diff --git a/src/tls.c b/src/tls.c index 46a8c12c2b..f55c84c7ea 100644 --- a/src/tls.c +++ b/src/tls.c @@ -13584,8 +13584,6 @@ static int TLSX_ECH_Parse(WOLFSSL* ssl, const byte* readBuf, word16 size, } /* HRR with special confirmation */ else if (msgType == hello_retry_request && ssl->options.useEch) { - /* TODO: confirmation may not exist -> segfault? */ - printf("\n\ngot special confirmation\n\n\n"); /* length must be 8 */ if (size != ECH_ACCEPT_CONFIRMATION_SZ) return BAD_FUNC_ARG; @@ -14441,7 +14439,6 @@ static int TLSX_Write(TLSX* list, byte* output, byte* semaphore, WOLFSSL_MSG("ECH extension to write"); ret = ECH_WRITE((WOLFSSL_ECH*)extension->data, msgType, output + offset, &offset); - fprintf(stderr, "\t\thit this\n"); break; #endif default: @@ -16975,6 +16972,18 @@ int TLSX_Parse(WOLFSSL* ssl, const byte* input, word16 length, byte msgType, if (ret == 0) ret = TCA_VERIFY_PARSE(ssl, isRequest); +#if defined(WOLFSSL_TLS13) && defined(HAVE_ECH) + /* If client used ECH, server HRR must include ECH confirmation */ + if (ret == 0 && msgType == hello_retry_request && ssl->options.useEch == 1) { + TLSX* echX = TLSX_Find(ssl->extensions, TLSX_ECH); + if (echX == NULL || ((WOLFSSL_ECH*)echX->data)->confBuf == NULL) { + WOLFSSL_MSG("ECH used but HRR missing ECH confirmation"); + WOLFSSL_ERROR_VERBOSE(EXT_MISSING); + ret = EXT_MISSING; + } + } +#endif + WOLFSSL_LEAVE("Leaving TLSX_Parse", ret); return ret; } diff --git a/src/tls13.c b/src/tls13.c index 292be15054..08c9f7cffa 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -257,7 +257,6 @@ static int Tls13HKDFExpandKeyLabel(WOLFSSL* ssl, byte* okm, word32 okmLen, #endif #if !defined(HAVE_FIPS) || (defined(FIPS_VERSION_GE) && FIPS_VERSION_GE(6,0)) - printf("Running this\n"); ret = wc_Tls13_HKDF_Expand_Label_ex(okm, okmLen, prk, prkLen, protocol, protocolLen, label, labelLen, @@ -5681,10 +5680,8 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (args->extMsgType == hello_retry_request) { args->acceptOffset = (word32)(((WOLFSSL_ECH*)args->echX->data)->confBuf - input); - printf("\n\n\nCONFBUF %p\n", ((WOLFSSL_ECH*)args->echX->data)->confBuf); args->acceptLabel = (byte*)echHrrAcceptConfirmationLabel; args->acceptLabelSz = ECH_HRR_ACCEPT_CONFIRMATION_LABEL_SZ; - printf("\n\nHELLO RETRY REQUEST\n\n\n"); } else { args->acceptLabel = (byte*)echAcceptConfirmationLabel; @@ -5692,7 +5689,6 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, } /* check acceptance */ if (ret == 0) { - printf("inOutIdx %d acceptOffset %d\n", *inOutIdx, args->acceptOffset); ret = EchCheckAcceptance(ssl, args->acceptLabel, args->acceptLabelSz, input, args->acceptOffset, helloSz); } @@ -5762,7 +5758,6 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->options.tls1_3 = 1; ssl->options.serverState = SERVER_HELLO_RETRY_REQUEST_COMPLETE; - printf("\n\n\nRestarting HASH\n\n\n\n"); ret = RestartHandshakeHash(ssl); } @@ -13062,19 +13057,11 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, return OUT_OF_ORDER_E; } - if (ssl->options.echAccepted == 1) { - printf("\n\n\nHIGH LEVEL - ECH ACCEPTED\n\n\n\n"); - } - else { - printf("\n\n\nHIGH LEVEL - ECH REJECTED\n\n\n\n"); - } - /* above checks handshake state */ switch (type) { #ifndef NO_WOLFSSL_CLIENT /* Messages only received by client. */ case server_hello: - printf("\n\n\nProcessing SERVER HELLO\n\n\n\n"); WOLFSSL_MSG("processing server hello"); ret = DoTls13ServerHello(ssl, input, inOutIdx, size, &type); #if !defined(WOLFSSL_NO_CLIENT_AUTH) && \ @@ -13225,14 +13212,6 @@ int DoTls13HandShakeMsgType(WOLFSSL* ssl, byte* input, word32* inOutIdx, break; } - if (ssl->options.echAccepted == 1) { - printf("\n\n\nHIGH LEVEL 2 - ECH ACCEPTED\n\n\n\n"); - } - else { - printf("\n\n\nHIGH LEVEL 2 - ECH REJECTED\n\n\n\n"); - } - - #if defined(WOLFSSL_ASYNC_CRYPT) || defined(WOLFSSL_ASYNC_IO) /* if async, offset index so this msg will be processed again */ /* NOTE: check this now before other calls can overwrite ret */