From b63f43a2af5c7d2a9bd83a42cd15248454a53c01 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 29 Dec 2020 22:42:31 +0100 Subject: [PATCH 1/9] Nginx 1.19.6 - Implement X509_pubkey_digest - Initialize entire WOLFSSL_X509_NAME struct to zero - Set raw and rawLen when copying WOLFSSL_X509_NAME --- src/internal.c | 8 +------- src/ssl.c | 34 ++++++++++++++++++++++++++++++++++ wolfssl/openssl/ssl.h | 2 ++ wolfssl/ssl.h | 2 ++ 4 files changed, 39 insertions(+), 7 deletions(-) diff --git a/src/internal.c b/src/internal.c index e48085de1..2d8ad5687 100644 --- a/src/internal.c +++ b/src/internal.c @@ -3393,15 +3393,9 @@ void InitX509Name(WOLFSSL_X509_NAME* name, int dynamicFlag, void* heap) (void)heap; if (name != NULL) { + XMEMSET(name, 0, sizeof(WOLFSSL_X509_NAME)); name->name = name->staticName; - name->dynamicName = 0; - name->sz = 0; name->heap = heap; -#if defined(OPENSSL_EXTRA) || defined(OPENSSL_EXTRA_X509_SMALL) - XMEMSET(name->entry, 0, sizeof(name->entry)); - name->x509 = NULL; - name->entrySz = 0; -#endif /* OPENSSL_EXTRA */ } } diff --git a/src/ssl.c b/src/ssl.c index 14a160dc2..ef1f645da 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -10402,6 +10402,29 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest, } #endif +int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509, + const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len) +{ + int ret; + + WOLFSSL_ENTER("wolfSSL_X509_pubkey_digest"); + + if (x509 == NULL || digest == NULL) { + WOLFSSL_MSG("Null argument found"); + return WOLFSSL_FAILURE; + } + + if (x509->pubKey.buffer == NULL || x509->pubKey.length == 0) { + WOLFSSL_MSG("No DER public key stored in X509"); + return WOLFSSL_FAILURE; + } + + ret = wolfSSL_EVP_Digest(x509->pubKey.buffer, x509->pubKey.length, buf, + len, digest, NULL); + WOLFSSL_LEAVE("wolfSSL_X509_pubkey_digest", ret); + return ret; +} + int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey) { WOLFSSL_ENTER("wolfSSL_use_PrivateKey"); @@ -52896,6 +52919,17 @@ int wolfSSL_X509_NAME_copy(WOLFSSL_X509_NAME* from, WOLFSSL_X509_NAME* to) return BAD_FUNC_ARG; } +#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY) + if (from->rawLen > 0) { + if (from->rawLen > ASN_NAME_MAX) { + WOLFSSL_MSG("Bad raw size"); + return BAD_FUNC_ARG; + } + XMEMCPY(to->raw, from->raw, from->rawLen); + to->rawLen = from->rawLen; + } +#endif + if (from->dynamicName) { to->name = (char*)XMALLOC(from->sz, to->heap, DYNAMIC_TYPE_SUBJECT_CN); if (to->name == NULL) diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 52718b7a9..05296b582 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -409,6 +409,7 @@ typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; #define X509_free wolfSSL_X509_free #define X509_load_certificate_file wolfSSL_X509_load_certificate_file #define X509_digest wolfSSL_X509_digest +#define X509_pubkey_digest wolfSSL_X509_pubkey_digest #define X509_get_ext_count wolfSSL_X509_get_ext_count #define X509_get_ext_d2i wolfSSL_X509_get_ext_d2i #define X509V3_EXT_i2d wolfSSL_X509V3_EXT_i2d @@ -1126,6 +1127,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL3_AD_BAD_CERTIFICATE bad_certificate #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE +#define SSL_AD_UNRECOGNIZED_NAME unrecognized_name #define ASN1_STRFLGS_ESC_MSB 4 diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index f315b0436..5c412cab5 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3477,6 +3477,8 @@ WOLFSSL_API void wolfSSL_X509V3_set_ctx(WOLFSSL_X509V3_CTX* ctx, WOLFSSL_API void wolfSSL_X509V3_set_ctx_nodb(WOLFSSL_X509V3_CTX* ctx); WOLFSSL_API int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest, unsigned char* buf, unsigned int* len); +WOLFSSL_API int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509, + const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len); WOLFSSL_API int wolfSSL_use_certificate(WOLFSSL* ssl, WOLFSSL_X509* x509); WOLFSSL_API int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey); WOLFSSL_API int wolfSSL_use_PrivateKey_ASN1(int pri, WOLFSSL* ssl, From 9a1e54cfd50baf486302c1d87fab40f8b1780e11 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 19 Jan 2021 16:25:00 +0100 Subject: [PATCH 2/9] Nginx 1.19.6 Fixes --- configure.ac | 2 +- src/internal.c | 12 +++++++++--- src/ocsp.c | 4 +++- src/ssl.c | 36 +++++++++++++----------------------- tests/api.c | 4 ++-- wolfssl/internal.h | 2 +- wolfssl/openssl/ssl.h | 3 +++ wolfssl/ssl.h | 2 +- 8 files changed, 33 insertions(+), 32 deletions(-) diff --git a/configure.ac b/configure.ac index dd8a6ac74..052569e58 100644 --- a/configure.ac +++ b/configure.ac @@ -2530,7 +2530,7 @@ AC_ARG_ENABLE([anon], [ ENABLED_ANON=no ] ) -if test "x$ENABLED_WPAS" = "xyes" +if test "x$ENABLED_WPAS" = "xyes" || test "$ENABLED_NGINX" = "yes" then ENABLED_ANON=yes fi diff --git a/src/internal.c b/src/internal.c index 2d8ad5687..1b8eec9b9 100644 --- a/src/internal.c +++ b/src/internal.c @@ -31113,16 +31113,22 @@ static int DefTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], #ifdef HAVE_SNI int SNI_Callback(WOLFSSL* ssl) { + int ad = 0; + int sniRet = 0; /* Stunnel supports a custom sni callback to switch an SSL's ctx * when SNI is received. Call it now if exists */ if(ssl && ssl->ctx && ssl->ctx->sniRecvCb) { WOLFSSL_MSG("Calling custom sni callback"); - if(ssl->ctx->sniRecvCb(ssl, NULL, ssl->ctx->sniRecvCbArg) - == alert_fatal) { + sniRet = ssl->ctx->sniRecvCb(ssl, &ad, ssl->ctx->sniRecvCbArg); + if (sniRet == alert_fatal) { WOLFSSL_MSG("Error in custom sni callback. Fatal alert"); - SendAlert(ssl, alert_fatal, unrecognized_name); + SendAlert(ssl, alert_fatal, ad); return FATAL_ERROR; } + else if (sniRet == alert_warning) { + WOLFSSL_MSG("Error in custom sni callback. Warning alert"); + SendAlert(ssl, alert_warning, ad); + } } return 0; } diff --git a/src/ocsp.c b/src/ocsp.c index 4862cf939..216ed23bc 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -598,7 +598,9 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id( (void)dgst; cm = wolfSSL_CertManagerNew(); - if (cm == NULL) + if (cm == NULL + || subject == NULL || subject->derCert == NULL + || issuer == NULL || issuer->derCert == NULL) return NULL; ret = AllocDer(&derCert, issuer->derCert->length, diff --git a/src/ssl.c b/src/ssl.c index ef1f645da..ebccbeb7e 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -18260,37 +18260,22 @@ size_t wolfSSL_get_client_random(const WOLFSSL* ssl, unsigned char* out, #endif /* KEEP_PEER_CERT */ -#if defined(SESSION_CERTS) -/* Return stack of peer certs. - * If Qt or OPENSSL_ALL is defined then return ssl->peerCertChain. - * All other cases return &ssl->session.chain - * ssl->peerCertChain is type WOLFSSL_STACK* - * ssl->session.chain is type WOLFSSL_X509_CHAIN +#if defined(SESSION_CERTS) && defined(OPENSSL_EXTRA) +/* Return stack of peer certs. * Caller does not need to free return. The stack is Free'd when WOLFSSL* ssl is. */ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl) { - WOLFSSL_STACK* sk; WOLFSSL_ENTER("wolfSSL_get_peer_cert_chain"); if (ssl == NULL) return NULL; - #if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) - if (ssl->peerCertChain == NULL) - wolfSSL_set_peer_cert_chain((WOLFSSL*) ssl); - sk = ssl->peerCertChain; - #else - sk = (WOLF_STACK_OF(WOLFSSL_X509)* )&ssl->session.chain; - #endif - - if (sk == NULL) { - WOLFSSL_MSG("Error: Null Peer Cert Chain"); - } - return sk; + if (ssl->peerCertChain == NULL) + wolfSSL_set_peer_cert_chain((WOLFSSL*) ssl); + return ssl->peerCertChain; } -#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) /* Builds up and creates a stack of peer certificates for ssl->peerCertChain based off of the ssl session chain. Returns stack of WOLFSSL_X509 certs or NULL on failure */ @@ -18335,8 +18320,7 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl) ssl->peerCertChain = sk; return sk; } -#endif /* OPENSSL_ALL || WOLFSSL_QT */ -#endif /* SESSION_CERTS */ +#endif /* SESSION_CERTS && OPENSSL_EXTRA */ #ifndef NO_CERTS #if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) || \ @@ -29759,6 +29743,8 @@ WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk) switch (sk->type) { case STACK_TYPE_X509: + if (!sk->data.x509) + break; cur->data.x509 = wolfSSL_X509_dup(sk->data.x509); if (!cur->data.x509) { WOLFSSL_MSG("wolfSSL_X509_dup error"); @@ -29769,6 +29755,8 @@ WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk) wolfSSL_CIPHER_copy(&sk->data.cipher, &cur->data.cipher); break; case STACK_TYPE_GEN_NAME: + if (!sk->data.gn) + break; cur->data.gn = wolfSSL_GENERAL_NAME_dup(sk->data.gn); if (!cur->data.gn) { WOLFSSL_MSG("wolfSSL_GENERAL_NAME_new error"); @@ -29776,6 +29764,8 @@ WOLFSSL_STACK* wolfSSL_sk_dup(WOLFSSL_STACK* sk) } break; case STACK_TYPE_OBJ: + if (!sk->data.obj) + break; cur->data.obj = wolfSSL_ASN1_OBJECT_dup(sk->data.obj); if (!cur->data.obj) { WOLFSSL_MSG("wolfSSL_ASN1_OBJECT_dup error"); @@ -48010,7 +48000,7 @@ WOLF_STACK_OF(WOLFSSL_STRING) *wolfSSL_X509_get1_ocsp(WOLFSSL_X509 *x) WOLFSSL_STACK* list = NULL; char* url; - if (x->authInfoSz == 0) + if (x == NULL || x->authInfoSz == 0) return NULL; list = (WOLFSSL_STACK*)XMALLOC(sizeof(WOLFSSL_STACK) + x->authInfoSz + 1, diff --git a/tests/api.c b/tests/api.c index 