WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #3979 from dgarske/tls13_async 

Asynchronous support for TLS v1.3 TLSX ECC/DH key generation and key agreement
pull/4107/head^2
Sean Parkinson 2021-06-15 10:02:19 +10:00 committed by GitHub
parent 07784e9f56 5e6b8e50c8
commit 12c358bc30
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 1263 additions and 852 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
examples/client/client.c
View File

@ -273,8 +273,9 @@ static void ShowVersions(void)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
#define MAX_GROUP_NUMBER 4 #define MAX_GROUP_NUMBER 4
static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
int useX448) int useX448, int setGroups)
{ {
int ret;
int groups[MAX_GROUP_NUMBER] = {0}; int groups[MAX_GROUP_NUMBER] = {0};
int count = 0; int count = 0;
@ -283,49 +284,78 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
if (onlyKeyShare == 0 || onlyKeyShare == 2) { if (onlyKeyShare == 0 || onlyKeyShare == 2) {
#ifdef HAVE_CURVE25519
if (useX25519) { if (useX25519) {
groups[count++] = WOLFSSL_ECC_X25519; #ifdef HAVE_CURVE25519
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519) != WOLFSSL_SUCCESS) do {
err_sys("unable to use curve x25519"); ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519);
} if (ret == WOLFSSL_SUCCESS)
else groups[count++] = WOLFSSL_ECC_X25519;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use curve x25519");
} while (ret == WC_PENDING_E);
#endif #endif
}
else if (useX448) {
#ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448
if (useX448) { do {
groups[count++] = WOLFSSL_ECC_X448; ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448);
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448) != WOLFSSL_SUCCESS) if (ret == WOLFSSL_SUCCESS)
err_sys("unable to use curve x448"); groups[count++] = WOLFSSL_ECC_X448;
} #ifdef WOLFSSL_ASYNC_CRYPT
else else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use curve x448");
} while (ret == WC_PENDING_E);
#endif #endif
{ }
else {
#ifdef HAVE_ECC #ifdef HAVE_ECC
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES) #if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
groups[count++] = WOLFSSL_ECC_SECP256R1; do {
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1) ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1);
!= WOLFSSL_SUCCESS) { if (ret == WOLFSSL_SUCCESS)
err_sys("unable to use curve secp256r1"); groups[count++] = WOLFSSL_ECC_SECP256R1;
} #ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use curve secp256r1");
} while (ret == WC_PENDING_E);
#endif #endif
#endif #endif
} }
} }
if (onlyKeyShare == 0 || onlyKeyShare == 1) { if (onlyKeyShare == 0 || onlyKeyShare == 1) {
#ifdef HAVE_FFDHE_2048 #ifdef HAVE_FFDHE_2048
groups[count++] = WOLFSSL_FFDHE_2048; do {
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048) != WOLFSSL_SUCCESS) ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048);
err_sys("unable to use DH 2048-bit parameters"); if (ret == WOLFSSL_SUCCESS)
groups[count++] = WOLFSSL_FFDHE_2048;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use DH 2048-bit parameters");
} while (ret == WC_PENDING_E);
#endif #endif
} }
if (count >= MAX_GROUP_NUMBER) if (count >= MAX_GROUP_NUMBER)
err_sys("example group array size error"); err_sys("example group array size error");
if (wolfSSL_set_groups(ssl, groups, count) != WOLFSSL_SUCCESS) if (setGroups && count > 0) {
err_sys("unable to set groups"); if (wolfSSL_set_groups(ssl, groups, count) != WOLFSSL_SUCCESS)
err_sys("unable to set groups");
}
WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND); WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
} }
#endif #endif /* WOLFSSL_TLS13 && HAVE_SUPPORTED_CURVES */
#ifdef WOLFSSL_EARLY_DATA #ifdef WOLFSSL_EARLY_DATA
static void EarlyData(WOLFSSL_CTX* ctx, WOLFSSL* ssl, const char* msg, static void EarlyData(WOLFSSL_CTX* ctx, WOLFSSL* ssl, const char* msg,
