WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Remove default ticket cb as this will be added in another PR

pull/3646/head
Juliusz Sosinowicz 2021-02-10 11:49:49 +01:00
parent 89fd0b375b
commit d074e7443f
7 changed files with 88 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
examples/echoserver/echoserver.c
View File

@ -169,14 +169,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args)
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
if (TicketInit() != 0)
err_sys("unable to setup Session Ticket Key context");
#ifdef OPENSSL_EXTRA
/* In OpenSSL compat case, the compat layer handles the session
* tickets internally by default */
#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \
defined(HAVE_AESGCM))
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
#endif
#endif
#ifndef NO_FILESYSTEM
if (doPSK == 0) {

6
examples/server/server.c
View File

@ -1804,14 +1804,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
if (TicketInit() != 0)
err_sys_ex(catastrophic, "unable to setup Session Ticket Key context");
#ifdef OPENSSL_EXTRA
/* In OpenSSL compat case, the compat layer handles the session
* tickets internally by default */
#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \
defined(HAVE_AESGCM))
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
#endif
#endif
#if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_STATIC_EPHEMERAL)
/* used for testing only to set a static/fixed ephemeral key

135
src/internal.c
View File

@ -1673,123 +1673,6 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side)
}
#endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
defined(OPENSSL_EXTRA)
static int ctxInitTicket(WOLFSSL_CTX* ctx)
{
int ret = 0;
#if (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \
|| (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM))
WC_RNG rng;
ret = wc_InitRng(&rng);
if (ret != 0)
return ret;
ret = wc_RNG_GenerateBlock(&rng,
ctx->ticketCompatName, sizeof(ctx->ticketCompatName));
if (ret == 0)
ret = wc_RNG_GenerateBlock(&rng,
ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey));
wc_FreeRng(&rng);
#else
(void)ctx;
#endif
return ret;
}
static WC_INLINE int myTicketEncCbCompat(WOLFSSL* ssl,
byte key_name[WOLFSSL_TICKET_NAME_SZ],
byte iv[WOLFSSL_TICKET_IV_SZ],
byte mac[WOLFSSL_TICKET_MAC_SZ],
int enc, byte* ticket, int inLen, int* outLen,
void* userCtx) {
int ret;
word16 sLen = XHTONS(inLen);
byte aad[WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2];
byte* tmp = aad;
WOLFSSL_ENTER("myTicketEncCbCompat");
if (ssl == NULL || key_name == NULL || iv == NULL || mac == NULL
|| ticket == NULL || outLen == NULL)
return WOLFSSL_TICKET_RET_FATAL;
(void)userCtx;
if (enc) {
XMEMCPY(key_name, ssl->ctx->ticketCompatName, WOLFSSL_TICKET_NAME_SZ);
ret = wc_RNG_GenerateBlock(ssl->rng, iv, WOLFSSL_TICKET_IV_SZ);
if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
}
else {
/* see if we know this key */
if (XMEMCMP(key_name, ssl->ctx->ticketCompatName,
WOLFSSL_TICKET_NAME_SZ) != 0){
WOLFSSL_MSG("client presented unknown ticket key name");
return WOLFSSL_TICKET_RET_FATAL;
}
}
/* build aad from key name, iv, and length */
XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ);
tmp += WOLFSSL_TICKET_NAME_SZ;
XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ);
tmp += WOLFSSL_TICKET_IV_SZ;
XMEMCPY(tmp, &sLen, 2);
/* encrypt */
if (enc) {
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ret = wc_ChaCha20Poly1305_Encrypt(ssl->ctx->ticketCompatKey, iv,
aad, sizeof(aad), ticket, inLen, ticket, mac);
#elif !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
Aes aes;
ret = wc_AesInit(&aes, ssl->heap, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesGcmSetKey(&aes, ssl->ctx->ticketCompatKey, AES_256_KEY_SIZE);
if (ret == 0)
ret = wc_AesGcmEncrypt(&aes, ticket, ticket, inLen, iv,
WOLFSSL_TICKET_IV_SZ, mac, AES_BLOCK_SIZE,
aad, sizeof(aad));
wc_AesFree(&aes);
}
#else
WOLFSSL_MSG("Neither chacha20-poly1305 or aes-gcm available for "
"session ticket generation");
return WOLFSSL_TICKET_RET_FATAL;
#endif
}
/* decrypt */
else {
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
ret = wc_ChaCha20Poly1305_Decrypt(ssl->ctx->ticketCompatKey, iv,
aad, sizeof(aad), ticket, inLen, mac, ticket);
#elif !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256)
Aes aes;
ret = wc_AesInit(&aes, ssl->heap, INVALID_DEVID);
if (ret == 0) {
ret = wc_AesGcmSetKey(&aes, ssl->ctx->ticketCompatKey, AES_256_KEY_SIZE);
if (ret == 0)
ret = wc_AesGcmDecrypt(&aes, ticket, ticket, inLen, iv,
WOLFSSL_TICKET_IV_SZ, mac, AES_BLOCK_SIZE,
aad, sizeof(aad));
wc_AesFree(&aes);
}
#else
WOLFSSL_MSG("Neither chacha20-poly1305 or aes-gcm available for "
"session ticket decryption");
return WOLFSSL_TICKET_RET_FATAL;
#endif
}
if (ret != 0) return WOLFSSL_TICKET_RET_REJECT;
*outLen = inLen; /* no padding in this mode */
return WOLFSSL_TICKET_RET_OK;
}
#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER && OPENSSL_EXTRA */
/* Initialize SSL context, return 0 on success */
int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
{
@ -1942,19 +1825,6 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap)
ctx->ticketEncCtx = (void*)&ctx->ticketKeyCtx;
#endif
ctx->ticketHint = SESSION_TICKET_HINT_DEFAULT;
#ifdef OPENSSL_EXTRA
if (ret == 0)
ret = ctxInitTicket(ctx);
#if (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \
|| (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM))
/* No need for compat ticket init flag since below callback setter is
* only called when the above parameter generation has succeeded */
if (ret == 0 &&
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCbCompat)
!= WOLFSSL_SUCCESS)
ret = SESSION_SECRET_CB_E;
#endif
#endif
#endif
#ifdef HAVE_WOLF_EVENT
@ -2101,11 +1971,6 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx)
}
}
#endif /* WOLFSSL_STATIC_MEMORY */
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
defined(OPENSSL_EXTRA) && ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \
|| (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM)))
ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey));
#endif
}

