */
|
||||
|
||||
#if defined(POLARSSL_CIPHER_NULL_CIPHER)
|
||||
{ TLS_ECDHE_ECDSA_WITH_NULL_SHA, "TLS-ECDHE-ECDSA-WITH-NULL-SHA",
|
||||
POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA1, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_1,
|
||||
SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3,
|
||||
POLARSSL_CIPHERSUITE_EC | POLARSSL_CIPHERSUITE_WEAK },
|
||||
#endif /* POLARSSL_CIPHER_NULL_CIPHER */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_AES_C)
|
||||
{ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA",
|
||||
@ -746,16 +841,18 @@ const int *ssl_list_ciphersuites( void )
|
||||
{
|
||||
const int *p = ciphersuite_preference;
|
||||
int *q = supported_ciphersuites;
|
||||
size_t i;
|
||||
size_t max = sizeof(supported_ciphersuites) / sizeof(int);
|
||||
|
||||
memset( supported_ciphersuites, 0x00, sizeof(supported_ciphersuites) );
|
||||
|
||||
while( *p != 0 )
|
||||
/* Leave room for a final 0 */
|
||||
for( i = 0; i < max - 1 && p[i] != 0; i++ )
|
||||
{
|
||||
if( ssl_ciphersuite_from_id( *p ) != NULL )
|
||||
*(q++) = *p;
|
||||
|
||||
p++;
|
||||
if( ssl_ciphersuite_from_id( p[i] ) != NULL )
|
||||
*(q++) = p[i];
|
||||
}
|
||||
|
||||
supported_init = 1;
|
||||
}
|
||||
|
||||
@ -819,4 +916,20 @@ int ssl_get_ciphersuite_id( const char *ciphersuite_name )
|
||||
return( cur->id );
|
||||
}
|
||||
|
||||
pk_type_t ssl_get_ciphersuite_sig_pk_alg( const ssl_ciphersuite_t *info )
|
||||
{
|
||||
switch( info->key_exchange )
|
||||
{
|
||||
case POLARSSL_KEY_EXCHANGE_DHE_RSA:
|
||||
case POLARSSL_KEY_EXCHANGE_ECDHE_RSA:
|
||||
return( POLARSSL_PK_RSA );
|
||||
|
||||
case POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA:
|
||||
return( POLARSSL_PK_ECDSA );
|
||||
|
||||
default:
|
||||
return( POLARSSL_PK_NONE );
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
|
@ -137,7 +137,7 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
|
||||
size_t *olen )
|
||||
{
|
||||
unsigned char *p = buf;
|
||||
unsigned char sig_alg_list[20];
|
||||
unsigned char *sig_alg_list = buf + 6;
|
||||
size_t sig_alg_len = 0;
|
||||
|
||||
*olen = 0;
|
||||
@ -150,6 +150,7 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
|
||||
/*
|
||||
* Prepare signature_algorithms extension (TLS 1.2)
|
||||
*/
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
|
||||
@ -170,6 +171,29 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
|
||||
#endif
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA1;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||
#endif
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
|
||||
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||
#endif
|
||||
#endif /* POLARSSL_ECDSA_C */
|
||||
|
||||
/*
|
||||
* enum {
|
||||
@ -197,8 +221,6 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
|
||||
*p++ = (unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( sig_alg_len ) & 0xFF );
|
||||
|
||||
memcpy( p, sig_alg_list, sig_alg_len );
|
||||
|
||||
*olen = 6 + sig_alg_len;
|
||||
}
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
@ -1055,7 +1077,8 @@ static int ssl_parse_server_hello( ssl_context *ssl )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p,
|
||||
unsigned char *end )
|
||||
{
|
||||
@ -1089,9 +1112,11 @@ static int ssl_parse_server_dh_params( ssl_context *ssl, unsigned char **p,
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
static int ssl_parse_server_ecdh_params( ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end )
|
||||
@ -1124,7 +1149,8 @@ static int ssl_parse_server_ecdh_params( ssl_context *ssl,
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
@ -1162,54 +1188,44 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl,
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
static int ssl_parse_signature_algorithm( ssl_context *ssl,
|
||||
unsigned char **p,
|
||||
unsigned char *end,
|
||||
md_type_t *md_alg )
|
||||
md_type_t *md_alg,
|
||||
pk_type_t *pk_alg )
|
||||
{
|
||||
((void) ssl);
|
||||
*md_alg = POLARSSL_MD_NONE;
|
||||
*pk_alg = POLARSSL_PK_NONE;
|
||||
|
||||
/* Only in TLS 1.2 */
|
||||
if( ssl->minor_ver != SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
if( (*p) + 2 > end )
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
|
||||
if( (*p)[1] != SSL_SIG_RSA )
|
||||
/*
|
||||
* Get hash algorithm
|
||||
*/
|
||||
if( ( *md_alg = ssl_md_alg_from_hash( (*p)[0] ) ) == POLARSSL_MD_NONE )
|
||||
{
|
||||
SSL_DEBUG_MSG( 2, ( "server used unsupported SignatureAlgorithm %d", (*p)[1] ) );
|
||||
SSL_DEBUG_MSG( 2, ( "Server used unsupported "
|
||||
"HashAlgorithm %d", *(p)[0] ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
|
||||
switch( (*p)[0] )
|
||||
/*
|
||||
* Get signature algorithm
|
||||
*/
|
||||
if( ( *pk_alg = ssl_pk_alg_from_sig( (*p)[1] ) ) == POLARSSL_PK_NONE )
|
||||
{
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
case SSL_HASH_MD5:
|
||||
*md_alg = POLARSSL_MD_MD5;
|
||||
break;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
case SSL_HASH_SHA1:
|
||||
*md_alg = POLARSSL_MD_SHA1;
|
||||
break;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
case SSL_HASH_SHA224:
|
||||
*md_alg = POLARSSL_MD_SHA224;
|
||||
break;
|
||||
case SSL_HASH_SHA256:
|
||||
*md_alg = POLARSSL_MD_SHA256;
|
||||
break;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
case SSL_HASH_SHA384:
|
||||
*md_alg = POLARSSL_MD_SHA384;
|
||||
break;
|
||||
case SSL_HASH_SHA512:
|
||||
*md_alg = POLARSSL_MD_SHA512;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
SSL_DEBUG_MSG( 2, ( "Server used unsupported HashAlgorithm %d", *(p)[0] ) );
|
||||
SSL_DEBUG_MSG( 2, ( "server used unsupported "
|
||||
"SignatureAlgorithm %d", (*p)[1] ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
|
||||
@ -1220,7 +1236,8 @@ static int ssl_parse_signature_algorithm( ssl_context *ssl,
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
|
||||
static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
@ -1229,17 +1246,20 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
|
||||
unsigned char *p, *end;
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
size_t n;
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
size_t sig_len, params_len;
|
||||
unsigned char hash[64];
|
||||
md_type_t md_alg = POLARSSL_MD_NONE;
|
||||
unsigned int hashlen = 0;
|
||||
size_t hashlen;
|
||||
pk_type_t pk_alg = POLARSSL_PK_NONE;
|
||||
#endif
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
|
||||
|
||||
if( ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_RSA &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_PSK &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK )
|
||||
{
|
||||
@ -1288,8 +1308,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
|
||||
{
|
||||
@ -1298,7 +1320,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
|
||||
{
|
||||
@ -1331,54 +1354,69 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
params_len = p - ( ssl->in_msg + 4 );
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
/*
|
||||
* Handle the digitally-signed structure
|
||||
*/
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
if( ssl_parse_signature_algorithm( ssl, &p, end,
|
||||
&md_alg, &pk_alg ) != 0 )
|
||||
{
|
||||
if( ssl_parse_signature_algorithm( ssl, &p, end, &md_alg ) != 0 )
|
||||
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
|
||||
if( pk_alg != POLARSSL_PK_NONE )
|
||||
{
|
||||
if( pk_alg != ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info ) )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
}
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
else
|
||||
#endif
|
||||
{
|
||||
pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
|
||||
}
|
||||
|
||||
n = ( p[0] << 8 ) | p[1];
|
||||
/* Default hash for ECDSA is SHA-1 */
|
||||
if( pk_alg == POLARSSL_PK_ECDSA && md_alg == POLARSSL_MD_NONE )
|
||||
md_alg = POLARSSL_MD_SHA1;
|
||||
|
||||
/*
|
||||
* Read signature
|
||||
*/
|
||||
sig_len = ( p[0] << 8 ) | p[1];
|
||||
p += 2;
|
||||
|
||||
if( end != p + n )
|
||||
if( end != p + sig_len )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
|
||||
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk,
|
||||
POLARSSL_PK_RSA ) )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
if( 8 * (unsigned int)( end - p ) !=
|
||||
pk_get_size( &ssl->session_negotiate->peer_cert->pk ) )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||
}
|
||||
SSL_DEBUG_BUF( 3, "signature", p, sig_len );
|
||||
|
||||
/*
|
||||
* Compute the hash that has been signed
|
||||
*/
|
||||
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
|
||||
defined(POLARSSL_SSL_PROTO_TLS1_1)
|
||||
if( ssl->minor_ver != SSL_MINOR_VERSION_3 )
|
||||
if( md_alg == POLARSSL_MD_NONE )
|
||||
{
|
||||
md5_context md5;
|
||||
sha1_context sha1;
|
||||
|
||||
hashlen = 36;
|
||||
|
||||
/*
|
||||
* digitally-signed struct {
|
||||
* opaque md5_hash[16];
|
||||
@ -1392,30 +1430,25 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
* SHA(ClientHello.random + ServerHello.random
|
||||
* + ServerParams);
|
||||
*/
|
||||
n = ssl->in_hslen - ( end - p ) - 6;
|
||||
|
||||
md5_starts( &md5 );
|
||||
md5_update( &md5, ssl->handshake->randbytes, 64 );
|
||||
md5_update( &md5, ssl->in_msg + 4, n );
|
||||
md5_update( &md5, ssl->in_msg + 4, params_len );
|
||||
md5_finish( &md5, hash );
|
||||
|
||||
sha1_starts( &sha1 );
|
||||
sha1_update( &sha1, ssl->handshake->randbytes, 64 );
|
||||
sha1_update( &sha1, ssl->in_msg + 4, n );
|
||||
sha1_update( &sha1, ssl->in_msg + 4, params_len );
|
||||
sha1_finish( &sha1, hash + 16 );
|
||||
|
||||
md_alg = POLARSSL_MD_NONE;
|
||||
hashlen = 36;
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
|
||||
POLARSSL_SSL_PROTO_TLS1_1 */
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
if( md_alg != POLARSSL_MD_NONE )
|
||||
{
|
||||
md_context_t ctx;
|
||||
|
||||
n = ssl->in_hslen - ( end - p ) - 8;
|
||||
/* Info from md_alg will be used instead */
