feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #4629 from dgarske/zd13337

Browse Source 
Additional checking for side on TLS messages
This commit is contained in:
Sean Parkinson
2021-12-07 10:13:44 +10:00
committed by GitHub
parent 261d305b32 54c3e0ac73
commit 9f6aa36866
2 changed files with 73 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
src/internal.c
View File

@@ -13615,6 +13615,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case hello_request: case hello_request:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("HelloRequest received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_hello_request) { if (ssl->msgsReceived.got_hello_request) {
WOLFSSL_MSG("Duplicate HelloRequest received"); WOLFSSL_MSG("Duplicate HelloRequest received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13626,6 +13632,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
case client_hello: case client_hello:
#ifndef NO_WOLFSSL_CLIENT
if (ssl->options.side == WOLFSSL_CLIENT_END) {
WOLFSSL_MSG("ClientHello received by client");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_client_hello) { if (ssl->msgsReceived.got_client_hello) {
WOLFSSL_MSG("Duplicate ClientHello received"); WOLFSSL_MSG("Duplicate ClientHello received");
#ifdef WOLFSSL_EXTRA_ALERTS #ifdef WOLFSSL_EXTRA_ALERTS
@@ -13640,6 +13652,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case server_hello: case server_hello:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("ServerHello received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_server_hello) { if (ssl->msgsReceived.got_server_hello) {
WOLFSSL_MSG("Duplicate ServerHello received"); WOLFSSL_MSG("Duplicate ServerHello received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13651,6 +13669,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case hello_verify_request: case hello_verify_request:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("HelloVerifyRequest received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_hello_verify_request) { if (ssl->msgsReceived.got_hello_verify_request) {
WOLFSSL_MSG("Duplicate HelloVerifyRequest received"); WOLFSSL_MSG("Duplicate HelloVerifyRequest received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13662,6 +13686,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case session_ticket: case session_ticket:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("SessionTicket received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_session_ticket) { if (ssl->msgsReceived.got_session_ticket) {
WOLFSSL_MSG("Duplicate SessionTicket received"); WOLFSSL_MSG("Duplicate SessionTicket received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13698,6 +13728,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case certificate_status: case certificate_status:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("CertificateStatus received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_certificate_status) { if (ssl->msgsReceived.got_certificate_status) {
WOLFSSL_MSG("Duplicate CertificateStatus received"); WOLFSSL_MSG("Duplicate CertificateStatus received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13718,6 +13754,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case server_key_exchange: case server_key_exchange:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("ServerKeyExchange received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_server_key_exchange) { if (ssl->msgsReceived.got_server_key_exchange) {
WOLFSSL_MSG("Duplicate ServerKeyExchange received"); WOLFSSL_MSG("Duplicate ServerKeyExchange received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13770,6 +13812,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case certificate_request: case certificate_request:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("CertificateRequest received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_certificate_request) { if (ssl->msgsReceived.got_certificate_request) {
WOLFSSL_MSG("Duplicate CertificateRequest received"); WOLFSSL_MSG("Duplicate CertificateRequest received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13781,6 +13829,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
case server_hello_done: case server_hello_done:
#ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("ServerHelloDone received by server");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_server_hello_done) { if (ssl->msgsReceived.got_server_hello_done) {
WOLFSSL_MSG("Duplicate ServerHelloDone received"); WOLFSSL_MSG("Duplicate ServerHelloDone received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13821,6 +13875,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
case certificate_verify: case certificate_verify:
#ifndef NO_WOLFSSL_CLIENT
if (ssl->options.side == WOLFSSL_CLIENT_END) {
WOLFSSL_MSG("CertificateVerify received by client");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_certificate_verify) { if (ssl->msgsReceived.got_certificate_verify) {
WOLFSSL_MSG("Duplicate CertificateVerify received"); WOLFSSL_MSG("Duplicate CertificateVerify received");
return DUPLICATE_MSG_E; return DUPLICATE_MSG_E;
@@ -13836,6 +13896,12 @@ static int SanityCheckMsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
case client_key_exchange: case client_key_exchange:
#ifndef NO_WOLFSSL_CLIENT
if (ssl->options.side == WOLFSSL_CLIENT_END) {
WOLFSSL_MSG("ClientKeyExchange received by client");
return SIDE_ERROR;
}
#endif
if (ssl->msgsReceived.got_client_key_exchange) { if (ssl->msgsReceived.got_client_key_exchange) {
WOLFSSL_MSG("Duplicate ClientKeyExchange received"); WOLFSSL_MSG("Duplicate ClientKeyExchange received");
#ifdef WOLFSSL_EXTRA_ALERTS #ifdef WOLFSSL_EXTRA_ALERTS
@@ -29848,7 +29914,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifdef HAVE_SNI #ifdef HAVE_SNI
if((ret=SNI_Callback(ssl))) if((ret=SNI_Callback(ssl)))
goto out; goto out;
ssl->options.side = WOLFSSL_SERVER_END;
#endif #endif
i += totalExtSz; i += totalExtSz;
@@ -31492,12 +31557,7 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ],
case TLS_ASYNC_BEGIN: case TLS_ASYNC_BEGIN:
{ {
/* Sanity checks */ /* Sanity checks */
if (ssl->options.side != WOLFSSL_SERVER_END) { /* server side checked in SanityCheckMsgReceived */
WOLFSSL_MSG("Client received client keyexchange, attack?");
WOLFSSL_ERROR(ssl->error = SIDE_ERROR);
ERROR_OUT(WOLFSSL_FATAL_ERROR, exit_dcke);
}
if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) {
WOLFSSL_MSG("Client sending keyexchange at wrong time"); WOLFSSL_MSG("Client sending keyexchange at wrong time");
SendAlert(ssl, alert_fatal, unexpected_message); SendAlert(ssl, alert_fatal, unexpected_message);

