From 0fae60bb7186d9fedb937d1c20d0de4560f86c16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 17:39:48 +0200 Subject: [PATCH 1/7] Implement RSA-PSK key exchange --- include/polarssl/config.h | 4 +- library/ssl_cli.c | 129 +++++++++++++++++++++++++------------- library/ssl_srv.c | 65 +++++++++++++------ library/ssl_tls.c | 17 +++++ 4 files changed, 152 insertions(+), 63 deletions(-) diff --git a/include/polarssl/config.h b/include/polarssl/config.h index dc22c6df4..3a173b38c 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -307,7 +307,7 @@ * \def POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED * * Enable the RSA-PSK based ciphersuite modes in SSL / TLS. - * (NOT YET IMPLEMENTED) + * * Requires: POLARSSL_RSA_C, POLARSSL_PKCS1_V15, * POLARSSL_X509_CRT_PARSE_C * @@ -321,8 +321,8 @@ * TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 * TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 * TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 -#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#define POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED /** * \def POLARSSL_KEY_EXCHANGE_RSA_ENABLED diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 77a18ed35..4da7149f4 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1183,6 +1183,72 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl, POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) +/* + * Generate a pre-master secret and encrypt it with the server's RSA key + */ +static int ssl_write_encrypted_pms( ssl_context *ssl, + size_t offset, size_t *olen, + size_t pms_offset ) +{ + int ret; + size_t len_bytes = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 0 : 2; + unsigned char *p = ssl->handshake->premaster + pms_offset; + + /* + * Generate (part of) the pre-master as + * struct { + * ProtocolVersion client_version; + * opaque random[46]; + * } PreMasterSecret; + */ + p[0] = (unsigned char) ssl->max_major_ver; + p[1] = (unsigned char) ssl->max_minor_ver; + + if( ( ret = ssl->f_rng( ssl->p_rng, p + 2, 46 ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "f_rng", ret ); + return( ret ); + } + + ssl->handshake->pmslen = 48; + + /* + * Now write it out, encrypted + */ + if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, + POLARSSL_PK_RSA ) ) + { + SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); + return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH ); + } + + if( ( ret = pk_encrypt( &ssl->session_negotiate->peer_cert->pk, + p, ssl->handshake->pmslen, + ssl->out_msg + offset + len_bytes, olen, + SSL_MAX_CONTENT_LEN - offset - len_bytes, + ssl->f_rng, ssl->p_rng ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret ); + return( ret ); + } + +#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ + defined(POLARSSL_SSL_PROTO_TLS1_2) + if( len_bytes == 2 ) + { + ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 ); + ssl->out_msg[offset+1] = (unsigned char)( *olen ); + *olen += 2; + } +#endif + + return( 0 ); +} +#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ + #if defined(POLARSSL_SSL_PROTO_TLS1_2) #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ @@ -1258,6 +1324,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_PSK && + ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_RSA_PSK && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK && ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { @@ -1324,8 +1391,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) { unsigned char *p = ssl->in_msg + 4; unsigned char *end = ssl->in_msg + ssl->in_hslen; @@ -1337,7 +1406,8 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) } } else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { @@ -1803,9 +1873,11 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) { @@ -1830,6 +1902,14 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) } else #endif +#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) + { + if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 ) + return( ret ); + } + else +#endif #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { @@ -1885,56 +1965,21 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) } else #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { - /* - * RSA key exchange -- send rsa_public(pkcs1 v1.5(premaster)) - */ - ssl->handshake->premaster[0] = (unsigned char) ssl->max_major_ver; - ssl->handshake->premaster[1] = (unsigned char) ssl->max_minor_ver; - ssl->handshake->pmslen = 48; - - ret = ssl->f_rng( ssl->p_rng, ssl->handshake->premaster + 2, - ssl->handshake->pmslen - 2 ); - if( ret != 0 ) + i = 4; + if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 ) return( ret ); - - if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk, - POLARSSL_PK_RSA ) ) - { - SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) ); - return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH ); - } - - i = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 4 : 6; - - ret = pk_encrypt( &ssl->session_negotiate->peer_cert->pk, - ssl->handshake->premaster, ssl->handshake->pmslen, - ssl->out_msg + i, &n, SSL_BUFFER_LEN, - ssl->f_rng, ssl->p_rng ); - if( ret != 0 ) - { - SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret ); - return( ret ); - } - -#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ - defined(POLARSSL_SSL_PROTO_TLS1_2) - if( ssl->minor_ver != SSL_MINOR_VERSION_0 ) - { - ssl->out_msg[4] = (unsigned char)( n >> 8 ); - ssl->out_msg[5] = (unsigned char)( n ); - } -#endif - } else #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ { ((void) ciphersuite_info); + SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 336add2e3..6db92d612 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2288,10 +2288,14 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) -static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) +static int ssl_parse_encrypted_pms( ssl_context *ssl, + const unsigned char *p, + const unsigned char *end, + size_t pms_offset ) { - int ret = POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE; - size_t i, n = 0; + int ret; + size_t len = pk_get_len( ssl_own_key( ssl ) ); + unsigned char *pms = ssl->handshake->premaster + pms_offset; if( ! pk_can_do( ssl_own_key( ssl ), POLARSSL_PK_RSA ) ) { @@ -2302,17 +2306,12 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) /* * Decrypt the premaster using own private RSA key */ - i = 4; - n = pk_get_len( ssl_own_key( ssl ) ); - ssl->handshake->pmslen = 48; - #if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \ defined(POLARSSL_SSL_PROTO_TLS1_2) if( ssl->minor_ver != SSL_MINOR_VERSION_0 ) { - i += 2; - if( ssl->in_msg[4] != ( ( n >> 8 ) & 0xFF ) || - ssl->in_msg[5] != ( ( n ) & 0xFF ) ) + if( *p++ != ( ( len >> 8 ) & 0xFF ) || + *p++ != ( ( len ) & 0xFF ) ) { SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); @@ -2320,21 +2319,20 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) } #endif - if( ssl->in_hslen != i + n ) + if( p + len != end ) { SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE ); } - ret = pk_decrypt( ssl_own_key( ssl ), - ssl->in_msg + i, n, - ssl->handshake->premaster, &ssl->handshake->pmslen, + ret = pk_decrypt( ssl_own_key( ssl ), p, len, + pms, &ssl->handshake->pmslen, sizeof(ssl->handshake->premaster), ssl->f_rng, ssl->p_rng ); if( ret != 0 || ssl->handshake->pmslen != 48 || - ssl->handshake->premaster[0] != ssl->handshake->max_major_ver || - ssl->handshake->premaster[1] != ssl->handshake->max_minor_ver ) + pms[0] != ssl->handshake->max_major_ver || + pms[1] != ssl->handshake->max_minor_ver ) { SSL_DEBUG_MSG( 1, ( "bad client key exchange message" ) ); @@ -2346,8 +2344,7 @@ static int ssl_parse_encrypted_pms_secret( ssl_context *ssl ) */ ssl->handshake->pmslen = 48; - ret = ssl->f_rng( ssl->p_rng, ssl->handshake->premaster, - ssl->handshake->pmslen ); + ret = ssl->f_rng( ssl->p_rng, pms, ssl->handshake->pmslen ); if( ret != 0 ) return( ret ); } @@ -2541,6 +2538,33 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) } else #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) + { + unsigned char *p = ssl->in_msg + 4; + unsigned char *end = ssl->in_msg + ssl->in_msglen; + + if( ( ret = ssl_parse_client_psk_identity( ssl, &p, end ) ) != 0 ) + { + SSL_DEBUG_RET( 1, ( "ssl_parse_client_psk_identity" ), ret ); + return( ret ); + } + + if( ( ret = ssl_parse_encrypted_pms( ssl, p, end, 2 ) ) != 0 ) + { + SSL_DEBUG_RET( 1, ( "ssl_parse_encrypted_pms" ), ret ); + return( ret ); + } + + if( ( ret = ssl_psk_derive_premaster( ssl, + ciphersuite_info->key_exchange ) ) != 0 ) + { + SSL_DEBUG_RET( 1, "ssl_psk_derive_premaster", ret ); + return( ret ); + } + } + else +#endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { @@ -2600,7 +2624,10 @@ static int ssl_parse_client_key_exchange( ssl_context *ssl ) #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { - if( ( ret = ssl_parse_encrypted_pms_secret( ssl ) ) != 0 ) + if( ( ret = ssl_parse_encrypted_pms( ssl, + ssl->in_msg + 4, + ssl->in_msg + ssl->in_msglen, + 0 ) ) != 0 ) { SSL_DEBUG_RET( 1, ( "ssl_parse_parse_ecrypted_pms_secret" ), ret ); return( ret ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 2be20163f..e254f3a54 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -826,6 +826,7 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] ) #endif /* POLARSSL_SSL_PROTO_TLS1_2 */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) @@ -852,6 +853,19 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) } else #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( key_ex == POLARSSL_KEY_EXCHANGE_RSA_PSK ) + { + /* + * other_secret already set by the ClientKeyExchange message, + * and is 48 bytes long + */ + *p++ = 0; + *p++ = 48; + p += 48; + } + else +#endif /* POLARSSL_KEY_EXCHANGE_RSA_PKS_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) if( key_ex == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { @@ -913,6 +927,7 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) return( 0 ); } #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ @@ -3661,6 +3676,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, #endif /* POLARSSL_X509_CRT_PARSE_C */ #if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, @@ -3699,6 +3715,7 @@ void ssl_set_psk_cb( ssl_context *ssl, ssl->p_psk = p_psk; } #endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ From ef0eb1ebd854097c093513d6683e028b1cef3031 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 19:29:19 +0200 Subject: [PATCH 2/7] Add two missing RSA-PSK ciphersuites --- library/ssl_ciphersuites.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c index 7de532238..7f532ec37 100644 --- a/library/ssl_ciphersuites.c +++ b/library/ssl_ciphersuites.c @@ -1042,6 +1042,22 @@ static const ssl_ciphersuite_t ciphersuite_definitions[] = SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, POLARSSL_CIPHERSUITE_WEAK }, #endif /* POLARSSL_SHA1_C */ + +#if defined(POLARSSL_SHA256_C) + { TLS_RSA_PSK_WITH_NULL_SHA256, "TLS-RSA-PSK-WITH-AES-128-CBC-SHA256", + POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA256, POLARSSL_KEY_EXCHANGE_RSA_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA256_C */ + +#if defined(POLARSSL_SHA512_C) + { TLS_RSA_PSK_WITH_NULL_SHA384, "TLS-RSA-PSK-WITH-AES-256-CBC-SHA384", + POLARSSL_CIPHER_NULL, POLARSSL_MD_SHA384, POLARSSL_KEY_EXCHANGE_RSA_PSK, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + SSL_MAJOR_VERSION_3, SSL_MINOR_VERSION_3, + POLARSSL_CIPHERSUITE_WEAK }, +#endif /* POLARSSL_SHA512_C */ #endif /* POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #endif /* POLARSSL_CIPHER_NULL_CIPHER */ From 8a3c64d73f24098b7f3297f95deaf69436cb0f7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Mon, 14 Oct 2013 19:54:10 +0200 Subject: [PATCH 3/7] Fix and simplify *-PSK ifdef's --- include/polarssl/ssl.h | 28 +++++++++++++--------------- library/ssl_cli.c | 18 ++++-------------- library/ssl_srv.c | 8 ++------ library/ssl_tls.c | 24 +++++------------------- programs/ssl/ssl_client2.c | 24 ++++++------------------ programs/ssl/ssl_server2.c | 24 ++++++------------------ 6 files changed, 36 insertions(+), 90 deletions(-) diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index b6944f134..94c996c98 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -75,6 +75,14 @@ #include #endif +/* For convenience below and in programs */ +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#define POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED +#endif + #if defined(_MSC_VER) && !defined(inline) #define inline _inline #else @@ -614,9 +622,7 @@ struct _ssl_context void *p_vrfy; /*!< context for verification */ #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t); void *p_psk; /*!< context for PSK retrieval */ #endif @@ -714,9 +720,7 @@ struct _ssl_context mpi dhm_G; /*!< generator for DHM */ #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * PSK values */ @@ -1058,9 +1062,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, rsa_key_len_func rsa_key_len ); #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) /** * \brief Set the Pre Shared Key (PSK) and the identity name connected * to it. @@ -1100,9 +1102,7 @@ void ssl_set_psk_cb( ssl_context *ssl, int (*f_psk)(void *, ssl_context *, const unsigned char *, size_t), void *p_psk ); -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_DHM_C) /** @@ -1528,9 +1528,7 @@ int ssl_write_finished( ssl_context *ssl ); void ssl_optimize_checksum( ssl_context *ssl, const ssl_ciphersuite_t *ciphersuite_info ); -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ); #endif diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 4da7149f4..6e981e09f 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1147,9 +1147,7 @@ static int ssl_parse_server_ecdh_params( ssl_context *ssl, POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) static int ssl_parse_server_psk_hint( ssl_context *ssl, unsigned char **p, unsigned char *end ) @@ -1179,9 +1177,7 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl, return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) @@ -1872,10 +1868,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || @@ -1964,10 +1957,7 @@ static int ssl_write_client_key_exchange( ssl_context *ssl ) } } else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 