forked from wolfSSL/wolfssl
Fix on server side to make sure SHA hash is setup even with NO_OLD_TLS. Fix to initialize hsHashes to zero. Fix in PickHashSigAlgo to not default to SHA if NO_OLD_TLS is defined (unless WOLFSSL_ALLOW_TLS_SHA1 is set). Fix to allow pre TLS 1.2 for “AES128-SHA256” and “AES256-SHA256”.
This commit is contained in:
David Garske
@@ -2202,14 +2202,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
|
#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256
|
||||||
if (tls1_2 && haveRSA) {
|
if (tls && haveRSA) {
|
||||||
suites->suites[idx++] = 0;
|
suites->suites[idx++] = 0;
|
||||||
suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA256;
|
suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_SHA256;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
|
#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256
|
||||||
if (tls1_2 && haveRSA) {
|
if (tls && haveRSA) {
|
||||||
suites->suites[idx++] = 0;
|
suites->suites[idx++] = 0;
|
||||||
suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA256;
|
suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_SHA256;
|
||||||
}
|
}
|
||||||
@@ -3626,6 +3626,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
|
|||||||
WOLFSSL_MSG("HS_Hashes Memory error");
|
WOLFSSL_MSG("HS_Hashes Memory error");
|
||||||
return MEMORY_E;
|
return MEMORY_E;
|
||||||
}
|
}
|
||||||
|
XMEMSET(ssl->hsHashes, 0, sizeof(HS_Hashes));
|
||||||
|
|
||||||
#ifndef NO_OLD_TLS
|
#ifndef NO_OLD_TLS
|
||||||
#ifndef NO_MD5
|
#ifndef NO_MD5
|
||||||
@@ -10320,8 +10321,10 @@ static int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes)
|
|||||||
(void)hashes;
|
(void)hashes;
|
||||||
|
|
||||||
if (ssl->options.tls) {
|
if (ssl->options.tls) {
|
||||||
#if ! defined( NO_OLD_TLS )
|
#if !defined(NO_MD5) && !defined(NO_OLD_TLS)
|
||||||
wc_Md5GetHash(&ssl->hsHashes->hashMd5, hashes->md5);
|
wc_Md5GetHash(&ssl->hsHashes->hashMd5, hashes->md5);
|
||||||
|
#endif
|
||||||
|
#if !defined(NO_SHA)
|
||||||
wc_ShaGetHash(&ssl->hsHashes->hashSha, hashes->sha);
|
wc_ShaGetHash(&ssl->hsHashes->hashSha, hashes->sha);
|
||||||
#endif
|
#endif
|
||||||
if (IsAtLeastTLSv1_2(ssl)) {
|
if (IsAtLeastTLSv1_2(ssl)) {
|
||||||
@@ -13537,7 +13540,18 @@ static void PickHashSigAlgo(WOLFSSL* ssl,
|
|||||||
word32 i;
|
word32 i;
|
||||||
|
|
||||||
ssl->suites->sigAlgo = ssl->specs.sig_algo;
|
ssl->suites->sigAlgo = ssl->specs.sig_algo;
|
||||||
|
|
||||||
|
/* set defaults */
|
||||||
|
if (IsAtLeastTLSv1_2(ssl)) {
|
||||||
|
#ifdef WOLFSSL_ALLOW_TLS_SHA1
|
||||||
ssl->suites->hashAlgo = sha_mac;
|
ssl->suites->hashAlgo = sha_mac;
|
||||||
|
#else
|
||||||
|
ssl->suites->hashAlgo = sha256_mac;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
ssl->suites->hashAlgo = sha_mac;
|
||||||
|
}
|
||||||
|
|
||||||
/* i+1 since peek a byte ahead for type */
|
/* i+1 since peek a byte ahead for type */
|
||||||
for (i = 0; (i+1) < hashSigAlgoSz; i += 2) {
|
for (i = 0; (i+1) < hashSigAlgoSz; i += 2) {
|
||||||
@@ -16753,7 +16767,6 @@ int SendCertificateVerify(WOLFSSL* ssl)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/* idx is used to track verify pointer offset to output */
|
/* idx is used to track verify pointer offset to output */
|
||||||
idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
|
idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ;
|
||||||
verify = &output[RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ];
|
verify = &output[RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ];
|
||||||
|
|||||||
@@ -2246,10 +2246,12 @@ WOLFSSL_LOCAL void FreeCiphers(WOLFSSL* ssl);
|
|||||||
|
|
||||||
/* hashes type */
|
/* hashes type */
|
||||||
typedef struct Hashes {
|
typedef struct Hashes {
|
||||||
#ifndef NO_OLD_TLS
|
#if !defined(NO_MD5) && !defined(NO_OLD_TLS)
|
||||||
byte md5[MD5_DIGEST_SIZE];
|
byte md5[MD5_DIGEST_SIZE];
|
||||||
#endif
|
#endif
|
||||||
|
#if !defined(NO_SHA)
|
||||||
byte sha[SHA_DIGEST_SIZE];
|
byte sha[SHA_DIGEST_SIZE];
|
||||||
|
#endif
|
||||||
#ifndef NO_SHA256
|
#ifndef NO_SHA256
|
||||||
byte sha256[SHA256_DIGEST_SIZE];
|
byte sha256[SHA256_DIGEST_SIZE];
|
||||||
#endif
|
#endif
|
||||||
@@ -2730,14 +2732,12 @@ typedef struct MsgsReceived {
|
|||||||
typedef struct HS_Hashes {
|
typedef struct HS_Hashes {
|
||||||
Hashes verifyHashes;
|
Hashes verifyHashes;
|
||||||
Hashes certHashes; /* for cert verify */
|
Hashes certHashes; /* for cert verify */
|
||||||
#ifndef NO_OLD_TLS
|
|
||||||
#ifndef NO_SHA
|
#ifndef NO_SHA
|
||||||
Sha hashSha; /* sha hash of handshake msgs */
|
Sha hashSha; /* sha hash of handshake msgs */
|
||||||
#endif
|
#endif
|
||||||
#ifndef NO_MD5
|
#if !defined(NO_MD5) && !defined(NO_OLD_TLS)
|
||||||
Md5 hashMd5; /* md5 hash of handshake msgs */
|
Md5 hashMd5; /* md5 hash of handshake msgs */
|
||||||
#endif
|
#endif
|
||||||
#endif /* NO_OLD_TLS */
|
|
||||||
#ifndef NO_SHA256
|
#ifndef NO_SHA256
|
||||||
Sha256 hashSha256; /* sha256 hash of handshake msgs */
|
Sha256 hashSha256; /* sha256 hash of handshake msgs */
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
Reference in New Issue
Block a user