@ -443,7 +473,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
else if (version >= 4) { else if (version >= 4) {
if (!helloRetry) if (!helloRetry)
SetKeyShare(ssl, onlyKeyShare, useX25519, useX448); SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, 1);
else else
wolfSSL_NoKeyShares(ssl); wolfSSL_NoKeyShares(ssl);
} }
@ -527,7 +557,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port,
/* Measures throughput in mbps. Throughput = number of bytes */ /* Measures throughput in mbps. Throughput = number of bytes */
static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519, int dtlsUDP, int dtlsSCTP, int block, size_t throughput, int useX25519,
int useX448, int exitWithRet) int useX448, int exitWithRet, int version, int onlyKeyShare)
{ {
double start, conn_time = 0, tx_time = 0, rx_time = 0; double start, conn_time = 0, tx_time = 0, rx_time = 0;
SOCKET_T sockfd; SOCKET_T sockfd;
@ -546,24 +576,13 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port,
(void)useX25519; (void)useX25519;
(void)useX448; (void)useX448;
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) (void)version;
#ifdef HAVE_CURVE25519 (void)onlyKeyShare;
if (useX25519) { #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519) if (version >= 4) {
!= WOLFSSL_SUCCESS) { SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, 1);
err_sys("unable to use curve x25519"); }
} #endif
}
#endif
#ifdef HAVE_CURVE448
if (useX448) {
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve x448");
}
}
#endif
#endif
do { do {
err = 0; /* reset error */ err = 0; /* reset error */
@ -2778,7 +2797,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (ret < 0) { if (ret < 0) {
printf("Async device open failed\nRunning without async\n"); printf("Async device open failed\nRunning without async\n");
} }
wolfSSL_CTX_UseAsync(ctx, devId); wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef HAVE_SNI #ifdef HAVE_SNI
@ -2885,7 +2904,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
((func_args*)args)->return_code = ((func_args*)args)->return_code =
ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP, ClientBenchmarkThroughput(ctx, host, port, dtlsUDP, dtlsSCTP,
block, throughput, useX25519, useX448, block, throughput, useX25519, useX448,
exitWithRet); exitWithRet, version, onlyKeyShare);
wolfSSL_CTX_free(ctx); ctx = NULL; wolfSSL_CTX_free(ctx); ctx = NULL;
if (!exitWithRet) if (!exitWithRet)
XEXIT_T(EXIT_SUCCESS); XEXIT_T(EXIT_SUCCESS);
@ -3002,43 +3021,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (!helloRetry && version >= 4) { if (!helloRetry && version >= 4) {
#if defined(WOLFSSL_TLS13) && (!defined(NO_DH) || defined(HAVE_ECC) || \ SetKeyShare(ssl, onlyKeyShare, useX25519, useX448, 0);
defined(HAVE_CURVE25519) || defined(HAVE_CURVE448))
if (onlyKeyShare == 0 || onlyKeyShare == 2) {
#ifdef HAVE_CURVE25519
if (useX25519) {
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve x25519");
}
}
#endif
#ifdef HAVE_CURVE448
if (useX448) {
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve x448");
}
}
#endif
#ifdef HAVE_ECC
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve secp256r1");
}
#endif
#endif
}
if (onlyKeyShare == 0 || onlyKeyShare == 1) {
#ifdef HAVE_FFDHE_2048
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use DH 2048-bit parameters");
}
#endif
}
#endif
} }
else { else {
wolfSSL_NoKeyShares(ssl); wolfSSL_NoKeyShares(ssl);
@ -3379,7 +3362,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (bio != NULL) { if (bio != NULL) {
if (wolfSSL_SESSION_print(bio, wolfSSL_get_session(ssl)) != if (wolfSSL_SESSION_print(bio, wolfSSL_get_session(ssl)) !=
WOLFSSL_SUCCESS) { WOLFSSL_SUCCESS) {
wolfSSL_BIO_printf(bio, "ERROR: Unable to print out session\n"); wolfSSL_BIO_printf(bio, "BIO error printing session\n");
} }
} }
wolfSSL_BIO_free(bio); wolfSSL_BIO_free(bio);

