From 22ce2f183dc48a3074988891c66b041b0582b38d Mon Sep 17 00:00:00 2001 From: Sean Parkinson Date: Thu, 11 May 2017 10:42:09 +1000 Subject: [PATCH] Interop testing fixes Fix TLS13 cipher suite name to CHACHA20 Include SignatureAlgorithm in older versions of TLS when compiling for TLS v1.3. BIT STRING unused bits doesn't necessarily indicate last unused bit. Fix ecc_dsa_sa_algo value. --- scripts/tls13.test | 4 ++-- src/internal.c | 6 +++--- src/tls.c | 29 ++++++++++++++++++----------- wolfcrypt/src/asn.c | 2 -- wolfssl/internal.h | 2 +- 5 files changed, 24 insertions(+), 19 deletions(-) diff --git a/scripts/tls13.test b/scripts/tls13.test index 002c3f219..27a891f58 100755 --- a/scripts/tls13.test +++ b/scripts/tls13.test @@ -162,7 +162,7 @@ echo "" # TLS 1.3 cipher suites server / client. echo -e "\n\nOnly TLS v1.3 cipher suites" port=0 -./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACH20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256 & +./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256 & server_pid=$! create_port ./examples/client/client -v 4 -p $port @@ -210,7 +210,7 @@ echo "" # TLS 1.3 cipher suites server / client. echo -e "\n\nOnly TLS v1.3 cipher suite - CHACHA20-POLY1305 SHA-256" port=0 -./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACH20-POLY1305-SHA256 & +./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACHA20-POLY1305-SHA256 & server_pid=$! create_port ./examples/client/client -v 4 -p $port diff --git a/src/internal.c b/src/internal.c index a6db2d19d..c48367faa 100755 --- a/src/internal.c +++ b/src/internal.c @@ -13621,7 +13621,7 @@ static const char* const cipher_names[] = #endif #ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256 - "TLS13-CHACH20-POLY1305-SHA256", + "TLS13-CHACHA20-POLY1305-SHA256", #endif #ifdef BUILD_TLS_AES_128_CCM_SHA256 @@ -14655,9 +14655,9 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list) } #endif /* WOLFSSL_DTLS */ - suites->suites[idx++] = (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE + suites->suites[idx++] = (XSTRSTR(name, "TLS13")) ? TLS13_BYTE + : (XSTRSTR(name, "CHACHA")) ? CHACHA_BYTE : (XSTRSTR(name, "QSH")) ? QSH_BYTE - : (XSTRSTR(name, "TLS13")) ? TLS13_BYTE : (XSTRSTR(name, "EC")) ? ECC_BYTE : (XSTRSTR(name, "CCM")) ? ECC_BYTE : 0x00; /* normal */ diff --git a/src/tls.c b/src/tls.c index 796fc89fa..59d335469 100755 --- a/src/tls.c +++ b/src/tls.c @@ -4428,7 +4428,8 @@ static int TLSX_SetSupportedVersions(TLSX** extensions, const void* data, */ static word16 TLSX_SignatureAlgorithms_GetSize(byte* data) { - int cnt = 0; + WOLFSSL* ssl = (WOLFSSL*)data; + int cnt = 0; (void)data; @@ -4446,6 +4447,7 @@ static word16 TLSX_SignatureAlgorithms_GetSize(byte* data) cnt++; #endif #ifdef WC_RSA_PSS + if (IsAtLeastTLSv1_3(ssl->version)) { #ifndef NO_SHA256 cnt++; #endif @@ -4455,6 +4457,7 @@ static word16 TLSX_SignatureAlgorithms_GetSize(byte* data) #ifdef HAVE_SHA512 cnt++; #endif + } #endif #endif @@ -4487,9 +4490,9 @@ static word16 TLSX_SignatureAlgorithms_GetSize(byte* data) */ static word16 TLSX_SignatureAlgorithms_Write(byte* data, byte* output) { - int idx = OPAQUE16_LEN; + WOLFSSL* ssl = (WOLFSSL*)data; + int idx = OPAQUE16_LEN; - (void)data; #ifndef NO_RSA #ifndef NO_SHA1 @@ -4509,6 +4512,7 @@ static word16 