12
src/tls13.c
View File

@@ -7725,7 +7725,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
if (ssl->options.side == WOLFSSL_CLIENT_END) { if (ssl->options.side == WOLFSSL_CLIENT_END) {
WOLFSSL_MSG("ClientHello received by client"); WOLFSSL_MSG("ClientHello received by client");
return OUT_OF_ORDER_E; return SIDE_ERROR;
} }
#endif #endif
if (ssl->options.clientState >= CLIENT_HELLO_COMPLETE) { if (ssl->options.clientState >= CLIENT_HELLO_COMPLETE) {
@@ -7746,7 +7746,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) { if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("ServerHello received by server"); WOLFSSL_MSG("ServerHello received by server");
return OUT_OF_ORDER_E; return SIDE_ERROR;
} }
#endif #endif
if (ssl->msgsReceived.got_server_hello == 1) { if (ssl->msgsReceived.got_server_hello == 1) {
@@ -7763,7 +7763,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) { if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("NewSessionTicket received by server"); WOLFSSL_MSG("NewSessionTicket received by server");
return OUT_OF_ORDER_E; return SIDE_ERROR;
} }
#endif #endif
if (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) { if (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) {
@@ -7781,7 +7781,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_CLIENT #ifndef NO_WOLFSSL_CLIENT
if (ssl->options.side == WOLFSSL_CLIENT_END) { if (ssl->options.side == WOLFSSL_CLIENT_END) {
WOLFSSL_MSG("EndOfEarlyData received by client"); WOLFSSL_MSG("EndOfEarlyData received by client");
return OUT_OF_ORDER_E; return SIDE_ERROR;
} }
#endif #endif
if (ssl->options.serverState < SERVER_FINISHED_COMPLETE) { if (ssl->options.serverState < SERVER_FINISHED_COMPLETE) {
@@ -7807,7 +7807,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) { if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("EncryptedExtensions received by server"); WOLFSSL_MSG("EncryptedExtensions received by server");
return OUT_OF_ORDER_E; return SIDE_ERROR;
} }
#endif #endif
if (ssl->options.serverState != SERVER_HELLO_COMPLETE) { if (ssl->options.serverState != SERVER_HELLO_COMPLETE) {
@@ -7861,7 +7861,7 @@ static int SanityCheckTls13MsgReceived(WOLFSSL* ssl, byte type)
#ifndef NO_WOLFSSL_SERVER #ifndef NO_WOLFSSL_SERVER
if (ssl->options.side == WOLFSSL_SERVER_END) { if (ssl->options.side == WOLFSSL_SERVER_END) {
WOLFSSL_MSG("CertificateRequest received by server"); WOLFSSL_MSG("CertificateRequest received by server");
return OUT_OF_ORDER_E; return SIDE_ERROR;
} }
#endif #endif
#ifndef WOLFSSL_POST_HANDSHAKE_AUTH #ifndef WOLFSSL_POST_HANDSHAKE_AUTH