2
examples/echoclient/echoclient.c
View File

@ -219,7 +219,7 @@ void echoclient_test(void* args)
if (ret < 0) { if (ret < 0) {
printf("Async device open failed\nRunning without async\n"); printf("Async device open failed\nRunning without async\n");
} }
wolfSSL_CTX_UseAsync(ctx, devId); wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
ssl = SSL_new(ctx); ssl = SSL_new(ctx);

2
examples/echoserver/echoserver.c
View File

@ -293,7 +293,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
if (ret < 0) { if (ret < 0) {
printf("Async device open failed\nRunning without async\n"); printf("Async device open failed\nRunning without async\n");
} }
wolfSSL_CTX_UseAsync(ctx, devId); wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
SignalReady(args, port); SignalReady(args, port);

150
examples/server/server.c
View File

@ -708,6 +708,95 @@ static void ServerWrite(WOLFSSL* ssl, const char* output, int outputLen)
err_sys_ex(runWithErrors, "SSL_write failed"); err_sys_ex(runWithErrors, "SSL_write failed");
} }
} }
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
#define MAX_GROUP_NUMBER 4
static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519,
int useX448)
{
int ret;
int groups[MAX_GROUP_NUMBER] = {0};
int count = 0;
(void)useX25519;
(void)useX448;
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
if (onlyKeyShare == 2) {
if (useX25519) {
#ifdef HAVE_CURVE25519
do {
ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519);
if (ret == WOLFSSL_SUCCESS)
groups[count++] = WOLFSSL_ECC_X25519;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use curve x25519");
} while (ret == WC_PENDING_E);
#endif
}
else if (useX448) {
#ifdef HAVE_CURVE448
do {
ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448);
if (ret == WOLFSSL_SUCCESS)
groups[count++] = WOLFSSL_ECC_X448;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use curve x448");
} while (ret == WC_PENDING_E);
#endif
}
else {
#ifdef HAVE_ECC
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
do {
ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1);
if (ret == WOLFSSL_SUCCESS)
groups[count++] = WOLFSSL_ECC_SECP256R1;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use curve secp256r1");
} while (ret == WC_PENDING_E);
#endif
#endif
}
}
if (onlyKeyShare == 1) {
#ifdef HAVE_FFDHE_2048
do {
ret = wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048);
if (ret == WOLFSSL_SUCCESS)
groups[count++] = WOLFSSL_FFDHE_2048;
#ifdef WOLFSSL_ASYNC_CRYPT
else if (ret == WC_PENDING_E)
wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
#endif
else
err_sys("unable to use DH 2048-bit parameters");
} while (ret == WC_PENDING_E);
#endif
}
if (count >= MAX_GROUP_NUMBER)
err_sys("example group array size error");
if (count > 0) {
if (wolfSSL_set_groups(ssl, groups, count) != WOLFSSL_SUCCESS)
err_sys("unable to set groups");
}
WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_SEND);
}
#endif /* WOLFSSL_TLS13 && HAVE_SUPPORTED_CURVES */
/* when adding new option, please follow the steps below: */ /* when adding new option, please follow the steps below: */
/* 1. add new option message in English section */ /* 1. add new option message in English section */
/* 2. increase the number of the second column */ /* 2. increase the number of the second column */
@ -2367,7 +2456,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
if (ret < 0) { if (ret < 0) {
printf("Async device open failed\nRunning without async\n"); printf("Async device open failed\nRunning without async\n");
} }
wolfSSL_CTX_UseAsync(ctx, devId); wolfSSL_CTX_SetDevId(ctx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
@ -2627,64 +2716,7 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
if (version >= 4) { if (version >= 4) {
WOLFSSL_START(WC_FUNC_CLIENT_KEY_EXCHANGE_DO); SetKeyShare(ssl, onlyKeyShare, useX25519, useX448);
if (onlyKeyShare == 2) {
if (useX25519 == 1) {
#ifdef HAVE_CURVE25519
int groups[1] = { WOLFSSL_ECC_X25519 };
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve x25519");
}
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
err_sys("unable to set groups: x25519");
}
#endif
}
else if (useX448 == 1) {
#ifdef HAVE_CURVE448
int groups[1] = { WOLFSSL_ECC_X448 };
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X448)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve x448");
}
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
err_sys("unable to set groups: x448");
}
#endif
}
else {
#ifdef HAVE_ECC
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
int groups[1] = { WOLFSSL_ECC_SECP256R1 };
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_SECP256R1)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use curve secp256r1");
}
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
err_sys("unable to set groups: secp256r1");
}
#endif
#endif
}
}
else if (onlyKeyShare == 1) {
#ifdef HAVE_FFDHE_2048
int groups[1] = { WOLFSSL_FFDHE_2048 };
if (wolfSSL_UseKeyShare(ssl, WOLFSSL_FFDHE_2048)
!= WOLFSSL_SUCCESS) {
err_sys("unable to use DH 2048-bit parameters");
}
if (wolfSSL_set_groups(ssl, groups, 1) != WOLFSSL_SUCCESS) {
err_sys("unable to set groups: DH 2048-bit");
}
#endif
}
WOLFSSL_END(WC_FUNC_CLIENT_KEY_EXCHANGE_DO);
} }
#endif #endif

