WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #1582 from SparkiDev/tls13_only 

Allow TLS 1.2 to be compiled out.
pull/1586/head
toddouska 2018-05-29 13:26:54 -07:00 committed by GitHub
parent 92dd231c27 ba8e441e53
commit 2cf853d1f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
21 changed files with 843 additions and 606 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
configure.ac
View File

@ -1508,6 +1508,19 @@ else
fi
# TLSv1.2
AC_ARG_ENABLE([tlsv12],
[AS_HELP_STRING([--enable-tlsv12],[Enable TLS versions 1.2 (default: enabled)])],
[ ENABLED_TLSV12=$enableval ],
[ ENABLED_TLSV12=yes ]
)
if test "$ENABLED_TLSV12" = "no"
then
AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_TLS12 -DNO_OLD_TLS"
fi
# TLSv1.0
AC_ARG_ENABLE([tlsv10],
[AS_HELP_STRING([--enable-tlsv10],[Enable old TLS versions 1.0 (default: disabled)])],

4
examples/benchmark/tls_bench.c
View File

@ -354,7 +354,7 @@ static void* client_thread(void* args)
int haveShownPeerInfo = 0;
/* set up client */
cli_ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
cli_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
if (cli_ctx == NULL) err_sys("error creating ctx");
#ifndef NO_CERTS
@ -480,7 +480,7 @@ static void* server_thread(void* args)
WOLFSSL* srv_ssl;
/* set up server */
srv_ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
srv_ctx = wolfSSL_CTX_new(wolfSSLv23_server_method());
if (srv_ctx == NULL) err_sys("error creating server ctx");
#ifndef NO_CERTS

6
examples/client/client.c
View File

@ -182,7 +182,9 @@ static void ShowVersions(void)
#endif
printf("2:");
#endif /* NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
printf("3:");
#endif
#ifdef WOLFSSL_TLS13
printf("4:");
#endif
@ -1489,9 +1491,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
#endif /* !NO_OLD_TLS */
#ifndef NO_TLS
#ifndef WOLFSSL_NO_TLS12
case 3:
method = wolfTLSv1_2_client_method_ex;
break;
#endif
#ifdef WOLFSSL_TLS13
case 4:
@ -1511,9 +1515,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break;
#endif
#ifndef WOLFSSL_NO_TLS12
case -2:
method = wolfDTLSv1_2_client_method_ex;
break;
#endif
#endif
default:

56
examples/server/server.c
View File

@ -281,6 +281,46 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block,
return EXIT_SUCCESS;
}
#ifdef WOLFSSL_TLS13
static void NonBlockingServerRead(WOLFSSL* ssl, char* input, int inputLen)
{
int ret, err;
char buffer[CYASSL_MAX_ERROR_SZ];
/* Read data */
do {
err = 0; /* reset error */
ret = SSL_read(ssl, input, inputLen);
if (ret < 0) {
err = SSL_get_error(ssl, 0);
#ifdef WOLFSSL_ASYNC_CRYPT
if (err == WC_PENDING_E) {
ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW);
if (ret < 0) break;
}
else
#endif
#ifdef CYASSL_DTLS
if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) {
printf("Dropped client's message due to a bad MAC\n");
}
else
#endif
if (err != WOLFSSL_ERROR_WANT_READ) {
printf("SSL_read input error %d, %s\n", err,
ERR_error_string(err, buffer));
err_sys_ex(runWithErrors, "SSL_read failed");
}
}
} while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_READ);
if (ret > 0) {
input[ret] = 0; /* null terminate message */
printf("Client message: %s\n", input);
}
}
#endif
static void ServerRead(WOLFSSL* ssl, char* input, int inputLen)
{
int ret, err;
@ -543,9 +583,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
int noPskDheKe = 0;
#endif
int updateKeysIVs = 0;
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
int postHandAuth = 0;
#endif
#ifdef WOLFSSL_EARLY_DATA
int earlyData = 0;
#endif
@ -598,6 +636,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
(void)crlFlags;
(void)readySignal;
(void)updateKeysIVs;
(void)postHandAuth;
(void)mcastID;
(void)useX25519;
@ -967,9 +1006,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
#endif /* !NO_OLD_TLS */
#ifndef NO_TLS
#ifndef WOLFSSL_NO_TLS12
case 3:
method = wolfTLSv1_2_server_method_ex;
break;
#endif
#ifdef WOLFSSL_TLS13
case 4:
@ -989,9 +1030,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
break;
#endif
#ifndef WOLFSSL_NO_TLS12
case -2:
method = wolfDTLSv1_2_server_method_ex;
break;
#endif
#endif
default:
@ -1635,10 +1678,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args)
}
ServerWrite(ssl, write_msg, write_msg_sz);
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
if (postHandAuth) {
#ifdef WOLFSSL_TLS13
if (updateKeysIVs || postHandAuth) {
ServerWrite(ssl, write_msg, write_msg_sz);
ServerRead(ssl, input, sizeof(input)-1);
if (nonBlocking)
NonBlockingServerRead(ssl, input, sizeof(input)-1);
else
ServerRead(ssl, input, sizeof(input)-1);
}
#endif
}

7
scripts/google.test
View File

@ -6,6 +6,13 @@ server=www.google.com
[ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1
# TODO: [TLS13] Remove this when google supports final version of TLS 1.3
./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version'
if [ $? -eq 0 ]; then
echo -e "\n\nClient doesn't support TLS v1.2"
exit 0
fi
# is our desired server there?
./scripts/ping.test $server 2
RESULT=$?

21
scripts/openssl.test
View File

@ -21,6 +21,9 @@ wolf_suites_total=0
counter=0
testing_summary="OpenSSL Interop Testing Summary:\nVersion\tTested\t#Found\t#Tested\n"
versionName="Invalid"
if [ "$OPENSSL" = "" ]; then
OPENSSL=openssl
fi
version_name() {
case $version in "0")
@ -73,7 +76,7 @@ else
fi
echo -e "\nTesting existence of openssl command...\n"
command -v openssl >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but it's not installed. Ending."; exit 0; }
command -v $OPENSSL >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but it's not installed. Ending."; exit 0; }
echo -e "\nTesting for _build directory as part of distcheck, different paths"
@ -92,7 +95,7 @@ found_free_port=0
while [ "$counter" -lt 20 ]; do
echo -e "\nTrying to start openssl server on port $openssl_port...\n"
openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -verify 10 -verify_return_error -psk 1a2b3c4d -cipher "ALL:eNULL" &
$OPENSSL s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -verify 10 -verify_return_error -psk 1a2b3c4d -cipher "ALL:eNULL" &
server_pid=$!
# wait to see if s_server successfully starts before continuing
sleep 0.1
@ -127,7 +130,7 @@ case $wolf_ciphers in
while [ "$counter" -lt 20 ]; do
echo -e "\nTrying to start ECDH-RSA openssl server on port $ecdh_port...\n"
openssl s_server -accept $ecdh_port -cert ./certs/server-ecc-rsa.pem -key ./certs/ecc-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -cipher "ALL:eNULL" &
$OPENSSL s_server -accept $ecdh_port -cert ./certs/server-ecc-rsa.pem -key ./certs/ecc-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -cipher "ALL:eNULL" &
ecdh_server_pid=$!
# wait to see if s_server successfully starts before continuing
sleep 0.1
@ -193,11 +196,11 @@ do
echo -e "version = $version"
# get openssl ciphers depending on version
case $version in "0")
openssl_ciphers=`openssl ciphers "SSLv3"`
openssl_ciphers=`$OPENSSL ciphers "SSLv3"`
# double check that can actually do a sslv3 connection using
# client-cert.pem to send but any file with EOF works
openssl s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ./certs/client-cert.pem
$OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ./certs/client-cert.pem
sslv3_sup=$?
if [ $sslv3_sup != 0 ]
@ -208,7 +211,7 @@ do
fi
;;
"1")
openssl_ciphers=`openssl ciphers "TLSv1"`
openssl_ciphers=`$OPENSSL ciphers "TLSv1"`
tlsv1_sup=$?
if [ $tlsv1_sup != 0 ]
then
@ -218,7 +221,7 @@ do
fi
;;
"2")
openssl_ciphers=`openssl ciphers "TLSv1.1"`
openssl_ciphers=`$OPENSSL ciphers "TLSv1.1"`
tlsv1_1_sup=$?
if [ $tlsv1_1_sup != 0 ]
then
@ -228,7 +231,7 @@ do
fi
;;
"3")
openssl_ciphers=`openssl ciphers "TLSv1.2"`
openssl_ciphers=`$OPENSSL ciphers "TLSv1.2"`
tlsv1_2_sup=$?
if [ $tlsv1_2_sup != 0 ]
then
@ -238,7 +241,7 @@ do
fi
;;
"4") #test all suites
openssl_ciphers=`openssl ciphers "ALL"`
openssl_ciphers=`$OPENSSL ciphers "ALL"`
all_sup=$?
if [ $all_sup != 0 ]
then