|
||||
hashlen = 0;
|
||||
|
||||
/*
|
||||
* digitally-signed struct {
|
||||
@ -1432,27 +1465,38 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
|
||||
|
||||
md_starts( &ctx );
|
||||
md_update( &ctx, ssl->handshake->randbytes, 64 );
|
||||
md_update( &ctx, ssl->in_msg + 4, n );
|
||||
md_update( &ctx, ssl->in_msg + 4, params_len );
|
||||
md_finish( &ctx, hash );
|
||||
md_free_ctx( &ctx );
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
/* Should never happen */
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
|
||||
SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
|
||||
|
||||
if( ( ret = rsa_pkcs1_verify(
|
||||
pk_rsa( ssl->session_negotiate->peer_cert->pk ),
|
||||
RSA_PUBLIC, md_alg, hashlen, hash, p ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "rsa_pkcs1_verify", ret );
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
|
||||
(unsigned int) ( md_info_from_type( md_alg ) )->size );
|
||||
|
||||
/*
|
||||
* Verify signature
|
||||
*/
|
||||
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
|
||||
return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
if( ( ret = pk_verify( &ssl->session_negotiate->peer_cert->pk,
|
||||
md_alg, hash, hashlen, p, sig_len ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "pk_verify", ret );
|
||||
return( ret );
|
||||
}
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
exit:
|
||||
ssl->state++;
|
||||
@ -1666,8 +1710,10 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
/*
|
||||
* ECDH key exchange -- send client public value
|
||||
@ -1698,7 +1744,8 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
||||
SSL_DEBUG_MPI( 3, "ECDH: z", &ssl->handshake->ecdh_ctx.z );
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
|
||||
{
|
||||
@ -1829,29 +1876,27 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
|
||||
return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
||||
i = 4;
|
||||
n = pk_get_size( &ssl->session_negotiate->peer_cert->pk ) / 8;
|
||||
i = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 4 : 6;
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
|
||||
defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver != SSL_MINOR_VERSION_0 )
|
||||
{
|
||||
i += 2;
|
||||
ssl->out_msg[4] = (unsigned char)( n >> 8 );
|
||||
ssl->out_msg[5] = (unsigned char)( n );
|
||||
}
|
||||
#endif
|
||||
|
||||
ret = rsa_pkcs1_encrypt(
|
||||
pk_rsa( ssl->session_negotiate->peer_cert->pk ),
|
||||
ssl->f_rng, ssl->p_rng, RSA_PUBLIC,
|
||||
ssl->handshake->pmslen, ssl->handshake->premaster,
|
||||
ssl->out_msg + i );
|
||||
ret = pk_encrypt( &ssl->session_negotiate->peer_cert->pk,
|
||||
ssl->handshake->premaster, ssl->handshake->pmslen,
|
||||
ssl->out_msg + i, &n, SSL_BUFFER_LEN,
|
||||
ssl->f_rng, ssl->p_rng );
|
||||
if( ret != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
|
||||
defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver != SSL_MINOR_VERSION_0 )
|
||||
{
|
||||
ssl->out_msg[4] = (unsigned char)( n >> 8 );
|
||||
ssl->out_msg[5] = (unsigned char)( n );
|
||||
}
|
||||
#endif
|
||||
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
|
||||
@ -1910,8 +1955,9 @@ static int ssl_write_certificate_verify( ssl_context *ssl )
|
||||
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
|
||||
size_t n = 0, offset = 0;
|
||||
unsigned char hash[48];
|
||||
unsigned char *hash_start = hash;
|
||||
md_type_t md_alg = POLARSSL_MD_NONE;
|
||||
unsigned int hashlen = 0;
|
||||
unsigned int hashlen;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) );
|
||||
|
||||
@ -1930,7 +1976,7 @@ static int ssl_write_certificate_verify( ssl_context *ssl )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
if( ssl->rsa_key == NULL )
|
||||
if( ssl->pk_key == NULL )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "got no private key" ) );
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
@ -1959,6 +2005,16 @@ static int ssl_write_certificate_verify( ssl_context *ssl )
|
||||
*/
|
||||
hashlen = 36;
|
||||
md_alg = POLARSSL_MD_NONE;
|
||||
|
||||
/*
|
||||
* For ECDSA, default hash is SHA-1 only
|
||||
*/
|
||||
if( pk_can_do( ssl->pk_key, POLARSSL_PK_ECDSA ) )
|
||||
{
|
||||
hash_start += 16;
|
||||
hashlen -= 16;
|
||||
md_alg = POLARSSL_MD_SHA1;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
|
||||
@ -1986,41 +2042,36 @@ static int ssl_write_certificate_verify( ssl_context *ssl )
|
||||
{
|
||||
md_alg = POLARSSL_MD_SHA384;
|
||||
ssl->out_msg[4] = SSL_HASH_SHA384;
|
||||
ssl->out_msg[5] = SSL_SIG_RSA;
|
||||
}
|
||||
else
|
||||
{
|
||||
md_alg = POLARSSL_MD_SHA256;
|
||||
ssl->out_msg[4] = SSL_HASH_SHA256;
|
||||
ssl->out_msg[5] = SSL_SIG_RSA;
|
||||
}
|
||||
ssl->out_msg[5] = ssl_sig_from_pk( ssl->pk_key );
|
||||
|
||||
/* Info from md_alg will be used instead */
|
||||
hashlen = 0;
|
||||
offset = 2;
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
if ( ssl->rsa_key )
|
||||
n = ssl->rsa_key_len ( ssl->rsa_key );
|
||||
if( ( ret = pk_sign( ssl->pk_key, md_alg, hash_start, hashlen,
|
||||
ssl->out_msg + 6 + offset, &n,
|
||||
ssl->f_rng, ssl->p_rng ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "pk_sign", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
ssl->out_msg[4 + offset] = (unsigned char)( n >> 8 );
|
||||
ssl->out_msg[5 + offset] = (unsigned char)( n );
|
||||
|
||||
if( ssl->rsa_key )
|
||||
{
|
||||
ret = ssl->rsa_sign( ssl->rsa_key, ssl->f_rng, ssl->p_rng,
|
||||
RSA_PRIVATE, md_alg,
|
||||
hashlen, hash, ssl->out_msg + 6 + offset );
|
||||
}
|
||||
|
||||
if (ret != 0)
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "pkcs1_sign", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
ssl->out_msglen = 6 + n + offset;
|
||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||
ssl->out_msg[0] = SSL_HS_CERTIFICATE_VERIFY;
|
||||
|
@ -445,12 +445,10 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
|
||||
p = buf + 2;
|
||||
while( sig_alg_list_size > 0 )
|
||||
{
|
||||
if( p[1] != SSL_SIG_RSA )
|
||||
{
|
||||
sig_alg_list_size -= 2;
|
||||
p += 2;
|
||||
continue;
|
||||
}
|
||||
/*
|
||||
* For now, just ignore signature algorithm and rely on offered
|
||||
* ciphersuites only. To be fixed later.
|
||||
*/
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
if( p[0] == SSL_HASH_SHA512 )
|
||||
{
|
||||
@ -916,6 +914,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
|
||||
int handshake_failure = 0;
|
||||
const int *ciphersuites;
|
||||
const ssl_ciphersuite_t *ciphersuite_info;
|
||||
pk_type_t pk_alg;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> parse client hello" ) );
|
||||
|
||||
@ -1311,7 +1310,7 @@ static int ssl_parse_client_hello( ssl_context *ssl )
|
||||
|
||||
if( ciphersuite_info == NULL )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "ciphersuite info for %02x not found",
|
||||
SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found",
|
||||
ciphersuites[i] ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_INPUT_DATA );
|
||||
}
|
||||
@ -1326,6 +1325,14 @@ static int ssl_parse_client_hello( ssl_context *ssl )
|
||||
continue;
|
||||
#endif
|
||||
|
||||
/* If ciphersuite requires us to have a private key of a
|
||||
* certain type, make sure we do */
|
||||
pk_alg = ssl_get_ciphersuite_sig_pk_alg( ciphersuite_info );
|
||||
if( pk_alg != POLARSSL_PK_NONE &&
|
||||
( ssl->pk_key == NULL ||
|
||||
! pk_can_do( ssl->pk_key, pk_alg ) ) )
|
||||
continue;
|
||||
|
||||
goto have_ciphersuite;
|
||||
}
|
||||
}
|
||||
@ -1611,9 +1618,9 @@ static int ssl_write_server_hello( ssl_context *ssl )
|
||||
*p++ = (unsigned char)( ssl->session_negotiate->ciphersuite );
|
||||
*p++ = (unsigned char)( ssl->session_negotiate->compression );
|
||||
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %d",
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: 0x%04X",
|
||||
ssl->session_negotiate->ciphersuite ) );
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: %d",
|
||||
SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X",
|
||||
ssl->session_negotiate->compression ) );
|
||||
|
||||
/*
|
||||
@ -1684,7 +1691,8 @@ static int ssl_write_certificate_request( ssl_context *ssl )
|
||||
{
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
|
||||
size_t n = 0, dn_size, total_dn_size;
|
||||
size_t dn_size, total_dn_size; /* excluding length bytes */
|
||||
size_t ct_len, sa_len; /* including length bytes */
|
||||
unsigned char *buf, *p;
|
||||
const x509_cert *crt;
|
||||
|
||||
@ -1716,39 +1724,75 @@ static int ssl_write_certificate_request( ssl_context *ssl )
|
||||
p = buf + 4;
|
||||
|
||||
/*
|
||||
* At the moment, only RSA certificates are supported
|
||||
* Supported certificate types
|
||||
*
|
||||
* ClientCertificateType certificate_types<1..2^8-1>;
|
||||
* enum { (255) } ClientCertificateType;
|
||||
*/
|
||||
*p++ = 1;
|
||||
*p++ = SSL_CERT_TYPE_RSA_SIGN;
|
||||
ct_len = 0;
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
p[1 + ct_len++] = SSL_CERT_TYPE_RSA_SIGN;
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
p[1 + ct_len++] = SSL_CERT_TYPE_ECDSA_SIGN;
|
||||
#endif
|
||||
|
||||
p[0] = ct_len++;
|
||||
p += ct_len;
|
||||
|
||||
sa_len = 0;
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
/*
|
||||
* Add signature_algorithms for verify (TLS 1.2)
|
||||
* Only add current running algorithm that is already required for
|
||||
* requested ciphersuite.
|
||||
*
|
||||
* Length is always 2
|
||||
* SignatureAndHashAlgorithm supported_signature_algorithms<2..2^16-2>;
|
||||
*
|
||||
* struct {
|
||||
* HashAlgorithm hash;
|
||||
* SignatureAlgorithm signature;
|
||||
* } SignatureAndHashAlgorithm;
|
||||
*
|
||||
* enum { (255) } HashAlgorithm;
|
||||
* enum { (255) } SignatureAlgorithm;
|
||||
*/
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
/*
|
||||
* Only use current running hash algorithm that is already required
|
||||
* for requested ciphersuite.