94
src/internal.c
View File

@ -4417,17 +4417,16 @@ int EccMakeKey(WOLFSSL* ssl, ecc_key* key, ecc_key* peer)
/* get key size */ /* get key size */
if (peer == NULL || peer->dp == NULL) { if (peer == NULL || peer->dp == NULL) {
keySz = ssl->eccTempKeySz; keySz = ssl->eccTempKeySz;
/* get curve type */
if (ssl->ecdhCurveOID > 0) {
ecc_curve = wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL);
}
} }
else { else {
keySz = peer->dp->size; keySz = peer->dp->size;
ecc_curve = peer->dp->id; ecc_curve = peer->dp->id;
} }
/* get curve type */
if (ssl->ecdhCurveOID > 0) {
ecc_curve = wc_ecc_get_oid(ssl->ecdhCurveOID, NULL, NULL);
}
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
if (ssl->ctx->EccKeyGenCb) { if (ssl->ctx->EccKeyGenCb) {
void* ctx = wolfSSL_GetEccKeyGenCtx(ssl); void* ctx = wolfSSL_GetEccKeyGenCtx(ssl);
@ -4765,6 +4764,8 @@ static int X25519MakeKey(WOLFSSL* ssl, curve25519_key* key,
} }
#endif /* HAVE_CURVE25519 */ #endif /* HAVE_CURVE25519 */
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef HAVE_ED448 #ifdef HAVE_ED448
/* Check whether the key contains a public key. /* Check whether the key contains a public key.
* If not then pull it out of the leaf certificate. * If not then pull it out of the leaf certificate.
@ -4933,6 +4934,8 @@ int Ed448Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg,
} }
#endif /* HAVE_ED448 */ #endif /* HAVE_ED448 */
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_CURVE448 #ifdef HAVE_CURVE448
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
/* Gets X448 key for shared secret callback testing /* Gets X448 key for shared secret callback testing
@ -5067,6 +5070,8 @@ static int X448MakeKey(WOLFSSL* ssl, curve448_key* key, curve448_key* peer)
} }
#endif /* HAVE_CURVE448 */ #endif /* HAVE_CURVE448 */
#endif /* !WOLFSSL_NO_TLS12 */
#if !defined(NO_CERTS) || !defined(NO_PSK) #if !defined(NO_CERTS) || !defined(NO_PSK)
#if !defined(NO_DH) #if !defined(NO_DH)
@ -5102,7 +5107,8 @@ int DhGenKeyPair(WOLFSSL* ssl, DhKey* dhKey,
int DhAgree(WOLFSSL* ssl, DhKey* dhKey, int DhAgree(WOLFSSL* ssl, DhKey* dhKey,
const byte* priv, word32 privSz, const byte* priv, word32 privSz,
const byte* otherPub, word32 otherPubSz, const byte* otherPub, word32 otherPubSz,
byte* agree, word32* agreeSz) byte* agree, word32* agreeSz,
const byte* prime, word32 primeSz)
{ {
int ret; int ret;
@ -5129,9 +5135,18 @@ int DhAgree(WOLFSSL* ssl, DhKey* dhKey,
#endif #endif
{ {
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST)
ret = wc_DhCheckPubValue(ssl->buffers.serverDH_P.buffer, /* check the public key has valid number */
ssl->buffers.serverDH_P.length, otherPub, otherPubSz); if (dhKey != NULL && (prime == NULL || primeSz == 0)) {
/* wc_DhCheckPubKey does not do exponentiation */
ret = wc_DhCheckPubKey(dhKey, otherPub, otherPubSz);
}
else {
ret = wc_DhCheckPubValue(prime, primeSz, otherPub, otherPubSz);
}
if (ret != 0) { if (ret != 0) {
/* translate to valid error (wc_DhCheckPubValue returns MP_VAL -1) */