93
scripts/psk.test
View File

@ -83,67 +83,40 @@ echo ""
# client test against the server
###############################
# usual psk server / psk client
port=0
./examples/server/server -j -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -s -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nClient connection failed"
do_cleanup
exit 1
fi
echo ""
./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version'
if [ $? -ne 0 ]; then
# Usual server / client. This use case is tested in
# tests/unit.test and is used here for just checking if cipher suite
# is available (one case for example is with disable-asn)
port=0
./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
server_pid=$!
create_port
./examples/client/client -p $port
RESULT=$?
remove_ready_file
# if fail here then is a settings issue so return 0
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with choosen non PSK suites"
do_cleanup
exit 0
fi
echo ""
# Usual server / client. This use case is tested in
# tests/unit.test and is used here for just checking if cipher suite
# is available (one case for example is with disable-asn)
port=0
./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA &
server_pid=$!
create_port
./examples/client/client -p $port
RESULT=$?
remove_ready_file
# if fail here then is a settings issue so return 0
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with choosen non PSK suites"
do_cleanup
exit 0
fi
echo ""
# psk server with non psk client
port=0
./examples/server/server -j -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nClient connection failed"
do_cleanup
exit 1
fi
echo ""
# check fail if no auth, psk server with non psk client
echo "Checking fail when not sending peer cert"
port=0
./examples/server/server -j -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -x -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
echo -e "\n\nClient connected when supposed to fail"
do_cleanup
exit 1
# check fail if no auth, psk server with non psk client
echo "Checking fail when not sending peer cert"
port=0
./examples/server/server -j -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -x -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
echo -e "\n\nClient connected when supposed to fail"
do_cleanup
exit 1
fi
fi
echo -e "\nALL Tests Passed"

478
scripts/tls13.test
View File

@ -14,12 +14,13 @@ counter=0
# also let's add some randomness by adding pid in case multiple 'make check's
# per source tree
ready_file=`pwd`/wolfssl_tls13_ready$$
client_file=/tmp/wolfssl_tls13_client$$
echo "ready file $ready_file"
create_port() {
while [ ! -s $ready_file ]; do
if [ -a "$counter" -gt 50 ]; then
if [ "$counter" -gt 50 ]; then
break
fi
echo -e "waiting for ready file..."
@ -54,6 +55,10 @@ do_cleanup() {
kill -9 $server_pid
fi
remove_ready_file
if [ -e $client_file ]; then
echo -e "removing existing client file"
rm $client_file
fi
}
do_trap() {
@ -72,7 +77,7 @@ port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
./examples/client/client -v 4 -p $port | tee $client_file
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
@ -82,268 +87,6 @@ if [ $RESULT -ne 0 ]; then
fi
echo ""
# Usual TLS v1.3 server / TLS v1.3 client - fragment.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client - fragment"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -F 1 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 and fragments not working"
do_cleanup
exit 1
fi
echo ""
# Use HelloRetryRequest with TLS v1.3 server / TLS v1.3 client.
echo -e "\n\nTLS v1.3 HelloRetryRequest"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -J -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 HelloRetryRequest not working"
do_cleanup
exit 1
fi
echo ""
# Use HelloRetryRequest with TLS v1.3 server / TLS v1.3 client using cookie
echo -e "\n\nTLS v1.3 HelloRetryRequest with cookie"
port=0
./examples/server/server -v 4 -J -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -J -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 HelloRetryRequest with cookie not working"
do_cleanup
exit 1
fi
echo ""
# Use HelloRetryRequest with TLS v1.3 server / TLS v1.3 client - SHA384.
echo -e "\n\nTLS v1.3 HelloRetryRequest - SHA384"
port=0
./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -J -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 HelloRetryRequest with SHA384 not working"
do_cleanup
exit 1
fi
echo ""
# Resumption TLS v1.3 server / TLS v1.3 client.
echo -e "\n\nTLS v1.3 resumption"
port=0
./examples/server/server -v 4 -r -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -r -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 resumption not working"
do_cleanup
exit 1
fi
echo ""
# Resumption TLS v1.3 server / TLS v1.3 client - SHA384
echo -e "\n\nTLS v1.3 resumption - SHA384"
port=0
./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 resumption with SHA384 not working"
do_cleanup
exit 1
fi
echo ""
./examples/client/client -v 4 -e 2>&1 | grep -- '-ECC'
if [ $? -eq 0 ]; then
# Usual TLS v1.3 server / TLS v1.3 client and ECC certificates.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client - ECC certificates"
port=0
./examples/server/server -v 4 -A certs/client-ecc-cert.pem -c certs/server-ecc.pem -k certs/ecc-key.pem -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -A certs/ca-ecc-cert.pem -c certs/client-ecc-cert.pem -k certs/ecc-client-key.pem -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 ECC certificates not working"
do_cleanup
exit 1
fi
echo ""
fi
# Usual TLS v1.3 server / TLS v1.3 client and no client certificate.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client - no client cretificate"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -x -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 and no client certificate not working"
do_cleanup
exit 1
fi
echo ""
# Usual TLS v1.3 server / TLS v1.3 client and DH Key.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client - DH Key Exchange"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -y -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 DH Key Exchange not working"
do_cleanup
exit 1
fi
echo ""
# Usual TLS v1.3 server / TLS v1.3 client and ECC Key.
echo -e "\n\nTLS v1.3 server with TLS v1.3 client - ECC Key Exchange"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -Y -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nTLS v1.3 ECDH Key Exchange not working"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nOnly TLS v1.3 cipher suites"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 cipher suites - only TLS v1.3"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nOnly TLS v1.3 cipher suite - AES128-GCM SHA-256"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-GCM-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 cipher suites - AES128-GCM SHA-256"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nOnly TLS v1.3 cipher suite - AES256-GCM SHA-384"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES256-GCM-SHA384 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 cipher suites - AES256-GCM SHA-384"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nOnly TLS v1.3 cipher suite - CHACHA20-POLY1305 SHA-256"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACHA20-POLY1305-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 cipher suites - CHACHA20-POLY1305 SHA-256"
do_cleanup
exit 1
fi
echo ""
./examples/client/client -v 4 -e 2>&1 | grep -- '-CCM'
if [ $? -eq 0 ]; then
# TLS 1.3 cipher suites server / client.
echo -e "\n\nOnly TLS v1.3 cipher suite - AES128-CCM SHA-256"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-CCM-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 cipher suites - AES128-CCM SHA-256"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 cipher suites server / client.
echo -e "\n\nOnly TLS v1.3 cipher suite - AES128-CCM-8 SHA-256"
port=0
./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-CCM-8-SHA256 &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 cipher suites - AES128-CCM-8 SHA-256"
do_cleanup
exit 1
fi
echo ""
fi
# TLS 1.3 cipher suites server / client.
echo -e "\n\nTLS v1.3 cipher suite mismatch"
port=0
@ -353,189 +96,48 @@ create_port
./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384
RESULT=$?
remove_ready_file
if [ $RESULT -ne 1 ]; then
if [ $RESULT -eq 0 ]; then
echo -e "\n\nIssue with mismatched TLS v1.3 cipher suites"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 server / TLS 1.2 client.
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 3 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
echo -e "\n\nIssue with TLS v1.3 server downgrading to TLS v1.2"
do_cleanup
exit 1
fi
echo ""
# TLS Downgrade server / TLS 1.2 client.
echo -e "\n\nTLS server downgrading to TLS v1.2"
port=0
./examples/server/server -v d -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 3 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS server downgrading to TLS v1.2"
do_cleanup
exit 1
fi
echo ""
./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version'
if [ $? -ne 0 ]; then
# TLS 1.3 server / TLS 1.2 client.
echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2"
port=0
./examples/server/server -v 4 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 3 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
echo -e "\n\nIssue with TLS v1.3 server downgrading to TLS v1.2"
do_cleanup
exit 1
fi
echo ""
# TLS 1.2 server / TLS 1.3 client.
echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3"
port=0
./examples/server/server -v 3 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
echo -e "\n\nIssue with TLS v1.3 client upgrading server to TLS v1.3"
do_cleanup
exit 1
# TLS 1.2 server / TLS 1.3 client.
echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3"
port=0
./examples/server/server -v 3 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -eq 0 ]; then
echo -e "\n\nIssue with TLS v1.3 client upgrading server to TLS v1.3"
do_cleanup
exit 1
fi
echo ""
fi
echo ""
# TLS 1.2 server / TLS downgrade client.
echo -e "\n\nTLS client downgrading to TLS v1.2"
port=0
./examples/server/server -v 3 -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v d -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS client downgrading to TLS v1.2"
do_cleanup
exit 1
fi
echo ""
# TLS Downgrade server / TLS Downgrade client.
echo -e "\n\nTLS server and client able to downgrade but don't"
port=0
./examples/server/server -v d -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v d -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS not downgrading"
do_cleanup
exit 1
fi
echo ""
# TLS Downgrade server / TLS Downgrade client resumption.
echo -e "\n\nTLS server and client able to downgrade but don't and resume"
port=0
./examples/server/server -v d -r -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v d -r -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS not downgrading and resumption"
do_cleanup
exit 1
fi
echo ""
# TLS Downgrade server / TLS 1.2 client and resume.
echo -e "\n\nTLS server downgrade and resume"
port=0
./examples/server/server -v d -r -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 3 -r -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS server downgrading and resumption"
do_cleanup
exit 1
fi
echo ""
# TLS 1.2 server / TLS downgrade client and resume.
echo -e "\n\nTLS client downgrade and resume"
port=0
./examples/server/server -v 3 -r -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v d -r -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS client downgrading and resumption"
do_cleanup
exit 1
fi
echo ""
# TLS Downgrade server / TLS Downgrade client.
# TLS 1.3 server / TLS 1.3 client send KeyUpdate before sending app data.
echo -e "\n\nTLS v1.3 KeyUpdate"
port=0
./examples/server/server -v 4 -U -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -I -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 KeyUpdate"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 server / TLS 1.3 client - don't use (EC)DHE with PSK.
echo -e "\n\nTLS v1.3 PSK without (EC)DHE"
port=0
./examples/server/server -v 4 -r -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -r -K -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 PSK without (EC)DHE"
do_cleanup
exit 1
fi
echo ""
# TLS 1.3 server / TLS 1.3 client and Post-Handshake Authentication.
echo -e "\n\nTLS v1.3 Post-Handshake Authentication"
port=0
./examples/server/server -v 4 -Q -R $ready_file -p $port &
server_pid=$!
create_port
./examples/client/client -v 4 -Q -p $port
RESULT=$?
remove_ready_file
if [ $RESULT -ne 0 ]; then
echo -e "\n\nIssue with TLS v1.3 Post-Handshake Auth"
do_cleanup
exit 1
fi
echo ""
echo -e "\nALL Tests Passed"

