cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-10-03 10:34:16 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5913 from yuhaoth/pr/add-tls13-new-session-ticket

Browse Source 
tls13:add  new session ticket message parser
Validated by the internal CI.
This commit is contained in:
Ronald Cron 2022-07-20 15:45:10 +02:00 committed by GitHub
commit 90ae438cfc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 395 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
include/mbedtls/check_config.h
View File

@ -843,6 +843,11 @@
#error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites" #error "MBEDTLS_SSL_TICKET_C defined, but not all prerequisites"
#endif #endif
#if defined(MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH) && \
MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH >= 256
#error "MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH must be less than 256"
#endif
#if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \ #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION) && \
!defined(MBEDTLS_X509_CRT_PARSE_C) !defined(MBEDTLS_X509_CRT_PARSE_C)
#error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites" #error "MBEDTLS_SSL_SERVER_NAME_INDICATION defined, but not all prerequisites"

9
include/mbedtls/mbedtls_config.h
View File

@ -1541,6 +1541,15 @@
*/ */
//#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE //#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
/**
* \def MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH
*
* Size in bytes of a ticket nonce. This is not used in TLS 1.2.
*
* This must be less than 256.
*/
#define MBEDTLS_SSL_TLS1_3_TICKET_NONCE_LENGTH 32
/** /**
* \def MBEDTLS_SSL_PROTO_DTLS * \def MBEDTLS_SSL_PROTO_DTLS
* *

22
include/mbedtls/ssl.h
View File

@ -98,6 +98,8 @@
/* Error space gap */ /* Error space gap */
/** Processing of the Certificate handshake message failed. */ /** Processing of the Certificate handshake message failed. */
#define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00 #define MBEDTLS_ERR_SSL_BAD_CERTIFICATE -0x7A00
/** Received NewSessionTicket Post Handshake Message */
#define MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET -0x7B00
/* Error space gap */ /* Error space gap */
/* Error space gap */ /* Error space gap */
/* Error space gap */ /* Error space gap */
@ -333,6 +335,13 @@
#define MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT 1 #define MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_CLIENT 1
#define MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER 0 #define MBEDTLS_SSL_SRV_CIPHERSUITE_ORDER_SERVER 0
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
#if defined(MBEDTLS_SHA384_C)
#define MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN 48
#elif defined(MBEDTLS_SHA256_C)
#define MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN 32
#endif /* MBEDTLS_SHA256_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
/* /*
* Default range for DTLS retransmission timer value, in milliseconds. * Default range for DTLS retransmission timer value, in milliseconds.
* RFC 6347 4.2.4.1 says from 1 second to 60 seconds. * RFC 6347 4.2.4.1 says from 1 second to 60 seconds.
@ -649,7 +658,7 @@ typedef enum
MBEDTLS_SSL_FLUSH_BUFFERS, MBEDTLS_SSL_FLUSH_BUFFERS,
MBEDTLS_SSL_HANDSHAKE_WRAPUP, MBEDTLS_SSL_HANDSHAKE_WRAPUP,
MBEDTLS_SSL_HANDSHAKE_OVER, MBEDTLS_SSL_HANDSHAKE_OVER,
MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET, MBEDTLS_SSL_NEW_SESSION_TICKET,
MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT, MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT,
MBEDTLS_SSL_HELLO_RETRY_REQUEST, MBEDTLS_SSL_HELLO_RETRY_REQUEST,
MBEDTLS_SSL_ENCRYPTED_EXTENSIONS, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS,
@ -1171,6 +1180,17 @@ struct mbedtls_ssl_session
uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< ticket lifetime hint */ uint32_t MBEDTLS_PRIVATE(ticket_lifetime); /*!< ticket lifetime hint */
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */ #endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3) && defined(MBEDTLS_SSL_SESSION_TICKETS)
uint32_t MBEDTLS_PRIVATE(ticket_age_add); /*!< Randomly generated value used to obscure the age of the ticket */
uint8_t MBEDTLS_PRIVATE(resumption_key_len); /*!< resumption_key length */
unsigned char MBEDTLS_PRIVATE(resumption_key)[MBEDTLS_SSL_TLS1_3_TICKET_RESUMPTION_KEY_LEN];
#if defined(MBEDTLS_HAVE_TIME) && defined(MBEDTLS_SSL_CLI_C)
mbedtls_time_t MBEDTLS_PRIVATE(ticket_received); /*!< time ticket was received */
#endif /* MBEDTLS_HAVE_TIME && MBEDTLS_SSL_CLI_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 && MBEDTLS_SSL_SESSION_TICKETS */
#if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC) #if defined(MBEDTLS_SSL_ENCRYPT_THEN_MAC)
int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */ int MBEDTLS_PRIVATE(encrypt_then_mac); /*!< flag for EtM activation */
#endif #endif

