eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merged RSA-PSK key-exchange and ciphersuites

Browse source
This commit is contained in:
Paul Bakker 2013-10-15 12:46:17 +02:00
commit f34673e37b
11 changed files with 284 additions and 227 deletions
library
ssl_cli.c

251
library/ssl_cli.c
View file

@ -1147,9 +1147,7 @@ static int ssl_parse_server_ecdh_params( ssl_context *ssl,
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
static int ssl_parse_server_psk_hint( ssl_context *ssl,
unsigned char **p,
unsigned char *end )
@ -1163,7 +1161,7 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl,
*
* opaque psk_identity_hint<0..2^16-1>;
*/
len = (*p)[1] << 8 | (*p)[0];
len = (*p)[0] << 8 | (*p)[1];
*p += 2;
if( (*p) + len > end )
@ -1179,9 +1177,73 @@ static int ssl_parse_server_psk_hint( ssl_context *ssl,
return( ret );
}
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED
POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
/*
* Generate a pre-master secret and encrypt it with the server's RSA key
*/
static int ssl_write_encrypted_pms( ssl_context *ssl,
size_t offset, size_t *olen,
size_t pms_offset )
{
int ret;
size_t len_bytes = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 0 : 2;
unsigned char *p = ssl->handshake->premaster + pms_offset;
/*
* Generate (part of) the pre-master as
* struct {
* ProtocolVersion client_version;
* opaque random[46];
* } PreMasterSecret;
*/
p[0] = (unsigned char) ssl->max_major_ver;
p[1] = (unsigned char) ssl->max_minor_ver;
if( ( ret = ssl->f_rng( ssl->p_rng, p + 2, 46 ) ) != 0 )
{
SSL_DEBUG_RET( 1, "f_rng", ret );
return( ret );
}
ssl->handshake->pmslen = 48;
/*
* Now write it out, encrypted
*/
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk,
POLARSSL_PK_RSA ) )
{
SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) );
return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH );
}
if( ( ret = pk_encrypt( &ssl->session_negotiate->peer_cert->pk,
p, ssl->handshake->pmslen,
ssl->out_msg + offset + len_bytes, olen,
SSL_MAX_CONTENT_LEN - offset - len_bytes,
ssl->f_rng, ssl->p_rng ) ) != 0 )
{
SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret );
return( ret );
}
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
defined(POLARSSL_SSL_PROTO_TLS1_2)
if( len_bytes == 2 )
{
ssl->out_msg[offset+0] = (unsigned char)( *olen >> 8 );
ssl->out_msg[offset+1] = (unsigned char)( *olen );
*olen += 2;
}
#endif
return( 0 );
}
#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
#if defined(POLARSSL_SSL_PROTO_TLS1_2)
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
@ -1241,10 +1303,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
{
int ret;
const ssl_ciphersuite_t *ciphersuite_info = ssl->transform_negotiate->ciphersuite_info;
unsigned char *p, *end;
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
unsigned char *p, *end;
size_t sig_len, params_len;
unsigned char hash[64];
md_type_t md_alg = POLARSSL_MD_NONE;
@ -1254,17 +1316,16 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
SSL_DEBUG_MSG( 2, ( "=> parse server key exchange" ) );
if( ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_RSA &&
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_RSA &&
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA &&
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_PSK &&
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_DHE_PSK &&
ciphersuite_info->key_exchange != POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA )
{
SSL_DEBUG_MSG( 2, ( "<= skip parse server key exchange" ) );
ssl->state++;
return( 0 );
}
((void) p);
((void) end);
#endif
if( ( ret = ssl_read_record( ssl ) ) != 0 )
{
@ -1278,9 +1339,14 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
}
/*
* ServerKeyExchange may be skipped with PSK and RSA-PSK when the server
* doesn't use a psk_identity_hint
*/
if( ssl->in_msg[0] != SSL_HS_SERVER_KEY_EXCHANGE )
{
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK )
{
ssl->record_read = 1;
goto exit;
@ -1290,29 +1356,51 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
return( POLARSSL_ERR_SSL_UNEXPECTED_MESSAGE );
}
SSL_DEBUG_BUF( 3, "server key exchange", ssl->in_msg + 4, ssl->in_hslen - 4 );
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
