From e5e7f621cc440a9f756577ecdb0c20d2c02322bd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 15:46:59 +0100 Subject: [PATCH 01/29] Add fields to SSL structures describing state and config of CID ext * mbedtls_ssl_context gets fields indicating whether the CID extension should be negotiated in the next handshake, and, if yes, which CID the user wishes the peer to use. This information does not belong to mbedtls_ssl_handshake_params because (a) it is configured prior to the handshake, and (b) it applies to all subsequent handshakes. * mbedtls_ssl_handshake_params gets fields indicating the state of CID negotiation during the handshake. Specifically, it indicates if the use of the CID extension has been negotiated, and if so, which CID the peer wishes us to use for outgoing messages. --- include/mbedtls/ssl.h | 15 +++++++++++++++ include/mbedtls/ssl_internal.h | 12 ++++++++++++ 2 files changed, 27 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index dae455870..b76c40583 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1190,6 +1190,21 @@ struct mbedtls_ssl_context char own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!< previous handshake verify data */ #endif /* MBEDTLS_SSL_RENEGOTIATION */ + +#if defined(MBEDTLS_SSL_CID) + /* CID configuration to use in subsequent handshakes. */ + + /*! The next incoming CID, chosen by the user and applying to + * all subsequent handshakes. This may be different from the + * CID currently used in case the user has re-configured the CID + * after an initial handshake. */ + unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ]; + uint8_t own_cid_len; /*!< The length of \c own_cid. */ + uint8_t negotiate_cid; /*!< This indicates whether the CID extension should + * be negotiated in the next handshake or not. + * Possible values are #MBEDTLS_SSL_CID_ENABLED + * and #MBEDTLS_SSL_CID_DISABLED. */ +#endif /* MBEDTLS_SSL_CID */ }; #if defined(MBEDTLS_SSL_HW_RECORD_ACCEL) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index 17e5f6369..d4314c1a4 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -343,6 +343,18 @@ struct mbedtls_ssl_handshake_params unsigned char alt_out_ctr[8]; /*!< Alternative record epoch/counter for resending messages */ +#if defined(MBEDTLS_SSL_CID) + /* The state of CID configuration in this handshake. */ + + uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension + * has been negotited. Possible values are + * #MBEDTLS_SSL_CID_ENABLED and + * #MBEDTLS_SSL_CID_DISABLED. */ + unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */ + uint8_t peer_cid_len; /*!< The length of + * \c peer_cid. */ +#endif /* MBEDTLS_SSL_CID */ + struct { size_t total_bytes_buffered; /*!< Cumulative size of heap allocated From 0748986178adbdb65cd04cab4450841a77545cfc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 16:01:49 +0100 Subject: [PATCH 02/29] Allow configuring own CID fields through mbedtls_ssl_get_peer_cid() --- library/ssl_tls.c | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 62f6027d8..5294e96b4 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -112,18 +112,33 @@ static void ssl_update_in_pointers( mbedtls_ssl_context *ssl, #if defined(MBEDTLS_SSL_CID) /* Top-level Connection ID API */ -/* WARNING: This implementation is a stub and doesn't do anything! - * It is included solely to allow review and coding against - * the new Connection CID API. */ +/* WARNING: The CID feature isn't fully implemented yet + * and will not be used. */ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, int enable, unsigned char const *own_cid, size_t own_cid_len ) { - ((void) ssl); - ((void) enable); - ((void) own_cid); - ((void) own_cid_len); + ssl->negotiate_cid = enable; + if( enable == MBEDTLS_SSL_CID_DISABLED ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Disable use of CID extension." ) ); + return( 0 ); + } + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Enable use of CID extension." ) ); + + if( own_cid_len > MBEDTLS_SSL_CID_IN_LEN_MAX ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "CID too large: Maximum %u, actual %u", + (unsigned) MBEDTLS_SSL_CID_IN_LEN_MAX, + (unsigned) own_cid_len ) ); + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + } + + memcpy( ssl->own_cid, own_cid, own_cid_len ); + ssl->own_cid_len = own_cid_len; + + MBEDTLS_SSL_DEBUG_BUF( 3, "Own CID", own_cid, own_cid_len ); return( 0 ); } From 9dae9fd57b26e38dd0e200286b320c6d304eb72f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 16:05:45 +0100 Subject: [PATCH 03/29] Modify CID tests in ssl-opt.sh to grep for CID config debug msgs --- tests/ssl-opt.sh | 120 +++++++++++++++++++++++++++++------------------ 1 file changed, 75 insertions(+), 45 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index bd4f21d61..7d6b57b87 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1120,94 +1120,124 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \ requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client enabled, server disabled" \ - "$P_SRV dtls=1 cid=0" \ - "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=0" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ + 0 \ + -s "Disable use of CID extension." \ + -c "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ - "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ - "$P_CLI dtls=1 cid=0" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI debug_level=3 dtls=1 cid=0" \ + 0 \ + -c "Disable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ - "$P_SRV dtls=1 cid=1 cid_val=dead" \ - "$P_CLI dtls=1 cid=1 cid_val=beef" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ - "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ - "$P_CLI dtls=1 cid=1" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI debug_level=3 dtls=1 cid=1" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ - "$P_SRV dtls=1 cid=1" \ - "$P_CLI dtls=1 cid=1 cid_val=deadbeef" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ - "$P_SRV dtls=1 cid=1" \ - "$P_CLI dtls=1 cid=1" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ - "$P_SRV