From 2234e650f72d96917ee11b32d317ac0e5cd2b77e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:12:41 +0100 Subject: [PATCH 01/21] Add new configuration option controlling CID extension --- include/mbedtls/config.h | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index cc3fa14b1..2f46be47c 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1326,6 +1326,29 @@ */ #define MBEDTLS_SSL_ALL_ALERT_MESSAGES +/** + * \def MBEDTLS_SSL_CID + * + * Enable support for the DTLS Connection ID extension which + * allows to identify DTLS connections across changes in the + * underlying transport. + * + * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()` + * and `mbedtls_ssl_get_peer_cid()`. See their documentation for more + * information. + * + * \warning The Connection ID extension is still in draft state. + * We make no stability promises for the availability + * or the shape of the API controlled by this option. + * + * See also MBEDTLS_SSL_CID_OUT_LEN_MAX and MBEDTLS_SSL_CID_IN_LEN_MAX. + * + * Requires: MBEDTLS_SSL_PROTO_DTLS + * + * Uncomment to enable the Connection ID extension. + */ +#define MBEDTLS_SSL_CID + /** * \def MBEDTLS_SSL_ASYNC_PRIVATE * @@ -3313,6 +3336,20 @@ */ //#define MBEDTLS_SSL_IN_CONTENT_LEN 16384 +/** \def MBEDTLS_SSL_CID_IN_LEN_MAX + * + * The maximum length of CIDs used for incoming DTLS messages. + * + */ +//#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 + +/** \def MBEDTLS_SSL_CID_OUT_LEN_MAX + * + * The maximum length of CIDs used for outgoing DTLS messages. + * + */ +//#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 + /** \def MBEDTLS_SSL_OUT_CONTENT_LEN * * Maximum length (in bytes) of outgoing plaintext fragments. From 019f4b58de6bfa0950b0ff5f3cfe2a153ab9311f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:12:56 +0100 Subject: [PATCH 02/21] Add API for the use of the DTLS Connection ID extension --- include/mbedtls/ssl.h | 131 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 131 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 208b6c61d..5fce3fefe 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -160,6 +160,9 @@ #define MBEDTLS_SSL_EXTENDED_MS_DISABLED 0 #define MBEDTLS_SSL_EXTENDED_MS_ENABLED 1 +#define MBEDTLS_SSL_CID_DISABLED 0 +#define MBEDTLS_SSL_CID_ENABLED 1 + #define MBEDTLS_SSL_ETM_DISABLED 0 #define MBEDTLS_SSL_ETM_ENABLED 1 @@ -256,6 +259,17 @@ #define MBEDTLS_SSL_DTLS_MAX_BUFFERING 32768 #endif +/* + * Maximum length of CIDs for incoming and outgoing messages. + */ +#if !defined(MBEDTLS_SSL_CID_IN_LEN_MAX) +#define MBEDTLS_SSL_CID_IN_LEN_MAX 32 +#endif + +#if !defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) +#define MBEDTLS_SSL_CID_OUT_LEN_MAX 32 +#endif + /* \} name SECTION: Module settings */ /* @@ -1476,6 +1490,123 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, mbedtls_ssl_recv_timeout_t *f_recv_timeout ); #if defined(MBEDTLS_SSL_PROTO_DTLS) + +#if defined(MBEDTLS_SSL_CID) + + +/** + * \brief Configure the use of the Connection ID (CID) extension + * in the next handshake. + * + * Reference: + * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04 + * + * The DTLS CID extension allows to reliably associate + * DTLS records to DTLS connections across changes in the + * underlying transport (changed IP+Port metadata) by adding + * explicit connection identifiers (CIDs) to the headers of + * encrypted DTLS records. The desired CIDs are configured + * by the application layer and are exchanged in new + * `ClientHello` / `ServerHello` extensions during the + * handshake, where each side indicates the CID it wants the + * peer to use when writing encrypted messages. The CIDs are + * put to use once records get encrypted: the stack discards + * any incoming records that don't include the configured CID + * in their header, and adds the peer's requested CID to the + * headers of outgoing messages. + * + * This API allows to enable/disable the use of the CID + * extension in the next handshake and to set the value of + * the CID to be used for incoming messages. + * + * \param ssl The SSL context to configure. This must be initialized. + * \param enable This value determines whether the CID extension should + * be used or not. Possible values are: + * - MBEDTLS_SSL_CID_ENABLED to enable the use of the CID. + * - MBEDTLS_SSL_CID_DISABLED to disable the use of the CID. + * \param own_cid The address of the readable buffer holding the CID we want + * the peer to use when sending encrypted messages to us. + * This may be \c NULL if \p own_cid_len is \c 0. + * This parameter is unused if \p enabled is set to + * MBEDTLS_SSL_CID_DISABLED. + * \param own_cid_len The length of \p own_cid. + * This parameter is unused if \p enabled is set to + * MBEDTLS_SSL_CID_DISABLED. + * + * \note This CID configuration applies to the next handshake + * performed on the SSL context \p ssl, but does not trigger + * one. You still have to call `mbedtls_ssl_handshake()` + * (for the