feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5448 from julek-wolfssl/ext-msg-check

Browse Source 
Validate that extensions appear in correct messages
This commit is contained in:
Sean Parkinson
2022-08-12 08:39:42 +10:00
committed by GitHub
parent 2b38ba0300 a317126509
commit d4646696ed
1 changed files with 124 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

199
src/tls.c
View File

@ -12264,17 +12264,18 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SNI)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
msgType != encrypted_extensions) {
return EXT_NOT_ALLOWED;
}
else if (!IsAtLeastTLSv1_3(ssl->version) &&
msgType == encrypted_extensions) {
return EXT_NOT_ALLOWED;
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != encrypted_extensions)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello)
return EXT_NOT_ALLOWED;
}
ret = SNI_PARSE(ssl, input + offset, size, isRequest);
break;
#endif
@ -12285,13 +12286,18 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_TRUSTED_CA)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
msgType != encrypted_extensions) {
return EXT_NOT_ALLOWED;
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != encrypted_extensions)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello)
return EXT_NOT_ALLOWED;
}
ret = TCA_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12301,19 +12307,23 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_MAX_FRAGMENT)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != encrypted_extensions) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
else if (!IsAtLeastTLSv1_3(ssl->version) &&
msgType == encrypted_extensions) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
}
else
#endif
{
if (msgType != client_hello &&
msgType != server_hello) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
}
ret = MFL_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12323,10 +12333,12 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_TRUNCATED_HMAC)
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version))
break;
#endif
if (msgType != client_hello)
return EXT_NOT_ALLOWED;
ret = THM_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12336,19 +12348,22 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != encrypted_extensions) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
else if (!IsAtLeastTLSv1_3(ssl->version) &&
msgType == encrypted_extensions) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
}
else
#endif
{
if (msgType != client_hello) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
}
ret = EC_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12358,10 +12373,16 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version))
break;
#endif
if (msgType != client_hello &&
msgType != server_hello) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
ret = PF_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12371,14 +12392,20 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != certificate_request &&
msgType != certificate) {
break;
msgType != certificate)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
}
ret = CSR_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12389,13 +12416,19 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != certificate_request &&
msgType != certificate) {
return EXT_NOT_ALLOWED;
msgType != certificate)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
}
ret = CSR2_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12410,6 +12443,9 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
if (IsAtLeastTLSv1_3(ssl->version))
break;
#endif
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
if (size != 0)
return BUFFER_ERROR;
@ -12427,10 +12463,13 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_BUFFER(input + offset, size);
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SERVER_RENEGOTIATION_INFO)
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version))
break;
#endif
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
ret = SCR_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12441,11 +12480,17 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_SESSION_TICKET)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello) {
return EXT_NOT_ALLOWED;
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
}
ret = WOLF_STK_PARSE(ssl, input + offset, size, isRequest);
break;
@ -12457,16 +12502,18 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#endif
#if defined(WOLFSSL_TLS13) && defined(HAVE_ALPN)
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
msgType != encrypted_extensions) {
return EXT_NOT_ALLOWED;
}
else if (!IsAtLeastTLSv1_3(ssl->version) &&
msgType == encrypted_extensions) {
return EXT_NOT_ALLOWED;
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != encrypted_extensions)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
}
ret = ALPN_PARSE(ssl, input + offset, size, isRequest);
break;
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
@ -12479,12 +12526,17 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
if (!IsAtLeastTLSv1_2(ssl))
break;
#ifdef WOLFSSL_TLS13
if (IsAtLeastTLSv1_3(ssl->version) &&
msgType != client_hello &&
msgType != certificate_request) {
return EXT_NOT_ALLOWED;
if (IsAtLeastTLSv1_3(ssl->version)) {
if (msgType != client_hello &&
msgType != certificate_request)
return EXT_NOT_ALLOWED;
}
else
#endif
{
if (msgType != client_hello)
return EXT_NOT_ALLOWED;
}
ret = SA_PARSE(ssl, input + offset, size, isRequest, suites);
break;
#endif
@ -12496,6 +12548,9 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
/* Ignore for TLS 1.3+ */
if (IsAtLeastTLSv1_3(ssl->version))
break;
if (msgType != client_hello &&
msgType != server_hello)
return EXT_NOT_ALLOWED;
ret = ETM_PARSE(ssl, input + offset, size, msgType);
break;
@ -12507,6 +12562,10 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
#ifdef WOLFSSL_DEBUG_TLS
WOLFSSL_BUFFER(input + offset, size);
#endif
if (msgType != client_hello &&
msgType != server_hello &&
msgType != hello_retry_request)
return EXT_NOT_ALLOWED;
break;
@ -12521,7 +12580,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
break;
if (msgType != client_hello &&
msgType != hello_retry_request) {
msgType != hello_retry_request) {
return EXT_NOT_ALLOWED;
}
@ -12539,7 +12598,8 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
if (!IsAtLeastTLSv1_3(ssl->version))
break;
if (msgType != client_hello && msgType != server_hello) {
if (msgType != client_hello &&
msgType != server_hello) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
@ -12577,13 +12637,7 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
break;
if (msgType != client_hello && msgType != session_ticket &&
msgType != encrypted_extensions) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
if (!IsAtLeastTLSv1_3(ssl->version) &&
(msgType == session_ticket ||
msgType == encrypted_extensions)) {
msgType != encrypted_extensions) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
@ -12625,11 +12679,6 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType,
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
if (!IsAtLeastTLSv1_3(ssl->version) &&
msgType == certificate_request) {
WOLFSSL_ERROR_VERBOSE(EXT_NOT_ALLOWED);
return EXT_NOT_ALLOWED;
}
ret = SAC_PARSE(ssl, input + offset, size, isRequest);
break;