|
||||
*/
|
||||
ssl->handshake->verify_sig_alg = SSL_HASH_SHA256;
|
||||
|
||||
*p++ = 0;
|
||||
*p++ = 2;
|
||||
|
||||
if( ssl->transform_negotiate->ciphersuite_info->mac ==
|
||||
POLARSSL_MD_SHA384 )
|
||||
{
|
||||
ssl->handshake->verify_sig_alg = SSL_HASH_SHA384;
|
||||
}
|
||||
|
||||
*p++ = ssl->handshake->verify_sig_alg;
|
||||
*p++ = SSL_SIG_RSA;
|
||||
/*
|
||||
* Supported signature algorithms
|
||||
*/
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
p[2 + sa_len++] = ssl->handshake->verify_sig_alg;
|
||||
p[2 + sa_len++] = SSL_SIG_RSA;
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
p[2 + sa_len++] = ssl->handshake->verify_sig_alg;
|
||||
p[2 + sa_len++] = SSL_SIG_ECDSA;
|
||||
#endif
|
||||
|
||||
n += 4;
|
||||
p[0] = (unsigned char)( sa_len >> 8 );
|
||||
p[1] = (unsigned char)( sa_len );
|
||||
sa_len += 2;
|
||||
p += sa_len;
|
||||
}
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
|
||||
/*
|
||||
* DistinguishedName certificate_authorities<0..2^16-1>;
|
||||
* opaque DistinguishedName<1..2^16-1>;
|
||||
*/
|
||||
p += 2;
|
||||
crt = ssl->ca_chain;
|
||||
|
||||
@ -1773,8 +1817,8 @@ static int ssl_write_certificate_request( ssl_context *ssl )
|
||||
ssl->out_msglen = p - buf;
|
||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||
ssl->out_msg[0] = SSL_HS_CERTIFICATE_REQUEST;
|
||||
ssl->out_msg[6 + n] = (unsigned char)( total_dn_size >> 8 );
|
||||
ssl->out_msg[7 + n] = (unsigned char)( total_dn_size );
|
||||
ssl->out_msg[4 + ct_len + sa_len] = (unsigned char)( total_dn_size >> 8 );
|
||||
ssl->out_msg[5 + ct_len + sa_len] = (unsigned char)( total_dn_size );
|
||||
|
||||
ret = ssl_write_record( ssl );
|
||||
|
||||
@ -1794,8 +1838,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
md_type_t md_alg = POLARSSL_MD_NONE;
|
||||
unsigned int hashlen = 0;
|
||||
unsigned char *p = ssl->out_msg + 4;
|
||||
unsigned char *dig_sig = p;
|
||||
size_t dig_sig_len = 0;
|
||||
unsigned char *dig_signed = p;
|
||||
size_t dig_signed_len = 0;
|
||||
|
||||
const ssl_ciphersuite_t *ciphersuite_info;
|
||||
ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
|
||||
@ -1804,6 +1848,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
|
||||
if( ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_RSA &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA &&
|
||||
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK )
|
||||
{
|
||||
SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) );
|
||||
@ -1811,14 +1856,6 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( ssl->rsa_key == NULL )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "got no private key" ) );
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
|
||||
{
|
||||
@ -1860,8 +1897,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
dig_sig = p;
|
||||
dig_sig_len = len;
|
||||
dig_signed = p;
|
||||
dig_signed_len = len;
|
||||
|
||||
p += len;
|
||||
n += len;
|
||||
@ -1874,8 +1911,10 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
/*
|
||||
* Ephemeral ECDH parameters:
|
||||
@ -1901,26 +1940,61 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
return( ret );
|
||||
}
|
||||
|
||||
dig_sig = p;
|
||||
dig_sig_len = len;
|
||||
dig_signed = p;
|
||||
dig_signed_len = len;
|
||||
|
||||
p += len;
|
||||
n += len;
|
||||
|
||||
SSL_DEBUG_ECP( 3, "ECDH: Q ", &ssl->handshake->ecdh_ctx.Q );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
size_t rsa_key_len = 0;
|
||||
size_t signature_len = 0;
|
||||
|
||||
/*
|
||||
* Choose hash algorithm. NONE means MD5 + SHA1 here.
|
||||
*/
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
md_alg = ssl_md_alg_from_hash( ssl->handshake->sig_alg );
|
||||
|
||||
if( md_alg == POLARSSL_MD_NONE )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
|
||||
defined(POLARSSL_SSL_PROTO_TLS1_1)
|
||||
if( ssl->minor_ver != SSL_MINOR_VERSION_3 )
|
||||
if ( ciphersuite_info->key_exchange ==
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
md_alg = POLARSSL_MD_SHA1;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
md_alg = POLARSSL_MD_NONE;
|
||||
}
|
||||
|
||||
/*
|
||||
* Compute the hash to be signed
|
||||
*/
|
||||
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
|
||||
defined(POLARSSL_SSL_PROTO_TLS1_1)
|
||||
if( md_alg == POLARSSL_MD_NONE )
|
||||
{
|
||||
md5_context md5;
|
||||
sha1_context sha1;
|
||||
@ -1940,25 +2014,26 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
*/
|
||||
md5_starts( &md5 );
|
||||
md5_update( &md5, ssl->handshake->randbytes, 64 );
|
||||
md5_update( &md5, dig_sig, dig_sig_len );
|
||||
md5_update( &md5, dig_signed, dig_signed_len );
|
||||
md5_finish( &md5, hash );
|
||||
|
||||
sha1_starts( &sha1 );
|
||||
sha1_update( &sha1, ssl->handshake->randbytes, 64 );
|
||||
sha1_update( &sha1, dig_sig, dig_sig_len );
|
||||
sha1_update( &sha1, dig_signed, dig_signed_len );
|
||||
sha1_finish( &sha1, hash + 16 );
|
||||
|
||||
hashlen = 36;
|
||||
md_alg = POLARSSL_MD_NONE;
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_SSL3 || POLARSSL_SSL_PROTO_TLS1 || \
|
||||
POLARSSL_SSL_PROTO_TLS1_1 */
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
if( md_alg != POLARSSL_MD_NONE )
|
||||
{
|
||||
md_context_t ctx;
|
||||
|
||||
/* Info from md_alg will be used instead */
|
||||
hashlen = 0;
|
||||
|
||||
/*
|
||||
* digitally-signed struct {
|
||||
* opaque client_random[32];
|
||||
@ -1966,39 +2041,6 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
* ServerDHParams params;
|
||||
* };
|
||||
*/
|
||||
switch( ssl->handshake->sig_alg )
|
||||
{
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
case SSL_HASH_MD5:
|
||||
md_alg = POLARSSL_MD_MD5;
|
||||
break;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
case SSL_HASH_SHA1:
|
||||
md_alg = POLARSSL_MD_SHA1;
|
||||
break;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
case SSL_HASH_SHA224:
|
||||
md_alg = POLARSSL_MD_SHA224;
|
||||
break;
|
||||
case SSL_HASH_SHA256:
|
||||
md_alg = POLARSSL_MD_SHA256;
|
||||
break;
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
case SSL_HASH_SHA384:
|
||||
md_alg = POLARSSL_MD_SHA384;
|
||||
break;
|
||||
case SSL_HASH_SHA512:
|
||||
md_alg = POLARSSL_MD_SHA512;
|
||||
break;
|
||||
#endif
|
||||
default:
|
||||
/* Should never happen */
|
||||
return( -1 );
|
||||
}
|
||||
|
||||
if( ( ret = md_init_ctx( &ctx, md_info_from_type(md_alg) ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "md_init_ctx", ret );
|
||||
@ -2007,7 +2049,7 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
|
||||
md_starts( &ctx );
|
||||
md_update( &ctx, ssl->handshake->randbytes, 64 );
|
||||
md_update( &ctx, dig_sig, dig_sig_len );
|
||||
md_update( &ctx, dig_signed, dig_signed_len );
|
||||
md_finish( &ctx, hash );
|
||||
|
||||
if( ( ret = md_free_ctx( &ctx ) ) != 0 )
|
||||
@ -2018,48 +2060,53 @@ static int ssl_write_server_key_exchange( ssl_context *ssl )
|
||||
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen );
|
||||
SSL_DEBUG_BUF( 3, "parameters hash", hash, hashlen != 0 ? hashlen :
|
||||
(unsigned int) ( md_info_from_type( md_alg ) )->size );
|
||||
|
||||
if ( ssl->rsa_key )
|
||||
rsa_key_len = ssl->rsa_key_len( ssl->rsa_key );
|
||||
/*
|
||||
* Make the signature
|
||||
*/
|
||||
if( ssl->pk_key == NULL )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "got no private key" ) );
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
*(p++) = ssl->handshake->sig_alg;
|
||||
*(p++) = SSL_SIG_RSA;
|
||||
*(p++) = ssl_sig_from_pk( ssl->pk_key );
|
||||
|
||||
n += 2;
|
||||
}
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
|
||||
*(p++) = (unsigned char)( rsa_key_len >> 8 );
|
||||
*(p++) = (unsigned char)( rsa_key_len );
|
||||
n += 2;
|
||||
|
||||
if ( ssl->rsa_key )
|
||||
if( ( ret = pk_sign( ssl->pk_key, md_alg, hash, hashlen,
|
||||
p + 2 , &signature_len,
|
||||
ssl->f_rng, ssl->p_rng ) ) != 0 )
|
||||
{
|
||||
ret = ssl->rsa_sign( ssl->rsa_key, ssl->f_rng, ssl->p_rng,
|
||||
RSA_PRIVATE, md_alg, hashlen, hash, p );
|
||||
}
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "pkcs1_sign", ret );
|
||||
SSL_DEBUG_RET( 1, "pk_sign", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 3, "my RSA sig", p, rsa_key_len );
|
||||
*(p++) = (unsigned char)( signature_len >> 8 );
|
||||
*(p++) = (unsigned char)( signature_len );
|
||||
n += 2;
|
||||
|
||||
p += rsa_key_len;
|
||||
n += rsa_key_len;
|
||||
SSL_DEBUG_BUF( 3, "my signature", p, signature_len );
|
||||
|
||||
p += signature_len;
|
||||
n += signature_len;
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
ssl->out_msglen = 4 + n;
|
||||
ssl->out_msgtype = SSL_MSG_HANDSHAKE;
|
||||
@ -2141,7 +2188,8 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p,
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
static int ssl_parse_client_ecdh_public( ssl_context *ssl )
|
||||
{
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
@ -2170,7 +2218,8 @@ static int ssl_parse_client_ecdh_public( ssl_context *ssl )
|
||||
|
||||
return( ret );
|
||||
}
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
|
||||
static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