initial handshake) or `mbedtls_ssl_renegotiate()` + * (for a renegotiation handshake) explicitly after a + * successful call to this function to run the handshake. + * + * \note This call cannot guarantee that the use of the CID + * will be successfully negotiated in the next handshake, + * because the peer might not support it. Specifically: + * - On the Client, enabling the use of the CID through + * this call implies that the `ClientHello` in the next + * handshake will include the CID extension, thereby + * offering the use of the CID to the server. Only if + * the `ServerHello` contains the CID extension, too, + * the CID extension will actually be put to use. + * - On the Server, enabling the use of the CID through + * this call implies that that the server will look for + * the CID extension in a `ClientHello` from the client, + * and, if present, reply with a CID extension in its + * `ServerHello`. + * + * \note To check whether the use of the CID was negotiated + * after the subsequent handshake has completed, please + * use the API mbedtls_ssl_get_peer_cid(). + * + * \warning If the use of the CID extension is enabled in this call + * and the subsequent handshake negotiates its use, Mbed TLS + * will silently drop every packet whose CID does not match + * the CID configured in \p own_cid. It is the responsibility + * of the user to adapt the underlying transport to take care + * of CID-based demultiplexing before handing datagrams to + * Mbed TLS. + * + * \return \c 0 on success. In this case, the CID configuration + * applies to the next handshake. + * \return A negative error code on failure. + */ +int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, + int enable, + unsigned char const *own_cid, + size_t own_cid_len ); + +/** + * \brief Get information about the current use of the + * CID extension. + * + * \param ssl The SSL context to query. + * \param enabled The address at which to store whether the CID extension + * is currently in use or not. If the CID is in use, + * `*enabled` is set to MBEDTLS_SSL_CID_ENABLED; + * otherwise, it is set to MBEDTLS_SSL_CID_DISABLED. + * \param peer_cid The address of the buffer in which to store the CID + * chosen by the peer (if the CID extension is used). + * \param peer_cid_len The address at which to store the size of the CID + * chosen by the peer (if the CID extension is used). + * This is also the number of Bytes in \p peer_cid that + * have been written. + * + * \note This applies to the state of the CID negotiated in + * the last complete handshake. If a handshake is in + * progress, this function will attempt to complete + * the handshake first. + * + * \return \c 0 on success. + * \return A negative error code on failure. + */ +int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, + int *enabled, + unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], + size_t *peer_cid_len ); + +#endif /* MBEDTLS_SSL_CID */ + /** * \brief Set the Maximum Tranport Unit (MTU). * Special value: 0 means unset (no limit). From bb47cd906f5212ca05f41bf2c1450c2743b3f134 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:14:28 +0100 Subject: [PATCH 03/21] Add dep of MBEDTLS_SSL_CID on MBEDTLS_SSL_PROTO_DTLS to config check --- include/mbedtls/check_config.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 0fa74f061..d8b0786c0 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -641,6 +641,11 @@ #error "MBEDTLS_SSL_DTLS_ANTI_REPLAY defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_CID) && \ + ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) +#error "MBEDTLS_SSL_CID defined, but not all prerequisites" +#endif + #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \ ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) #error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" From ebafe8b7ccb0b07045466f39df551d395751cd8e Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:15:32 +0100 Subject: [PATCH 04/21] Update query_config.c --- programs/ssl/query_config.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/programs/ssl/query_config.c b/programs/ssl/query_config.c index 143a45d84..a7f2d2de5 100644 --- a/programs/ssl/query_config.c +++ b/programs/ssl/query_config.c @@ -1234,6 +1234,14 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ +#if defined(MBEDTLS_SSL_CID) + if( strcmp( "MBEDTLS_SSL_CID", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) if( strcmp( "MBEDTLS_SSL_ASYNC_PRIVATE", config ) == 0 ) { @@ -2506,6 +2514,22 @@ int query_config( const char *config ) } #endif /* MBEDTLS_SSL_IN_CONTENT_LEN */ +#if defined(MBEDTLS_SSL_CID_IN_LEN_MAX) + if( strcmp( "MBEDTLS_SSL_CID_IN_LEN_MAX", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_IN_LEN_MAX ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CID_IN_LEN_MAX */ + +#if defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) + if( strcmp( "MBEDTLS_SSL_CID_OUT_LEN_MAX", config ) == 0 ) + { + MACRO_EXPANSION_TO_STR( MBEDTLS_SSL_CID_OUT_LEN_MAX ); + return( 0 ); + } +#endif /* MBEDTLS_SSL_CID_OUT_LEN_MAX */ + #if defined(MBEDTLS_SSL_OUT_CONTENT_LEN) if( strcmp( "MBEDTLS_SSL_OUT_CONTENT_LEN", config ) == 0 ) { From f8c10269d1a998908df24b0aa0fdc791d84b1971 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:15:42 +0100 Subject: [PATCH 05/21] Update version_features.c --- library/version_features.