dtls=1 cid=1 cid_val=dead" \ - "$P_CLI dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ - "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ - "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ - "$P_SRV dtls=1 cid=1" \ - "$P_CLI dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ - "$P_SRV dtls=1 cid=1" \ - "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ - "$P_SRV dtls=1 cid=1 cid_val=dead" \ - "$P_CLI dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ - "$P_SRV dtls=1 cid=1 cid_val=deadbeef" \ - "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ + "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ - "$P_SRV dtls=1 cid=1" \ - "$P_CLI dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ - "$P_SRV dtls=1 cid=1" \ - "$P_CLI dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ - "$P_SRV dtls=1 cid=1 cid_val=dead renegotiation=1" \ - "$P_CLI dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ - 0 + "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \ + "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ + 0 \ + -c "Enable use of CID extension." \ + -s "Enable use of CID extension." # Tests for Encrypt-then-MAC extension From 4baec2c4bfe3646cac30a271c7f4746258664962 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 16:24:57 +0100 Subject: [PATCH 04/29] Add identifier for CID extension Note: The current draft https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04 does not yet specify the extension value, so we use a temporary value of 42. --- include/mbedtls/ssl.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index b76c40583..489ac3ee6 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -382,6 +382,10 @@ #define MBEDTLS_TLS_EXT_SESSION_TICKET 35 +/* The value of the CID extension is still TBD as of + * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04. */ +#define MBEDTLS_TLS_EXT_CID 42 /* TBD */ + #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ #define MBEDTLS_TLS_EXT_RENEGOTIATION_INFO 0xFF01 From 46629717c911b7ab45da7f1d3cd403389c511c56 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 16:47:57 +0100 Subject: [PATCH 05/29] Check static bounds of CID lengths in check_config.h --- include/mbedtls/check_config.h | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index bc94b770f..413713c49 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -600,6 +600,18 @@ #error "MBEDTLS_SSL_CID defined, but not all prerequisites" #endif +#if defined(MBEDTLS_SSL_CID) && \ + defined(MBEDTLS_SSL_CID_IN_LEN_MAX) && \ + MBEDTLS_SSL_CID_IN_LEN_MAX > 255 +#error "MBEDTLS_SSL_CID_IN_LEN_MAX too large (max 255)" +#endif + +#if defined(MBEDTLS_SSL_CID) && \ + defined(MBEDTLS_SSL_CID_OUT_LEN_MAX) && \ + MBEDTLS_SSL_CID_OUT_LEN_MAX > 255 +#error "MBEDTLS_SSL_CID_OUT_LEN_MAX too large (max 255)" +#endif + #if defined(MBEDTLS_SSL_DTLS_BADMAC_LIMIT) && \ ( !defined(MBEDTLS_SSL_TLS_C) || !defined(MBEDTLS_SSL_PROTO_DTLS) ) #error "MBEDTLS_SSL_DTLS_BADMAC_LIMIT defined, but not all prerequisites" From 39ec525e4fda19b70022993950fa8f1ff4404f94 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 16:55:15 +0100 Subject: [PATCH 06/29] Implement writing of CID extension in ClientHello --- library/ssl_cli.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index ad7378fbc..fc807becc 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -433,6 +433,54 @@ static void ssl_write_ecjpake_kkpp_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */ +#if defined(MBEDTLS_SSL_CID) +static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + size_t ext_len; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + /* + * Quoting + * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04: + * + * struct { + * opaque cid<0..2^8-1>; + * } ConnectionId; + */ + + *olen = 0; + if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) + { + return; + } + MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding CID extension" ) ); + + /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX + * which is at most 255, so the increment cannot overflow. */ + if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + /* Add extension ID + size */ + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + ext_len = (size_t) ssl->own_cid_len + 1; + *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + + *p++ = (uint8_t) ssl->own_cid_len; + memcpy( p, ssl->own_cid, ssl->own_cid_len ); + + *olen = ssl->own_cid_len + 5; +} +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) static void ssl_write_max_fragment_length_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -1034,6 +1082,11 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl ) ext_len += olen; #endif +#if defined(MBEDTLS_SSL_CID) + ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH) ssl_write_max_fragment_length_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; From 7345599a7bbe14b89d788f6d3635fea673651f04 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 17:01:43 +0100 Subject: [PATCH 07/29] Grep for dbg msg witnessing writing of CID extension in ClientHello --- tests/ssl-opt.sh | 43 +++++++++++++++++++++++++++++-------------- 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 7d6b57b87..9c885da10 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1124,7 +1124,8 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 0 \ -s "Disable use of CID extension." \ - -c "Enable use of CID extension." + -c "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ @@ -1132,6 +1133,7 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ "$P_CLI debug_level=3 dtls=1 cid=0" \ 0 \ -c "Disable use of CID extension." \ + -C "client hello, adding CID extension" \ -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID @@ -1140,7 +1142,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1148,7 +1151,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ "$P_CLI debug_level=3 dtls=1 cid=1" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1156,7 +1160,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1164,7 +1169,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt "$P_CLI debug_level=3 dtls=1 cid=1" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1172,7 +1178,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1180,7 +1187,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1188,7 +1196,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1196,7 +1205,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1204,7 +1214,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1212,7 +1223,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1220,7 +1232,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1228,7 +1241,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1237,7 +1251,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ 0 \ -c "Enable use of CID extension." \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -c "client hello, adding CID extension" # Tests for Encrypt-then-MAC extension From c403b264e83baefbcfd0fcf2b6d6e03fd1613994 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 13:56:39 +0100 Subject: [PATCH 08/29] Implement parsing of CID extension in ClientHello --- library/ssl_srv.c | 82 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 82 insertions(+) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 72d3c79bd..60f2538ee 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -433,6 +433,78 @@ static int ssl_parse_max_fragment_length_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(MBEDTLS_SSL_CID) +static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t peer_cid_len; + + /* CID extension only makes sense in DTLS */ + if( ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* + * Quoting + * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04: + * + * struct { + * opaque cid<0..2^8-1>; + * } ConnectionId; + */ + + if( len < 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + peer_cid_len = *buf++; + len--; + + if( len != peer_cid_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + /* Ignore CID if the user has disabled its use. */ + if( ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) + { + /* Leave ssl->handshake->cid_in_use in its default + * value of MBEDTLS_SSL_CID_DISABLED. */ + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Client sent CID extension, but CID disabled" ) ); + return( 0 ); + } + + if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad client hello message" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); + } + + ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; + memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Client CID", buf, peer_cid_len ); + + ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; + return( 0 ); +} +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_TRUNCATED_HMAC) static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -1783,6 +1855,16 @@ read_record_header: break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#if defined(MBEDTLS_SSL_CID) + case MBEDTLS_TLS_EXT_CID: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); + + ret = ssl_parse_cid_ext( ssl, ext + 4, ext_size ); + if( ret != 0 ) + return( ret ); + break; +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt then mac extension" ) ); From c008cb5f8cbbf2b0990f071197271c109b8433fb Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 14:17:56 +0100 Subject: [PATCH 09/29] Grep for dbg msg witnessing parsing of CID extension in ClientHello --- tests/ssl-opt.sh | 55 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 42 insertions(+), 13 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 9c885da10..e3db07f36 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1124,6 +1124,8 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 0 \ -s "Disable use of CID extension." \ + -s "found CID extension" \ + -s "Client sent CID extension, but CID disabled" \ -c "Enable use of CID extension." \ -c "client hello, adding CID extension" @@ -1134,6 +1136,7 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ 0 \ -c "Disable use of CID extension." \ -C "client hello, adding CID extension" \ + -S "found CID extension" \ -s "Enable use of CID extension." requires_config_enabled MBEDTLS_SSL_CID @@ -1143,7 +1146,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1152,7 +1157,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1161,7 +1168,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1170,7 +1179,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1179,7 +1190,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1188,7 +1201,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1197,7 +1212,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1206,7 +1223,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1215,7 +1234,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1224,7 +1245,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1233,7 +1256,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1242,7 +1267,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1252,7 +1279,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ 0 \ -c "Enable use of CID extension." \ -s "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -s "found CID extension" \ + -s "Use of CID extension negotiated" # Tests for Encrypt-then-MAC extension From 072d4eca2e3aad41cd690f38dd204753062c56f6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 15:46:55 +0100 Subject: [PATCH 10/29] Implement writing of CID extension in ServerHello --- library/ssl_srv.c | 53 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 60f2538ee..4b4752731 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2142,6 +2142,54 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, + unsigned char *buf, + size_t *olen ) +{ + unsigned char *p = buf; + size_t ext_len; + const unsigned char *end = ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN; + + *olen = 0; + + /* Skip writing the extension if we don't want to use it or if + * the client hasn't offered it. */ + if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_DISABLED ) + return; + + /* ssl->own_cid_len is at most MBEDTLS_SSL_CID_IN_LEN_MAX + * which is at most 255, so the increment cannot