From d8b58286d13284ed003e8c0a831ebeb61ffd3b19 Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Wed, 28 Oct 2020 11:47:31 +1000 Subject: [PATCH] TLS 1.3: PSK only Support building with only TLS 1.3 and PSK without code for (EC)DHE and certificates. Minimise build size for this configuration. --- configure.ac | 36 +++++- examples/client/client.c | 51 ++++++-- examples/echoclient/echoclient.c | 13 +- examples/echoserver/echoserver.c | 13 +- examples/server/server.c | 13 +- scripts/openssl.test | 132 +++++++++++-------- src/internal.c | 11 +- src/ssl.c | 18 +-- src/tls.c | 209 +++++++++++++++++++------------ src/tls13.c | 60 ++++----- tests/api.c | 6 + tests/suites.c | 23 ++++ wolfcrypt/src/wc_encrypt.c | 4 +- wolfssl/internal.h | 6 +- 14 files changed, 398 insertions(+), 197 deletions(-) diff --git a/configure.ac b/configure.ac index 8f277be6f..de78dffff 100644 --- a/configure.ac +++ b/configure.ac @@ -131,6 +131,11 @@ AS_IF([test "$ax_enable_debug" = "yes"], [AM_CFLAGS="$AM_CFLAGS -DNDEBUG"]) +# Start without certificates enabled and enable if a certificate algorithm is +# enabled +ENABLED_CERTS="no" + + # FIPS AC_ARG_ENABLE([fips], @@ -933,7 +938,7 @@ then AM_CFLAGS="$AM_CFLAGS -DHAVE_EXT_CACHE" AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_EITHER_SIDE" AM_CFLAGS="$AM_CFLAGS -DOPENSSL_EXTRA_X509_SMALL" - + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_PUBLIC_MP" AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_DER_LOAD" AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER" @@ -963,7 +968,7 @@ AC_ARG_ENABLE([leanpsk], if test "$ENABLED_LEANPSK" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANPSK -DWOLFSSL_STATIC_PSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_DEV_RANDOM -DWOLFSSL_USER_IO -DNO_SHA" + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_LEANPSK -DWOLFSSL_STATIC_PSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_PWDBASED -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_DEV_RANDOM -DWOLFSSL_USER_IO -DNO_SHA" ENABLED_SLOWMATH="no" ENABLED_SINGLETHREADED="yes" enable_lowresource=yes @@ -1808,6 +1813,8 @@ fi if test "$ENABLED_DSA" = "no" && test "$ENABLED_OPENSSH" = "no" then AM_CFLAGS="$AM_CFLAGS -DNO_DSA" +else + ENABLED_CERTS=yes fi # ECC Shamir @@ -1848,6 +1855,8 @@ then then AM_CFLAGS="$AM_CFLAGS -DWC_ECC_NONBLOCK" fi + + ENABLED_CERTS=yes fi @@ -1974,6 +1983,8 @@ then ENABLED_FEMATH=yes ENABLED_GEMATH=yes AM_CFLAGS="$AM_CFLAGS -DHAVE_ED25519" + + ENABLED_CERTS=yes fi @@ -2035,6 +2046,8 @@ then # EdDSA448 requires SHAKE256 which requires SHA-3 ENABLED_SHAKE3=yes ENABLED_SHAKE256=yes + + ENABLED_CERTS=yes fi @@ -2376,6 +2389,8 @@ else then AM_CFLAGS="$AM_CFLAGS -DNO_RSA" ENABLED_RSA=no + else + ENABLED_CERTS=yes fi fi @@ -2501,7 +2516,7 @@ AC_ARG_ENABLE([asn], if test "$ENABLED_ASN" = "no" then - AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS" + AM_CFLAGS="$AM_CFLAGS -DNO_ASN" if test "$ENABLED_DH" = "no" && test "$ENABLED_ECC" = "no" then # DH and ECC need bigint @@ -2511,7 +2526,7 @@ else # turn off ASN if leanpsk on if test "$ENABLED_LEANPSK" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT" + AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_BIG_INT" ENABLED_ASN=no else if test "$ENABLED_ASN" = "nocrypt" @@ -3535,7 +3550,7 @@ then fi # TLS 1.3 Requires either ECC or (RSA/DH), or CURVE25519/ED25519 or CURVE448/ED448 -if test "x$ENABLED_ECC" = "xno" && \ +if test "x$ENABLED_PSK" = "xno" && test "x$ENABLED_ECC" = "xno" && \ (test "x$ENABLED_RSA" = "xno" || test "x$ENABLED_DH" = "xno") && \ (test "x$ENABLED_CURVE25519" = "xno" || test "x$ENABLED_ED25519" = "xno") && \ (test "x$ENABLED_CURVE448" = "xno" || test "x$ENABLED_ED448" = "xno") @@ -3543,9 +3558,14 @@ then # disable TLS 1.3 ENABLED_TLS13=no fi +if test "$ENABLED_TLS13" = "yes" && (test "x$ENABLED_ECC" = "xyes" || \ + test "x$ENABLED_DH" = "xyes") +then + AM_CFLAGS="-DHAVE_SUPPORTED_CURVES $AM_CFLAGS" +fi if test "$ENABLED_TLS13" = "yes" then - AM_CFLAGS="-DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES $AM_CFLAGS" + AM_CFLAGS="-DWOLFSSL_TLS13 -DHAVE_TLS_EXTENSIONS $AM_CFLAGS" fi @@ -5572,6 +5592,10 @@ if test "x$ENABLED_OPENSSLCOEXIST" = "xyes"; then AC_MSG_ERROR([Cannot use --enable-opensslcoexist with --enable-opensslextra]) fi fi + +if test "x$ENABLED_CERTS" = "xno" || test "x$ENABLED_LEANPSK" = "xyes" || test "x$ENABLED_ASN" = "xno"; then + AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS" +fi ################################################################################ # USER SETTINGS diff --git a/examples/client/client.c b/examples/client/client.c index 23c8214df..730081d93 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -273,7 +273,7 @@ static void ShowVersions(void) printf("\n"); } -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #define MAX_GROUP_NUMBER 4 static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, int useX448) @@ -443,7 +443,7 @@ static int ClientBenchmarkConnections(WOLFSSL_CTX* ctx, char* host, word16 port, if (benchResume) wolfSSL_set_session(ssl, benchSession); #endif - #ifdef WOLFSSL_TLS13 + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) else if (version >= 4) { if (!helloRetry) SetKeyShare(ssl, onlyKeyShare, useX25519, useX448); @@ -546,7 +546,7 @@ static int ClientBenchmarkThroughput(WOLFSSL_CTX* ctx, char* host, word16 port, (void)useX25519; (void)useX448; - #ifdef WOLFSSL_TLS13 + #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) #ifdef HAVE_CURVE25519 if (useX25519) { if (wolfSSL_UseKeyShare(ssl, WOLFSSL_ECC_X25519) @@ -983,9 +983,11 @@ static const char* client_usage_msg[][66] = { " SSLv3(0) - TLS1.3(4)\n", /* 7 */ #endif "-l Cipher suite list (: delimited)\n", /* 8 */ +#ifndef NO_CERTS "-c Certificate file, default", /* 9 */ "-k Key file, default", /* 10 */ "-A Certificate Authority file, default", /* 11 */ +#endif #ifndef NO_DH "-Z Minimum DH key bits, default", /* 12 */ #endif @@ -1009,7 +1011,9 @@ static const char* client_usage_msg[][66] = { "-G Use SCTP DTLS," " add -v 2 for DTLSv1, -v 3 for DTLSv1.2 (default)\n", /* 22 */ #endif +#ifndef NO_CERTS "-m Match domain name in cert\n", /* 23 */ +#endif "-N Use Non-blocking sockets\n", /* 24 */ #ifndef NO_SESSION_CACHE "-r Resume session\n", /* 25 */ @@ -1025,7 +1029,9 @@ static const char* client_usage_msg[][66] = { " The string parameter is optional.