6b3af3092..cde3746e4 100644 --- a/tests/api.c +++ b/tests/api.c @@ -28547,7 +28547,7 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl) { (void) ctx; (void) ssl; - #ifdef WOLFSSL_QT + #ifdef OPENSSL_EXTRA STACK_OF(X509)* sk; X509* x509; int i, num; @@ -28559,7 +28559,7 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl) AssertIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 1); #endif - #ifdef WOLFSSL_QT + #ifdef OPENSSL_EXTRA bio = BIO_new(BIO_s_file()); BIO_set_fp(bio, stdout, BIO_NOCLOSE); sk = SSL_get_peer_cert_chain(ssl); diff --git a/wolfssl/internal.h b/wolfssl/internal.h index d4f68a815..2cbc325a0 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -4369,7 +4369,7 @@ struct WOLFSSL { #ifdef OPENSSL_ALL long verifyCallbackResult; #endif -#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) +#if defined(OPENSSL_EXTRA) WOLFSSL_STACK* supportedCiphers; /* Used in wolfSSL_get_ciphers_compat */ WOLFSSL_STACK* peerCertChain; /* Used in wolfSSL_get_peer_cert_chain */ #endif diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h index 05296b582..ae5869ea4 100644 --- a/wolfssl/openssl/ssl.h +++ b/wolfssl/openssl/ssl.h @@ -1128,6 +1128,8 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL3_AD_BAD_CERTIFICATE bad_certificate #define SSL_AD_BAD_CERTIFICATE SSL3_AD_BAD_CERTIFICATE #define SSL_AD_UNRECOGNIZED_NAME unrecognized_name +#define SSL_AD_NO_RENEGOTIATION no_renegotiation +#define SSL_AD_INTERNAL_ERROR 80 #define ASN1_STRFLGS_ESC_MSB 4 @@ -1168,6 +1170,7 @@ wolfSSL_X509_STORE_set_verify_cb((WOLFSSL_X509_STORE *)(s), (WOLFSSL_X509_STORE_ #define SSL3_AL_FATAL 2 #define SSL_TLSEXT_ERR_OK 0 #define SSL_TLSEXT_ERR_ALERT_FATAL alert_fatal +#define SSL_TLSEXT_ERR_ALERT_WARNING alert_warning #define SSL_TLSEXT_ERR_NOACK alert_warning #define TLSEXT_NAMETYPE_host_name WOLFSSL_SNI_HOST_NAME diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 5c412cab5..9a5496918 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -2114,8 +2114,8 @@ WOLFSSL_API int wolfSSL_CTX_set_default_verify_paths(WOLFSSL_CTX*); WOLFSSL_API int wolfSSL_CTX_set_session_id_context(WOLFSSL_CTX*, const unsigned char*, unsigned int); WOLFSSL_ABI WOLFSSL_API WOLFSSL_X509* wolfSSL_get_peer_certificate(WOLFSSL*); +#ifdef OPENSSL_EXTRA WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL*); -#if defined(WOLFSSL_QT) || defined(OPENSSL_ALL) WOLFSSL_API WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl); #endif From 26df83307477cfcc36991973d0dffc87f014dbae Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Mon, 11 Jan 2021 16:06:43 +0100 Subject: [PATCH 3/9] Compat layer session tickets - OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL. - Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb --- examples/echoserver/echoserver.c | 6 +++ examples/server/server.c | 6 +++ src/internal.c | 91 +++++++++++++++++++++++++++++++- src/ssl.c | 37 ++++++++----- tests/api.c | 4 ++ wolfssl/internal.h | 1 + wolfssl/ssl.h | 7 +++ wolfssl/test.h | 74 ++++++++++++++++++++++---- 8 files changed, 201 insertions(+), 25 deletions(-) diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 1ef3007f8..d864f8cb2 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -169,8 +169,14 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) if (TicketInit() != 0) err_sys("unable to setup Session Ticket Key context"); +#ifdef OPENSSL_EXTRA + /* In OpenSSL compat case, the compat layer handles the session + * tickets internally by default */ +#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ + defined(HAVE_AESGCM)) wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif +#endif #ifndef NO_FILESYSTEM if (doPSK == 0) { diff --git a/examples/server/server.c b/examples/server/server.c index 05b6f2f54..2260fa46c 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -1804,8 +1804,14 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) if (TicketInit() != 0) err_sys_ex(catastrophic, "unable to setup Session Ticket Key context"); +#ifdef OPENSSL_EXTRA + /* In OpenSSL compat case, the compat layer handles the session + * tickets internally by default */ +#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ + defined(HAVE_AESGCM)) wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif +#endif #if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_STATIC_EPHEMERAL) /* used for testing only to set a static/fixed ephemeral key diff --git a/src/internal.c b/src/internal.c index 1b8eec9b9..02bbfd6b6 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1673,6 +1673,78 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side) } #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ + defined(OPENSSL_EXTRA) +static int ctxInitTicket(WOLFSSL_CTX* ctx) +{ + WC_RNG rng; + int ret = 0; + + ret = wc_InitRng(&rng); + if (ret != 0) + return ret; + + ret = wc_RNG_GenerateBlock(&rng, + ctx->ticketCompatName, sizeof(ctx->ticketCompatName)); + if (ret == 0) + ret = wc_RNG_GenerateBlock(&rng, + ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); + if (ret == 0) + ret = wc_RNG_GenerateBlock(&rng, + ctx->ticketCompatHmacKey, sizeof(ctx->ticketCompatHmacKey)); + if (ret == 0) + ret = wc_RNG_GenerateBlock(&rng, + ctx->ticketCompatIV, sizeof(ctx->ticketCompatIV)); + + wc_FreeRng(&rng); + return ret; +} + +static WC_INLINE int myTicketEncCbCompat(WOLFSSL* ssl, + byte name[WOLFSSL_TICKET_NAME_SZ], + byte iv[WOLFSSL_TICKET_IV_SZ], + WOLFSSL_EVP_CIPHER_CTX *ectx, + WOLFSSL_HMAC_CTX *hctx, int enc) { + WOLFSSL_ENTER("myTicketEncCbCompat"); + + if (ssl == NULL || name == NULL || iv == NULL || ectx == NULL + || hctx == NULL) + return TICKET_KEY_CB_RET_FAILURE; + + if (enc) { + XMEMCPY(name, ssl->ctx->ticketCompatName, sizeof(ssl->ctx->ticketCompatName)); + XMEMCPY(iv, ssl->ctx->ticketCompatIV, sizeof(ssl->ctx->ticketCompatIV)); + } + else if (XMEMCMP(name, ssl->ctx->ticketCompatName, + sizeof(ssl->ctx->ticketCompatName)) != 0 || + XMEMCMP(iv, ssl->ctx->ticketCompatIV, + sizeof(ssl->ctx->ticketCompatIV)) != 0) { + WOLFSSL_MSG("myTicketEncCbCompat: name or iv mismatch"); + return TICKET_KEY_CB_RET_NOT_FOUND; + } + if (wolfSSL_HMAC_Init(hctx, ssl->ctx->ticketCompatHmacKey, + WOLFSSL_TICKET_NAME_SZ, wolfSSL_EVP_sha256()) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_HMAC_Init error"); + return TICKET_KEY_CB_RET_FAILURE; + } + if (enc) { + if (wolfSSL_EVP_EncryptInit(ectx, wolfSSL_EVP_aes_256_cbc(), + ssl->ctx->ticketCompatKey, iv) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_EVP_EncryptInit error"); + return TICKET_KEY_CB_RET_FAILURE; + } + } + else { + if (wolfSSL_EVP_DecryptInit(ectx, wolfSSL_EVP_aes_256_cbc(), + ssl->ctx->ticketCompatKey, iv) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_EVP_DecryptInit error"); + return TICKET_KEY_CB_RET_FAILURE; + } + } + return TICKET_KEY_CB_RET_OK; +} +#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER && OPENSSL_EXTRA */ + /* Initialize SSL context, return 0 on success */ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) { @@ -1825,10 +1897,21 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->ticketEncCtx = (void*)&ctx->ticketKeyCtx; #endif ctx->ticketHint = SESSION_TICKET_HINT_DEFAULT; +#ifdef OPENSSL_EXTRA + if (ret == 0) + ret = ctxInitTicket(ctx); + /* No need for compat ticket init flag since below callback setter is + * only called when the above parameter generation has succeeded */ + if (ret == 0 && + wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbCompat) + != WOLFSSL_SUCCESS) + ret = SESSION_SECRET_CB_E; +#endif #endif #ifdef HAVE_WOLF_EVENT - ret = wolfEventQueue_Init(&ctx->event_queue); + if (ret == 0) + ret = wolfEventQueue_Init(&ctx->event_queue); #endif /* HAVE_WOLF_EVENT */ #ifdef WOLFSSL_EARLY_DATA @@ -1970,6 +2053,12 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx) } } #endif /* WOLFSSL_STATIC_MEMORY */ +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ + defined(OPENSSL_EXTRA) + ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); + ForceZero(ctx->ticketCompatHmacKey, sizeof(ctx->ticketCompatHmacKey)); + ForceZero(ctx->ticketCompatIV, sizeof(ctx->ticketCompatIV)); +#endif } diff --git a/src/ssl.c b/src/ssl.c index ebccbeb7e..97a096458 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -15704,6 +15704,14 @@ int wolfSSL_set_compression(WOLFSSL* ssl) ctx->mask = wolf_set_options(ctx->mask, opt); +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) + if (ctx->mask & SSL_OP_NO_TICKET) { + ctx->ticketEncCb = NULL; + ctx->ticketCompatCb = NULL; + WOLFSSL_MSG("\tSSL_OP_NO_TICKET"); + } +#endif + return ctx->mask; } @@ -47561,16 +47569,7 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) -/* Expected return values from implementations of OpenSSL ticket key callback. - */ -#define TICKET_KEY_CB_RET_FAILURE -1 -#define TICKET_KEY_CB_RET_NOT_FOUND 0 -#define TICKET_KEY_CB_RET_OK 1 -#define TICKET_KEY_CB_RET_RENEW 2 -/* The ticket key callback as used in OpenSSL is stored here. */ -static int (*ticketKeyCb)(WOLFSSL *ssl, unsigned char *name, unsigned char *iv, - WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc) = NULL; /* Implementation of session ticket encryption/decryption using OpenSSL * callback to initialize the cipher and HMAC. @@ -47605,14 +47604,24 