6db92d612..79c63fd18 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2353,9 +2353,7 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, } #endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, const unsigned char *end ) { @@ -2421,9 +2419,7 @@ static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ static int ssl_parse_client_key_exchange( ssl_context *ssl ) { diff --git a/library/ssl_tls.c b/library/ssl_tls.c index e254f3a54..7450d34a1 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -825,10 +825,7 @@ void ssl_calc_verify_tls_sha384( ssl_context *ssl, unsigned char hash[48] ) #endif /* POLARSSL_SHA512_C */ #endif /* POLARSSL_SSL_PROTO_TLS1_2 */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) { unsigned char *p = ssl->handshake->premaster; @@ -926,10 +923,7 @@ int ssl_psk_derive_premaster( ssl_context *ssl, key_exchange_type_t key_ex ) return( 0 ); } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_SSL_PROTO_SSL3) /* @@ -3675,10 +3669,7 @@ int ssl_set_own_cert_alt( ssl_context *ssl, x509_crt *own_cert, } #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) int ssl_set_psk( ssl_context *ssl, const unsigned char *psk, size_t psk_len, const unsigned char *psk_identity, size_t psk_identity_len ) { @@ -3714,10 +3705,7 @@ void ssl_set_psk_cb( ssl_context *ssl, ssl->f_psk = f_psk; ssl->p_psk = p_psk; } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_DHM_C) int ssl_set_dh_param( ssl_context *ssl, const char *dhm_P, const char *dhm_G ) @@ -4385,9 +4373,7 @@ void ssl_free( ssl_context *ssl ) } #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) if( ssl->psk != NULL ) { memset( ssl->psk, 0, ssl->psk_len ); diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 7b978411f..247abbe05 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -166,17 +166,13 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags ) #define USAGE_IO "" #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #else #define USAGE_PSK "" -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ @@ -244,9 +240,7 @@ int main( int argc, char *argv[] ) { int ret = 0, len, server_fd, i, written, frags; unsigned char buf[1024]; -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) unsigned char psk[256]; size_t psk_len = 0; #endif @@ -500,9 +494,7 @@ int main( int argc, char *argv[] ) opt.min_version = ciphersuite_info->min_minor_ver; } -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ @@ -550,9 +542,7 @@ int main( int argc, char *argv[] ) psk[ j / 2 ] |= c; } } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ /* * 0. Initialize the RNG and the session data @@ -720,9 +710,7 @@ int main( int argc, char *argv[] ) ssl_set_own_cert( &ssl, &clicert, &pkey ); #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ); #endif diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 0148103e0..8e7ee0e99 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -144,17 +144,13 @@ static void my_debug( void *ctx, int level, const char *str ) #define USAGE_IO "" #endif /* POLARSSL_X509_CRT_PARSE_C */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ " psk_identity=%%s default: \"Client_identity\"\n" #else #define USAGE_PSK "" -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ #if defined(POLARSSL_SSL_SESSION_TICKETS) #define USAGE_TICKETS \ @@ -213,9 +209,7 @@ int main( int argc, char *argv[] ) int listen_fd; int client_fd = -1; unsigned char buf[1024]; -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) unsigned char psk[256]; size_t psk_len = 0; #endif @@ -473,9 +467,7 @@ int main( int argc, char *argv[] ) opt.min_version = ciphersuite_info->min_minor_ver; } -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * Unhexify the pre-shared key if any is given */ @@ -523,9 +515,7 @@ int main( int argc, char *argv[] ) psk[ j / 2 ] |= c; } } -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ /* * 0. Initialize the RNG and the session data @@ -739,9 +729,7 @@ int main( int argc, char *argv[] ) ssl_set_own_cert( &ssl, &srvcert2, &pkey2 ); #endif -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) ssl_set_psk( &ssl, psk, psk_len, (const unsigned char *) opt.psk_identity, strlen( opt.psk_identity ) ); #endif From 09258b9537b38b72140ce804230077a62e0e0afe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Oct 2013 10:43:36 +0200 Subject: [PATCH 4/7] Refactor parse_server_key_exchange a bit --- library/ssl_cli.c | 116 +++++++++++++++++----------------------------- library/ssl_srv.c | 13 ++---- 2 files changed, 47 insertions(+), 82 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 6e981e09f..c4c1aed0d 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1303,10 +1303,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) { int ret; const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; + unsigned