TLSX_SignatureAlgorithms_Write(byte* data, byte* output) output[idx++] = 0x01; #endif #ifdef WC_RSA_PSS + if (IsAtLeastTLSv1_3(ssl->version)) { #ifndef NO_SHA256 output[idx++] = 0x08; output[idx++] = 0x04; @@ -4521,6 +4525,7 @@ static word16 TLSX_SignatureAlgorithms_Write(byte* data, byte* output) output[idx++] = 0x08; output[idx++] = 0x06; #endif + } #endif #endif @@ -7065,17 +7070,17 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer) } /* is not server */ #ifdef WOLFSSL_TLS13 + WOLFSSL_MSG("Adding signature algorithms extension"); + if ((ret = TLSX_SetSignatureAlgorithms(&ssl->extensions, ssl, + ssl->heap)) != 0) + return ret; + if (!isServer && IsAtLeastTLSv1_3(ssl->version)) { /* Add mandatory TLS v1.3 extension: supported version */ WOLFSSL_MSG("Adding supported versions extension"); if ((ret = TLSX_SetSupportedVersions(&ssl->extensions, ssl, ssl->heap)) != 0) return ret; - /* Add TLS v1.3 extension: signature algorithms */ - WOLFSSL_MSG("Adding signature algorithms extension"); - if ((ret = TLSX_SetSignatureAlgorithms(&ssl->extensions, NULL, - ssl->heap)) != 0) - return ret; /* Add FFDHE supported groups. */ #ifdef HAVE_FFDHE_2048 @@ -7201,9 +7206,10 @@ word16 TLSX_GetRequestSize(WOLFSSL* ssl) QSH_VALIDATE_REQUEST(ssl, semaphore); WOLF_STK_VALIDATE_REQUEST(ssl); #if defined(WOLFSSL_TLS13) + if (!IsAtLeastTLSv1_2(ssl)) + TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); if (!IsAtLeastTLSv1_3(ssl->version)) { TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); - TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); #ifndef NO_PSK TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PRE_SHARED_KEY)); @@ -7252,9 +7258,10 @@ word16 TLSX_WriteRequest(WOLFSSL* ssl, byte* output) WOLF_STK_VALIDATE_REQUEST(ssl); QSH_VALIDATE_REQUEST(ssl, semaphore); #if defined(WOLFSSL_TLS13) + if (!IsAtLeastTLSv1_2(ssl)) + TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); if (!IsAtLeastTLSv1_3(ssl->version)) { TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SUPPORTED_VERSIONS)); - TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS)); TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_KEY_SHARE)); #ifndef NO_PSK TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_PSK_KEY_EXCHANGE_MODES)); @@ -7637,7 +7644,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, case TLSX_SIGNATURE_ALGORITHMS: WOLFSSL_MSG("Signature Algorithms extension received"); - if (!IsAtLeastTLSv1_3(ssl->version)) + if (!IsAtLeastTLSv1_2(ssl)) break; if (IsAtLeastTLSv1_3(ssl->version) && diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c index ad8431444..7d3bff0ce 100644 --- a/wolfcrypt/src/asn.c +++ b/wolfcrypt/src/asn.c @@ -1005,8 +1005,6 @@ static int CheckBitString(const byte* input, word32* inOutIdx, int* len, if (b != 0) { if ((byte)(input[idx + length - 1] << (8 - b)) != 0) return ASN_PARSE_E; - if (((input[idx + length - 1] >> b) & 0x01) != 0x01) - return ASN_PARSE_E; } idx++; length--; /* length has been checked for greater than 0 */ diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 0c6c3ed57..12c79d156 100755 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2348,7 +2348,7 @@ enum SignatureAlgorithm { anonymous_sa_algo = 0, rsa_sa_algo = 1, dsa_sa_algo = 2, - ecc_dsa_sa_algo = 4, + ecc_dsa_sa_algo = 3, rsa_pss_sa_algo = 8 };