feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Add support for Encrypt-Then-MAC to TLS 1.2 and below

Browse Source 
An extension is used to indicate that ETM is to be used.
Only used when doing block ciphers - HMAC performed on encrypted data.
This commit is contained in:
Sean Parkinson
2019-08-22 09:33:38 +10:00
parent a49f447e47
commit 24e98dd05e
11 changed files with 1078 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
examples/client/client.c
View File

@ -940,7 +940,7 @@ static const char* client_usage_msg[][59] = {
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
"-W <num> Use OCSP Stapling (1 v1, 2 v2, 3 v2 multi)\n", /* 41 */
#endif
#ifdef ATOMIC_USER
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
"-U Atomic User Record Layer Callbacks\n", /* 42 */
#endif
#ifdef HAVE_PK_CALLBACKS
@ -959,41 +959,42 @@ static const char* client_usage_msg[][59] = {
"-q <file> Whitewood config file, defaults\n", /* 47 */
#endif
"-H <arg> Internal tests"
" [defCipherList, exitWithRet, verifyFail]\n", /* 48 */
" [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 48 */
" loadSSL, disallowETM]\n", /* 49 */
#ifdef WOLFSSL_TLS13
"-J Use HelloRetryRequest to choose group for KE\n", /* 49 */
"-K Key Exchange for PSK not using (EC)DHE\n", /* 50 */
"-I Update keys and IVs before sending data\n", /* 51 */
"-J Use HelloRetryRequest to choose group for KE\n", /* 50 */
"-K Key Exchange for PSK not using (EC)DHE\n", /* 51 */
"-I Update keys and IVs before sending data\n", /* 52 */
#ifndef NO_DH
"-y Key Share with FFDHE named groups only\n", /* 52 */
"-y Key Share with FFDHE named groups only\n", /* 53 */
#endif
#ifdef HAVE_ECC
"-Y Key Share with ECC named groups only\n", /* 53 */
"-Y Key Share with ECC named groups only\n", /* 54 */
#endif
#endif /* WOLFSSL_TLS13 */
#ifdef HAVE_CURVE25519
"-t Use X25519 for key exchange\n", /* 54 */
"-t Use X25519 for key exchange\n", /* 55 */
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
"-Q Support requesting certificate post-handshake\n", /* 55 */
"-Q Support requesting certificate post-handshake\n", /* 56 */
#endif
#ifdef WOLFSSL_EARLY_DATA
"-0 Early data sent to server (0-RTT handshake)\n", /* 56 */
"-0 Early data sent to server (0-RTT handshake)\n", /* 57 */
#endif
#ifdef WOLFSSL_MULTICAST
"-3 <grpid> Multicast, grpid < 256\n", /* 57 */
"-3 <grpid> Multicast, grpid < 256\n", /* 58 */
#endif
"-1 <num> Display a result by specified language.\n"
" 0: English, 1: Japanese\n", /* 58 */
" 0: English, 1: Japanese\n", /* 59 */
#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
"-2 Disable DH Prime check\n", /* 59 */
"-2 Disable DH Prime check\n", /* 60 */
#endif
#ifdef HAVE_SECURE_RENEGOTIATION
"-4 Use resumption for renegotiation\n", /* 60 */
"-4 Use resumption for renegotiation\n", /* 61 */
#endif
#ifdef HAVE_TRUSTED_CA
"-5 Use Trusted CA Key Indication\n", /* 61 */
"-5 Use Trusted CA Key Indication\n", /* 62 */
#endif
NULL,
},
@ -1099,7 +1100,7 @@ static const char* client_usage_msg[][59] = {
