diff --git a/configs/baremetal.h b/configs/baremetal.h index ee514b463..2e92e76ac 100644 --- a/configs/baremetal.h +++ b/configs/baremetal.h @@ -60,6 +60,7 @@ /* Key exchanges */ #define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED #define MBEDTLS_SSL_CIPHERSUITES MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 +#define MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 /* Digests - just SHA-256 */ #define MBEDTLS_MD_C diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 91d25501f..8290c516d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -3641,6 +3641,17 @@ //#define MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET MBEDTLS_SSL_EXTENDED_MS_ENABLED //#define MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET MBEDTLS_SSL_EXTENDED_MS_ENFORCE_DISABLED +/* Set this to MBEDTLS_SUITE_{OFFICIAL_SUITE_NAME} to hardcode + * the choice of a fixed ciphersuite at compile-time. + * + * You need to make sure that the corresponding ciphersuite attributes + * are defined through macros in ssl_ciphersuites.h. See the definitions + * of MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_XXX for an example. + * + * If this option is set, the API mbedtls_ssl_conf_ciphersuites() is removed. + */ +//#define MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + /* \} SECTION: Compile-time SSL configuration */ /* Target and application specific configurations diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index ad60e82c3..0a1d9d542 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -33,8 +33,6 @@ #include "bignum.h" #include "ecp.h" -#include "ssl_ciphersuites.h" - #if defined(MBEDTLS_X509_CRT_PARSE_C) #include "x509_crt.h" #include "x509_crl.h" @@ -401,6 +399,84 @@ #define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 +/* + * Helper macros indicating whether certain classes + * of key exchanges are enabled in the configuration. + */ + +/* Key exchanges using a certificate */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED +#endif + +/* Key exchanges allowing client certificate requests */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED +#endif + +/* Key exchanges involving server signature in ServerKeyExchange */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED +#endif + +/* Key exchanges using ECDH */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED +#endif + +/* Key exchanges that don't involve ephemeral keys */ +#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED +#endif + +/* Key exchanges that involve ephemeral keys */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED +#endif + +/* Key exchanges using a PSK */ +#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED +#endif + +/* Key exchanges using DHE */ +#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED +#endif + +/* Key exchanges using ECDHE */ +#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED +#endif + /* * Size defines */ @@ -847,7 +923,9 @@ struct mbedtls_ssl_session #if defined(MBEDTLS_HAVE_TIME) mbedtls_time_t start; /*!< starting time */ #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) int ciphersuite; /*!< chosen ciphersuite */ +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ int compression; /*!< chosen compression */ size_t id_len; /*!< session id length */ unsigned char id[32]; /*!< session identifier */ @@ -896,7 +974,9 @@ struct mbedtls_ssl_config * Pointers */ +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) const int *ciphersuite_list[4]; /*!< allowed ciphersuites per version */ +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ /** Callback for printing debug output */ void (*f_dbg)(void *, int, const char *, int, const char *); @@ -2390,6 +2470,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, */ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_context *ssl ); +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) /** * \brief Set the list of allowed ciphersuites and the preference * order. First in the list has the highest preference. @@ -2402,11 +2483,43 @@ const mbedtls_ssl_session *mbedtls_ssl_get_session_pointer( const mbedtls_ssl_co * over the preference of the client unless * MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE is defined! * + * \note On constrained systems, support for a single ciphersuite + * (in all versions) can be fixed at compile-time through + * the configuration option MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE. + * * \param conf SSL configuration * \param ciphersuites 0-terminated list of allowed ciphersuites */ void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, - const int *ciphersuites ); + const int *ciphersuites ); + +/** + * \brief Set the list of allowed ciphersuites and the + * preference order for a specific version of the protocol. + * (Only useful on the server side) + * + * The ciphersuites array is not copied, and must remain + * valid for the lifetime of the ssl_config. + * + * \param conf SSL configuration + * \param ciphersuites 0-terminated list of allowed ciphersuites + * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 + * supported) + * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, + * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, + * MBEDTLS_SSL_MINOR_VERSION_3 supported) + * + * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 + * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 + * + * \note On constrained systems, support for a single ciphersuite + * (in all versions) can be fixed at compile-time through + * the configuration option MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE. + */ +void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, + const int *ciphersuites, + int major, int minor ); +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #define MBEDTLS_SSL_UNEXPECTED_CID_IGNORE 0 #define MBEDTLS_SSL_UNEXPECTED_CID_FAIL 1 @@ -2455,29 +2568,6 @@ int mbedtls_ssl_conf_cid( mbedtls_ssl_config *conf, size_t len, !MBEDTLS_SSL_CONF_CID_LEN && !MBEDTLS_SSL_CONF_IGNORE_UNEXPECTED_CID */ -/** - * \brief Set the list of allowed ciphersuites and the - * preference order for a specific version of the protocol. - * (Only useful on the server side) - * - * The ciphersuites array is not copied, and must remain - * valid for the lifetime of the ssl_config. - * - * \param conf SSL configuration - * \param ciphersuites 0-terminated list of allowed ciphersuites - * \param major Major version number (only MBEDTLS_SSL_MAJOR_VERSION_3 - * supported) - * \param minor Minor version number (MBEDTLS_SSL_MINOR_VERSION_0, - * MBEDTLS_SSL_MINOR_VERSION_1 and MBEDTLS_SSL_MINOR_VERSION_2, - * MBEDTLS_SSL_MINOR_VERSION_3 supported) - * - * \note With DTLS, use MBEDTLS_SSL_MINOR_VERSION_2 for DTLS 1.0 - * and MBEDTLS_SSL_MINOR_VERSION_3 for DTLS 1.2 - */ -void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, - const int *ciphersuites, - int major, int minor ); - #if defined(MBEDTLS_X509_CRT_PARSE_C) /** * \brief Set the X.509 security profile used for verification @@ -3915,6 +4005,8 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session ); */ void mbedtls_ssl_session_free( mbedtls_ssl_session *session ); +#include "ssl_ciphersuites.h" + #ifdef __cplusplus } #endif diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 712678330..925f2808e 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -33,6 +33,8 @@ #include "pk.h" #include "cipher.h" #include "md.h" +#include "ssl.h" +#include #ifdef __cplusplus extern "C" { @@ -304,79 +306,6 @@ typedef enum { MBEDTLS_KEY_EXCHANGE_ECJPAKE, } mbedtls_key_exchange_type_t; -/* Key exchanges using a certificate */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED -#endif - -/* Key exchanges allowing client certificate requests */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED -#endif - -/* Key exchanges involving server signature in ServerKeyExchange */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED -#endif - -/* Key exchanges using ECDH */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED -#endif - -/* Key exchanges that don't involve ephemeral keys */ -#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED -#endif - -/* Key exchanges that involve ephemeral keys */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED -#endif - -/* Key exchanges using a PSK */ -#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED -#endif - -/* Key exchanges using DHE */ -#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED -#endif - -/* Key exchanges using ECDHE */ -#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) -#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED -#endif - typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; #define MBEDTLS_CIPHERSUITE_WEAK 0x01 /**< Weak ciphersuite flag */ @@ -384,6 +313,61 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; eg for CCM_8 */ #define MBEDTLS_CIPHERSUITE_NODTLS 0x04 /**< Can't be used with DTLS */ +/* + * Ciphersuite macro definitions + * + * This is highly incomplete and only contains those ciphersuites for + * which we need to be able to build the library with support for that + * ciphersuite only (currently MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + * as an example). + */ + +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_ID MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_NAME "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_CIPHER MBEDTLS_CIPHER_AES_128_CCM +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_MAC MBEDTLS_MD_SHA256 +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_KEY_EXCHANGE MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_MIN_MAJOR_VER MBEDTLS_SSL_MAJOR_VERSION_3 +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_MIN_MINOR_VER MBEDTLS_SSL_MINOR_VERSION_3 +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_MAX_MAJOR_VER MBEDTLS_SSL_MAJOR_VERSION_3 +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_MAX_MINOR_VER MBEDTLS_SSL_MINOR_VERSION_3 +#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_FLAGS MBEDTLS_CIPHERSUITE_SHORT_TAG + +/* This is just to make check-names.sh happy -- don't uncomment. */ +//#define MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + +/* + * Helper macros to extract fields from ciphersuites. + */ + +#define MBEDTLS_SSL_SUITE_ID_T( SUITE ) SUITE ## _ID +#define MBEDTLS_SSL_SUITE_NAME_T( SUITE ) SUITE ## _NAME +#define MBEDTLS_SSL_SUITE_CIPHER_T( SUITE ) SUITE ## _CIPHER +#define MBEDTLS_SSL_SUITE_MAC_T( SUITE ) SUITE ## _MAC +#define MBEDTLS_SSL_SUITE_KEY_EXCHANGE_T( SUITE ) SUITE ## _KEY_EXCHANGE +#define MBEDTLS_SSL_SUITE_MIN_MAJOR_VER_T( SUITE ) SUITE ## _MIN_MAJOR_VER +#define MBEDTLS_SSL_SUITE_MIN_MINOR_VER_T( SUITE ) SUITE ## _MIN_MINOR_VER +#define MBEDTLS_SSL_SUITE_MAX_MAJOR_VER_T( SUITE ) SUITE ## _MAX_MAJOR_VER +#define MBEDTLS_SSL_SUITE_MAX_MINOR_VER_T( SUITE ) SUITE ## _MAX_MINOR_VER +#define MBEDTLS_SSL_SUITE_FLAGS_T( SUITE ) SUITE ## _FLAGS + +/* Wrapper around MBEDTLS_SSL_SUITE_XXX_T() which makes sure that + * the argument is macro-expanded before concatenated with the + * field name. This allows to call these macros as + * MBEDTLS_SSL_SUITE_XXX( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ), + * where MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE expands to MBEDTLS_SSL_SUITE_XXX. */ +#define MBEDTLS_SSL_SUITE_ID( SUITE ) MBEDTLS_SSL_SUITE_ID_T( SUITE ) +#define MBEDTLS_SSL_SUITE_NAME( SUITE ) MBEDTLS_SSL_SUITE_NAME_T( SUITE ) +#define MBEDTLS_SSL_SUITE_CIPHER( SUITE ) MBEDTLS_SSL_SUITE_CIPHER_T( SUITE ) +#define MBEDTLS_SSL_SUITE_MAC( SUITE ) MBEDTLS_SSL_SUITE_MAC_T( SUITE ) +#define MBEDTLS_SSL_SUITE_KEY_EXCHANGE( SUITE ) MBEDTLS_SSL_SUITE_KEY_EXCHANGE_T( SUITE ) +#define MBEDTLS_SSL_SUITE_MIN_MAJOR_VER( SUITE ) MBEDTLS_SSL_SUITE_MIN_MAJOR_VER_T( SUITE ) +#define MBEDTLS_SSL_SUITE_MIN_MINOR_VER( SUITE ) MBEDTLS_SSL_SUITE_MIN_MINOR_VER_T( SUITE ) +#define MBEDTLS_SSL_SUITE_MAX_MAJOR_VER( SUITE ) MBEDTLS_SSL_SUITE_MAX_MAJOR_VER_T( SUITE ) +#define MBEDTLS_SSL_SUITE_MAX_MINOR_VER( SUITE ) MBEDTLS_SSL_SUITE_MAX_MINOR_VER_T( SUITE ) +#define MBEDTLS_SSL_SUITE_FLAGS( SUITE ) MBEDTLS_SSL_SUITE_FLAGS_T( SUITE ) + +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) /** * \brief This structure is used for storing ciphersuite information */ @@ -404,23 +388,376 @@ struct mbedtls_ssl_ciphersuite_t unsigned char flags; }; +typedef mbedtls_ssl_ciphersuite_t const * mbedtls_ssl_ciphersuite_handle_t; +#define MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) NULL ) + +/** + * \brief This macro builds an instance of ::mbedtls_ssl_ciphersuite_t + * from an \c MBEDTLS_SUITE_XXX identifier. + */ +#define MBEDTLS_SSL_SUITE_INFO( SUITE ) \ + { MBEDTLS_SSL_SUITE_ID( SUITE ), \ + MBEDTLS_SSL_SUITE_NAME( SUITE ), \ + MBEDTLS_SSL_SUITE_CIPHER( SUITE ), \ + MBEDTLS_SSL_SUITE_MAC( SUITE ), \ + MBEDTLS_SSL_SUITE_KEY_EXCHANGE( SUITE ), \ + MBEDTLS_SSL_SUITE_MIN_MAJOR_VER( SUITE ), \ + MBEDTLS_SSL_SUITE_MIN_MINOR_VER( SUITE ), \ + MBEDTLS_SSL_SUITE_MAX_MAJOR_VER( SUITE ), \ + MBEDTLS_SSL_SUITE_MAX_MINOR_VER( SUITE ), \ + MBEDTLS_SSL_SUITE_FLAGS( SUITE ) } + +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +typedef unsigned char mbedtls_ssl_ciphersuite_handle_t; +#define MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) 0 ) +#define MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ( (mbedtls_ssl_ciphersuite_handle_t) 1 ) + +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) +static inline int mbedtls_ssl_session_get_ciphersuite( + mbedtls_ssl_session const * session ) +{ + return( session->ciphersuite ); +} +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ +static inline int mbedtls_ssl_session_get_ciphersuite( + mbedtls_ssl_session const * session ) +{ + ((void) session); + return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +/* + * Getter functions for the extraction of ciphersuite attributes + * from a ciphersuite handle. + * + * Warning: These functions have the validity of the handle as a precondition! + * Their behaviour is undefined when MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE + * is passed. + */ + +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) +/* + * Implementation of getter functions when the ciphersuite handle + * is a pointer to the ciphersuite information structure. + * + * The precondition that the handle is valid means that + * we don't need to check that info != NULL. + */ +static inline int mbedtls_ssl_suite_get_id( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->id ); +} +static inline const char* mbedtls_ssl_suite_get_name( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->name ); +} +static inline mbedtls_cipher_type_t mbedtls_ssl_suite_get_cipher( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->cipher ); +} +static inline mbedtls_md_type_t mbedtls_ssl_suite_get_mac( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->mac ); +} +static inline mbedtls_key_exchange_type_t mbedtls_ssl_suite_get_key_exchange( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->key_exchange ); +} +static inline int mbedtls_ssl_suite_get_min_major_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->min_major_ver ); +} +static inline int mbedtls_ssl_suite_get_min_minor_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->min_minor_ver ); +} +static inline int mbedtls_ssl_suite_get_max_major_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->max_major_ver ); +} +static inline int mbedtls_ssl_suite_get_max_minor_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->max_minor_ver ); +} +static inline unsigned char mbedtls_ssl_suite_get_flags( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + return( info->flags ); +} +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ +/* + * Implementations of getter functions in the case of only a single possible + * ciphersuite. In this case, the handle is logically a boolean (either the + * invalid handle or the unique valid handle representing the single enabled + * ciphersuite), and the precondition that the handle is valid means that we + * can statically return the hardcoded attribute of the enabled ciphersuite. + */ +static inline int mbedtls_ssl_suite_get_id( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline const char* mbedtls_ssl_suite_get_name( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline mbedtls_cipher_type_t mbedtls_ssl_suite_get_cipher( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_CIPHER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline mbedtls_md_type_t mbedtls_ssl_suite_get_mac( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_MAC( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline mbedtls_key_exchange_type_t mbedtls_ssl_suite_get_key_exchange( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_KEY_EXCHANGE( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline int mbedtls_ssl_suite_get_min_major_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_MIN_MAJOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline int mbedtls_ssl_suite_get_min_minor_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_MIN_MINOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline int mbedtls_ssl_suite_get_max_major_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_MAX_MAJOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline int mbedtls_ssl_suite_get_max_minor_ver( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_MAX_MINOR_VER( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +static inline unsigned char mbedtls_ssl_suite_get_flags( + mbedtls_ssl_ciphersuite_handle_t const info ) +{ + ((void) info); + return( MBEDTLS_SSL_SUITE_FLAGS( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); +} +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + const int *mbedtls_ssl_list_ciphersuites( void ); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ); -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite_id ); +/* + * Various small helper functions for ciphersuites. + * + * Like the getter functions, they assume that the provided ciphersuite + * handle is valid, and hence can be optimized in case there's only one + * ciphersuite enabled. + * + * To avoid code-duplication between inline and non-inline implementations + * of this, we define internal static inline versions of all functions first, + * and define wrappers around these either here or in ssl_ciphersuites.c, + * depending on whether MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE is defined. + */ #if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ); -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ); -#endif - -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ); -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ); - -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED) -static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite_t *info ) +static inline mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg_internal( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + return( MBEDTLS_PK_RSA ); + + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( MBEDTLS_PK_ECDSA ); + + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + return( MBEDTLS_PK_ECKEY ); + + default: + return( MBEDTLS_PK_NONE ); + } +} + +static inline mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg_internal( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_RSA: + case MBEDTLS_KEY_EXCHANGE_DHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + return( MBEDTLS_PK_RSA ); + + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + return( MBEDTLS_PK_ECDSA ); + + default: + return( MBEDTLS_PK_NONE ); + } +} + +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_ec_internal( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: + case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: + case MBEDTLS_KEY_EXCHANGE_ECJPAKE: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_psk_internal( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) + { + case MBEDTLS_KEY_EXCHANGE_PSK: + case MBEDTLS_KEY_EXCHANGE_RSA_PSK: + case MBEDTLS_KEY_EXCHANGE_DHE_PSK: + case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: + return( 1 ); + + default: + return( 0 ); + } +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +/* + * Wrappers around internal helper functions to be used by the rest of + * the library, either defined static inline here or in ssl_ciphersuites.c. + */ + +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + +mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string( + const char *ciphersuite_name ); +mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( + int ciphersuite_id ); + +#if defined(MBEDTLS_PK_C) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( + mbedtls_ssl_ciphersuite_handle_t info ); +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( + mbedtls_ssl_ciphersuite_handle_t info ); +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +int mbedtls_ssl_ciphersuite_uses_ec( mbedtls_ssl_ciphersuite_handle_t info ); +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +int mbedtls_ssl_ciphersuite_uses_psk( mbedtls_ssl_ciphersuite_handle_t info ); +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +#if defined(MBEDTLS_PK_C) +static inline mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + return( mbedtls_ssl_get_ciphersuite_sig_pk_alg_internal( info ) ); +} + +static inline mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + return( mbedtls_ssl_get_ciphersuite_sig_alg_internal( info ) ); +} +#endif /* MBEDTLS_PK_C */ + +#if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_ec( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + return( mbedtls_ssl_ciphersuite_uses_ec_internal( info ) ); +} +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +static inline int mbedtls_ssl_ciphersuite_uses_psk( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + return( mbedtls_ssl_ciphersuite_uses_psk_internal( info ) ); +} +#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( + int ciphersuite ) +{ + static const int single_suite_id = + MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ); + + if( ciphersuite == single_suite_id ) + return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ); + + return( MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ); +} + +static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string( + const char *ciphersuite_name ) +{ + static const char * const single_suite_name = + MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ); + + if( strcmp( ciphersuite_name, single_suite_name ) == 0 ) + return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ); + + return( MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ); +} + +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +static inline int mbedtls_ssl_ciphersuite_has_pfs( + mbedtls_ssl_ciphersuite_handle_t info ) +{ + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: @@ -434,12 +771,11 @@ static inline int mbedtls_ssl_ciphersuite_has_pfs( const mbedtls_ssl_ciphersuite return( 0 ); } } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) -static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_no_pfs( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: @@ -452,12 +788,12 @@ static inline int mbedtls_ssl_ciphersuite_no_pfs( const mbedtls_ssl_ciphersuite_ return( 0 ); } } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersuite_t *info ) + +static inline int mbedtls_ssl_ciphersuite_uses_ecdh( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: @@ -467,11 +803,11 @@ static inline int mbedtls_ssl_ciphersuite_uses_ecdh( const mbedtls_ssl_ciphersui return( 0 ); } } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDH_ENABLED */ -static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_RSA: @@ -486,9 +822,10 @@ static inline int mbedtls_ssl_ciphersuite_cert_req_allowed( const mbedtls_ssl_ci } } -static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: @@ -504,10 +841,10 @@ static inline int mbedtls_ssl_ciphersuite_uses_srv_cert( const mbedtls_ssl_ciphe } } -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_dhe( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_DHE_PSK: @@ -517,12 +854,11 @@ static inline int mbedtls_ssl_ciphersuite_uses_dhe( const mbedtls_ssl_ciphersuit return( 0 ); } } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED) */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: @@ -533,12 +869,11 @@ static inline int mbedtls_ssl_ciphersuite_uses_ecdhe( const mbedtls_ssl_ciphersu return( 0 ); } } -#endif /* MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED) */ -#if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) -static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_ssl_ciphersuite_t *info ) +static inline int mbedtls_ssl_ciphersuite_uses_server_signature( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( info ) ) { case MBEDTLS_KEY_EXCHANGE_DHE_RSA: case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: @@ -549,7 +884,6 @@ static inline int mbedtls_ssl_ciphersuite_uses_server_signature( const mbedtls_s return( 0 ); } } -#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */ #ifdef __cplusplus } diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 151589f59..8a515772d 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -501,7 +501,9 @@ struct mbedtls_ssl_handshake_params const unsigned char *, size_t, unsigned char *, size_t); - mbedtls_ssl_ciphersuite_t const *ciphersuite_info; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ size_t pmslen; /*!< premaster length */ @@ -556,6 +558,21 @@ static inline int mbedtls_ssl_hs_get_extended_ms( } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) +static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_handshake_get_ciphersuite( + mbedtls_ssl_handshake_params const *handshake ) +{ + return( handshake->ciphersuite_info ); +} +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ +static inline mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_handshake_get_ciphersuite( + mbedtls_ssl_handshake_params const *handshake ) +{ + ((void) handshake); + return( MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE ); +} +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer; /* @@ -918,7 +935,7 @@ int mbedtls_ssl_parse_finished( mbedtls_ssl_context *ssl ); int mbedtls_ssl_write_finished( mbedtls_ssl_context *ssl ); void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ); + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info ); #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) int mbedtls_ssl_psk_derive_premaster( mbedtls_ssl_context *ssl, mbedtls_key_exchange_type_t key_ex ); @@ -978,7 +995,7 @@ static inline mbedtls_x509_crt *mbedtls_ssl_own_cert( mbedtls_ssl_context *ssl ) * Return 0 if everything is OK, -1 if not. */ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, + mbedtls_ssl_ciphersuite_handle_t ciphersuite, int cert_endpoint, uint32_t *flags ); #endif /* MBEDTLS_X509_CRT_PARSE_C */ @@ -1430,4 +1447,41 @@ static inline unsigned int mbedtls_ssl_conf_get_ems_enforced( } #endif /* MBEDTLS_SSL_EXTENDED_MASTER_SECRET */ +/* + * Macros for the traversal of the list of all enabled ciphersuites. + * This is implemented as a plain loop in case we have a runtime + * configurable list of ciphersuites, and as a simple variable + * instantiation in case a single ciphersuite is enabled at + * compile-time. + */ +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + +#define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \ + { \ + int const *__id_ptr; \ + for( __id_ptr=(ssl)->conf->ciphersuite_list[ (ver) ]; \ + *__id_ptr != 0; __id_ptr++ ) \ + { \ + const int __id = *__id_ptr; \ + mbedtls_ssl_ciphersuite_handle_t info; \ + info = mbedtls_ssl_ciphersuite_from_id( __id ); \ + if( info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) \ + continue; + +#define MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE \ + } \ + } + +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +#define MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, ver, info ) \ + do { \ + const mbedtls_ssl_ciphersuite_handle_t info = \ + MBEDTLS_SSL_CIPHERSUITE_UNIQUE_VALID_HANDLE; + +#define MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE \ + } while( 0 ); + +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + #endif /* ssl_internal.h */ diff --git a/library/ssl_cache.c b/library/ssl_cache.c index 62a0a2987..bcc2f59d1 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -84,10 +84,13 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) continue; #endif - if( session->ciphersuite != entry->session.ciphersuite || + if( mbedtls_ssl_session_get_ciphersuite( session ) != + mbedtls_ssl_session_get_ciphersuite( &entry->session ) || session->compression != entry->session.compression || session->id_len != entry->session.id_len ) + { continue; + } if( memcmp( session->id, entry->session.id, entry->session.id_len ) != 0 ) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 518f7dde0..ad660079a 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -54,6 +54,7 @@ */ static const int ciphersuite_preference[] = { +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) #if defined(MBEDTLS_SSL_CIPHERSUITES) MBEDTLS_SSL_CIPHERSUITES, #else @@ -311,9 +312,13 @@ static const int ciphersuite_preference[] = MBEDTLS_TLS_PSK_WITH_NULL_SHA, #endif /* MBEDTLS_SSL_CIPHERSUITES */ +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ), +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ 0 }; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = { #if defined(MBEDTLS_CHACHAPOLY_C) && \ @@ -449,11 +454,7 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, 0 }, - { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, "TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8", - MBEDTLS_CIPHER_AES_128_CCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3, - MBEDTLS_CIPHERSUITE_SHORT_TAG }, + MBEDTLS_SSL_SUITE_INFO( MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 ), #endif /* MBEDTLS_CCM_C */ #endif /* MBEDTLS_AES_C */ @@ -2170,8 +2171,9 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] = MBEDTLS_CIPHER_NONE, MBEDTLS_MD_NONE, MBEDTLS_KEY_EXCHANGE_NONE, 0, 0, 0, 0, 0 } }; +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ -#if defined(MBEDTLS_SSL_CIPHERSUITES) +#if defined(MBEDTLS_SSL_CIPHERSUITES) || defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) const int *mbedtls_ssl_list_ciphersuites( void ) { return( ciphersuite_preference ); @@ -2182,18 +2184,19 @@ const int *mbedtls_ssl_list_ciphersuites( void ) static int supported_ciphersuites[MAX_CIPHERSUITES]; static int supported_init = 0; -static int ciphersuite_is_removed( const mbedtls_ssl_ciphersuite_t *cs_info ) +static int ciphersuite_is_removed( mbedtls_ssl_ciphersuite_handle_t cs_info ) { - (void)cs_info; + if( cs_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) + return( 1 ); #if defined(MBEDTLS_REMOVE_ARC4_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + if( mbedtls_ssl_suite_get_cipher( cs_info ) == MBEDTLS_CIPHER_ARC4_128 ) return( 1 ); #endif /* MBEDTLS_REMOVE_ARC4_CIPHERSUITES */ #if defined(MBEDTLS_REMOVE_3DES_CIPHERSUITES) - if( cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_ECB || - cs_info->cipher == MBEDTLS_CIPHER_DES_EDE3_CBC ) + if( mbedtls_ssl_suite_get_cipher( cs_info ) == MBEDTLS_CIPHER_DES_EDE3_ECB || + mbedtls_ssl_suite_get_cipher( cs_info ) == MBEDTLS_CIPHER_DES_EDE3_CBC ) { return( 1 ); } @@ -2217,12 +2220,10 @@ const int *mbedtls_ssl_list_ciphersuites( void ) *p != 0 && q < supported_ciphersuites + MAX_CIPHERSUITES - 1; p++ ) { - const mbedtls_ssl_ciphersuite_t *cs_info; - if( ( cs_info = mbedtls_ssl_ciphersuite_from_id( *p ) ) != NULL && - !ciphersuite_is_removed( cs_info ) ) - { + mbedtls_ssl_ciphersuite_handle_t cs_info; + cs_info = mbedtls_ssl_ciphersuite_from_id( *p ); + if( !ciphersuite_is_removed( cs_info ) ) *(q++) = *p; - } } *q = 0; @@ -2231,12 +2232,13 @@ const int *mbedtls_ssl_list_ciphersuites( void ) return( supported_ciphersuites ); } -#endif /* MBEDTLS_SSL_CIPHERSUITES */ +#endif /* !