ret = PEER_KEY_ERROR;
#ifdef OPENSSL_EXTRA #ifdef OPENSSL_EXTRA
SendAlert(ssl, alert_fatal, illegal_parameter); SendAlert(ssl, alert_fatal, illegal_parameter);
#endif #endif
@ -5153,13 +5168,14 @@ int DhAgree(WOLFSSL* ssl, DhKey* dhKey,
WOLFSSL_LEAVE("DhAgree", ret); WOLFSSL_LEAVE("DhAgree", ret);
(void)prime;
(void)primeSz;
return ret; return ret;
} }
#endif /* !NO_DH */ #endif /* !NO_DH */
#endif /* !NO_CERTS || !NO_PSK */ #endif /* !NO_CERTS || !NO_PSK */
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef HAVE_PK_CALLBACKS #ifdef HAVE_PK_CALLBACKS
int wolfSSL_IsPrivatePkSet(WOLFSSL* ssl) int wolfSSL_IsPrivatePkSet(WOLFSSL* ssl)
@ -8179,7 +8195,7 @@ static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset,
#endif /* NO_CERTS */ #endif /* NO_CERTS */
/** /**
* Send the handshake message. This funcion handles fragmenting the message * Send the handshake message. This function handles fragmenting the message
* so that it will fit into the desired MTU or the max fragment size. * so that it will fit into the desired MTU or the max fragment size.
* @param ssl Connection object * @param ssl Connection object
* @param input Input starting at the record layer header. This function * @param input Input starting at the record layer header. This function
@ -24643,7 +24659,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ssl->buffers.serverDH_Pub.buffer, ssl->buffers.serverDH_Pub.buffer,
ssl->buffers.serverDH_Pub.length, ssl->buffers.serverDH_Pub.length,
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz); &ssl->arrays->preMasterSz,
ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length);
break; break;
} }
#endif /* !NO_DH */ #endif /* !NO_DH */
@ -24661,7 +24679,9 @@ int SendClientKeyExchange(WOLFSSL* ssl)
ssl->buffers.serverDH_Pub.buffer, ssl->buffers.serverDH_Pub.buffer,
ssl->buffers.serverDH_Pub.length, ssl->buffers.serverDH_Pub.length,
ssl->arrays->preMasterSecret + OPAQUE16_LEN, ssl->arrays->preMasterSecret + OPAQUE16_LEN,
&ssl->arrays->preMasterSz); &ssl->arrays->preMasterSz,
ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length);
break; break;
} }
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */
@ -27649,7 +27669,10 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* !WOLFSSL_NO_TLS12 */ #endif /* !WOLFSSL_NO_TLS12 */
/* Make sure server cert/key are valid for this suite, true on success */ /* Make sure server cert/key are valid for this suite, true on success
* Returns 1 for valid server suite or 0 if not found
* For asynchronous this can return WC_PENDING_E
*/
static int VerifyServerSuite(WOLFSSL* ssl, word16 idx) static int VerifyServerSuite(WOLFSSL* ssl, word16 idx)
{ {
int haveRSA = !ssl->options.haveStaticECC; int haveRSA = !ssl->options.haveStaticECC;
@ -27772,13 +27795,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (IsAtLeastTLSv1_3(ssl->version) && if (IsAtLeastTLSv1_3(ssl->version) &&
ssl->options.side == WOLFSSL_SERVER_END) { ssl->options.side == WOLFSSL_SERVER_END) {