|
||||
@ -2178,9 +2227,9 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
size_t i, n = 0;
|
||||
|
||||
if( ssl->rsa_key == NULL )
|
||||
if( ! pk_can_do( ssl->pk_key, POLARSSL_PK_RSA ) )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "got no private key" ) );
|
||||
SSL_DEBUG_MSG( 1, ( "got no RSA private key" ) );
|
||||
return( POLARSSL_ERR_SSL_PRIVATE_KEY_REQUIRED );
|
||||
}
|
||||
|
||||
@ -2188,8 +2237,7 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
|
||||
* Decrypt the premaster using own private RSA key
|
||||
*/
|
||||
i = 4;
|
||||
if( ssl->rsa_key )
|
||||
n = ssl->rsa_key_len( ssl->rsa_key );
|
||||
n = pk_get_len( ssl->pk_key );
|
||||
ssl->handshake->pmslen = 48;
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
|
||||
@ -2212,13 +2260,11 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl )
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
|
||||
}
|
||||
|
||||
if( ssl->rsa_key ) {
|
||||
ret = ssl->rsa_decrypt( ssl->rsa_key, RSA_PRIVATE,
|
||||
&ssl->handshake->pmslen,
|
||||
ssl->in_msg + i,
|
||||
ssl->handshake->premaster,
|
||||
sizeof(ssl->handshake->premaster) );
|
||||
}
|
||||
ret = pk_decrypt( ssl->pk_key,
|
||||
ssl->in_msg + i, n,
|
||||
ssl->handshake->premaster, &ssl->handshake->pmslen,
|
||||
sizeof(ssl->handshake->premaster),
|
||||
ssl->f_rng, ssl->p_rng );
|
||||
|
||||
if( ret != 0 || ssl->handshake->pmslen != 48 ||
|
||||
ssl->handshake->premaster[0] != ssl->handshake->max_major_ver ||
|
||||
@ -2346,8 +2392,10 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA )
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
|
||||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
|
||||
{
|
||||
if( ( ret = ssl_parse_client_ecdh_public( ssl ) ) != 0 )
|
||||
{
|
||||
@ -2367,7 +2415,8 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
||||
SSL_DEBUG_MPI( 3, "ECDH: z ", &ssl->handshake->ecdh_ctx.z );
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
||||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
|
||||
{
|
||||
@ -2415,6 +2464,8 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
||||
*(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len >> 8 );
|
||||
*(p++) = (unsigned char)( ssl->handshake->dhm_ctx.len );
|
||||
|
||||
n = ssl->handshake->dhm_ctx.len;
|
||||
|
||||
if( ( ret = dhm_calc_secret( &ssl->handshake->dhm_ctx,
|
||||
p, &n ) ) != 0 )
|
||||
{
|
||||
@ -2453,6 +2504,7 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl )
|
||||
else
|
||||
#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
@ -2493,10 +2545,14 @@ static int ssl_parse_certificate_verify( ssl_context *ssl )
|
||||
static int ssl_parse_certificate_verify( ssl_context *ssl )
|
||||
{
|
||||
int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE;
|
||||
size_t n = 0, n1, n2;
|
||||
size_t sa_len, sig_len;
|
||||
unsigned char hash[48];
|
||||
md_type_t md_alg = POLARSSL_MD_NONE;
|
||||
unsigned int hashlen = 0;
|
||||
unsigned char *hash_start = hash;
|
||||
size_t hashlen;
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
pk_type_t pk_alg;
|
||||
#endif
|
||||
md_type_t md_alg;
|
||||
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
|
||||
|
||||
SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) );
|
||||
@ -2538,63 +2594,94 @@ static int ssl_parse_certificate_verify( ssl_context *ssl )
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
/*
|
||||
* As server we know we either have SSL_HASH_SHA384 or
|
||||
* SSL_HASH_SHA256
|
||||
* 0 . 0 handshake type
|
||||
* 1 . 3 handshake length
|
||||
* 4 . 5 sig alg (TLS 1.2 only)
|
||||
* 4+n . 5+n signature length (n = sa_len)
|
||||
* 6+n . 6+n+m signature (m = sig_len)
|
||||
*/
|
||||
if( ssl->in_msg[4] != ssl->handshake->verify_sig_alg ||
|
||||
ssl->in_msg[5] != SSL_SIG_RSA )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg for verify message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
}
|
||||
|
||||
if( ssl->handshake->verify_sig_alg == SSL_HASH_SHA384 )
|
||||
md_alg = POLARSSL_MD_SHA384;
|
||||
else
|
||||
md_alg = POLARSSL_MD_SHA256;
|
||||
|
||||
n += 2;
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
#if defined(POLARSSL_SSL_PROTO_SSL3) || defined(POLARSSL_SSL_PROTO_TLS1) || \
|
||||
defined(POLARSSL_SSL_PROTO_TLS1_1)
|
||||
if( ssl->minor_ver != SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
hashlen = 36;
|
||||
sa_len = 0;
|
||||
|
||||
md_alg = POLARSSL_MD_NONE;
|
||||
hashlen = 36;
|
||||
|
||||
/* For ECDSA, use SHA-1, not MD-5 + SHA-1 */
|
||||
if( pk_can_do( &ssl->session_negotiate->peer_cert->pk,
|
||||
POLARSSL_PK_ECDSA ) )
|
||||
{
|
||||
hash_start += 16;
|
||||
hashlen -= 16;
|
||||
md_alg = POLARSSL_MD_SHA1;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif
|
||||
/* Should never happen */
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
|
||||
/* EC NOT IMPLEMENTED YET */
|
||||
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk,
|
||||
POLARSSL_PK_RSA ) )
|
||||
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
|
||||
if( ssl->minor_ver == SSL_MINOR_VERSION_3 )
|
||||
{
|
||||
sa_len = 2;
|
||||
|
||||
/*
|
||||
* Hash
|
||||
*/
|
||||
if( ssl->in_msg[4] != ssl->handshake->verify_sig_alg )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
|
||||
" for verify message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
}
|
||||
|
||||
md_alg = ssl_md_alg_from_hash( ssl->handshake->verify_sig_alg );
|
||||
|
||||
/* Info from md_alg will be used instead */
|
||||
hashlen = 0;
|
||||
|
||||
/*
|
||||
* Signature
|
||||
*/
|
||||
if( ( pk_alg = ssl_pk_alg_from_sig( ssl->in_msg[5] ) )
|
||||
== POLARSSL_PK_NONE )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "peer not adhering to requested sig_alg"
|
||||
" for verify message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
}
|
||||
|
||||
/*
|
||||
* Check the certificate's key type matches the signature alg
|
||||
*/
|
||||
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, pk_alg ) )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "sig_alg doesn't match cert key" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
n1 = pk_get_size( &ssl->session_negotiate->peer_cert->pk ) / 8;
|
||||
n2 = ( ssl->in_msg[4 + n] << 8 ) | ssl->in_msg[5 + n];
|
||||
sig_len = ( ssl->in_msg[4 + sa_len] << 8 ) | ssl->in_msg[5 + sa_len];
|
||||
|
||||
if( n + n1 + 6 != ssl->in_hslen || n1 != n2 )
|
||||
if( sa_len + sig_len + 6 != ssl->in_hslen )
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "bad certificate verify message" ) );
|
||||
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
|
||||
}
|
||||
|
||||
ret = rsa_pkcs1_verify( pk_rsa( ssl->session_negotiate->peer_cert->pk ),
|
||||
RSA_PUBLIC, md_alg, hashlen, hash,
|
||||
ssl->in_msg + 6 + n );
|
||||
if( ret != 0 )
|
||||
if( ( ret = pk_verify( &ssl->session_negotiate->peer_cert->pk,
|
||||
md_alg, hash_start, hashlen,
|
||||
ssl->in_msg + 6 + sa_len, sig_len ) ) != 0 )
|
||||
{
|
||||
SSL_DEBUG_RET( 1, "rsa_pkcs1_verify", ret );
|
||||
SSL_DEBUG_RET( 1, "pk_verify", ret );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
@ -131,30 +131,6 @@ int (*ssl_hw_record_read)(ssl_context *ssl) = NULL;
|
||||
int (*ssl_hw_record_finish)(ssl_context *ssl) = NULL;
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
static int ssl_rsa_decrypt( void *ctx, int mode, size_t *olen,
|
||||
const unsigned char *input, unsigned char *output,
|
||||
size_t output_max_len )
|
||||
{
|
||||
return rsa_pkcs1_decrypt( (rsa_context *) ctx, mode, olen, input, output,
|
||||
output_max_len );
|
||||
}
|
||||
|
||||
static int ssl_rsa_sign( void *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
||||
int mode, int hash_id, unsigned int hashlen,
|
||||
const unsigned char *hash, unsigned char *sig )
|
||||
{
|
||||
return rsa_pkcs1_sign( (rsa_context *) ctx, f_rng, p_rng, mode, hash_id,
|
||||
hashlen, hash, sig );
|
||||
}
|
||||
|
||||
static size_t ssl_rsa_key_len( void *ctx )
|
||||
{
|
||||
return ( (rsa_context *) ctx )->len;
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
/*
|
||||
* Key material generation
|
||||
*/
|
||||
@ -461,8 +437,10 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
else
|
||||
#endif
|
||||
#endif
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
/*
|
||||
* SSLv3:
|
||||
@ -636,8 +614,10 @@ int ssl_derive_keys( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
|
||||
if( ssl_hw_record_init != NULL)
|
||||
@ -924,8 +904,10 @@ static int ssl_encrypt_buf( ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 4, "computed mac",
|
||||
ssl->out_msg + ssl->out_msglen, ssl->transform_out->maclen );
|
||||
@ -1356,9 +1338,11 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \
|
||||
POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 4, "raw buffer after decryption",
|
||||
ssl->in_msg, ssl->in_msglen );
|
||||
@ -1419,8 +1403,10 @@ static int ssl_decrypt_buf( ssl_context *ssl )
|
||||
else
|
||||
#endif /* POLARSSL_SSL_PROTO_TLS1 || POLARSSL_SSL_PROTO_TLS1_1 || \
|
||||
POLARSSL_SSL_PROTO_TLS1_2 */
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
|
||||
SSL_DEBUG_BUF( 4, "message mac", tmp, ssl->transform_in->maclen );