"-W <num> OCSP Staplingを使用する"
" (1 v1, 2 v2, 3 v2 multi)\n", /* 41 */
#endif
#ifdef ATOMIC_USER
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
"-U アトミック・ユーザー記録の"
"コールバックを利用する\n", /* 42 */
#endif
@ -1119,42 +1120,43 @@ static const char* client_usage_msg[][59] = {
"-q <file> Whitewood コンフィグファイル, 既定値\n", /* 47 */
#endif
"-H <arg> 内部テスト"
" [defCipherList, exitWithRet, verifyFail]\n", /* 48 */
" [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 48 */
" loadSSL, disallowETM]\n", /* 49 */
#ifdef WOLFSSL_TLS13
"-J HelloRetryRequestをKEのグループ選択に使用する\n", /* 49 */
"-K 鍵交換にPSKを使用、(EC)DHEは使用しない\n", /* 50 */
"-I データ送信前に、鍵とIVを更新する\n", /* 51 */
"-J HelloRetryRequestをKEのグループ選択に使用する\n", /* 50 */
"-K 鍵交換にPSKを使用、(EC)DHEは使用しない\n", /* 51 */
"-I データ送信前に、鍵とIVを更新する\n", /* 52 */
#ifndef NO_DH
"-y FFDHE名前付きグループとの鍵共有のみ\n", /* 52 */
"-y FFDHE名前付きグループとの鍵共有のみ\n", /* 53 */
#endif
#ifdef HAVE_ECC
"-Y ECC名前付きグループとの鍵共有のみ\n", /* 53 */
"-Y ECC名前付きグループとの鍵共有のみ\n", /* 54 */
#endif
#endif /* WOLFSSL_TLS13 */
#ifdef HAVE_CURVE25519
"-t X25519を鍵交換に使用する\n", /* 54 */
"-t X25519を鍵交換に使用する\n", /* 55 */
#endif
#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH)
"-Q ポストハンドシェークの証明要求をサポートする\n", /* 55 */
"-Q ポストハンドシェークの証明要求をサポートする\n", /* 56 */
#endif
#ifdef WOLFSSL_EARLY_DATA
"-0 Early data をサーバーへ送信する"
"0-RTTハンドシェイク\n", /* 56 */
"0-RTTハンドシェイク\n", /* 57 */
#endif
#ifdef WOLFSSL_MULTICAST
"-3 <grpid> マルチキャスト, grpid < 256\n", /* 57 */
"-3 <grpid> マルチキャスト, grpid < 256\n", /* 58 */
#endif
"-1 <num> 指定された言語で結果を表示します。\n"
" 0: 英語、 1: 日本語\n", /* 58 */
" 0: 英語、 1: 日本語\n", /* 59 */
#if !defined(NO_DH) && !defined(HAVE_FIPS) && \
!defined(HAVE_SELFTEST) && !defined(WOLFSSL_OLD_PRIME_CHECK)
"-2 DHプライム番号チェックを無効にする\n", /* 59 */
"-2 DHプライム番号チェックを無効にする\n", /* 60 */
#endif
#ifdef HAVE_SECURE_RENEGOTIATION
"-4 再交渉に再開を使用\n", /* 60 */
"-4 再交渉に再開を使用\n", /* 61 */
#endif
#ifdef HAVE_TRUSTED_CA
"-5 信頼できる認証局の鍵表示を使用する\n", /* 61 */
"-5 信頼できる認証局の鍵表示を使用する\n", /* 62 */
#endif
NULL,
},
@ -1258,7 +1260,7 @@ static void Usage(void)
|| defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
printf("%s", msg[++msgid]); /* -W */
#endif
#ifdef ATOMIC_USER
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
printf("%s", msg[++msgid]); /* -U */
#endif
#ifdef HAVE_PK_CALLBACKS
@ -1277,6 +1279,7 @@ static void Usage(void)
printf("%s %s\n", msg[++msgid], wnrConfig); /* -q */
#endif
printf("%s", msg[++msgid]); /* -H */
printf("%s", msg[++msgid]); /* more -H options */
#ifdef WOLFSSL_TLS13
printf("%s", msg[++msgid]); /* -J */
printf("%s", msg[++msgid]); /* -K */
@ -1439,6 +1442,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int exitWithRet = 0;
int loadCertKeyIntoSSLObj = 0;
#ifdef HAVE_ENCRYPT_THEN_MAC
int disallowETM = 0;
#endif
#ifdef HAVE_WNR
const char* wnrConfigFile = wnrConfig;
#endif
@ -1580,7 +1587,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
break;
case 'U' :
#ifdef ATOMIC_USER
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
atomicUser = 1;
#endif
break;