( MBEDTLS_SSL_CIPHERSUITES || MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) */ -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) +mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_string( const char *ciphersuite_name ) { - const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; + mbedtls_ssl_ciphersuite_handle_t cur = ciphersuite_definitions; if( NULL == ciphersuite_name ) return( NULL ); @@ -2252,9 +2254,9 @@ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_string( return( NULL ); } -const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) +mbedtls_ssl_ciphersuite_handle_t mbedtls_ssl_ciphersuite_from_id( int ciphersuite ) { - const mbedtls_ssl_ciphersuite_t *cur = ciphersuite_definitions; + mbedtls_ssl_ciphersuite_handle_t cur = ciphersuite_definitions; while( cur->id != 0 ) { @@ -2269,7 +2271,7 @@ const mbedtls_ssl_ciphersuite_t *mbedtls_ssl_ciphersuite_from_id( int ciphersuit const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) { - const mbedtls_ssl_ciphersuite_t *cur; + mbedtls_ssl_ciphersuite_handle_t cur; cur = mbedtls_ssl_ciphersuite_from_id( ciphersuite_id ); @@ -2281,7 +2283,7 @@ const char *mbedtls_ssl_get_ciphersuite_name( const int ciphersuite_id ) int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) { - const mbedtls_ssl_ciphersuite_t *cur; + mbedtls_ssl_ciphersuite_handle_t cur; cur = mbedtls_ssl_ciphersuite_from_string( ciphersuite_name ); @@ -2292,82 +2294,62 @@ int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) } #if defined(MBEDTLS_PK_C) -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( const mbedtls_ssl_ciphersuite_t *info ) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_pk_alg( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - return( MBEDTLS_PK_RSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - return( MBEDTLS_PK_ECKEY ); - - default: - return( MBEDTLS_PK_NONE ); - } + return( mbedtls_ssl_get_ciphersuite_sig_pk_alg_internal( info ) ); } -mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( const mbedtls_ssl_ciphersuite_t *info ) +mbedtls_pk_type_t mbedtls_ssl_get_ciphersuite_sig_alg( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_RSA: - case MBEDTLS_KEY_EXCHANGE_DHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - return( MBEDTLS_PK_RSA ); - - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - return( MBEDTLS_PK_ECDSA ); - - default: - return( MBEDTLS_PK_NONE ); - } + return( mbedtls_ssl_get_ciphersuite_sig_alg_internal( info ) ); } - #endif /* MBEDTLS_PK_C */ #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) -int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info ) +int mbedtls_ssl_ciphersuite_uses_ec( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDH_RSA: - case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA: - case MBEDTLS_KEY_EXCHANGE_ECJPAKE: - return( 1 ); - - default: - return( 0 ); - } + return( mbedtls_ssl_ciphersuite_uses_ec_internal( info ) ); } -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED*/ +#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C || + MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) -int mbedtls_ssl_ciphersuite_uses_psk( const mbedtls_ssl_ciphersuite_t *info ) +int mbedtls_ssl_ciphersuite_uses_psk( + mbedtls_ssl_ciphersuite_handle_t info ) { - switch( info->key_exchange ) - { - case MBEDTLS_KEY_EXCHANGE_PSK: - case MBEDTLS_KEY_EXCHANGE_RSA_PSK: - case MBEDTLS_KEY_EXCHANGE_DHE_PSK: - case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK: - return( 1 ); - - default: - return( 0 ); - } + return( mbedtls_ssl_ciphersuite_uses_psk_internal( info ) ); } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ +#else /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + +const char *mbedtls_ssl_get_ciphersuite_name( + const int ciphersuite_id ) +{ + static const int single_suite_id = + MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ); + + if( ciphersuite_id == single_suite_id ) + return( MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); + + return( "unknown" ); +} + +int mbedtls_ssl_get_ciphersuite_id( const char *ciphersuite_name ) +{ + static const char * const single_suite_name = + MBEDTLS_SSL_SUITE_NAME( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ); + + if( strcmp( ciphersuite_name, single_suite_name ) == 0 ) + return( MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ); + + return( 0 ); +} + +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + #endif /* MBEDTLS_SSL_TLS_C */ diff --git a/library/ssl_cli.c b/library/ssl_cli.c index a050adb3b..d45f3d3fe 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -780,34 +780,45 @@ static int ssl_generate_random( mbedtls_ssl_context *ssl ) * * \return 0 if valid, else 1 */ -static int ssl_validate_ciphersuite( const mbedtls_ssl_ciphersuite_t * suite_info, +static int ssl_validate_ciphersuite( mbedtls_ssl_ciphersuite_handle_t suite_info, const mbedtls_ssl_context * ssl, int min_minor_ver, int max_minor_ver ) { (void) ssl; - if( suite_info == NULL ) + if( suite_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) return( 1 ); - if( suite_info->min_minor_ver > max_minor_ver || - suite_info->max_minor_ver < min_minor_ver ) + + if( mbedtls_ssl_suite_get_min_minor_ver( suite_info ) > max_minor_ver || + mbedtls_ssl_suite_get_max_minor_ver( suite_info ) < min_minor_ver ) + { return( 1 ); + } #if defined(MBEDTLS_SSL_PROTO_DTLS) if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) + ( mbedtls_ssl_suite_get_flags( suite_info ) & + MBEDTLS_CIPHERSUITE_NODTLS ) != 0 ) + { return( 1 ); + } #endif #if defined(MBEDTLS_ARC4_C) if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + mbedtls_ssl_suite_get_cipher( suite_info ) == MBEDTLS_CIPHER_ARC4_128 ) + { return( 1 ); + } #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && - mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) + if( mbedtls_ssl_suite_get_key_exchange( suite_info ) == + MBEDTLS_KEY_EXCHANGE_ECJPAKE && + mbedtls_ecjpake_check( &ssl->handshake->ecjpake_ctx ) != 0 ) + { return( 1 ); + } #endif return( 0 ); @@ -820,8 +831,6 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) unsigned char *buf; unsigned char *p, *q; unsigned char offer_compress; - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) int uses_ec = 0; @@ -961,24 +970,25 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) /* * Ciphersuite list */ - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; /* Skip writing ciphersuite length for now */ n = 0; q = p; p += 2; - for( i = 0; ciphersuites[i] != 0; i++ ) + MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, + ssl->minor_ver, + ciphersuite_info ) { - ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] ); - if( ssl_validate_ciphersuite( ciphersuite_info, ssl, ssl->conf->min_minor_ver, ssl->conf->max_minor_ver ) != 0 ) + { continue; + } MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x", - ciphersuites[i] ) ); + mbedtls_ssl_suite_get_id( ciphersuite_info ) ) ); #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) @@ -986,9 +996,12 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) #endif n++; - *p++ = (unsigned char)( ciphersuites[i] >> 8 ); - *p++ = (unsigned char)( ciphersuites[i] ); + *p++ = (unsigned char)( + mbedtls_ssl_suite_get_id( ciphersuite_info ) >> 8 ); + *p++ = (unsigned char)( + mbedtls_ssl_suite_get_id( ciphersuite_info ) ); } + MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, got %d ciphersuites (excluding SCSVs)", n ) ); @@ -1428,8 +1441,9 @@ static int ssl_parse_ecjpake_kkpp( mbedtls_ssl_context *ssl, { int ret; - if( ssl->handshake->ciphersuite_info->key_exchange != - MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if( mbedtls_ssl_suite_get_key_exchange( + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ) ) + != MBEDTLS_KEY_EXCHANGE_ECJPAKE ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "skip ecjpake kkpp extension" ) ); return( 0 ); @@ -1613,7 +1627,9 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) int extended_ms_seen = 0; #endif int handshake_failure = 0; - const mbedtls_ssl_ciphersuite_t *suite_info; + + /* The ciphersuite chosen by the server. */ + mbedtls_ssl_ciphersuite_handle_t server_suite_info; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server hello" ) ); @@ -1789,16 +1805,18 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) /* * Initialize update checksum functions */ - ssl->handshake->ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( i ); - if( ssl->handshake->ciphersuite_info == NULL ) + server_suite_info = mbedtls_ssl_ciphersuite_from_id( i ); +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + ssl->handshake->ciphersuite_info = server_suite_info; +#endif + if( server_suite_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %04x not found", i ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - - mbedtls_ssl_optimize_checksum( ssl, ssl->handshake->ciphersuite_info ); + mbedtls_ssl_optimize_checksum( ssl, server_suite_info ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, session id len.: %d", n ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "server hello, session id", buf + 35, n ); @@ -1817,7 +1835,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) #if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION) if( n == 0 || mbedtls_ssl_get_renego_status( ssl ) != MBEDTLS_SSL_INITIAL_HANDSHAKE || - ssl->session_negotiate->ciphersuite != i || + mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ) != i || ssl->session_negotiate->compression != comp || ssl->session_negotiate->id_len != n || memcmp( ssl->session_negotiate->id, buf + 35, n ) != 0 ) @@ -1846,7 +1864,9 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_HAVE_TIME) ssl->session_negotiate->start = mbedtls_time( NULL ); #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) ssl->session_negotiate->ciphersuite = i; +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ ssl->session_negotiate->compression = comp; ssl->session_negotiate->id_len = n; memcpy( ssl->session_negotiate->id, buf + 35, n ); @@ -1861,37 +1881,39 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) /* * Perform cipher suite validation in same way as in ssl_write_client_hello. */ - i = 0; - while( 1 ) + MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, + ssl->minor_ver, + ciphersuite_info ) { - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i] == 0 ) + if( ssl_validate_ciphersuite( ciphersuite_info, ssl, + ssl->conf->min_minor_ver, + ssl->conf->max_minor_ver ) != 0 ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + continue; } - if( ssl->conf->ciphersuite_list[ssl->minor_ver][i++] == - ssl->session_negotiate->ciphersuite ) - { - break; - } - } + if( ciphersuite_info != server_suite_info ) + continue; - suite_info = mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ); - if( ssl_validate_ciphersuite( suite_info, ssl, ssl->minor_ver, ssl->minor_ver ) != 0 ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + goto