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl, (void)ctx; - if (ticketKeyCb == NULL) + WOLFSSL_ENTER("wolfSSL_TicketKeyCb"); + + if (ssl == NULL || ssl->ctx == NULL || ssl->ctx->ticketCompatCb == NULL) { + WOLFSSL_MSG("Bad parameter"); return WOLFSSL_TICKET_RET_FATAL; + } wolfSSL_EVP_CIPHER_CTX_init(&evpCtx); - /* Initialize the cipher and HMAC. */ - res = ticketKeyCb(ssl, keyName, iv, &evpCtx, &hmacCtx, enc); - if (res != TICKET_KEY_CB_RET_OK && res != TICKET_KEY_CB_RET_RENEW) + if (wolfSSL_HMAC_CTX_Init(&hmacCtx) != WOLFSSL_SUCCESS) { + WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init error"); return WOLFSSL_TICKET_RET_FATAL; + } + /* Initialize the cipher and HMAC. */ + res = ssl->ctx->ticketCompatCb(ssl, keyName, iv, &evpCtx, &hmacCtx, enc); + if (res != TICKET_KEY_CB_RET_OK && res != TICKET_KEY_CB_RET_RENEW) { + WOLFSSL_MSG("Ticket callback error"); + return WOLFSSL_TICKET_RET_FATAL; + } if (enc) { @@ -47676,7 +47685,7 @@ int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *ctx, int (*cb)( WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)) { /* Store callback in a global. */ - ticketKeyCb = cb; + ctx->ticketCompatCb = cb; /* Set the ticket encryption callback to be a wrapper around OpenSSL * callback. */ diff --git a/tests/api.c b/tests/api.c index cde3746e4..7224d3af4 100644 --- a/tests/api.c +++ b/tests/api.c @@ -2649,8 +2649,12 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) #if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) TicketInit(); +#ifdef OPENSSL_EXTRA + wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbOpenSSL); +#else wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif +#endif #if defined(USE_WINDOWS_API) port = ((func_args*)args)->signal->port; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 2cbc325a0..9b02f70ba 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2931,6 +2931,7 @@ struct WOLFSSL_CTX { TicketEncCbCtx ticketKeyCtx; #endif #endif + #endif #ifdef HAVE_SUPPORTED_CURVES byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */ #endif diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 9a5496918..6b7085768 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3252,6 +3252,13 @@ enum TicketEncRet { WOLFSSL_API int wolfSSL_CTX_NoTicketTLSv12(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_NoTicketTLSv12(WOLFSSL* ssl); +/* Expected return values from implementations of OpenSSL ticket key callback. + */ +#define TICKET_KEY_CB_RET_FAILURE -1 +#define TICKET_KEY_CB_RET_NOT_FOUND 0 +#define TICKET_KEY_CB_RET_OK 1 +#define TICKET_KEY_CB_RET_RENEW 2 + typedef int (*SessionTicketEncCb)(WOLFSSL*, unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], unsigned char iv[WOLFSSL_TICKET_IV_SZ], diff --git a/wolfssl/test.h b/wolfssl/test.h index 5da853e60..6e0df1ceb 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -3930,10 +3930,71 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) } - #if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ defined(HAVE_AESGCM)) + static THREAD_LS_T WC_RNG myKey_rng; + + static WC_INLINE void TicketCleanup(void) + { + wc_FreeRng(&myKey_rng); + } + +#ifdef OPENSSL_EXTRA + + typedef struct key_ctx { + byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */ + byte key[AES_256_KEY_SIZE]; /* cipher key */ + byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */ + byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */ + } key_ctx; + + static THREAD_LS_T key_ctx myKey_ctx; + + static WC_INLINE int TicketInit(void) + { + int ret = wc_InitRng(&myKey_rng); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name, sizeof(myKey_ctx.name)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.hmacKey, sizeof(myKey_ctx.hmacKey)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.iv,sizeof(myKey_ctx.iv)); + if (ret != 0) return ret; + + return 0; + } + + static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl, + byte name[WOLFSSL_TICKET_NAME_SZ], + byte iv[WOLFSSL_TICKET_IV_SZ], + WOLFSSL_EVP_CIPHER_CTX *ectx, + WOLFSSL_HMAC_CTX *hctx, int enc) { + (void)ssl; + if (enc) { + XMEMCPY(name, myKey_ctx.name, sizeof(myKey_ctx.name)); + XMEMCPY(iv, myKey_ctx.iv, sizeof(myKey_ctx.iv)); + } + else if (XMEMCMP(name, myKey_ctx.name, sizeof(myKey_ctx.name)) != 0 || + XMEMCMP(iv, myKey_ctx.iv, sizeof(myKey_ctx.iv)) != 0) { + return 0; + } + HMAC_Init_ex(hctx, myKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL); + if (enc) + EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myKey_ctx.key, iv); + else + EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myKey_ctx.key, iv); + return 1; + } + +#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ + defined(HAVE_AESGCM)) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #include @@ -3950,7 +4011,6 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) } key_ctx; static THREAD_LS_T key_ctx myKey_ctx; - static THREAD_LS_T WC_RNG myKey_rng; static WC_INLINE int TicketInit(void) { @@ -3966,11 +4026,6 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) return 0; } - static WC_INLINE void TicketCleanup(void) - { - wc_FreeRng(&myKey_rng); - } - static WC_INLINE int myTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], byte iv[WOLFSSL_TICKET_IV_SZ], @@ -4068,9 +4123,8 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) return WOLFSSL_TICKET_RET_OK; } - -#endif /* HAVE_SESSION_TICKET && ((HAVE_CHACHA && HAVE_POLY1305) || HAVE_AESGCM) */ - +#endif /* OPENSSL_EXTRA elif ((HAVE_CHACHA && HAVE_POLY1305) || HAVE_AESGCM) */ +#endif /* HAVE_SESSION_TICKET */ static WC_INLINE word16 GetRandomPort(void) { From b90862fa3feea2d51b0b187aa7f5b167a1995ce8 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 13 Jan 2021 11:50:33 +0100 Subject: [PATCH 4/9] Free OcspEntry.status only when the struct owns the pointer --- src/ocsp.c | 14 ++++++++++++-- wolfssl/wolfcrypt/asn.h | 2 ++ 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/src/ocsp.c b/src/ocsp.c index 216ed23bc..c9dbaea18 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -75,7 +75,7 @@ static void FreeOcspEntry(OcspEntry* entry, void* heap) { CertStatus *status, *next; - if (entry == NULL) + if (entry == NULL || !entry->ownStatus) return; WOLFSSL_ENTER("FreeOcspEntry"); @@ -799,6 +799,7 @@ OcspResponse* wolfSSL_d2i_OCSP_RESPONSE(OcspResponse** response, XMEMSET(resp->single, 0, sizeof(OcspEntry)); resp->single->status = (CertStatus*)XMALLOC(sizeof(CertStatus), NULL, DYNAMIC_TYPE_OCSP_STATUS); + resp->single->ownStatus = 1; if (resp->single->status == NULL) { XFREE(resp->source, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(resp, NULL, DYNAMIC_TYPE_OCSP_REQUEST); @@ -878,6 +879,7 @@ WOLFSSL_OCSP_BASICRESP* wolfSSL_OCSP_response_get1_basic(OcspResponse* response) else { XMEMCPY(bs->single, response->single, sizeof(OcspEntry)); XMEMCPY(bs->source, response->source, response->maxIdx); + bs->single->ownStatus = 0; } return bs; } @@ -914,11 +916,19 @@ int wolfSSL_i2d_OCSP_REQUEST(OcspRequest* request, unsigned char** data) WOLFSSL_OCSP_ONEREQ* wolfSSL_OCSP_request_add0_id(OcspRequest *req, WOLFSSL_OCSP_CERTID *cid) { - if (req == NULL || cid == NULL) + if (req == NULL || cid == NULL || cid->status == NULL) return NULL; XMEMCPY(req->issuerHash, cid->issuerHash, KEYID_SIZE); XMEMCPY(req->issuerKeyHash, cid->issuerKeyHash, KEYID_SIZE); + if (cid->status->serialSz > req->serialSz) { + if (req->serial != NULL) + XFREE(req->serial, req->heap, DYNAMIC_TYPE_OCSP); + req->serial = (byte*)XMALLOC(cid->status->serialSz, + req->heap, DYNAMIC_TYPE_OCSP_REQUEST); + if (req->serial == NULL) + return NULL; + } XMEMCPY(req->serial, cid->status->serial, cid->status->serialSz); req->serialSz = cid->status->serialSz; diff --git a/wolfssl/wolfcrypt/asn.h b/wolfssl/wolfcrypt/asn.h index e412c1d06..2ea5761c1 100644 --- a/wolfssl/wolfcrypt/asn.h +++ b/wolfssl/wolfcrypt/asn.h @@ -1390,6 +1390,8 @@ struct OcspEntry byte* rawCertId; /* raw bytes of the CertID */ int rawCertIdSize; /* num bytes in raw CertID */ /* option bits - using 32-bit for alignment */ + word32 ownStatus:1; /* do we need to free the status + * response list */ word32 isDynamic:1; /* was dynamically allocated */ }; From e80158a96e4561c63569e8a1c6169bff5486445f Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 13 Jan 2021 11:52:32 +0100 Subject: [PATCH 5/9] Set full chain with known CA's in wolfSSL_set_peer_cert_chain --- src/ssl.c | 156 ++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 104 insertions(+), 52 deletions(-) diff --git a/src/ssl.c b/src/ssl.c index 97a096458..47ac67db4 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -18284,8 +18284,41 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_get_peer_cert_chain(const WOLFSSL* ssl) return ssl->peerCertChain; } +static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm, + WOLFSSL_X509 *x); +/** + * Recursively push the issuer CA chain onto the stack + * @param cm The cert manager that is queried for the issuer + * @param x This cert's issuer will be queried in cm + * @param sk The issuer is pushed onto this stack + * @return WOLFSSL_SUCCESS on success + * WOLFSSL_FAILURE on no issuer found + * WOLFSSL_FATAL_ERROR on a fatal error + */ +static int pushCAx509Chain(WOLFSSL_CERT_MANAGER* cm, + WOLFSSL_X509 *x, WOLFSSL_STACK* sk) +{ + WOLFSSL_X509* issuer = NULL; + if (x509GetIssuerFromCM(&issuer, cm, x) + == WOLFSSL_SUCCESS) { + if (pushCAx509Chain(cm, issuer, sk) == WOLFSSL_FATAL_ERROR) { + wolfSSL_X509_free(issuer); + return WOLFSSL_FATAL_ERROR; + } + + if (wolfSSL_sk_X509_push(sk, issuer) != WOLFSSL_SUCCESS) { + wolfSSL_X509_free(issuer); + return WOLFSSL_FATAL_ERROR; + } + return WOLFSSL_SUCCESS; + } + else + return WOLFSSL_FAILURE; +} + /* Builds up and creates a stack of peer certificates for ssl->peerCertChain - based off of the ssl session chain. Returns stack of WOLFSSL_X509 certs or + based off of the ssl session chain. Attempts to place CA certificates + at the bottom of the stack. Returns stack of WOLFSSL_X509 certs or NULL on failure */ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl) { @@ -18301,10 +18334,6 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl) sk = wolfSSL_sk_X509_new(); i = ssl->session.chain.count-1; for (; i >= 0; i--) { - /* For servers, the peer certificate chain does not include the peer - certificate, so do not add it to the stack */ - if (ssl->options.side == WOLFSSL_SERVER_END && i == 0) - continue; x509 = wolfSSL_X509_new(); if (x509 == NULL) { WOLFSSL_MSG("Error Creating X509"); @@ -18312,6 +18341,14 @@ WOLF_STACK_OF(WOLFSSL_X509)* wolfSSL_set_peer_cert_chain(WOLFSSL* ssl) } ret = DecodeToX509(x509, ssl->session.chain.certs[i].buffer, ssl->session.chain.certs[i].length); + if (ret == 0 && i == ssl->session.chain.count-1) { + /* On the last element in the chain try to add the CA chain + * first if we have one for this cert */ + if (pushCAx509Chain(ssl->ctx->cm, x509, sk) + == WOLFSSL_FATAL_ERROR) { + ret = WOLFSSL_FATAL_ERROR; + } + } if (ret != 0 || wolfSSL_sk_X509_push(sk, x509) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("Error decoding cert"); @@ -47921,10 +47958,18 @@ int wolfSSL_CTX_set_tlsext_status_cb(WOLFSSL_CTX* ctx, return WOLFSSL_SUCCESS; } -int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, - WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x) +/** + * Find the issuing cert of the input cert. On a self-signed cert this + * function will return an error. + * @param issuer The issuer x509 struct is returned here + * @param cm The cert manager that is queried for the issuer + * @param x This cert's issuer will be queried in cm + * @return WOLFSSL_SUCCESS on success + * WOLFSSL_FAILURE on error + */ +static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm, + WOLFSSL_X509 *x) { - WOLFSSL_STACK* node; Signer* ca = NULL; #ifdef WOLFSSL_SMALL_STACK DecodedCert* cert = NULL; @@ -47932,6 +47977,56 @@ int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, DecodedCert cert[1]; #endif +#ifdef WOLFSSL_SMALL_STACK + cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); + if (cert == NULL) + return WOLFSSL_FAILURE; +#endif + + /* Use existing CA retrieval APIs that use DecodedCert. */ + InitDecodedCert(cert, x->derCert->buffer, x->derCert->length, NULL); + if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0 + && !cert->selfSigned) { + #ifndef NO_SKID + if (cert->extAuthKeyIdSet) + ca = GetCA(cm, cert->extAuthKeyId); + if (ca == NULL) + ca = GetCAByName(cm, cert->issuerHash); + #else /* NO_SKID */ + ca = GetCA(cm, cert->issuerHash); + #endif /* NO SKID */ + } + FreeDecodedCert(cert); +#ifdef WOLFSSL_SMALL_STACK + XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); +#endif + + if (ca == NULL) + return WOLFSSL_FAILURE; + +#ifdef WOLFSSL_SIGNER_DER_CERT + /* populate issuer with Signer DER */ + if (wolfSSL_X509_d2i(issuer, ca->derCert->buffer, + ca->derCert->length) == NULL) + return WOLFSSL_FAILURE; +#else + /* Create an empty certificate as CA doesn't have a certificate. */ + *issuer = (WOLFSSL_X509 *)XMALLOC(sizeof(WOLFSSL_X509), 0, + DYNAMIC_TYPE_OPENSSL); + if (*issuer == NULL) + return WOLFSSL_FAILURE; + + InitX509((*issuer), 1, NULL); +#endif + + return WOLFSSL_SUCCESS; +} + +int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, + WOLFSSL_X509_STORE_CTX *ctx, WOLFSSL_X509 *x) +{ + WOLFSSL_STACK* node; + if (issuer == NULL || ctx == NULL || x == NULL) return WOLFSSL_FATAL_ERROR; @@ -47944,52 +48039,9 @@ int wolfSSL_X509_STORE_CTX_get1_issuer(WOLFSSL_X509 **issuer, } } - -#ifdef WOLFSSL_SMALL_STACK - cert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, DYNAMIC_TYPE_DCERT); - if (cert == NULL) - return WOLFSSL_FAILURE; -#endif - - /* Use existing CA retrieval APIs that use DecodedCert. */ - InitDecodedCert(cert, x->derCert->buffer, x->derCert->length, NULL); - if (ParseCertRelative(cert, CERT_TYPE, 0, NULL) == 0) { - #ifndef NO_SKID - if (cert->extAuthKeyIdSet) - ca = GetCA(ctx->store->cm, cert->extAuthKeyId); - if (ca == NULL) - ca = GetCAByName(ctx->store->cm, cert->issuerHash); - #else /* NO_SKID */ - ca = GetCA(ctx->store->cm, cert->issuerHash); - #endif /* NO SKID */ - } - FreeDecodedCert(cert); -#ifdef WOLFSSL_SMALL_STACK - XFREE(cert, NULL, DYNAMIC_TYPE_DCERT); -#endif - - if (ca == NULL) - return WOLFSSL_FAILURE; - -#ifdef WOLFSSL_SIGNER_DER_CERT - /* populate issuer with Signer DER */ - *issuer = wolfSSL_X509_d2i(issuer, ca->derCert->buffer, - ca->derCert->length); - if (*issuer == NULL) - return WOLFSSL_FAILURE; -#else - /* Create an empty certificate as CA doesn't have a certificate. */ - *issuer = (WOLFSSL_X509 *)XMALLOC(sizeof(WOLFSSL_X509), 0, - DYNAMIC_TYPE_OPENSSL); - if (*issuer == NULL) - return WOLFSSL_FAILURE; - - InitX509((*issuer), 1, NULL); -#endif - /* Result is ignored when passed to wolfSSL_OCSP_cert_to_id(). */ - return WOLFSSL_SUCCESS; + return x509GetIssuerFromCM(issuer, ctx->store->cm, x); } void wolfSSL_X509_email_free(WOLF_STACK_OF(WOLFSSL_STRING) *sk) From 0ae1a8b8c50e80ca70d53c4c72d1a6f4a68fece0 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Thu, 14 Jan 2021 15:01:40 +0100 Subject: [PATCH 6/9] Jenkins fixes - Change pushCAx509Chain to an iterative implementation - Fix variable names shadowing global names --- src/ocsp.c | 2 + src/ssl.c | 42 +++++++++----- tests/api.c | 156 ++++++++++++++++++++++++++-------------------------- 3 files changed, 107 insertions(+), 93 deletions(-) diff --git a/src/ocsp.c b/src/ocsp.c index c9dbaea18..07eefb731 100644 --- a/src/ocsp.c +++ b/src/ocsp.c @@ -371,6 +371,7 @@ WOLFSSL_LOCAL int CheckOcspResponse(WOLFSSL_OCSP *ocsp, byte *response, int resp XMEMCPY(status, newSingle->status, sizeof(CertStatus)); status->next = entry->status; entry->status = status; + entry->ownStatus = 1; entry->totalStatus++; } } @@ -630,6 +631,7 @@ WOLFSSL_OCSP_CERTID* wolfSSL_OCSP_cert_to_id( XMEMSET(certStatus, 0, sizeof(CertStatus)); certId->status = certStatus; + certId->ownStatus = 1; InitDecodedCert(&cert, subject->derCert->buffer, subject->derCert->length, NULL); diff --git a/src/ssl.c b/src/ssl.c index 47ac67db4..38d086100 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -10400,7 +10400,6 @@ int wolfSSL_X509_digest(const WOLFSSL_X509* x509, const WOLFSSL_EVP_MD* digest, WOLFSSL_LEAVE("wolfSSL_X509_digest", ret); return ret; } -#endif int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509, const WOLFSSL_EVP_MD *digest, unsigned char* buf, unsigned int* len) @@ -10424,6 +10423,7 @@ int wolfSSL_X509_pubkey_digest(const WOLFSSL_X509 *x509, WOLFSSL_LEAVE("wolfSSL_X509_pubkey_digest", ret); return ret; } +#endif int wolfSSL_use_PrivateKey(WOLFSSL* ssl, WOLFSSL_EVP_PKEY* pkey) { @@ -15704,7 +15704,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) ctx->mask = wolf_set_options(ctx->mask, opt); -#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ + defined(OPENSSL_EXTRA) if (ctx->mask & SSL_OP_NO_TICKET) { ctx->ticketEncCb = NULL; ctx->ticketCompatCb = NULL; @@ -18298,22 +18299,33 @@ static int x509GetIssuerFromCM(WOLFSSL_X509 **issuer, WOLFSSL_CERT_MANAGER* cm, static int pushCAx509Chain(WOLFSSL_CERT_MANAGER* cm, WOLFSSL_X509 *x, WOLFSSL_STACK* sk) { - WOLFSSL_X509* issuer = NULL; - if (x509GetIssuerFromCM(&issuer, cm, x) - == WOLFSSL_SUCCESS) { - if (pushCAx509Chain(cm, issuer, sk) == WOLFSSL_FATAL_ERROR) { - wolfSSL_X509_free(issuer); - return WOLFSSL_FATAL_ERROR; - } + WOLFSSL_X509* issuer[MAX_CHAIN_DEPTH]; + int i; + int push = 1; + int ret = WOLFSSL_SUCCESS; - if (wolfSSL_sk_X509_push(sk, issuer) != WOLFSSL_SUCCESS) { - wolfSSL_X509_free(issuer); - return WOLFSSL_FATAL_ERROR; - } - return WOLFSSL_SUCCESS; + for (i = 0; i < MAX_CHAIN_DEPTH; i++) { + if (x509GetIssuerFromCM(&issuer[i], cm, x) + != WOLFSSL_SUCCESS) + break; + x = issuer[i]; } - else + if (i == 0) /* No further chain found */ return WOLFSSL_FAILURE; + i--; + for (; i >= 0; i--) { + if (push) { + if (wolfSSL_sk_X509_push(sk, issuer[i]) != WOLFSSL_SUCCESS) { + wolfSSL_X509_free(issuer[i]); + ret = WOLFSSL_FATAL_ERROR; + push = 0; /* Free the rest of the unpushed certs */ + } + } + else { + wolfSSL_X509_free(issuer[i]); + } + } + return ret; } /* Builds up and creates a stack of peer certificates for ssl->peerCertChain diff --git a/tests/api.c b/tests/api.c index 7224d3af4..6c10128dc 100644 --- a/tests/api.c +++ b/tests/api.c @@ -4271,7 +4271,7 @@ static void test_wolfSSL_UseSNI_connection(void) static void test_wolfSSL_SNI_GetFromBuffer(void) { - byte buffer[] = { /* www.paypal.com */ + byte buff[] = { /* www.paypal.com */ 