cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-02 10:00:47 -04:00
Code Issues Packages Projects Releases Wiki Activity

Wrap lines which exceed 80 chars in ssl_tls13_generic.c

Browse Source 
Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>
This commit is contained in:
Xiaokang Qian 2023-03-29 08:24:12 +00:00
parent 123cde824c
commit 7343738695
1 changed files with 69 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

134
library/ssl_tls13_generic.c
View File

@ -247,15 +247,17 @@ static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl,
/* RFC 8446 section 4.4.3 /* RFC 8446 section 4.4.3
* *
* If the CertificateVerify message is sent by a server, the signature algorithm * If the CertificateVerify message is sent by a server, the signature
* MUST be one offered in the client's "signature_algorithms" extension unless * algorithm MUST be one offered in the client's "signature_algorithms"
* no valid certificate chain can be produced without unsupported algorithms * extension unless no valid certificate chain can be produced without
* unsupported algorithms
* *
* RFC 8446 section 4.4.2.2 * RFC 8446 section 4.4.2.2
* *
* If the client cannot construct an acceptable chain using the provided * If the client cannot construct an acceptable chain using the provided
* certificates and decides to abort the handshake, then it MUST abort the handshake * certificates and decides to abort the handshake, then it MUST abort the
* with an appropriate certificate-related alert (by default, "unsupported_certificate"). * handshake with an appropriate certificate-related alert
* (by default, "unsupported_certificate").
* *
* Check if algorithm is an offered signature algorithm. * Check if algorithm is an offered signature algorithm.
*/ */
@ -350,17 +352,18 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify")); MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify"));
MBEDTLS_SSL_PROC_CHK( MBEDTLS_SSL_PROC_CHK(
mbedtls_ssl_tls13_fetch_handshake_msg(ssl, mbedtls_ssl_tls13_fetch_handshake_msg(
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len)); ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len));
/* Need to calculate the hash of the transcript first /* Need to calculate the hash of the transcript first
* before reading the message since otherwise it gets * before reading the message since otherwise it gets
* included in the transcript * included in the transcript
*/ */
ret = mbedtls_ssl_get_handshake_transcript(ssl, ret = mbedtls_ssl_get_handshake_transcript(
ssl->handshake->ciphersuite_info->mac, ssl,
transcript, sizeof(transcript), ssl->handshake->ciphersuite_info->mac,
&transcript_len); transcript, sizeof(transcript),
&transcript_len);
if (ret != 0) { if (ret != 0) {
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR,
@ -380,13 +383,13 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_IS_CLIENT); MBEDTLS_SSL_IS_CLIENT);
/* Process the message contents */ /* Process the message contents */
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_verify(ssl, buf, MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_verify(
buf + buf_len, verify_buffer, ssl, buf, buf + buf_len,
verify_buffer_len)); verify_buffer, verify_buffer_len));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
buf, buf_len)); buf, buf_len));
cleanup: cleanup:
@ -600,7 +603,8 @@ exit:
return MBEDTLS_ERR_SSL_DECODE_ERROR; return MBEDTLS_ERR_SSL_DECODE_ERROR;
} }
MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", ssl->session_negotiate->peer_cert); MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate",
ssl->session_negotiate->peer_cert);
return ret; return ret;
} }
@ -666,8 +670,9 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL) { if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL) {
return 0; return 0;
} else { } else {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_NO_CERT, MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE); MBEDTLS_SSL_ALERT_MSG_NO_CERT,
MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE);
return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE; return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
} }
} }
@ -754,7 +759,8 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
Pick one and send the corresponding alert. Which alert to send Pick one and send the corresponding alert. Which alert to send
may be a subject of debate in some cases. */ may be a subject of debate in some cases. */
if (verify_result & MBEDTLS_X509_BADCERT_OTHER) { if (verify_result & MBEDTLS_X509_BADCERT_OTHER) {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED, ret);
} else if (verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) { } else if (verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_BAD_CERT, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_BAD_CERT, ret);
} else if (verify_result & (MBEDTLS_X509_BADCERT_KEY_USAGE | } else if (verify_result & (MBEDTLS_X509_BADCERT_KEY_USAGE |
@ -762,15 +768,19 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
MBEDTLS_X509_BADCERT_NS_CERT_TYPE | MBEDTLS_X509_BADCERT_NS_CERT_TYPE |
MBEDTLS_X509_BADCERT_BAD_PK | MBEDTLS_X509_BADCERT_BAD_PK |
MBEDTLS_X509_BADCERT_BAD_KEY)) { MBEDTLS_X509_BADCERT_BAD_KEY)) {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT, ret);
} else if (verify_result & MBEDTLS_X509_BADCERT_EXPIRED) { } else if (verify_result & MBEDTLS_X509_BADCERT_EXPIRED) {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED, ret);
} else if (verify_result & MBEDTLS_X509_BADCERT_REVOKED) { } else if (verify_result & MBEDTLS_X509_BADCERT_REVOKED) {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED, ret);
} else if (verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) { } else if (verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA, ret);
} else { } else {
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN, ret); MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN, ret);
} }
} }
@ -815,9 +825,8 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl)
/* Validate the certificate chain and set the verification results. */ /* Validate the certificate chain and set the verification results. */
MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