overflow. */ + if( end < p || (size_t)( end - p ) < (unsigned)( ssl->own_cid_len + 5 ) ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small" ) ); + return; + } + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "server hello, adding CID extension" ) ); + + /* + * Quoting + * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04: + * + * struct { + * opaque cid<0..2^8-1>; + * } ConnectionId; + */ + + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( MBEDTLS_TLS_EXT_CID ) & 0xFF ); + ext_len = (size_t) ssl->own_cid_len + 1; + *p++ = (unsigned char)( ( ext_len >> 8 ) & 0xFF ); + *p++ = (unsigned char)( ( ext_len ) & 0xFF ); + + *p++ = (uint8_t) ssl->own_cid_len; + memcpy( p, ssl->own_cid, ssl->own_cid_len ); + + *olen = ssl->own_cid_len + 5; +} +#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ + #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, unsigned char *buf, @@ -2663,6 +2711,11 @@ static int ssl_write_server_hello( mbedtls_ssl_context *ssl ) ext_len += olen; #endif +#if defined(MBEDTLS_SSL_CID) + ssl_write_cid_ext( ssl, p + 2 + ext_len, &olen ); + ext_len += olen; +#endif + #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) ssl_write_encrypt_then_mac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; From 4eb0587c0f3f34a3817f7af0bd7b3d6c4b731a83 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 16:00:29 +0100 Subject: [PATCH 11/29] Grep for dbg msg witnessing writing of CID extension in ServerHello --- tests/ssl-opt.sh | 45 ++++++++++++++++++++++++++++++--------------- 1 file changed, 30 insertions(+), 15 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index e3db07f36..af085491e 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1127,7 +1127,8 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ -s "found CID extension" \ -s "Client sent CID extension, but CID disabled" \ -c "Enable use of CID extension." \ - -c "client hello, adding CID extension" + -c "client hello, adding CID extension" \ + -S "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ @@ -1137,7 +1138,8 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ -c "Disable use of CID extension." \ -C "client hello, adding CID extension" \ -S "found CID extension" \ - -s "Enable use of CID extension." + -s "Enable use of CID extension." \ + -S "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ @@ -1148,7 +1150,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1159,7 +1162,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1170,7 +1174,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1181,7 +1186,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1192,7 +1198,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1203,7 +1210,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1214,7 +1222,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1225,7 +1234,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1236,7 +1246,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1247,7 +1258,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1258,7 +1270,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1269,7 +1282,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1281,7 +1295,8 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ -s "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -s "found CID extension" \ - -s "Use of CID extension negotiated" + -s "Use of CID extension negotiated" \ + -s "server hello, adding CID extension" # Tests for Encrypt-then-MAC extension From 1ba81f62a6565358de8aa5da0e0cfe4db7ee1a5b Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 15:37:26 +0100 Subject: [PATCH 12/29] Implement parsing of CID extension in ServerHello --- library/ssl_cli.c | 65 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index fc807becc..c95782c90 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1244,6 +1244,57 @@ static int ssl_parse_truncated_hmac_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#if defined(MBEDTLS_SSL_CID) +static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, + const unsigned char *buf, + size_t len ) +{ + size_t peer_cid_len; + + if( /* CID extension only makes sense in DTLS */ + ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || + /* The server must only send the CID extension if we have offered it. */ + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED || + /* CID extension must at least contain the length byte */ + len < 1 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching CID extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + peer_cid_len = *buf++; + len--; + + if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching CID extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( len != peer_cid_len ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching CID extension" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; + memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); + + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Server CID", buf, peer_cid_len ); + + ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; + + return( 0 ); +} +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) static int ssl_parse_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, const unsigned char *buf, @@ -1895,6 +1946,20 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl ) break; #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#if defined(MBEDTLS_SSL_CID) + case MBEDTLS_TLS_EXT_CID: + MBEDTLS_SSL_DEBUG_MSG( 3, ( "found CID extension" ) ); + + if( ( ret = ssl_parse_cid_ext( ssl, + ext + 4, + ext_size ) ) != 0 ) + { + return( ret ); + } + + break; +#endif /* MBEDTLS_SSL_CID */ + #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) case MBEDTLS_TLS_EXT_ENCRYPT_THEN_MAC: MBEDTLS_SSL_DEBUG_MSG( 3, ( "found encrypt_then_mac extension" ) ); From cf2a565e3ef1fe5c18c4cecd897d15fba6629017 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 16:13:31 +0100 Subject: [PATCH 13/29] Grep for dbg msg witnessing parsing of CID extension in ServerHello --- tests/ssl-opt.sh | 58 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 43 