diff --git a/src/dtls.c b/src/dtls.c index 95ec7f517..6babe3116 100644 --- a/src/dtls.c +++ b/src/dtls.c @@ -190,7 +190,7 @@ static int CheckDtlsCookie(const WOLFSSL* ssl, WolfSSL_CH* ch, if (ch->cookie.size - OPAQUE16_LEN != len) return BUFFER_E; ret = TlsCheckCookie(ssl, ch->cookie.elements + OPAQUE16_LEN, - ch->cookie.size - OPAQUE16_LEN); + (word16)(ch->cookie.size - OPAQUE16_LEN)); if (ret < 0 && ret != HRR_COOKIE_ERROR) return ret; *cookieGood = ret > 0; @@ -329,7 +329,9 @@ static int TlsSessionIdIsValid(const WOLFSSL* ssl, WolfSSL_ConstVector sessionID &unused); if (sess != NULL) { /* Store info for later */ +#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) pskInfo->pv = sess->version; +#endif pskInfo->cipherSuite0 = sess->cipherSuite0; pskInfo->cipherSuite = sess->cipherSuite; pskInfo->namedGroup = sess->namedGroup; @@ -396,7 +398,7 @@ static int TlsCheckSupportedVersion(const WOLFSSL* ssl, return 0; } ret = TLSX_SupportedVersions_Parse(ssl, tlsxSupportedVersions.elements, - tlsxSupportedVersions.size, client_hello, &pv, NULL, NULL); + (word16)tlsxSupportedVersions.size, client_hello, &pv, NULL, NULL); if (ret != 0) return ret; #if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET) @@ -446,6 +448,7 @@ static void FindPskSuiteFromExt(const WOLFSSL* ssl, TLSX* extensions, byte psk_key[MAX_PSK_KEY_LEN]; word32 psk_keySz; int i; + byte foundSuite[SUITE_LEN]; if (pskExt == NULL) return; @@ -454,10 +457,10 @@ static void FindPskSuiteFromExt(const WOLFSSL* ssl, TLSX* extensions, for (current = (PreSharedKey*)pskExt->data; current != NULL; current = current->next) { if (FindPskSuite(ssl, current, psk_key, &psk_keySz, - suites->suites + i, &found) == 0) { + suites->suites + i, &found, foundSuite) == 0) { if (found) { - pskInfo->cipherSuite0 = suites->suites[i]; - pskInfo->cipherSuite = suites->suites[i + 1]; + pskInfo->cipherSuite0 = foundSuite[0]; + pskInfo->cipherSuite = foundSuite[1]; pskInfo->isValid = 1; return; } @@ -499,13 +502,14 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13, } /* Hashes are reset in SendTls13ServerHello when sending a HRR */ - ret = Dtls13HashHandshake((WOLFSSL*)ssl, ch->msg, ch->length); + ret = Dtls13HashHandshake((WOLFSSL*)ssl, ch->msg, + (word16)ch->length); if (ret != 0) goto dtls13_cleanup; /* Populate the suites struct to find a common ciphersuite */ XMEMSET(&suites, 0, sizeof(suites)); - suites.suiteSz = ch->cipherSuite.size; + suites.suiteSz = (word16)ch->cipherSuite.size; if ((suites.suiteSz % 2) != 0) ERROR_OUT(INVALID_PARAMETER, dtls13_cleanup); if (suites.suiteSz > WOLFSSL_MAX_SUITE_SZ) @@ -551,7 +555,7 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13, goto dtls13_cleanup; if (tlsx.size != 0) { ret = TLSX_SupportedCurve_Parse(ssl, tlsx.elements, - tlsx.size, 1, &parsedExts); + (word16)tlsx.size, 1, &parsedExts); if (ret != 0) goto dtls13_cleanup; } @@ -563,7 +567,7 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13, goto dtls13_cleanup; if (tlsx.size != 0) { ret = TLSX_KeyShare_Parse_ClientHello(ssl, tlsx.elements, - tlsx.size, &parsedExts); + (word16)tlsx.size, &parsedExts); if (ret != 0) goto dtls13_cleanup; #if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK) @@ -669,7 +673,7 @@ static int SendStatelessReply(const WOLFSSL* ssl, WolfSSL_CH* ch, byte isTls13, XMEMCPY(nonConstSSL->session->sessionID, ch->sessionId.elements, ch->sessionId.size); - nonConstSSL->session->sessionIDSz = ch->sessionId.size; + nonConstSSL->session->sessionIDSz = (byte)ch->sessionId.size; nonConstSSL->options.cipherSuite0 = cs.cipherSuite0; nonConstSSL->options.cipherSuite = cs.cipherSuite; nonConstSSL->extensions = parsedExts; diff --git a/src/dtls13.c b/src/dtls13.c index 73944a716..a6b63b1a2 100644 --- a/src/dtls13.c +++ b/src/dtls13.c @@ -123,6 +123,7 @@ WOLFSSL_METHOD* wolfDTLSv1_3_client_method_ex(void* heap) WOLFSSL_METHOD* method; WOLFSSL_ENTER("DTLSv1_3_client_method_ex"); + (void)heap; method = (WOLFSSL_METHOD*)XMALLOC(sizeof(WOLFSSL_METHOD), heap, DYNAMIC_TYPE_METHOD); @@ -145,6 +146,7 @@ WOLFSSL_METHOD* wolfDTLSv1_3_server_method_ex(void* heap) WOLFSSL_METHOD* method; WOLFSSL_ENTER("DTLSv1_3_server_method_ex"); + (void)heap; method = (WOLFSSL_METHOD*)XMALLOC(sizeof(WOLFSSL_METHOD), heap, DYNAMIC_TYPE_METHOD); @@ -613,12 +615,14 @@ static void Dtls13RtxFlushBuffered(WOLFSSL* ssl, byte keepNewSessionTicket) ssl->dtls13Rtx.rtxRecordTailPtr = prevNext; } -static Dtls13RecordNumber* Dtls13NewRecordNumber(WOLFSSL* ssl, w64wrapper epoch, - w64wrapper seq) +static Dtls13RecordNumber* Dtls13NewRecordNumber(w64wrapper epoch, + w64wrapper seq, void* heap) { Dtls13RecordNumber* rn; - rn = (Dtls13RecordNumber*)XMALLOC(sizeof(*rn), ssl->heap, + (void)heap; + + rn = (Dtls13RecordNumber*)XMALLOC(sizeof(*rn), heap, DYNAMIC_TYPE_DTLS_MSG); if (rn == NULL) return NULL; @@ -636,7 +640,7 @@ static int Dtls13RtxAddAck(WOLFSSL* ssl, w64wrapper epoch, w64wrapper seq) WOLFSSL_ENTER("Dtls13RtxAddAck"); - rn = Dtls13NewRecordNumber(ssl, epoch, seq); + rn = Dtls13NewRecordNumber(epoch, seq, ssl->heap); if (rn == NULL) return MEMORY_E; diff --git a/src/internal.c b/src/internal.c index 8f1564cc4..bf91fd546 100644 --- a/src/internal.c +++ b/src/internal.c @@ -32544,8 +32544,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, * Returns 1 for valid server suite or 0 if not found * For asynchronous this can return WC_PENDING_E */ - static int VerifyServerSuite(WOLFSSL* ssl, const Suites* suites, word16 idx, - CipherSuite* cs, TLSX* extensions) + static int VerifyServerSuite(const WOLFSSL* ssl, const Suites* suites, + word16 idx, CipherSuite* cs, TLSX* extensions) { #ifndef NO_PSK int havePSK = ssl->options.havePSK; @@ -32553,6 +32553,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, byte first; byte second; + (void)cs; + (void)extensions; + WOLFSSL_ENTER("VerifyServerSuite"); if (suites == NULL) { @@ -32743,13 +32746,22 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, XMEMSET(&cs, 0, sizeof(cs)); - ret = MatchSuite_ex(ssl, peerSuites, &cs, ssl->extensions); + ret = MatchSuite_ex(ssl, peerSuites, &cs, +#ifdef HAVE_TLS_EXTENSIONS + ssl->extensions +#else + NULL +#endif + ); if (ret != 