231
src/internal.c
View File

@ -85,6 +85,8 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#error Cannot use both secure-renegotiation and renegotiation-indication
#endif
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_CLIENT
static int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, word32*,
word32);
@ -112,6 +114,7 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
#endif /* WOLFSSL_DTLS */
#endif
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_DTLS
static INLINE int DtlsCheckWindow(WOLFSSL* ssl);
@ -132,6 +135,8 @@ enum processReply {
};
#ifndef WOLFSSL_NO_TLS12
/* Server random bytes for TLS v1.3 described downgrade protection mechanism. */
static const byte tls13Downgrade[7] = {
0x44, 0x4f, 0x47, 0x4e, 0x47, 0x52, 0x44
@ -145,6 +150,8 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
#endif
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef HAVE_QSH
int QSH_Init(WOLFSSL* ssl);
#endif
@ -176,7 +183,6 @@ int IsAtLeastTLSv1_3(const ProtocolVersion pv)
return (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR);
}
static INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend)
{
(void)isSend;
@ -1832,6 +1838,45 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
if (suites->setSuites)
return; /* trust user settings, don't override */
#ifdef WOLFSSL_TLS13
#ifdef BUILD_TLS_AES_128_GCM_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_128_GCM_SHA256;
}
#endif
#ifdef BUILD_TLS_AES_256_GCM_SHA384
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_256_GCM_SHA384;
}
#endif
#ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_CHACHA20_POLY1305_SHA256;
}
#endif
#ifdef BUILD_TLS_AES_128_CCM_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_128_CCM_SHA256;
}
#endif
#ifdef BUILD_TLS_AES_128_CCM_8_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_128_CCM_8_SHA256;
}
#endif
#endif /* WOLFSSL_TLS13 */
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
if (side == WOLFSSL_SERVER_END && haveStaticECC) {
haveRSA = 0; /* can't do RSA with ECDSA key */
@ -1895,43 +1940,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
}
#endif
#ifdef WOLFSSL_TLS13
#ifdef BUILD_TLS_AES_128_GCM_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_128_GCM_SHA256;
}
#endif
#ifdef BUILD_TLS_AES_256_GCM_SHA384
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_256_GCM_SHA384;
}
#endif
#ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_CHACHA20_POLY1305_SHA256;
}
#endif
#ifdef BUILD_TLS_AES_128_CCM_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_128_CCM_SHA256;
}
#endif
#ifdef BUILD_TLS_AES_128_CCM_8_SHA256
if (tls1_3) {
suites->suites[idx++] = TLS13_BYTE;
suites->suites[idx++] = TLS_AES_128_CCM_8_SHA256;
}
#endif
#endif /* WOLFSSL_TLS13 */
#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
if (tls1_2 && haveECC) {
suites->suites[idx++] = ECC_BYTE;
@ -2681,6 +2689,8 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
}
#endif
#endif /* !WOLFSSL_NO_TLS12 */
suites->suiteSz = idx;
InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig, 0, tls1_2, keySz);
@ -2724,8 +2734,10 @@ static INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType)
}
#endif /* !NO_WOLFSSL_SERVER || !NO_CERTS */
#ifndef WOLFSSL_NO_TLS12
#if !defined(NO_DH) || defined(HAVE_ECC) || \
(!defined(NO_RSA) && defined(WC_RSA_PSS))
(!defined(NO_RSA) && defined(WC_RSA_PSS))
static enum wc_HashType HashAlgoToType(int hashAlgo)
{
@ -2757,6 +2769,8 @@ static enum wc_HashType HashAlgoToType(int hashAlgo)
#endif /* !NO_DH || HAVE_ECC || (!NO_RSA && WC_RSA_PSS) */
#endif
#ifndef NO_CERTS
@ -2889,7 +2903,7 @@ static INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output)
(void)output;
}
#if !defined(WOLFSSL_NO_CLIENT_AUTH)
#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_NO_CLIENT_AUTH)
static void SetDigest(WOLFSSL* ssl, int hashAlgo)
{
switch (hashAlgo) {
@ -2919,10 +2933,11 @@ static void SetDigest(WOLFSSL* ssl, int hashAlgo)
#endif /* WOLFSSL_SHA512 */
} /* switch */
}
#endif /* !WOLFSSL_NO_CLIENT_AUTH */
#endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_NO_CLIENT_AUTH */
#endif /* !NO_CERTS */
#ifndef NO_RSA
#ifndef WOLFSSL_NO_TLS12
static int TypeHash(int hashAlgo)
{
switch (hashAlgo) {
@ -2946,6 +2961,7 @@ static int TypeHash(int hashAlgo)
return 0;
}
#endif /* !WOLFSSL_NO_TLS12 */
#if defined(WC_RSA_PSS)
int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf)
@ -3250,6 +3266,8 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz,
return ret;
}
#ifndef WOLFSSL_NO_TLS12
int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz,
RsaKey* key, DerBuffer* keyBufInfo, void* ctx)
{
@ -3367,6 +3385,8 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#endif /* NO_RSA */
#ifdef HAVE_ECC
@ -3803,6 +3823,8 @@ int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg,
}
#endif /* HAVE_ED25519 */
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_CURVE25519
#ifdef HAVE_PK_CALLBACKS
/* Gets X25519 key for shared secret callback testing
@ -4003,6 +4025,8 @@ int DhAgree(WOLFSSL* ssl, DhKey* dhKey,
#endif /* !NO_DH */
#endif /* !NO_CERTS || !NO_PSK */
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef HAVE_PK_CALLBACKS
int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx)
@ -4504,7 +4528,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
#ifndef NO_OLD_TLS
ssl->hmac = SSL_hmac; /* default to SSLv3 */
#else
#elif !defined(WOLFSSL_NO_TLS12)
ssl->hmac = TLS_hmac;
#endif
@ -5864,6 +5888,8 @@ ProtocolVersion MakeDTLSv1(void)
return pv;
}
#ifndef WOLFSSL_NO_TLS12
ProtocolVersion MakeDTLSv1_2(void)
{
ProtocolVersion pv;
@ -5873,6 +5899,8 @@ ProtocolVersion MakeDTLSv1_2(void)
return pv;
}
#endif /* !WOLFSSL_NO_TLS12 */
#endif /* WOLFSSL_DTLS */
@ -6295,6 +6323,7 @@ static void AddRecordHeader(byte* output, word32 length, byte type, WOLFSSL* ssl
}
#if !defined(WOLFSSL_NO_TLS12) || defined(HAVE_SESSION_TICKET)
/* add handshake header for message */
static void AddHandShakeHeader(byte* output, word32 length,
word32 fragOffset, word32 fragLength,
@ -6325,7 +6354,6 @@ static void AddHandShakeHeader(byte* output, word32 length,
#endif
}
/* add both headers for handshake message */
static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl)
{
@ -6342,8 +6370,10 @@ static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl)
AddRecordHeader(output, length + lengthAdj, handshake, ssl);
AddHandShakeHeader(output + outputAdj, length, 0, length, type, ssl);
}
#endif /* !WOLFSSL_NO_TLS12 || HAVE_SESSION_TICKET */
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_CERTS
static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset,
word32 length, byte type, WOLFSSL* ssl)
@ -6363,6 +6393,7 @@ static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset,
AddHandShakeHeader(output + outputAdj, length, fragOffset, fragSz, type, ssl);
}
#endif /* NO_CERTS */
#endif /* !WOLFSSL_NO_TLS12 */
/* return bytes received, -1 on error */
@ -6810,7 +6841,7 @@ static int GetRecordHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return 0;
}
#ifndef WOLFSSL_NO_TLS12
static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
byte *type, word32 *size, word32 totalSz)
{
@ -6826,7 +6857,7 @@ static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return 0;
}
#endif
#ifdef WOLFSSL_DTLS
static int GetDtlsHandShakeHeader(WOLFSSL* ssl, const byte* input,
@ -6985,6 +7016,8 @@ static int BuildSHA(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
}
#endif
#ifndef WOLFSSL_NO_TLS12
/* Finished doesn't support SHA512, not SHA512 cipher suites yet */
static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
{
@ -7043,6 +7076,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return ret;
}
#endif /* WOLFSSL_NO_TLS12 */
/* cipher requirements */
enum {
@ -7063,6 +7097,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
static int CipherRequires(byte first, byte second, int requirement)
{
(void)requirement;
#ifndef WOLFSSL_NO_TLS12
if (first == CHACHA_BYTE) {
switch (second) {
@ -7350,6 +7388,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
} /* switch */
} /* if */
#endif /* !WOLFSSL_NO_TLS12 */
/* Distinct TLS v1.3 cipher suites with cipher and digest only. */
if (first == TLS13_BYTE) {
@ -7370,6 +7410,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
}
}
#ifndef WOLFSSL_NO_TLS12
if (first != ECC_BYTE && first != CHACHA_BYTE &&
first != TLS13_BYTE) { /* normal suites */
switch (second) {
@ -7586,6 +7628,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
} /* switch */
} /* if ECC / Normal suites else */
#endif /* !WOLFSSL_NO_TLS12 */
return 0;
}
@ -9501,6 +9545,8 @@ exit_ppc:
return ret;
}
#ifndef WOLFSSL_NO_TLS12
/* handle processing of certificate (11) */
static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx,
word32 size)
@ -9736,8 +9782,11 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#endif /* !NO_CERTS */
#ifndef WOLFSSL_NO_TLS12
static int DoHelloRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size, word32 totalSz)
@ -10484,6 +10533,8 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_DTLS
static INLINE int DtlsCheckWindow(WOLFSSL* ssl)
@ -10866,6 +10917,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx,
