feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #1845 from dgarske/tls_curve_order

Browse Source 
TLS supported curve selection fixes
This commit is contained in:
Sean Parkinson
2018-09-25 08:26:14 +10:00
committed by GitHub
parent 4855246fc6 038b5e8a66
commit c4e1cdf335
3 changed files with 133 additions and 104 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
examples/client/client.c
View File

@@ -990,6 +990,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
int doSTARTTLS = 0; int doSTARTTLS = 0;
char* starttlsProt = NULL; char* starttlsProt = NULL;
int useVerifyCb = 0; int useVerifyCb = 0;
int useSupCurve = 0;
#ifdef WOLFSSL_TRUST_PEER_CERT #ifdef WOLFSSL_TRUST_PEER_CERT
const char* trustCert = NULL; const char* trustCert = NULL;
@@ -1088,6 +1089,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
(void)useX25519; (void)useX25519;
(void)helloRetry; (void)helloRetry;
(void)onlyKeyShare; (void)onlyKeyShare;
(void)useSupCurve;
StackTrap(); StackTrap();
@@ -1220,6 +1222,10 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
printf("Verify should fail\n"); printf("Verify should fail\n");
myVerifyFail = 1; myVerifyFail = 1;
} }
else if (XSTRNCMP(myoptarg, "useSupCurve", 11) == 0) {
printf("Test use supported curve\n");
useSupCurve = 1;
}
else { else {
Usage(); Usage();
XEXIT_T(MY_EX_USAGE); XEXIT_T(MY_EX_USAGE);
@@ -1440,6 +1446,7 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
case 't' : case 't' :
#ifdef HAVE_CURVE25519 #ifdef HAVE_CURVE25519
useX25519 = 1; useX25519 = 1;
useSupCurve = 1;
#if defined(WOLFSSL_TLS13) && defined(HAVE_ECC) #if defined(WOLFSSL_TLS13) && defined(HAVE_ECC)
onlyKeyShare = 2; onlyKeyShare = 2;
#endif #endif
@@ -1917,22 +1924,34 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args)
err_sys("DisableExtendedMasterSecret failed"); err_sys("DisableExtendedMasterSecret failed");
} }
#endif #endif
#if defined(HAVE_CURVE25519) && defined(HAVE_SUPPORTED_CURVES) #if defined(HAVE_SUPPORTED_CURVES)
#if defined(HAVE_CURVE25519)
if (useX25519) { if (useX25519) {
if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_X25519) if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_X25519)
!= WOLFSSL_SUCCESS) { != WOLFSSL_SUCCESS) {
err_sys("unable to support X25519"); err_sys("unable to support X25519");
} }
if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1) }
!= WOLFSSL_SUCCESS) { #endif /* HAVE_CURVE25519 */
err_sys("unable to support secp256r1"); #ifdef HAVE_ECC
} if (useSupCurve) {
#if !defined(NO_ECC_SECP) && \
(defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES))
if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP384R1) if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP384R1)
!= WOLFSSL_SUCCESS) { != WOLFSSL_SUCCESS) {
err_sys("unable to support secp384r1"); err_sys("unable to support secp384r1");
} }
#endif
#if !defined(NO_ECC_SECP) && \
(!defined(NO_ECC256) || defined(HAVE_ALL_CURVES))
if (wolfSSL_CTX_UseSupportedCurve(ctx, WOLFSSL_ECC_SECP256R1)
!= WOLFSSL_SUCCESS) {
err_sys("unable to support secp256r1");
}
#endif
} }
#endif /* HAVE_CURVE25519 && HAVE_SUPPORTED_CURVES */ #endif /* HAVE_ECC */
#endif /* HAVE_SUPPORTED_CURVES */
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
if (noPskDheKe) if (noPskDheKe)