insertions(+), 15 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index af085491e..33c699119 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1128,7 +1128,8 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ -s "Client sent CID extension, but CID disabled" \ -c "Enable use of CID extension." \ -c "client hello, adding CID extension" \ - -S "server hello, adding CID extension" + -S "server hello, adding CID extension" \ + -C "found CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ @@ -1139,7 +1140,8 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ -C "client hello, adding CID extension" \ -S "found CID extension" \ -s "Enable use of CID extension." \ - -S "server hello, adding CID extension" + -S "server hello, adding CID extension" \ + -C "found CID extension" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ @@ -1151,7 +1153,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1163,7 +1167,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1175,7 +1181,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1187,7 +1195,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1199,7 +1209,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1211,7 +1223,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1223,7 +1237,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1235,7 +1251,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1247,7 +1265,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1259,7 +1279,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1271,7 +1293,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1283,7 +1307,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1296,7 +1322,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ -c "client hello, adding CID extension" \ -s "found CID extension" \ -s "Use of CID extension negotiated" \ - -s "server hello, adding CID extension" + -s "server hello, adding CID extension" \ + -c "found CID extension" \ + -c "Use of CID extension negotiated" # Tests for Encrypt-then-MAC extension From 4f0b15faeca2ea010e1b3408ff40a813b5c3a454 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Thu, 25 Apr 2019 15:54:02 +0100 Subject: [PATCH 14/29] Add fields holding in/out CIDs to SSL record transformation struct These will be copied from the CID fields in mbedtls_ssl_handshake_params (outgoing CID) and mbedtls_ssl_context (incoming CID) when the transformation is set up at the end of the handshake. --- include/mbedtls/ssl_internal.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h index d4314c1a4..5f3e27b80 100644 --- a/include/mbedtls/ssl_internal.h +++ b/include/mbedtls/ssl_internal.h @@ -574,6 +574,13 @@ struct mbedtls_ssl_transform mbedtls_cipher_context_t cipher_ctx_dec; /*!< decryption context */ int minor_ver; +#if defined(MBEDTLS_SSL_CID) + uint8_t in_cid_len; + uint8_t out_cid_len; + unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; + unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; +#endif /* MBEDTLS_SSL_CID */ + /* * Session specific compression layer */ From dd0afca3f6ea4ad8db765baedfb4684cf69041f8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 16:22:27 +0100 Subject: [PATCH 15/29] Copy CIDs into SSL transform if use of CID has been negotiated --- library/ssl_tls.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5294e96b4..0d673edf2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -701,6 +701,25 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); } +#if defined(MBEDTLS_SSL_CID) + /* Copy own and peer's CID if the use of the CID + * extension has been negotiated. */ + if( ssl->handshake->cid_in_use == MBEDTLS_SSL_CID_ENABLED ) + { + MBEDTLS_SSL_DEBUG_MSG( 3, ( "Copy CIDs into SSL transform" ) ); + transform->in_cid_len = ssl->own_cid_len; + transform->out_cid_len = ssl->handshake->peer_cid_len; + memcpy( transform->in_cid, ssl->own_cid, ssl->own_cid_len ); + memcpy( transform->out_cid, ssl->handshake->peer_cid, + ssl->handshake->peer_cid_len ); + + MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid, + transform->out_cid_len ); + MBEDTLS_SSL_DEBUG_BUF( 3, "Ingoing CID", transform->in_cid, + transform->in_cid_len ); + } +#endif /* MBEDTLS_SSL_CID */ + /* * Set appropriate PRF function and other SSL / TLS / TLS1.2 functions */ From 5e2cd1422e03858887ec741a19b1e85de734e53d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 16:23:52 +0100 Subject: [PATCH 16/29] Grep for dbg msg witnessing copying of CIDs to SSL transform --- tests/ssl-opt.sh | 60 ++++++++++++++++++++++++++++++++++++------------ 1 file changed, 45 insertions(+), 15 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index 33c699119..c19f7463b 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1129,7 +1129,9 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ -c "Enable use of CID extension." \ -c "client hello, adding CID extension" \ -S "server hello, adding CID extension" \ - -C "found CID extension" + -C "found CID extension" \ + -S "Copy CIDs into SSL transform" \ + -C "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ @@ -1141,7 +1143,9 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ -S "found CID extension" \ -s "Enable use of CID extension." \ -S "server hello, adding CID extension" \ - -C "found CID extension" + -C "found CID extension" \ + -S "Copy CIDs into SSL transform" \ + -C "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ @@ -1155,7 +1159,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1169,7 +1175,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1183,7 +1191,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1197,7 +1207,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1211,7 +1223,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1225,7 +1239,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1239,7 +1255,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1253,7 +1271,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1267,7 +1287,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1281,7 +1303,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1295,7 +1319,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1309,7 +1335,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1324,7 +1352,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ -s "Use of CID extension negotiated" \ -s "server hello, adding CID extension" \ -c "found CID extension" \ - -c "Use of CID extension negotiated" + -c "Use of CID extension negotiated" \ + -s "Copy CIDs into SSL transform" \ + -c "Copy CIDs into SSL transform" # Tests for Encrypt-then-MAC extension From 2de89fae8f97edf41585134b93827c2282eeb0f5 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 17:08:02 +0100 Subject: [PATCH 17/29] Implement mbedtls_ssl_get_peer_cid() --- library/ssl_tls.c | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0d673edf2..fe985e8e3 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -142,19 +142,35 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, return( 0 ); } -/* WARNING: This implementation is a stub and doesn't do anything! - * It is included solely to allow review and coding against - * the new Connection CID API. */ +/* WARNING: The CID feature isn't fully implemented yet + * and will not be used. */ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, int *enabled, unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ], size_t *peer_cid_len ) { - ((void) ssl); - ((void) peer_cid); - ((void) peer_cid_len); - *enabled = MBEDTLS_SSL_CID_DISABLED; + + if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) + return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); + + /* What shall we report if we have exchanged if both client + * and server have used the CID extension, but negotiated + * empty CIDs? This is indistinguishable from not using the + * CID extension in the first place, and we're reporting + * MBEDTLS_SSL_CID_DISABLED in this case. */ + if( ssl->transform_in->in_cid_len == 0 && + ssl->transform_in->out_cid_len == 0 ) + { + return( 0 ); + } + + *peer_cid_len = ssl->transform_in->out_cid_len; + memcpy( peer_cid, ssl->transform_in->out_cid, + ssl->transform_in->out_cid_len ); + + *enabled = MBEDTLS_SSL_CID_ENABLED; + return( 0 ); } #endif /* MBEDTLS_SSL_CID */ From 0c8281aae52e1c5e285796e404441bbe5862efc2 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 17:19:15 +0100 Subject: [PATCH 18/29] Change formating of CID debug output in ssl_client2/ssl_server2 --- programs/ssl/ssl_client2.c | 2 +- programs/ssl/ssl_server2.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index db99ef6b4..119ed02c7 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -1787,7 +1787,7 @@ int main( int argc, char *argv[] ) (unsigned) peer_cid_len ); while( idx < peer_cid_len ) { - mbedtls_printf( "%#02x ", peer_cid[ idx ] ); + mbedtls_printf( "%02x ", peer_cid[ idx ] ); idx++; } mbedtls_printf( "\n" ); diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index dff899f20..ca9d0357e 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2882,7 +2882,7 @@ handshake: (unsigned) peer_cid_len ); while( idx < peer_cid_len ) { - mbedtls_printf( "%#02x ", peer_cid[ idx ] ); + mbedtls_printf( "%02x ", peer_cid[ idx ] ); idx++; } mbedtls_printf( "\n" ); From 6a3ff286a517e2dbcd7ad71b90033cedce87545a Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 26 Apr 2019 17:19:46 +0100 Subject: [PATCH 19/29] Grep for dbug msgs witnessing use of CID in ssl_client2/ssl_server2 --- tests/ssl-opt.sh | 78 ++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 63 insertions(+), 15 deletions(-) diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh index c19f7463b..60879b566 100755 --- a/tests/ssl-opt.sh +++ b/tests/ssl-opt.sh @@ -1131,7 +1131,8 @@ run_test "(STUB) Connection ID: Client enabled, server disabled" \ -S "server hello, adding CID extension" \ -C "found CID extension" \ -S "Copy CIDs into SSL transform" \ - -C "Copy CIDs into SSL transform" + -C "Copy CIDs into SSL transform" \ + -c "Use of Connection ID was rejected by the server" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client disabled, server enabled" \ @@ -1145,7 +1146,8 @@ run_test "(STUB) Connection ID: Client disabled, server enabled" \ -S "server hello, adding CID extension" \ -C "found CID extension" \ -S "Copy CIDs into SSL transform" \ - -C "Copy CIDs into SSL transform" + -C "Copy CIDs into SSL transform" \ + -s "Use of Connection ID was not offered by the client" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty" \ @@ -1161,7 +1163,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ @@ -1177,7 +1183,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty" \ -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 4 Bytes): de ad be ef" \ + -s "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ @@ -1193,7 +1203,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty" \ -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -s "Peer CID (length 4 Bytes): de ad be ef" \ + -c "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty" \ @@ -1209,7 +1223,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -S "Use of Connection ID has been negotiated" \ + -C "Use of Connection ID has been negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CCM-8" \ @@ -1225,7 +1241,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CCM-8" \ @@ -1241,7 +1261,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 4 Bytes): de ad be ef" \ + -s "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CCM-8" \ @@ -1257,7 +1281,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -s "Peer CID (length 4 Bytes): de ad be ef" \ + -c "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CCM-8" \ @@ -1273,7 +1301,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -S "Use of Connection ID has been negotiated" \ + -C "Use of Connection ID has been negotiated" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID nonempty, AES-128-CBC" \ @@ -1289,7 +1319,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID none -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES-128-CBC" \ @@ -1305,7 +1339,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 4 Bytes): de ad be ef" \ + -s "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES-128-CBC" \ @@ -1321,7 +1359,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, Server CID empty, AES- -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -s "Peer CID (length 4 Bytes): de ad be ef" \ + -c "Peer CID (length 0 Bytes):" requires_config_enabled MBEDTLS_SSL_CID run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empty, AES-128-CBC" \ @@ -1337,7 +1379,9 @@ run_test "(STUB) Connection ID: Client+Server enabled, Client+Server CID empt -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -S "Use of Connection ID has been negotiated" \ + -C "Use of Connection ID has been negotiated" requires_config_enabled MBEDTLS_SSL_CID requires_config_enabled MBEDTLS_SSL_RENEGOTIATION @@ -1354,7 +1398,11 @@ run_test "(STUB) Connection ID: Client+Server enabled, renegotiate" \ -c "found CID extension" \ -c "Use of CID extension negotiated" \ -s "Copy CIDs into SSL transform" \ - -c "Copy CIDs into SSL transform" + -c "Copy CIDs into SSL transform" \ + -s "Use of Connection ID has been negotiated" \ + -c "Use of Connection ID has been negotiated" \ + -c "Peer CID (length 2 Bytes): de ad" \ + -s "Peer CID (length 2 Bytes): be ef" # Tests for Encrypt-then-MAC extension From b4a5606e2d607062fc5acd6d91c694f3de6cab5f Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 30 Apr 2019 14:07:31 +0100 Subject: [PATCH 20/29] Make integer truncation explicit in mbedtls_ssl_set_cid() --- library/ssl_tls.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/library/ssl_tls.c b/library/ssl_tls.c index fe985e8e3..d0cab160b 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -136,7 +136,9 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, } memcpy( ssl->own_cid, own_cid, own_cid_len ); - ssl->own_cid_len = own_cid_len; + /* Truncation is not an issue here because + * MBEDTLS_SSL_CID_IN_LEN_MAX at most 255. */ + ssl->own_cid_len = (uint8_t) own_cid_len; MBEDTLS_SSL_DEBUG_BUF( 3, "Own CID", own_cid, own_cid_len ); return( 0 ); From 31f1668d3c5e581d784ab67d838f98493dc3a733 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 30 Apr 2019 14:17:40 +0100 Subject: [PATCH 21/29] Correct compile-time guard around CID extension writing func on srv --- library/ssl_srv.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index 4b4752731..d14f6dcfe 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -2142,7 +2142,7 @@ static void ssl_write_truncated_hmac_ext( mbedtls_ssl_context *ssl, } #endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ -#if defined(MBEDTLS_SSL_TRUNCATED_HMAC) +#if defined(MBEDTLS_SSL_CID) static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, unsigned char *buf, size_t *olen ) @@ -2188,7 +2188,7 @@ static void ssl_write_cid_ext( mbedtls_ssl_context *ssl, *olen = ssl->own_cid_len + 5; } -#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */ +#endif /* MBEDTLS_SSL_CID */ #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) static void ssl_write_encrypt_then_mac_ext( mbedtls_ssl_context *ssl, From 2e0bedcc35ba67d481272676a19cf43d58f07bd3 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 30 Apr 2019 14:18:06 +0100 Subject: [PATCH 22/29] Correct compile-time guard around unhexify() in ssl_server2 --- programs/ssl/ssl_server2.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index ca9d0357e..4a1c0474f 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -759,7 +759,8 @@ int sni_callback( void *p_info, mbedtls_ssl_context *ssl, #endif /* SNI_OPTION */ -#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) || \ + defined(MBEDTLS_SSL_CID) #define HEX2NUM( c ) \ if( c >= '0' && c <= '9' ) \ @@ -799,6 +800,10 @@ int unhexify( unsigned char *output, const char *input, size_t *olen ) return( 0 ); } +#endif + +#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) + typedef struct _psk_entry psk_entry; struct _psk_entry From 4ce06047e145206fb2eb191005d0287698914fe8 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 30 Apr 2019 14:18:25 +0100 Subject: [PATCH 23/29] Enable use of CID in baremetal configuration and test script --- configs/baremetal.h | 1 + scripts/baremetal.sh | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/configs/baremetal.h b/configs/baremetal.h index 11cb579d7..3d3225e22 100644 --- a/configs/baremetal.h +++ b/configs/baremetal.h @@ -80,6 +80,7 @@ #define MBEDTLS_SSL_DTLS_ANTI_REPLAY #define MBEDTLS_SSL_DTLS_HELLO_VERIFY #define MBEDTLS_SSL_DTLS_BADMAC_LIMIT +#define MBEDTLS_SSL_CID /* X.509 CRT parsing */ #define MBEDTLS_X509_USE_C diff --git a/scripts/baremetal.sh b/scripts/baremetal.sh index 9ab40aacd..86fac5687 100755 --- a/scripts/baremetal.sh +++ b/scripts/baremetal.sh @@ -177,9 +177,9 @@ baremetal_ram_build() { baremetal_ram_heap() { : ${CLI:=./programs/ssl/ssl_client2} - : ${CLI_PARAMS:="dtls=1"} + : ${CLI_PARAMS:="dtls=1 cid=1 cid_val=beef"} : ${SRV:=./programs/ssl/ssl_server2} - : ${SRV_PARAMS:="dtls=1 renegotiation=1 auth_mode=required"} + : ${SRV_PARAMS:="dtls=1 renegotiation=1 auth_mode=required cid=1 cid_val=dead"} : ${VALGRIND:=valgrind} : ${VALGRIND_MASSIF_PARAMS="--time-unit=B --threshold=0.01 --detailed-freq=1"} From fc7ff9289f30a7bc82d5e6c62e3aef671a41b673 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:42:13 +0100 Subject: [PATCH 24/29] Use unused extension ID as tentative ID for CID extension --- include/mbedtls/ssl.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 489ac3ee6..9db84ec02 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -384,7 +384,7 @@ /* The value of the CID extension is still TBD as of * https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-04. */ -#define MBEDTLS_TLS_EXT_CID 42 /* TBD */ +#define MBEDTLS_TLS_EXT_CID 254 /* TBD */ #define MBEDTLS_TLS_EXT_ECJPAKE_KKPP 256 /* experimental */ From 19976b53454f9151866e3557a02db8fe71e3806d Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:43:44 +0100 Subject: [PATCH 25/29] Improve structure of ssl_parse_cid_ext() Group configuring CID values together. --- library/ssl_srv.