}
#endif
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_AEAD
static INLINE void AeadIncrementExpIV(WOLFSSL* ssl)
@ -11753,6 +11805,8 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
/* Check conditions for a cipher to have an explicit IV.
*
* ssl The SSL/TLS object.
@ -11806,7 +11860,6 @@ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz)
return 0;
}
#ifndef NO_OLD_TLS
static INLINE void Md5Rounds(int rounds, const byte* data, int sz)
@ -11837,6 +11890,7 @@ static INLINE void ShaRounds(int rounds, const byte* data, int sz)
}
#endif
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_SHA256
@ -11894,7 +11948,6 @@ static INLINE void Sha512Rounds(int rounds, const byte* data, int sz)
#endif
#ifdef WOLFSSL_RIPEMD
static INLINE void RmdRounds(int rounds, const byte* data, int sz)
@ -12062,6 +12115,8 @@ static int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t,
return ret;
}
#endif /* WOLFSSL_NO_TLS12 */
int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx)
{
@ -12273,6 +12328,7 @@ static int GetInputData(WOLFSSL *ssl, word32 size)
static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,
int content, word32* padSz)
{
#ifndef WOLFSSL_NO_TLS12
int ivExtra = 0;
int ret;
word32 pad = 0;
@ -12285,6 +12341,7 @@ static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,
#endif
byte verify[WC_MAX_DIGEST_SIZE];
if (ssl->specs.cipher_type == block) {
if (ssl->options.tls1_1)
ivExtra = ssl->specs.block_size;
@ -12329,12 +12386,20 @@ static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz,
return VERIFY_MAC_ERROR;
}
#endif /* WOLFSSL_NO_TLS12 */
if (ssl->specs.cipher_type == aead) {
*padSz = ssl->specs.aead_mac_size;
}
#ifndef WOLFSSL_NO_TLS12
else {
*padSz = digestSz + pad + padByte;
}
#endif /* WOLFSSL_NO_TLS12 */
(void)input;
(void)msgSz;
(void)content;
return 0;
}
@ -12553,13 +12618,18 @@ int ProcessReply(WOLFSSL* ssl)
}
else {
if (!ssl->options.tls1_3) {
#ifndef WOLFSSL_NO_TLS12
ret = Decrypt(ssl,
in->buffer + in->idx,
in->buffer + in->idx,
ssl->curSize);
#else
ret = DECRYPT_ERROR;
#endif
}
else {
#ifdef WOLFSSL_TLS13
else
{
#ifdef WOLFSSL_TLS13
#if defined(WOLFSSL_TLS13_DRAFT_18) || \
defined(WOLFSSL_TLS13_DRAFT_22) || \
defined(WOLFSSL_TLS13_DRAFT_23)
@ -12574,9 +12644,9 @@ int ProcessReply(WOLFSSL* ssl)
ssl->curSize,
(byte*)&ssl->curRL, RECORD_HEADER_SZ);
#endif
#else
#else
ret = DECRYPT_ERROR;
#endif /* WOLFSSL_TLS13 */
#endif /* WOLFSSL_TLS13 */
}
}
@ -12586,12 +12656,14 @@ int ProcessReply(WOLFSSL* ssl)
#endif
if (ret >= 0) {
#ifndef WOLFSSL_NO_TLS12
/* handle success */
if (ssl->options.tls1_1 && ssl->specs.cipher_type == block)
ssl->buffers.inputBuffer.idx += ssl->specs.block_size;
/* go past TLSv1.1 IV */
if (CipherHasExpIV(ssl))
ssl->buffers.inputBuffer.idx += AESGCM_EXP_IV_SZ;
#endif
}
else {
WOLFSSL_MSG("Decrypt failed");
@ -12712,10 +12784,14 @@ int ProcessReply(WOLFSSL* ssl)
#endif
}
else if (!IsAtLeastTLSv1_3(ssl->version)) {
#ifndef WOLFSSL_NO_TLS12
ret = DoHandShakeMsg(ssl,
ssl->buffers.inputBuffer.buffer,
&ssl->buffers.inputBuffer.idx,
ssl->buffers.inputBuffer.length);
#else
ret = BUFFER_ERROR;
#endif
}
else {
#ifdef WOLFSSL_TLS13
@ -12780,6 +12856,7 @@ int ProcessReply(WOLFSSL* ssl)
#endif
#endif
#ifndef WOLFSSL_NO_TLS12
ret = SanityCheckMsgReceived(ssl, change_cipher_hs);
if (ret != 0) {
if (!ssl->options.dtls) {
@ -12864,6 +12941,7 @@ int ProcessReply(WOLFSSL* ssl)
server : client);
if (ret != 0)
return ret;
#endif /* !WOLFSSL_NO_TLS12 */
break;
case application_data:
@ -13298,8 +13376,9 @@ int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
return ret;
}
#endif /* WOLFSSL_LEANPSK */
#endif /* !NO_CERTS */
#ifndef WOLFSSL_NO_TLS12
/* Persistable BuildMessage arguments */
typedef struct BuildMsgArgs {
word32 digestSz;
@ -13321,11 +13400,13 @@ static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs)
/* no allocations in BuildMessage */
}
#endif
/* Build SSL Message, encrypted */
int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay)
{
#ifndef WOLFSSL_NO_TLS12
int ret = 0;
BuildMsgArgs* args;
BuildMsgArgs lcl_args;
@ -13333,6 +13414,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
args = (BuildMsgArgs*)ssl->async.args;
typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1];
(void)sizeof(args_test);
#endif
#endif
WOLFSSL_ENTER("BuildMessage");
@ -13341,6 +13423,10 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input,
return BAD_FUNC_ARG;
}
#ifdef WOLFSSL_NO_TLS12
return BuildTls13Message(ssl, output, outSz, input, inSz, type,
hashOutput, sizeOnly, asyncOkay);
#else
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3) {
return BuildTls13Message(ssl, output, outSz, input, inSz, type,
@ -13575,8 +13661,10 @@ exit_buildmsg:
FreeBuildMsgArgs(ssl, args);
return ret;
#endif /* !WOLFSSL_NO_TLS12 */
}
#ifndef WOLFSSL_NO_TLS12
int SendFinished(WOLFSSL* ssl)
{
@ -14548,6 +14636,7 @@ int SendCertificateStatus(WOLFSSL* ssl)
#endif /* !NO_CERTS */
#endif /* WOLFSSL_NO_TLS12 */
int SendData(WOLFSSL* ssl, const void* data, int sz)
{
@ -15356,6 +15445,8 @@ void SetErrorString(int error, char* str)
static const CipherSuiteInfo cipher_names[] =
{
#ifndef WOLFSSL_NO_TLS12
#ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA
{"RC4-SHA", NAME_IANA("SSL_RSA_WITH_RC4_128_SHA"), CIPHER_BYTE, SSL_RSA_WITH_RC4_128_SHA},
#endif
@ -15800,6 +15891,12 @@ static const CipherSuiteInfo cipher_names[] =
{"EDH-RSA-DES-CBC3-SHA", NAME_IANA("TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"), CIPHER_BYTE, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA},
#endif
#ifdef BUILD_WDM_WITH_NULL_SHA256
{"WDM-NULL-SHA256", NAME_IANA("WDM_WITH_NULL_SHA256"), CIPHER_BYTE, WDM_WITH_NULL_SHA256},
#endif
#endif /* WOLFSSL_NO_TLS12 */
#ifdef BUILD_TLS_AES_128_GCM_SHA256
{"TLS13-AES128-GCM-SHA256", NAME_IANA("TLS_AES_128_GCM_SHA256"), TLS13_BYTE, TLS_AES_128_GCM_SHA256},
#endif
@ -15819,10 +15916,6 @@ static const CipherSuiteInfo cipher_names[] =
#ifdef BUILD_TLS_AES_128_CCM_8_SHA256
{"TLS13-AES128-CCM-8-SHA256", NAME_IANA("TLS_AES_128_CCM_8_SHA256"), TLS13_BYTE, TLS_AES_128_CCM_8_SHA256},
#endif
#ifdef BUILD_WDM_WITH_NULL_SHA256
{"WDM-NULL-SHA256", NAME_IANA("WDM_WITH_NULL_SHA256"), CIPHER_BYTE, WDM_WITH_NULL_SHA256},
#endif
};
#undef NAME_IANA
@ -16038,6 +16131,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
ssl->suites->sigAlgo = ssl->buffers.keyType;
#endif
}
#ifndef WOLFSSL_NO_TLS12
else if (IsAtLeastTLSv1_2(ssl)) {
#ifdef WOLFSSL_ALLOW_TLS_SHA1
ssl->suites->hashAlgo = sha_mac;
@ -16048,6 +16142,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
else {
ssl->suites->hashAlgo = sha_mac;
}
#endif
/* i+1 since peek a byte ahead for type */
for (i = 0; (i+1) < hashSigAlgoSz; i += HELLO_EXT_SIGALGO_SZ) {
@ -16288,10 +16383,11 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
#endif /* WOLFSSL_CALLBACKS */
/* client only parts */
#ifndef NO_WOLFSSL_CLIENT
#ifndef WOLFSSL_NO_TLS12
/* handle generation of client_hello (1) */
int SendClientHello(WOLFSSL* ssl)
{
@ -17006,6 +17102,8 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
return SetCipherSpecs(ssl);
}
#endif /* WOLFSSL_NO_TLS12 */
/* Make sure client setup is valid for this suite, true on success */
int VerifyClientSuite(WOLFSSL* ssl)
@ -17031,6 +17129,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo,
return 1; /* success */
}
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_CERTS
/* handle processing of certificate_request (13) */
@ -19609,6 +19708,7 @@ exit_scke:
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifndef NO_CERTS
@ -19791,6 +19891,7 @@ exit_dpk:
return ret;
}
#ifndef WOLFSSL_NO_TLS12
#ifndef WOLFSSL_NO_CLIENT_AUTH
typedef struct ScvArgs {
@ -20260,6 +20361,8 @@ exit_scv:
}
#endif /* WOLFSSL_NO_CLIENT_AUTH */
#endif /* WOLFSSL_NO_TLS12 */
#endif /* NO_CERTS */
@ -20300,6 +20403,8 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length)
return 0;
}
#ifndef WOLFSSL_NO_TLS12
/* handle processing of session_ticket (4) */
static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 size)
@ -20347,12 +20452,17 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return 0;
}
#endif /* !WOLFSSL_NO_TLS12 */
#endif /* HAVE_SESSION_TICKET */
#endif /* NO_WOLFSSL_CLIENT */
#ifndef NO_WOLFSSL_SERVER
#ifndef WOLFSSL_NO_TLS12
/* handle generation of server_hello (2) */
int SendServerHello(WOLFSSL* ssl)
{
@ -22133,6 +22243,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif
#endif /* !WOLFSSL_NO_TLS12 */
/* Make sure server cert/key are valid for this suite, true on success */
static int VerifyServerSuite(WOLFSSL* ssl, word16 idx)
{
@ -22528,6 +22640,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* OLD_HELLO_ALLOWED */
#ifndef WOLFSSL_NO_TLS12
int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites)
{
int ret = 0;
@ -23509,6 +23623,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef HAVE_SESSION_TICKET
@ -23807,6 +23922,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* HAVE_SESSION_TICKET */
#ifndef WOLFSSL_NO_TLS12
#ifdef WOLFSSL_DTLS
/* handle generation of DTLS hello_verify_request (3) */
@ -24956,6 +25072,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \
defined(WOLFSSL_HAPROXY)

