From 17e20b8c36a4ebd4f66d862b02f296ea63a8cb84 Mon Sep 17 00:00:00 2001
From: Sean Parkinson <sean@wolfssl.com>
Date: Mon, 13 Mar 2023 09:23:39 +1000
Subject: [PATCH] Server ID - long id, TLS 1.3 - cache client session for
 tickets

Long server IDs were being truncated. Hash long IDs instead.
TLS 1.3 session ticket on client side no longer added session to client
cache. Explicit call added.
---
 src/ssl.c          | 17 +++++++++++++++--
 src/tls13.c        | 12 ++++++++++++
 tests/api.c        | 12 ++++++++----
 wolfssl/internal.h |  6 +++++-
 4 files changed, 40 insertions(+), 7 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index 148e27c5f..78d71b7be 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -11495,12 +11495,25 @@ int wolfSSL_set_session(WOLFSSL* ssl, WOLFSSL_SESSION* session)
 int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
 {
     WOLFSSL_SESSION* session = NULL;
+    byte idHash[SERVER_ID_LEN];
 
     WOLFSSL_ENTER("wolfSSL_SetServerID");
 
     if (ssl == NULL || id == NULL || len <= 0)
         return BAD_FUNC_ARG;
 
+    if (len > SERVER_ID_LEN) {
+#if defined(NO_SHA) && !defined(NO_SHA256)
+        if (wc_Sha256Hash(id, len, idHash) != 0)
+            return WOLFSSL_FAILURE;
+#else
+        if (wc_ShaHash(id, len, idHash) != 0)
+            return WOLFSSL_FAILURE;
+#endif
+        id = idHash;
+        len = SERVER_ID_LEN;
+    }
+
     if (newSession == 0) {
         session = wolfSSL_GetSessionClient(ssl, id, len);
         if (session) {
@@ -11517,8 +11530,8 @@ int wolfSSL_SetServerID(WOLFSSL* ssl, const byte* id, int len, int newSession)
     if (session == NULL) {
         WOLFSSL_MSG("Valid ServerID not cached already");
 
-        ssl->session->idLen = (word16)min(SERVER_ID_LEN, (word32)len);
-        XMEMCPY(ssl->session->serverID, id, ssl->session->idLen);
+        ssl->session->idLen = (word16)len;
+        XMEMCPY(ssl->session->serverID, id, len);
     }
 #ifdef HAVE_EXT_CACHE
     else {
diff --git a/src/tls13.c b/src/tls13.c
index 78da84a58..fde5f78e5 100644
--- a/src/tls13.c
+++ b/src/tls13.c
@@ -10016,6 +10016,10 @@ static int DoTls13NewSessionTicket(WOLFSSL* ssl, const byte* input,
 #endif
     const byte* nonce;
     byte        nonceLength;
+#ifndef NO_SESSION_CACHE
+    const byte* id;
+    byte idSz;
+#endif
 
     WOLFSSL_START(WC_FUNC_NEW_SESSION_TICKET_DO);
     WOLFSSL_ENTER("DoTls13NewSessionTicket");
@@ -10113,6 +10117,14 @@ static int DoTls13NewSessionTicket(WOLFSSL* ssl, const byte* input,
 
     #ifndef NO_SESSION_CACHE
     AddSession(ssl);
+    id = ssl->session->sessionID;
+    idSz = ssl->session->sessionIDSz;
+    if (ssl->session->haveAltSessionID) {
+        id = ssl->session->altSessionID;
+        idSz = ID_LEN;
+    }
+    AddSessionToCache(ssl->ctx, ssl->session, id, idSz, NULL,
+        ssl->session->side, 1, &ssl->clientSession);
     #endif
 
     /* Always encrypted. */
diff --git a/tests/api.c b/tests/api.c
index bdc068bb1..1f221de73 100644
--- a/tests/api.c
+++ b/tests/api.c
@@ -42702,7 +42702,8 @@ static int clientSessRemCountFree = 0;
 static int serverSessRemCountFree = 0;
 static WOLFSSL_CTX* serverSessCtx = NULL;
 static WOLFSSL_SESSION* serverSess = NULL;
-#ifndef NO_SESSION_CACHE_REF
+#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
+        !defined(NO_SESSION_CACHE_REF)
 static WOLFSSL_CTX* clientSessCtx = NULL;
 static WOLFSSL_SESSION* clientSess = NULL;
 #endif
@@ -42744,7 +42745,8 @@ static void SessRemSslSetupCb(WOLFSSL* ssl)
     *mallocedData = SSL_is_server(ssl);
     if (!*mallocedData) {
         clientSessRemCountMalloc++;
-#ifndef NO_SESSION_CACHE_REF
+#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
+        !defined(NO_SESSION_CACHE_REF)
         AssertNotNull(clientSess = SSL_get1_session(ssl));
         AssertIntEQ(SSL_CTX_up_ref(clientSessCtx = SSL_get_SSL_CTX(ssl)),
                 SSL_SUCCESS);
@@ -42815,7 +42817,8 @@ static int test_wolfSSL_CTX_sess_set_remove_cb(void)
     /* Both should have been allocated */
     AssertIntEQ(clientSessRemCountMalloc, 1);
     AssertIntEQ(serverSessRemCountMalloc, 1);
-#ifdef NO_SESSION_CACHE_REF
+#if (!defined(WOLFSSL_TLS13) || !defined(HAVE_SESSION_TICKET)) && \
+        defined(NO_SESSION_CACHE_REF)
     /* Client session should not be added to cache so this should be free'd when
      * the SSL object was being free'd */
     AssertIntEQ(clientSessRemCountFree, 1);
@@ -42848,7 +42851,8 @@ static int test_wolfSSL_CTX_sess_set_remove_cb(void)
     /* Need to free the references that we kept */
     SSL_CTX_free(serverSessCtx);
     SSL_SESSION_free(serverSess);
-#ifndef NO_SESSION_CACHE_REF
+#if (defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)) || \
+        !defined(NO_SESSION_CACHE_REF)
     SSL_CTX_free(clientSessCtx);
     SSL_SESSION_free(clientSess);
 #endif
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index 902ed9475..67a1f456f 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -1449,7 +1449,11 @@ enum Misc {
     COMP_LEN     =  1,         /* compression length      */
     CURVE_LEN    =  2,         /* ecc named curve length  */
     KE_GROUP_LEN =  2,         /* key exchange group length */
-    SERVER_ID_LEN = 20,        /* server session id length  */
+#if defined(NO_SHA) && !defined(NO_SHA256)
+    SERVER_ID_LEN = WC_SHA256_DIGEST_SIZE,
+#else
+    SERVER_ID_LEN = WC_SHA_DIGEST_SIZE,
+#endif
 
     HANDSHAKE_HEADER_SZ   = 4,  /* type + length(3)        */
     RECORD_HEADER_SZ      = 5,  /* type + version + len(2) */