6
src/ssl.c
View File

@ -15714,12 +15714,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
if (ctx->mask & SSL_OP_NO_TICKET) {
ctx->ticketEncCb = NULL;
ctx->ticketEncCtx = NULL;
XMEMSET(ctx->ticketCompatName, 0, WOLFSSL_TICKET_NAME_SZ);
#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \
defined(OPENSSL_EXTRA) && ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \
|| (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM)))
ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey));
#endif
WOLFSSL_MSG("\tSSL_OP_NO_TICKET");
}
#endif

82
tests/api.c
View File

@ -2605,6 +2605,75 @@ static int nonblocking_accept_read(void* args, WOLFSSL* ssl, SOCKET_T* sockfd)
}
#endif /* WOLFSSL_SESSION_EXPORT */
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) && \
defined(OPENSSL_EXTRA)
typedef struct openssl_key_ctx {
byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */
byte key[AES_256_KEY_SIZE]; /* cipher key */
byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */
byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */
} openssl_key_ctx;
static THREAD_LS_T openssl_key_ctx myOpenSSLKey_ctx;
static THREAD_LS_T WC_RNG myOpenSSLKey_rng;
static WC_INLINE int OpenSSLTicketInit(void)
{
int ret = wc_InitRng(&myOpenSSLKey_rng);
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.name,
sizeof(myOpenSSLKey_ctx.name));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.key,
sizeof(myOpenSSLKey_ctx.key));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.hmacKey,
sizeof(myOpenSSLKey_ctx.hmacKey));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.iv,
sizeof(myOpenSSLKey_ctx.iv));
if (ret != 0) return ret;
return 0;
}
static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl,
byte name[WOLFSSL_TICKET_NAME_SZ],
byte iv[WOLFSSL_TICKET_IV_SZ],
WOLFSSL_EVP_CIPHER_CTX *ectx,
WOLFSSL_HMAC_CTX *hctx, int enc) {
(void)ssl;
if (enc) {
XMEMCPY(name, myOpenSSLKey_ctx.name, sizeof(myOpenSSLKey_ctx.name));
XMEMCPY(iv, myOpenSSLKey_ctx.iv, sizeof(myOpenSSLKey_ctx.iv));
}
else if (XMEMCMP(name, myOpenSSLKey_ctx.name,
sizeof(myOpenSSLKey_ctx.name)) != 0 ||
XMEMCMP(iv, myOpenSSLKey_ctx.iv,
sizeof(myOpenSSLKey_ctx.iv)) != 0) {
return 0;
}
HMAC_Init_ex(hctx, myOpenSSLKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL);
if (enc)
EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv);
else
EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv);
return 1;
}
static WC_INLINE void OpenSSLTicketCleanup(void)
{
wc_FreeRng(&myOpenSSLKey_rng);
}
#endif
static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
{
SOCKET_T sockfd = 0;
@ -2646,12 +2715,13 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args)
ctx = wolfSSL_CTX_new(method);
}
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
TicketInit();
#ifdef OPENSSL_EXTRA
OpenSSLTicketInit();
wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbOpenSSL);
#else
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketInit();
wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb);
#endif
#endif
@ -2837,10 +2907,14 @@ done:
wc_ecc_fp_free(); /* free per thread cache */
#endif
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
#if defined(HAVE_SESSION_TICKET) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM))
#ifdef OPENSSL_EXTRA
OpenSSLTicketCleanup();
#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
TicketCleanup();
#endif
#endif
#ifndef WOLFSSL_TIRTOS
return 0;