\n", /* 29 */ #endif "-f Fewer packets/group messages\n", /* 30 */ +#ifndef NO_CERTS "-x Disable client cert/key loading\n", /* 31 */ +#endif "-X Driven by eXternal test case\n", /* 32 */ "-j Use verify callback override\n", /* 33 */ #ifdef SHOW_SIZES @@ -1153,9 +1159,11 @@ static const char* client_usage_msg[][66] = { " TLS1.3(4)\n", /* 7 */ #endif "-l 暗号スイートリスト (区切り文字 :)\n", /* 8 */ +#ifndef NO_CERTS "-c 証明書ファイル, 既定値", /* 9 */ "-k 鍵ファイル, 既定値", /* 10 */ "-A 認証局ファイル, 既定値", /* 11 */ +#endif #ifndef NO_DH "-Z 最小 DH 鍵 ビット, 既定値", /* 12 */ #endif @@ -1179,7 +1187,9 @@ static const char* client_usage_msg[][66] = { "-G SCTP DTLSを使用する。-v 2 を追加指定すると" " DTLSv1, -v 3 を追加指定すると DTLSv1.2 (既定値)\n", /* 22 */ #endif +#ifndef NO_CERTS "-m 証明書内のドメイン名一致を確認する\n", /* 23 */ +#endif "-N ノンブロッキング・ソケットを使用する\n", /* 24 */ #ifndef NO_SESSION_CACHE "-r セッションを継続する\n", /* 25 */ @@ -1192,7 +1202,9 @@ static const char* client_usage_msg[][66] = { "-i クライアント主導のネゴシエーションを強制する\n", /* 29 */ #endif "-f より少ないパケット/グループメッセージを使用する\n",/* 30 */ +#ifndef NO_CERTS "-x クライアントの証明書/鍵のロードを無効する\n", /* 31 */ +#endif "-X 外部テスト・ケースにより動作する\n", /* 32 */ "-j コールバック・オーバーライドの検証を使用する\n", /* 33 */ #ifdef SHOW_SIZES @@ -1326,9 +1338,11 @@ static void Usage(void) printf("%s", msg[++msgid]); /* -V */ #endif printf("%s", msg[++msgid]); /* -l */ +#ifndef NO_CERTS printf("%s %s\n", msg[++msgid], cliCertFile); /* -c */ printf("%s %s\n", msg[++msgid], cliKeyFile); /* -k */ printf("%s %s\n", msg[++msgid], caCertFile); /* -A */ +#endif #ifndef NO_DH printf("%s %d\n", msg[++msgid], DEFAULT_MIN_DHKEY_BITS); #endif @@ -1348,7 +1362,9 @@ static void Usage(void) #ifdef WOLFSSL_SCTP printf("%s", msg[++msgid]); /* -G */ #endif +#ifndef NO_CERTS printf("%s", msg[++msgid]); /* -m */ +#endif printf("%s", msg[++msgid]); /* -N */ #ifndef NO_SESSION_CACHE printf("%s", msg[++msgid]); /* -r */ @@ -1360,7 +1376,9 @@ static void Usage(void) printf("%s", msg[++msgid]); /* -i */ #endif printf("%s", msg[++msgid]); /* -f */ +#ifndef NO_CERTS printf("%s", msg[++msgid]); /* -x */ +#endif printf("%s", msg[++msgid]); /* -X */ printf("%s", msg[++msgid]); /* -j */ #ifdef SHOW_SIZES @@ -2041,13 +2059,15 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) break; case 'y' : - #if defined(WOLFSSL_TLS13) && !defined(NO_DH) + #if defined(WOLFSSL_TLS13) && \ + defined(HAVE_SUPPORTED_CURVES) && !defined(NO_DH) onlyKeyShare = 1; #endif break; case 'Y' : - #if defined(WOLFSSL_TLS13) && defined(HAVE_ECC) + #if defined(WOLFSSL_TLS13) && \ + defined(HAVE_SUPPORTED_CURVES) && defined(HAVE_ECC) onlyKeyShare = 2; #endif break; @@ -2061,7 +2081,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) useX25519 = 1; #ifdef HAVE_ECC useSupCurve = 1; - #ifdef WOLFSSL_TLS13 + #if defined(WOLFSSL_TLS13) && \ + defined(HAVE_SUPPORTED_CURVES) onlyKeyShare = 2; #endif #endif @@ -2121,7 +2142,8 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) useX448 = 1; #ifdef HAVE_ECC useSupCurve = 1; - #ifdef WOLFSSL_TLS13 + #if defined(WOLFSSL_TLS13) && \ + defined(HAVE_SUPPORTED_CURVES) onlyKeyShare = 2; #endif #endif @@ -2435,11 +2457,20 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (defaultCipherList == NULL) { #if defined(HAVE_AESGCM) && !defined(NO_DH) #ifdef WOLFSSL_TLS13 - defaultCipherList = "TLS13-AES128-GCM-SHA256:" - "DHE-PSK-AES128-GCM-SHA256:"; + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":DHE-PSK-AES128-GCM-SHA256" + #endif + ; #else defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; #endif + #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13) + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":PSK-AES128-GCM-SHA256" + #endif + ; #elif defined(HAVE_NULL_CIPHER) defaultCipherList = "PSK-NULL-SHA256"; #else @@ -2851,7 +2882,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) err_sys("error printing out memory stats"); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (!helloRetry) { #if defined(WOLFSSL_TLS13) && (!defined(NO_DH) || defined(HAVE_ECC) || \ defined(HAVE_CURVE25519) || defined(HAVE_CURVE448)) diff --git a/examples/echoclient/echoclient.c b/examples/echoclient/echoclient.c index 2b7dd269a..c9cdd13ea 100644 --- a/examples/echoclient/echoclient.c +++ b/examples/echoclient/echoclient.c @@ -181,11 +181,20 @@ void echoclient_test(void* args) defaultCipherList = "PSK-NULL-SHA256"; #elif defined(HAVE_AESGCM) && !defined(NO_DH) #ifdef WOLFSSL_TLS13 - defaultCipherList = "TLS13-AES128-GCM-SHA256:" - "DHE-PSK-AES128-GCM-SHA256:"; + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":DHE-PSK-AES128-GCM-SHA256" + #endif + ; #else defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; #endif + #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13) + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":DHE-PSK-AES128-GCM-SHA256" + #endif + ; #else defaultCipherList = "PSK-AES128-CBC-SHA256"; #endif diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 69877c063..b227e029d 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -265,11 +265,20 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) defaultCipherList = "PSK-NULL-SHA256"; #elif defined(HAVE_AESGCM) && !defined(NO_DH) #ifdef WOLFSSL_TLS13 - defaultCipherList = "TLS13-AES128-GCM-SHA256:" - "DHE-PSK-AES128-GCM-SHA256"; + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":DHE-PSK-AES128-GCM-SHA256" + #endif + ; #else defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; #endif + #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13) + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":PSK-AES128-GCM-SHA256" + #endif + ; #else defaultCipherList = "PSK-AES128-CBC-SHA256"; #endif diff --git a/examples/server/server.c b/examples/server/server.c index 344dca12f..94ac46123 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -1869,12 +1869,21 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) if (defaultCipherList == NULL && !usePskPlus) { #if defined(HAVE_AESGCM) && !defined(NO_DH) #ifdef WOLFSSL_TLS13 - defaultCipherList = "TLS13-AES128-GCM-SHA256:" - "DHE-PSK-AES128-GCM-SHA256"; + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":DHE-PSK-AES128-GCM-SHA256" + #endif + ; #else defaultCipherList = "DHE-PSK-AES128-GCM-SHA256"; #endif needDH = 1; + #elif defined(HAVE_AESGCM) && defined(WOLFSSL_TLS13) + defaultCipherList = "TLS13-AES128-GCM-SHA256" + #ifndef WOLFSSL_NO_TLS12 + ":PSK-AES128-GCM-SHA256" + #endif + ; #elif defined(HAVE_NULL_CIPHER) defaultCipherList = "PSK-NULL-SHA256"; #else diff --git a/scripts/openssl.test b/scripts/openssl.test