|
||||
SSL_DEBUG_BUF( 4, "computed mac", ssl->in_msg + ssl->in_msglen,
|
||||
@ -3000,12 +2986,6 @@ int ssl_init( ssl_context *ssl )
|
||||
/*
|
||||
* Sane defaults
|
||||
*/
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
ssl->rsa_decrypt = ssl_rsa_decrypt;
|
||||
ssl->rsa_sign = ssl_rsa_sign;
|
||||
ssl->rsa_key_len = ssl_rsa_key_len;
|
||||
#endif
|
||||
|
||||
ssl->min_major_ver = SSL_MIN_MAJOR_VERSION;
|
||||
ssl->min_minor_ver = SSL_MIN_MINOR_VERSION;
|
||||
ssl->max_major_ver = SSL_MAX_MAJOR_VERSION;
|
||||
@ -3287,23 +3267,55 @@ void ssl_set_ca_chain( ssl_context *ssl, x509_cert *ca_chain,
|
||||
}
|
||||
|
||||
void ssl_set_own_cert( ssl_context *ssl, x509_cert *own_cert,
|
||||
rsa_context *rsa_key )
|
||||
pk_context *pk_key )
|
||||
{
|
||||
ssl->own_cert = own_cert;
|
||||
ssl->rsa_key = rsa_key;
|
||||
ssl->pk_key = pk_key;
|
||||
}
|
||||
|
||||
void ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
int ssl_set_own_cert_rsa( ssl_context *ssl, x509_cert *own_cert,
|
||||
rsa_context *rsa_key )
|
||||
{
|
||||
int ret;
|
||||
|
||||
ssl->own_cert = own_cert;
|
||||
|
||||
if( ( ssl->pk_key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
|
||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
||||
|
||||
ssl->pk_key_own_alloc = 1;
|
||||
|
||||
pk_init( ssl->pk_key );
|
||||
|
||||
ret = pk_init_ctx( ssl->pk_key, pk_info_from_type( POLARSSL_PK_RSA ) );
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
if( ( ret = rsa_copy( ssl->pk_key->pk_ctx, rsa_key ) ) != 0 )
|
||||
return( ret );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
#endif /* POLARSSL_RSA_C */
|
||||
|
||||
int ssl_set_own_cert_alt( ssl_context *ssl, x509_cert *own_cert,
|
||||
void *rsa_key,
|
||||
rsa_decrypt_func rsa_decrypt,
|
||||
rsa_sign_func rsa_sign,
|
||||
rsa_key_len_func rsa_key_len )
|
||||
{
|
||||
ssl->own_cert = own_cert;
|
||||
ssl->rsa_key = rsa_key;
|
||||
ssl->rsa_decrypt = rsa_decrypt;
|
||||
ssl->rsa_sign = rsa_sign;
|
||||
ssl->rsa_key_len = rsa_key_len;
|
||||
|
||||
if( ( ssl->pk_key = polarssl_malloc( sizeof( pk_context ) ) ) == NULL )
|
||||
return( POLARSSL_ERR_SSL_MALLOC_FAILED );
|
||||
|
||||
ssl->pk_key_own_alloc = 1;
|
||||
|
||||
pk_init( ssl->pk_key );
|
||||
|
||||
return( pk_init_ctx_rsa_alt( ssl->pk_key, rsa_key,
|
||||
rsa_decrypt, rsa_sign, rsa_key_len ) );
|
||||
}
|
||||
#endif /* POLARSSL_X509_PARSE_C */
|
||||
|
||||
@ -3694,9 +3706,11 @@ int ssl_read( ssl_context *ssl, unsigned char *buf, size_t len )
|
||||
}
|
||||
else
|
||||
#endif
|
||||
/* Should never happen */
|
||||
{
|
||||
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
|
||||
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
if( ( ret = ssl_renegotiate( ssl ) ) != 0 )
|
||||
@ -3931,6 +3945,12 @@ void ssl_free( ssl_context *ssl )
|
||||
}
|
||||
#endif
|
||||
|
||||
if( ssl->pk_key_own_alloc )
|
||||
{
|
||||
pk_free( ssl->pk_key );
|
||||
polarssl_free( ssl->pk_key );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_SSL_HW_RECORD_ACCEL)
|
||||
if( ssl_hw_record_finish != NULL )
|
||||
{
|
||||
@ -3945,4 +3965,66 @@ void ssl_free( ssl_context *ssl )
|
||||
memset( ssl, 0, sizeof( ssl_context ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Get the SSL_SIG_* constant corresponding to a public key
|
||||
*/
|
||||
unsigned char ssl_sig_from_pk( pk_context *pk )
|
||||
{
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
if( pk_can_do( pk, POLARSSL_PK_RSA ) )
|
||||
return( SSL_SIG_RSA );
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
if( pk_can_do( pk, POLARSSL_PK_ECDSA ) )
|
||||
return( SSL_SIG_ECDSA );
|
||||
#endif
|
||||
return( SSL_SIG_ANON );
|
||||
}
|
||||
|
||||
pk_type_t ssl_pk_alg_from_sig( unsigned char sig )
|
||||
{
|
||||
switch( sig )
|
||||
{
|
||||
#if defined(POLARSSL_RSA_C)
|
||||
case SSL_SIG_RSA:
|
||||
return( POLARSSL_PK_RSA );
|
||||
#endif
|
||||
#if defined(POLARSSL_ECDSA_C)
|
||||
case SSL_SIG_ECDSA:
|
||||
return( POLARSSL_PK_ECDSA );
|
||||
#endif
|
||||
default:
|
||||
return( POLARSSL_PK_NONE );
|
||||
}
|
||||
}
|
||||
|
||||
md_type_t ssl_md_alg_from_hash( unsigned char hash )
|
||||
{
|
||||
switch( hash )
|
||||
{
|
||||
#if defined(POLARSSL_MD5_C)
|
||||
case SSL_HASH_MD5:
|
||||
return( POLARSSL_MD_MD5 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
case SSL_HASH_SHA1:
|
||||
return( POLARSSL_MD_SHA1 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
case SSL_HASH_SHA224:
|
||||
return( POLARSSL_MD_SHA224 );
|
||||
case SSL_HASH_SHA256:
|
||||
return( POLARSSL_MD_SHA256 );
|
||||
#endif
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
case SSL_HASH_SHA384:
|
||||
return( POLARSSL_MD_SHA384 );
|
||||
case SSL_HASH_SHA512:
|
||||
return( POLARSSL_MD_SHA512 );
|
||||
#endif
|
||||
default:
|
||||
return( POLARSSL_MD_NONE );
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
|
@ -605,8 +605,9 @@ static int x509_get_pubkey( unsigned char **p,
|
||||
#if defined(POLARSSL_ECP_C)
|
||||
if( pk_alg == POLARSSL_PK_ECKEY_DH || pk_alg == POLARSSL_PK_ECKEY )
|
||||
{
|
||||
ret = x509_use_ecparams( &alg_params, &pk_ec( *pk )->grp ) ||
|
||||
x509_get_ecpubkey( p, end, pk_ec( *pk ) );
|
||||
ret = x509_use_ecparams( &alg_params, &pk_ec( *pk )->grp );
|
||||
if( ret == 0 )
|
||||
ret = x509_get_ecpubkey( p, end, pk_ec( *pk ) );
|
||||
} else
|
||||
#endif /* POLARSSL_ECP_C */
|
||||
ret = POLARSSL_ERR_X509_UNKNOWN_PK_ALG;
|
||||
@ -3936,7 +3937,7 @@ int x509_self_test( int verbose )
|
||||
size_t i, j;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
dhm_context dhm;
|
||||
#endif
|
||||
@ -3974,9 +3975,9 @@ int x509_self_test( int verbose )
|
||||
i = strlen( test_ca_key );
|
||||
j = strlen( test_ca_pwd );
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
pk_init( &pkey );
|
||||
|
||||
if( ( ret = x509parse_key_rsa( &rsa,
|
||||
if( ( ret = x509parse_key( &pkey,
|
||||
(const unsigned char *) test_ca_key, i,
|
||||
(const unsigned char *) test_ca_pwd, j ) ) != 0 )
|
||||
{
|
||||
@ -3989,12 +3990,14 @@ int x509_self_test( int verbose )
|
||||
if( verbose != 0 )
|
||||
printf( "passed\n X.509 signature verify: ");
|
||||
|
||||
ret = x509parse_verify( &clicert, &cacert, NULL, "PolarSSL Client 2", &flags, NULL, NULL );
|
||||
ret = x509parse_verify( &clicert, &cacert, NULL, NULL, &flags, NULL, NULL );
|
||||
if( ret != 0 )
|
||||
{
|
||||
if( verbose != 0 )
|
||||
printf( "failed\n" );
|
||||
|
||||
printf("ret = %d, &flags = %04x\n", ret, flags);
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
||||
@ -4019,7 +4022,7 @@ int x509_self_test( int verbose )
|
||||
|
||||
x509_free( &cacert );
|
||||
x509_free( &clicert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
#if defined(POLARSSL_DHM_C)
|
||||
dhm_free( &dhm );
|
||||
#endif
|
||||
|
@ -257,7 +257,7 @@ int main( int argc, char *argv[] )
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
#endif
|
||||
char *p, *q;
|
||||
const int *list;
|
||||
@ -271,7 +271,7 @@ int main( int argc, char *argv[] )
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
memset( &cacert, 0, sizeof( x509_cert ) );
|
||||
memset( &clicert, 0, sizeof( x509_cert ) );
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
pk_init( &pkey );
|
||||
#endif
|
||||
|
||||
if( argc == 0 )
|
||||
@ -626,11 +626,11 @@ int main( int argc, char *argv[] )
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
if( strlen( opt.key_file ) )
|
||||
ret = x509parse_keyfile_rsa( &rsa, opt.key_file, "" );
|
||||
ret = x509parse_keyfile( &pkey, opt.key_file, "" );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
ret = x509parse_key_rsa( &rsa, (const unsigned char *) test_cli_key,
|
||||
ret = x509parse_key( &pkey, (const unsigned char *) test_cli_key,
|
||||
strlen( test_cli_key ), NULL, 0 );
|
||||
#else
|
||||
{
|
||||
@ -640,7 +640,7 @@ int main( int argc, char *argv[] )
|
||||
#endif
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509parse_key_rsa returned -0x%x\n\n", -ret );
|
||||
printf( " failed\n ! x509parse_key returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@ -711,7 +711,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
|
||||
ssl_set_own_cert( &ssl, &clicert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &clicert, &pkey );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
@ -913,7 +913,7 @@ exit:
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
x509_free( &clicert );
|
||||
x509_free( &cacert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
#endif
|
||||
ssl_session_free( &saved_session );
|
||||
ssl_free( &ssl );
|
||||
|
@ -104,7 +104,7 @@ int main( int argc, char *argv[] )
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert srvcert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
|
||||
((void) argc);
|
||||
((void) argv);
|
||||
@ -139,7 +139,7 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* This demonstration program uses embedded test certificates.
|
||||
* Instead, you may want to use x509parse_crtfile() to read the
|
||||
* server and CA certificates, as well as x509parse_keyfile_rsa().
|
||||
* server and CA certificates, as well as x509parse_keyfile().