71
library/ssl_msg.c
View File

@ -5288,6 +5288,50 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
} }
#endif /* MBEDTLS_SSL_RENEGOTIATION */ #endif /* MBEDTLS_SSL_RENEGOTIATION */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_check_new_session_ticket( mbedtls_ssl_context *ssl )
{
if( ( ssl->in_hslen == mbedtls_ssl_hs_hdr_len( ssl ) ) ||
( ssl->in_msg[0] != MBEDTLS_SSL_HS_NEW_SESSION_TICKET ) )
{
return( 0 );
}
ssl->keep_current_message = 1;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "NewSessionTicket received" ) );
mbedtls_ssl_handshake_set_state( ssl,
MBEDTLS_SSL_NEW_SESSION_TICKET );
return( MBEDTLS_ERR_SSL_WANT_READ );
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "received post-handshake message" ) );
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
if( ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT )
{
int ret = ssl_tls13_check_new_session_ticket( ssl );
if( ret != 0 )
return( ret );
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
/* Fail in all other cases. */
return( MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
/* This function is called from mbedtls_ssl_read() when a handshake message is /* This function is called from mbedtls_ssl_read() when a handshake message is
* received after the initial handshake. In this context, handshake messages * received after the initial handshake. In this context, handshake messages
* may only be sent for the purpose of initiating renegotiations. * may only be sent for the purpose of initiating renegotiations.
@ -5298,7 +5342,7 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
* TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read(). * TLS 1.3 in the future without bloating the logic of mbedtls_ssl_read().
*/ */
MBEDTLS_CHECK_RETURN_CRITICAL MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl ) static int ssl_tls12_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
@ -5380,18 +5424,39 @@ static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) ); MBEDTLS_SSL_DEBUG_MSG( 3, ( "refusing renegotiation, sending alert" ) );
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ( ret = mbedtls_ssl_send_alert_message( ssl, if( ( ret = mbedtls_ssl_send_alert_message( ssl,
MBEDTLS_SSL_ALERT_LEVEL_WARNING, MBEDTLS_SSL_ALERT_LEVEL_WARNING,
MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 ) MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION ) ) != 0 )
{ {
return( ret ); return( ret );
} }
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
} }
return( 0 ); return( 0 );
} }
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_handle_hs_message_post_handshake( mbedtls_ssl_context *ssl )
{
/* Check protocol version and dispatch accordingly. */
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
if( ssl->tls_version == MBEDTLS_SSL_VERSION_TLS1_3 )
{
return( ssl_tls13_handle_hs_message_post_handshake( ssl ) );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
if( ssl->tls_version <= MBEDTLS_SSL_VERSION_TLS1_2 )
{
return( ssl_tls12_handle_hs_message_post_handshake( ssl ) );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
/* Should never happen */
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
/* /*
* Receive application data decrypted from the SSL layer * Receive application data decrypted from the SSL layer