char *p, *end; #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) - unsigned char *p, *end; size_t sig_len, params_len; unsigned char hash[64]; md_type_t md_alg = POLARSSL_MD_NONE; @@ -1316,13 +1316,7 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); - if( ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_RSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_PSK && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_RSA_PSK && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; @@ -1341,9 +1335,14 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); } + /* + * ServerKeyExchange may be skipped with PSK and RSA-PSK when the server + * doesn't use a psk_identity_hint + */ if( ssl->in_msg[0] != SSL_HS_SERVER_KEY_EXCHANGE ) { - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) { ssl->record_read = 1; goto exit; @@ -1353,29 +1352,51 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE ); } - SSL_DEBUG_BUF( 3, "server key exchange", ssl->in_msg + 4, ssl->in_hslen - 4 ); - -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) p = ssl->in_msg + 4; end = ssl->in_msg + ssl->in_hslen; -#endif + SSL_DEBUG_BUF( 3, "server key exchange", p, ssl->in_hslen - 4 ); -#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ) +#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + { + if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) + { + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); + return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); + } + } /* FALLTROUGH */ +#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */ + +#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) + ; /* nothing more to do */ + else +#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ +#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) { if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) { - SSL_DEBUG_MSG( 1, ( "failed to parsebad server key exchange message" ) ); + SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); } } else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || + POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK || ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA ) { if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) @@ -1386,63 +1407,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) } else #endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED || + POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED || POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \ - defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || - ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) - { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - - if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) - { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED || - POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ) - { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - - if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) - { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 ) - { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) - if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) - { - unsigned char *p = ssl->in_msg + 4; - unsigned char *end = ssl->in_msg + ssl->in_hslen; - - if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 ) - { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 ) - { - SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) ); - return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE ); - } - } - else -#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */ { + SSL_DEBUG_MSG( 1, ( "should never happen" ) ); return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE ); } diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 79c63fd18..92800fef5 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -1910,7 +1910,8 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) { int ret; size_t n = 0; - const ssl_ciphersuite_t *ciphersuite_info; + const ssl_ciphersuite_t *ciphersuite_info = + ssl->transform_negotiate->ciphersuite_info; #if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \ defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \ @@ -1924,15 +1925,11 @@ static int ssl_write_server_key_exchange( ssl_context *ssl ) ((void) dig_signed_len); #endif - ciphersuite_info = ssl->transform_negotiate->ciphersuite_info; - SSL_DEBUG_MSG( 2, ( "=> write server key exchange" ) ); - if( ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_RSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK && - ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_PSK ) + if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK || + ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ) { SSL_DEBUG_MSG( 2, ( "<= skip write