From acb3992251de1879a624eceb18d3c4661c63c80e Mon Sep 17 00:00:00 2001 From: XiaokangQian Date: Fri, 17 Jun 2022 10:18:48 +0000 Subject: [PATCH] Add ALPN extension to the server side CustomizedGitHooks: yes Change-Id: I6fe1516963e7b5727710872ee91fea7fc51d2776 Signed-off-by: XiaokangQian --- library/ssl_misc.h | 12 ++++ library/ssl_tls.c | 100 +++++++++++++++++++++++++++++ library/ssl_tls12_server.c | 127 ++----------------------------------- library/ssl_tls13_server.c | 33 ++++++++++ tests/ssl-opt.sh | 47 ++++++++++---- 5 files changed, 182 insertions(+), 137 deletions(-) diff --git a/library/ssl_misc.h b/library/ssl_misc.h index b1f0c90b5..20e94dc45 100644 --- a/library/ssl_misc.h +++ b/library/ssl_misc.h @@ -2280,4 +2280,16 @@ int mbedtls_ssl_tls13_get_sig_alg_from_pk( mbedtls_ssl_context *ssl, mbedtls_pk_context *own_key, uint16_t *algorithm ); +#if defined(MBEDTLS_SSL_ALPN) +int mbedtls_ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end ); + + +int mbedtls_ssl_write_alpn_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ); +#endif /* MBEDTLS_SSL_ALPN */ + #endif /* ssl_misc.h */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 833246141..6fa169f71 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -8285,4 +8285,104 @@ int mbedtls_ssl_parse_server_name_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined(MBEDTLS_SSL_ALPN) +int mbedtls_ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + const unsigned char *end ) +{ + const unsigned char *p = buf; + size_t list_len; + + const unsigned char *cur_alpn; + size_t cur_alpn_len; + + /* If ALPN not configured, just ignore the extension */ + if( ssl->conf->alpn_list == NULL ) + return( 0 ); + + /* + * opaque ProtocolName<1..2^8-1>; + * + * struct { + * ProtocolName protocol_name_list<2..2^16-1> + * } ProtocolNameList; + */ + + /* Min length is 2 ( list_len ) + 1 ( name_len ) + 1 ( name ) */ + MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 4 ); + + list_len = MBEDTLS_GET_UINT16_BE( p, 0 ); + p += 2; + MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, list_len ); + + /* Validate peer's list (lengths) */ + for( cur_alpn = p; cur_alpn != end; cur_alpn += cur_alpn_len ) + { + cur_alpn_len = *cur_alpn++; + MBEDTLS_SSL_CHK_BUF_READ_PTR( cur_alpn, end, cur_alpn_len ); + if( cur_alpn_len == 0 ) + return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); + } + + /* Use our order of preference */ + for( const char **alpn = ssl->conf->alpn_list; *alpn != NULL; alpn++ ) + { + size_t const alpn_len = strlen( *alpn ); + for( cur_alpn = p; cur_alpn != end; cur_alpn += cur_alpn_len ) + { + cur_alpn_len = *cur_alpn++; + + if( cur_alpn_len == alpn_len && + memcmp( cur_alpn, *alpn, alpn_len ) == 0 ) + { + ssl->alpn_chosen = *alpn; + return( 0 ); + } + } + } + + /* If we get hhere, no match was found */ + MBEDTLS_SSL_PEND_FATAL_ALERT( + MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL, + MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL ); + return( MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL ); +} + +int mbedtls_ssl_write_alpn_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + unsigned char *end, + size_t *olen ) +{ + unsigned char *p = buf; + *olen = 0; + + if( ssl->alpn_chosen == NULL ) + { + return( 0 ); + } + + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 + strlen( ssl->alpn_chosen ) ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server side, adding alpn extension" ) ); + /* + * 0 . 1 ext identifier + * 2 . 3 ext length + * 4 . 5 protocol list length + * 6 . 6 protocol name length + * 7 . 