index 059d9f551..9dab40590 100755 --- a/scripts/openssl.test +++ b/scripts/openssl.test @@ -133,11 +133,11 @@ start_openssl_server() { if [ "$cert_file" != "" ] then - echo "# " $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" - $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" & + echo "# " $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe + $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file -quiet -CAfile $ca_file -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe & else - echo "# " $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" - $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" & + echo "# " $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe + $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe & fi server_pid=$! # wait to see if s_server successfully starts before continuing @@ -438,52 +438,65 @@ IFS=$OIFS #restore separator # Start OpenSSL servers # -# Check if ECC certificates supported in wolfSSL -wolf_ecc=`$WOLFSSL_CLIENT -A ./certs/ed25519/ca-ecc-cert.pem 2>&1` -case $wolf_ecc in -*"ca file"*) - wolf_ecc="" - ;; -*) - ;; -esac -# Check if Ed25519 certificates supported in wolfSSL -wolf_ed25519=`$WOLFSSL_CLIENT -A ./certs/ed25519/root-ed25519.pem 2>&1` -case $wolf_ed25519 in -*"ca file"*) - wolf_ed25519="" - ;; -*) - ;; -esac -# Check if Ed25519 certificates supported in OpenSSL -openssl_ed25519=`$OPENSSL s_client -cert ./certs/ed25519/client-ed25519.pem -key ./certs/ed25519/client-ed25519-priv.pem 2>&1` -case $openssl_ed25519 in -*"unable to load"*) - wolf_ed25519="" - ;; -*) - ;; -esac -# Check if Ed448 certificates supported in wolfSSL -wolf_ed448=`$WOLFSSL_CLIENT -A ./certs/ed448/root-ed448.pem 2>&1` -case $wolf_ed448 in -*"ca file"*) - wolf_ed448="" - ;; -*) - ;; -esac -# Check if Ed448 certificates supported in OpenSSL -openssl_ed448=`$OPENSSL s_client -cert ./certs/ed448/client-ed448.pem -key ./certs/ed448/client-ed448-priv.pem 2>&1` -case $openssl_ed448 in -*"unable to load"*) - wolf_ed448="" +# Check for cerificate support in wolfSSL +wolf_certs=`$WOLFSSL_CLIENT -help 2>&1` +case $wolf_certs in +*"cert"*) ;; *) + wolf_certs="" ;; esac +if [ "$wolf_certs" != "" ] +then + # Check if ECC certificates supported in wolfSSL + wolf_ecc=`$WOLFSSL_CLIENT -A ./certs/ed25519/ca-ecc-cert.pem 2>&1` + case $wolf_ecc in + *"ca file"*) + wolf_ecc="" + ;; + *) + ;; + esac + # Check if Ed25519 certificates supported in wolfSSL + wolf_ed25519=`$WOLFSSL_CLIENT -A ./certs/ed25519/root-ed25519.pem 2>&1` + case $wolf_ed25519 in + *"ca file"*) + wolf_ed25519="" + ;; + *) + ;; + esac + # Check if Ed25519 certificates supported in OpenSSL + openssl_ed25519=`$OPENSSL s_client -cert ./certs/ed25519/client-ed25519.pem -key ./certs/ed25519/client-ed25519-priv.pem 2>&1` + case $openssl_ed25519 in + *"unable to load"*) + wolf_ed25519="" + ;; + *) + ;; + esac + # Check if Ed448 certificates supported in wolfSSL + wolf_ed448=`$WOLFSSL_CLIENT -A ./certs/ed448/root-ed448.pem 2>&1` + case $wolf_ed448 in + *"ca file"*) + wolf_ed448="" + ;; + *) + ;; + esac + # Check if Ed448 certificates supported in OpenSSL + openssl_ed448=`$OPENSSL s_client -cert ./certs/ed448/client-ed448.pem -key ./certs/ed448/client-ed448-priv.pem 2>&1` + case $openssl_ed448 in + *"unable to load"*) + wolf_ed448="" + ;; + *) + ;; + esac +fi + openssl_tls13=`$OPENSSL s_client -help 2>&1` case $openssl_tls13 in *no_tls1_3*) @@ -493,6 +506,17 @@ case $openssl_tls13 in ;; esac +# Not all openssl versions support -allow_no_dhe_kex +openssl_nodhe=`$OPENSSL s_client -help 2>&1` +case $openssl_nodhe in +*allow_no_dhe_kex*) + openssl_nodhe=-allow_no_dhe_kex + ;; +*) + openssl_nodhe= + ;; +esac + # Check suites to determine support in wolfSSL OIFS=$IFS # store old separator to reset IFS=$'\:' # set delimiter @@ -651,8 +675,7 @@ fi if [ "$wolf_tls13" != "" -a "$wolf_psk" != "" ] then - cert_file="./certs/server-cert.pem" - key_file="./certs/server-key.pem" + cert_file= psk_hex="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef" openssl_suite="TLSv1.3_PSK" @@ -1015,17 +1038,24 @@ do do_openssl_client fi # PSK - if [ "$wolf_psk" != "" -a $wolfSuite = "TLS13-AES128-GCM-SHA256" ] + if [ "$wolf_psk" != "" -a $wolfSuite = "TLS13-AES128-GCM-SHA256" -a "$wolf_ecc" != "" -a $openssl_nodhe != "" ] then - cert="./certs/client-cert.pem" - key="./certs/client-key.pem" - caCert="./certs/ca-cert.pem" + cert="" + key="" + caCert="" wolf_temp_cases_total=$((wolf_temp_cases_total + 1)) port=$tls13_psk_openssl_port psk="-s" + # OpenSSL doesn't support DH for key exchange so do no PSK + # DHE when ECC not supported + if [ "$wolf_ecc" = "" ] + then + adh="-K" + fi do_wolfssl_client psk="" + adh="" openssl_psk="-psk 0123456789abcdef0123456789abcdef" open_temp_cases_total=$((open_temp_cases_total + 1)) port=$wolfssl_port diff --git a/src/internal.c b/src/internal.c index 8b25c6f7a..a61dc0c05 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1782,6 +1782,10 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->maxEarlyDataSz = MAX_EARLY_DATA_SZ; #endif +#if defined(WOLFSSL_TLS13) && !defined(HAVE_SUPPORTED_CURVES) + ctx->noPskDheKe = 1; +#endif + ctx->heap = heap; /* wolfSSL_CTX_load_static_memory sets */ ctx->verifyDepth = MAX_CHAIN_DEPTH; @@ -15826,6 +15830,8 @@ int ProcessReply(WOLFSSL* ssl) } +#if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) || \ + (defined(WOLFSSL_TLS13) && defined(WOLFSSL_TLS13_MIDDLEBOX_COMPAT)) int SendChangeCipher(WOLFSSL* ssl) { byte *output; @@ -15918,6 +15924,7 @@ int SendChangeCipher(WOLFSSL* ssl) else return SendBuffered(ssl); } +#endif #if !defined(NO_OLD_TLS) && !defined(WOLFSSL_AEAD_ONLY) @@ -26855,13 +26862,15 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && - ssl->options.side == WOLFSSL_SERVER_END) { + ssl->options.side == WOLFSSL_SERVER_END) { + #ifdef HAVE_SUPPORTED_CURVES /* Try to establish a key share. */ int ret = TLSX_KeyShare_Establish(ssl); if (ret == KEY_SHARE_ERROR) ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; else if (ret != 0) return 0; + #endif } else if (first == TLS13_BYTE || (first == ECC_BYTE && (second == TLS_SHA256_SHA256 || second == TLS_SHA384_SHA384))) { diff --git a/src/ssl.c b/src/ssl.c index d90d30ef4..5b9513298 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -12072,6 +12072,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND"); FALL_THROUGH; + #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) case