2
wolfssl/internal.h
View File

@ -2935,11 +2935,9 @@ struct WOLFSSL_CTX {
#endif
#endif
#endif
#endif
#ifdef HAVE_SUPPORTED_CURVES
byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */
#endif
#endif
#ifdef ATOMIC_USER
CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */
CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */

74
wolfssl/test.h
View File

@ -3930,71 +3930,10 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num)
}
#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \
((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \
defined(HAVE_AESGCM))
static THREAD_LS_T WC_RNG myKey_rng;
static WC_INLINE void TicketCleanup(void)
{
wc_FreeRng(&myKey_rng);
}
#ifdef OPENSSL_EXTRA
typedef struct key_ctx {
byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */
byte key[AES_256_KEY_SIZE]; /* cipher key */
byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */
byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */
} key_ctx;
static THREAD_LS_T key_ctx myKey_ctx;
static WC_INLINE int TicketInit(void)
{
int ret = wc_InitRng(&myKey_rng);
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name, sizeof(myKey_ctx.name));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.hmacKey, sizeof(myKey_ctx.hmacKey));
if (ret != 0) return ret;
ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.iv,sizeof(myKey_ctx.iv));
if (ret != 0) return ret;
return 0;
}
static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl,
byte name[WOLFSSL_TICKET_NAME_SZ],
byte iv[WOLFSSL_TICKET_IV_SZ],
WOLFSSL_EVP_CIPHER_CTX *ectx,
WOLFSSL_HMAC_CTX *hctx, int enc) {
(void)ssl;
if (enc) {
XMEMCPY(name, myKey_ctx.name, sizeof(myKey_ctx.name));
XMEMCPY(iv, myKey_ctx.iv, sizeof(myKey_ctx.iv));
}
else if (XMEMCMP(name, myKey_ctx.name, sizeof(myKey_ctx.name)) != 0 ||
XMEMCMP(iv, myKey_ctx.iv, sizeof(myKey_ctx.iv)) != 0) {
return 0;
}
HMAC_Init_ex(hctx, myKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL);
if (enc)
EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myKey_ctx.key, iv);
else
EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myKey_ctx.key, iv);
return 1;
}
#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \
defined(HAVE_AESGCM))
#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305)
#include <wolfssl/wolfcrypt/chacha20_poly1305.h>
@ -4011,6 +3950,7 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num)
} key_ctx;
static THREAD_LS_T key_ctx myKey_ctx;
static THREAD_LS_T WC_RNG myKey_rng;
static WC_INLINE int TicketInit(void)
{
@ -4026,6 +3966,11 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num)
return 0;
}
static WC_INLINE void TicketCleanup(void)
{
wc_FreeRng(&myKey_rng);
}
static WC_INLINE int myTicketEncCb(WOLFSSL* ssl,
byte key_name[WOLFSSL_TICKET_NAME_SZ],
byte iv[WOLFSSL_TICKET_IV_SZ],
@ -4123,8 +4068,9 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num)
return WOLFSSL_TICKET_RET_OK;
}
#endif /* OPENSSL_EXTRA elif ((HAVE_CHACHA && HAVE_POLY1305) || HAVE_AESGCM) */
#endif /* HAVE_SESSION_TICKET */
#endif /* HAVE_SESSION_TICKET && ((HAVE_CHACHA && HAVE_POLY1305) || HAVE_AESGCM) */
static WC_INLINE word16 GetRandomPort(void)
{