feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #8487 from julek-wolfssl/zd/19391

Browse Source 
TLS EMS: Set haveEMS when we negotiate TLS 1.3
This commit is contained in:
David Garske
2025-04-09 08:27:33 -07:00
committed by GitHub
parent 6761dbb2ed ab64597b62
commit 099eaf582c
6 changed files with 172 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@@ -2591,6 +2591,7 @@ if(WOLFSSL_EXAMPLES)
tests/api/test_dtls.c tests/api/test_dtls.c
tests/api/test_ocsp.c tests/api/test_ocsp.c
tests/api/test_evp.c tests/api/test_evp.c
tests/api/test_tls_ext.c
tests/srp.c tests/srp.c
tests/suites.c tests/suites.c
tests/w64wrapper.c tests/w64wrapper.c

11
src/ssl_sess.c
View File

@@ -3561,7 +3561,16 @@ void SetupSession(WOLFSSL* ssl)
session->side = (byte)ssl->options.side; session->side = (byte)ssl->options.side;
if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL) if (!IsAtLeastTLSv1_3(ssl->version) && ssl->arrays != NULL)
XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN); XMEMCPY(session->masterSecret, ssl->arrays->masterSecret, SECRET_LEN);
session->haveEMS = ssl->options.haveEMS; /* RFC8446 Appendix D.
* implementations which support both TLS 1.3 and earlier versions SHOULD
* indicate the use of the Extended Master Secret extension in their APIs
* whenever TLS 1.3 is used.
* Set haveEMS so that we send the extension in subsequent connections that
* offer downgrades. */
if (IsAtLeastTLSv1_3(ssl->version))
session->haveEMS = 1;
else
session->haveEMS = ssl->options.haveEMS;
#ifdef WOLFSSL_SESSION_ID_CTX #ifdef WOLFSSL_SESSION_ID_CTX
/* If using compatibility layer then check for and copy over session context /* If using compatibility layer then check for and copy over session context
* id. */ * id. */

27
tests/api.c
View File

@@ -323,6 +323,7 @@
#include <tests/api/test_dtls.h> #include <tests/api/test_dtls.h>
#include <tests/api/test_ocsp.h> #include <tests/api/test_ocsp.h>
#include <tests/api/test_evp.h> #include <tests/api/test_evp.h>
#include <tests/api/test_tls_ext.h>
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \ #if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) && !defined(NO_TLS) && \
!defined(NO_RSA) && !defined(SINGLE_THREADED) && \ !defined(NO_RSA) && !defined(SINGLE_THREADED) && \
@@ -12864,31 +12865,6 @@ static int test_wolfSSL_set_alpn_protos(void)
#endif /* HAVE_ALPN_PROTOS_SUPPORT */ #endif /* HAVE_ALPN_PROTOS_SUPPORT */
static int test_wolfSSL_DisableExtendedMasterSecret(void)
{
EXPECT_DECLS;
#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(NULL));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(NULL));
/* success cases */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(ssl));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void) static int test_wolfSSL_wolfSSL_UseSecureRenegotiation(void)
{ {
EXPECT_DECLS; EXPECT_DECLS;
@@ -67648,6 +67624,7 @@ TEST_CASE testCases[] = {
/* Uses Assert in handshake callback. */ /* Uses Assert in handshake callback. */
TEST_DECL(test_wolfSSL_set_alpn_protos), TEST_DECL(test_wolfSSL_set_alpn_protos),
#endif #endif
TEST_DECL(test_tls_ems_downgrade),
TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret), TEST_DECL(test_wolfSSL_DisableExtendedMasterSecret),
TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation), TEST_DECL(test_wolfSSL_wolfSSL_UseSecureRenegotiation),
TEST_DECL(test_wolfSSL_SCR_Reconnect), TEST_DECL(test_wolfSSL_SCR_Reconnect),

2
tests/api/include.am
View File

@@ -52,6 +52,7 @@ tests_unit_test_SOURCES += tests/api/test_dtls.c
# TLS Feature # TLS Feature
tests_unit_test_SOURCES += tests/api/test_ocsp.c tests_unit_test_SOURCES += tests/api/test_ocsp.c
tests_unit_test_SOURCES += tests/api/test_evp.c tests_unit_test_SOURCES += tests/api/test_evp.c
tests_unit_test_SOURCES += tests/api/test_tls_ext.c
endif endif
EXTRA_DIST += tests/api/api.h EXTRA_DIST += tests/api/api.h
@@ -101,4 +102,5 @@ EXTRA_DIST += tests/api/test_ocsp.h
EXTRA_DIST += tests/api/test_ocsp_test_blobs.h EXTRA_DIST += tests/api/test_ocsp_test_blobs.h
EXTRA_DIST += tests/api/create_ocsp_test_blobs.py EXTRA_DIST += tests/api/create_ocsp_test_blobs.py
EXTRA_DIST += tests/api/test_evp.h EXTRA_DIST += tests/api/test_evp.h
EXTRA_DIST += tests/api/test_tls_ext.h