0) return ret; ssl->options.cipherSuite0 = cs.cipherSuite0; ssl->options.cipherSuite = cs.cipherSuite; +#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_CURVE25519) || \ + defined(HAVE_ED448) || defined(HAVE_CURVE448) ssl->ecdhCurveOID = cs.ecdhCurveOID; +#endif ret = SetCipherSpecs(ssl); if (ret != 0) @@ -32759,10 +32771,12 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ret != 0) return ret; +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (cs.doHelloRetry) { ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; return TLSX_KeyShare_SetSupported(ssl, &ssl->extensions); } +#endif #if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) if (IsAtLeastTLSv1_3(ssl->version) && @@ -33144,7 +33158,6 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Update the ssl->options.dtlsStateful setting `if` statement in * wolfSSL_accept when changing this one. */ if (IsDtlsNotSctpMode(ssl) && IsDtlsNotSrtpMode(ssl) && !IsSCR(ssl)) { - byte process = 0; if (((ssl->keys.dtls_sequence_number_hi == ssl->keys.curSeq_hi && ssl->keys.dtls_sequence_number_lo < ssl->keys.curSeq_lo) || (ssl->keys.dtls_sequence_number_hi < ssl->keys.curSeq_hi))) { diff --git a/src/tls.c b/src/tls.c index 6f15edbf9..46027e7f7 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1407,15 +1407,10 @@ int TLSX_HandleUnsupportedExtension(WOLFSSL* ssl) #endif -#if defined(WOLFSSL_TLS13) || (!defined(NO_WOLFSSL_SERVER) \ - && (defined(WOLFSSL_SRTP) || defined(HAVE_SESSION_TICKET) \ - || defined(HAVE_SECURE_RENEGOTIATION) || defined(HAVE_SERVER_RENEGOTIATION_INFO) \ - || defined(HAVE_SUPPORTED_CURVES) || defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) \ - || defined(HAVE_CERTIFICATE_STATUS_REQUEST) || defined(HAVE_TRUNCATED_HMAC) \ - || defined(HAVE_MAX_FRAGMENT) || defined(HAVE_TRUSTED_CA) || defined(HAVE_SNI) \ - || defined(HAVE_ALPN))) +#if !defined(NO_WOLFSSL_SERVER) || defined(WOLFSSL_TLS13) +void TLSX_SetResponse(WOLFSSL* ssl, TLSX_Type type); /** Mark an extension to be sent back to the client. */ -static void TLSX_SetResponse(WOLFSSL* ssl, TLSX_Type type) +void TLSX_SetResponse(WOLFSSL* ssl, TLSX_Type type) { TLSX *extension = TLSX_Find(ssl->extensions, type); diff --git a/src/tls13.c b/src/tls13.c index c5c61f5f3..fcce88f52 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -3337,7 +3337,7 @@ byte SuiteMac(const byte* suite) * hashSz The size of the hash data in bytes. * returns 0 on success, otherwise failure. */ -static int CreateCookieExt(const WOLFSSL* ssl, byte* hash, byte hashSz, +static int CreateCookieExt(const WOLFSSL* ssl, byte* hash, word16 hashSz, TLSX** exts) { int ret; @@ -3429,7 +3429,7 @@ static int CreateCookieHash(const WOLFSSL* ssl, byte** hash, byte* hashSz, if (ssl->options.sendCookie && ssl->options.side == WOLFSSL_SERVER_END) { byte cookie[OPAQUE8_LEN + WC_MAX_DIGEST_SIZE + OPAQUE16_LEN * 2]; TLSX* ext; - word32 idx = 0; + word16 idx = 0; /* Cookie Data = Hash Len | Hash | CS | KeyShare Group */ cookie[idx++] = *hashSz; @@ -5497,7 +5497,7 @@ static void RefineSuites(WOLFSSL* ssl, Suites* peerSuites) #ifndef