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/library/version_features.c b/library/version_features.c index b36893e33..c6001a40d 100644 --- a/library/version_features.c +++ b/library/version_features.c @@ -447,6 +447,9 @@ static const char *features[] = { #if defined(MBEDTLS_SSL_ALL_ALERT_MESSAGES) "MBEDTLS_SSL_ALL_ALERT_MESSAGES", #endif /* MBEDTLS_SSL_ALL_ALERT_MESSAGES */ +#if defined(MBEDTLS_SSL_CID) + "MBEDTLS_SSL_CID", +#endif /* MBEDTLS_SSL_CID */ #if defined(MBEDTLS_SSL_ASYNC_PRIVATE) "MBEDTLS_SSL_ASYNC_PRIVATE", #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ From f8542cf62036afcfa20550ba093c2984b3894c7f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 15:22:03 +0100 Subject: [PATCH 06/21] Add dummy implementations for CID API --- library/ssl_tls.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index cd2845631..6eb74944a 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -118,6 +118,33 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_DTLS) +/* Top-level Connection ID API */ + +int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, + int enable, + unsigned char const *own_cid, + size_t own_cid_len ) +{ + ((void) ssl); + ((void) enable); + ((void) own_cid); + ((void) own_cid_len); + return( 0 ); +} + +int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, + int *enabled, + unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], + size_t *peer_cid_len ) +{ + ((void) ssl); + ((void) peer_cid); + ((void) peer_cid_len); + + *enabled = MBEDTLS_SSL_CID_DISABLED; + return( 0 ); +} + /* Forward declarations for functions related to message buffering. */ static void ssl_buffering_free( mbedtls_ssl_context *ssl ); static void ssl_buffering_free_slot( mbedtls_ssl_context *ssl, From 1f583eecd826efba35a652901b2c6485cba60041 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 17:12:56 +0100 Subject: [PATCH 07/21] ssl_client2: Add helper to unhexify binary command line data --- programs/ssl/ssl_client2.c | 80 +++++++++++++++++++++----------------- 1 file changed, 45 insertions(+), 35 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 62f2c5790..894a8e0c2 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -708,6 +708,45 @@ int idle( mbedtls_net_context *fd, return( 0 ); } +/* Unhexify `hex` into `dst`. `dst` must have + * size at least `strlen( hex ) / 2`. */ +int unhexify( unsigned char const *hex, unsigned char *dst ) +{ + unsigned char c; + size_t j; + size_t len = strlen( hex ); + + if( len % 2 != 0 ) + return( -1 ); + + for( j = 0; j < len; j += 2 ) + { + c = hex[j]; + if( c >= '0' && c <= '9' ) + c -= '0'; + else if( c >= 'a' && c <= 'f' ) + c -= 'a' - 10; + else if( c >= 'A' && c <= 'F' ) + c -= 'A' - 10; + else + return( -1 ); + dst[ j / 2 ] = c << 4; + + c = hex[j + 1]; + if( c >= '0' && c <= '9' ) + c -= '0'; + else if( c >= 'a' && c <= 'f' ) + c -= 'a' - 10; + else if( c >= 'A' && c <= 'F' ) + c -= 'A' - 10; + else + return( -1 ); + dst[ j / 2 ] |= c; + } + + return( 0 ); +} + int main( int argc, char *argv[] ) { int ret = 0, len, tail_len, i, written, frags, retry_left; @@ -1257,46 +1296,17 @@ int main( int argc, char *argv[] ) */ if( strlen( opt.psk ) ) { - unsigned char c; - size_t j; - - if( strlen( opt.psk ) % 2 != 0 ) + psk_len = strlen( opt.psk ) / 2; + if( psk_len > sizeof( psk ) ) { - mbedtls_printf( "pre-shared key not valid hex\n" ); + mbedtls_printf( "pre-shared key too long\n" ); goto exit; } - psk_len = strlen( opt.psk ) / 2; - - for( j = 0; j < strlen( opt.psk ); j += 2 ) + if( unhexify( opt.psk, psk ) != 0 ) { - c = opt.psk[j]; - if( c >= '0' && c <= '9' ) - c -= '0'; - else if( c >= 'a' && c <= 'f' ) - c -= 'a' - 10; - else if( c >= 'A' && c <= 'F' ) - c -= 'A' - 10; - else - { - mbedtls_printf( "pre-shared key not valid hex\n" ); - goto exit; - } - psk[ j / 2 ] = c << 4; - - c = opt.psk[j + 1]; - if( c >= '0' && c <= '9' ) - c -= '0'; - else if( c >= 'a' && c <= 'f' ) - c -= 'a' - 10; - else if( c >= 'A' && c <= 'F' ) - c -= 'A' - 10; - else - { - mbedtls_printf( "pre-shared key not valid hex\n" ); - goto exit; - } - psk[ j / 2 ] |= c; + mbedtls_printf( "pre-shared key not valid hex\n" ); + goto exit; } } #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */ From 90cb359cf042099a62861ce8ca266924b0ea88cd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 17:24:19 +0100 Subject: [PATCH 08/21] ssl_client2: Add cmd line options to configure use of CID extension --- programs/ssl/ssl_client2.c | 100 ++++++++++++++++++++++++++++++++++++- 1 file changed, 99 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 894a8e0c2..43d3b0c7a 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -113,6 +113,8 @@ int main( void ) #define DFL_DHMLEN -1 #define DFL_RECONNECT 0 #define DFL_RECO_DELAY 0 +#define DFL_CID_ENABLED 0 +#define DFL_CID_VALUE "" #define DFL_RECONNECT_HARD 0 #define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED #define DFL_ALPN_STRING NULL @@ -166,6 +168,16 @@ int main( void ) #define USAGE_KEY_OPAQUE "" #endif +#if defined(MBEDTLS_SSL_CID) +#define USAGE_CID \ + " cid=%%d Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \ + " default: 0 (disabled)\n" \ + " cid_val=%%s The CID to use for incoming messages (in hex, without 0x).