server_picked_valid_suite; } + MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", suite_info->name ) ); + /* If we reach this code-path, the server's chosen ciphersuite + * wasn't among those advertised by us. */ + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + +server_picked_valid_suite: + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", + mbedtls_ssl_suite_get_name( server_suite_info ) ) ); #if defined(MBEDTLS_SSL__ECP_RESTARTABLE) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && + if( mbedtls_ssl_suite_get_key_exchange( server_suite_info ) == + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA && ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { ssl->handshake->ecrs_enabled = 1; @@ -2555,14 +2577,15 @@ cleanup: static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) { int ret; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); unsigned char *p = NULL, *end = NULL; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_RSA ) { MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; @@ -2574,8 +2597,10 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { if( ( ret = ssl_get_ecdh_params_from_cert( ssl ) ) != 0 ) { @@ -2622,8 +2647,10 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl ) */ if( ssl->in_msg[0] != MBEDTLS_SSL_HS_SERVER_KEY_EXCHANGE ) { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { /* Current message is probably either * CertificateRequest or ServerHelloDone */ @@ -2650,10 +2677,14 @@ start_processing: MBEDTLS_SSL_DEBUG_BUF( 3, "server key exchange", p, end - p ); #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) { @@ -2667,16 +2698,22 @@ start_processing: #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { ; /* nothing more to do */ + } else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED || MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_DHE_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) { @@ -2692,9 +2729,12 @@ start_processing: #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) { @@ -2709,7 +2749,8 @@ start_processing: MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) { ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, p, end - p ); @@ -2922,8 +2963,8 @@ exit: #if ! defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); @@ -2944,8 +2985,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl ) unsigned char *buf; size_t n = 0; size_t cert_type_len = 0, dn_len = 0; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate request" ) ); @@ -3145,13 +3186,13 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) { int ret; size_t i, n; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) ); #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) { /* * DHM key exchange -- send G^X mod P @@ -3195,10 +3236,14 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl ) defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { /* * ECDH key exchange -- send client public value @@ -3296,14 +3341,16 @@ ecdh_calc_secret: i += ssl->conf->psk_identity_len; #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_PSK ) { n = 0; } else #endif #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 ) return( ret ); @@ -3311,7 +3358,8 @@ ecdh_calc_secret: else #endif #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { /* * ClientDiffieHellmanPublic public (DHM send G^X mod P) @@ -3342,7 +3390,8 @@ ecdh_calc_secret: else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { /* * ClientECDiffieHellmanPublic public; @@ -3368,7 +3417,7 @@ ecdh_calc_secret: } if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); @@ -3377,7 +3426,8 @@ ecdh_calc_secret: else #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_RSA ) { i = 4; if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 ) @@ -3386,7 +3436,8 @@ ecdh_calc_secret: else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_ECJPAKE ) { i = 4; @@ -3438,8 +3489,8 @@ ecdh_calc_secret: #if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); int ret; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate verify" ) ); @@ -3464,8 +3515,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl ) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); size_t n = 0, offset = 0; unsigned char hash[48]; unsigned char *hash_start = hash; @@ -3570,7 +3621,9 @@ sign: * Reason: Otherwise we should have running hashes for SHA512 and SHA224 * in order to satisfy 'weird' needs from the server side. */ - if( ssl->handshake->ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if( mbedtls_ssl_suite_get_mac( + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ) ) + == MBEDTLS_MD_SHA384 ) { md_alg = MBEDTLS_MD_SHA384; ssl->out_msg[4] = MBEDTLS_SSL_HASH_SHA384; diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 4fab4ed16..e743eff87 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -759,9 +759,8 @@ static int ssl_check_key_curve( mbedtls_pk_context *pk, * return 0 on success and -1 on failure. */ static int ssl_pick_cert( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t * ciphersuite_info, + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info, mbedtls_ecp_group_id const *acceptable_ec_grp_ids ) - { mbedtls_ssl_key_cert *cur, *list, *fallback = NULL; mbedtls_pk_type_t pk_alg = @@ -919,28 +918,20 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl, * Check if a given ciphersuite is suitable for use with our config/keys/etc * Sets ciphersuite_info only if the suite matches. */ -static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, - const mbedtls_ssl_ciphersuite_t **ciphersuite_info, - mbedtls_ecp_group_id const *acceptable_ec_grp_ids ) +static int ssl_ciphersuite_is_match( mbedtls_ssl_context *ssl, + mbedtls_ssl_ciphersuite_handle_t suite_info, + mbedtls_ecp_group_id const *acceptable_ec_grp_ids ) { - const mbedtls_ssl_ciphersuite_t *suite_info; - #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \ defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) mbedtls_pk_type_t sig_type; #endif - suite_info = mbedtls_ssl_ciphersuite_from_id( suite_id ); - if( suite_info == NULL ) - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - return( MBEDTLS_ERR_SSL_INTERNAL_ERROR ); - } + MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", + mbedtls_ssl_suite_get_name( suite_info ) ) ); - MBEDTLS_SSL_DEBUG_MSG( 3, ( "trying ciphersuite: %s", suite_info->name ) ); - - if( suite_info->min_minor_ver > ssl->minor_ver || - suite_info->max_minor_ver < ssl->minor_ver ) + if( mbedtls_ssl_suite_get_min_minor_ver( suite_info ) > ssl->minor_ver || + mbedtls_ssl_suite_get_max_minor_ver( suite_info ) < ssl->minor_ver ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: version" ) ); return( 0 ); @@ -948,13 +939,16 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, #if defined(MBEDTLS_SSL_PROTO_DTLS) if( MBEDTLS_SSL_TRANSPORT_IS_DTLS( ssl->conf->transport ) && - ( suite_info->flags & MBEDTLS_CIPHERSUITE_NODTLS ) ) + ( mbedtls_ssl_suite_get_flags( suite_info ) & + MBEDTLS_CIPHERSUITE_NODTLS ) ) + { return( 0 ); + } #endif #if defined(MBEDTLS_ARC4_C) if( ssl->conf->arc4_disabled == MBEDTLS_SSL_ARC4_DISABLED && - suite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + mbedtls_ssl_suite_get_cipher( suite_info ) == MBEDTLS_CIPHER_ARC4_128 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: rc4" ) ); return( 0 ); @@ -962,7 +956,8 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, #endif #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( suite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE && + if( mbedtls_ssl_suite_get_key_exchange( suite_info ) == + MBEDTLS_KEY_EXCHANGE_ECJPAKE && ( ssl->handshake->cli_exts & MBEDTLS_TLS_EXT_ECJPAKE_KKPP_OK ) == 0 ) { MBEDTLS_SSL_DEBUG_MSG( 3, ( "ciphersuite mismatch: ecjpake " @@ -1031,8 +1026,7 @@ static int ssl_ciphersuite_match( mbedtls_ssl_context *ssl, int suite_id, ((void) acceptable_ec_grp_ids); #endif - *ciphersuite_info = suite_info; - return( 0 ); + return( 1 ); } #if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO) @@ -1043,8 +1037,9 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) size_t n; unsigned int ciph_len, sess_len, chal_len; unsigned char *buf, *p; - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; +#endif MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client hello v2" ) ); @@ -1234,33 +1229,50 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) #endif /* MBEDTLS_SSL_FALLBACK_SCSV */ got_common_suite = 0; - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) - for( i = 0; ciphersuites[i] != 0; i++ ) -#else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) -#endif + { + MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, \ + ssl->minor_ver, \ + cur_info ) { +#else + MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, \ + ssl->minor_ver, \ + cur_info ) + { + for( j = 0, p = buf + 6; j < ciph_len; j += 3, p += 3 ) + { +#endif + const int ciphersuite_id = + mbedtls_ssl_suite_get_id( cur_info ); + if( p[0] != 0 || - p[1] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[2] != ( ( ciphersuites[i] ) & 0xFF ) ) + p[1] != ( ( ciphersuite_id >> 8 ) & 0xFF ) || + p[2] != ( ( ciphersuite_id ) & 0xFF ) ) + { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info, - NULL ) ) ) + if( ssl_ciphersuite_is_match( ssl, cur_info, NULL ) ) { - return( ret ); +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + ciphersuite_info = cur_info; +#endif + goto have_ciphersuite_v2; } - if( ciphersuite_info != NULL ) - goto have_ciphersuite_v2; +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) } + MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE + } +#else + } + } + MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE +#endif if( got_common_suite ) { @@ -1275,10 +1287,16 @@ static int ssl_parse_client_hello_v2( mbedtls_ssl_context *ssl ) } have_ciphersuite_v2: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); - ssl->session_negotiate->ciphersuite = ciphersuites[i]; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + ssl->session_negotiate->ciphersuite = + mbedtls_ssl_suite_get_id( ciphersuite_info ); ssl->handshake->ciphersuite_info = ciphersuite_info; +#endif + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", + mbedtls_ssl_get_ciphersuite_name( + mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ) ) ) ); /* * SSLv2 Client Hello relevant renegotiation security checks @@ -1322,8 +1340,10 @@ static int ssl_parse_client_hello( mbedtls_ssl_context *ssl ) int extended_ms_seen = 0; #endif int handshake_failure = 0; - const int *ciphersuites; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; +#endif int major, minor; #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ @@ -2128,32 +2148,49 @@ read_record_header: * and certificate from the SNI callback triggered by the SNI extension.) */ got_common_suite = 0; - ciphersuites = ssl->conf->ciphersuite_list[ssl->minor_ver]; - ciphersuite_info = NULL; #if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) - for( i = 0; ciphersuites[i] != 0; i++ ) -#else - for( i = 0; ciphersuites[i] != 0; i++ ) - for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) -#endif + { + MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, \ + ssl->minor_ver, \ + cur_info ) { - if( p[0] != ( ( ciphersuites[i] >> 8 ) & 0xFF ) || - p[1] != ( ( ciphersuites[i] ) & 0xFF ) ) +#else + MBEDTLS_SSL_BEGIN_FOR_EACH_CIPHERSUITE( ssl, \ + ssl->minor_ver, \ + cur_info ) + { + for( j = 0, p = buf + ciph_offset + 2; j < ciph_len; j += 2, p += 2 ) + { +#endif + const int ciphersuite_id = + mbedtls_ssl_suite_get_id( cur_info ); + + if( p[0] != ( ( ciphersuite_id >> 8 ) & 0xFF ) || + p[1] != ( ( ciphersuite_id ) & 0xFF ) ) + { continue; + } got_common_suite = 1; - if( ( ret = ssl_ciphersuite_match( ssl, ciphersuites[i], - &ciphersuite_info, - acceptable_ec_grp_ids ) ) != 0 ) + if( ssl_ciphersuite_is_match( ssl, cur_info, + acceptable_ec_grp_ids) ) { - return( ret ); - } - - if( ciphersuite_info != NULL ) +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + ciphersuite_info = cur_info; +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ goto have_ciphersuite; + } +#if defined(MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE) } + MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE + } +#else + } + } + MBEDTLS_SSL_END_FOR_EACH_CIPHERSUITE +#endif if( got_common_suite ) { @@ -2172,10 +2209,16 @@ read_record_header: } have_ciphersuite: - MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", ciphersuite_info->name ) ); - ssl->session_negotiate->ciphersuite = ciphersuites[i]; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + ssl->session_negotiate->ciphersuite = + mbedtls_ssl_suite_get_id( ciphersuite_info ); ssl->handshake->ciphersuite_info = ciphersuite_info; +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "selected ciphersuite: %s", + mbedtls_ssl_get_ciphersuite_name( + mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ) ) ) ); ssl->state++; @@ -2190,7 +2233,8 @@ have_ciphersuite: defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) if( ssl->minor_ver == MBEDTLS_SSL_MINOR_VERSION_3 ) { - mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( ciphersuite_info ); + mbedtls_pk_type_t sig_alg = mbedtls_ssl_get_ciphersuite_sig_alg( + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ) ); if( sig_alg != MBEDTLS_PK_NONE ) { mbedtls_md_type_t md_alg = mbedtls_ssl_sig_hash_set_find( &ssl->handshake->hash_algs, @@ -2290,7 +2334,8 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, size_t *olen ) { unsigned char *p = buf; - const mbedtls_ssl_ciphersuite_t *suite = NULL; + mbedtls_ssl_ciphersuite_handle_t suite = + MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE; const mbedtls_cipher_info_t *cipher = NULL; if( ssl->session_negotiate->encrypt_then_mac == MBEDTLS_SSL_ETM_DISABLED || @@ -2306,9 +2351,17 @@ static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, * with Associated Data (AEAD) ciphersuite, it MUST NOT send an * encrypt-then-MAC response extension back to the client." */ - if( ( suite = mbedtls_ssl_ciphersuite_from_id( - ssl->session_negotiate->ciphersuite ) ) == NULL || - ( cipher = mbedtls_cipher_info_from_type( suite->cipher ) ) == NULL || + suite = mbedtls_ssl_ciphersuite_from_id( + mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ) ); + if( suite == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) + { + *olen = 0; + return; + } + + cipher = mbedtls_cipher_info_from_type( + mbedtls_ssl_suite_get_cipher( suite ) ); + if( cipher == NULL || cipher->mode != MBEDTLS_MODE_CBC ) { *olen = 0; @@ -2491,9 +2544,12 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, *olen = 0; /* Skip costly computation if not needed */ - if( ssl->handshake->ciphersuite_info->key_exchange != + if( mbedtls_ssl_suite_get_key_exchange( + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ) ) != MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + { return; + } MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, ecjpake kkpp extension" ) ); @@ -2637,6 +2693,7 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) mbedtls_time_t t; #endif int ret; + int ciphersuite; size_t olen, ext_len = 0, n; unsigned char *buf, *p; @@ -2786,12 +2843,13 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_MSG( 3, ( "%s session has been resumed", mbedtls_ssl_handshake_get_resume( ssl->handshake ) ? "a" : "no" ) ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite >> 8 ); - *p++ = (unsigned char)( ssl->session_negotiate->ciphersuite ); + ciphersuite = mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ); + *p++ = (unsigned char)( ciphersuite >> 8 ); + *p++ = (unsigned char)( ciphersuite ); *p++ = (unsigned char)( ssl->session_negotiate->compression ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, chosen ciphersuite: %s", - mbedtls_ssl_get_ciphersuite_name( ssl->session_negotiate->ciphersuite ) ) ); + mbedtls_ssl_get_ciphersuite_name( ciphersuite ) ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, compress alg.: 0x%02X", ssl->session_negotiate->compression ) ); @@ -2840,7 +2898,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if defined(MBEDTLS_ECDH_C) || defined(MBEDTLS_ECDSA_C) || \ defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) if ( mbedtls_ssl_ciphersuite_uses_ec( - mbedtls_ssl_ciphersuite_from_id( ssl->session_negotiate->ciphersuite ) ) ) + mbedtls_ssl_ciphersuite_from_id( + mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ) ) ) ) { ssl_write_supported_point_formats_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; @@ -2884,8 +2943,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); @@ -2903,8 +2962,8 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) static int ssl_write_certificate_request( mbedtls_ssl_context *ssl ) { int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); size_t dn_size, total_dn_size; /* excluding length bytes */ size_t ct_len, sa_len; /* including length bytes */ unsigned char *buf, *p; @@ -3134,8 +3193,8 @@ static int ssl_resume_server_key_exchange( mbedtls_ssl_context *ssl, static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, size_t *signature_len ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); #if defined(MBEDTLS_KEY_EXCHANGE__SOME_PFS__ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED) @@ -3160,7 +3219,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, * - ECJPAKE key exchanges */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) { int ret; size_t len = 0; @@ -3188,8 +3248,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, **/ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == MBEDTLS_KEY_EXCHANGE_DHE_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { ssl->out_msg[ssl->out_msglen++] = 0x00; ssl->out_msg[ssl->out_msglen++] = 0x00; @@ -3353,7 +3413,8 @@ static int ssl_prepare_server_key_exchange( mbedtls_ssl_context *ssl, #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */ #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \ defined(MBEDTLS_SSL_PROTO_TLS1_1) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ) { /* B: Default hash SHA1 */ md_alg = MBEDTLS_MD_SHA1; @@ -3495,8 +3556,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl ) int ret; size_t signature_len = 0; #if defined(MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED) - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); #endif /* MBEDTLS_KEY_EXCHANGE__SOME_NON_PFS__ENABLED */ MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); @@ -3939,18 +4000,17 @@ static int ssl_parse_client_psk_identity( mbedtls_ssl_context *ssl, unsigned cha static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) { int ret; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); unsigned char *p, *end; - ciphersuite_info = ssl->handshake->ciphersuite_info; - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse client key exchange" ) ); #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) && \ ( defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) ) - if( ( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) && + if( ( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == MBEDTLS_KEY_EXCHANGE_RSA_PSK || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == MBEDTLS_KEY_EXCHANGE_RSA ) && ( ssl->handshake->async_in_progress != 0 ) ) { /* We've already read a record and there is an asynchronous @@ -3982,7 +4042,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) } #if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_DHE_RSA ) { if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 ) { @@ -4015,10 +4076,14 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \ defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDH_RSA || + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) + == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ) { if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx, p, end - p) ) != 0 ) @@ -4050,7 +4115,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED || MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_PSK ) { if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { @@ -4065,7 +4131,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) } if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); @@ -4074,7 +4140,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_RSA_PSK ) { #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) if ( ssl->handshake->async_in_progress != 0 ) @@ -4102,7 +4169,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) } if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); @@ -4111,7 +4178,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_DHE_PSK ) { if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { @@ -4131,7 +4199,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) } if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); @@ -4140,7 +4208,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ) { if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) { @@ -4159,7 +4228,7 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) MBEDTLS_DEBUG_ECDH_QP ); if( ( ret = mbedtls_ssl_psk_derive_premaster( ssl, - ciphersuite_info->key_exchange ) ) != 0 ) + mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) ) ) != