From 4783fbfc4f7299f698a7d575acfe7efa2c76503c Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 24 Mar 2017 10:19:01 -0700 Subject: [PATCH 1/3] better handling of TLS layer switching out CTX layer keys/certs --- src/internal.c | 6 ++-- src/ssl.c | 74 ++++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 61 insertions(+), 19 deletions(-) diff --git a/src/internal.c b/src/internal.c index 6e0275f73..2e395c39f 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1961,7 +1961,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - if (tls1_2 && haveRSAsig) { + if (tls1_2 && haveRSA) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256; } @@ -1989,7 +1989,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, word16 haveRSA, #endif #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - if (tls1_2 && haveRSAsig) { + if (tls1_2 && haveRSA) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384; } @@ -5911,8 +5911,6 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : if (requirement == REQUIRES_RSA) return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; break; case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : diff --git a/src/ssl.c b/src/ssl.c index 2d5fb50a5..149348c38 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4338,6 +4338,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } else { /* check that the size of the RSA key is enough */ int RsaSz = wc_RsaEncryptSize((RsaKey*)key); + if (ssl) { if (RsaSz < ssl->options.minRsaKeySz) { ret = RSA_KEY_SIZE_E; @@ -4352,6 +4353,22 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } rsaKey = 1; (void)rsaKey; /* for no ecc builds */ + + if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { + int havePSK = 0; + #ifndef NO_PSK + if (ssl->options.havePSK) { + havePSK = 1; + } + #endif + + /* CTX may have been ECC key, let's reset suites */ + ssl->options.haveStaticECC = 0; + InitSuites(ssl->suites, ssl->version, 1, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveECC, + ssl->options.haveStaticECC, ssl->options.side); + } } } @@ -4396,10 +4413,31 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, wc_ecc_free(&key); eccKey = 1; - if (ctx) - ctx->haveStaticECC = 1; - if (ssl) + if (ssl) { ssl->options.haveStaticECC = 1; + } + else if (ctx) { + ctx->haveStaticECC = 1; + } + + if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { + int havePSK = 0; + int haveRSA = 0; + #ifndef NO_PSK + if (ssl->options.havePSK) { + havePSK = 1; + } + #endif + #ifndef NO_RSA + haveRSA = 1; + #endif + + /* let's reset suites with ecc key */ + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveECC, + ssl->options.haveStaticECC, ssl->options.side); + } } #endif /* HAVE_ECC */ } @@ -4428,16 +4466,22 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, #endif return SSL_BAD_FILE; } + + if (ssl && ssl->ctx->haveECDSAsig) { + WOLFSSL_MSG("SSL layer setting cert, CTX had ECDSA, turning off"); + ssl->options.haveECDSAsig = 0; /* may turn back on next */ + } + switch (cert->signatureOID) { case CTC_SHAwECDSA: case CTC_SHA256wECDSA: case CTC_SHA384wECDSA: case CTC_SHA512wECDSA: WOLFSSL_MSG("ECDSA cert signature"); - if (ctx) - ctx->haveECDSAsig = 1; if (ssl) ssl->options.haveECDSAsig = 1; + else if (ctx) + ctx->haveECDSAsig = 1; break; default: WOLFSSL_MSG("Not ECDSA cert signature"); @@ -4445,16 +4489,6 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } #ifdef HAVE_ECC - if (ctx) { - ctx->pkCurveOID = cert->pkCurveOID; - #ifndef WC_STRICT_SIG - if (cert->keyOID == ECDSAk) { - ctx->haveECC = 1; - } - #else - ctx->haveECC = ctx->haveECDSAsig; - #endif - } if (ssl) { ssl->pkCurveOID = cert->pkCurveOID; #ifndef WC_STRICT_SIG @@ -4465,6 +4499,16 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, ssl->options.haveECC = ssl->options.haveECDSAsig; #endif } + else if (ctx) { + ctx->pkCurveOID = cert->pkCurveOID; + #ifndef WC_STRICT_SIG + if (cert->keyOID == ECDSAk) { + ctx->haveECC = 1; + } + #else + ctx->haveECC = ctx->haveECDSAsig; + #endif + } #endif /* check key size of cert unless specified not to */ From 86efbbbb1d85759bff478aa4d6623c855883686b Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 24 Mar 2017 10:40:42 -0700 Subject: [PATCH 2/3] simplify reset suites on cert/key changes to end of function --- src/ssl.c | 54 ++++++++++++++++++++++++++---------------------------- 1 file changed, 26 insertions(+), 28 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 149348c38..0cd4d57a9 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4114,6 +4114,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, int ret = 0; int eccKey = 0; int rsaKey = 0; + int resetSuites = 0; void* heap = ctx ? ctx->heap : ((ssl) ? ssl->heap : NULL); #ifdef WOLFSSL_SMALL_STACK EncryptedInfo* info = NULL; @@ -4355,19 +4356,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, (void)rsaKey; /* for no ecc builds */ if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { - int havePSK = 0; - #ifndef NO_PSK - if (ssl->options.havePSK) { - havePSK = 1; - } - #endif - - /* CTX may have been ECC key, let's reset suites */ ssl->options.haveStaticECC = 0; - InitSuites(ssl->suites, ssl->version, 1, havePSK, - ssl->options.haveDH, ssl->options.haveNTRU, - ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + resetSuites = 1; } } } @@ -4421,22 +4411,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { - int havePSK = 0; - int haveRSA = 0; - #ifndef NO_PSK - if (ssl->options.havePSK) { - havePSK = 1; - } - #endif - #ifndef NO_RSA - haveRSA = 1; - #endif - - /* let's reset suites with ecc key */ - InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, - ssl->options.haveDH, ssl->options.haveNTRU, - ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + resetSuites = 1; } } #endif /* HAVE_ECC */ @@ -4467,6 +4442,9 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, return SSL_BAD_FILE; } + if (ssl && ssl->options.side == WOLFSSL_SERVER_END) { + resetSuites = 1; + } if (ssl && ssl->ctx->haveECDSAsig) { WOLFSSL_MSG("SSL layer setting cert, CTX had ECDSA, turning off"); ssl->options.haveECDSAsig = 0; /* may turn back on next */ @@ -4565,6 +4543,26 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } } + if (ssl && resetSuites) { + int havePSK = 0; + int haveRSA = 0; + + #ifndef NO_PSK + if (ssl->options.havePSK) { + havePSK = 1; + } + #endif + #ifndef NO_RSA + haveRSA = 1; + #endif + + /* let's reset suites */ + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveECC, + ssl->options.haveStaticECC, ssl->options.side); + } + return SSL_SUCCESS; } From a7c131c0a10d82c95fcaad82676fddc45be9dce5 Mon Sep 17 00:00:00 2001 From: toddouska Date: Fri, 24 Mar 2017 11:19:01 -0700 Subject: [PATCH 3/3] fix vs warning --- src/ssl.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 0cd4d57a9..a1c12f7d5 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -4544,8 +4544,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, } if (ssl && resetSuites) { - int havePSK = 0; - int haveRSA = 0; + word16 havePSK = 0; + word16 haveRSA = 0; #ifndef NO_PSK if (ssl->options.havePSK) {