From 6d7da5ee1ef9ffd14aeb57cd71e545bfe8cc0e47 Mon Sep 17 00:00:00 2001 From: Przemek Stekiel Date: Thu, 18 May 2023 16:02:43 +0200 Subject: [PATCH] Add FFDH support in client2, server2 applications Signed-off-by: Przemek Stekiel --- programs/ssl/ssl_client2.c | 13 ++++++++++++- programs/ssl/ssl_server2.c | 12 +++++++++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 12a1068f9..c7b677e8e 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -25,6 +25,8 @@ #include "test/psa_crypto_helpers.h" #endif /* MBEDTLS_USE_PSA_CRYPTO || MBEDTLS_SSL_PROTO_TLS1_3 */ +#include "mbedtls/dhm.h" + #if defined(MBEDTLS_SSL_TEST_IMPOSSIBLE) int main(void) { @@ -467,7 +469,7 @@ int main(void) " acceptable ciphersuite names:\n" #define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 +#define CURVE_LIST_SIZE 25 #define SIG_ALG_LIST_SIZE 5 /* @@ -1508,6 +1510,7 @@ usage: /* Leave room for a final NULL in curve list */ while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { q = p; + uint16_t ffdh_group = 0; /* Terminate the current string */ while (*p != ',' && *p != '\0') { @@ -1519,6 +1522,8 @@ usage: if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { group_list[i++] = curve_cur->tls_id; + } else if ((ffdh_group = mbedtls_ssl_ffdh_group_from_name(q)) != 0) { + group_list[i++] = ffdh_group; } else { mbedtls_printf("unknown curve %s\n", q); mbedtls_printf("supported curves: "); @@ -1527,6 +1532,12 @@ usage: curve_cur++) { mbedtls_printf("%s ", curve_cur->name); } + uint16_t *supported_ffdh_group = mbedtls_ssl_ffdh_supported_groups(); + while (*supported_ffdh_group != 0) { + mbedtls_printf("%s ", + mbedtls_ssl_ffdh_name_from_group(*supported_ffdh_group)); + supported_ffdh_group++; + } mbedtls_printf("\n"); goto exit; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 5f8bea93c..9919e08f9 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -70,6 +70,7 @@ int main(void) #endif #include "mbedtls/pk.h" +#include "mbedtls/dhm.h" /* Size of memory to be allocated for the heap, when using the library's memory * management and MBEDTLS_MEMORY_BUFFER_ALLOC_C is enabled. */ @@ -587,7 +588,7 @@ int main(void) " acceptable ciphersuite names:\n" #define ALPN_LIST_SIZE 10 -#define CURVE_LIST_SIZE 20 +#define CURVE_LIST_SIZE 25 #define SIG_ALG_LIST_SIZE 5 #define PUT_UINT64_BE(out_be, in_le, i) \ @@ -2401,6 +2402,7 @@ usage: /* Leave room for a final NULL in curve list */ while (i < CURVE_LIST_SIZE - 1 && *p != '\0') { q = p; + uint16_t ffdh_group = 0; /* Terminate the current string */ while (*p != ',' && *p != '\0') { @@ -2412,6 +2414,8 @@ usage: if ((curve_cur = mbedtls_ecp_curve_info_from_name(q)) != NULL) { group_list[i++] = curve_cur->tls_id; + } else if ((ffdh_group = mbedtls_ssl_ffdh_group_from_name(q)) != 0) { + group_list[i++] = ffdh_group; } else { mbedtls_printf("unknown curve %s\n", q); mbedtls_printf("supported curves: "); @@ -2419,6 +2423,12 @@ usage: curve_cur->grp_id != MBEDTLS_ECP_DP_NONE; curve_cur++) { mbedtls_printf("%s ", curve_cur->name); + uint16_t *supported_ffdh_group = mbedtls_ssl_ffdh_supported_groups(); + while (*supported_ffdh_group != 0) { + mbedtls_printf("%s ", + mbedtls_ssl_ffdh_name_from_group(*supported_ffdh_group)); + supported_ffdh_group++; + } } mbedtls_printf("\n"); goto exit;