Merge pull request #815 from toddouska/switchcerts

better handling of TLS layer switching out CTX layer keys/certs
2017-03-27 15:57:58 -06:00
parent d8261796a6 a7c131c0a1
commit 9c8574111e
2 changed files with 59 additions and 19 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -1961,7 +1961,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA,
 #endif

 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
-    if (tls1_2 && haveRSAsig) {
+    if (tls1_2 && haveRSA) {
        suites->suites[idx++] = ECC_BYTE;
        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
    }
@ -1989,7 +1989,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA,
 #endif

 #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
-    if (tls1_2 && haveRSAsig) {
+    if (tls1_2 && haveRSA) {
        suites->suites[idx++] = ECC_BYTE;
        suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384;
    }
@ -5911,8 +5911,6 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender)
        case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 :
            if (requirement == REQUIRES_RSA)
                return 1;
-            if (requirement == REQUIRES_RSA_SIG)
-                return 1;
            break;

        case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 :
--- a/src/ssl.c
+++ b/src/ssl.c
@ -4114,6 +4114,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
    int           ret = 0;
    int           eccKey = 0;
    int           rsaKey = 0;
+    int           resetSuites = 0;
    void*         heap = ctx ? ctx->heap : ((ssl) ? ssl->heap : NULL);
 #ifdef WOLFSSL_SMALL_STACK
    EncryptedInfo* info = NULL;
@ -4338,6 +4339,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                } else {
                    /* check that the size of the RSA key is enough */
                    int RsaSz = wc_RsaEncryptSize((RsaKey*)key);
+
                    if (ssl) {
                        if (RsaSz < ssl->options.minRsaKeySz) {
                            ret = RSA_KEY_SIZE_E;
@ -4352,6 +4354,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
                    }
                    rsaKey = 1;
                    (void)rsaKey;  /* for no ecc builds */
+
+                    if (ssl && ssl->options.side == WOLFSSL_SERVER_END) {
+                        ssl->options.haveStaticECC = 0;
+                        resetSuites = 1;
+                    }
                }
            }

@ -4396,10 +4403,16 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,

            wc_ecc_free(&key);
            eccKey = 1;
-            if (ctx)
-                ctx->haveStaticECC = 1;
-            if (ssl)
+            if (ssl) {
                ssl->options.haveStaticECC = 1;
+            }
+            else if (ctx) {
+                ctx->haveStaticECC = 1;
+            }
+
+            if (ssl && ssl->options.side == WOLFSSL_SERVER_END) {
+                resetSuites = 1;
+            }
        }
    #endif /* HAVE_ECC */
    }
@ -4428,16 +4441,25 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
        #endif
            return SSL_BAD_FILE;
        }
+
+        if (ssl && ssl->options.side == WOLFSSL_SERVER_END) {
+            resetSuites = 1;
+        }
+        if (ssl && ssl->ctx->haveECDSAsig) {
+            WOLFSSL_MSG("SSL layer setting cert, CTX had ECDSA, turning off");
+            ssl->options.haveECDSAsig = 0;   /* may turn back on next */
+        }
+
        switch (cert->signatureOID) {
            case CTC_SHAwECDSA:
            case CTC_SHA256wECDSA:
            case CTC_SHA384wECDSA:
            case CTC_SHA512wECDSA:
                WOLFSSL_MSG("ECDSA cert signature");
-                if (ctx)
-                    ctx->haveECDSAsig = 1;
                if (ssl)
                    ssl->options.haveECDSAsig = 1;
+                else if (ctx)
+                    ctx->haveECDSAsig = 1;
                break;
            default:
                WOLFSSL_MSG("Not ECDSA cert signature");
@ -4445,16 +4467,6 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
        }

    #ifdef HAVE_ECC
-        if (ctx) {
-            ctx->pkCurveOID = cert->pkCurveOID;
-        #ifndef WC_STRICT_SIG
-            if (cert->keyOID == ECDSAk) {
-                ctx->haveECC = 1;
-            }
-        #else
-            ctx->haveECC = ctx->haveECDSAsig;
-        #endif
-        }
        if (ssl) {
            ssl->pkCurveOID = cert->pkCurveOID;
        #ifndef WC_STRICT_SIG
@ -4465,6 +4477,16 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
            ssl->options.haveECC = ssl->options.haveECDSAsig;
        #endif
        }
+        else if (ctx) {
+            ctx->pkCurveOID = cert->pkCurveOID;
+        #ifndef WC_STRICT_SIG
+            if (cert->keyOID == ECDSAk) {
+                ctx->haveECC = 1;
+            }
+        #else
+            ctx->haveECC = ctx->haveECDSAsig;
+        #endif
+        }
    #endif

        /* check key size of cert unless specified not to */
@ -4521,6 +4543,26 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
        }
    }

+    if (ssl && resetSuites) {
+        word16 havePSK = 0;
+        word16 haveRSA = 0;
+
+        #ifndef NO_PSK
+        if (ssl->options.havePSK) {
+            havePSK = 1;
+        }
+        #endif
+        #ifndef NO_RSA
+            haveRSA = 1;
+        #endif
+
+        /* let's reset suites */
+        InitSuites(ssl->suites, ssl->version, haveRSA, havePSK,
+                   ssl->options.haveDH, ssl->options.haveNTRU,
+                   ssl->options.haveECDSAsig, ssl->options.haveECC,
+                   ssl->options.haveStaticECC, ssl->options.side);
+    }
+
    return SSL_SUCCESS;
 }