0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c, 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca, 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5, @@ -4283,7 +4283,7 @@ static void test_wolfSSL_SNI_GetFromBuffer(void) 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 }; - byte buffer2[] = { /* api.textmate.org */ + byte buff2[] = { /* api.textmate.org */ 0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52, 0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b, 0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f, @@ -4303,7 +4303,7 @@ static void test_wolfSSL_SNI_GetFromBuffer(void) 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03 }; - byte buffer3[] = { /* no sni extension */ + byte buff3[] = { /* no sni extension */ 0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea, 0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c, 0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4, @@ -4313,7 +4313,7 @@ static void test_wolfSSL_SNI_GetFromBuffer(void) 0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 }; - byte buffer4[] = { /* last extension has zero size */ + byte buff4[] = { /* last extension has zero size */ 0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00, 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45, 0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2, @@ -4333,7 +4333,7 @@ static void test_wolfSSL_SNI_GetFromBuffer(void) 0x12, 0x00, 0x00 }; - byte buffer5[] = { /* SSL v2.0 client hello */ + byte buff5[] = { /* SSL v2.0 client hello */ 0x00, 0x2b, 0x01, 0x03, 0x01, 0x00, 0x09, 0x00, 0x00, /* dummy bytes bellow, just to pass size check */ 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45, @@ -4344,58 +4344,58 @@ static void test_wolfSSL_SNI_GetFromBuffer(void) byte result[32] = {0}; word32 length = 32; - AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer4, sizeof(buffer4), + AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff4, sizeof(buff4), 0, result, &length)); - AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3), + AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff3, sizeof(buff3), 0, result, &length)); - AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), + AssertIntEQ(0, wolfSSL_SNI_GetFromBuffer(buff2, sizeof(buff2), 1, result, &length)); - AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); - buffer[0] = 0x16; + buff[0] = 0x16; - AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); - buffer[1] = 0x03; + buff[1] = 0x03; - AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buffer, - sizeof(buffer), 0, result, &length)); - buffer[2] = 0x03; + AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buff, + sizeof(buff), 0, result, &length)); + buff[2] = 0x03; - AssertIntEQ(INCOMPLETE_DATA, wolfSSL_SNI_GetFromBuffer(buffer, - sizeof(buffer), 0, result, &length)); - buffer[4] = 0x64; + AssertIntEQ(INCOMPLETE_DATA, wolfSSL_SNI_GetFromBuffer(buff, + sizeof(buff), 0, result, &length)); + buff[4] = 0x64; - AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buff, sizeof(buff), 0, result, &length)); result[length] = 0; AssertStrEQ("www.paypal.com", (const char*) result); length = 32; - AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), + AssertIntEQ(WOLFSSL_SUCCESS, wolfSSL_SNI_GetFromBuffer(buff2, sizeof(buff2), 0, result, &length)); result[length] = 0; AssertStrEQ("api.textmate.org", (const char*) result); /* SSL v2.0 tests */ - AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buffer5, - sizeof(buffer5), 0, result, &length)); + AssertIntEQ(SNI_UNSUPPORTED, wolfSSL_SNI_GetFromBuffer(buff5, + sizeof(buff5), 0, result, &length)); - buffer5[2] = 0x02; - AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer5, - sizeof(buffer5), 0, result, &length)); + buff5[2] = 0x02; + AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5, + sizeof(buff5), 0, result, &length)); - buffer5[2] = 0x01; buffer5[6] = 0x08; - AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer5, - sizeof(buffer5), 0, result, &length)); + buff5[2] = 0x01; buff5[6] = 0x08; + AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5, + sizeof(buff5), 0, result, &length)); - buffer5[6] = 0x09; buffer5[8] = 0x01; - AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buffer5, - sizeof(buffer5), 0, result, &length)); + buff5[6] = 0x09; buff5[8] = 0x01; + AssertIntEQ(BUFFER_ERROR, wolfSSL_SNI_GetFromBuffer(buff5, + sizeof(buff5), 0, result, &length)); } #endif /* HAVE_SNI */ @@ -5296,7 +5296,7 @@ static void test_wolfSSL_no_password_cb(void) #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) \ && defined(HAVE_ECC) && defined(WOLFSSL_ENCRYPTED_KEYS) WOLFSSL_CTX* ctx; - byte buffer[FOURK_BUF]; + byte buff[FOURK_BUF]; const char eccPkcs8PrivKeyDerFile[] = "./certs/ecc-privkeyPkcs8.der"; const char eccPkcs8PrivKeyPemFile[] = "./certs/ecc-privkeyPkcs8.pem"; XFILE f; @@ -5312,17 +5312,17 @@ static void test_wolfSSL_no_password_cb(void) wolfSSL_CTX_set_default_passwd_cb(ctx, FailTestCallBack); AssertTrue((f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb")) != XBADFILE); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); - AssertIntLE(bytes, sizeof(buffer)); - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntLE(bytes, sizeof(buff)); + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); AssertTrue((f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb")) != XBADFILE); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); - AssertIntLE(bytes, sizeof(buffer)); - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntLE(bytes, sizeof(buff)); + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); wolfSSL_CTX_free(ctx); @@ -5365,7 +5365,7 @@ static int PKCS8TestCallBack(char* passwd, int sz, int rw, void* userdata) static void test_wolfSSL_PKCS8(void) { #if !defined(NO_FILESYSTEM) && !defined(NO_ASN) && defined(HAVE_PKCS8) - byte buffer[FOURK_BUF]; + byte buff[FOURK_BUF]; byte der[FOURK_BUF]; #ifndef NO_RSA const char serverKeyPkcs8PemFile[] = "./certs/server-keyPkcs8.pem"; @@ -5420,36 +5420,36 @@ static void test_wolfSSL_PKCS8(void) /* test loading PEM PKCS8 encrypted file */ f = XFOPEN(serverKeyPkcs8EncPemFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ - AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */ - AssertIntGT(wc_KeyPemToDer(buffer, bytes, der, (word32)sizeof(der), + AssertIntGT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "yassl123"), 0); /* test that error value is returned with a bad password */ - AssertIntLT(wc_KeyPemToDer(buffer, bytes, der, (word32)sizeof(der), + AssertIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "bad"), 0); /* test loading PEM PKCS8 encrypted file */ f = XFOPEN(serverKeyPkcs8EncDerFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); flag = 1; /* used by password callback as return code */ - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ - AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #endif /* !NO_RSA && !NO_SHA */ @@ -5457,37 +5457,37 @@ static void test_wolfSSL_PKCS8(void) /* test loading PEM PKCS8 encrypted ECC Key file */ f = XFOPEN(eccPkcs8EncPrivKeyPemFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); flag = 1; /* used by password callback as return code */ - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ - AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* decrypt PKCS8 PEM to key in DER format with not using WOLFSSL_CTX */ - AssertIntGT(wc_KeyPemToDer(buffer, bytes, der, (word32)sizeof(der), + AssertIntGT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "yassl123"), 0); /* test that error value is returned with a bad password */ - AssertIntLT(wc_KeyPemToDer(buffer, bytes, der, (word32)sizeof(der), + AssertIntLT(wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), "bad"), 0); /* test loading DER PKCS8 encrypted ECC Key file */ f = XFOPEN(eccPkcs8EncPrivKeyDerFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); flag = 1; /* used by password callback as return code */ - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* this next case should fail because of password callback return code */ flag = 0; /* used by password callback as return code */ - AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntNE(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* leave flag as "okay" */ @@ -5500,32 +5500,32 @@ static void test_wolfSSL_PKCS8(void) /* test loading ASN.1 (DER) PKCS8 private key file (not encrypted) */ f = XFOPEN(serverKeyPkcs8DerFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); /* test loading PEM PKCS8 private key file (not encrypted) */ f = XFOPEN(serverKeyPkcs8PemFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); #endif /* !NO_RSA */ /* Test PKCS8 PEM ECC key no crypt */ f = XFOPEN(eccPkcs8PrivKeyPemFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); #ifdef HAVE_ECC /* Test PKCS8 PEM ECC key no crypt */ - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_PEM), WOLFSSL_SUCCESS); /* decrypt PKCS8 PEM to key in DER format */ - AssertIntGT((bytes = wc_KeyPemToDer(buffer, bytes, der, + AssertIntGT((bytes = wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), NULL)), 0); ret = wc_ecc_init(&key); if (ret == 0) { @@ -5537,15 +5537,15 @@ static void test_wolfSSL_PKCS8(void) /* Test PKCS8 DER ECC key no crypt */ f = XFOPEN(eccPkcs8PrivKeyDerFile, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); /* Test using a PKCS8 ECC PEM */ - AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, + AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buff, bytes, WOLFSSL_FILETYPE_ASN1), WOLFSSL_SUCCESS); #else /* if HAVE_ECC is not defined then BEGIN EC PRIVATE KEY is not found */ - AssertIntEQ((bytes = wc_KeyPemToDer(buffer, bytes, der, + AssertIntEQ((bytes = wc_KeyPemToDer(buff, bytes, der, (word32)sizeof(der), NULL)), ASN_NO_PEM_HEADER); #endif /* HAVE_ECC */ @@ -5706,7 +5706,7 @@ static void test_wolfSSL_X509_verify(void) #if !defined(NO_CERTS) && !defined(NO_RSA) && !defined(NO_FILESYSTEM) \ && defined(OPENSSL_EXTRA) WOLFSSL_X509* ca; - WOLFSSL_X509* server; + WOLFSSL_X509* serv; WOLFSSL_EVP_PKEY* pkey; unsigned char buf[2048]; const unsigned char* pt = NULL; @@ -5730,7 +5730,7 @@ static void test_wolfSSL_X509_verify(void) AssertIntEQ(wolfSSL_X509_get_pubkey_type(ca), RSAk); - AssertNotNull(server = + AssertNotNull(serv = wolfSSL_X509_load_certificate_file(svrCertFile, WOLFSSL_FILETYPE_PEM)); /* success case */ @@ -5739,23 +5739,23 @@ static void test_wolfSSL_X509_verify(void) AssertIntEQ(i2d_PUBKEY(pkey, NULL), bufSz); - AssertIntEQ(wolfSSL_X509_verify(server, pkey), WOLFSSL_SUCCESS); + AssertIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_SUCCESS); wolfSSL_EVP_PKEY_free(pkey); /* fail case */ bufSz = 2048; - AssertIntEQ(wolfSSL_X509_get_pubkey_buffer(server, buf, &bufSz), + AssertIntEQ(wolfSSL_X509_get_pubkey_buffer(serv, buf, &bufSz), WOLFSSL_SUCCESS); pt = buf; AssertNotNull(pkey = wolfSSL_d2i_PUBKEY(NULL, &pt, bufSz)); - AssertIntEQ(wolfSSL_X509_verify(server, pkey), WOLFSSL_FAILURE); + AssertIntEQ(wolfSSL_X509_verify(serv, pkey), WOLFSSL_FAILURE); AssertIntEQ(wolfSSL_X509_verify(NULL, pkey), WOLFSSL_FATAL_ERROR); - AssertIntEQ(wolfSSL_X509_verify(server, NULL), WOLFSSL_FATAL_ERROR); + AssertIntEQ(wolfSSL_X509_verify(serv, NULL), WOLFSSL_FATAL_ERROR); wolfSSL_EVP_PKEY_free(pkey); wolfSSL_FreeX509(ca); - wolfSSL_FreeX509(server); + wolfSSL_FreeX509(serv); printf(resultFmt, passed); #endif @@ -26849,7 +26849,7 @@ static void test_wolfSSL_tmp_dh(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_FILESYSTEM) && \ !defined(NO_DSA) && !defined(NO_RSA) && !defined(NO_DH) && !defined(NO_BIO) - byte buffer[6000]; + byte buff[6000]; char file[] = "./certs/dsaparams.pem"; XFILE f; int bytes; @@ -26875,10 +26875,10 @@ static void test_wolfSSL_tmp_dh(void) f = XFOPEN(file, "rb"); AssertTrue((f != XBADFILE)); - bytes = (int)XFREAD(buffer, 1, sizeof(buffer), f); + bytes = (int)XFREAD(buff, 1, sizeof(buff), f); XFCLOSE(f); - bio = BIO_new_mem_buf((void*)buffer, bytes); + bio = BIO_new_mem_buf((void*)buff, bytes); AssertNotNull(bio); dsa = wolfSSL_PEM_read_bio_DSAparams(bio, NULL, NULL, NULL); @@ -28551,7 +28551,7 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl) { (void) ctx; (void) ssl; - #ifdef OPENSSL_EXTRA + #ifdef OPENSSL_ALL STACK_OF(X509)* sk; X509* x509; int i, num; @@ -28560,10 +28560,10 @@ static int msgCb(SSL_CTX *ctx, SSL *ssl) printf("\n===== msgcb called ====\n"); #if defined(SESSION_CERTS) && defined(TEST_PEER_CERT_CHAIN) AssertTrue(SSL_get_peer_cert_chain(ssl) != NULL); - AssertIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 1); + AssertIntEQ(((WOLFSSL_X509_CHAIN *)SSL_get_peer_cert_chain(ssl))->count, 2); #endif - #ifdef OPENSSL_EXTRA + #ifdef OPENSSL_ALL bio = BIO_new(BIO_s_file()); BIO_set_fp(bio, stdout, BIO_NOCLOSE); sk = SSL_get_peer_cert_chain(ssl); From 9265c3f71fcf5f7239f816b2459700e4bf6fe6f6 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 20 Jan 2021 13:38:53 +0100 Subject: [PATCH 7/9] Use native API for ticket callback --- src/internal.c | 135 ++++++++++++++++++++++++++++++--------------- src/ssl.c | 39 ++++++++----- wolfssl/internal.h | 4 ++ wolfssl/ssl.h | 13 +---- 4 files changed, 122 insertions(+), 69 deletions(-) diff --git a/src/internal.c b/src/internal.c index 02bbfd6b6..366b442c7 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1677,8 +1677,10 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side) defined(OPENSSL_EXTRA) static int ctxInitTicket(WOLFSSL_CTX* ctx) { - WC_RNG rng; int ret = 0; +#if (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ + || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM)) + WC_RNG rng; ret = wc_InitRng(&rng); if (ret != 0) @@ -1689,59 +1691,102 @@ static int ctxInitTicket(WOLFSSL_CTX* ctx) if (ret == 0) ret = wc_RNG_GenerateBlock(&rng, ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); - if (ret == 0) - ret = wc_RNG_GenerateBlock(&rng, - ctx->ticketCompatHmacKey, sizeof(ctx->ticketCompatHmacKey)); - if (ret == 0) - ret = wc_RNG_GenerateBlock(&rng, - ctx->ticketCompatIV, sizeof(ctx->ticketCompatIV)); wc_FreeRng(&rng); +#else + (void)ctx; +#endif return ret; } static WC_INLINE int myTicketEncCbCompat(WOLFSSL* ssl, - byte name[WOLFSSL_TICKET_NAME_SZ], - byte iv[WOLFSSL_TICKET_IV_SZ], - WOLFSSL_EVP_CIPHER_CTX *ectx, - WOLFSSL_HMAC_CTX *hctx, int enc) { + byte key_name[WOLFSSL_TICKET_NAME_SZ], + byte iv[WOLFSSL_TICKET_IV_SZ], + byte mac[WOLFSSL_TICKET_MAC_SZ], + int enc, byte* ticket, int inLen, int* outLen, + void* userCtx) { + int ret; + word16 sLen = XHTONS(inLen); + byte aad[WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2]; + byte* tmp = aad; + WOLFSSL_ENTER("myTicketEncCbCompat"); - if (ssl == NULL || name == NULL || iv == NULL || ectx == NULL - || hctx == NULL) - return TICKET_KEY_CB_RET_FAILURE; + if (ssl == NULL || key_name == NULL || iv == NULL || mac == NULL + || ticket == NULL || outLen == NULL) + return WOLFSSL_TICKET_RET_FATAL; + + (void)userCtx; if (enc) { - XMEMCPY(name, ssl->ctx->ticketCompatName, sizeof(ssl->ctx->ticketCompatName)); - XMEMCPY(iv, ssl->ctx->ticketCompatIV, sizeof(ssl->ctx->ticketCompatIV)); - } - else if (XMEMCMP(name, ssl->ctx->ticketCompatName, - sizeof(ssl->ctx->ticketCompatName)) != 0 || - XMEMCMP(iv, ssl->ctx->ticketCompatIV, - sizeof(ssl->ctx->ticketCompatIV)) != 0) { - WOLFSSL_MSG("myTicketEncCbCompat: name or iv mismatch"); - return TICKET_KEY_CB_RET_NOT_FOUND; - } - if (wolfSSL_HMAC_Init(hctx, ssl->ctx->ticketCompatHmacKey, - WOLFSSL_TICKET_NAME_SZ, wolfSSL_EVP_sha256()) != WOLFSSL_SUCCESS) { - WOLFSSL_MSG("wolfSSL_HMAC_Init error"); - return TICKET_KEY_CB_RET_FAILURE; - } - if (enc) { - if (wolfSSL_EVP_EncryptInit(ectx, wolfSSL_EVP_aes_256_cbc(), - ssl->ctx->ticketCompatKey, iv) != WOLFSSL_SUCCESS) { - WOLFSSL_MSG("wolfSSL_EVP_EncryptInit error"); - return TICKET_KEY_CB_RET_FAILURE; - } + XMEMCPY(key_name, ssl->ctx->ticketCompatName, WOLFSSL_TICKET_NAME_SZ); + ret = wc_RNG_GenerateBlock(ssl->rng, iv, WOLFSSL_TICKET_IV_SZ); + if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; } else { - if (wolfSSL_EVP_DecryptInit(ectx, wolfSSL_EVP_aes_256_cbc(), - ssl->ctx->ticketCompatKey, iv) != WOLFSSL_SUCCESS) { - WOLFSSL_MSG("wolfSSL_EVP_DecryptInit error"); - return TICKET_KEY_CB_RET_FAILURE; + /* see if we know this key */ + if (XMEMCMP(key_name, ssl->ctx->ticketCompatName, + WOLFSSL_TICKET_NAME_SZ) != 0){ + WOLFSSL_MSG("client presented unknown ticket key name"); + return WOLFSSL_TICKET_RET_FATAL; } } - return TICKET_KEY_CB_RET_OK; + + /* build aad from key name, iv, and length */ + XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ); + tmp += WOLFSSL_TICKET_NAME_SZ; + XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ); + tmp += WOLFSSL_TICKET_IV_SZ; + XMEMCPY(tmp, &sLen, 2); + + /* encrypt */ + if (enc) { +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + ret = wc_ChaCha20Poly1305_Encrypt(ssl->ctx->ticketCompatKey, iv, + aad, sizeof(aad), ticket, inLen, ticket, mac); +#elif !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) + Aes aes; + ret = wc_AesInit(&aes, ssl->heap, INVALID_DEVID); + if (ret == 0) { + ret = wc_AesGcmSetKey(&aes, ssl->ctx->ticketCompatKey, AES_256_KEY_SIZE); + if (ret == 0) + ret = wc_AesGcmEncrypt(&aes, ticket, ticket, inLen, iv, + WOLFSSL_TICKET_IV_SZ, mac, AES_BLOCK_SIZE, + aad, sizeof(aad)); + wc_AesFree(&aes); + } +#else + WOLFSSL_MSG("Neither chacha20-poly1305 or aes-gcm available for " + "session ticket generation"); + return WOLFSSL_TICKET_RET_FATAL; +#endif + } + /* decrypt */ + else { +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) + ret = wc_ChaCha20Poly1305_Decrypt(ssl->ctx->ticketCompatKey, iv, + aad, sizeof(aad), ticket, inLen, mac, ticket); +#elif !