FIRST_REPLY_SECOND : #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_CLIENT_AUTH) if (ssl->options.sendVerify) { @@ -12119,7 +12120,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, FALL_THROUGH; case SECOND_REPLY_DONE: -#ifndef NO_HANDSHAKE_DONE_CB + #ifndef NO_HANDSHAKE_DONE_CB if (ssl->hsDoneCb) { int cbret = ssl->hsDoneCb(ssl, ssl->hsDoneCtx); if (cbret < 0) { @@ -12128,35 +12129,36 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, return WOLFSSL_FATAL_ERROR; } } -#endif /* NO_HANDSHAKE_DONE_CB */ + #endif /* NO_HANDSHAKE_DONE_CB */ if (!ssl->options.dtls) { if (!ssl->options.keepResources) { FreeHandshakeResources(ssl); } } -#ifdef WOLFSSL_DTLS + #ifdef WOLFSSL_DTLS else { ssl->options.dtlsHsRetain = 1; } -#endif /* WOLFSSL_DTLS */ + #endif /* WOLFSSL_DTLS */ -#if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_SECURE_RENEGOTIATION) + #if defined(WOLFSSL_ASYNC_CRYPT) && defined(HAVE_SECURE_RENEGOTIATION) /* This may be necessary in async so that we don't try to * renegotiate again */ if (ssl->secure_renegotiation && ssl->secure_renegotiation->startScr) { ssl->secure_renegotiation->startScr = 0; } -#endif /* WOLFSSL_ASYNC_CRYPT && HAVE_SECURE_RENEGOTIATION */ + #endif /* WOLFSSL_ASYNC_CRYPT && HAVE_SECURE_RENEGOTIATION */ WOLFSSL_LEAVE("SSL_connect()", WOLFSSL_SUCCESS); return WOLFSSL_SUCCESS; + #endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS */ default: WOLFSSL_MSG("Unknown connect state ERROR"); return WOLFSSL_FATAL_ERROR; /* unknown connect state */ } - #endif /* !WOLFSSL_NO_TLS12 */ + #endif /* !WOLFSSL_NO_TLS12 || !NO_OLD_TLS || !WOLFSSL_TLS13 */ } #endif /* NO_WOLFSSL_CLIENT */ @@ -32654,7 +32656,7 @@ const char* wolfSSL_EC_curve_nid2nist(int nid) return NULL; } -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) static int populate_groups(int* groups, int max_count, char *list) { char *end; diff --git a/src/tls.c b/src/tls.c index fa7c71113..a0a91989c 100644 --- a/src/tls.c +++ b/src/tls.c @@ -59,19 +59,11 @@ #endif #endif /* HAVE_QSH */ -#if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ - !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ - (defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)) +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) static int TLSX_KeyShare_IsSupported(int namedGroup); #endif -#if ((!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ - !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ - (defined(WOLFSSL_TLS13) && !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) \ - && !defined(HAVE_CURVE448) && defined(HAVE_SUPPORTED_CURVES)) || \ - ((defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ - defined(HAVE_CURVE448)) && defined(HAVE_SUPPORTED_CURVES))) && \ - defined(HAVE_TLS_EXTENSIONS) +#ifdef HAVE_SUPPORTED_CURVES static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions); #endif @@ -6193,7 +6185,7 @@ static int TLSX_SetSupportedVersions(TLSX** extensions, const void* data, #endif /* WOLFSSL_TLS13 */ -#if defined(WOLFSSL_TLS13) +#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) /******************************************************************************/ /* Cookie */ @@ -6359,7 +6351,7 @@ int TLSX_Cookie_Use(WOLFSSL* ssl, byte* data, word16 len, byte* mac, #define CKE_PARSE(a, b, c, d) 0 #endif -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) /******************************************************************************/ /* Signature Algorithms */ /******************************************************************************/ @@ -6495,7 +6487,7 @@ static int TLSX_SetSignatureAlgorithms(TLSX** extensions, const void* data, /* Signature Algorithms Certificate */ /******************************************************************************/ -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) /* Return the size of the SignatureAlgorithms extension's data. * * data Unused @@ -6589,7 +6581,7 @@ static int TLSX_SetSignatureAlgorithmsCert(TLSX** extensions, const void* data, /* Key Share */ /******************************************************************************/ -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) /* Create a key share entry using named Diffie-Hellman parameters group. * Generates a key pair. * @@ -9235,7 +9227,7 @@ void TLSX_FreeAll(TLSX* list, void* heap) case TLSX_APPLICATION_LAYER_PROTOCOL: ALPN_FREE_ALL((ALPN*)extension->data, heap); break; -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS: break; #endif @@ -9247,9 +9239,11 @@ void TLSX_FreeAll(TLSX* list, void* heap) case TLSX_SUPPORTED_VERSIONS: break; + #ifdef WOLFSSL_SEND_HRR_COOKIE case TLSX_COOKIE: CKE_FREE_ALL((Cookie*)extension->data, heap); break; + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) case TLSX_PRE_SHARED_KEY: @@ -9270,8 +9264,10 @@ void TLSX_FreeAll(TLSX* list, void* heap) break; #endif + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS_CERT: break; + #endif case TLSX_KEY_SHARE: KS_FREE_ALL((KeyShareEntry*)extension->data, heap); @@ -9373,7 +9369,7 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType, case TLSX_APPLICATION_LAYER_PROTOCOL: length += ALPN_GET_SIZE((ALPN*)extension->data); break; -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS: length += SA_GET_SIZE(extension->data); break; @@ -9388,9 +9384,11 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType, ret = SV_GET_SIZE(extension->data, msgType, &length); break; + #ifdef WOLFSSL_SEND_HRR_COOKIE case TLSX_COOKIE: ret = CKE_GET_SIZE((Cookie*)extension->data, msgType, &length); break; + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) case TLSX_PRE_SHARED_KEY: @@ -9415,9 +9413,11 @@ static int TLSX_GetSize(TLSX* list, byte* semaphore, byte msgType, break; #endif + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS_CERT: length += SAC_GET_SIZE(extension->data); break; + #endif case TLSX_KEY_SHARE: length += KS_GET_SIZE((KeyShareEntry*)extension->data, msgType); @@ -9543,7 +9543,7 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore, WOLFSSL_MSG("ALPN extension to write"); offset += ALPN_WRITE((ALPN*)extension->data, output + offset); break; -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS: WOLFSSL_MSG("Signature Algorithms extension to write"); offset += SA_WRITE(extension->data, output + offset); @@ -9561,11 +9561,13 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore, ret = SV_WRITE(extension->data, output + offset, msgType, &offset); break; + #ifdef WOLFSSL_SEND_HRR_COOKIE case TLSX_COOKIE: WOLFSSL_MSG("Cookie extension to write"); ret = CKE_WRITE((Cookie*)extension->data, output + offset, msgType, &offset); break; + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) case TLSX_PRE_SHARED_KEY: @@ -9596,10 +9598,12 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore, break; #endif + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS_CERT: WOLFSSL_MSG("Signature Algorithms extension to write"); offset += SAC_WRITE(extension->data, output + offset); break; + #endif case TLSX_KEY_SHARE: WOLFSSL_MSG("Key Share extension to write"); @@ -9813,12 +9817,7 @@ static byte* TLSX_QSHKeyFind_Pub(QSHKey* qsh, word16* pubLen, word16 name) } #endif /* HAVE_QSH */ -#if (!defined(NO_WOLFSSL_SERVER) && defined(WOLFSSL_TLS13) && \ - !defined(WOLFSSL_NO_SERVER_GROUPS_EXT)) || \ - (defined(WOLFSSL_TLS13) && !defined(HAVE_ECC) && !defined(HAVE_CURVE25519) \ - && !defined(HAVE_CURVE448) && defined(HAVE_SUPPORTED_CURVES)) || \ - ((defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \ - defined(HAVE_CURVE448)) && defined(HAVE_SUPPORTED_CURVES)) +#ifdef HAVE_SUPPORTED_CURVES /* Populates the default supported groups / curves */ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) @@ -9832,7 +9831,6 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) } #endif -#ifdef HAVE_SUPPORTED_CURVES if (ssl->numGroups != 0) { int i; for (i = 0; i < ssl->numGroups; i++) { @@ -9842,10 +9840,9 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) } return WOLFSSL_SUCCESS; } -#endif /* HAVE_SUPPORTED_CURVES */ #endif /* WOLFSSL_TLS13 */ -#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) +#if defined(HAVE_ECC) /* list in order by strength, since not all servers choose by strength */ #if (defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)) && ECC_MIN_KEY_SZ <= 521 #ifndef NO_ECC_SECP @@ -9873,7 +9870,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) if (ret != WOLFSSL_SUCCESS) return ret; #endif #endif -#endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ +#endif /* HAVE_ECC */ #ifndef HAVE_FIPS #if defined(HAVE_CURVE448) && ECC_MIN_KEY_SZ <= 448 @@ -9901,7 +9898,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) if (ret != WOLFSSL_SUCCESS) return ret; #endif #endif -#endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ +#endif /* HAVE_ECC */ #ifndef HAVE_FIPS #if defined(HAVE_CURVE25519) && ECC_MIN_KEY_SZ <= 256 @@ -9956,7 +9953,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) #endif #endif #endif /* HAVE_FIPS */ -#endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ +#endif /* HAVE_ECC */ /* Add FFDHE supported groups. */ #ifdef HAVE_FFDHE_8192 @@ -10011,7 +10008,7 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) return ret; } -#endif +#endif /* HAVE_SUPPORTED_CURVES */ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) { @@ -10133,7 +10130,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && HAVE_SUPPORTED_CURVES */ } /* is not server */ -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) WOLFSSL_MSG("Adding signature algorithms extension"); if ((ret = TLSX_SetSignatureAlgorithms(&ssl->extensions, ssl, ssl->heap)) != 0) { @@ -10160,8 +10157,9 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) return ret; ret = 0; } - #endif /* (HAVE_ECC || CURVE25519 || CURVE448) && HAVE_SUPPORTED_CURVES */ - + #endif /* !(HAVE_ECC || CURVE25519 || CURVE448) && HAVE_SUPPORTED_CURVES */ + + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) if (ssl->certHashSigAlgoSz > 0) { WOLFSSL_MSG("Adding signature algorithms cert extension"); if ((ret = TLSX_SetSignatureAlgorithmsCert(&ssl->extensions, @@ -10169,15 +10167,17 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) return ret; } } + #endif + #if defined(HAVE_SUPPORTED_CURVES) if (TLSX_Find(ssl->extensions, TLSX_KEY_SHARE) == NULL) { word16 namedGroup; - #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) if (ssl->options.resuming && ssl->session.namedGroup != 0) namedGroup = ssl->session.namedGroup; else - #endif + #endif { #if defined(HAVE_ECC) && (!defined(NO_ECC256) || \ defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 256 @@ -10192,24 +10192,25 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) #elif defined(HAVE_ECC) && (!defined(NO_ECC521) || \ defined(HAVE_ALL_CURVES)) && !defined(NO_ECC_SECP) && ECC_MIN_KEY_SZ <= 521 namedGroup = WOLFSSL_ECC_SECP521R1; - #elif defined(HAVE_FFDHE_2048) + #elif defined(HAVE_FFDHE_2048) namedGroup = WOLFSSL_FFDHE_2048; - #elif defined(HAVE_FFDHE_3072) + #elif defined(HAVE_FFDHE_3072) namedGroup = WOLFSSL_FFDHE_3072; - #elif defined(HAVE_FFDHE_4096) + #elif defined(HAVE_FFDHE_4096) namedGroup = WOLFSSL_FFDHE_4096; - #elif defined(HAVE_FFDHE_6144) + #elif defined(HAVE_FFDHE_6144) namedGroup = WOLFSSL_FFDHE_6144; - #elif defined(HAVE_FFDHE_8192) + #elif defined(HAVE_FFDHE_8192) namedGroup = WOLFSSL_FFDHE_8192; - #else + #else return KEY_SHARE_ERROR; - #endif + #endif } ret = TLSX_KeyShare_Use(ssl, namedGroup, 0, NULL, NULL); if (ret != 0) return ret; } + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TLSX_Remove(&ssl->extensions, TLSX_PRE_SHARED_KEY, ssl->heap); @@ -10272,7 +10273,6 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) return PSK_KEY_ERROR; } ssl->arrays->client_identity[MAX_PSK_ID_LEN] = '\0'; - /* TODO: Callback should be able to change ciphersuite. */ ssl->options.cipherSuite0 = cipherSuite0; ssl->options.cipherSuite = cipherSuite; ret = SetCipherSpecs(ssl); @@ -10343,27 +10343,31 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength) PF_VALIDATE_REQUEST(ssl, semaphore); QSH_VALIDATE_REQUEST(ssl, semaphore); WOLF_STK_VALIDATE_REQUEST(ssl); -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) if (ssl->suites->hashSigAlgoSz == 0) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); #endif #if defined(WOLFSSL_TLS13) if (!IsAtLeastTLSv1_2(ssl)) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) if (!IsAtLeastTLSv1_3(ssl->version)) { TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); - #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PSK_KEY_EXCHANGE_MODES)); - #endif - #ifdef WOLFSSL_EARLY_DATA + #endif + #ifdef WOLFSSL_EARLY_DATA TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA)); - #endif + #endif + #ifdef WOLFSSL_SEND_HRR_COOKIE TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); - #ifdef WOLFSSL_POST_HANDSHAKE_AUTH + #endif + #ifdef WOLFSSL_POST_HANDSHAKE_AUTH TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH)); - #endif + #endif } + #endif #endif #if defined(HAVE_CERTIFICATE_STATUS_REQUEST) \ || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) @@ -10380,7 +10384,7 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength) else if (msgType == certificate_request) { /* Don't send out any extension except those that are turned off. */ XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); #endif /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, @@ -10433,26 +10437,30 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset) PF_VALIDATE_REQUEST(ssl, semaphore); WOLF_STK_VALIDATE_REQUEST(ssl); QSH_VALIDATE_REQUEST(ssl, semaphore); -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) if (ssl->suites->hashSigAlgoSz == 0) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); #endif #ifdef WOLFSSL_TLS13 if (!IsAtLeastTLSv1_2(ssl)) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) if (!IsAtLeastTLSv1_3(ssl->version)) { TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); - #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PSK_KEY_EXCHANGE_MODES)); - #endif - #ifdef WOLFSSL_EARLY_DATA + #endif + #ifdef WOLFSSL_EARLY_DATA TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EARLY_DATA)); - #endif + #endif + #ifdef WOLFSSL_SEND_HRR_COOKIE TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); - #ifdef WOLFSSL_POST_HANDSHAKE_AUTH + #endif + #ifdef WOLFSSL_POST_HANDSHAKE_AUTH TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_POST_HANDSHAKE_AUTH)); - #endif + #endif } + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) /* Must write Pre-shared Key extension at the end in TLS v1.3. * Must not write out Pre-shared Key extension in earlier versions of @@ -10475,7 +10483,7 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset) else if (msgType == certificate_request) { /* Don't send out any extension except those that are turned off. */ XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); #endif /* TODO: TLSX_SIGNED_CERTIFICATE_TIMESTAMP, @@ -10550,18 +10558,24 @@ int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType, word16* pLength) XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #ifdef HAVE_SUPPORTED_CURVES if (!ssl->options.noPskDheKe) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); #endif } + #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) else { + #ifdef HAVE_SUPPORTED_CURVES TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); - #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #endif + #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); - #endif + #endif } + #endif #endif break; @@ -10569,19 +10583,29 @@ int TLSX_GetResponseSize(WOLFSSL* ssl, byte msgType, word16* pLength) case hello_retry_request: XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #ifdef HAVE_SUPPORTED_CURVES if (!ssl->options.noPskDheKe) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); + #endif + #ifdef WOLFSSL_SEND_HRR_COOKIE TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); + #endif break; #endif #ifdef WOLFSSL_TLS13 case encrypted_extensions: /* Send out all extension except those that are turned on. */ + #ifdef HAVE_ECC TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); + #endif TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #ifdef HAVE_SESSION_TICKET TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); + #endif + #ifdef HAVE_SUPPORTED_CURVES TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); #endif @@ -10671,18 +10695,24 @@ int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #ifdef HAVE_SUPPORTED_CURVES if (!ssl->options.noPskDheKe) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); - #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #endif + #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); - #endif + #endif } + #if !defined(WOLFSSL_NO_TLS12) || !defined(NO_OLD_TLS) else { + #ifdef HAVE_SUPPORTED_CURVES TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); - #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) + #endif + #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); - #endif + #endif } + #endif #endif break; @@ -10690,8 +10720,10 @@ int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset case hello_retry_request: XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #ifdef HAVE_SUPPORTED_CURVES if (!ssl->options.noPskDheKe) TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); + #endif /* Cookie is written below as last extension. */ break; #endif @@ -10699,10 +10731,16 @@ int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset #ifdef WOLFSSL_TLS13 case encrypted_extensions: /* Send out all extension except those that are turned on. */ + #ifdef HAVE_ECC TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS)); + #endif TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); + #ifdef HAVE_SESSION_TICKET TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SESSION_TICKET)); + #endif + #ifdef HAVE_SUPPORTED_CURVES TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); #endif @@ -10750,7 +10788,7 @@ int TLSX_WriteResponse(WOLFSSL *ssl, byte* output, byte msgType, word16* pOffset if (ret != 0) return ret; -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_SEND_HRR_COOKIE) if (msgType == hello_retry_request) { XMEMSET(semaphore, 0xff, SEMAPHORE_SIZE); TURN_OFF(semaphore, TLSX_ToSemaphore(TLSX_COOKIE)); @@ -10875,7 +10913,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SNI) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != server_hello && @@ -10896,7 +10934,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_TRUSTED_CA) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != encrypted_extensions) { @@ -10912,7 +10950,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_MAX_FRAGMENT) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != encrypted_extensions) { @@ -10932,7 +10970,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_TRUNCATED_HMAC) if (IsAtLeastTLSv1_3(ssl->version)) break; #endif @@ -10945,7 +10983,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != server_hello && @@ -10966,7 +11004,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (IsAtLeastTLSv1_3(ssl->version)) break; #endif @@ -10979,7 +11017,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif - #ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != certificate_request && @@ -10996,7 +11034,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != certificate_request && @@ -11014,7 +11052,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) if (IsAtLeastTLSv1_3(ssl->version)) break; #endif @@ -11035,7 +11073,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SECURE_RENEGOTIATION) if (IsAtLeastTLSv1_3(ssl->version)) break; #endif @@ -11048,7 +11086,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello) { return EXT_NOT_ALLOWED; @@ -11063,7 +11101,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_QSH) if (IsAtLeastTLSv1_3(ssl->version)) break; #endif @@ -11077,7 +11115,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif -#ifdef WOLFSSL_TLS13 +#if defined(WOLFSSL_TLS13) && defined(HAVE_ALPN) if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != server_hello && @@ -11091,7 +11129,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #endif ret = ALPN_PARSE(ssl, input + offset, size, isRequest); break; -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS: WOLFSSL_MSG("Signature Algorithms extension received"); #ifdef WOLFSSL_DEBUG_TLS @@ -11100,13 +11138,13 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, if (!IsAtLeastTLSv1_2(ssl)) break; -#ifdef WOLFSSL_TLS13 + #ifdef WOLFSSL_TLS13 if (IsAtLeastTLSv1_3(ssl->version) && msgType != client_hello && msgType != certificate_request) { return EXT_NOT_ALLOWED; } -#endif + #endif ret = SA_PARSE(ssl, input + offset, size, isRequest, suites); break; #endif @@ -11132,6 +11170,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, break; + #ifdef WOLFSSL_SEND_HRR_COOKIE case TLSX_COOKIE: WOLFSSL_MSG("Cookie extension received"); #ifdef WOLFSSL_DEBUG_TLS @@ -11148,6 +11187,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, ret = CKE_PARSE(ssl, input + offset, size, msgType); break; + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) case TLSX_PRE_SHARED_KEY: @@ -11222,6 +11262,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, break; #endif + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) case TLSX_SIGNATURE_ALGORITHMS_CERT: WOLFSSL_MSG("Signature Algorithms extension received"); #ifdef WOLFSSL_DEBUG_TLS @@ -11242,6 +11283,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, ret = SAC_PARSE(ssl, input + offset, size, isRequest); break; + #endif case TLSX_KEY_SHARE: WOLFSSL_MSG("Key Share extension received"); @@ -11249,6 +11291,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, WOLFSSL_BUFFER(input + offset, size); #endif + #ifdef HAVE_SUPPORTED_CURVES if (!IsAtLeastTLSv1_3(ssl->version)) break; @@ -11256,6 +11299,8 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, msgType != hello_retry_request) { return EXT_NOT_ALLOWED; } + #endif + ret = KS_PARSE(ssl, input + offset, size, msgType); break; #endif diff --git a/src/tls13.c b/src/tls13.c index e56f2fd1d..1b053d798 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -2524,8 +2524,9 @@ static int SetupPskKey(WOLFSSL* ssl, PreSharedKey* psk) } #endif - if (ssl->options.noPskDheKe) + if (ssl->options.noPskDheKe) { ssl->arrays->preMasterSz = 0; + } /* Derive the early secret using the PSK. */ return DeriveEarlySecret(ssl); @@ -2994,7 +2995,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return ret; } - #ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT +#ifdef WOLFSSL_TLS13_MIDDLEBOX_COMPAT if (sessIdSz == 0) return INVALID_PARAMETER; if (ssl->session.sessionIDSz != 0) { @@ -3005,13 +3006,13 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } else if (XMEMCMP(ssl->arrays->clientRandom, sessId, sessIdSz) != 0) return INVALID_PARAMETER; - #else +#else if (sessIdSz != ssl->session.sessionIDSz || (sessIdSz > 0 && XMEMCMP(ssl->session.sessionID, sessId, sessIdSz) != 0)) { WOLFSSL_MSG("Server sent different session id"); return INVALID_PARAMETER; } - #endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ +#endif /* WOLFSSL_TLS13_MIDDLEBOX_COMPAT */ ret = SetCipherSpecs(ssl); if (ret != 0) @@ -3535,6 +3536,7 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz, return MISSING_HANDSHAKE_DATA; modes = ext->val; +#ifdef HAVE_SUPPORTED_CURVES ext = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE); /* Use (EC)DHE for forward-security if possible. */ if ((modes & (1 << PSK_DHE_KE)) != 0 && !ssl->options.noPskDheKe && @@ -3554,7 +3556,9 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz, /* Send new public key to client. */ ext->resp = 1; } - else { + else +#endif + { if ((modes & (1 << PSK_KE)) == 0) return PSK_KEY_ERROR; ssl->options.noPskDheKe = 1; @@ -3902,6 +3906,8 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif } + /* From here on we are a TLS 1.3 ClientHello. */ + /* Client random */ XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN); i += RAN_LEN; @@ -3939,26 +3945,6 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, i += clSuites.suiteSz; clSuites.hashSigAlgoSz = 0; -#ifdef HAVE_SERVER_RENEGOTIATION_INFO - ret = FindSuite(&clSuites, 0, TLS_EMPTY_RENEGOTIATION_INFO_SCSV); - if (ret == SUITES_ERROR) - return BUFFER_ERROR; - if (ret >= 0) { - TLSX* extension; - - /* check for TLS_EMPTY_RENEGOTIATION_INFO_SCSV suite */ - ret = TLSX_AddEmptyRenegotiationInfo(&ssl->extensions, ssl->heap); - if (ret != WOLFSSL_SUCCESS) - return ret; - - extension = TLSX_Find(ssl->extensions, TLSX_RENEGOTIATION_INFO); - if (extension) { - ssl->secure_renegotiation = (SecureRenegotiation*)extension->data; - ssl->secure_renegotiation->enabled = 1; - } - } -#endif /* HAVE_SERVER_RENEGOTIATION_INFO */ - /* Compression */ b = input[i++]; if ((i - begin) + b > helloSz) @@ -4028,7 +4014,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif #if (defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)) && \ - defined(HAVE_TLS_EXTENSIONS) + defined(HAVE_TLS_EXTENSIONS) if (TLSX_Find(ssl->extensions, TLSX_PRE_SHARED_KEY) != NULL) { /* Refine list for PSK processing. */ RefineSuites(ssl, &clSuites); @@ -4050,6 +4036,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } if (!usingPSK) { +#ifndef NO_CERTS if (TLSX_Find(ssl->extensions, TLSX_KEY_SHARE) == NULL) { WOLFSSL_MSG("Client did not send a KeyShare extension"); SendAlert(ssl, alert_fatal, missing_extension); @@ -4067,14 +4054,14 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return ret; } -#ifdef HAVE_NULL_CIPHER + #ifdef HAVE_NULL_CIPHER if (ssl->options.cipherSuite0 == ECC_BYTE && (ssl->options.cipherSuite == TLS_SHA256_SHA256 || ssl->options.cipherSuite == TLS_SHA384_SHA384)) { ; } else -#endif + #endif /* Check that the negotiated ciphersuite matches protocol version. */ if (ssl->options.cipherSuite0 != TLS13_BYTE) { WOLFSSL_MSG("Negotiated ciphersuite from lesser version than " @@ -4083,16 +4070,19 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return VERSION_ERROR; } -#ifdef HAVE_SESSION_TICKET + #ifdef HAVE_SESSION_TICKET if (ssl->options.resuming) { ssl->options.resuming = 0; XMEMSET(ssl->arrays->psk_key, 0, ssl->specs.hash_size); } -#endif + #endif /* Derive early secret for handshake secret. */ if ((ret = DeriveEarlySecret(ssl)) != 0) return ret; +#else + ret = INVALID_PARAMETER; +#endif } WOLFSSL_LEAVE("DoTls13ClientHello", ret); @@ -7692,6 +7682,7 @@ int wolfSSL_send_hrr_cookie(WOLFSSL* ssl, const unsigned char* secret, } #endif +#ifdef HAVE_SUPPORTED_CURVES /* Create a key share entry from group. * Generates a key pair. * @@ -7733,6 +7724,7 @@ int wolfSSL_NoKeyShares(WOLFSSL* ssl) return WOLFSSL_SUCCESS; } +#endif /* Do not send a ticket after TLS v1.3 handshake for resumption. * @@ -7934,14 +7926,19 @@ int wolfSSL_preferred_group(WOLFSSL* ssl) if (ssl->options.handShakeState != HANDSHAKE_DONE) return NOT_READY_ERROR; +#ifdef HAVE_SUPPORTED_CURVES /* Return supported groups only. */ return TLSX_SupportedCurve_Preferred(ssl, 1); +#else + return 0; +#endif #else return SIDE_ERROR; #endif } #endif +#ifdef HAVE_SUPPORTED_CURVES /* Sets the key exchange groups in rank order on a context. * * ctx SSL/TLS context object. @@ -7989,6 +7986,7 @@ int wolfSSL_set_groups(WOLFSSL* ssl, int* groups, int count) return WOLFSSL_SUCCESS; } +#endif #ifndef NO_PSK void wolfSSL_CTX_set_psk_client_tls13_callback(WOLFSSL_CTX* ctx, @@ -8243,11 +8241,13 @@ int wolfSSL_accept_TLSv13(WOLFSSL* ssl) FALL_THROUGH; case TLS13_ACCEPT_THIRD_REPLY_DONE : +#ifdef HAVE_SUPPORTED_CURVES if (!ssl->options.noPskDheKe) { ssl->error = TLSX_KeyShare_DeriveSecret(ssl); if (ssl->error != 0) return WOLFSSL_FATAL_ERROR; } +#endif if ((ssl->error = SendTls13EncryptedExtensions(ssl)) != 0) { WOLFSSL_ERROR(ssl->error); diff --git a/tests/api.c b/tests/api.c index e92f1e44a..01199b23b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -36121,8 +36121,10 @@ static int test_tls13_apis(void) #ifdef WOLFSSL_EARLY_DATA int outSz; #endif +#ifdef HAVE_SUPPORTED_CURVES int groups[2] = { WOLFSSL_ECC_X25519, WOLFSSL_ECC_X448 }; int numGroups = 2; +#endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) char groupList[] = "P-521:P-384:P-256"; #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */ @@ -36171,6 +36173,7 @@ static int test_tls13_apis(void) #endif #endif +#ifdef HAVE_SUPPORTED_CURVES #ifdef HAVE_ECC AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_SERVER @@ -36235,6 +36238,7 @@ static int test_tls13_apis(void) #endif AssertIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS); #endif +#endif /* HAVE_SUPPORTED_CURVES */ AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT @@ -36342,6 +36346,7 @@ static int test_tls13_apis(void) #endif #endif +#ifdef HAVE_SUPPORTED_CURVES AssertIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG); #ifndef NO_WOLFSSL_CLIENT AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG); @@ -36420,6 +36425,7 @@ static int test_tls13_apis(void) WOLFSSL_SUCCESS); #endif #endif /* defined(OPENSSL_EXTRA) && defined(HAVE_ECC) */ +#endif /* HAVE_SUPPORTED_CURVES */ #ifdef WOLFSSL_EARLY_DATA AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG); diff --git a/tests/suites.c b/tests/suites.c index f2d797af2..23cecb6cb 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -272,6 +272,13 @@ static int IsClientAuth(const char* line, int* reqClientCert) return 0; } +#endif + +#ifdef NO_CERTS +static int IsUsingCert(const char* line) +{ + return XSTRSTR(line, "-c ") != NULL; +} static int IsNoClientCert(const char* line) { @@ -378,6 +385,14 @@ static int execute_test_case(int svr_argc, char** svr_argv, return NOT_BUILT_IN; } #endif +#ifdef NO_CERTS + if (IsUsingCert(commandLine)) { + #ifdef DEBUG_SUITE_TESTS + printf("certificate %s not supported in build\n", commandLine); + #endif + return NOT_BUILT_IN; + } +#endif /* Build Server Command */ if (addNoVerify) { @@ -511,6 +526,14 @@ static int execute_test_case(int svr_argc, char** svr_argv, #endif return NOT_BUILT_IN; } +#endif +#ifdef NO_CERTS + if (IsNoClientCert(commandLine)) { + #ifdef DEBUG_SUITE_TESTS + printf("certificate %s not supported in build\n", commandLine); + #endif + return NOT_BUILT_IN; + } #endif printf("trying client command line[%d]: %s\n", tests, commandLine); tests++; diff --git a/wolfcrypt/src/wc_encrypt.c b/wolfcrypt/src/wc_encrypt.c index bd88e67c5..bb8fbf7de 100644 --- a/wolfcrypt/src/wc_encrypt.c +++ b/wolfcrypt/src/wc_encrypt.c @@ -239,7 +239,7 @@ int wc_Des3_CbcDecryptWithKey(byte* out, const byte* in, word32 sz, #endif /* !NO_DES3 */ -#ifdef WOLFSSL_ENCRYPTED_KEYS +#if !defined(NO_ASN) && defined(WOLFSSL_ENCRYPTED_KEYS) int wc_BufferKeyDecrypt(EncryptedInfo* info, byte* der, word32 derSz, const byte* password, int passwordSz, int hashType) @@ -361,7 +361,7 @@ int wc_BufferKeyEncrypt(EncryptedInfo* info, byte* der, word32 derSz, return ret; } -#endif /* WOLFSSL_ENCRYPTED_KEYS */ +#endif /* !NO_ASN && WOLFSSL_ENCRYPTED_KEYS */ #if !defined(NO_PWDBASED) && !defined(NO_ASN) diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 97d26b51c..b067e0e7b 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2169,7 +2169,7 @@ typedef enum { TLSX_STATUS_REQUEST = 0x0005, /* a.k.a. OCSP stapling */ TLSX_SUPPORTED_GROUPS = 0x000a, /* a.k.a. Supported Curves */ TLSX_EC_POINT_FORMATS = 0x000b, -#if !defined(WOLFSSL_NO_SIGALG) +#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) TLSX_SIGNATURE_ALGORITHMS = 0x000d, /* HELLO_EXT_SIG_ALGO */ #endif TLSX_APPLICATION_LAYER_PROTOCOL = 0x0010, /* a.k.a. ALPN */ @@ -2188,14 +2188,18 @@ typedef enum { TLSX_EARLY_DATA = 0x002a, #endif TLSX_SUPPORTED_VERSIONS = 0x002b, + #ifdef WOLFSSL_SEND_HRR_COOKIE TLSX_COOKIE = 0x002c, + #endif #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) TLSX_PSK_KEY_EXCHANGE_MODES = 0x002d, #endif #ifdef WOLFSSL_POST_HANDSHAKE_AUTH TLSX_POST_HANDSHAKE_AUTH = 0x0031, #endif + #if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG) TLSX_SIGNATURE_ALGORITHMS_CERT = 0x0032, + #endif TLSX_KEY_SHARE = 0x0033, #endif TLSX_RENEGOTIATION_INFO = 0xff01