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/ssl_srv.c b/library/ssl_srv.c index d14f6dcfe..c386b7db9 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -494,13 +494,13 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO ); } + ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "Client CID", buf, peer_cid_len ); - ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; return( 0 ); } #endif /* MBEDTLS_SSL_CID */ From 8f68f8738276359e6fcb6a121b2f5ba8dc0e57cf Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:46:59 +0100 Subject: [PATCH 26/29] Improve debugging output of client-side CID extension parsing --- library/ssl_cli.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index c95782c90..193d4415a 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1254,13 +1254,19 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, if( /* CID extension only makes sense in DTLS */ ssl->conf->transport != MBEDTLS_SSL_TRANSPORT_DATAGRAM || /* The server must only send the CID extension if we have offered it. */ - ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED || - /* CID extension must at least contain the length byte */ - len < 1 ) + ssl->negotiate_cid == MBEDTLS_SSL_CID_DISABLED ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension unexpected" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); + } + + if( len == 0 ) + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); + mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } @@ -1269,17 +1275,17 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, if( peer_cid_len > MBEDTLS_SSL_CID_OUT_LEN_MAX ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); + MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } if( len != peer_cid_len ) { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "non-matching CID extension" ) ); + MBEDTLS_SSL_DEBUG_MSG( 1, ( "CID extension invalid" ) ); mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, - MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); + MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER ); return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } From f885d3bba2ffa75097b43e1da8eba699c74314e0 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:47:49 +0100 Subject: [PATCH 27/29] Improve structure of client-side CID extension parsing Group configuring CID values together. --- library/ssl_cli.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 193d4415a..3bed557e1 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -1289,14 +1289,13 @@ static int ssl_parse_cid_ext( mbedtls_ssl_context *ssl, return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO ); } + ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; ssl->handshake->peer_cid_len = (uint8_t) peer_cid_len; memcpy( ssl->handshake->peer_cid, buf, peer_cid_len ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "Use of CID extension negotiated" ) ); MBEDTLS_SSL_DEBUG_BUF( 3, "Server CID", buf, peer_cid_len ); - ssl->handshake->cid_in_use = MBEDTLS_SSL_CID_ENABLED; - return( 0 ); } #endif /* MBEDTLS_SSL_CID */ From cb063f5a5bebc9fe5e15f3d0ed51974209966cdc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:54:52 +0100 Subject: [PATCH 28/29] Document behaviour of mbedtls_ssl_get_peer_cid() for empty CIDs --- include/mbedtls/ssl.h | 7 +++++++ library/ssl_tls.c | 9 ++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 9db84ec02..a01f8a7fd 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -1548,6 +1548,13 @@ int mbedtls_ssl_set_cid( mbedtls_ssl_context *ssl, * progress, this function will attempt to complete * the handshake first. * + * \note If CID extensions have been exchanged but both client + * and server chose to use an empty CID, this function + * sets `*enabled` to #MBEDTLS_SSL_CID_DISABLED + * (the rationale for this is that the resulting + * communication is the same as if the CID extensions + * hadn't been used). + * * \return \c 0 on success. * \return A negative error code on failure. */ diff --git a/library/ssl_tls.c b/library/ssl_tls.c index d0cab160b..a64a86415 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -156,11 +156,10 @@ int mbedtls_ssl_get_peer_cid( mbedtls_ssl_context *ssl, if( ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); - /* What shall we report if we have exchanged if both client - * and server have used the CID extension, but negotiated - * empty CIDs? This is indistinguishable from not using the - * CID extension in the first place, and we're reporting - * MBEDTLS_SSL_CID_DISABLED in this case. */ + /* We report MBEDTLS_SSL_CID_DISABLED in case the CID extensions + * were used, but client and server requested the empty CID. + * This is indistinguishable from not using the CID extension + * in the first place. */ if( ssl->transform_in->in_cid_len == 0 && ssl->transform_in->out_cid_len == 0 ) { From 8013b27481d7f551a8fceed31371ccb064faa266 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Fri, 3 May 2019 12:55:51 +0100 Subject: [PATCH 29/29] Replace 'ingoing' -> 'incoming' in CID debug messages --- include/mbedtls/ssl.h | 2 +- library/ssl_tls.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index a01f8a7fd..c42e79cc4 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -2867,7 +2867,7 @@ void mbedtls_ssl_conf_renegotiation_enforced( mbedtls_ssl_config *conf, int max_ * (Default: 2^48 - 1) * * Renegotiation is automatically triggered when a record - * counter (outgoing or ingoing) crosses the defined + * counter (outgoing or incoming) crosses the defined * threshold. The default value is meant to prevent the * connection from being closed when the counter is about to * reached its maximal value (it is not allowed to wrap). diff --git a/library/ssl_tls.c b/library/ssl_tls.c index a64a86415..391ed9af2 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -732,7 +732,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl ) MBEDTLS_SSL_DEBUG_BUF( 3, "Outgoing CID", transform->out_cid, transform->out_cid_len ); - MBEDTLS_SSL_DEBUG_BUF( 3, "Ingoing CID", transform->in_cid, + MBEDTLS_SSL_DEBUG_BUF( 3, "Incoming CID", transform->in_cid, transform->in_cid_len ); } #endif /* MBEDTLS_SSL_CID */