14
src/keys.c
View File

@ -2125,7 +2125,9 @@ int SetCipherSpecs(WOLFSSL* ssl)
if (ssl->version.major == 3 && ssl->version.minor >= 1) {
#ifndef NO_TLS
ssl->options.tls = 1;
#ifndef WOLFSSL_NO_TLS12
ssl->hmac = TLS_hmac;
#endif
if (ssl->version.minor >= 2) {
ssl->options.tls1_1 = 1;
if (ssl->version.minor >= 4)
@ -3440,14 +3442,14 @@ int MakeMasterSecret(WOLFSSL* ssl)
}
#endif
#ifdef NO_OLD_TLS
return MakeTlsMasterSecret(ssl);
#elif !defined(NO_TLS)
if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
#endif
#ifndef NO_OLD_TLS
if (ssl->options.tls) return MakeTlsMasterSecret(ssl);
return MakeSslMasterSecret(ssl);
#elif !defined(WOLFSSL_NO_TLS12)
return MakeTlsMasterSecret(ssl);
#else
(void)ssl;
return 0;
#endif
}

53
src/ssl.c
View File

@ -564,11 +564,16 @@ int NotifyWriteSide(WOLFSSL* ssl, int err)
/* set if to use old poly 1 for yes 0 to use new poly */
int wolfSSL_use_old_poly(WOLFSSL* ssl, int value)
{
(void)ssl;
(void)value;
#ifndef WOLFSSL_NO_TLS12
WOLFSSL_ENTER("SSL_use_old_poly");
WOLFSSL_MSG("Warning SSL connection auto detects old/new and this function"
"is depriciated");
ssl->options.oldPoly = (word16)value;
WOLFSSL_LEAVE("SSL_use_old_poly", 0);
#endif
return 0;
}
#endif
@ -3455,10 +3460,17 @@ static int SetMinVersionHelper(byte* minVersion, int version)
*minVersion = TLSv1_1_MINOR;
break;
#endif
#ifndef WOLFSSL_NO_TLS12
case WOLFSSL_TLSV1_2:
*minVersion = TLSv1_2_MINOR;
break;
#endif
#endif
#ifdef WOLFSSL_TLS13
case WOLFSSL_TLSV1_3:
*minVersion = TLSv1_3_MINOR;
break;
#endif
default:
WOLFSSL_MSG("Bad function argument");
@ -3555,9 +3567,11 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version)
ssl->version = MakeTLSv1_1();
break;
#endif
#ifndef WOLFSSL_NO_TLS12
case WOLFSSL_TLSV1_2:
ssl->version = MakeTLSv1_2();
break;
#endif
#endif
#ifdef WOLFSSL_TLS13
case WOLFSSL_TLSV1_3:
@ -5021,14 +5035,18 @@ static INLINE WOLFSSL_METHOD* cm_pick_method(void)
#ifndef NO_WOLFSSL_CLIENT
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
return wolfSSLv3_client_method();
#else
#elif !defined(WOLFSSL_NO_TLS12)
return wolfTLSv1_2_client_method();
#elif defined(WOLFSSL_TLS13)
return wolfTLSv1_3_client_method();
#endif
#elif !defined(NO_WOLFSSL_SERVER)
#if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS)
return wolfSSLv3_server_method();
#else
#elif !defined(WOLFSSL_NO_TLS12)
return wolfTLSv1_2_server_method();
#elif defined(WOLFSSL_TLS13)
return wolfTLSv1_3_server_method();
#endif
#else
return NULL;
@ -8518,7 +8536,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
/* please see note at top of README if you get an error from connect */
int wolfSSL_connect(WOLFSSL* ssl)
{
#ifndef WOLFSSL_NO_TLS12
int neededState;
#endif
WOLFSSL_ENTER("SSL_connect()");
@ -8540,6 +8560,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
return WOLFSSL_FATAL_ERROR;
}
#ifdef WOLFSSL_NO_TLS12
return wolfSSL_connect_TLSv13(ssl);
#else
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3)
return wolfSSL_connect_TLSv13(ssl);
@ -8789,6 +8812,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_MSG("Unknown connect state ERROR");
return WOLFSSL_FATAL_ERROR; /* unknown connect state */
}
#endif /* !WOLFSSL_NO_TLS12 */
}
#endif /* NO_WOLFSSL_CLIENT */
@ -8874,14 +8898,19 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
int wolfSSL_accept(WOLFSSL* ssl)
{
#ifndef WOLFSSL_NO_TLS12
word16 havePSK = 0;
word16 haveAnon = 0;
word16 haveMcast = 0;
#endif
#ifdef WOLFSSL_TLS13
#ifdef WOLFSSL_NO_TLS12
return wolfSSL_accept_TLSv13(ssl);
#else
#ifdef WOLFSSL_TLS13
if (ssl->options.tls1_3)
return wolfSSL_accept_TLSv13(ssl);
#endif
#endif
WOLFSSL_ENTER("SSL_accept()");
#ifdef HAVE_ERRNO_H
@ -9160,6 +9189,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl,
WOLFSSL_MSG("Unknown accept state ERROR");
return WOLFSSL_FATAL_ERROR;
}
#endif /* !WOLFSSL_NO_TLS12 */
}
#endif /* NO_WOLFSSL_SERVER */
@ -15247,7 +15277,22 @@ const char* wolfSSL_get_version(WOLFSSL* ssl)
return "TLSv1.2";
#ifdef WOLFSSL_TLS13
case TLSv1_3_MINOR :
/* TODO: [TLS13] Remove draft versions. */
#ifndef WOLFSSL_TLS13_FINAL
#ifdef WOLFSSL_TLS13_DRAFT_18
return "TLSv1.3 (Draft 18)";
#elif defined(WOLFSSL_TLS13_DRAFT_22)
return "TLSv1.3 (Draft 22)";
#elif defined(WOLFSSL_TLS13_DRAFT_23)
return "TLSv1.3 (Draft 23)";
#elif defined(WOLFSSL_TLS13_DRAFT_26)
return "TLSv1.3 (Draft 26)";
#else
return "TLSv1.3 (Draft 28)";
#endif
#else
return "TLSv1.3";
#endif
#endif
default:
return "unknown";

