From d576e3ef962940bf189e1e4a78f8c71669df7237 Mon Sep 17 00:00:00 2001 From: Hideki Miyazaki Date: Fri, 14 May 2021 14:37:04 +0900 Subject: [PATCH] not send smaller versions than minimum downgradable version as supportedversion ext --- examples/client/client.c | 19 ++++++++-- examples/server/server.c | 34 ++++++++++++++++-- src/tls.c | 24 ++++++++----- src/tls13.c | 4 --- tests/test-tls13-down.conf | 74 +++++++++++++++++++++++++++++++++++++- 5 files changed, 137 insertions(+), 18 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index 9ede92d1b..3f3a0ed0a 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -974,7 +974,7 @@ static int ClientRead(WOLFSSL* ssl, char* reply, int replyLen, int mustRead, /* 4. add the same message into Japanese section */ /* (will be translated later) */ /* 5. add printf() into suitable position of Usage() */ -static const char* client_usage_msg[][68] = { +static const char* client_usage_msg[][69] = { /* English */ { " NOTE: All files relative to wolfSSL home dir\n", /* 0 */ @@ -1160,6 +1160,13 @@ static const char* client_usage_msg[][68] = { !defined(WOLFSENTRY_NO_JSON) "--wolfsentry-config Path for JSON wolfSentry config\n", /* 68 */ +#endif +#ifndef WOLFSSL_TLS13 + "-7 Set minimum downgrade protocol version [0-3] " + " SSLv3(0) - TLS1.2(3)\n", +#else + "-7 Set minimum downgrade protocol version [0-4] " + " SSLv3(0) - TLS1.3(4)\n", /* 69 */ #endif NULL, }, @@ -1350,7 +1357,14 @@ static const char* client_usage_msg[][68] = { #if defined(WOLFSSL_WOLFSENTRY_HOOKS) && !defined(NO_FILESYSTEM) && \ !defined(WOLFSENTRY_NO_JSON) "--wolfsentry-config wolfSentry コンフィグファイル\n", - /* 68 */ + /* 68 */ +#endif +#ifndef WOLFSSL_TLS13 + "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-3] " + " SSLv3(0) - TLS1.2(3)\n", +#else + "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] " + " SSLv3(0) - TLS1.3(4)\n", /* 69 */ #endif NULL, }, @@ -1534,6 +1548,7 @@ static void Usage(void) !defined(WOLFSENTRY_NO_JSON) printf("%s", msg[++msgid]); /* --wolfsentry-config */ #endif + printf("%s", msg[++msgid]); /* -7 */ } THREAD_RETURN WOLFSSL_THREAD client_test(void* args) diff --git a/examples/server/server.c b/examples/server/server.c index a1956f395..603dadba1 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -676,7 +676,7 @@ static void SetKeyShare(WOLFSSL* ssl, int onlyKeyShare, int useX25519, /* 4. add the same message into Japanese section */ /* (will be translated later) */ /* 5. add printf() into suitable position of Usage() */ -static const char* server_usage_msg[][58] = { +static const char* server_usage_msg[][59] = { /* English */ { " NOTE: All files relative to wolfSSL home dir\n", /* 0 */ @@ -815,6 +815,14 @@ static const char* server_usage_msg[][58] = { "--wolfsentry-config Path for JSON wolfSentry config\n", /* 58 */ #endif + +#ifndef WOLFSSL_TLS13 + "-7 Set minimum downgrade protocol version [0-3] " + " SSLv3(0) - TLS1.2(3)\n", +#else + "-7 Set minimum downgrade protocol version [0-4] " + " SSLv3(0) - TLS1.3(4)\n", /* 59 */ +#endif NULL, }, #ifndef NO_MULTIBYTE_PRINT @@ -962,6 +970,13 @@ static const char* server_usage_msg[][58] = { #if defined(WOLFSSL_WOLFSENTRY_HOOKS) && !defined(NO_FILESYSTEM) && !defined(WOLFSENTRY_NO_JSON) "--wolfsentry-config wolfSentry コンフィグファイル\n", /* 58 */ +#endif +#ifndef WOLFSSL_TLS13 + "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-3] " + " SSLv3(0) - TLS1.2(3)\n", +#else + "-7 最小ダウングレード可能なプロトコルバージョンを設定します [0-4] " + " SSLv3(0) - TLS1.3(4)\n", /* 59 */ #endif NULL, }, @@ -1103,6 +1118,7 @@ static void Usage(void) !defined(WOLFSENTRY_NO_JSON) printf("%s", msg[++msgId]); /* --wolfsentry-config */ #endif + printf("%s", msg[++msgId]); /* -7 */ } THREAD_RETURN WOLFSSL_THREAD server_test(void* args) @@ -1118,7 +1134,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #ifdef WOLFSSL_WOLFSENTRY_HOOKS wolfsentry_errcode_t wolfsentry_ret; #endif - + int minVersion = SERVER_INVALID_VERSION; + int setMinVersion = 0; int useWebServerMsg = 0; char input[SRV_READ_SZ]; #ifndef WOLFSSL_VXWORKS @@ -1782,7 +1799,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) nonBlocking = 1; simulateWantWrite = 1; break; - + case '7' : + setMinVersion = 1; + minVersion = atoi(myoptarg); + if (minVersion < 0 || minVersion > 4) { + Usage(); + XEXIT_T(MY_EX_USAGE); + } + break; case '8' : #ifdef HAVE_CURVE448 useX448 = 1; @@ -1979,6 +2003,10 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) #endif /* WOLFSSL_STATIC_MEMORY */ if (ctx == NULL) err_sys_ex(catastrophic, "unable to get ctx"); + + if (setMinVersion) { + wolfSSL_CTX_SetMinVersion(ctx, minVersion); + } #ifdef WOLFSSL_WOLFSENTRY_HOOKS if (wolfsentry_setup(&wolfsentry, wolfsentry_config_path, diff --git a/src/tls.c b/src/tls.c index 4829fd294..dad4e9aa6 100644 --- a/src/tls.c +++ b/src/tls.c @@ -5969,26 +5969,30 @@ static int TLSX_SupportedVersions_GetSize(void* data, byte msgType, word16* pSz) int cnt = 0; #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1_3) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1_3) == 0 && + (ssl->options.minDowngrade <= TLSv1_3_MINOR)) #endif cnt++; if (ssl->options.downgrade) { #ifndef WOLFSSL_NO_TLS12 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1_2) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1_2) == 0 && + (ssl->options.minDowngrade <= TLSv1_2_MINOR)) #endif cnt++; #endif #ifndef NO_OLD_TLS #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1_1) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1_1) == 0 && + (ssl->options.minDowngrade <= TLSv1_1_MINOR)) #endif cnt++; #ifdef WOLFSSL_ALLOW_TLSV10 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1) == 0 && + (ssl->options.minDowngrade <= TLSv1_MINOR)) #endif cnt++; #endif @@ -6026,7 +6030,8 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, cnt = output++; *cnt = 0; #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1_3) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1_3) == 0 && + (ssl->options.minDowngrade <= TLSv1_3_MINOR)) #endif { *cnt += OPAQUE16_LEN; @@ -6043,7 +6048,8 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, if (ssl->options.downgrade) { #ifndef WOLFSSL_NO_TLS12 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1_2) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1_2) == 0 && + (ssl->options.minDowngrade <= TLSv1_2_MINOR)) #endif { *cnt += OPAQUE16_LEN; @@ -6054,7 +6060,8 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, #ifndef NO_OLD_TLS #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1_1) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1_1) == 0 && + (ssl->options.minDowngrade <= TLSv1_1_MINOR)) #endif { *cnt += OPAQUE16_LEN; @@ -6063,7 +6070,8 @@ static int TLSX_SupportedVersions_Write(void* data, byte* output, } #ifdef WOLFSSL_ALLOW_TLSV10 #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if ((ssl->options.mask & SSL_OP_NO_TLSv1) == 0) + if ((ssl->options.mask & SSL_OP_NO_TLSv1) == 0 && + (ssl->options.minDowngrade <= TLSv1_MINOR)) #endif { *cnt += OPAQUE16_LEN; diff --git a/src/tls13.c b/src/tls13.c index 6d547b9a0..2d4aa1ffa 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -3450,10 +3450,6 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return VERSION_ERROR; ssl->version.minor = args->pv.minor; } - if (foundVersion && ssl->options.downgrade && - (args->pv.minor < ssl->options.minDowngrade)) { - return VERSION_ERROR; - } } /* Advance state and proceed */ diff --git a/tests/test-tls13-down.conf b/tests/test-tls13-down.conf index 181b286eb..9fb124776 100644 --- a/tests/test-tls13-down.conf +++ b/tests/test-tls13-down.conf @@ -38,7 +38,79 @@ -v d -r -# lcient TLSv1.3 downgrade and resume +# cient TLSv1.3 downgrade and resume -v 3 -r +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 +-H exitWithRet + +# client TLSv1.2, should fail +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 +-H exitWithRet + +# server TLSv1.2 +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 +-H exitWithRet + +# client TLSv1.3, should fail +-v 4 +-l TLS13-AES128-GCM-SHA256 +-H exitWithRet + +# server TLSv1.2 +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 +-H exitWithRet + +# client +# enable downgrade +# minimum downgradable TLSv 1.3 +# expect to be failure +-7 4 +-v d +-l TLS13-AES128-GCM-SHA256 +-H exitWithRet + +# server +# enable downgrade +# minimum downgradable TLSv 1.3 +-7 4 +-v d +-l TLS13-AES128-GCM-SHA256 + +# client +# enable downgrade +# minimum downgradable TLSv 1.3 +-7 4 +-v d +-l TLS13-AES128-GCM-SHA256 + +# server +# enable downgrade +# minimum downgradable TLSv 1.2 +-7 3 +-v d +-l ECDHE-RSA-AES256-GCM-SHA384 + +# client TLSv 1.2 +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 + +# server +# enable downgrade +# minimum downgradable TLSv 1.3 +# expect to be failure +-7 4 +-v d +-l TLS13-AES128-GCM-SHA256 +-H exitWithRet + +# client TLSv 1.2 +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 +-H exitWithRet