|
||||
*/
|
||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_srv_crt,
|
||||
strlen( test_srv_crt ) );
|
||||
@ -157,12 +157,12 @@ int main( int argc, char *argv[] )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
ret = x509parse_key_rsa( &rsa, (const unsigned char *) test_srv_key,
|
||||
pk_init( &pkey );
|
||||
ret = x509parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
strlen( test_srv_key ), NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509parse_key_rsa returned %d\n\n", ret );
|
||||
printf( " failed\n ! x509parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@ -265,7 +265,7 @@ int main( int argc, char *argv[] )
|
||||
net_send, &client_fd );
|
||||
|
||||
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &pkey );
|
||||
|
||||
/*
|
||||
* 5. Handshake
|
||||
@ -363,7 +363,7 @@ exit:
|
||||
|
||||
net_close( client_fd );
|
||||
x509_free( &srvcert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
|
||||
#if defined(_WIN32)
|
||||
|
@ -352,7 +352,7 @@ int main( int argc, char *argv[] )
|
||||
ssl_context ssl;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
int i;
|
||||
size_t n;
|
||||
char *p, *q;
|
||||
@ -364,7 +364,7 @@ int main( int argc, char *argv[] )
|
||||
server_fd = 0;
|
||||
memset( &cacert, 0, sizeof( x509_cert ) );
|
||||
memset( &clicert, 0, sizeof( x509_cert ) );
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
pk_init( &pkey );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
@ -532,11 +532,11 @@ int main( int argc, char *argv[] )
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
if( strlen( opt.key_file ) )
|
||||
ret = x509parse_keyfile_rsa( &rsa, opt.key_file, "" );
|
||||
ret = x509parse_keyfile( &pkey, opt.key_file, "" );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
ret = x509parse_key_rsa( &rsa, (const unsigned char *) test_cli_key,
|
||||
ret = x509parse_key( &pkey, (const unsigned char *) test_cli_key,
|
||||
strlen( test_cli_key ), NULL, 0 );
|
||||
#else
|
||||
{
|
||||
@ -546,7 +546,7 @@ int main( int argc, char *argv[] )
|
||||
#endif
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509parse_key_rsa returned %d\n\n", ret );
|
||||
printf( " failed\n ! x509parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@ -594,7 +594,7 @@ int main( int argc, char *argv[] )
|
||||
ssl_set_ciphersuites( &ssl, opt.force_ciphersuite );
|
||||
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, opt.server_name );
|
||||
ssl_set_own_cert( &ssl, &clicert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &clicert, &pkey );
|
||||
|
||||
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
|
||||
ssl_set_hostname( &ssl, opt.server_name );
|
||||
@ -791,7 +791,7 @@ exit:
|
||||
net_close( server_fd );
|
||||
x509_free( &clicert );
|
||||
x509_free( &cacert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
|
||||
#if defined(_WIN32)
|
||||
|
@ -94,7 +94,7 @@ int main( int argc, char *argv[] )
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert srvcert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context cache;
|
||||
#endif
|
||||
@ -117,7 +117,7 @@ int main( int argc, char *argv[] )
|
||||
/*
|
||||
* This demonstration program uses embedded test certificates.
|
||||
* Instead, you may want to use x509parse_crtfile() to read the
|
||||
* server and CA certificates, as well as x509parse_keyfile_rsa().
|
||||
* server and CA certificates, as well as x509parse_keyfile().
|
||||
*/
|
||||
ret = x509parse_crt( &srvcert, (const unsigned char *) test_srv_crt,
|
||||
strlen( test_srv_crt ) );
|
||||
@ -135,12 +135,12 @@ int main( int argc, char *argv[] )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
rsa_init( &rsa, RSA_PKCS_V15, 0 );
|
||||
ret = x509parse_key_rsa( &rsa, (const unsigned char *) test_srv_key,
|
||||
pk_init( &pkey );
|
||||
ret = x509parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
strlen( test_srv_key ), NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509parse_key_rsa returned %d\n\n", ret );
|
||||
printf( " failed\n ! x509parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@ -201,7 +201,7 @@ int main( int argc, char *argv[] )
|
||||
#endif
|
||||
|
||||
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &pkey );
|
||||
|
||||
printf( " ok\n" );
|
||||
|
||||
@ -364,7 +364,7 @@ exit:
|
||||
|
||||
net_close( client_fd );
|
||||
x509_free( &srvcert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_free( &cache );
|
||||
|
@ -215,7 +215,7 @@ int main( int argc, char *argv[] )
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
x509_cert cacert;
|
||||
x509_cert srvcert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
#endif
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_context cache;
|
||||
@ -239,7 +239,7 @@ int main( int argc, char *argv[] )
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
memset( &cacert, 0, sizeof( x509_cert ) );
|
||||
memset( &srvcert, 0, sizeof( x509_cert ) );
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
pk_init( &pkey );
|
||||
#endif
|
||||
#if defined(POLARSSL_SSL_CACHE_C)
|
||||
ssl_cache_init( &cache );
|
||||
@ -575,11 +575,11 @@ int main( int argc, char *argv[] )
|
||||
|
||||
#if defined(POLARSSL_FS_IO)
|
||||
if( strlen( opt.key_file ) )
|
||||
ret = x509parse_keyfile_rsa( &rsa, opt.key_file, "" );
|
||||
ret = x509parse_keyfile( &pkey, opt.key_file, "" );
|
||||
else
|
||||
#endif
|
||||
#if defined(POLARSSL_CERTS_C)
|
||||
ret = x509parse_key_rsa( &rsa, (const unsigned char *) test_srv_key,
|
||||
ret = x509parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
strlen( test_srv_key ), NULL, 0 );
|
||||
#else
|
||||
{
|
||||
@ -589,7 +589,7 @@ int main( int argc, char *argv[] )
|
||||
#endif
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " failed\n ! x509parse_key_rsa returned -0x%x\n\n", -ret );
|
||||
printf( " failed\n ! x509parse_key returned -0x%x\n\n", -ret );
|
||||
goto exit;
|
||||
}
|
||||
|
||||
@ -649,7 +649,7 @@ int main( int argc, char *argv[] )
|
||||
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
ssl_set_ca_chain( &ssl, &cacert, NULL, NULL );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &pkey );
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
|
||||
@ -877,7 +877,7 @@ exit:
|
||||
#if defined(POLARSSL_X509_PARSE_C)
|
||||
x509_free( &srvcert );
|
||||
x509_free( &cacert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
#endif
|
||||
|
||||
ssl_free( &ssl );
|
||||
|
@ -166,7 +166,7 @@ static int ssl_test( struct options *opt )
|
||||
ctr_drbg_context ctr_drbg;
|
||||
ssl_context ssl;
|
||||
x509_cert srvcert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
|
||||
ret = 1;
|
||||
|
||||
@ -187,7 +187,7 @@ static int ssl_test( struct options *opt )
|
||||
memset( write_state, 0, sizeof( write_state ) );
|
||||
|
||||
memset( &srvcert, 0, sizeof( x509_cert ) );
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
pk_init( &pkey );
|
||||
|
||||
if( opt->opmode == OPMODE_CLIENT )
|
||||
{
|
||||
@ -229,11 +229,11 @@ static int ssl_test( struct options *opt )
|
||||
goto exit;
|
||||
}
|
||||
|
||||
ret = x509parse_key_rsa( &rsa, (const unsigned char *) test_srv_key,
|
||||
ret = x509parse_key( &pkey, (const unsigned char *) test_srv_key,
|
||||
strlen( test_srv_key ), NULL, 0 );
|
||||
if( ret != 0 )
|
||||
{
|
||||
printf( " ! x509parse_key_rsa returned %d\n\n", ret );
|
||||
printf( " ! x509parse_key returned %d\n\n", ret );
|
||||
goto exit;
|
||||
}
|
||||
#endif
|
||||
@ -262,7 +262,7 @@ static int ssl_test( struct options *opt )
|
||||
|
||||
ssl_set_endpoint( &ssl, SSL_IS_SERVER );
|
||||
ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &srvcert, &pkey );
|
||||
}
|
||||
|
||||
ssl_set_authmode( &ssl, SSL_VERIFY_NONE );
|
||||
@ -400,7 +400,7 @@ exit:
|
||||
|
||||
ssl_close_notify( &ssl );
|
||||
x509_free( &srvcert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
ssl_free( &ssl );
|
||||
net_close( client_fd );
|
||||
|
||||
|
@ -157,7 +157,7 @@ int main( int argc, char *argv[] )
|
||||
ssl_context ssl;
|
||||
x509_cert cacert;
|
||||
x509_cert clicert;
|
||||
rsa_context rsa;
|
||||
pk_context pkey;
|
||||
int i, j, n;
|
||||
int flags, verify = 0;
|
||||
char *p, *q;
|
||||
@ -169,7 +169,7 @@ int main( int argc, char *argv[] )
|
||||
server_fd = 0;
|
||||
memset( &cacert, 0, sizeof( x509_cert ) );
|
||||
memset( &clicert, 0, sizeof( x509_cert ) );
|
||||
memset( &rsa, 0, sizeof( rsa_context ) );
|
||||
pk_init( &pkey );
|
||||
|
||||
if( argc == 0 )
|
||||
{
|
||||
@ -404,7 +404,7 @@ int main( int argc, char *argv[] )
|
||||
ssl_set_bio( &ssl, net_recv, &server_fd,
|
||||
net_send, &server_fd );
|
||||
|
||||
ssl_set_own_cert( &ssl, &clicert, &rsa );
|
||||
ssl_set_own_cert( &ssl, &clicert, &pkey );
|
||||
|
||||
ssl_set_hostname( &ssl, opt.server_name );
|
||||
|
||||
@ -450,7 +450,7 @@ exit:
|
||||
net_close( server_fd );
|
||||
x509_free( &cacert );
|
||||
x509_free( &clicert );
|
||||
rsa_free( &rsa );
|
||||
pk_free( &pkey );
|
||||
|
||||
#if defined(_WIN32)
|
||||
printf( " + Press Enter to exit this program.\n" );
|
||||
|
248
tests/compat.sh
248
tests/compat.sh
@ -2,8 +2,13 @@
|
||||
|
||||
killall -q openssl ssl_server ssl_server2
|
||||
|
||||
let "tests = 0"
|
||||
let "failed = 0"
|
||||
let "skipped = 0"
|
||||
|
||||
MODES="ssl3 tls1 tls1_1 tls1_2"
|
||||
VERIFIES="NO YES"
|
||||
TYPES="ECDSA RSA PSK"
|
||||
OPENSSL=openssl
|
||||
FILTER=""
|
||||
VERBOSE=""
|
||||
@ -23,6 +28,16 @@ do
|
||||
shift
|
||||
MODES=$1
|
||||
;;
|
||||
-t|--types)
|
||||
# Key exchange types
|
||||
shift
|
||||
TYPES=$1
|
||||
;;
|
||||
-V|--verify)
|
||||
# Verifiction modes
|
||||
shift
|
||||
VERIFIES=$1
|
||||
;;
|
||||
-v|--verbose)
|
||||
# Set verbosity
|
||||
shift
|
||||
@ -34,6 +49,8 @@ do
|
||||
echo -e " -f|--filter\tFilter ciphersuites to test (Default: all)"
|
||||
echo -e " -h|--help\t\tPrint this help."
|
||||
echo -e " -m|--modes\tWhich modes to perform (Default: \"ssl3 tls1 tls1_1 tls1_2\")"
|
||||
echo -e " -t|--types\tWhich key exchange type to perform (Default: \"ECDSA RSA PSK\")"
|
||||
echo -e " -V|--verify\tWhich verification modes to perform (Default: \"NO YES\")"
|
||||
echo -e " -v|--verbose\t\tSet verbose output."