server key exchange" ) ); ssl->state++; From bac0e3b7d286db2c3d0e7b066310275c8625f538 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Oct 2013 11:54:47 +0200 Subject: [PATCH 5/7] Dependency fixes --- library/debug.c | 5 ++++- library/ssl_cli.c | 4 ++++ library/ssl_srv.c | 6 ++++-- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/library/debug.c b/library/debug.c index d640bff7d..2497a3be1 100644 --- a/library/debug.c +++ b/library/debug.c @@ -251,9 +251,12 @@ static void debug_print_pk( const ssl_context *ssl, int level, if( items[i].type == POLARSSL_PK_DEBUG_MPI ) debug_print_mpi( ssl, level, file, line, name, items[i].value ); - else if( items[i].type == POLARSSL_PK_DEBUG_ECP ) + else +#if defined(POLARSSL_ECP_C) + if( items[i].type == POLARSSL_PK_DEBUG_ECP ) debug_print_ecp( ssl, level, file, line, name, items[i].value ); else +#endif debug_print_msg( ssl, level, file, line, "should not happen" ); } } diff --git a/library/ssl_cli.c b/library/ssl_cli.c index c4c1aed0d..847187eaa 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1316,12 +1316,16 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl ) SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) ); +#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA ) { SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) ); ssl->state++; return( 0 ); } + ((void) p); + ((void) end); +#endif if( ( ret = ssl_read_record( ssl ) ) != 0 ) { diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 92800fef5..0c491b417 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2284,7 +2284,8 @@ static int ssl_parse_client_dh_public( ssl_context *ssl, unsigned char **p, #endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED || POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */ -#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) +#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \ + defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED) static int ssl_parse_encrypted_pms( ssl_context *ssl, const unsigned char *p, const unsigned char *end, @@ -2348,7 +2349,8 @@ static int ssl_parse_encrypted_pms( ssl_context *ssl, return( ret ); } -#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */ +#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED || + POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */ #if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED) static int ssl_parse_client_psk_identity( ssl_context *ssl, unsigned char **p, From 59b9fe28f0cbad04e3af4257b50656b69b7aa613 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Oct 2013 11:55:33 +0200 Subject: [PATCH 6/7] Fix bug in psk_identity_hint parsing --- library/ssl_cli.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 847187eaa..8032a68e1 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1161,7 +1161,7 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl, * * opaque psk_identity_hint<0..2^16-1>; */ - len = (*p)[1] << 8 | (*p)[0]; + len = (*p)[0] << 8 | (*p)[1]; *p += 2; if( (*p) + len > end ) From eebb5ad6cc4e3037f8dd87342a3d508f93209049 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Tue, 15 Oct 2013 12:26:10 +0200 Subject: [PATCH 7/7] Add RSA-PSK and ECDHE-PSK suites to compat.sh --- tests/compat.sh | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/tests/compat.sh b/tests/compat.sh index a001ddb5d..584575c10 100755 --- a/tests/compat.sh +++ b/tests/compat.sh @@ -401,10 +401,28 @@ case $TYPE in TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ - TLS-PSK-WITH-NULL-SHA \ TLS-DHE-PSK-WITH-NULL-SHA \ + TLS-PSK-WITH-NULL-SHA \ + TLS-RSA-PSK-WITH-RC4-128-SHA \ + TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \ + TLS-RSA-PSK-WITH-AES-256-CBC-SHA \ + TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ + TLS-RSA-WITH-NULL-SHA \ + TLS-RSA-WITH-NULL-MD5 \ " + + if [ "$MODE" != "ssl3" ]; + then + P_CIPHERS="$P_CIPHERS \ + TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ + TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ + TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \ + TLS-ECDHE-PSK-WITH-RC4-128-SHA \ + TLS-ECDHE-PSK-WITH-NULL-SHA \ + " + fi + if [ "$MODE" = "tls1_2" ]; then P_CIPHERS="$P_CIPHERS \ @@ -424,6 +442,19 @@ case $TYPE in TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \ + TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ + TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \ + TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-RSA-WITH-NULL-SHA256 \ + TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ + TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ + TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ + TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ + TLS-ECDHE-PSK-WITH-NULL-SHA384 \ + TLS-ECDHE-PSK-WITH-NULL-SHA256 \ " fi