129
tests/api/test_tls_ext.c Normal file
View File

@@ -0,0 +1,129 @@
/* test_tls_ext.c
*
* Copyright (C) 2006-2025 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <tests/unit.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#endif
#include <wolfssl/internal.h>
#include <tests/utils.h>
#include <tests/api/test_tls_ext.h>
int test_tls_ems_downgrade(void)
{
EXPECT_DECLS;
#if defined(WOLFSSL_TLS13) && !defined(WOLFSSL_NO_TLS12) && \
defined(HAVE_MANUAL_MEMIO_TESTS_DEPENDENCIES) && \
defined(HAVE_SESSION_TICKET) && !defined(WOLFSSL_NO_DEF_TICKET_ENC_CB)
struct test_memio_ctx test_ctx;
WOLFSSL_CTX *ctx_c = NULL;
WOLFSSL_CTX *ctx_s = NULL;
WOLFSSL *ssl_c = NULL;
WOLFSSL *ssl_s = NULL;
WOLFSSL_SESSION* session = NULL;
/* TLS EMS extension in binary form */
const char ems_ext[] = { 0x00, 0x17, 0x00, 0x00 };
char data = 0;
XMEMSET(&test_ctx, 0, sizeof(test_ctx));
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLS_client_method, wolfTLS_server_method), 0);
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Verify that the EMS extension is present in Client's message */
ExpectNotNull(mymemmem(test_ctx.s_buff, test_ctx.s_len,
ems_ext, sizeof(ems_ext)));
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
ExpectIntEQ(wolfSSL_version(ssl_c), TLS1_3_VERSION);
/* Do a round of reads to exchange the ticket message */
ExpectIntEQ(wolfSSL_read(ssl_s, &data, sizeof(data)), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_s, -1), WOLFSSL_ERROR_WANT_READ);
ExpectIntEQ(wolfSSL_read(ssl_c, &data, sizeof(data)), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
ExpectNotNull(session = wolfSSL_get1_session(ssl_c));
ExpectTrue(session->haveEMS);
wolfSSL_free(ssl_c);
ssl_c = NULL;
wolfSSL_free(ssl_s);
ssl_s = NULL;
ExpectIntEQ(test_memio_setup(&test_ctx, &ctx_c, &ctx_s, &ssl_c, &ssl_s,
wolfTLS_client_method, wolfTLS_server_method), 0);
/* Resuming the connection */
ExpectIntEQ(wolfSSL_set_session(ssl_c, session), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_connect(ssl_c), -1);
ExpectIntEQ(wolfSSL_get_error(ssl_c, -1), WOLFSSL_ERROR_WANT_READ);
/* Verify that the EMS extension is still present in the resumption CH
* even though we used TLS 1.3 */
ExpectNotNull(mymemmem(test_ctx.s_buff, test_ctx.s_len,
ems_ext, sizeof(ems_ext)));
ExpectIntEQ(test_memio_do_handshake(ssl_c, ssl_s, 10, NULL), 0);
ExpectIntEQ(wolfSSL_version(ssl_c), TLS1_3_VERSION);
wolfSSL_SESSION_free(session);
wolfSSL_free(ssl_c);
wolfSSL_free(ssl_s);
wolfSSL_CTX_free(ctx_c);
wolfSSL_CTX_free(ctx_s);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_DisableExtendedMasterSecret(void)
{
EXPECT_DECLS;
#if defined(HAVE_EXTENDED_MASTER) && !defined(NO_WOLFSSL_CLIENT) && \
!defined(NO_TLS)
WOLFSSL_CTX *ctx = wolfSSL_CTX_new(wolfSSLv23_client_method());
WOLFSSL *ssl = wolfSSL_new(ctx);
ExpectNotNull(ctx);
ExpectNotNull(ssl);
/* error cases */
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(NULL));
ExpectIntNE(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(NULL));
/* success cases */
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_CTX_DisableExtendedMasterSecret(ctx));
ExpectIntEQ(WOLFSSL_SUCCESS, wolfSSL_DisableExtendedMasterSecret(ssl));
wolfSSL_free(ssl);
wolfSSL_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}

28
tests/api/test_tls_ext.h Normal file
View File

@@ -0,0 +1,28 @@
/* test_tls_ext.h
*
* Copyright (C) 2006-2025 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef TESTS_API_TEST_TLS_EMS_H
#define TESTS_API_TEST_TLS_EMS_H
int test_tls_ems_downgrade(void);
int test_wolfSSL_DisableExtendedMasterSecret(void);
#endif /* TESTS_API_TEST_TLS_EMS_H */