4
library/ssl_tls12_client.c
View File

@ -3627,7 +3627,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC && if( ssl->state == MBEDTLS_SSL_SERVER_CHANGE_CIPHER_SPEC &&
ssl->handshake->new_session_ticket != 0 ) ssl->handshake->new_session_ticket != 0 )
{ {
ssl->state = MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET; ssl->state = MBEDTLS_SSL_NEW_SESSION_TICKET;
} }
#endif #endif
@ -3704,7 +3704,7 @@ int mbedtls_ssl_handshake_client_step( mbedtls_ssl_context *ssl )
* Finished * Finished
*/ */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) #if defined(MBEDTLS_SSL_SESSION_TICKETS)
case MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET: case MBEDTLS_SSL_NEW_SESSION_TICKET:
ret = ssl_parse_new_session_ticket( ssl ); ret = ssl_parse_new_session_ticket( ssl );
break; break;
#endif #endif

246
library/ssl_tls13_client.c
View File

@ -1876,6 +1876,243 @@ static int ssl_tls13_handshake_wrapup( mbedtls_ssl_context *ssl )
return( 0 ); return( 0 );
} }
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_parse_new_session_ticket_exts( mbedtls_ssl_context *ssl,
const unsigned char *buf,
const unsigned char *end )
{
const unsigned char *p = buf;
((void) ssl);
while( p < end )
{
unsigned int extension_type;
size_t extension_data_len;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 4 );
extension_type = MBEDTLS_GET_UINT16_BE( p, 0 );
extension_data_len = MBEDTLS_GET_UINT16_BE( p, 2 );
p += 4;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extension_data_len );
switch( extension_type )
{
case MBEDTLS_TLS_EXT_EARLY_DATA:
MBEDTLS_SSL_DEBUG_MSG( 4, ( "early_data extension received" ) );
break;
default:
break;
}
p += extension_data_len;
}
return( 0 );
}
/*
* From RFC8446, page 74
*
* struct {
* uint32 ticket_lifetime;
* uint32 ticket_age_add;
* opaque ticket_nonce<0..255>;
* opaque ticket<1..2^16-1>;
* Extension extensions<0..2^16-2>;
* } NewSessionTicket;
*
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_parse_new_session_ticket( mbedtls_ssl_context *ssl,
unsigned char *buf,
unsigned char *end,
unsigned char **ticket_nonce,
size_t *ticket_nonce_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *p = buf;
mbedtls_ssl_session *session = ssl->session;
size_t ticket_len;
unsigned char *ticket;
size_t extensions_len;
*ticket_nonce = NULL;
*ticket_nonce_len = 0;
/*
* ticket_lifetime 4 bytes
* ticket_age_add 4 bytes
* ticket_nonce_len 1 byte
*/
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 9 );
session->ticket_lifetime = MBEDTLS_GET_UINT32_BE( p, 0 );
MBEDTLS_SSL_DEBUG_MSG( 3,
( "ticket_lifetime: %u",
( unsigned int )session->ticket_lifetime ) );
session->ticket_age_add = MBEDTLS_GET_UINT32_BE( p, 4 );
MBEDTLS_SSL_DEBUG_MSG( 3,
( "ticket_age_add: %u",
( unsigned int )session->ticket_age_add ) );
*ticket_nonce_len = p[8];
p += 9;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, *ticket_nonce_len );
*ticket_nonce = p;
MBEDTLS_SSL_DEBUG_BUF( 3, "ticket_nonce:", *ticket_nonce, *ticket_nonce_len );
p += *ticket_nonce_len;
/* Ticket */
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
ticket_len = MBEDTLS_GET_UINT16_BE( p, 0 );
p += 2;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, ticket_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "received ticket", p, ticket_len ) ;
/* Check if we previously received a ticket already. */
if( session->ticket != NULL || session->ticket_len > 0 )
{
mbedtls_free( session->ticket );
session->ticket = NULL;
session->ticket_len = 0;
}
if( ( ticket = mbedtls_calloc( 1, ticket_len ) ) == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "ticket alloc failed" ) );
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
}
memcpy( ticket, p, ticket_len );
p += ticket_len;
session->ticket = ticket;
session->ticket_len = ticket_len;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, 2 );