\n" \ + " default: \"\"\n" +#else /* MBEDTLS_SSL_CID */ +#define USAGE_CID "" +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK_RAW \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ @@ -337,6 +349,7 @@ int main( void ) " max_resend=%%d default: 0 (no resend on timeout)\n" \ "\n" \ USAGE_DTLS \ + USAGE_CID \ "\n" \ " auth_mode=%%s default: (library default: none)\n" \ " options: none, optional, required\n" \ @@ -457,6 +470,8 @@ struct options int etm; /* negotiate encrypt then mac? */ int context_crt_cb; /* use context-specific CRT verify callback */ int eap_tls; /* derive EAP-TLS keying material? */ + int cid_enabled; /* whether to use the CID extension or not */ + const char *cid_val; /* the CID to use for incoming messages */ } opt; int query_config( const char *config ); @@ -710,7 +725,7 @@ int idle( mbedtls_net_context *fd, /* Unhexify `hex` into `dst`. `dst` must have * size at least `strlen( hex ) / 2`. */ -int unhexify( unsigned char const *hex, unsigned char *dst ) +int unhexify( char const *hex, unsigned char *dst ) { unsigned char c; size_t j; @@ -758,6 +773,12 @@ int main( int argc, char *argv[] ) unsigned char psk[MBEDTLS_PSK_MAX_LEN]; size_t psk_len = 0; #endif + +#if defined(MBEDTLS_SSL_CID) + unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX]; + size_t cid_len = 0; +#endif + #if defined(MBEDTLS_SSL_ALPN) const char *alpn_list[ALPN_LIST_SIZE]; #endif @@ -858,6 +879,8 @@ int main( int argc, char *argv[] ) opt.server_addr = DFL_SERVER_ADDR; opt.server_port = DFL_SERVER_PORT; opt.debug_level = DFL_DEBUG_LEVEL; + opt.cid_enabled = DFL_CID_ENABLED; + opt.cid_val = DFL_CID_VALUE; opt.nbio = DFL_NBIO; opt.event = DFL_EVENT; opt.context_crt_cb = DFL_CONTEXT_CRT_CB; @@ -986,6 +1009,18 @@ int main( int argc, char *argv[] ) else if( strcmp( p, "key_opaque" ) == 0 ) opt.key_opaque = atoi( q ); #endif +#if defined(MBEDTLS_SSL_CID) + else if( strcmp( p, "cid" ) == 0 ) + { + opt.cid_enabled = atoi( q ); + if( opt.cid_enabled != 0 && opt.cid_enabled != 1 ) + goto usage; + } + else if( strcmp( p, "cid_val" ) == 0 ) + { + opt.cid_val = q; + } +#endif /* MBEDTLS_SSL_CID */ else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -1381,6 +1416,7 @@ int main( int argc, char *argv[] ) opt.arc4 = MBEDTLS_SSL_ARC4_ENABLED; } + #if defined(MBEDTLS_USE_PSA_CRYPTO) if( opt.psk_opaque != 0 ) { @@ -1406,6 +1442,24 @@ int main( int argc, char *argv[] ) #endif /* MBEDTLS_USE_PSA_CRYPTO */ } +#if defined(MBEDTLS_SSL_CID) + if( strlen( opt.cid_val ) ) + { + cid_len = strlen( opt.cid_val ) / 2; + if( cid_len > sizeof( cid ) ) + { + mbedtls_printf( "CID too long\n" ); + goto exit; + } + + if( unhexify( opt.cid_val, cid ) != 0 ) + { + mbedtls_printf( "CID not valid hex\n" ); + goto exit; + } + } +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_ECP_C) if( opt.curves != NULL ) { @@ -1907,6 +1961,19 @@ int main( int argc, char *argv[] ) mbedtls_net_send, mbedtls_net_recv, opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); +#if defined(MBEDTLS_SSL_CID) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled, + cid, cid_len ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret ); + goto exit; + } + } +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_PROTO_DTLS) if( opt.dtls_mtu != DFL_DTLS_MTU ) mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); @@ -2081,6 +2148,37 @@ int main( int argc, char *argv[] ) mbedtls_printf( "%s\n", peer_crt_info ); #endif /* MBEDTLS_X509_CRT_PARSE_C */ +#if defined(MBEDTLS_SSL_CID) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + size_t peer_cid_len; + int cid_negotiated; + + /* Check if the use of a CID has been negotiated */ + ret = mbedtls_ssl_get_peer_cid( &ssl, &cid_negotiated, + peer_cid, &peer_cid_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + -ret ); + goto exit; + } + + if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED ) + { + if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) + { + mbedtls_printf( "Use of Connection ID was rejected by the server.\n" ); + } + } + else + { + mbedtls_printf( "Use of Connection ID has been negotiated.