#ifdef HAVE_SUPPORTED_CURVES #ifdef HAVE_SUPPORTED_CURVES
int doHelloRetry = 0;
/* Try to establish a key share. */ /* Try to establish a key share. */
int ret = TLSX_KeyShare_Establish(ssl); int ret = TLSX_KeyShare_Establish(ssl, &doHelloRetry);
if (ret == KEY_SHARE_ERROR) if (doHelloRetry) {
ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE;
else if (ret != 0) }
return 0; #ifdef WOLFSSL_ASYNC_CRYPT
#endif if (ret == WC_PENDING_E)
return ret;
#endif
if (!doHelloRetry && ret != 0) {
return 0; /* not found */
}
#endif /* HAVE_SUPPORTED_CURVES */
} }
else if (first == TLS13_BYTE || (first == ECC_BYTE && else if (first == TLS13_BYTE || (first == ECC_BYTE &&
(second == TLS_SHA256_SHA256 || second == TLS_SHA384_SHA384))) { (second == TLS_SHA256_SHA256 || second == TLS_SHA384_SHA384))) {
@ -27786,7 +27816,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
* version. */ * version. */
return 0; return 0;
} }
#endif #endif /* WOLFSSL_TLS13 */
return 1; return 1;
} }
@ -27798,17 +27828,21 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ssl->suites->suites[i] == peerSuites->suites[j] && if (ssl->suites->suites[i] == peerSuites->suites[j] &&
ssl->suites->suites[i+1] == peerSuites->suites[j+1] ) { ssl->suites->suites[i+1] == peerSuites->suites[j+1] ) {
if (VerifyServerSuite(ssl, i)) { int ret = VerifyServerSuite(ssl, i);
int result; #ifdef WOLFSSL_ASYNC_CRYPT
if (ret == WC_PENDING_E)
return ret;
#endif
if (ret) {
WOLFSSL_MSG("Verified suite validity"); WOLFSSL_MSG("Verified suite validity");
ssl->options.cipherSuite0 = ssl->suites->suites[i]; ssl->options.cipherSuite0 = ssl->suites->suites[i];
ssl->options.cipherSuite = ssl->suites->suites[i+1]; ssl->options.cipherSuite = ssl->suites->suites[i+1];
result = SetCipherSpecs(ssl); ret = SetCipherSpecs(ssl);
if (result == 0) { if (ret == 0) {
result = PickHashSigAlgo(ssl, peerSuites->hashSigAlgo, ret = PickHashSigAlgo(ssl, peerSuites->hashSigAlgo,
peerSuites->hashSigAlgoSz); peerSuites->hashSigAlgoSz);
} }
return result; return ret;
} }
else { else {
WOLFSSL_MSG("Could not verify suite validity, continue"); WOLFSSL_MSG("Could not verify suite validity, continue");
@ -31209,7 +31243,9 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
input + args->idx, input + args->idx,
(word16)args->sigSz, (word16)args->sigSz,
ssl->arrays->preMasterSecret, ssl->arrays->preMasterSecret,
&ssl->arrays->preMasterSz); &ssl->arrays->preMasterSz,
ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length);
break; break;
} }
#endif /* !NO_DH */ #endif /* !NO_DH */
@ -31222,7 +31258,9 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
input + args->idx, input + args->idx,
(word16)args->sigSz, (word16)args->sigSz,
ssl->arrays->preMasterSecret + OPAQUE16_LEN, ssl->arrays->preMasterSecret + OPAQUE16_LEN,
&ssl->arrays->preMasterSz); &ssl->arrays->preMasterSz,
ssl->buffers.serverDH_P.buffer,
ssl->buffers.serverDH_P.length);
break; break;
} }
#endif /* !NO_DH && !NO_PSK */ #endif /* !NO_DH && !NO_PSK */