197
src/tls.c
View File

@@ -3944,7 +3944,7 @@ int TLSX_ValidateSupportedCurves(WOLFSSL* ssl, byte first, byte second) {
defSz = octets; defSz = octets;
} }
if (currOid == 0 && ssl->eccTempKeySz == octets) if (currOid == 0 && ssl->eccTempKeySz <= octets)
currOid = oid; currOid = oid;
if ((nextOid == 0 || nextSz > octets) && ssl->eccTempKeySz <= octets) { if ((nextOid == 0 || nextSz > octets) && ssl->eccTempKeySz <= octets) {
nextOid = oid; nextOid = oid;
@@ -8774,6 +8774,7 @@ static byte* TLSX_QSHKeyFind_Pub(QSHKey* qsh, word16* pubLen, word16 name)
((defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \ ((defined(HAVE_ECC) || defined(HAVE_CURVE25519)) && \
defined(HAVE_SUPPORTED_CURVES)) defined(HAVE_SUPPORTED_CURVES))
/* Populates the default supported groups / curves */
static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions) static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
{ {
int ret = WOLFSSL_SUCCESS; int ret = WOLFSSL_SUCCESS;
@@ -8798,7 +8799,87 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
#endif /* WOLFSSL_TLS13 */ #endif /* WOLFSSL_TLS13 */
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES) #if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
/* list in order by strength, since not all servers choose by strength */
#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP521R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)
#ifdef HAVE_ECC_BRAINPOOL
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP384R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_BRAINPOOL
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP256R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_KOBLITZ
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP256K1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_BRAINPOOL
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */
#ifndef HAVE_FIPS
#if defined(HAVE_CURVE25519)
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_X25519, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif /* HAVE_FIPS */
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
#if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP224R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_KOBLITZ
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP224K1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#ifndef HAVE_FIPS #ifndef HAVE_FIPS
#if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP192R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_KOBLITZ
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP192K1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES) #if defined(HAVE_ECC160) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP #ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions, ret = TLSX_UseSupportedCurve(extensions,
@@ -8816,107 +8897,15 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
if (ret != WOLFSSL_SUCCESS) return ret; if (ret != WOLFSSL_SUCCESS) return ret;
#endif #endif
#endif #endif
#if defined(HAVE_ECC192) || defined(HAVE_ALL_CURVES) #endif /* HAVE_FIPS */
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP192R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_KOBLITZ
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP192K1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#endif
#if defined(HAVE_ECC224) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP224R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_KOBLITZ
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP224K1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP256R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */
#ifndef HAVE_FIPS
#if defined(HAVE_CURVE25519)
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_X25519, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif /* HAVE_FIPS */
#if defined(HAVE_ECC) && defined(HAVE_SUPPORTED_CURVES)
#if !defined(NO_ECC256) || defined(HAVE_ALL_CURVES)
#ifdef HAVE_ECC_KOBLITZ
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP256K1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_BRAINPOOL
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_BRAINPOOLP256R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if defined(HAVE_ECC384) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP384R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#ifdef HAVE_ECC_BRAINPOOL
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_BRAINPOOLP384R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if defined(HAVE_ECC512) || defined(HAVE_ALL_CURVES)
#ifdef HAVE_ECC_BRAINPOOL
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_BRAINPOOLP512R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#if defined(HAVE_ECC521) || defined(HAVE_ALL_CURVES)
#ifndef NO_ECC_SECP
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_ECC_SECP521R1, ssl->heap);
if (ret != WOLFSSL_SUCCESS) return ret;
#endif
#endif
#endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */ #endif /* HAVE_ECC && HAVE_SUPPORTED_CURVES */
#ifdef WOLFSSL_TLS13 #ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) { if (IsAtLeastTLSv1_3(ssl->version)) {
/* Add FFDHE supported groups. */ /* Add FFDHE supported groups. */
#ifdef HAVE_FFDHE_2048 #ifdef HAVE_FFDHE_8192
ret = TLSX_UseSupportedCurve(extensions, ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_FFDHE_2048, ssl->heap); WOLFSSL_FFDHE_8192, ssl->heap);
if (ret != WOLFSSL_SUCCESS)
return ret;
#endif
#ifdef HAVE_FFDHE_3072
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_FFDHE_3072, ssl->heap);
if (ret != WOLFSSL_SUCCESS)
return ret;
#endif
#ifdef HAVE_FFDHE_4096
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_FFDHE_4096, ssl->heap);
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
return ret; return ret;
#endif #endif
@@ -8926,9 +8915,21 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions)
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
return ret; return ret;
#endif #endif
#ifdef HAVE_FFDHE_8192 #ifdef HAVE_FFDHE_4096
ret = TLSX_UseSupportedCurve(extensions, ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_FFDHE_8192, ssl->heap); WOLFSSL_FFDHE_4096, ssl->heap);
if (ret != WOLFSSL_SUCCESS)
return ret;
#endif
#ifdef HAVE_FFDHE_3072
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_FFDHE_3072, ssl->heap);
if (ret != WOLFSSL_SUCCESS)
return ret;
#endif
#ifdef HAVE_FFDHE_2048
ret = TLSX_UseSupportedCurve(extensions,
WOLFSSL_FFDHE_2048, ssl->heap);
if (ret != WOLFSSL_SUCCESS) if (ret != WOLFSSL_SUCCESS)
return ret; return ret;
#endif #endif

9
tests/test.conf
View File

@@ -2355,3 +2355,12 @@
-h localhost -h localhost
-A ./certs/test/server-localhost.pem -A ./certs/test/server-localhost.pem
-m -m
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 with user curve (384 or 256)
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H useSupCurve