|
||||
exit 1
|
||||
;;
|
||||
@ -52,26 +69,98 @@ log () {
|
||||
fi
|
||||
}
|
||||
|
||||
filter()
|
||||
{
|
||||
LIST=$1
|
||||
FILTER=$2
|
||||
|
||||
NEW_LIST=""
|
||||
|
||||
for i in $LIST;
|
||||
do
|
||||
NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" )"
|
||||
done
|
||||
|
||||
echo "$NEW_LIST"
|
||||
}
|
||||
|
||||
for VERIFY in $VERIFIES;
|
||||
do
|
||||
P_SERVER_ARGS="psk=6162636465666768696a6b6c6d6e6f70"
|
||||
P_CLIENT_ARGS="psk=6162636465666768696a6b6c6d6e6f70"
|
||||
O_SERVER_ARGS="-psk 6162636465666768696a6b6c6d6e6f70"
|
||||
O_CLIENT_ARGS="-psk 6162636465666768696a6b6c6d6e6f70"
|
||||
|
||||
if [ "X$VERIFY" = "XYES" ];
|
||||
then
|
||||
P_SERVER_ARGS="$P_SERVER_ARGS auth_mode=required crt_file=data_files/server1.crt key_file=data_files/server1.key ca_file=data_files/test-ca.crt"
|
||||
P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key ca_file=data_files/test-ca.crt"
|
||||
O_SERVER_ARGS="$O_SERVER_ARGS -verify 10 -CAfile data_files/test-ca.crt -cert data_files/server1.crt -key data_files/server1.key"
|
||||
O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server2.crt -key data_files/server2.key -CAfile data_files/test-ca.crt"
|
||||
P_SERVER_ARGS="ca_file=data_files/test-ca_cat12.crt auth_mode=required"
|
||||
P_CLIENT_ARGS="ca_file=data_files/test-ca_cat12.crt"
|
||||
O_SERVER_ARGS="-CAfile data_files/test-ca_cat12.crt -Verify 10"
|
||||
O_CLIENT_ARGS="-CAfile data_files/test-ca_cat12.crt"
|
||||
else
|
||||
P_SERVER_ARGS=""
|
||||
P_CLIENT_ARGS=""
|
||||
O_SERVER_ARGS=""
|
||||
O_CLIENT_ARGS=""
|
||||
fi
|
||||
|
||||
|
||||
for MODE in $MODES;
|
||||
do
|
||||
echo "-----------"
|
||||
echo "Running for $MODE (Verify: $VERIFY)"
|
||||
echo "-----------"
|
||||
|
||||
for TYPE in $TYPES;
|
||||
do
|
||||
|
||||
case $TYPE in
|
||||
|
||||
"ECDSA")
|
||||
|
||||
P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key"
|
||||
P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key"
|
||||
O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key"
|
||||
O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key"
|
||||
|
||||
P_CIPHERS=" \
|
||||
TLS-ECDHE-ECDSA-WITH-NULL-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
|
||||
"
|
||||
|
||||
O_CIPHERS=" \
|
||||
ECDHE-ECDSA-NULL-SHA \
|
||||
ECDHE-ECDSA-RC4-SHA \
|
||||
ECDHE-ECDSA-DES-CBC3-SHA \
|
||||
ECDHE-ECDSA-AES128-SHA \
|
||||
ECDHE-ECDSA-AES256-SHA \
|
||||
"
|
||||
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
then
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
|
||||
"
|
||||
|
||||
O_CIPHERS=" \
|
||||
ECDHE-ECDSA-AES128-SHA256 \
|
||||
ECDHE-ECDSA-AES256-SHA384 \
|
||||
ECDHE-ECDSA-AES128-GCM-SHA256 \
|
||||
ECDHE-ECDSA-AES256-GCM-SHA384 \
|
||||
"
|
||||
fi
|
||||
|
||||
;;
|
||||
|
||||
"RSA")
|
||||
|
||||
P_SERVER_ARGS="$P_SERVER_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key"
|
||||
P_CLIENT_ARGS="$P_CLIENT_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key"
|
||||
O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server1.crt -key data_files/server1.key"
|
||||
O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server2.crt -key data_files/server2.key"
|
||||
|
||||
P_CIPHERS=" \
|
||||
TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||
TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
|
||||
@ -95,10 +184,6 @@ P_CIPHERS=" \
|
||||
TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-ECDHE-RSA-WITH-RC4-128-SHA \
|
||||
TLS-ECDHE-RSA-WITH-NULL-SHA \
|
||||
TLS-PSK-WITH-RC4-128-SHA \
|
||||
TLS-PSK-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-PSK-WITH-AES-128-CBC-SHA \
|
||||
TLS-PSK-WITH-AES-256-CBC-SHA \
|
||||
"
|
||||
|
||||
O_CIPHERS=" \
|
||||
@ -124,14 +209,8 @@ O_CIPHERS=" \
|
||||
ECDHE-RSA-DES-CBC3-SHA \
|
||||
ECDHE-RSA-RC4-SHA \
|
||||
ECDHE-RSA-NULL-SHA \
|
||||
PSK-RC4-SHA \
|
||||
PSK-3DES-EDE-CBC-SHA \
|
||||
PSK-AES128-CBC-SHA \
|
||||
PSK-AES256-CBC-SHA
|
||||
"
|
||||
|
||||
# Also add SHA256 ciphersuites
|
||||
#
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
then
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
@ -142,6 +221,12 @@ then
|
||||
TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
|
||||
TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
|
||||
TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
|
||||
TLS-RSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-RSA-WITH-AES-256-GCM-SHA384 \
|
||||
TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
|
||||
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
|
||||
"
|
||||
|
||||
O_CIPHERS="$O_CIPHERS \
|
||||
@ -152,18 +237,6 @@ then
|
||||
DHE-RSA-AES256-SHA256 \
|
||||
ECDHE-RSA-AES128-SHA256 \
|
||||
ECDHE-RSA-AES256-SHA384 \
|
||||
"
|
||||
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
TLS-RSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-RSA-WITH-AES-256-GCM-SHA384 \
|
||||
TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
|
||||
TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
|
||||
TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
|
||||
"
|
||||
|
||||
O_CIPHERS="$O_CIPHERS \
|
||||
AES128-GCM-SHA256 \
|
||||
DHE-RSA-AES128-GCM-SHA256 \
|
||||
AES256-GCM-SHA384 \
|
||||
@ -173,20 +246,32 @@ then
|
||||
"
|
||||
fi
|
||||
|
||||
filter()
|
||||
{
|
||||
LIST=$1
|
||||
FILTER=$2
|
||||
;;
|
||||
|
||||
NEW_LIST=""
|
||||
"PSK")
|
||||
|
||||
for i in $LIST;
|
||||
do
|
||||
NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" )"
|
||||
done
|
||||
P_SERVER_ARGS="$P_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70"
|
||||
P_CLIENT_ARGS="$P_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70"
|
||||
O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
|
||||
O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
|
||||
|
||||
echo "$NEW_LIST"
|
||||
}
|
||||
P_CIPHERS=" \
|
||||
TLS-PSK-WITH-RC4-128-SHA \
|
||||
TLS-PSK-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-PSK-WITH-AES-128-CBC-SHA \
|
||||
TLS-PSK-WITH-AES-256-CBC-SHA \
|
||||
"
|
||||
|
||||
O_CIPHERS=" \
|
||||
PSK-RC4-SHA \
|
||||
PSK-3DES-EDE-CBC-SHA \
|
||||
PSK-AES128-CBC-SHA \
|
||||
PSK-AES256-CBC-SHA \
|
||||
"
|
||||
|
||||
;;
|
||||
|
||||
esac
|
||||
|
||||
# Filter ciphersuites
|
||||
if [ "X" != "X$FILTER" ];
|
||||
@ -197,13 +282,14 @@ fi
|
||||
|
||||
|
||||
log "$OPENSSL s_server -cert data_files/server2.crt -key data_files/server2.key -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE"
|
||||
$OPENSSL s_server -cert data_files/server2.crt -key data_files/server2.key -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE &
|
||||
$OPENSSL s_server -cert data_files/server2.crt -key data_files/server2.key -www -quiet -cipher NULL,ALL $O_SERVER_ARGS -$MODE >/dev/null 2>&1 &
|
||||
PROCESS_ID=$!
|
||||
|
||||
sleep 1
|
||||
|
||||
for i in $P_CIPHERS;
|
||||
do
|
||||
let "tests++"
|
||||
log "../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i force_version=$MODE"
|
||||
RESULT="$( ../programs/ssl/ssl_client2 $P_CLIENT_ARGS force_ciphersuite=$i force_version=$MODE )"
|
||||
EXIT=$?
|
||||
@ -211,10 +297,12 @@ do
|
||||
if [ "$EXIT" = "2" ];
|
||||
then
|
||||
echo Ciphersuite not supported in client
|
||||
let "skipped++"
|
||||
elif [ "$EXIT" != "0" ];
|
||||
then
|
||||
echo Failed
|
||||
echo $RESULT
|
||||
let "failed++"
|
||||
else
|
||||
echo Success
|
||||
fi
|
||||
@ -230,6 +318,7 @@ sleep 1
|
||||
|
||||
for i in $O_CIPHERS;
|
||||
do
|
||||
let "tests++"
|
||||
log "$OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS"
|
||||
RESULT="$( ( echo -e 'GET HTTP/1.0'; echo; sleep 1 ) | $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS 2>&1 )"
|
||||
EXIT=$?
|
||||
@ -241,11 +330,13 @@ do
|
||||
if [ "X$SUPPORTED" != "X" ]
|
||||
then
|
||||
echo "Ciphersuite not supported in server"
|
||||
let "skipped++"
|
||||
else
|
||||
echo Failed
|
||||
echo ../programs/ssl/ssl_server2 $P_SERVER_ARGS
|
||||
echo $OPENSSL s_client -$MODE -cipher $i $O_CLIENT_ARGS
|
||||
echo $RESULT
|
||||
let "failed++"
|
||||
fi
|
||||
else
|
||||
echo Success
|
||||
@ -261,10 +352,24 @@ PROCESS_ID=$!