2
src/sniffer.c
View File

@ -2280,7 +2280,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
/* Derive secret from private key and peer's public key */ /* Derive secret from private key and peer's public key */
do { do {
#ifdef WOLFSSL_ASYNC_CRYPT #ifdef WOLFSSL_ASYNC_CRYPT
ret = wc_AsyncWait(ret, &dhPriv.asyncDev, ret = wc_AsyncWait(ret, &dhKey.asyncDev,
WC_ASYNC_FLAG_CALL_AGAIN); WC_ASYNC_FLAG_CALL_AGAIN);
#endif #endif
if (ret >= 0) { if (ret >= 0) {

17
src/ssl.c
View File

@ -548,7 +548,6 @@ WOLFSSL* wolfSSL_new(WOLFSSL_CTX* ctx)
WOLFSSL* ssl = NULL; WOLFSSL* ssl = NULL;
int ret = 0; int ret = 0;
(void)ret;
WOLFSSL_ENTER("SSL_new"); WOLFSSL_ENTER("SSL_new");
if (ctx == NULL) if (ctx == NULL)
@ -562,6 +561,8 @@ WOLFSSL* wolfSSL_new(WOLFSSL_CTX* ctx)
} }
WOLFSSL_LEAVE("SSL_new", ret); WOLFSSL_LEAVE("SSL_new", ret);
(void)ret;
return ssl; return ssl;
} }
@ -52972,10 +52973,10 @@ int wolfSSL_ASN1_STRING_print_ex(WOLFSSL_BIO *out, WOLFSSL_ASN1_STRING *str,
} }
str_len++; str_len++;
if (flags & ASN1_STRFLGS_DUMP_DER){ if (flags & ASN1_STRFLGS_DUMP_DER){
hex_tmp[0] = hex_char[str->type >> 4]; hex_tmp[0] = hex_char[(str->type & 0xf0) >> 4];
hex_tmp[1] = hex_char[str->type & 0xf]; hex_tmp[1] = hex_char[(str->type & 0x0f)];
hex_tmp[2] = hex_char[str->length >> 4]; hex_tmp[2] = hex_char[(str->length & 0xf0) >> 4];
hex_tmp[3] = hex_char[str->length & 0xf]; hex_tmp[3] = hex_char[(str->length & 0x0f)];
if (wolfSSL_BIO_write(out, hex_tmp, 4) != 4){ if (wolfSSL_BIO_write(out, hex_tmp, 4) != 4){
goto err_exit; goto err_exit;
} }
@ -54625,8 +54626,10 @@ error:
XFREE(section, NULL, DYNAMIC_TYPE_PKCS7); XFREE(section, NULL, DYNAMIC_TYPE_PKCS7);
if (canonSection != NULL) if (canonSection != NULL)
XFREE(canonSection, NULL, DYNAMIC_TYPE_PKCS7); XFREE(canonSection, NULL, DYNAMIC_TYPE_PKCS7);
wolfSSL_BIO_free(*bcont); if (bcont) {
*bcont = NULL; /* reset 'bcount' pointer to NULL on failure */ wolfSSL_BIO_free(*bcont);
*bcont = NULL; /* reset 'bcount' pointer to NULL on failure */
}
return NULL; return NULL;
} }

963
src/tls.c
View File

File diff suppressed because it is too large Load Diff

707
src/tls13.c
View File

File diff suppressed because it is too large Load Diff

2
tests/suites.c
View File

@ -809,7 +809,7 @@ int SuiteTest(int argc, char** argv)
args.return_code = EXIT_FAILURE; args.return_code = EXIT_FAILURE;
goto exit; goto exit;
} }
wolfSSL_CTX_UseAsync(cipherSuiteCtx, devId); wolfSSL_CTX_SetDevId(cipherSuiteCtx, devId);
#endif /* WOLFSSL_ASYNC_CRYPT */ #endif /* WOLFSSL_ASYNC_CRYPT */
/* support for custom command line tests */ /* support for custom command line tests */