\n" ); + } + } +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_RENEGOTIATION) if( opt.renegotiate ) { From a7d254224821be09e39153de6aa1dda92f9026ea Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 17:28:10 +0100 Subject: [PATCH 09/21] ssl_server2: Add cmd line options to configure use of CID extension --- programs/ssl/ssl_server2.c | 96 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 807f880f8..1fbaf473d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -145,6 +145,8 @@ int main( void ) #define DFL_MAX_VERSION -1 #define DFL_ARC4 -1 #define DFL_SHA1 -1 +#define DFL_CID_ENABLED 0 +#define DFL_CID_VALUE "" #define DFL_AUTH_MODE -1 #define DFL_CERT_REQ_CA_LIST MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED #define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE @@ -232,6 +234,16 @@ int main( void ) #define USAGE_SSL_ASYNC "" #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#if defined(MBEDTLS_SSL_CID) +#define USAGE_CID \ + " cid=%%d Disable (0) or enable (1) the use of the DTLS Connection ID extension.\n" \ + " default: 0 (disabled)\n" \ + " cid_val=%%s The CID to use for incoming messages (in hex, without 0x).\n" \ + " default: \"\"\n" +#else /* MBEDTLS_SSL_CID */ +#define USAGE_CID "" +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) #define USAGE_PSK_RAW \ " psk=%%s default: \"\" (in hex, without 0x)\n" \ @@ -573,6 +585,8 @@ struct options int dgram_packing; /* allow/forbid datagram packing */ int badmac_limit; /* Limit of records with bad MAC */ int eap_tls; /* derive EAP-TLS keying material? */ + int cid_enabled; /* whether to use the CID extension or not */ + const char *cid_val; /* the CID to use for incoming messages */ } opt; int query_config( const char *config ); @@ -1484,6 +1498,11 @@ int main( int argc, char *argv[] ) unsigned char alloc_buf[MEMORY_HEAP_SIZE]; #endif +#if defined(MBEDTLS_SSL_CID) + unsigned char cid[MBEDTLS_SSL_CID_IN_LEN_MAX]; + size_t cid_len = 0; +#endif + int i; char *p, *q; const int *list; @@ -1581,6 +1600,8 @@ int main( int argc, char *argv[] ) opt.event = DFL_EVENT; opt.response_size = DFL_RESPONSE_SIZE; opt.nbio = DFL_NBIO; + opt.cid_enabled = DFL_CID_ENABLED; + opt.cid_val = DFL_CID_VALUE; opt.read_timeout = DFL_READ_TIMEOUT; opt.ca_file = DFL_CA_FILE; opt.ca_path = DFL_CA_PATH; @@ -1727,6 +1748,18 @@ int main( int argc, char *argv[] ) opt.async_private_error = n; } #endif /* MBEDTLS_SSL_ASYNC_PRIVATE */ +#if defined(MBEDTLS_SSL_CID) + else if( strcmp( p, "cid" ) == 0 ) + { + opt.cid_enabled = atoi( q ); + if( opt.cid_enabled != 0 && opt.cid_enabled != 1 ) + goto usage; + } + else if( strcmp( p, "cid_val" ) == 0 ) + { + opt.cid_val = q; + } +#endif /* MBEDTLS_SSL_CID */ else if( strcmp( p, "psk" ) == 0 ) opt.psk = q; #if defined(MBEDTLS_USE_PSA_CRYPTO) @@ -2210,6 +2243,24 @@ int main( int argc, char *argv[] ) } } +#if defined(MBEDTLS_SSL_CID) + if( strlen( opt.cid_val ) ) + { + cid_len = strlen( opt.cid_val ) / 2; + if( cid_len > sizeof( cid ) ) + { + mbedtls_printf( "CID too long\n" ); + goto exit; + } + + if( unhexify( cid, opt.cid_val, &cid_len ) != 0 ) + { + mbedtls_printf( "CID not valid hex\n" ); + goto exit; + } + } +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) /* * Unhexify the pre-shared key and parse the list if any given @@ -2957,6 +3008,19 @@ int main( int argc, char *argv[] ) mbedtls_ssl_set_bio( &ssl, &client_fd, mbedtls_net_send, mbedtls_net_recv, opt.nbio == 0 ? mbedtls_net_recv_timeout : NULL ); +#if defined(MBEDTLS_SSL_CID) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + if( ( ret = mbedtls_ssl_set_cid( &ssl, opt.cid_enabled, + cid, cid_len ) ) != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_set_cid returned %d\n\n", + ret ); + goto exit; + } + } +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_PROTO_DTLS) if( opt.dtls_mtu != DFL_DTLS_MTU ) mbedtls_ssl_set_mtu( &ssl, opt.dtls_mtu ); @@ -3233,6 +3297,38 @@ handshake: mbedtls_printf("\n"); } #endif + +#if defined(MBEDTLS_SSL_CID) + if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + size_t peer_cid_len; + int cid_negotiated; + + /* Check if the use of a CID has been negotiated */ + ret = mbedtls_ssl_get_peer_cid( &ssl, &cid_negotiated, + peer_cid, &peer_cid_len ); + if( ret != 0 ) + { + mbedtls_printf( " failed\n ! mbedtls_ssl_get_peer_cid returned -0x%x\n\n", + -ret ); + goto exit; + } + + if( cid_negotiated == MBEDTLS_SSL_CID_DISABLED ) + { + if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) + { + mbedtls_printf( "Use of Connection ID was rejected by the client.\n" ); + } + } + else + { + mbedtls_printf( "Use of Connection ID has been negotiated.