NO_PSK int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk, byte* psk_key, - word32* psk_keySz, byte* suite, int* found) + word32* psk_keySz, const byte* suite, int* found, byte* foundSuite) { const char* cipherName = NULL; byte cipherSuite0 = TLS13_BYTE; @@ -5528,6 +5528,7 @@ int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk, byte* psk_key, WOLFSSL_MSG("Key len too long in FindPsk()"); ret = PSK_KEY_ERROR; WOLFSSL_ERROR_VERBOSE(ret); + *found = 0; } if (ret == 0) { #if !defined(WOLFSSL_PSK_ONE_ID) && !defined(WOLFSSL_PRIORITIZE_PSK) @@ -5546,6 +5547,10 @@ int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk, byte* psk_key, #endif } } + if (*found && foundSuite != NULL) { + foundSuite[0] = cipherSuite0; + foundSuite[1] = cipherSuite; + } return ret; } @@ -5563,13 +5568,14 @@ int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk, byte* psk_key, * @return 1 when a match found - but check error code. * @return 0 when no match found. */ -static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err) +static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, const byte* suite, int* err) { int ret = 0; int found = 0; + byte foundSuite[SUITE_LEN]; ret = FindPskSuite(ssl, psk, ssl->arrays->psk_key, &ssl->arrays->psk_keySz, - suite, &found); + suite, &found, foundSuite); if (ret == 0 && found) { if ((ret == 0) && found) { /* Default to ciphersuite if cb doesn't specify. */ @@ -5585,8 +5591,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err) } if ((ret == 0) && found) { /* Set PSK ciphersuite into SSL. */ - ssl->options.cipherSuite0 = cipherSuite0; - ssl->options.cipherSuite = cipherSuite; + ssl->options.cipherSuite0 = foundSuite[0]; + ssl->options.cipherSuite = foundSuite[1]; ret = SetCipherSpecs(ssl); } if ((ret == 0) && found) { @@ -6012,7 +6018,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz, * cookieSz The length of the cookie data in bytes. * returns Length of the hash on success, otherwise failure. */ -int TlsCheckCookie(const WOLFSSL* ssl, const byte* cookie, byte cookieSz) +int TlsCheckCookie(const WOLFSSL* ssl, const byte* cookie, word16 cookieSz) { int ret; byte mac[WC_MAX_DIGEST_SIZE] = {0}; @@ -6096,14 +6102,15 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie) word32 idx; byte hashSz; byte* cookieData; - byte cookieDataSz; + word16 cookieDataSz; word16 length; int keyShareExt = 0; int ret; - cookieDataSz = ret = TlsCheckCookie(ssl, cookie->data, cookie->len); + ret = TlsCheckCookie(ssl, cookie->data, (byte)cookie->len); if (ret < 0) return ret; + cookieDataSz = (word16)ret; hashSz = cookie->data[0]; cookieData = cookie->data; idx = OPAQUE8_LEN; @@ -6206,7 +6213,7 @@ static int RestartHandshakeHashWithCookie(WOLFSSL* ssl, Cookie* cookie) #ifdef WOLFSSL_DTLS13 if (ssl->options.dtls) { - ret = Dtls13HashHandshake(ssl, hrr, hrrIdx); + ret = Dtls13HashHandshake(ssl, hrr, (word16)hrrIdx); } else #endif /* WOLFSSL_DTLS13 */ @@ -12544,8 +12551,6 @@ static int DtlsAcceptStateless(WOLFSSL *ssl) default: return 0; } - - return 0; } #endif /* WOLFSSL_DTLS13 */ diff --git a/tests/api.c