|
||||
|
||||
sleep 1
|
||||
|
||||
# OpenSSL does not support RFC5246 and RFC6367 Camellia ciphers with SHA256
|
||||
# or SHA384
|
||||
# Add for PolarSSL only test, which does support them.
|
||||
#
|
||||
# Add ciphersuites supported by PolarSSL only
|
||||
|
||||
case $TYPE in
|
||||
|
||||
"ECDSA")
|
||||
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
then
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
|
||||
TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
|
||||
"
|
||||
fi
|
||||
|
||||
;;
|
||||
|
||||
"RSA")
|
||||
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
then
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
@ -274,6 +379,25 @@ then
|
||||
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
|
||||
TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
|
||||
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
|
||||
"
|
||||
fi
|
||||
|
||||
;;
|
||||
|
||||
"PSK")
|
||||
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
TLS-DHE-PSK-WITH-RC4-128-SHA \
|
||||
TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
|
||||
TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
|
||||
TLS-PSK-WITH-NULL-SHA \
|
||||
TLS-DHE-PSK-WITH-NULL-SHA \
|
||||
"
|
||||
|
||||
if [ "$MODE" = "tls1_2" ];
|
||||
then
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
TLS-PSK-WITH-AES-128-CBC-SHA256 \
|
||||
TLS-PSK-WITH-AES-256-CBC-SHA384 \
|
||||
TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
|
||||
@ -293,17 +417,7 @@ then
|
||||
"
|
||||
fi
|
||||
|
||||
# OpenSSL does not support DHE-PSK ciphers
|
||||
# Add for PolarSSL only test, which does support them.
|
||||
#
|
||||
P_CIPHERS="$P_CIPHERS \
|
||||
TLS-DHE-PSK-WITH-RC4-128-SHA \
|
||||
TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
|
||||
TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
|
||||
TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
|
||||
TLS-PSK-WITH-NULL-SHA \
|
||||
TLS-DHE-PSK-WITH-NULL-SHA \
|
||||
"
|
||||
esac
|
||||
|
||||
# Filter ciphersuites
|
||||
if [ "X" != "X$FILTER" ];
|
||||
@ -314,6 +428,7 @@ fi
|
||||
|
||||
for i in $P_CIPHERS;
|
||||
do
|
||||
let "tests++"
|
||||
log "../programs/ssl/ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS"
|
||||
RESULT="$( ../programs/ssl/ssl_client2 force_ciphersuite=$i force_version=$MODE $P_CLIENT_ARGS )"
|
||||
EXIT=$?
|
||||
@ -321,10 +436,12 @@ do
|
||||
if [ "$EXIT" = "2" ];
|
||||
then
|
||||
echo Ciphersuite not supported in client
|
||||
let "skipped++"
|
||||
elif [ "$EXIT" != "0" ];
|
||||
then
|
||||
echo Failed
|
||||
echo $RESULT
|
||||
let "failed++"
|
||||
else
|
||||
echo Success
|
||||
fi
|
||||
@ -334,3 +451,20 @@ wait $PROCESS_ID 2>/dev/null
|
||||
|
||||
done
|
||||
done
|
||||
done
|
||||
|
||||
echo ""
|
||||
echo "-------------------------------------------------------------------------"
|
||||
echo ""
|
||||
|
||||
if (( failed != 0 ));
|
||||
then
|
||||
echo -n "FAILED"
|
||||
else
|
||||
echo -n "PASSED"
|
||||
fi
|
||||
|
||||
let "passed = tests - failed"
|
||||
echo " ($passed / $tests tests ($skipped skipped))"
|
||||
|
||||
exit $failed
|
||||
|
@ -463,23 +463,18 @@ Test GCD #1
|
||||
mpi_gcd:10:"433019240910377478217373572959560109819648647016096560523769010881172869083338285573756574557395862965095016483867813043663981946477698466501451832407592327356331263124555137732393938242285782144928753919588632679050799198937132922145084847":10:"5781538327977828897150909166778407659250458379645823062042492461576758526757490910073628008613977550546382774775570888130029763571528699574717583228939535960234464230882573615930384979100379102915657483866755371559811718767760594919456971354184113721":10:"1"
|
||||
|
||||
Base test mpi_inv_mod #1
|
||||
depends_on:POLARSSL_GENPRIME
|
||||
mpi_inv_mod:10:"3":10:"11":10:"4":0
|
||||
|
||||
Base test mpi_inv_mod #2
|
||||
depends_on:POLARSSL_GENPRIME
|
||||
mpi_inv_mod:10:"3":10:"0":10:"0":POLARSSL_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
Base test mpi_inv_mod #3
|
||||
depends_on:POLARSSL_GENPRIME
|
||||
mpi_inv_mod:10:"3":10:"-11":10:"4":POLARSSL_ERR_MPI_BAD_INPUT_DATA
|
||||
|
||||
Base test mpi_inv_mod #4
|
||||
depends_on:POLARSSL_GENPRIME
|
||||
mpi_inv_mod:10:"2":10:"4":10:"0":POLARSSL_ERR_MPI_NOT_ACCEPTABLE
|
||||
|
||||
Test mpi_inv_mod #1
|
||||
depends_on:POLARSSL_GENPRIME
|
||||
mpi_inv_mod:16:"aa4df5cb14b4c31237f98bd1faf527c283c2d0f3eec89718664ba33f9762907c":16:"fffbbd660b94412ae61ead9c2906a344116e316a256fd387874c6c675b1d587d":16:"8d6a5c1d7adeae3e94b9bcd2c47e0d46e778bc8804a2cc25c02d775dc3d05b0c":0
|
||||
|
||||
Base test mpi_is_prime #1
|
||||
|
@ -634,7 +634,7 @@ void mpi_inv_mod( int radix_X, char *input_X, int radix_Y, char *input_Y,
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:POLARSSL_GENPRIME */
|
||||
void mpi_is_prime( int radix_X, char *input_X, int div_result )
|
||||
{
|
||||
mpi X;
|
||||
|
@ -303,43 +303,43 @@ depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_ECP_C:POLARSSL_ECP_DP_SECP521R
|
||||
x509parse_keyfile_ec:"data_files/ec_521_prv.pem":"NULL":0
|
||||
|
||||
X509 Get Distinguished Name #1
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_dn_gets:"data_files/server1.crt":"subject":"C=NL, O=PolarSSL, CN=PolarSSL Server 1"
|
||||
|
||||
X509 Get Distinguished Name #2
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_dn_gets:"data_files/server1.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
|
||||
|
||||
X509 Get Distinguished Name #3
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_dn_gets:"data_files/server2.crt":"subject":"C=NL, O=PolarSSL, CN=localhost"
|
||||
|
||||
X509 Get Distinguished Name #4
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_dn_gets:"data_files/server2.crt":"issuer":"C=NL, O=PolarSSL, CN=PolarSSL Test CA"
|
||||
|
||||
X509 Time Expired #1
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_time_expired:"data_files/server1.crt":"valid_from":1
|
||||
|
||||
X509 Time Expired #2
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_time_expired:"data_files/server1.crt":"valid_to":0
|
||||
|
||||
X509 Time Expired #3
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_time_expired:"data_files/server2.crt":"valid_from":1
|
||||
|
||||
X509 Time Expired #4
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_time_expired:"data_files/server2.crt":"valid_to":0
|
||||
|
||||
X509 Time Expired #5
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_time_expired:"data_files/test-ca.crt":"valid_from":1
|
||||
|
||||
X509 Time Expired #6
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO
|
||||
depends_on:POLARSSL_PEM_C:POLARSSL_FS_IO:POLARSSL_RSA_C
|
||||
x509_time_expired:"data_files/test-ca.crt":"valid_to":0
|
||||
|
||||
X509 Certificate verification #1 (Revoked Cert, Expired CRL)
|
||||
@ -686,114 +686,151 @@ X509 Certificate ASN1 (TBSCertificate, pubkey, invalid bitstring start)
|
||||
x509parse_crt:"306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101":"":POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_INVALID_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate, pubkey, invalid internal bitstring length)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000":"":POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate, pubkey, invalid internal bitstring tag)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000":"":POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate, pubkey, invalid mpi)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff":"":POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate, pubkey, total length mismatch)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00":"":POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate, pubkey, check failed)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff":"":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate, pubkey, check failed, expanded length notation)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff":"":POLARSSL_ERR_RSA_KEY_CHECK_FAILED
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, Optional UIDs, Extensions not present)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, issuerID wrong tag)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, UIDs, no ext)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb":"":POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, UIDs, invalid length)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb":"":POLARSSL_ERR_ASN1_INVALID_LENGTH
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext empty)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext length mismatch)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, first ext invalid)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, first ext invalid tag)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, bool len missing)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, data missing)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, no octet present)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet data missing)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, no pathlen)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (TBSCertificate v3, ext BasicContraint tag, octet len mismatch)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100":"":POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (correct pubkey, no sig_alg)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff":"":POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (sig_alg mismatch)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500":"":POLARSSL_ERR_X509_CERT_SIG_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (sig_alg, no sig)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500":"":POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA
|
||||
|
||||
X509 Certificate ASN1 (signature, invalid sig data)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100":"":POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_INVALID_DATA
|
||||
|
||||
X509 Certificate ASN1 (signature, data left)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00":"":POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH
|
||||
|
||||
X509 Certificate ASN1 (correct)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (GeneralizedTime instead of UTCTime)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2010-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with X520 CN)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: CN=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with X520 C)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: C=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with X520 L)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: L=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with X520 ST)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ST=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with X520 O)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: O=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with X520 OU)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: OU=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with unknown X520 part)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with PKCS9 email)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: emailAddress=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (Name with unknown PKCS9 part)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff":"cert. version \: 1\nserial number \: DE\:AD\:BE\:EF\nissuer name \: ?\?=Test\nsubject name \: ?\?=Test\nissued on \: 2009-01-01 00\:00\:00\nexpires on \: 2009-12-31 23\:59\:59\nsigned using \: RSA with MD2\nRSA key size \: 128 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (ECDSA signature, RSA key)
|
||||
depends_on:POLARSSL_RSA_C
|
||||
x509parse_crt:"3081E630819E020103300906072A8648CE3D0401300F310D300B0603550403130454657374301E170D3133303731303039343631385A170D3233303730383039343631385A300F310D300B0603550403130454657374304C300D06092A864886F70D0101010500033B003038023100E8F546061D3B49BC2F6B7524B7EA4D73A8D5293EE8C64D9407B70B5D16BAEBC32B8205591EAB4E1EB57E9241883701250203010001300906072A8648CE3D0401033800303502186E18209AFBED14A0D9A796EFCAD68891E3CCD5F75815C833021900E92B4FD460B1994693243B9FFAD54729DE865381BDA41D25":"cert. version \: 1\nserial number \: 03\nissuer name \: CN=Test\nsubject name \: CN=Test\nissued on \: 2013-07-10 09\:46\:18\nexpires on \: 2023-07-08 09\:46\:18\nsigned using \: ECDSA with SHA1\nRSA key size \: 384 bits\n":0
|
||||
|
||||
X509 Certificate ASN1 (ECDSA signature, EC key)
|
||||
|
@ -165,7 +165,7 @@ void x509_time_expired( char *crt_file, char *entity, int result )
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
|
||||
void x509parse_keyfile_rsa( char *key_file, char *password, int result )
|
||||
{
|
||||
rsa_context rsa;
|
||||
@ -190,7 +190,7 @@ void x509parse_keyfile_rsa( char *key_file, char *password, int result )
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
|
||||
void x509parse_public_keyfile_rsa( char *key_file, int result )
|
||||
{
|
||||
rsa_context rsa;
|
||||
@ -317,7 +317,7 @@ void x509parse_crl( char *crl_data, char *result_str, int result )
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE */
|
||||
/* BEGIN_CASE depends_on:POLARSSL_RSA_C */
|
||||
void x509parse_key_rsa( char *key_data, char *result_str, int result )
|
||||
{
|
||||
rsa_context rsa;
|
||||
|
Loading…
Reference in New Issue
Block a user