7+n protocol name + */ + MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, p, 0 ); + + *olen = 7 + strlen( ssl->alpn_chosen ); + + MBEDTLS_PUT_UINT16_BE( *olen - 4, p, 2 ); + MBEDTLS_PUT_UINT16_BE( *olen - 6, p, 4 ); + p[6] = MBEDTLS_BYTE_0( *olen - 7 ); + p += 7; + + memcpy( p, ssl->alpn_chosen, *olen - 7 ); + return ( 0 ); +} +#endif /* MBEDTLS_SSL_ALPN */ + #endif /* MBEDTLS_SSL_TLS_C */ diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index e92014c9b..21e5cda97 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -528,94 +528,6 @@ static int ssl_parse_session_ticket_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_SESSION_TICKETS */ -#if defined(MBEDTLS_SSL_ALPN) -static int ssl_parse_alpn_ext( mbedtls_ssl_context *ssl, - const unsigned char *buf, size_t len ) -{ - size_t list_len, cur_len, ours_len; - const unsigned char *theirs, *start, *end; - const char **ours; - - /* If ALPN not configured, just ignore the extension */ - if( ssl->conf->alpn_list == NULL ) - return( 0 ); - - /* - * opaque ProtocolName<1..2^8-1>; - * - * struct { - * ProtocolName protocol_name_list<2..2^16-1> - * } ProtocolNameList; - */ - - /* Min length is 2 (list_len) + 1 (name_len) + 1 (name) */ - if( len < 4 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); - } - - list_len = ( buf[0] << 8 ) | buf[1]; - if( list_len != len - 2 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); - } - - /* - * Validate peer's list (lengths) - */ - start = buf + 2; - end = buf + len; - for( theirs = start; theirs != end; theirs += cur_len ) - { - cur_len = *theirs++; - - /* Current identifier must fit in list */ - if( cur_len > (size_t)( end - theirs ) ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR ); - return( MBEDTLS_ERR_SSL_DECODE_ERROR ); - } - - /* Empty strings MUST NOT be included */ - if( cur_len == 0 ) - { - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); - return( MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER ); - } - } - - /* - * Use our order of preference - */ - for( ours = ssl->conf->alpn_list; *ours != NULL; ours++ ) - { - ours_len = strlen( *ours ); - for( theirs = start; theirs != end; theirs += cur_len ) - { - cur_len = *theirs++; - - if( cur_len == ours_len && - memcmp( theirs, *ours, cur_len ) == 0 ) - { - ssl->alpn_chosen = *ours; - return( 0 ); - } - } - } - - /* If we get there, no match was found */ - mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL ); - return( MBEDTLS_ERR_SSL_NO_APPLICATION_PROTOCOL ); -} -#endif /* MBEDTLS_SSL_ALPN */ - #if defined(MBEDTLS_SSL_DTLS_SRTP) static int ssl_parse_use_srtp_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -1524,7 +1436,8 @@ read_record_header: case MBEDTLS_TLS_EXT_ALPN: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); - ret = ssl_parse_alpn_ext( ssl, ext + 4, ext_size ); + ret = mbedtls_ssl_parse_alpn_ext( ssl, ext + 4, + ext + 4 + ext_size ); if( ret != 0 ) return( ret ); break; @@ -2040,39 +1953,6 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ -#if defined(MBEDTLS_SSL_ALPN ) -static void ssl_write_alpn_ext( mbedtls_ssl_context *ssl, - unsigned char *buf, size_t *olen ) -{ - if( ssl->alpn_chosen == NULL ) - { - *olen = 0; - return; - } - - MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding alpn extension" ) ); - - /* - * 0 . 1 ext identifier - * 2 . 3 ext length - * 4 . 5 protocol list length - * 6 . 6 protocol name length - * 7 . 