@ -1662,6 +1669,12 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("Certs turned off with NO_CERTS!\n");
#endif
}
else if (XSTRNCMP(myoptarg, "disallowETM", 7) == 0) {
printf("Disallow Enrypt-Then-MAC\n");
#ifdef HAVE_ENCRYPT_THEN_MAC
disallowETM = 1;
#endif
}
else {
Usage();
XEXIT_T(MY_EX_USAGE);
@ -2699,6 +2712,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
wolfSSL_SetEnableDhKeyTest(ssl, 0);
#endif
#ifdef HAVE_ENCRYPT_THEN_MAC
if (disallowETM)
wolfSSL_AllowEncryptThenMac(ssl, 0);
#endif
tcp_connect(&sockfd, host, port, dtlsUDP, dtlsSCTP, ssl);
if (wolfSSL_set_fd(ssl, sockfd) != WOLFSSL_SUCCESS) {
@ -2749,7 +2767,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
}
}
#endif
#ifdef ATOMIC_USER
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
if (atomicUser)
SetupAtomicUser(ctx, ssl);
#endif
@ -2973,7 +2991,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
if (wc_shutdown && ret == WOLFSSL_SHUTDOWN_NOT_DONE)
wolfSSL_shutdown(ssl); /* bidirectional shutdown */
}
#ifdef ATOMIC_USER
#if defined(ATOMIC_USER) && !defined(WOLFSSL_AEAD_ONLY)
if (atomicUser)
FreeAtomicUser(ssl);
#endif

72
examples/server/server.c
View File

@ -582,39 +582,40 @@ static const char* server_usage_msg[][49] = {
"-g Return basic HTML web page\n", /* 35 */
"-C <num> The number of connections to accept, default: 1\n",/* 36 */
"-H <arg> Internal tests"
" [defCipherList, exitWithRet, verifyFail]\n", /* 37 */
" [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 37 */
" loadSSL, disallowETM]\n", /* 38 */
#ifdef WOLFSSL_TLS13
"-U Update keys and IVs before sending\n", /* 38 */
"-K Key Exchange for PSK not using (EC)DHE\n", /* 39 */
"-U Update keys and IVs before sending\n", /* 39 */
"-K Key Exchange for PSK not using (EC)DHE\n", /* 40 */
#ifndef NO_DH
"-y Pre-generate Key Share using FFDHE_2048 only\n", /* 40 */
"-y Pre-generate Key Share using FFDHE_2048 only\n", /* 41 */
#endif
#ifdef HAVE_ECC
"-Y Pre-generate Key Share using P-256 only \n", /* 41 */
"-Y Pre-generate Key Share using P-256 only \n", /* 42 */
#endif
#ifdef HAVE_CURVE25519
"-t Pre-generate Key share using Curve25519 only\n", /* 42 */
"-t Pre-generate Key share using Curve25519 only\n", /* 43 */
#endif
#ifdef HAVE_SESSION_TICKET
"-T Do not generate session ticket\n", /* 43 */
"-T Do not generate session ticket\n", /* 44 */
#endif
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
"-Q Request certificate from client post-handshake\n", /* 44 */
"-Q Request certificate from client post-handshake\n", /* 45 */
#endif
#ifdef WOLFSSL_SEND_HRR_COOKIE
"-J Server sends Cookie Extension containing state\n", /* 45 */
"-J Server sends Cookie Extension containing state\n", /* 46 */
#endif
#endif /* WOLFSSL_TLS13 */
#ifdef WOLFSSL_EARLY_DATA
"-0 Early data read from client (0-RTT handshake)\n", /* 46 */
"-0 Early data read from client (0-RTT handshake)\n", /* 47 */
#endif
#ifdef WOLFSSL_MULTICAST
"-3 <grpid> Multicast, grpid < 256\n", /* 47 */
"-3 <grpid> Multicast, grpid < 256\n", /* 48 */
#endif
"-1 <num> Display a result by specified language."