21
src/tls.c
View File

@ -99,13 +99,14 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions);
#endif
#ifndef WOLFSSL_NO_TLS12
#ifdef WOLFSSL_SHA384
#define P_HASH_MAX_SIZE WC_SHA384_DIGEST_SIZE
#else
#define P_HASH_MAX_SIZE WC_SHA256_DIGEST_SIZE
#endif
/* compute p_hash for MD5, SHA-1, SHA-256, or SHA-384 for TLSv1 PRF */
static int p_hash(byte* result, word32 resLen, const byte* secret,
word32 secLen, const byte* seed, word32 seedLen, int hash,
@ -233,6 +234,8 @@ static int p_hash(byte* result, word32 resLen, const byte* secret,
#undef P_HASH_MAX_SIZE
#endif /* !WOLFSSL_NO_TLS12 */
#ifndef NO_OLD_TLS
@ -325,6 +328,8 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen,
#endif
#ifndef WOLFSSL_NO_TLS12
/* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack
use */
static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen,
@ -452,6 +457,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifndef NO_OLD_TLS
@ -479,6 +485,8 @@ ProtocolVersion MakeTLSv1_1(void)
#endif /* !NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
ProtocolVersion MakeTLSv1_2(void)
{
ProtocolVersion pv;
@ -488,6 +496,8 @@ ProtocolVersion MakeTLSv1_2(void)
return pv;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_TLS13
/* The TLS v1.3 protocol version.
*
@ -503,6 +513,7 @@ ProtocolVersion MakeTLSv1_3(void)
}
#endif
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_EXTENDED_MASTER
static const byte ext_master_label[EXT_MASTER_LABEL_SZ + 1] =
@ -877,6 +888,8 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz,
return ret;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef HAVE_TLS_EXTENSIONS
/**
@ -9464,6 +9477,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
#endif /* !NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
WOLFSSL_METHOD* wolfTLSv1_2_client_method(void)
{
@ -9481,6 +9495,8 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
return method;
}
#endif /* WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_TLS13
/* The TLS v1.3 client method data.
*
@ -9586,6 +9602,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
}
#endif /* !NO_OLD_TLS */
#ifndef WOLFSSL_NO_TLS12
WOLFSSL_METHOD* wolfTLSv1_2_server_method(void)
{
@ -9605,6 +9622,8 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType,
return method;
}
#endif /* !WOLFSSL_NO_TLS12 */
#ifdef WOLFSSL_TLS13
/* The TLS v1.3 server method data.
*

68
src/tls13.c
View File

@ -2376,11 +2376,18 @@ int SendTls13ClientHello(WOLFSSL* ssl)
if (ssl->options.resuming &&
(ssl->session.version.major != ssl->version.major ||
ssl->session.version.minor != ssl->version.minor)) {
/* Cannot resume with a different protocol version - new handshake. */
ssl->options.resuming = 0;
ssl->version.major = ssl->session.version.major;
ssl->version.minor = ssl->session.version.minor;
return SendClientHello(ssl);
#ifndef WOLFSSL_NO_TLS12
if (ssl->session.version.major == ssl->version.major &&
ssl->session.version.minor < ssl->version.minor) {
/* Cannot resume with a different protocol version. */
ssl->options.resuming = 0;
ssl->version.major = ssl->session.version.major;
ssl->version.minor = ssl->session.version.minor;
return SendClientHello(ssl);
}
else
#endif
return VERSION_ERROR;
}
#endif
@ -2774,15 +2781,18 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (ret != 0)
return ret;
if (!IsAtLeastTLSv1_3(pv) && pv.major != TLS_DRAFT_MAJOR) {
#ifndef WOLFSSL_NO_TLS12
if (ssl->options.downgrade) {
ssl->version = pv;
return DoServerHello(ssl, input, inOutIdx, helloSz);
}
#endif
WOLFSSL_MSG("CLient using higher version, fatal error");
WOLFSSL_MSG("Client using higher version, fatal error");
return VERSION_ERROR;
}
#else
#ifndef WOLFSSL_NO_TLS12
if (pv.major == ssl->version.major && pv.minor < TLSv1_2_MINOR &&
ssl->options.downgrade) {
/* Force client hello version 1.2 to work for static RSA. */
@ -2790,6 +2800,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->version.minor = TLSv1_2_MINOR;
return DoServerHello(ssl, input, inOutIdx, helloSz);
}
#endif
if (pv.major != ssl->version.major || pv.minor != TLSv1_2_MINOR)
return VERSION_ERROR;
#endif
@ -2848,7 +2859,9 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if ((i - begin) + OPAQUE16_LEN > helloSz) {
if (!ssl->options.downgrade)
return BUFFER_ERROR;
#ifndef WOLFSSL_NO_TLS12
ssl->version.minor = TLSv1_2_MINOR;
#endif
ssl->options.haveEMS = 0;
}
if ((i - begin) < helloSz)
@ -2891,6 +2904,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
* Only now do we know how to deal with session id.
*/
if (!IsAtLeastTLSv1_3(ssl->version)) {
#ifndef WOLFSSL_NO_TLS12
ssl->arrays->sessionIDSz = sessIdSz;
if (ssl->arrays->sessionIDSz > ID_LEN) {
@ -2907,6 +2921,10 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->chVersion.minor = TLSv1_2_MINOR;
/* Complete TLS v1.2 processing of ServerHello. */
ret = CompleteServerHello(ssl);
#else
WOLFSSL_MSG("Client using higher version, fatal error");
ret = VERSION_ERROR;
#endif
WOLFSSL_LEAVE("DoTls13ServerHello", ret);
@ -3744,7 +3762,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word16 totalExtSz = 0;
int usingPSK = 0;
byte sessIdSz;
#ifndef WOLFSSL_NO_TLS12
int bogusID = 0;
#endif
WOLFSSL_START(WC_FUNC_CLIENT_HELLO_DO);
WOLFSSL_ENTER("DoTls13ClientHello");
@ -3766,8 +3786,10 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR)
pv.minor = TLSv1_2_MINOR;
#ifndef WOLFSSL_NO_TLS12
if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor < TLSv1_3_MINOR)
return DoClientHello(ssl, input, inOutIdx, helloSz);
#endif
#ifdef HAVE_SESSION_TICKET
if (ssl->options.downgrade) {
@ -3802,9 +3824,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
XMEMCPY(ssl->session.sessionID, input + i, sessIdSz);
i += ID_LEN;
}
#ifdef HAVE_SESSION_TICKET
if (sessIdSz > 0 && sessIdSz < ID_LEN)
bogusID = 1;
#ifndef WOLFSSL_NO_TLS12
#ifdef HAVE_SESSION_TICKET
if (sessIdSz > 0 && sessIdSz < ID_LEN)
bogusID = 1;
#endif
#endif
/* Cipher suites */
@ -3919,6 +3943,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return ret;
#endif
}
#ifndef WOLFSSL_NO_TLS12
else if (ssl->options.resuming) {
ret = HandleTlsResumption(ssl, bogusID, &clSuites);
if (ret != 0)
@ -3931,6 +3956,12 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return ret;
}
}
#else
else {
WOLFSSL_MSG("Negotiated lesser version than TLS v1.3");
return VERSION_ERROR;
}
#endif
if (!usingPSK) {
if ((ret = MatchSuite(ssl, &clSuites)) < 0) {
@ -3941,6 +3972,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* Check that the negotiated ciphersuite matches protocol version. */
if (IsAtLeastTLSv1_3(ssl->version)) {
if (ssl->options.cipherSuite0 != TLS13_BYTE) {
#ifndef WOLFSSL_NO_TLS12
TLSX* ext;
if (!ssl->options.downgrade) {
@ -3960,6 +3992,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ext = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_VERSIONS);
if (ext != NULL)
ext->resp = 0;
#else
WOLFSSL_MSG("Negotiated ciphersuite from lesser version than "
"TLS v1.3");
return VERSION_ERROR;
#endif
}
}
/* VerifyServerSuite handles when version is less than 1.3 */
@ -7360,8 +7397,10 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
return WOLFSSL_SUCCESS;
if (!ssl->options.tls1_3) {
#ifndef WOLFSSL_NO_TLS12
if (ssl->options.downgrade)
return wolfSSL_connect(ssl);
#endif
WOLFSSL_MSG("Client using higher version, fatal error");
return VERSION_ERROR;
@ -7462,9 +7501,14 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl)
FALL_THROUGH;
case FIRST_REPLY_THIRD:
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error);
return WOLFSSL_FATAL_ERROR;
#if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
if (!ssl->options.sendVerify || !ssl->options.postHandshakeAuth)
#endif
{
if ((ssl->error = SendTls13Finished(ssl)) != 0) {
WOLFSSL_ERROR(ssl->error);
return WOLFSSL_FATAL_ERROR;
}
}
WOLFSSL_MSG("sent: finished");