7+n protocol name - */ - MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_ALPN, buf, 0); - - *olen = 7 + strlen( ssl->alpn_chosen ); - - MBEDTLS_PUT_UINT16_BE( *olen - 4, buf, 2 ); - - MBEDTLS_PUT_UINT16_BE( *olen - 6, buf, 4 ); - - buf[6] = MBEDTLS_BYTE_0( *olen - 7 ); - - memcpy( buf + 7, ssl->alpn_chosen, *olen - 7 ); -} -#endif /* MBEDTLS_ECDH_C || MBEDTLS_ECDSA_C */ - #if defined(MBEDTLS_SSL_DTLS_SRTP ) && defined(MBEDTLS_SSL_PROTO_DTLS) static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -2446,7 +2326,8 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) #endif #if defined(MBEDTLS_SSL_ALPN) - ssl_write_alpn_ext( ssl, p + 2 + ext_len, &olen ); + unsigned char *end = buf + MBEDTLS_SSL_OUT_CONTENT_LEN - 4; + mbedtls_ssl_write_alpn_ext( ssl, p + 2 + ext_len, end, &olen ); ext_len += olen; #endif diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 5be338d3f..2ee67bf1a 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -303,6 +303,13 @@ static void ssl_tls13_debug_print_client_hello_exts( mbedtls_ssl_context *ssl ) & MBEDTLS_SSL_EXT_SERVERNAME ) > 0 ) ? "TRUE" : "FALSE" ) ); #endif /* MBEDTLS_SSL_SERVER_NAME_INDICATION */ +#if defined ( MBEDTLS_SSL_ALPN ) + MBEDTLS_SSL_DEBUG_MSG( 3, + ( "- ALPN_EXTENSION ( %s )", + ( ( ssl->handshake->extensions_present + & MBEDTLS_SSL_EXT_ALPN ) > 0 ) ? + "TRUE" : "FALSE" ) ); +#endif /* MBEDTLS_SSL_ALPN */ } #endif /* MBEDTLS_DEBUG_C */ @@ -731,6 +738,21 @@ static int ssl_tls13_parse_client_hello( mbedtls_ssl_context *ssl, ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_SUPPORTED_VERSIONS; break; +#if defined(MBEDTLS_SSL_ALPN) + case MBEDTLS_TLS_EXT_ALPN: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found alpn extension" ) ); + + ret = mbedtls_ssl_parse_alpn_ext( ssl, p, extension_data_end ); + if( ret != 0 ) + { + MBEDTLS_SSL_DEBUG_RET( + 1, ( "mbedtls_ssl_parse_alpn_ext" ), ret ); + return( ret ); + } + ssl->handshake->extensions_present |= MBEDTLS_SSL_EXT_ALPN; + break; +#endif /* MBEDTLS_SSL_ALPN */ + #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) case MBEDTLS_TLS_EXT_SIG_ALG: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found signature_algorithms extension" ) ); @@ -1361,9 +1383,11 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl, unsigned char *end, size_t *out_len ) { + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char *p = buf; size_t extensions_len = 0; unsigned char *p_extensions_len; + size_t output_len; *out_len = 0; @@ -1372,6 +1396,15 @@ static int ssl_tls13_write_encrypted_extensions_body( mbedtls_ssl_context *ssl, p += 2; ((void) ssl); + ((void) ret); + ((void) output_len); + +#if defined(MBEDTLS_SSL_ALPN) + ret = mbedtls_ssl_write_alpn_ext( ssl, p, end, &output_len ); + if( ret != 0 ) + return( ret ); + p += output_len; +#endif /* MBEDTLS_SSL_ALPN */ extensions_len = ( p - p_extensions_len ) - 2; MBEDTLS_PUT_UINT16_BE( extensions_len, p_extensions_len, 0 ); diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index f507a3251..07918231c 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -5901,7 +5901,6 @@ run_test "Not supported version check: srv max TLS 1.1" \ # Tests for ALPN extension -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: none" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3" \ @@ -5909,12 +5908,11 @@ run_test "ALPN: none" \ -C "client hello, adding alpn extension" \ -S "found alpn extension" \ -C "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ + -S "server side, adding alpn extension" \ -C "found alpn extension " \ -C "Application Layer Protocol is" \ -S "Application Layer Protocol is" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: client only" \ "$P_SRV debug_level=3" \ "$P_CLI debug_level=3 alpn=abc,1234" \ @@ -5922,12 +5920,11 @@ run_test "ALPN: client only" \ -c "client hello, adding alpn extension" \ -s "found alpn extension" \ -C "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ + -S "server side, adding alpn extension" \ -C "found alpn extension " \ -c "Application Layer Protocol is (none)" \ -S "Application Layer Protocol is" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: server only" \ "$P_SRV debug_level=3 alpn=abc,1234" \ "$P_CLI debug_level=3" \ @@ -5935,12 +5932,11 @@ run_test "ALPN: server only" \ -C "client hello, adding alpn extension" \ -S "found alpn extension" \ -C "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ + -S "server side, adding alpn extension" \ -C "found alpn extension " \ -C "Application Layer Protocol is" \ -s "Application Layer Protocol is (none)" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: both, common cli1-srv1" \ "$P_SRV debug_level=3 alpn=abc,1234" \ "$P_CLI debug_level=3 alpn=abc,1234" \ @@ -5948,12 +5944,11 @@ run_test "ALPN: both, common cli1-srv1" \ -c "client hello, adding alpn extension" \ -s "found alpn extension" \ -C "got an alert message, type: \\[2:120]" \ - -s "server hello, adding alpn extension" \ + -s "server side, adding alpn extension" \ -c "found alpn extension" \ -c "Application Layer Protocol is abc" \ -s "Application Layer Protocol is abc" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: both, common cli2-srv1" \ "$P_SRV debug_level=3 alpn=abc,1234" \ "$P_CLI debug_level=3 alpn=1234,abc" \ @@ -5961,12 +5956,11 @@ run_test "ALPN: both, common cli2-srv1" \ -c "client hello, adding alpn extension" \ -s "found alpn extension" \ -C "got an alert message, type: \\[2:120]" \ - -s "server hello, adding alpn extension" \ + -s "server side, adding alpn extension" \ -c "found alpn extension" \ -c "Application Layer Protocol is abc" \ -s "Application Layer Protocol is abc" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: both, common cli1-srv2" \ "$P_SRV debug_level=3 alpn=abc,1234" \ "$P_CLI debug_level=3 alpn=1234,abcde" \ @@ -5974,12 +5968,11 @@ run_test "ALPN: both, common cli1-srv2" \ -c "client hello, adding alpn extension" \ -s "found alpn extension" \ -C "got an alert message, type: \\[2:120]" \ - -s "server hello, adding alpn extension" \ + -s "server side, adding alpn extension" \ -c "found alpn extension" \ -c "Application Layer Protocol is 1234" \ -s "Application Layer Protocol is 1234" -requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 run_test "ALPN: both, no common" \ "$P_SRV debug_level=3 alpn=abc,123" \ "$P_CLI debug_level=3 alpn=1234,abcde" \ @@ -5987,7 +5980,7 @@ run_test "ALPN: both, no common" \ -c "client hello, adding alpn extension" \ -s "found alpn extension" \ -c "got an alert message, type: \\[2:120]" \ - -S "server hello, adding alpn extension" \ + -S "server side, adding alpn extension" \ -C "found alpn extension" \ -C "Application Layer Protocol is 1234" \ -S "Application Layer Protocol is 1234" @@ -10517,6 +10510,32 @@ run_test "TLS 1.3: alpn - gnutls" \ -c "HTTP/1.0 200 OK" \ -c "Application Layer Protocol is h2" +requires_openssl_tls1_3 +requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 +requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE +requires_config_enabled MBEDTLS_DEBUG_C +requires_config_enabled MBEDTLS_SSL_CLI_C +requires_config_enabled MBEDTLS_SSL_ALPN +run_test "TLS 1.3: server alpn - openssl" \ + "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 alpn=h2" \ + "$O_NEXT_CLI -msg -tls1_3 -no_middlebox -alpn h2" \ + 0 \ + -s "server state: MBEDTLS_SSL_HELLO_REQUEST" \ + -s "server state: MBEDTLS_SSL_SERVER_HELLO" \ + -s "server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ + -s "server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ + -s "server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ + -s "server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ + -s "server state: MBEDTLS_SSL_SERVER_FINISHED" \ + -s "server state: MBEDTLS_SSL_CLIENT_FINISHED" \ + -s "server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ + -s "<= parse client hello" \ + -s "found alpn extension" \ + -s "server side, adding alpn extension" \ + -s "Protocol is TLSv1.3" \ + -s "HTTP/1.0 200 OK" \ + -s "Application Layer Protocol is h2" + requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_SSL_CLI_C