"\n 0: English, 1: Japanese\n", /* 48 */
"\n 0: English, 1: Japanese\n", /* 49 */
#ifdef HAVE_TRUSTED_CA
"-5 Use Trusted CA Key Indication\n", /* 51 */
"-5 Use Trusted CA Key Indication\n", /* 52 */
#endif
NULL,
},
@ -698,41 +699,42 @@ static const char* server_usage_msg[][49] = {
"-g 基本的な Web ページを返す\n", /* 35 */
"-C <num> アクセプト可能な接続数を指定する。既定値: 1\n", /* 36 */
"-H <arg> 内部テスト"
" [defCipherList, exitWithRet, verifyFail]\n", /* 37 */
" [defCipherList, exitWithRet, verifyFail, useSupCurve,\n", /* 37 */
" loadSSL, disallowETM]\n", /* 38 */
#ifdef WOLFSSL_TLS13
"-U データ送信前に、鍵とIVを更新する\n", /* 38 */
"-K 鍵交換にPSKを使用、(EC)DHEは使用しない\n", /* 39 */
"-U データ送信前に、鍵とIVを更新する\n", /* 39 */
"-K 鍵交換にPSKを使用、(EC)DHEは使用しない\n", /* 40 */
#ifndef NO_DH
"-y FFDHE_2048のみを使用して鍵共有を事前生成する\n", /* 40 */
"-y FFDHE_2048のみを使用して鍵共有を事前生成する\n", /* 41 */
#endif
#ifdef HAVE_ECC
"-Y P-256のみを使用したキー共有の事前生成\n", /* 41 */
"-Y P-256のみを使用したキー共有の事前生成\n", /* 42 */
#endif
#ifdef HAVE_CURVE25519
"-t Curve25519のみを使用して鍵共有を事前生成する\n", /* 42 */
"-t Curve25519のみを使用して鍵共有を事前生成する\n", /* 43 */
#endif
#ifdef HAVE_SESSION_TICKET
"-T セッションチケットを生成しない\n", /* 43 */
"-T セッションチケットを生成しない\n", /* 44 */
#endif
#ifdef WOLFSSL_POST_HANDSHAKE_AUTH
"-Q クライアントのポストハンドシェイクから"
"証明書を要求する\n", /* 44 */
"証明書を要求する\n", /* 45 */
#endif
#ifdef WOLFSSL_SEND_HRR_COOKIE
"-J サーバーの状態を含むTLS Cookie 拡張を送信する\n", /* 45 */
"-J サーバーの状態を含むTLS Cookie 拡張を送信する\n", /* 46 */
#endif
#endif /* WOLFSSL_TLS13 */
#ifdef WOLFSSL_EARLY_DATA
"-0 クライアントからの Early Data 読み取り"
"0-RTTハンドシェイク\n", /* 46 */
"0-RTTハンドシェイク\n", /* 47 */
#endif
#ifdef WOLFSSL_MULTICAST
"-3 <grpid> マルチキャスト, grpid < 256\n", /* 47 */
"-3 <grpid> マルチキャスト, grpid < 256\n", /* 48 */
#endif
"-1 <num> 指定された言語で結果を表示します。"
"\n 0: 英語、 1: 日本語\n", /* 48 */
"\n 0: 英語、 1: 日本語\n", /* 49 */
#ifdef HAVE_TRUSTED_CA
"-5 信頼できる認証局の鍵表示を使用する\n", /* 51 */
"-5 信頼できる認証局の鍵表示を使用する\n", /* 52 */
#endif
NULL,
},
@ -812,7 +814,8 @@ static void Usage(void)
#endif
printf("%s", msg[++msgId]); /* -g */
printf("%s", msg[++msgId]); /* -C */
printf("%s", msg[++msgId]); /* -H */
printf("%s", msg[++msgId]); /* -H */
printf("%s", msg[++msgId]); /* more -H options */
#ifdef WOLFSSL_TLS13
printf("%s", msg[++msgId]); /* -U */
printf("%s", msg[++msgId]); /* -K */
@ -997,6 +1000,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
int exitWithRet = 0;
int loadCertKeyIntoSSLObj = 0;
#ifdef HAVE_ENCRYPT_THEN_MAC
int disallowETM = 0;
#endif
((func_args*)args)->return_code = -1; /* error state */
#ifdef NO_RSA
@ -1173,6 +1180,12 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
loadCertKeyIntoSSLObj = 1;
#endif
}
else if (XSTRNCMP(myoptarg, "disallowETM", 11) == 0) {
printf("Disallow Encrypt-Then-MAC\n");
#ifdef HAVE_ENCRYPT_THEN_MAC
disallowETM = 1;
#endif
}
else {
Usage();
XEXIT_T(MY_EX_USAGE);
@ -1979,6 +1992,11 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args)
}
#endif
#ifdef HAVE_ENCRYPT_THEN_MAC
if (disallowETM)
wolfSSL_AllowEncryptThenMac(ssl, 0);
#endif
/* do accept */
readySignal = ((func_args*)args)->signal;