\n" ); + } + } +#endif /* MBEDTLS_SSL_CID */ + if( opt.exchanges == 0 ) goto close_notify; From 7cf463e3ccd8c32be797238b62a23f4d58ccb818 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Apr 2019 18:08:47 +0100 Subject: [PATCH 10/21] Add basic Connection ID tests to ssl-opt.sh --- tests/ssl-opt.sh | 97 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index cef87bceb..1e6069de3 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1270,6 +1270,103 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ -S "dumping 'expected mac' (20 bytes)" \ -s "dumping 'expected mac' (10 bytes)" +# Tests for DTLS Connection ID extension + +# TODO +# So far, the CID API isn't implemented, so we can't +# grep for output witnessing its use. This needs to be +# changed once the CID extension is implemented. + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client enabled, server disabled" \ + "$P_SRV dtls=1cid=0" \ + "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client disabled, server enabled" \ + "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI dtls=1 cid=0" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty" \ + "$P_SRV dtls=1 cid=1 cid_val=dead" \ + "$P_CLI dtls=1 cid=1 cid_val=beef" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client CID empty" \ + "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI dtls=1 cid=1" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Server CID empty" \ + "$P_SRV dtls=1 cid=1" \ + "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client+Server CID empty" \ + "$P_SRV dtls=1 cid=1" \ + "$P_CLI dtls=1 cid=1" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ + "$P_SRV dtls=1 cid=1 cid_val=dead" \ + "$P_CLI dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ + "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ + "$P_SRV dtls=1 cid=1" \ + "$P_CLI dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ + "$P_SRV dtls=1 cid=1" \ + "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ + "$P_SRV dtls=1 cid=1 cid_val=dead" \ + "$P_CLI dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ + "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ + "$P_SRV dtls=1 cid=1" \ + "$P_CLI dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID +run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ + "$P_SRV dtls=1 cid=1" \ + "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 + +requires_config_enabled MBEDTLS_SSL_CID MBEDTLS_SSL_RENEGOTIATION +run_test "Connection ID: Client+Server enabled, renegotiate" \ + "$P_SRV dtls=1 cid=1 cid_val=dead renegotiation=1" \ + "$P_CLI dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ + 0 + # Tests for Encrypt-then-MAC extension run_test "Encrypt then MAC: default" \ From 9742809531f426fd49cc2a6f1ecc4efeec327997 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:36:56 +0100 Subject: [PATCH 11/21] Reference CID Draft in Connection ID documentation in config.h --- include/mbedtls/config.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index 2f46be47c..262a9be97 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -1329,9 +1329,10 @@ /** * \def MBEDTLS_SSL_CID * - * Enable support for the DTLS Connection ID extension which - * allows to identify DTLS connections across changes in the - * underlying transport. + * Enable support for the DTLS Connection ID extension + * (version draft-ietf-tls-dtls-connection-id-04) + * which allows to identify DTLS connections across changes + * in the underlying transport. * * Setting this option enables the SSL APIs `mbedtls_ssl_set_cid()` * and `mbedtls_ssl_get_peer_cid()`. See their documentation for more From 318a87b33606aecded0537064e90e2c09dd32b27 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:37:38 +0100 Subject: [PATCH 12/21] Document that the use of CID is disabled by default. (Even if MBEDTLS_SSL_CID is set in config.h) --- include/mbedtls/ssl.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5fce3fefe..f357161ef 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1523,7 +1523,8 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * \param enable This value determines whether the CID extension should * be used or not. Possible values are: * - MBEDTLS_SSL_CID_ENABLED to enable the use of the CID. - * - MBEDTLS_SSL_CID_DISABLED to disable the use of the CID. + * - MBEDTLS_SSL_CID_DISABLED (default) to disable the use + * of the CID. * \param own_cid The address of the readable buffer holding the CID we want * the peer to use when sending encrypted messages to us. * This may be \c NULL if \p own_cid_len is \c 0. From 4f664cbb5c42f0f27ba509faf564909c26104b64 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:38:47 +0100 Subject: [PATCH 13/21] Clarify that mbedtls_ssl_set_cid() applies to all subsequent HSs --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index f357161ef..63cf2f83a 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1534,7 +1534,7 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * This parameter is unused if \p enabled is set to * MBEDTLS_SSL_CID_DISABLED. * - * \note This CID configuration applies to the next handshake + * \note This CID configuration applies to subsequent handshakes * performed on the SSL context \p ssl, but does not trigger * one. You still have to call `mbedtls_ssl_handshake()` * (for the initial handshake) or `mbedtls_ssl_renegotiate()` From 982182f342f6cb14df9c28141b63e85485355543 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:39:53 +0100 Subject: [PATCH 14/21] Improve wording of CID debug msg in ssl_server2 example application --- programs/ssl/ssl_server2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 1fbaf473d..0c622285a 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3319,7 +3319,7 @@ handshake: { if( opt.cid_enabled == MBEDTLS_SSL_CID_ENABLED ) { - mbedtls_printf( "Use of Connection ID was rejected by the client.