131
tests/api.c
View File

@ -467,11 +467,26 @@ static void test_wolfSSL_Method_Allocators(void)
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method);
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_client_method);
#endif
#ifndef WOLFSSL_NO_TLS12
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method);
#endif
#endif
#ifdef WOLFSSL_TLS13
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_client_method);
#endif
#endif
#ifndef NO_WOLFSSL_SERVER
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method);
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_server_method);
#endif
#ifndef NO_WOLFSSL_CLIENT
TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method);
TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_client_method);
#endif
#ifdef WOLFSSL_DTLS
@ -903,12 +918,18 @@ static int test_wolfSSL_SetMinVersion(void)
#ifndef NO_OLD_TLS
const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1,
WOLFSSL_TLSV1_2};
#else
#elif !defined(WOLFSSL_NO_TLS12)
const int versions[] = { WOLFSSL_TLSV1_2 };
#else
const int versions[] = { WOLFSSL_TLSV1_3 };
#endif
AssertTrue(wolfSSL_Init());
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
#ifndef WOLFSSL_NO_TLS12
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
#else
ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
#endif
ssl = wolfSSL_new(ctx);
printf(testingFmt, "wolfSSL_SetMinVersion()");
@ -2950,7 +2971,11 @@ static void test_wolfSSL_PKCS8(void)
/* Note that wolfSSL_Init() or wolfCrypt_Init() has been called before these
* function calls */
#ifndef WOLFSSL_NO_TLS12
AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()));
#else
AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()));
#endif
wolfSSL_CTX_set_default_passwd_cb(ctx, &PKCS8TestCallBack);
wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&flag);
AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes,
@ -3037,14 +3062,20 @@ static int test_wolfSSL_CTX_SetMinVersion(void)
#ifndef NO_OLD_TLS
const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1,
WOLFSSL_TLSV1_2 };
#else
#elif !defined(WOLFSSL_NO_TLS12)
const int versions[] = { WOLFSSL_TLSV1_2 };
#elif defined(WOLFSSL_TLS13)
const int versions[] = { WOLFSSL_TLSV1_3 };
#endif
failFlag = WOLFSSL_SUCCESS;
AssertTrue(wolfSSL_Init());
#ifndef WOLFSSL_NO_TLS12
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
#else
ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
#endif
printf(testingFmt, "wolfSSL_CTX_SetMinVersion()");
@ -3083,7 +3114,11 @@ static int test_wolfSSL_UseOCSPStapling(void)
WOLFSSL* ssl;
wolfSSL_Init();
#ifndef WOLFSSL_NO_TLS12
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
#else
ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
#endif
ssl = wolfSSL_new(ctx);
printf(testingFmt, "wolfSSL_UseOCSPStapling()");
@ -3123,7 +3158,11 @@ static int test_wolfSSL_UseOCSPStaplingV2 (void)
WOLFSSL* ssl;
wolfSSL_Init();
#ifndef WOLFSSL_NO_TLS12
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
#else
ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
#endif
ssl = wolfSSL_new(ctx);
printf(testingFmt, "wolfSSL_UseOCSPStaplingV2()");
@ -15682,7 +15721,11 @@ static void test_wolfSSL_PEM_PrivateKey(void)
SSL_CTX* ctx;
char passwd[] = "bad password";
#ifndef WOLFSSL_NO_TLS12
AssertNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method()));
#else
AssertNotNull(ctx = SSL_CTX_new(TLSv1_3_server_method()));
#endif
AssertNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb"));
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
@ -15719,7 +15762,11 @@ static void test_wolfSSL_PEM_PrivateKey(void)
XFILE f;
SSL_CTX* ctx;
#ifndef WOLFSSL_NO_TLS12
AssertNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method()));
#else
AssertNotNull(ctx = SSL_CTX_new(TLSv1_3_server_method()));
#endif
AssertNotNull(f = XFOPEN("./certs/ecc-key.der", "rb"));
bytes = XFREAD(buf, 1, sizeof(buf), f);
@ -16021,7 +16068,8 @@ static void test_wolfSSL_ERR_peek_last_error_line(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
!defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES)
!defined(NO_OLD_TLS) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_IO_TESTS_DEPENDENCIES)
tcp_ready ready;
func_args client_args;
func_args server_args;
@ -16577,7 +16625,7 @@ static void msg_cb(int write_p, int version, int content_type,
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
!defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES)
defined(HAVE_IO_TESTS_DEPENDENCIES)
#ifndef SINGLE_THREADED
static int msgCb(SSL_CTX *ctx, SSL *ssl)
{
@ -16597,7 +16645,7 @@ static void test_wolfSSL_msgCb(void)
{
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \
!defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \
!defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES)
defined(HAVE_IO_TESTS_DEPENDENCIES)
tcp_ready ready;
func_args client_args;
@ -16622,8 +16670,13 @@ static void test_wolfSSL_msgCb(void)
XMEMSET(&client_cb, 0, sizeof(callback_functions));
XMEMSET(&server_cb, 0, sizeof(callback_functions));
#ifndef WOLFSSL_NO_TLS12
client_cb.method = wolfTLSv1_2_client_method;
server_cb.method = wolfTLSv1_2_server_method;
#else
client_cb.method = wolfTLSv1_3_client_method;
server_cb.method = wolfTLSv1_3_server_method;
#endif
server_args.signal = &ready;
server_args.callbacks = &server_cb;
@ -18696,10 +18749,12 @@ static char earlyDataBuffer[1];
static int test_tls13_apis(void)
{
int ret = 0;
#ifndef WOLFSSL_NO_TLS12
WOLFSSL_CTX* clientTls12Ctx;
WOLFSSL* clientTls12Ssl;
WOLFSSL_CTX* serverTls12Ctx;
WOLFSSL* serverTls12Ssl;
#endif
WOLFSSL_CTX* clientCtx;
WOLFSSL* clientSsl;
WOLFSSL_CTX* serverCtx;
@ -18714,6 +18769,7 @@ static int test_tls13_apis(void)
int groups[1] = { WOLFSSL_ECC_X25519 };
int numGroups = 1;
#ifndef WOLFSSL_NO_TLS12
clientTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
clientTls12Ssl = wolfSSL_new(clientTls12Ctx);
serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method());
@ -18722,6 +18778,7 @@ static int test_tls13_apis(void)
wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM);
#endif
serverTls12Ssl = wolfSSL_new(serverTls12Ctx);
#endif
clientCtx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());
clientSsl = wolfSSL_new(clientCtx);
@ -18735,7 +18792,9 @@ static int test_tls13_apis(void)
#ifdef WOLFSSL_SEND_HRR_COOKIE
AssertIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)),
@ -18746,88 +18805,116 @@ static int test_tls13_apis(void)
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
#endif
AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
WOLFSSL_SUCCESS);
#elif defined(HAVE_CURVE25519)
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519),
WOLFSSL_SUCCESS);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519),
WOLFSSL_SUCCESS);
#endif
AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519),
WOLFSSL_SUCCESS);
#else
AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1),
NOT_COMPILED_IN);
#endif
AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1),
NOT_COMPILED_IN);
#endif
AssertIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS);
#endif
AssertIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS);
AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0);
AssertIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0);
AssertIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0);
AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0);
AssertIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0);
AssertIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0);
AssertIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR);
AssertIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR);
#if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0);
AssertIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0);
AssertIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_request_certificate(serverTls12Ssl),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR);
#endif
#ifndef WOLFSSL_NO_SERVER_GROUPS_EXT
AssertIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR);
#endif
AssertIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups,
WOLFSSL_MAX_GROUP_COUNT + 1),
BAD_FUNC_ARG);
@ -18839,8 +18926,10 @@ static int test_tls13_apis(void)
AssertIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_set_groups(clientSsl, groups,
WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups),
@ -18851,13 +18940,17 @@ static int test_tls13_apis(void)
#ifdef WOLFSSL_EARLY_DATA
AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 0), 0);
AssertIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG);
AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 0), SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 0), 0);
AssertIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData),
@ -18872,9 +18965,11 @@ static int test_tls13_apis(void)
AssertIntEQ(wolfSSL_write_early_data(serverSsl, earlyData,
sizeof(earlyData), &outSz),
SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData,
sizeof(earlyData), &outSz),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData,
sizeof(earlyData), &outSz),
WOLFSSL_FATAL_ERROR);
@ -18893,9 +18988,11 @@ static int test_tls13_apis(void)
AssertIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz),
SIDE_ERROR);
#ifndef WOLFSSL_NO_TLS12
AssertIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz),
BAD_FUNC_ARG);
#endif
AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer,
sizeof(earlyDataBuffer), &outSz),
WOLFSSL_FATAL_ERROR);
@ -18906,10 +19003,12 @@ static int test_tls13_apis(void)
wolfSSL_free(clientSsl);
wolfSSL_CTX_free(clientCtx);
#ifndef WOLFSSL_NO_TLS12
wolfSSL_free(serverTls12Ssl);
wolfSSL_CTX_free(serverTls12Ctx);
wolfSSL_free(clientTls12Ssl);
wolfSSL_CTX_free(clientTls12Ctx);
#endif
return ret;
}
@ -19037,12 +19136,20 @@ static void test_DhCallbacks(void)
/* set callbacks to use DH functions */
func_cb_client.ctx_ready = &test_dh_ctx_setup;
func_cb_client.ssl_ready = &test_dh_ssl_setup;
#ifndef WOLFSSL_NO_TLS12
func_cb_client.method = wolfTLSv1_2_client_method;
#else
func_cb_client.method = wolfTLSv1_3_client_method;
#endif
client_args.callbacks = &func_cb_client;
func_cb_server.ctx_ready = &test_dh_ctx_setup;
func_cb_server.ssl_ready = &test_dh_ssl_setup;
#ifndef WOLFSSL_NO_TLS12
func_cb_server.method = wolfTLSv1_2_server_method;
#else
func_cb_server.method = wolfTLSv1_3_server_method;
#endif
server_args.callbacks = &func_cb_server;
start_thread(test_server_nofail, &server_args, &serverThread);
@ -19084,12 +19191,20 @@ static void test_DhCallbacks(void)
/* set callbacks to use DH functions */
func_cb_client.ctx_ready = &test_dh_ctx_setup;
func_cb_client.ssl_ready = &test_dh_ssl_setup_fail;
#ifndef WOLFSSL_NO_TLS12
func_cb_client.method = wolfTLSv1_2_client_method;
#else
func_cb_client.method = wolfTLSv1_3_client_method;
#endif
client_args.callbacks = &func_cb_client;
func_cb_server.ctx_ready = &test_dh_ctx_setup;
func_cb_server.ssl_ready = &test_dh_ssl_setup_fail;
#ifndef WOLFSSL_NO_TLS12
func_cb_server.method = wolfTLSv1_2_server_method;
#else
func_cb_server.method = wolfTLSv1_3_server_method;
#endif
server_args.callbacks = &func_cb_server;
start_thread(test_server_nofail, &server_args, &serverThread);