MBEDTLS_SSL_HS_CERTIFICATE, buf, ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len));
buf_len));
cleanup: cleanup:
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */ #endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
@ -923,18 +932,16 @@ int mbedtls_ssl_tls13_write_certificate(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate")); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate"));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
MBEDTLS_SSL_HS_CERTIFICATE, &buf, ssl, MBEDTLS_SSL_HS_CERTIFICATE, &buf, &buf_len));
&buf_len));
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_body(ssl, MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_body(ssl,
buf, buf,
buf + buf_len, buf + buf_len,
&msg_len)); &msg_len));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
MBEDTLS_SSL_HS_CERTIFICATE, buf, ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, msg_len));
msg_len));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
ssl, buf_len, msg_len)); ssl, buf_len, msg_len));
@ -1017,11 +1024,9 @@ static int ssl_tls13_write_certificate_verify_body(mbedtls_ssl_context *ssl,
return MBEDTLS_ERR_SSL_INTERNAL_ERROR; return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
} }
ret = mbedtls_ssl_get_handshake_transcript(ssl, ret = mbedtls_ssl_get_handshake_transcript(
ssl->handshake->ciphersuite_info->mac, ssl, ssl->handshake->ciphersuite_info->mac,
handshake_hash, handshake_hash, sizeof(handshake_hash), &handshake_hash_len);
sizeof(handshake_hash),
&handshake_hash_len);
if (ret != 0) { if (ret != 0) {
return ret; return ret;
} }
@ -1128,16 +1133,16 @@ int mbedtls_ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify")); MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify"));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
&buf_len)); &buf, &buf_len));
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_verify_body( MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_verify_body(
ssl, buf, buf + buf_len, &msg_len)); ssl, buf, buf + buf_len, &msg_len));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, buf, ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
msg_len)); buf, msg_len));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg( MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
ssl, buf_len, msg_len)); ssl, buf_len, msg_len));
@ -1163,13 +1168,13 @@ static int ssl_tls13_preprocess_finished_message(mbedtls_ssl_context *ssl)
{ {
int ret; int ret;
ret = mbedtls_ssl_tls13_calculate_verify_data(ssl, ret = mbedtls_ssl_tls13_calculate_verify_data(
ssl->handshake->state_local.finished_in.digest, ssl,
sizeof(ssl->handshake->state_local.finished_in. ssl->handshake->state_local.finished_in.digest,
digest), sizeof(ssl->handshake->state_local.finished_in.digest),
&ssl->handshake->state_local.finished_in.digest_len, &ssl->handshake->state_local.finished_in.digest_len,
ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ? ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ?
MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT); MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT);
if (ret != 0) { if (ret != 0) {
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_calculate_verify_data", ret); MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_calculate_verify_data", ret);
return ret; return ret;
@ -1228,17 +1233,17 @@ int mbedtls_ssl_tls13_process_finished_message(mbedtls_ssl_context *ssl)
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished message")); MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished message"));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(
MBEDTLS_SSL_HS_FINISHED, ssl, MBEDTLS_SSL_HS_FINISHED, &buf, &buf_len));
&buf, &buf_len));
/* Preprocessing step: Compute handshake digest */ /* Preprocessing step: Compute handshake digest */
MBEDTLS_SSL_PROC_CHK(ssl_tls13_preprocess_finished_message(ssl)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_preprocess_finished_message(ssl));
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(ssl, buf, buf + buf_len)); MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(
ssl, buf, buf + buf_len));
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl, MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
MBEDTLS_SSL_HS_FINISHED, buf, buf_len)); ssl, MBEDTLS_SSL_HS_FINISHED, buf, buf_len));
cleanup: cleanup:
@ -1526,9 +1531,8 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation.")); MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation."));
/* Convert EC's TLS ID to PSA key type. */ /* Convert EC's TLS ID to PSA key type. */
if (mbedtls_ssl_get_psa_curve_info_from_tls_id(named_group, if (mbedtls_ssl_get_psa_curve_info_from_tls_id(
&ec_psa_family, named_group, &ec_psa_family, &ec_bits) == PSA_ERROR_NOT_SUPPORTED) {
&ec_bits) == PSA_ERROR_NOT_SUPPORTED) {
return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE; return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
} }
handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ec_psa_family); handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ec_psa_family);
@ -1638,7 +1642,8 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
uint16_t record_size_limit; uint16_t record_size_limit;
const size_t extension_data_len = end - buf; const size_t extension_data_len = end - buf;
if (extension_data_len != MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH) { if (extension_data_len !=
MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH) {
MBEDTLS_SSL_DEBUG_MSG(2, MBEDTLS_SSL_DEBUG_MSG(2,
("record_size_limit extension has invalid length: %" ("record_size_limit extension has invalid length: %"
MBEDTLS_PRINTF_SIZET " Bytes", MBEDTLS_PRINTF_SIZET " Bytes",
@ -1668,9 +1673,8 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER; return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
} }
MBEDTLS_SSL_DEBUG_MSG(2, MBEDTLS_SSL_DEBUG_MSG(
( 2, ("record_size_limit extension is still in development. Aborting handshake."));
"record_size_limit extension is still in development. Aborting handshake."));
MBEDTLS_SSL_PEND_FATAL_ALERT( MBEDTLS_SSL_PEND_FATAL_ALERT(
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,