\n" ); + mbedtls_printf( "Use of Connection ID was not offered by the client.\n" ); } } else From 735c716e2a004ebab9fbcbc07bff42f630f5d9a3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:50:28 +0100 Subject: [PATCH 15/21] Print peer CID from ssl_server2 --- programs/ssl/ssl_server2.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 0c622285a..60c5a507d 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3324,7 +3324,16 @@ handshake: } else { + size_t idx=0; mbedtls_printf( "Use of Connection ID has been negotiated.\n" ); + mbedtls_printf( "Peer CID (length %u Bytes): ", + (unsigned) peer_cid_len ); + while( idx < peer_cid_len ) + { + mbedtls_printf( "%#02x ", peer_cid[ idx ] ); + idx++; + } + mbedtls_printf( "\n" ); } } #endif /* MBEDTLS_SSL_CID */ From 957dd921f192b6146ae6411996c89da916dd8d73 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:50:59 +0100 Subject: [PATCH 16/21] Print peer CID from ssl_client2 --- programs/ssl/ssl_client2.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 43d3b0c7a..a524f81ce 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2174,7 +2174,16 @@ int main( int argc, char *argv[] ) } else { + size_t idx=0; mbedtls_printf( "Use of Connection ID has been negotiated.\n" ); + mbedtls_printf( "Peer CID (length %u Bytes): ", + (unsigned) peer_cid_len ); + while( idx < peer_cid_len ) + { + mbedtls_printf( "%#02x ", peer_cid[ idx ] ); + idx++; + } + mbedtls_printf( "\n" ); } } #endif /* MBEDTLS_SSL_CID */ From d029a2b57f648f28b4445cf5aa1d7833fc32f0a0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:52:14 +0100 Subject: [PATCH 17/21] Fix typo in CID test in ssl-opt.sh --- tests/ssl-opt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 1e6069de3..a189fd6b2 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1279,7 +1279,7 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ requires_config_enabled MBEDTLS_SSL_CID run_test "Connection ID: Client enabled, server disabled" \ - "$P_SRV dtls=1cid=0" \ + "$P_SRV dtls=1 cid=0" \ "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ 0 From 9bae30d00dfc3ed55c37ef19046bfac67e07b1ea Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 11:52:44 +0100 Subject: [PATCH 18/21] Fix use of requires_config_enabled in ssl-opt.sh requires_config_enabled doesn't support multiple config options. Tests having multiple configuration dependencies must be prefixed with multiple invocations of requires_config_enabled instead. --- tests/ssl-opt.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index a189fd6b2..a5ebe6d21 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1361,7 +1361,8 @@ run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES- "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 -requires_config_enabled MBEDTLS_SSL_CID MBEDTLS_SSL_RENEGOTIATION +requires_config_enabled MBEDTLS_SSL_CID +requires_config_enabled MBEDTLS_SSL_RENEGOTIATION run_test "Connection ID: Client+Server enabled, renegotiate" \ "$P_SRV dtls=1 cid=1 cid_val=dead renegotiation=1" \ "$P_CLI dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ From f1f9a823206beb4275c11af0352660f464648aa0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 12:01:20 +0100 Subject: [PATCH 19/21] Add warnings about status of implementation of CID API --- include/mbedtls/ssl.h | 17 ++++++++++++++--- library/ssl_tls.c | 6 ++++++ 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 63cf2f83a..f40506565 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1495,8 +1495,8 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, /** - * \brief Configure the use of the Connection ID (CID) extension - * in the next handshake. + * \brief (STUB) Configure the use of the Connection ID (CID) + * extension in the next handshake. * * Reference: * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04 @@ -1519,6 +1519,11 @@ void mbedtls_ssl_set_bio( mbedtls_ssl_context *ssl, * extension in the next handshake and to set the value of * the CID to be used for incoming messages. * + * \warning The current implementation of this API does nothing! + * It is included solely to allow review and coding against + * the new Connection CID API. + * The actual implementation will be added in the future. + * * \param ssl The SSL context to configure. This must be initialized. * \param enable This value determines whether the CID extension should * be used or not. Possible values are: @@ -1578,9 +1583,15 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, size_t own_cid_len ); /** - * \brief Get information about the current use of the + * \brief (STUB) Get information about the