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_psk_derive_premaster", ret ); return( ret ); @@ -4168,7 +4237,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_RSA ) { if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 0 ) ) != 0 ) { @@ -4179,7 +4249,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) else #endif /* MBEDTLS_KEY_EXCHANGE_RSA_ENABLED */ #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_ECJPAKE ) { ret = mbedtls_ecjpake_read_round_two( &ssl->handshake->ecjpake_ctx, p, end - p ); @@ -4222,8 +4293,8 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl ) #if !defined(MBEDTLS_KEY_EXCHANGE__CERT_REQ_ALLOWED__ENABLED) static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); @@ -4249,8 +4320,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl ) mbedtls_pk_type_t pk_alg; #endif mbedtls_md_type_t md_alg; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); mbedtls_pk_context *peer_pk = NULL; MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate verify" ) ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 84c78c48e..e63c6880b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -801,7 +801,7 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, size_t mac_key_len; size_t iv_copy_len; unsigned keylen; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; const mbedtls_cipher_info_t *cipher_info; const mbedtls_md_info_t *md_info; @@ -823,26 +823,28 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, * Get various info structures */ ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuite ); - if( ciphersuite_info == NULL ) + if( ciphersuite_info == MBEDTLS_SSL_CIPHERSUITE_INVALID_HANDLE ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "ciphersuite info for %d not found", ciphersuite ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - cipher_info = mbedtls_cipher_info_from_type( ciphersuite_info->cipher ); + cipher_info = mbedtls_cipher_info_from_type( + mbedtls_ssl_suite_get_cipher( ciphersuite_info ) ); if( cipher_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "cipher info for %d not found", - ciphersuite_info->cipher ) ); + mbedtls_ssl_suite_get_cipher( ciphersuite_info ) ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } - md_info = mbedtls_md_info_from_type( ciphersuite_info->mac ); + md_info = mbedtls_md_info_from_type( + mbedtls_ssl_suite_get_mac( ciphersuite_info ) ); if( md_info == NULL ) { MBEDTLS_SSL_DEBUG_MSG( 1, ( "mbedtls_md info for %d not found", - ciphersuite_info->mac ) ); + mbedtls_ssl_suite_get_mac( ciphersuite_info ) ) ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } @@ -899,8 +901,8 @@ static int ssl_populate_transform( mbedtls_ssl_transform *transform, transform->maclen = 0; mac_key_len = 0; - transform->taglen = - ciphersuite_info->flags & MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; + transform->taglen = mbedtls_ssl_suite_get_flags( ciphersuite_info ) & + MBEDTLS_CIPHERSUITE_SHORT_TAG ? 8 : 16; /* All modes haves 96-bit IVs; * GCM and CCM has 4 implicit and 8 explicit bytes @@ -1338,15 +1340,15 @@ static int ssl_compute_master( mbedtls_ssl_handshake_params *handshake, int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) { int ret; - const mbedtls_ssl_ciphersuite_t * const ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t const ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> derive keys" ) ); /* Set PRF, calc_verify and calc_finished function pointers */ ret = ssl_set_handshake_prfs( ssl->handshake, - ssl->minor_ver, - ciphersuite_info->mac ); + ssl->minor_ver, + mbedtls_ssl_suite_get_mac( ciphersuite_info ) ); if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_set_handshake_prfs", ret ); @@ -1376,24 +1378,24 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) /* Populate transform structure */ ret = ssl_populate_transform( ssl->transform_negotiate, - ssl->session_negotiate->ciphersuite, - ssl->session_negotiate->master, + mbedtls_ssl_session_get_ciphersuite( ssl->session_negotiate ), + ssl->session_negotiate->master, #if defined(MBEDTLS_SSL_SOME_MODES_USE_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) - ssl->session_negotiate->encrypt_then_mac, + ssl->session_negotiate->encrypt_then_mac, #endif #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) - ssl->session_negotiate->trunc_hmac, + ssl->session_negotiate->trunc_hmac, #endif #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */ #if defined(MBEDTLS_ZLIB_SUPPORT) - ssl->session_negotiate->compression, + ssl->session_negotiate->compression, #endif - ssl->handshake->tls_prf, - ssl->handshake->randbytes, - ssl->minor_ver, - mbedtls_ssl_conf_get_endpoint( ssl->conf ), - ssl ); + ssl->handshake->tls_prf, + ssl->handshake->randbytes, + ssl->minor_ver, + mbedtls_ssl_conf_get_endpoint( ssl->conf ), + ssl ); if( ret != 0 ) { MBEDTLS_SSL_DEBUG_RET( 1, "ssl_populate_transform", ret ); @@ -6070,7 +6072,8 @@ static void ssl_clear_peer_cert( mbedtls_ssl_session *session ) /* No certificate support -> dummy functions */ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); @@ -6087,7 +6090,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) ); @@ -6110,7 +6114,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl ) int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; size_t i, n; const mbedtls_x509_crt *crt; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate" ) ); @@ -6474,8 +6479,8 @@ static int ssl_srv_check_client_no_crt_notification( mbedtls_ssl_context *ssl ) static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, int authmode ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); if( !mbedtls_ssl_ciphersuite_uses_srv_cert( ciphersuite_info ) ) return( SSL_CERTIFICATE_SKIP ); @@ -6483,8 +6488,11 @@ static int ssl_parse_certificate_coordinate( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_SRV_C) if( mbedtls_ssl_conf_get_endpoint( ssl->conf ) == MBEDTLS_SSL_IS_SERVER ) { - if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + if( mbedtls_ssl_suite_get_key_exchange( ciphersuite_info ) == + MBEDTLS_KEY_EXCHANGE_RSA_PSK ) + { return( SSL_CERTIFICATE_SKIP ); + } if( authmode == MBEDTLS_SSL_VERIFY_NONE ) { @@ -6506,8 +6514,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl, void *rs_ctx ) { int verify_ret; - const mbedtls_ssl_ciphersuite_t *ciphersuite_info = - ssl->handshake->ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info = + mbedtls_ssl_handshake_get_ciphersuite( ssl->handshake ); mbedtls_x509_crt *ca_chain; mbedtls_x509_crl *ca_crl; @@ -6973,7 +6981,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl ) } void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, - const mbedtls_ssl_ciphersuite_t *ciphersuite_info ) + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info ) { ((void) ciphersuite_info); @@ -6985,12 +6993,12 @@ void mbedtls_ssl_optimize_checksum( mbedtls_ssl_context *ssl, #endif #if defined(MBEDTLS_SSL_PROTO_TLS1_2) #if defined(MBEDTLS_SHA512_C) - if( ciphersuite_info->mac == MBEDTLS_MD_SHA384 ) + if( mbedtls_ssl_suite_get_mac( ciphersuite_info ) == MBEDTLS_MD_SHA384 ) ssl->handshake->update_checksum = ssl_update_checksum_sha384; else #endif #if defined(MBEDTLS_SHA256_C) - if( ciphersuite_info->mac != MBEDTLS_MD_SHA384 ) + if( mbedtls_ssl_suite_get_mac( ciphersuite_info ) != MBEDTLS_MD_SHA384 ) ssl->handshake->update_checksum = ssl_update_checksum_sha256; else #endif @@ -8315,6 +8323,7 @@ int mbedtls_ssl_set_session( mbedtls_ssl_context *ssl, const mbedtls_ssl_session } #endif /* MBEDTLS_SSL_CLI_C && !MBEDTLS_SSL_NO_SESSION_RESUMPTION */ +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) void mbedtls_ssl_conf_ciphersuites( mbedtls_ssl_config *conf, const int *ciphersuites ) { @@ -8336,6 +8345,7 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf, conf->ciphersuite_list[minor] = ciphersuites; } +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if defined(MBEDTLS_X509_CRT_PARSE_C) void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf, @@ -8958,10 +8968,13 @@ uint32_t mbedtls_ssl_get_verify_result( const mbedtls_ssl_context *ssl ) const char *mbedtls_ssl_get_ciphersuite( const mbedtls_ssl_context *ssl ) { + int suite; + if( ssl == NULL || ssl->session == NULL ) return( NULL ); - return mbedtls_ssl_get_ciphersuite_name( ssl->session->ciphersuite ); + suite = mbedtls_ssl_session_get_ciphersuite( ssl->session ); + return( mbedtls_ssl_get_ciphersuite_name( suite ) ); } const char *mbedtls_ssl_get_version( const mbedtls_ssl_context *ssl ) @@ -9383,8 +9396,10 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, if( used <= buf_len ) { - *p++ = (unsigned char)( ( session->ciphersuite >> 8 ) & 0xFF ); - *p++ = (unsigned char)( ( session->ciphersuite ) & 0xFF ); + const int ciphersuite = + mbedtls_ssl_session_get_ciphersuite( session ); + *p++ = (unsigned char)( ( ciphersuite >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ciphersuite ) & 0xFF ); *p++ = (unsigned char)( session->compression & 0xFF ); @@ -9522,6 +9537,7 @@ static int ssl_session_load( mbedtls_ssl_session *session, { const unsigned char *p = buf; const unsigned char * const end = buf + len; + int ciphersuite; #if defined(MBEDTLS_HAVE_TIME) uint64_t start; #endif @@ -9568,12 +9584,23 @@ static int ssl_session_load( mbedtls_ssl_session *session, /* * Basic mandatory fields */ + if( 2 + 1 + 1 + 32 + 48 + 4 > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - session->ciphersuite = ( p[0] << 8 ) | p[1]; + ciphersuite = ( p[0] << 8 ) | p[1]; p += 2; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + session->ciphersuite = ciphersuite; +#else + if( ciphersuite != + MBEDTLS_SSL_SUITE_ID( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ) ) + { + return( MBEDTLS_ERR_SSL_VERSION_MISMATCH ); + } +#endif + session->compression = *p++; session->id_len = *p++; @@ -10795,11 +10822,13 @@ static int ssl_preset_default_hashes[] = { }; #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) static int ssl_preset_suiteb_ciphersuites[] = { MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 0 }; +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED) static int ssl_preset_suiteb_hashes[] = { @@ -10935,11 +10964,13 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION; conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION; +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = ssl_preset_suiteb_ciphersuites; +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_suiteb; @@ -10974,11 +11005,13 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf, conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2; #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] = conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] = mbedtls_ssl_list_ciphersuites(); +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if defined(MBEDTLS_X509_CRT_PARSE_C) conf->cert_profile = &mbedtls_x509_crt_profile_default; @@ -11242,7 +11275,7 @@ int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl, #if defined(MBEDTLS_X509_CRT_PARSE_C) int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, - const mbedtls_ssl_ciphersuite_t *ciphersuite, + mbedtls_ssl_ciphersuite_handle_t ciphersuite, int cert_endpoint, uint32_t *flags ) { @@ -11266,7 +11299,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert, if( cert_endpoint == MBEDTLS_SSL_IS_SERVER ) { /* Server part of the key exchange */ - switch( ciphersuite->key_exchange ) + switch( mbedtls_ssl_suite_get_key_exchange( ciphersuite ) ) { case MBEDTLS_KEY_EXCHANGE_RSA: case MBEDTLS_KEY_EXCHANGE_RSA_PSK: diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c index cda71fd4e..574d4d7a5 100644 --- a/programs/ssl/query_config.c +++ b/programs/ssl/query_config.c @@ -2770,6 +2770,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET */ +#if defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) + if( strcmp( "MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ + /* If the symbol is not found, return an error */ return( 1 ); } diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index c63b44550..d9cfa257e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -56,6 +56,7 @@ int main( void ) #include "mbedtls/net_sockets.h" #include "mbedtls/ssl.h" +#include "mbedtls/ssl_ciphersuites.