2
wolfcrypt/src/asn.c
View File

@ -18934,7 +18934,7 @@ int wc_MIME_parse_headers(char* in, int inLen, MimeHdr** headers)
else { else {
mimeType = MIME_HDR; mimeType = MIME_HDR;
} }
start = end = 0; start = 0;
lineLen = XSTRLEN(curLine); lineLen = XSTRLEN(curLine);
if (lineLen == 0) { if (lineLen == 0) {
ret = BAD_FUNC_ARG; ret = BAD_FUNC_ARG;

2
wolfcrypt/src/ecc.c
View File

@ -1552,7 +1552,7 @@ const char* wc_ecc_get_name(int curve_id)
int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id) int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id)
{ {
if (keysize <= 0 && curve_id < 0) { if (key == NULL || (keysize <= 0 && curve_id < 0)) {
return BAD_FUNC_ARG; return BAD_FUNC_ARG;
} }

17
wolfssl/internal.h
View File

@ -2627,17 +2627,23 @@ typedef struct KeyShareEntry {
word16 group; /* NamedGroup */ word16 group; /* NamedGroup */
byte* ke; /* Key exchange data */ byte* ke; /* Key exchange data */
word32 keLen; /* Key exchange data length */ word32 keLen; /* Key exchange data length */
void* key; /* Private key */ void* key; /* Key struct */
word32 keyLen; /* Private key length */ word32 keyLen; /* Key size (bytes) */
byte* pubKey; /* Public key */ byte* pubKey; /* Public key */
word32 pubKeyLen; /* Public key length */ word32 pubKeyLen; /* Public key length */
#ifndef NO_DH
byte* privKey; /* Private key - DH only */
#endif
#ifdef WOLFSSL_ASYNC_CRYPT
int lastRet;
#endif
struct KeyShareEntry* next; /* List pointer */ struct KeyShareEntry* next; /* List pointer */
} KeyShareEntry; } KeyShareEntry;
WOLFSSL_LOCAL int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len, WOLFSSL_LOCAL int TLSX_KeyShare_Use(WOLFSSL* ssl, word16 group, word16 len,
byte* data, KeyShareEntry **kse); byte* data, KeyShareEntry **kse);
WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl); WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl);
WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl); WOLFSSL_LOCAL int TLSX_KeyShare_Establish(WOLFSSL* ssl, int* doHelloRetry);
WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl); WOLFSSL_LOCAL int TLSX_KeyShare_DeriveSecret(WOLFSSL* ssl);
@ -4826,14 +4832,15 @@ WOLFSSL_LOCAL int SetRsaInternal(WOLFSSL_RSA* rsa);
WOLFSSL_LOCAL int SetDhInternal(WOLFSSL_DH* dh); WOLFSSL_LOCAL int SetDhInternal(WOLFSSL_DH* dh);
WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh); WOLFSSL_LOCAL int SetDhExternal(WOLFSSL_DH *dh);
#ifndef NO_DH #if !defined(NO_DH) && (!defined(NO_CERTS) || !defined(NO_PSK))
WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl, DhKey* dhKey, WOLFSSL_LOCAL int DhGenKeyPair(WOLFSSL* ssl, DhKey* dhKey,
byte* priv, word32* privSz, byte* priv, word32* privSz,
byte* pub, word32* pubSz); byte* pub, word32* pubSz);
WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl, DhKey* dhKey, WOLFSSL_LOCAL int DhAgree(WOLFSSL* ssl, DhKey* dhKey,
const byte* priv, word32 privSz, const byte* priv, word32 privSz,
const byte* otherPub, word32 otherPubSz, const byte* otherPub, word32 otherPubSz,
byte* agree, word32* agreeSz); byte* agree, word32* agreeSz,
const byte* prime, word32 primeSz);
#endif /* !NO_DH */ #endif /* !NO_DH */
#ifdef HAVE_ECC #ifdef HAVE_ECC