b/tests/api.c index 373beea55..3c0fc66d1 100644 --- a/tests/api.c +++ b/tests/api.c @@ -59346,6 +59346,7 @@ static word32 test_wolfSSL_dtls_stateless_HashWOLFSSL(WOLFSSL* ssl) sslCopy.buffers.inputBuffer.buffer = NULL; sslCopy.buffers.inputBuffer.bufferSize = 0; sslCopy.buffers.inputBuffer.dynamicFlag = 0; + sslCopy.buffers.inputBuffer.offset = 0; sslCopy.error = 0; sslCopy.curSize = 0; sslCopy.keys.curSeq_lo = 0; @@ -59379,6 +59380,20 @@ static word32 test_wolfSSL_dtls_stateless_HashWOLFSSL(WOLFSSL* ssl) return MakeWordFromHash(hashBuf); } +static CallbackIORecv test_wolfSSL_dtls_compare_stateless_cb; +static int test_wolfSSL_dtls_compare_stateless_cb_call_once; +static int test_wolfSSL_dtls_compare_stateless_read_cb_once(WOLFSSL *ssl, + char *buf, int sz, void *ctx) +{ + if (test_wolfSSL_dtls_compare_stateless_cb_call_once) { + test_wolfSSL_dtls_compare_stateless_cb_call_once = 0; + return test_wolfSSL_dtls_compare_stateless_cb(ssl, buf, sz, ctx); + } + else { + return WOLFSSL_CBIO_ERR_WANT_READ; + } +} + static void test_wolfSSL_dtls_compare_stateless(WOLFSSL* ssl) { /* Compare the ssl object before and after one ClientHello msg */ @@ -59387,8 +59402,10 @@ static void test_wolfSSL_dtls_compare_stateless(WOLFSSL* ssl) int err; word32 initHash; + test_wolfSSL_dtls_compare_stateless_cb = ssl->CBIORecv; + test_wolfSSL_dtls_compare_stateless_cb_call_once = 1; wolfSSL_dtls_set_using_nonblock(ssl, 1); - tcp_set_nonblocking(&fd); + ssl->CBIORecv = test_wolfSSL_dtls_compare_stateless_read_cb_once; initHash = test_wolfSSL_dtls_stateless_HashWOLFSSL(ssl); (void)initHash; @@ -59405,7 +59422,7 @@ static void test_wolfSSL_dtls_compare_stateless(WOLFSSL* ssl) AssertIntEQ(initHash, test_wolfSSL_dtls_stateless_HashWOLFSSL(ssl)); wolfSSL_dtls_set_using_nonblock(ssl, 0); - tcp_set_blocking(&fd); + ssl->CBIORecv = test_wolfSSL_dtls_compare_stateless_cb; } diff --git a/wolfssl/internal.h b/wolfssl/internal.h index c7bc10c57..6eb3872e0 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2128,7 +2128,9 @@ typedef struct CipherSuite { byte cipherSuite; word32 ecdhCurveOID; struct KeyShareEntry* clientKSE; +#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES) int doHelloRetry; +#endif } CipherSuite; WOLFSSL_LOCAL void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, @@ -3054,7 +3056,7 @@ typedef struct Cookie { WOLFSSL_LOCAL int TLSX_Cookie_Use(const WOLFSSL* ssl, const byte* data, word16 len, byte* mac, byte macSz, int resp, TLSX** exts); WOLFSSL_LOCAL int TlsCheckCookie(const WOLFSSL* ssl, const byte* cookie, - byte cookieSz); + word16 cookieSz); /* Key Share - TLS v1.3 Specification */ @@ -6208,9 +6210,10 @@ WOLFSSL_LOCAL int wolfSSL_quic_keys_active(WOLFSSL* ssl, enum encrypt_side side) #endif /* WOLFSSL_QUIC (else) */ -#ifndef NO_PSK +#if defined(WOLFSSL_TLS13) && !defined(NO_PSK) WOLFSSL_LOCAL int FindPskSuite(const WOLFSSL* ssl, PreSharedKey* psk, - byte* psk_key, word32* psk_keySz, byte* suite, int* found); + byte* psk_key, word32* psk_keySz, const byte* suite, int* found, + byte* foundSuite); #endif #ifdef __cplusplus