3
tests/include.am
View File

@ -21,8 +21,11 @@ endif
EXTRA_DIST += tests/unit.h
EXTRA_DIST += tests/test.conf \
tests/test-tls13.conf \
tests/test-tls13-down.conf \
tests/test-tls13-ecc.conf \
tests/test-tls13-psk.conf \
tests/test-qsh.conf \
tests/test-psk.conf \
tests/test-psk-no-id.conf \
tests/test-dtls.conf \
tests/test-sctp.conf \

31
tests/suites.c
View File

@ -576,7 +576,7 @@ int SuiteTest(void)
(void)test_harness;
cipherSuiteCtx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
cipherSuiteCtx = wolfSSL_CTX_new(wolfSSLv23_client_method());
if (cipherSuiteCtx == NULL) {
printf("can't get cipher suite ctx\n");
exit(EXIT_FAILURE);
@ -634,6 +634,16 @@ int SuiteTest(void)
exit(EXIT_FAILURE);
}
#endif
#ifndef WOLFSSL_NO_TLS12
/* add TLSv13 downgrade tets */
strcpy(argv0[1], "tests/test-tls13-down.conf");
printf("starting TLSv13 Downgrade extra tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#endif
#if defined(HAVE_CURVE25519) && defined(HAVE_ED25519)
/* add ED25519 certificate cipher suite tests */
@ -692,15 +702,28 @@ int SuiteTest(void)
}
#endif
#ifndef NO_PSK
/* add psk extra suites */
strcpy(argv0[1], "tests/test-psk-no-id.conf");
printf("starting psk no identity extra cipher suite tests\n");
#ifndef WOLFSSL_NO_TLS12
/* add psk cipher suites */
strcpy(argv0[1], "tests/test-psk.conf");
printf("starting psk cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
args.return_code = EXIT_FAILURE;
goto exit;
}
#endif
#ifdef WOLFSSL_TLS13
/* add psk extra suites */
strcpy(argv0[1], "tests/test-tls13-psk.conf");
printf("starting TLS 1.3 psk no identity extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
args.return_code = EXIT_FAILURE;
goto exit;
}
#endif
#endif
#if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3)
/* test encrypted keys */

15
tests/test-psk.conf 100644
View File

@ -0,0 +1,15 @@
# server - standard PSK
-j
-l PSK-CHACHA20-POLY1305
# client- standard PSK
-s
-l PSK-CHACHA20-POLY1305
# server
-j
-l ECDHE-RSA-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305
# client
-l ECDHE-RSA-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305

43
tests/test-tls13-down.conf 100644
View File

@ -0,0 +1,43 @@
# server TLSv1.3 downgrade
-v d
-l TLS13-CHACHA20-POLY1305-SHA256
# client TLSv1.2
-v 3
# server TLSv1.2
-v 3
# client TLSv1.3 downgrade
-v d
# server TLSv1.3 downgrade
-v d
# client TLSv1.3 downgrade
-v d
# server TLSv1.3 downgrade but don't and resume
-v d
-r
# client TLSv1.3 downgrade but don't and resume
-v d
-r
# server TLSv1.3 downgrade and resume
-v d
-r
# client TLSv1.2 and resume
-v 3
-r
# server TLSv1.2 and resume
-v d
-r
# lcient TLSv1.3 downgrade and resume
-v 3
-r

31
tests/test-tls13-psk.conf 100644
View File

@ -0,0 +1,31 @@
# server TLSv1.3 PSK
-v 4
-s
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 PSK
-v 4
-s
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK
-v 4
-j
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 PSK
-v 4
-s
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK
-v 4
-j
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 not-PSK
-v 4
-l TLS13-AES128-GCM-SHA256

122
tests/test-tls13.conf
View File

@ -38,6 +38,37 @@
-v 4
-l TLS13-AES128-CCM-8-SHA256
# server TLSv1.3 resumption
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# client TLSv1.3 resumption
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# server TLSv1.3 resumption - SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-r
# client TLSv1.3 resumption - SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-r
# server TLSv1.3 PSK without (EC)DHE
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# client TLSv1.3 PSK without (EC)DHE
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-K
# server TLSv1.3 accepting EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
@ -71,3 +102,94 @@
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 Fragments
-v 4
-l TLS13-AES128-GCM-SHA256
-F 1
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 HelloRetryRequest to negotiate Key Exchange algorithm
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# client TLSv1.3 HelloRetryRequest with cookie
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 no client certificate
-v 4
-l TLS13-AES128-GCM-SHA256
-x
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 DH key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-y
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 ECC key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-Y
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 ECC key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-Y
# server TLSv1.3 multiple cipher suites
-v 4
-l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
# client TLSv1.3
-v 4
# server TLSv1.3 KeyUpdate
-v 4
-l TLS13-AES128-GCM-SHA256
-U
# client TLSv1.3 KeyUpdate
-v 4
-l TLS13-AES128-GCM-SHA256
-I
# server TLSv1.3 Post-Handshake Authentication
-v 4
-l TLS13-AES128-GCM-SHA256
-Q
# client TLSv1.3 Post-Handshake Authentication
-v 4
-l TLS13-AES128-GCM-SHA256
-Q

8
wolfssl/test.h
View File

@ -220,11 +220,19 @@
#endif
#ifndef WOLFSSL_NO_TLS12
#define SERVER_DEFAULT_VERSION 3
#else
#define SERVER_DEFAULT_VERSION 4
#endif
#define SERVER_DTLS_DEFAULT_VERSION (-2)
#define SERVER_INVALID_VERSION (-99)
#define SERVER_DOWNGRADE_VERSION (-98)
#ifndef WOLFSSL_NO_TLS12
#define CLIENT_DEFAULT_VERSION 3
#else
#define CLIENT_DEFAULT_VERSION 4
#endif
#define CLIENT_DTLS_DEFAULT_VERSION (-2)
#define CLIENT_INVALID_VERSION (-99)
#define CLIENT_DOWNGRADE_VERSION (-98)