p = ssl->in_msg + 4;
end = ssl->in_msg + ssl->in_hslen;
#endif
SSL_DEBUG_BUF( 3, "server key exchange", p, ssl->in_hslen - 4 );
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA )
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
{
if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
} /* FALLTROUGH */
#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK )
; /* nothing more to do */
else
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_RSA ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "failed to parsebad server key exchange message" ) );
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
}
else
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED */
#endif /* POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_RSA ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA )
{
if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
@ -1323,60 +1411,10 @@ static int ssl_parse_server_key_exchange( ssl_context *ssl )
}
else
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK )
{
unsigned char *p = ssl->in_msg + 4;
unsigned char *end = ssl->in_msg + ssl->in_hslen;
if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
}
else
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
unsigned char *p = ssl->in_msg + 4;
unsigned char *end = ssl->in_msg + ssl->in_hslen;
if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
}
else
#endif /* POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
{
unsigned char *p = ssl->in_msg + 4;
unsigned char *end = ssl->in_msg + ssl->in_hslen;
if( ssl_parse_server_psk_hint( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
{
SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
return( POLARSSL_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
}
}
else
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
{
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
}
@ -1802,10 +1840,9 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
else
#endif /* POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
defined(POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
#if defined(POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_ECDHE_PSK )
{
@ -1830,6 +1867,14 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
}
else
#endif
#if defined(POLARSSL_KEY_EXCHANGE_RSA_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA_PSK )
{
if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 2 ) ) != 0 )
return( ret );
}
else
#endif
#if defined(POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_DHE_PSK )
{
@ -1884,57 +1929,19 @@ static int ssl_write_client_key_exchange( ssl_context *ssl )
}
}
else
#endif /* POLARSSL_KEY_EXCHANGE_PSK_ENABLED ||
POLARSSL_KEY_EXCHANGE_DHE_PSK_ENABLED ||
POLARSSL_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
#endif /* POLARSSL_KEY_EXCHANGE__SOME__PSK_ENABLED */
#if defined(POLARSSL_KEY_EXCHANGE_RSA_ENABLED)
if( ciphersuite_info->key_exchange == POLARSSL_KEY_EXCHANGE_RSA )
{
/*
* RSA key exchange -- send rsa_public(pkcs1 v1.5(premaster))
*/
ssl->handshake->premaster[0] = (unsigned char) ssl->max_major_ver;
ssl->handshake->premaster[1] = (unsigned char) ssl->max_minor_ver;
ssl->handshake->pmslen = 48;
ret = ssl->f_rng( ssl->p_rng, ssl->handshake->premaster + 2,
ssl->handshake->pmslen - 2 );
if( ret != 0 )
i = 4;
if( ( ret = ssl_write_encrypted_pms( ssl, i, &n, 0 ) ) != 0 )
return( ret );
if( ! pk_can_do( &ssl->session_negotiate->peer_cert->pk,
POLARSSL_PK_RSA ) )
{
SSL_DEBUG_MSG( 1, ( "certificate key type mismatch" ) );
return( POLARSSL_ERR_SSL_PK_TYPE_MISMATCH );
}
i = ssl->minor_ver == SSL_MINOR_VERSION_0 ? 4 : 6;
ret = pk_encrypt( &ssl->session_negotiate->peer_cert->pk,
ssl->handshake->premaster, ssl->handshake->pmslen,
ssl->out_msg + i, &n, SSL_BUFFER_LEN,
ssl->f_rng, ssl->p_rng );
if( ret != 0 )
{
SSL_DEBUG_RET( 1, "rsa_pkcs1_encrypt", ret );
return( ret );
}
#if defined(POLARSSL_SSL_PROTO_TLS1) || defined(POLARSSL_SSL_PROTO_TLS1_1) || \
defined(POLARSSL_SSL_PROTO_TLS1_2)
if( ssl->minor_ver != SSL_MINOR_VERSION_0 )
{
ssl->out_msg[4] = (unsigned char)( n >> 8 );
ssl->out_msg[5] = (unsigned char)( n );
}
#endif
}
else
#endif /* POLARSSL_KEY_EXCHANGE_RSA_ENABLED */
{
((void) ciphersuite_info);
SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
}