wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 02:37:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

TLS 13 session ticket timeout: fixup checks

Browse Source 
Check difference between now and ticket seen from encrypted ticket
against timeout.
This commit is contained in:
Sean Parkinson
2021-12-09 12:43:30 +10:00
parent 85ec6054c6
commit 32014c69fd
2 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/tls13.c
View File

@ -3987,22 +3987,28 @@ static int DoPreSharedKeys(WOLFSSL* ssl, byte* suite, int* usingPSK, int* first)
/* Decode the identity. */ /* Decode the identity. */
if (DoClientTicket(ssl, current->identity, current->identityLen) if (DoClientTicket(ssl, current->identity, current->identityLen)
== WOLFSSL_TICKET_RET_OK) { == WOLFSSL_TICKET_RET_OK) {
word32 now; word32 now;
int diff; sword64 diff;
now = TimeNowInMilliseconds(); now = TimeNowInMilliseconds();
if (now == (word32)GETTIME_ERROR) if (now == (word32)GETTIME_ERROR)
return now; return now;
if (now < ssl->session.ticketSeen) /* Difference between now and time ticket constructed
diff = (0xFFFFFFFFU - ssl->session.ticketSeen) + 1 + now; * (from decrypted ticket). */
else diff = now;
diff = now - ssl->session.ticketSeen; diff -= ssl->session.ticketSeen;
diff -= current->ticketAge - ssl->session.ticketAdd; if (diff > (sword64)ssl->timeout * 1000 ||
diff > (sword64)TLS13_MAX_TICKET_AGE * 1000) {
current = current->next;
continue;
}
/* Subtract client's ticket age and unobfuscate. */
diff -= current->ticketAge;
diff += ssl->session.ticketAdd;
/* Check session and ticket age timeout. /* Check session and ticket age timeout.
* Allow +/- 1000 milliseconds on ticket age. * Allow +/- 1000 milliseconds on ticket age.
*/ */
if (diff > (int)ssl->timeout * 1000 || diff < -1000 || if (diff < -1000 || diff - MAX_TICKET_AGE_DIFF * 1000 > 1000) {
diff - MAX_TICKET_AGE_SECS * 1000 > 1000) {
current = current->next; current = current->next;
continue; continue;
} }

11
wolfssl/internal.h
View File

@ -1490,11 +1490,12 @@ enum Misc {
DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */ DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */
DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */ DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */
NULL_TERM_LEN = 1, /* length of null '\0' termination character */ NULL_TERM_LEN = 1, /* length of null '\0' termination character */
MAX_PSK_KEY_LEN = 64, /* max psk key supported */ MAX_PSK_KEY_LEN = 64, /* max psk key supported */
MIN_PSK_ID_LEN = 6, /* min length of identities */ MIN_PSK_ID_LEN = 6, /* min length of identities */
MIN_PSK_BINDERS_LEN= 33, /* min length of binders */ MIN_PSK_BINDERS_LEN = 33, /* min length of binders */
MAX_TICKET_AGE_SECS= 10, /* maximum ticket age in seconds */ MAX_TICKET_AGE_DIFF = 10, /* maximum ticket age difference in seconds */
TLS13_MAX_TICKET_AGE = 7*24*60*60, /* max ticket age in seconds, 7 days */
#ifndef MAX_WOLFSSL_FILE_SIZE #ifndef MAX_WOLFSSL_FILE_SIZE
MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */ MAX_WOLFSSL_FILE_SIZE = 1024ul * 1024ul * 4, /* 4 mb file size alloc limit */