Merge branch 'etm' into dtls

* etm: Fix warning in reduced config Update Changelog for EtM Keep EtM state across renegotiations Adjust minimum length for EtM Don't send back EtM extension if not using CBC Fix for the RFC erratum Implement EtM Preparation for EtM Implement initial negotiation of EtM Conflicts: include/polarssl/check_config.h
2014-11-06 01:36:32 +01:00 · 2014-11-06 01:36:32 +01:00 · f9d778d635
commit f9d778d635
parent 56d985d0a6 9d7821d774
10 changed files with 531 additions and 23 deletions
--- a/library/ssl_cli.c
+++ b/library/ssl_cli.c
@ -359,6 +359,32 @@ static void ssl_write_truncated_hmac_ext( ssl_context *ssl,
 }
 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */

+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+static void ssl_write_encrypt_then_mac_ext( ssl_context *ssl,
+                                       unsigned char *buf, size_t *olen )
+{
+    unsigned char *p = buf;
+
+    if( ssl->encrypt_then_mac == SSL_ETM_DISABLED ||
+        ssl->max_minor_ver == SSL_MINOR_VERSION_0 )
+    {
+        *olen = 0;
+        return;
+    }
+
+    SSL_DEBUG_MSG( 3, ( "client hello, adding encrypt_then_mac "
+                        "extension" ) );
+
+    *p++ = (unsigned char)( ( TLS_EXT_ENCRYPT_THEN_MAC >> 8 ) & 0xFF );
+    *p++ = (unsigned char)( ( TLS_EXT_ENCRYPT_THEN_MAC      ) & 0xFF );
+
+    *p++ = 0x00;
+    *p++ = 0x00;
+
+    *olen = 4;
+}
+#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */
+
 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
 static void ssl_write_extended_ms_ext( ssl_context *ssl,
                                       unsigned char *buf, size_t *olen )
@ -770,6 +796,11 @@ static int ssl_write_client_hello( ssl_context *ssl )
    ext_len += olen;
 #endif

+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+    ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen );
+    ext_len += olen;
+#endif
+
 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
    ssl_write_extended_ms_ext( ssl, p + 2 + ext_len, &olen );
    ext_len += olen;
@ -898,6 +929,26 @@ static int ssl_parse_truncated_hmac_ext( ssl_context *ssl,
 }
 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */

+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+static int ssl_parse_encrypt_then_mac_ext( ssl_context *ssl,
+                                         const unsigned char *buf,
+                                         size_t len )
+{
+    if( ssl->encrypt_then_mac == SSL_ETM_DISABLED ||
+        ssl->minor_ver == SSL_MINOR_VERSION_0 ||
+        len != 0 )
+    {
+        return( POLARSSL_ERR_SSL_BAD_HS_SERVER_HELLO );
+    }
+
+    ((void) buf);
+
+    ssl->session_negotiate->encrypt_then_mac = SSL_ETM_ENABLED;
+
+    return( 0 );
+}
+#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */
+
 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
 static int ssl_parse_extended_ms_ext( ssl_context *ssl,
                                         const unsigned char *buf,
@ -1395,6 +1446,19 @@ static int ssl_parse_server_hello( ssl_context *ssl )
            break;
 #endif /* POLARSSL_SSL_TRUNCATED_HMAC */

+#if defined(POLARSSL_SSL_ENCRYPT_THEN_MAC)
+        case TLS_EXT_ENCRYPT_THEN_MAC:
+            SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) );
+
+            if( ( ret = ssl_parse_encrypt_then_mac_ext( ssl,
+                            ext + 4, ext_size ) ) != 0 )
+            {
+                return( ret );
+            }
+
+            break;
+#endif /* POLARSSL_SSL_ENCRYPT_THEN_MAC */
+
 #if defined(POLARSSL_SSL_EXTENDED_MASTER_SECRET)
        case TLS_EXT_EXTENDED_MASTER_SECRET:
            SSL_DEBUG_MSG( 3, ( "found extended_master_secret extension" ) );