Increase hamming distance for session resume flag

This is to prevent glitching a single bit for the resume flag.
This commit is contained in:
Jarno Lamsa 2019-12-19 15:20:19 +02:00
parent 489dccd158
commit 8d09e5744c
3 changed files with 14 additions and 14 deletions

View File

@ -868,7 +868,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
* appropriate length. Otherwise make the length 0 (for now, see next code * appropriate length. Otherwise make the length 0 (for now, see next code
* block for behaviour with tickets). * block for behaviour with tickets).
*/ */
if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == 0 || if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == MBEDTLS_SSL_FI_FLAG_UNSET ||
mbedtls_ssl_get_renego_status( ssl ) != MBEDTLS_SSL_INITIAL_HANDSHAKE || mbedtls_ssl_get_renego_status( ssl ) != MBEDTLS_SSL_INITIAL_HANDSHAKE ||
ssl->session_negotiate->id_len < 16 || ssl->session_negotiate->id_len < 16 ||
ssl->session_negotiate->id_len > 32 ) ssl->session_negotiate->id_len > 32 )
@ -1832,11 +1832,11 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
ssl->session_negotiate->id_len != n || ssl->session_negotiate->id_len != n ||
mbedtls_platform_memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) mbedtls_platform_memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 )
{ {
ssl->handshake->resume = 0; ssl->handshake->resume = MBEDTLS_SSL_FI_FLAG_UNSET;
} }
#endif /* !MBEDTLS_SSL_NO_SESSION_RESUMPTION */ #endif /* !MBEDTLS_SSL_NO_SESSION_RESUMPTION */
if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == 1 ) if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == MBEDTLS_SSL_FI_FLAG_SET )
{ {
/* Resume a session */ /* Resume a session */
ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC; ssl->state = MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC;

View File

@ -627,7 +627,7 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from ticket" ) );
ssl->handshake->resume = 1; ssl->handshake->resume = MBEDTLS_SSL_FI_FLAG_SET;
/* Don't send a new ticket after all, this one is OK */ /* Don't send a new ticket after all, this one is OK */
ssl->handshake->new_session_ticket = 0; ssl->handshake->new_session_ticket = 0;
@ -2839,19 +2839,19 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl )
* It may be already set to 1 by ssl_parse_session_ticket_ext(). * It may be already set to 1 by ssl_parse_session_ticket_ext().
* If not, try looking up session ID in our cache. * If not, try looking up session ID in our cache.
*/ */
if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == 0 && if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == MBEDTLS_SSL_FI_FLAG_UNSET &&
mbedtls_ssl_get_renego_status( ssl ) == MBEDTLS_SSL_INITIAL_HANDSHAKE && mbedtls_ssl_get_renego_status( ssl ) == MBEDTLS_SSL_INITIAL_HANDSHAKE &&
ssl->session_negotiate->id_len != 0 && ssl->session_negotiate->id_len != 0 &&
ssl->conf->f_get_cache != NULL && ssl->conf->f_get_cache != NULL &&
ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 ) ssl->conf->f_get_cache( ssl->conf->p_cache, ssl->session_negotiate ) == 0 )
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "session successfully restored from cache" ) );
ssl->handshake->resume = 1; ssl->handshake->resume = MBEDTLS_SSL_FI_FLAG_SET;
} }
#endif /* !MBEDTLS_SSL_NO_SESSION_CACHE */ #endif /* !MBEDTLS_SSL_NO_SESSION_CACHE */
#if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION) #if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == 1 ) if( mbedtls_ssl_handshake_get_resume( ssl->handshake ) == MBEDTLS_SSL_FI_FLAG_SET )
{ {
/* /*
* Resuming a session * Resuming a session

View File

@ -1825,7 +1825,7 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake,
mbedtls_ssl_handshake_get_ciphersuite( handshake ); mbedtls_ssl_handshake_get_ciphersuite( handshake );
#if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION) #if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
if( handshake->resume != 0 ) if( handshake->resume == MBEDTLS_SSL_FI_FLAG_SET )
{ {
MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "no premaster (session resumed)" ) );
return( 0 ); return( 0 );
@ -7969,7 +7969,7 @@ int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
*/ */
if( ssl->conf->f_set_cache != NULL && if( ssl->conf->f_set_cache != NULL &&
ssl->session->id_len != 0 && ssl->session->id_len != 0 &&
ssl->handshake->resume == 0 ) ssl->handshake->resume == MBEDTLS_SSL_FI_FLAG_UNSET )
{ {
if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 ) if( ssl->conf->f_set_cache( ssl->conf->p_cache, ssl->session ) != 0 )
MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "cache did not store session" ) );
@ -7990,10 +7990,10 @@ int mbedtls_ssl_handshake_wrapup( mbedtls_ssl_context *ssl )
} }
#if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION) #if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
if( ssl->handshake->resume ) if( ssl->handshake->resume == MBEDTLS_SSL_FI_FLAG_SET )
{ {
mbedtls_platform_enforce_volatile_reads(); mbedtls_platform_enforce_volatile_reads();
if( ssl->handshake->resume ) if( ssl->handshake->resume == MBEDTLS_SSL_FI_FLAG_SET )
{ {
/* When doing session resume, no premaster or peer authentication */ /* When doing session resume, no premaster or peer authentication */
ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET; ssl->handshake->peer_authenticated = MBEDTLS_SSL_FI_FLAG_SET;
@ -8111,7 +8111,7 @@ int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl )
* In case of session resuming, invert the client and server * In case of session resuming, invert the client and server
* ChangeCipherSpec messages order. * ChangeCipherSpec messages order.
*/ */
if( ssl->handshake->resume != 0 ) if( ssl->handshake->resume == MBEDTLS_SSL_FI_FLAG_SET )
{ {
#if defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_SSL_CLI_C)
if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) == if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) ==
@ -8290,7 +8290,7 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl )
#endif #endif
#if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION) #if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
if( ssl->handshake->resume != 0 ) if( ssl->handshake->resume == MBEDTLS_SSL_FI_FLAG_SET )
{ {
#if defined(MBEDTLS_SSL_CLI_C) #if defined(MBEDTLS_SSL_CLI_C)
if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) == MBEDTLS_SSL_IS_CLIENT ) if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) == MBEDTLS_SSL_IS_CLIENT )
@ -9019,7 +9019,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session
session ) ) != 0 ) session ) ) != 0 )
return( ret ); return( ret );
ssl->handshake->resume = 1; ssl->handshake->resume = MBEDTLS_SSL_FI_FLAG_SET;
return( 0 ); return( 0 );
} }