current use of the * CID extension. * + * \warning The current implementation of this API does nothing + * except setting `*enabled` to MBEDTLS_SSL_CID_DISABLED! + * It is included solely to allow review and coding against + * the new Connection CID API. + * The actual implementation will be added in the future. + * * \param ssl The SSL context to query. * \param enabled The address at which to store whether the CID extension * is currently in use or not. If the CID is in use, diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 6eb74944a..a22437a01 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -120,6 +120,9 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, /* Top-level Connection ID API */ +/* WARNING: This implementation is a stub and doesn't do anything! + * It is included solely to allow review and coding against + * the new Connection CID API. */ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, int enable, unsigned char const *own_cid, @@ -132,6 +135,9 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, return( 0 ); } +/* WARNING: This implementation is a stub and doesn't do anything! + * It is included solely to allow review and coding against + * the new Connection CID API. */ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, int *enabled, unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], From 5f925be3787c21c3957b27cfeab25cec12215051 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 12:02:34 +0100 Subject: [PATCH 20/21] Indicate ssl-opt.sh CID tests only test the stub CID code --- tests/ssl-opt.sh | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index a5ebe6d21..0037429a9 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1272,98 +1272,97 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ # Tests for DTLS Connection ID extension -# TODO # So far, the CID API isn't implemented, so we can't # grep for output witnessing its use. This needs to be # changed once the CID extension is implemented. requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client enabled, server disabled" \ +run_test "(STUB) Connection ID: Client enabled, server disabled" \ "$P_SRV dtls=1 cid=0" \ "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client disabled, server enabled" \ +run_test "(STUB) Connection ID: Client disabled, server enabled" \ "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ "$P_CLI dtls=1 cid=0" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ "$P_SRV dtls=1 cid=1 cid_val=dead" \ "$P_CLI dtls=1 cid=1 cid_val=beef" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client CID empty" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ "$P_CLI dtls=1 cid=1" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Server CID empty" \ +run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ "$P_SRV dtls=1 cid=1" \ "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client+Server CID empty" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ "$P_SRV dtls=1 cid=1" \ "$P_CLI dtls=1 cid=1" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ "$P_SRV dtls=1 cid=1 cid_val=dead" \ "$P_CLI dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ +run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ "$P_SRV dtls=1 cid=1" \ "$P_CLI dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ "$P_SRV dtls=1 cid=1" \ "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ "$P_SRV dtls=1 cid=1 cid_val=dead" \ "$P_CLI dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ +run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ "$P_SRV dtls=1 cid=1" \ "$P_CLI dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 requires_config_enabled MBEDTLS_SSL_CID -run_test "Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ +run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ "$P_SRV dtls=1 cid=1" \ "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION -run_test "Connection ID: Client+Server enabled, renegotiate" \ +run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ "$P_SRV dtls=1 cid=1 cid_val=dead renegotiation=1" \ "$P_CLI dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ 0 From 35c36a67607044ae98cbb69370a1fa00dbf0bbd3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 23 Apr 2019 12:31:42 +0100 Subject: [PATCH 21/21] Guard CID implementations by MBEDTLS_SSL_CID --- library/ssl_tls.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a22437a01..50464751c 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -118,6 +118,7 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_PROTO_DTLS) +#if defined(MBEDTLS_SSL_CID) /* Top-level Connection ID API */ /* WARNING: This implementation is a stub and doesn't do anything! @@ -150,6 +151,7 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, *enabled = MBEDTLS_SSL_CID_DISABLED; return( 0 ); } +#endif /* MBEDTLS_SSL_CID */ /* Forward declarations for functions related to message buffering. */ static void ssl_buffering_free( mbedtls_ssl_context *ssl );