extensions_len = MBEDTLS_GET_UINT16_BE( p, 0 );
p += 2;
MBEDTLS_SSL_CHK_BUF_READ_PTR( p, end, extensions_len );
MBEDTLS_SSL_DEBUG_BUF( 3, "ticket extension", p, extensions_len );
ret = ssl_tls13_parse_new_session_ticket_exts( ssl, p, p + extensions_len );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1,
"ssl_tls13_parse_new_session_ticket_exts",
ret );
return( ret );
}
return( 0 );
}
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_postprocess_new_session_ticket( mbedtls_ssl_context *ssl,
unsigned char *ticket_nonce,
size_t ticket_nonce_len )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
mbedtls_ssl_session *session = ssl->session;
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
psa_algorithm_t psa_hash_alg;
int hash_length;
#if defined(MBEDTLS_HAVE_TIME)
/* Store ticket creation time */
session->ticket_received = mbedtls_time( NULL );
#endif
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( session->ciphersuite );
if( ciphersuite_info == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) );
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
psa_hash_alg = mbedtls_psa_translate_md( ciphersuite_info->mac );
hash_length = PSA_HASH_LENGTH( psa_hash_alg );
if( hash_length == -1 ||
( size_t )hash_length > sizeof( session->resumption_key ) )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
MBEDTLS_SSL_DEBUG_BUF( 3, "resumption_master_secret",
session->app_secrets.resumption_master_secret,
hash_length );
/* Compute resumption key
*
* HKDF-Expand-Label( resumption_master_secret,
* "resumption", ticket_nonce, Hash.length )
*/
ret = mbedtls_ssl_tls13_hkdf_expand_label(
psa_hash_alg,
session->app_secrets.resumption_master_secret,
hash_length,
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN( resumption ),
ticket_nonce,
ticket_nonce_len,
session->resumption_key,
hash_length );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 2,
"Creating the ticket-resumed PSK failed",
ret );
return( ret );
}
session->resumption_key_len = hash_length;
MBEDTLS_SSL_DEBUG_BUF( 3, "Ticket-resumed PSK",
session->resumption_key,
session->resumption_key_len );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_NEW_SESSION_TICKET
*/
MBEDTLS_CHECK_RETURN_CRITICAL
static int ssl_tls13_process_new_session_ticket( mbedtls_ssl_context *ssl )
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
unsigned char *buf;
size_t buf_len;
unsigned char *ticket_nonce;
size_t ticket_nonce_len;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse new session ticket" ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_tls13_fetch_handshake_msg(
ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET,
&buf, &buf_len ) );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_parse_new_session_ticket(
ssl, buf, buf + buf_len,
&ticket_nonce, &ticket_nonce_len ) );
MBEDTLS_SSL_PROC_CHK( ssl_tls13_postprocess_new_session_ticket(
ssl, ticket_nonce, ticket_nonce_len ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_OVER );
cleanup:
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse new session ticket" ) );
return( ret );
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl ) int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
{ {
int ret = 0; int ret = 0;
@ -1956,6 +2193,15 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
break; break;
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */ #endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
case MBEDTLS_SSL_NEW_SESSION_TICKET:
ret = ssl_tls13_process_new_session_ticket( ssl );
if( ret != 0 )
break;
ret = MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET;
break;
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
default: default:
MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) ); MBEDTLS_SSL_DEBUG_MSG( 1, ( "invalid state %d", ssl->state ) );
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );

20
programs/ssl/ssl_client2.c
View File

@ -2645,8 +2645,6 @@ send_request:
/* /*
* 7. Read the HTTP response * 7. Read the HTTP response
*/ */
mbedtls_printf( " < Read from server:" );
fflush( stdout );
/* /*
* TLS and DTLS need different reading styles (stream vs datagram) * TLS and DTLS need different reading styles (stream vs datagram)
@ -2694,6 +2692,18 @@ send_request:
ret = 0; ret = 0;
goto reconnect; goto reconnect;
#if defined(MBEDTLS_SSL_PROTO_TLS1_3)
#if defined(MBEDTLS_SSL_SESSION_TICKETS)
case MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET:
/* We were waiting for application data but got
* a NewSessionTicket instead. */
mbedtls_printf( " got new session ticket.\n" );
continue;
#endif /* MBEDTLS_SSL_SESSION_TICKETS */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3 */
default: default:
mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n", mbedtls_printf( " mbedtls_ssl_read returned -0x%x\n",
(unsigned int) -ret ); (unsigned int) -ret );
@ -2703,8 +2713,8 @@ send_request:
len = ret; len = ret;
buf[len] = '\0'; buf[len] = '\0';
mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); mbedtls_printf( " < Read from server: %d bytes read\n\n%s", len, (char *) buf );
fflush( stdout );
/* End of message should be detected according to the syntax of the /* End of message should be detected according to the syntax of the
* application protocol (eg HTTP), just use a dummy test here. */ * application protocol (eg HTTP), just use a dummy test here. */
if( ret > 0 && buf[len-1] == '\n' ) if( ret > 0 && buf[len-1] == '\n' )
@ -2767,7 +2777,7 @@ send_request:
len = ret; len = ret;
buf[len] = '\0'; buf[len] = '\0';
mbedtls_printf( " %d bytes read\n\n%s", len, (char *) buf ); mbedtls_printf( " < Read from server: %d bytes read\n\n%s", len, (char *) buf );
ret = 0; ret = 0;
} }

28
tests/ssl-opt.sh
View File

@ -12599,6 +12599,34 @@ run_test "TLS 1.3: Check client no signature algorithm, m->m" \
1 \ 1 \
-c "select_sig_alg_for_certificate_verify:no suitable signature algorithm found" -c "select_sig_alg_for_certificate_verify:no suitable signature algorithm found"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
run_test "TLS 1.3: NewSessionTicket: Basic check, m->O" \
"$O_NEXT_SRV -msg -tls1_3 -no_resume_ephemeral -no_cache " \
"$P_CLI debug_level=4" \
0 \
-c "Protocol is TLSv1.3" \
-c "MBEDTLS_SSL_NEW_SESSION_TICKET" \
-c "got new session ticket." \
-c "HTTP/1.0 200 ok"
requires_gnutls_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
run_test "TLS 1.3: NewSessionTicket: Basic check, m->G" \
"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL --disable-client-cert" \
"$P_CLI debug_level=4" \
0 \
-c "Protocol is TLSv1.3" \
-c "MBEDTLS_SSL_NEW_SESSION_TICKET" \
-c "got new session ticket." \
-c "HTTP/1.0 200 OK"
# Test heap memory usage after handshake # Test heap memory usage after handshake
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_MEMORY_DEBUG requires_config_enabled MBEDTLS_MEMORY_DEBUG

2
tests/suites/test_suite_ssl.data
View File

@ -223,7 +223,7 @@ move_handshake_to_state:MBEDTLS_SSL_IS_CLIENT:MBEDTLS_SSL_SERVER_HELLO_VERIFY_RE
Negative test moving servers ssl to state: NEW_SESSION_TICKET Negative test moving servers ssl to state: NEW_SESSION_TICKET
depends_on:MBEDTLS_SSL_PROTO_TLS1_2 depends_on:MBEDTLS_SSL_PROTO_TLS1_2
move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_NEW_SESSION_TICKET:0 move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_NEW_SESSION_TICKET:0
TLS 1.3:Test moving clients handshake to state: ENCRYPTED_EXTENSIONS TLS 1.3:Test moving clients handshake to state: ENCRYPTED_EXTENSIONS
depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2 depends_on:MBEDTLS_SSL_PROTO_TLS1_3:!MBEDTLS_SSL_PROTO_TLS1_2