Merge pull request #6112 from ronald-cron-arm/tls13-negotiated-key-exchange-mode
TLS 1.3: Add specific field to store the selected key exchange mode Validated by the internal CI merge job.
This commit is contained in:
commit
892747015d
@ -611,14 +611,19 @@ struct mbedtls_ssl_handshake_params
|
||||
* Handshake specific crypto variables
|
||||
*/
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
|
||||
int tls13_kex_modes; /*!< key exchange modes for TLS 1.3 */
|
||||
uint8_t key_exchange_mode; /*!< Selected key exchange mode */
|
||||
|
||||
/** Number of HelloRetryRequest messages received/sent from/to the server. */
|
||||
int hello_retry_request_count;
|
||||
|
||||
#if defined(MBEDTLS_SSL_SRV_C)
|
||||
/** selected_group of key_share extension in HelloRetryRequest message. */
|
||||
uint16_t hrr_selected_group;
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
uint8_t tls13_kex_modes; /*!< Key exchange modes supported by the client */
|
||||
#endif
|
||||
#endif /* MBEDTLS_SSL_SRV_C */
|
||||
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
@ -1769,6 +1774,7 @@ static inline int mbedtls_ssl_conf_tls13_some_psk_enabled( mbedtls_ssl_context *
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
|
||||
/**
|
||||
* Given a list of key exchange modes, check if at least one of them is
|
||||
* supported.
|
||||
@ -1815,6 +1821,30 @@ static inline int mbedtls_ssl_tls13_some_psk_enabled( mbedtls_ssl_context *ssl )
|
||||
return( ! mbedtls_ssl_tls13_check_kex_modes( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
|
||||
|
||||
/*
|
||||
* Helper functions to check the selected key exchange mode.
|
||||
*/
|
||||
static inline int mbedtls_ssl_tls13_key_exchange_mode_check(
|
||||
mbedtls_ssl_context *ssl, int kex_mask )
|
||||
{
|
||||
return( ( ssl->handshake->key_exchange_mode & kex_mask ) != 0 );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls13_key_exchange_mode_with_psk(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_tls13_key_exchange_mode_check( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ALL ) );
|
||||
}
|
||||
|
||||
static inline int mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral(
|
||||
mbedtls_ssl_context *ssl )
|
||||
{
|
||||
return( mbedtls_ssl_tls13_key_exchange_mode_check( ssl,
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ALL ) );
|
||||
}
|
||||
|
||||
/*
|
||||
* Fetch TLS 1.3 handshake message header
|
||||
|
@ -1218,17 +1218,17 @@ static int ssl_tls13_postprocess_server_hello( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
/* Only the pre_shared_key extension was received */
|
||||
case MBEDTLS_SSL_EXT_PRE_SHARED_KEY:
|
||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
break;
|
||||
|
||||
/* Only the key_share extension was received */
|
||||
case MBEDTLS_SSL_EXT_KEY_SHARE:
|
||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Both the pre_shared_key and key_share extensions were received */
|
||||
case ( MBEDTLS_SSL_EXT_PRE_SHARED_KEY | MBEDTLS_SSL_EXT_KEY_SHARE ):
|
||||
handshake->tls13_kex_modes = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Neither pre_shared_key nor key_share extension was received */
|
||||
@ -1477,7 +1477,7 @@ static int ssl_tls13_process_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||
buf, buf_len );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
||||
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
||||
else
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
||||
@ -1512,12 +1512,6 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= skip parse certificate request" ) );
|
||||
return( SSL_CERTIFICATE_REQUEST_SKIP );
|
||||
}
|
||||
|
||||
if( ( ret = mbedtls_ssl_read_record( ssl, 0 ) ) != 0 )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_RET( 1, "mbedtls_ssl_read_record", ret );
|
||||
|
@ -1237,7 +1237,7 @@ int mbedtls_ssl_tls13_key_schedule_stage_handshake( mbedtls_ssl_context *ssl )
|
||||
* client_handshake_traffic_secret and server_handshake_traffic_secret
|
||||
* are derived in the handshake secret derivation stage.
|
||||
*/
|
||||
if( mbedtls_ssl_tls13_ephemeral_enabled( ssl ) )
|
||||
if( mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral( ssl ) )
|
||||
{
|
||||
if( mbedtls_ssl_tls13_named_group_is_ecdhe( handshake->offered_group_id ) )
|
||||
{
|
||||
|
@ -397,7 +397,7 @@ static int ssl_tls13_check_ephemeral_key_exchange( mbedtls_ssl_context *ssl )
|
||||
if( !ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange( ssl ) )
|
||||
return( 0 );
|
||||
|
||||
ssl->handshake->tls13_kex_modes =
|
||||
ssl->handshake->key_exchange_mode =
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
return( 1 );
|
||||
}
|
||||
@ -1167,7 +1167,7 @@ static int ssl_tls13_write_hrr_key_share_ext( mbedtls_ssl_context *ssl,
|
||||
* of the HRR is then to transmit a cookie to force the client to demonstrate
|
||||
* reachability at their apparent network address (primarily useful for DTLS).
|
||||
*/
|
||||
if( ! mbedtls_ssl_tls13_some_ephemeral_enabled( ssl ) )
|
||||
if( ! mbedtls_ssl_tls13_key_exchange_mode_with_ephemeral( ssl ) )
|
||||
return( 0 );
|
||||
|
||||
/* We should only send the key_share extension if the client's initial
|
||||
@ -1555,7 +1555,7 @@ static int ssl_tls13_write_encrypted_extensions( mbedtls_ssl_context *ssl )
|
||||
ssl, buf_len, msg_len ) );
|
||||
|
||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||
if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) )
|
||||
if( mbedtls_ssl_tls13_key_exchange_mode_with_psk( ssl ) )
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
|
||||
else
|
||||
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
|
||||
|
Loading…
Reference in New Issue
Block a user