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/certs.h" @@ -1296,19 +1297,19 @@ int main( int argc, char *argv[] ) if( opt.force_ciphersuite[0] > 0 ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) + mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) > opt.max_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; goto usage; } if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) + mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) < opt.min_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; @@ -1318,13 +1319,13 @@ int main( int argc, char *argv[] ) /* If the server selects a version that's not supported by * this suite, then there will be no common ciphersuite... */ if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) + opt.max_version > mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) ) { - opt.max_version = ciphersuite_info->max_minor_ver; + opt.max_version = mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ); } - if( opt.min_version < ciphersuite_info->min_minor_ver ) + if( opt.min_version < mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) ) { - opt.min_version = ciphersuite_info->min_minor_ver; + opt.min_version = mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ); /* DTLS starts with TLS 1.1 */ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) @@ -1332,7 +1333,7 @@ int main( int argc, char *argv[] ) } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + if( mbedtls_ssl_suite_get_cipher( ciphersuite_info ) == MBEDTLS_CIPHER_ARC4_128 ) { if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) { @@ -1787,8 +1788,10 @@ int main( int argc, char *argv[] ) mbedtls_ssl_conf_session_tickets( &conf, opt.tickets ); #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); +#endif /* MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if defined(MBEDTLS_ARC4_C) if( opt.arc4 != DFL_ARC4 ) diff --git a/programs/ssl/ssl_mail_client.c b/programs/ssl/ssl_mail_client.c index 58804684e..63a3a2d3a 100644 --- a/programs/ssl/ssl_mail_client.c +++ b/programs/ssl/ssl_mail_client.c @@ -621,8 +621,10 @@ int main( int argc, char *argv[] ) mbedtls_ssl_conf_rng( &conf, mbedtls_ctr_drbg_random, &ctr_drbg ); mbedtls_ssl_conf_dbg( &conf, my_debug, stdout ); +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ mbedtls_ssl_conf_ca_chain( &conf, &cacert, NULL ); if( ( ret = mbedtls_ssl_conf_own_cert( &conf, &clicert, &pkey ) ) != 0 ) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 876a7a06c..deaee9afe 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -55,6 +55,7 @@ int main( void ) #include "mbedtls/net_sockets.h" #include "mbedtls/ssl.h" +#include "mbedtls/ssl_ciphersuites.h" #include "mbedtls/entropy.h" #include "mbedtls/ctr_drbg.h" #include "mbedtls/certs.h" @@ -2018,19 +2019,19 @@ int main( int argc, char *argv[] ) if( opt.force_ciphersuite[0] > 0 ) { - const mbedtls_ssl_ciphersuite_t *ciphersuite_info; + mbedtls_ssl_ciphersuite_handle_t ciphersuite_info; ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( opt.force_ciphersuite[0] ); if( opt.max_version != -1 && - ciphersuite_info->min_minor_ver > opt.max_version ) + mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) > opt.max_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; goto usage; } if( opt.min_version != -1 && - ciphersuite_info->max_minor_ver < opt.min_version ) + mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) < opt.min_version ) { mbedtls_printf( "forced ciphersuite not allowed with this protocol version\n" ); ret = 2; @@ -2040,13 +2041,13 @@ int main( int argc, char *argv[] ) /* If we select a version that's not supported by * this suite, then there will be no common ciphersuite... */ if( opt.max_version == -1 || - opt.max_version > ciphersuite_info->max_minor_ver ) + opt.max_version > mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ) ) { - opt.max_version = ciphersuite_info->max_minor_ver; + opt.max_version = mbedtls_ssl_suite_get_max_minor_ver( ciphersuite_info ); } - if( opt.min_version < ciphersuite_info->min_minor_ver ) + if( opt.min_version < mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ) ) { - opt.min_version = ciphersuite_info->min_minor_ver; + opt.min_version = mbedtls_ssl_suite_get_min_minor_ver( ciphersuite_info ); /* DTLS starts with TLS 1.1 */ if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM && opt.min_version < MBEDTLS_SSL_MINOR_VERSION_2 ) @@ -2054,7 +2055,7 @@ int main( int argc, char *argv[] ) } /* Enable RC4 if needed and not explicitly disabled */ - if( ciphersuite_info->cipher == MBEDTLS_CIPHER_ARC4_128 ) + if( mbedtls_ssl_suite_get_cipher( ciphersuite_info ) == MBEDTLS_CIPHER_ARC4_128 ) { if( opt.arc4 == MBEDTLS_SSL_ARC4_DISABLED ) { @@ -2661,14 +2662,17 @@ int main( int argc, char *argv[] ) } #endif /* MBEDTLS_SSL_PROTO_DTLS */ +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) if( opt.force_ciphersuite[0] != DFL_FORCE_CIPHER ) mbedtls_ssl_conf_ciphersuites( &conf, opt.force_ciphersuite ); +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if defined(MBEDTLS_ARC4_C) if( opt.arc4 != DFL_ARC4 ) mbedtls_ssl_conf_arc4_support( &conf, opt.arc4 ); #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) if( opt.version_suites != NULL ) { mbedtls_ssl_conf_ciphersuites_for_version( &conf, version_suites[0], @@ -2684,6 +2688,7 @@ int main( int argc, char *argv[] ) MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3 ); } +#endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */ #if !defined(MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION) if( opt.allow_legacy != DFL_ALLOW_LEGACY ) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index f626b55c3..8c53c6700 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -759,6 +759,21 @@ component_test_full_cmake_clang () { if_build_succeeded env OPENSSL_CMD="$OPENSSL_NEXT" tests/compat.sh -e '^$' -f 'ARIA\|CHACHA' } +component_test_hardcoded_ciphersuite_cmake_clang() { + msg "build: cmake, full config + MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE, clang" # ~ 50s + scripts/config.pl full + scripts/config.pl unset MBEDTLS_MEMORY_BACKTRACE # too slow for tests + scripts/config.pl set MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE MBEDTLS_SUITE_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + CC=clang cmake -D CMAKE_BUILD_TYPE:String=Check -D ENABLE_TESTING=On . + make + + msg "test: main suites (full config + MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)" # ~ 5s + make test + + msg "test: ssl-opt.sh default (full config + MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)" # ~ 5s + if_build_succeeded tests/ssl-opt.sh -f '^Default$\|^Default, DTLS$' +} + component_build_deprecated () { msg "build: make, full config + DEPRECATED_WARNING, gcc -O" # ~ 30s scripts/config.pl full diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 5f9e2ecdd..553ece426 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -164,6 +164,12 @@ requires_config_disabled() { fi } +requires_ciphersuite_enabled() { + if [ -z "$($P_CLI --help | grep "$1")" ]; then + SKIP_NEXT="YES" + fi +} + get_config_value_or_default() { # This function uses the query_config command line option to query the # required Mbed TLS compile time configuration from the ssl_server2 @@ -952,11 +958,25 @@ trap cleanup INT TERM HUP # Basic test +run_test "Default" \ + "$P_SRV debug_level=3" \ + "$P_CLI" \ + 0 + +run_test "Default, DTLS" \ + "$P_SRV dtls=1" \ + "$P_CLI dtls=1" \ + 0 + # Checks that: # - things work with all ciphersuites active (used with config-full in all.sh) # - the expected (highest security) parameters are selected # ("signature_algorithm ext: 6" means SHA-512 (highest common hash)) -run_test "Default" \ +requires_ciphersuite_enabled "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" +requires_config_enabled MBEDTLS_SHA512_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED +run_test "Default, choose highest security suite and hash" \ "$P_SRV debug_level=3" \ "$P_CLI" \ 0 \ @@ -967,12 +987,18 @@ run_test "Default" \ -S "error" \ -C "error" -run_test "Default, DTLS" \ - "$P_SRV dtls=1" \ +requires_ciphersuite_enabled "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" +requires_config_enabled MBEDTLS_SHA512_C +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 +requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED +run_test "Default, choose highest security suite and hash, DTLS" \ + "$P_SRV debug_level=3 dtls=1" \ "$P_CLI dtls=1" \ 0 \ -s "Protocol is DTLSv1.2" \ - -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" + -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ + -s "client hello v3, signature_algorithm ext: 6" \ + -s "ECDHE curve: secp521r1" # Test current time in ServerHello requires_config_enabled MBEDTLS_HAVE_TIME diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 8271b232f..9707935ee 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -279,7 +279,9 @@ static int ssl_populate_session( mbedtls_ssl_session *session, #if defined(MBEDTLS_HAVE_TIME) session->start = mbedtls_time( NULL ) - 42; #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) session->ciphersuite = 0xabcd; +#endif session->compression = 1; session->id_len = sizeof( session->id ); memset( session->id, 66, session->id_len ); @@ -698,7 +700,9 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) #if defined(MBEDTLS_HAVE_TIME) TEST_ASSERT( original.start == restored.start ); #endif +#if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE) TEST_ASSERT( original.ciphersuite == restored.ciphersuite ); +#endif TEST_ASSERT( original.compression == restored.compression ); TEST_ASSERT( original.id_len == restored.id_len ); TEST_ASSERT( memcmp( original.id,