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) + Aes aes; + ret = wc_AesInit(&aes, ssl->heap, INVALID_DEVID); + if (ret == 0) { + ret = wc_AesGcmSetKey(&aes, ssl->ctx->ticketCompatKey, AES_256_KEY_SIZE); + if (ret == 0) + ret = wc_AesGcmDecrypt(&aes, ticket, ticket, inLen, iv, + WOLFSSL_TICKET_IV_SZ, mac, AES_BLOCK_SIZE, + aad, sizeof(aad)); + wc_AesFree(&aes); + } +#else + WOLFSSL_MSG("Neither chacha20-poly1305 or aes-gcm available for " + "session ticket decryption"); + return WOLFSSL_TICKET_RET_FATAL; +#endif + } + if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; + *outLen = inLen; /* no padding in this mode */ + + return WOLFSSL_TICKET_RET_OK; } #endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER && OPENSSL_EXTRA */ @@ -1900,14 +1945,17 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) #ifdef OPENSSL_EXTRA if (ret == 0) ret = ctxInitTicket(ctx); +#if (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ + || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM)) /* No need for compat ticket init flag since below callback setter is * only called when the above parameter generation has succeeded */ if (ret == 0 && - wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbCompat) + wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCbCompat) != WOLFSSL_SUCCESS) ret = SESSION_SECRET_CB_E; #endif #endif +#endif #ifdef HAVE_WOLF_EVENT if (ret == 0) @@ -2054,10 +2102,9 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx) } #endif /* WOLFSSL_STATIC_MEMORY */ #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ - defined(OPENSSL_EXTRA) + defined(OPENSSL_EXTRA) && ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ + || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM))) ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); - ForceZero(ctx->ticketCompatHmacKey, sizeof(ctx->ticketCompatHmacKey)); - ForceZero(ctx->ticketCompatIV, sizeof(ctx->ticketCompatIV)); #endif } diff --git a/src/ssl.c b/src/ssl.c index 38d086100..93b1f81eb 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -15708,7 +15708,13 @@ int wolfSSL_set_compression(WOLFSSL* ssl) defined(OPENSSL_EXTRA) if (ctx->mask & SSL_OP_NO_TICKET) { ctx->ticketEncCb = NULL; - ctx->ticketCompatCb = NULL; + ctx->ticketEncCtx = NULL; + XMEMSET(ctx->ticketCompatName, 0, WOLFSSL_TICKET_NAME_SZ); +#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ + defined(OPENSSL_EXTRA) && ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ + || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM))) + ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); +#endif WOLFSSL_MSG("\tSSL_OP_NO_TICKET"); } #endif @@ -47618,7 +47624,12 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) #if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) - +/* Expected return values from implementations of OpenSSL ticket key callback. + */ +#define TICKET_KEY_CB_RET_FAILURE -1 +#define TICKET_KEY_CB_RET_NOT_FOUND 0 +#define TICKET_KEY_CB_RET_OK 1 +#define TICKET_KEY_CB_RET_RENEW 2 /* Implementation of session ticket encryption/decryption using OpenSSL * callback to initialize the cipher and HMAC. @@ -47637,11 +47648,11 @@ int wolfSSL_i2a_ASN1_INTEGER(BIO *bp, const WOLFSSL_ASN1_INTEGER *a) * WOLFSSL_TICKET_RET_FATAL on error. */ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl, - unsigned char keyName[WOLFSSL_TICKET_NAME_SZ], - unsigned char iv[WOLFSSL_TICKET_IV_SZ], - unsigned char mac[WOLFSSL_TICKET_MAC_SZ], - int enc, unsigned char* encTicket, - int encTicketLen, int* encLen, void* ctx) + unsigned char keyName[WOLFSSL_TICKET_NAME_SZ], + unsigned char iv[WOLFSSL_TICKET_IV_SZ], + unsigned char mac[WOLFSSL_TICKET_MAC_SZ], + int enc, unsigned char* encTicket, + int encTicketLen, int* encLen, void* ctx) { byte digest[WC_MAX_DIGEST_SIZE]; WOLFSSL_EVP_CIPHER_CTX evpCtx; @@ -47655,18 +47666,19 @@ static int wolfSSL_TicketKeyCb(WOLFSSL* ssl, WOLFSSL_ENTER("wolfSSL_TicketKeyCb"); - if (ssl == NULL || ssl->ctx == NULL || ssl->ctx->ticketCompatCb == NULL) { + if (ssl == NULL || ssl->ctx == NULL || ssl->ctx->ticketEncCtx == NULL) { WOLFSSL_MSG("Bad parameter"); return WOLFSSL_TICKET_RET_FATAL; } + /* Initialize the cipher and HMAC. */ wolfSSL_EVP_CIPHER_CTX_init(&evpCtx); if (wolfSSL_HMAC_CTX_Init(&hmacCtx) != WOLFSSL_SUCCESS) { WOLFSSL_MSG("wolfSSL_HMAC_CTX_Init error"); return WOLFSSL_TICKET_RET_FATAL; } - /* Initialize the cipher and HMAC. */ - res = ssl->ctx->ticketCompatCb(ssl, keyName, iv, &evpCtx, &hmacCtx, enc); + res = ((ticketCompatCb)ssl->ctx->ticketEncCtx)(ssl, keyName, + iv, &evpCtx, &hmacCtx, enc); if (res != TICKET_KEY_CB_RET_OK && res != TICKET_KEY_CB_RET_RENEW) { WOLFSSL_MSG("Ticket callback error"); return WOLFSSL_TICKET_RET_FATAL; @@ -47729,16 +47741,13 @@ end: * cb The OpenSSL session ticket callback. * returns WOLFSSL_SUCCESS to indicate success. */ -int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *ctx, int (*cb)( - WOLFSSL *ssl, unsigned char *name, unsigned char *iv, - WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)) +int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *ctx, ticketCompatCb cb) { - /* Store callback in a global. */ - ctx->ticketCompatCb = cb; /* Set the ticket encryption callback to be a wrapper around OpenSSL * callback. */ ctx->ticketEncCb = wolfSSL_TicketKeyCb; + ctx->ticketEncCtx = cb; return WOLFSSL_SUCCESS; } diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 9b02f70ba..a2e6f2f96 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -59,6 +59,9 @@ #ifdef HAVE_POLY1305 #include #endif +#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) && defined(OPENSSL_EXTRA) + #include +#endif #ifdef HAVE_CAMELLIA #include #endif @@ -2932,6 +2935,7 @@ struct WOLFSSL_CTX { #endif #endif #endif + #endif #ifdef HAVE_SUPPORTED_CURVES byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */ #endif diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h index 6b7085768..9f6be4e20 100644 --- a/wolfssl/ssl.h +++ b/wolfssl/ssl.h @@ -3252,13 +3252,6 @@ enum TicketEncRet { WOLFSSL_API int wolfSSL_CTX_NoTicketTLSv12(WOLFSSL_CTX* ctx); WOLFSSL_API int wolfSSL_NoTicketTLSv12(WOLFSSL* ssl); -/* Expected return values from implementations of OpenSSL ticket key callback. - */ -#define TICKET_KEY_CB_RET_FAILURE -1 -#define TICKET_KEY_CB_RET_NOT_FOUND 0 -#define TICKET_KEY_CB_RET_OK 1 -#define TICKET_KEY_CB_RET_RENEW 2 - typedef int (*SessionTicketEncCb)(WOLFSSL*, unsigned char key_name[WOLFSSL_TICKET_NAME_SZ], unsigned char iv[WOLFSSL_TICKET_IV_SZ], @@ -3993,9 +3986,9 @@ WOLFSSL_API int wolfSSL_i2a_ASN1_INTEGER(WOLFSSL_BIO *bp, const WOLFSSL_ASN1_INTEGER *a); #ifdef HAVE_SESSION_TICKET -WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, int (*)( - WOLFSSL *ssl, unsigned char *name, unsigned char *iv, - WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc)); +typedef int (*ticketCompatCb)(WOLFSSL *ssl, unsigned char *name, unsigned char *iv, + WOLFSSL_EVP_CIPHER_CTX *ectx, WOLFSSL_HMAC_CTX *hctx, int enc); +WOLFSSL_API int wolfSSL_CTX_set_tlsext_ticket_key_cb(WOLFSSL_CTX *, ticketCompatCb); #endif #if defined(HAVE_OCSP) || defined(OPENSSL_EXTRA) || defined(OPENSSL_ALL) || \ From 89fd0b375befd9b28c7b6a4065353fd30e36f405 Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 20 Jan 2021 12:34:15 +0100 Subject: [PATCH 8/9] Correctly read anon cipher run-time options --- src/internal.c | 22 ++++++++++++++-------- src/ssl.c | 22 ++++++++++++++-------- src/tls13.c | 6 ++++-- wolfssl/internal.h | 4 +--- 4 files changed, 33 insertions(+), 21 deletions(-) diff --git a/src/internal.c b/src/internal.c index 366b442c7..178452af1 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2427,7 +2427,7 @@ void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig, void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, word16 havePSK, word16 haveDH, word16 haveNTRU, word16 haveECDSAsig, word16 haveECC, - word16 haveStaticECC, int side) + word16 haveStaticECC, word16 haveAnon, int side) { word16 idx = 0; int tls = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR; @@ -2449,6 +2449,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, (void)side; (void)haveRSA; /* some builds won't read */ (void)haveRSAsig; /* non ecc builds won't read */ + (void)haveAnon; /* anon ciphers optional */ if (suites == NULL) { WOLFSSL_MSG("InitSuites pointer error"); @@ -2668,14 +2669,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, #endif #ifdef BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA - if (tls1_2 && haveDH) { + if (tls1_2 && haveDH && haveAnon) { suites->suites[idx++] = CIPHER_BYTE; suites->suites[idx++] = TLS_DH_anon_WITH_AES_128_CBC_SHA; } #endif #ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 - if (tls1_2 && haveDH) { + if (tls1_2 && haveDH && haveAnon) { suites->suites[idx++] = CIPHER_BYTE; suites->suites[idx++] = TLS_DH_anon_WITH_AES_256_GCM_SHA384; } @@ -5339,13 +5340,15 @@ int InitSSL_Suites(WOLFSSL* ssl) InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } else { InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, TRUE, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } #if !defined(NO_CERTS) && !defined(WOLFSSL_SESSION_EXPORT) @@ -27656,7 +27659,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } /* suite size */ @@ -27986,7 +27990,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } #ifdef OPENSSL_EXTRA @@ -28048,7 +28053,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } } #endif diff --git a/src/ssl.c b/src/ssl.c index 93b1f81eb..f8a86bcd5 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1792,7 +1792,8 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } WOLFSSL_LEAVE("wolfSSL_SetTmpDH", 0); @@ -4252,7 +4253,8 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version) InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); return WOLFSSL_SUCCESS; } @@ -5931,7 +5933,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } return WOLFSSL_SUCCESS; @@ -14482,7 +14485,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } void wolfSSL_CTX_set_psk_server_callback(WOLFSSL_CTX* ctx, @@ -14516,7 +14520,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl) InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } const char* wolfSSL_get_psk_identity_hint(const WOLFSSL* ssl) @@ -27593,9 +27598,10 @@ long wolfSSL_set_options(WOLFSSL* ssl, long op) if (ssl->suites != NULL && ssl->options.side != WOLFSSL_NEITHER_END) InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, - ssl->options.haveDH, ssl->options.haveNTRU, - ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveECC, + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); return ssl->options.mask; } diff --git a/src/tls13.c b/src/tls13.c index b2fd50f2f..f7a9e2c47 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -8197,7 +8197,8 @@ void wolfSSL_set_psk_client_tls13_callback(WOLFSSL* ssl, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } @@ -8234,7 +8235,8 @@ void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl, InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE, ssl->options.haveDH, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveECC, - ssl->options.haveStaticECC, ssl->options.side); + ssl->options.haveStaticECC, ssl->options.haveAnon, + ssl->options.side); } #endif diff --git a/wolfssl/internal.h b/wolfssl/internal.h index a2e6f2f96..5269bbd00 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -1873,7 +1873,7 @@ WOLFSSL_LOCAL void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig, int haveAnon, int tls1_2, int keySz); WOLFSSL_LOCAL void InitSuites(Suites*, ProtocolVersion, int, word16, word16, - word16, word16, word16, word16, word16, int); + word16, word16, word16, word16, word16, word16, int); WOLFSSL_LOCAL int MatchSuite(WOLFSSL* ssl, Suites* peerSuites); WOLFSSL_LOCAL int SetCipherList(WOLFSSL_CTX*, Suites*, const char* list); @@ -3539,9 +3539,7 @@ typedef struct Options { #ifdef HAVE_POLY1305 word16 oldPoly:1; /* set when to use old rfc way of poly*/ #endif -#ifdef HAVE_ANON word16 haveAnon:1; /* User wants to allow Anon suites */ -#endif #ifdef HAVE_SESSION_TICKET word16 createTicket:1; /* Server to create new Ticket */ word16 useTicket:1; /* Use Ticket not session cache */ From d074e7443f8d3da8d66b061665ab1ef84f65185f Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Wed, 10 Feb 2021 11:49:49 +0100 Subject: [PATCH 9/9] Remove default ticket cb as this will be added in another PR --- examples/echoserver/echoserver.c | 6 -- examples/server/server.c | 6 -- src/internal.c | 135 ------------------------------- src/ssl.c | 6 -- tests/api.c | 82 ++++++++++++++++++- wolfssl/internal.h | 2 - wolfssl/test.h | 74 +++-------------- 7 files changed, 88 insertions(+), 223 deletions(-) diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index d864f8cb2..1ef3007f8 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -169,14 +169,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) if (TicketInit() != 0) err_sys("unable to setup Session Ticket Key context"); -#ifdef OPENSSL_EXTRA - /* In OpenSSL compat case, the compat layer handles the session - * tickets internally by default */ -#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ - defined(HAVE_AESGCM)) wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif -#endif #ifndef NO_FILESYSTEM if (doPSK == 0) { diff --git a/examples/server/server.c b/examples/server/server.c index 2260fa46c..05b6f2f54 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -1804,14 +1804,8 @@ THREAD_RETURN WOLFSSL_THREAD server_test(void* args) ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) if (TicketInit() != 0) err_sys_ex(catastrophic, "unable to setup Session Ticket Key context"); -#ifdef OPENSSL_EXTRA - /* In OpenSSL compat case, the compat layer handles the session - * tickets internally by default */ -#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ - defined(HAVE_AESGCM)) wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif -#endif #if defined(WOLFSSL_SNIFFER) && defined(WOLFSSL_STATIC_EPHEMERAL) /* used for testing only to set a static/fixed ephemeral key diff --git a/src/internal.c b/src/internal.c index 178452af1..70199b2b3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -1673,123 +1673,6 @@ int InitSSL_Side(WOLFSSL* ssl, word16 side) } #endif /* OPENSSL_EXTRA || WOLFSSL_EITHER_SIDE */ -#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ - defined(OPENSSL_EXTRA) -static int ctxInitTicket(WOLFSSL_CTX* ctx) -{ - int ret = 0; -#if (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ - || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM)) - WC_RNG rng; - - ret = wc_InitRng(&rng); - if (ret != 0) - return ret; - - ret = wc_RNG_GenerateBlock(&rng, - ctx->ticketCompatName, sizeof(ctx->ticketCompatName)); - if (ret == 0) - ret = wc_RNG_GenerateBlock(&rng, - ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); - - wc_FreeRng(&rng); -#else - (void)ctx; -#endif - return ret; -} - -static WC_INLINE int myTicketEncCbCompat(WOLFSSL* ssl, - byte key_name[WOLFSSL_TICKET_NAME_SZ], - byte iv[WOLFSSL_TICKET_IV_SZ], - byte mac[WOLFSSL_TICKET_MAC_SZ], - int enc, byte* ticket, int inLen, int* outLen, - void* userCtx) { - int ret; - word16 sLen = XHTONS(inLen); - byte aad[WOLFSSL_TICKET_NAME_SZ + WOLFSSL_TICKET_IV_SZ + 2]; - byte* tmp = aad; - - WOLFSSL_ENTER("myTicketEncCbCompat"); - - if (ssl == NULL || key_name == NULL || iv == NULL || mac == NULL - || ticket == NULL || outLen == NULL) - return WOLFSSL_TICKET_RET_FATAL; - - (void)userCtx; - - if (enc) { - XMEMCPY(key_name, ssl->ctx->ticketCompatName, WOLFSSL_TICKET_NAME_SZ); - ret = wc_RNG_GenerateBlock(ssl->rng, iv, WOLFSSL_TICKET_IV_SZ); - if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; - } - else { - /* see if we know this key */ - if (XMEMCMP(key_name, ssl->ctx->ticketCompatName, - WOLFSSL_TICKET_NAME_SZ) != 0){ - WOLFSSL_MSG("client presented unknown ticket key name"); - return WOLFSSL_TICKET_RET_FATAL; - } - } - - /* build aad from key name, iv, and length */ - XMEMCPY(tmp, key_name, WOLFSSL_TICKET_NAME_SZ); - tmp += WOLFSSL_TICKET_NAME_SZ; - XMEMCPY(tmp, iv, WOLFSSL_TICKET_IV_SZ); - tmp += WOLFSSL_TICKET_IV_SZ; - XMEMCPY(tmp, &sLen, 2); - - /* encrypt */ - if (enc) { -#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - ret = wc_ChaCha20Poly1305_Encrypt(ssl->ctx->ticketCompatKey, iv, - aad, sizeof(aad), ticket, inLen, ticket, mac); -#elif !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) - Aes aes; - ret = wc_AesInit(&aes, ssl->heap, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesGcmSetKey(&aes, ssl->ctx->ticketCompatKey, AES_256_KEY_SIZE); - if (ret == 0) - ret = wc_AesGcmEncrypt(&aes, ticket, ticket, inLen, iv, - WOLFSSL_TICKET_IV_SZ, mac, AES_BLOCK_SIZE, - aad, sizeof(aad)); - wc_AesFree(&aes); - } -#else - WOLFSSL_MSG("Neither chacha20-poly1305 or aes-gcm available for " - "session ticket generation"); - return WOLFSSL_TICKET_RET_FATAL; -#endif - } - /* decrypt */ - else { -#if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) - ret = wc_ChaCha20Poly1305_Decrypt(ssl->ctx->ticketCompatKey, iv, - aad, sizeof(aad), ticket, inLen, mac, ticket); -#elif !defined(NO_AES) && defined(HAVE_AESGCM) && defined(WOLFSSL_AES_256) - Aes aes; - ret = wc_AesInit(&aes, ssl->heap, INVALID_DEVID); - if (ret == 0) { - ret = wc_AesGcmSetKey(&aes, ssl->ctx->ticketCompatKey, AES_256_KEY_SIZE); - if (ret == 0) - ret = wc_AesGcmDecrypt(&aes, ticket, ticket, inLen, iv, - WOLFSSL_TICKET_IV_SZ, mac, AES_BLOCK_SIZE, - aad, sizeof(aad)); - wc_AesFree(&aes); - } -#else - WOLFSSL_MSG("Neither chacha20-poly1305 or aes-gcm available for " - "session ticket decryption"); - return WOLFSSL_TICKET_RET_FATAL; -#endif - } - if (ret != 0) return WOLFSSL_TICKET_RET_REJECT; - *outLen = inLen; /* no padding in this mode */ - - return WOLFSSL_TICKET_RET_OK; -} -#endif /* HAVE_SESSION_TICKET && !NO_WOLFSSL_SERVER && OPENSSL_EXTRA */ - /* Initialize SSL context, return 0 on success */ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) { @@ -1942,19 +1825,6 @@ int InitSSL_Ctx(WOLFSSL_CTX* ctx, WOLFSSL_METHOD* method, void* heap) ctx->ticketEncCtx = (void*)&ctx->ticketKeyCtx; #endif ctx->ticketHint = SESSION_TICKET_HINT_DEFAULT; -#ifdef OPENSSL_EXTRA - if (ret == 0) - ret = ctxInitTicket(ctx); -#if (defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ - || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM)) - /* No need for compat ticket init flag since below callback setter is - * only called when the above parameter generation has succeeded */ - if (ret == 0 && - wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCbCompat) - != WOLFSSL_SUCCESS) - ret = SESSION_SECRET_CB_E; -#endif -#endif #endif #ifdef HAVE_WOLF_EVENT @@ -2101,11 +1971,6 @@ void SSL_CtxResourceFree(WOLFSSL_CTX* ctx) } } #endif /* WOLFSSL_STATIC_MEMORY */ -#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ - defined(OPENSSL_EXTRA) && ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ - || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM))) - ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); -#endif } diff --git a/src/ssl.c b/src/ssl.c index f8a86bcd5..dcd950fc8 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -15714,12 +15714,6 @@ int wolfSSL_set_compression(WOLFSSL* ssl) if (ctx->mask & SSL_OP_NO_TICKET) { ctx->ticketEncCb = NULL; ctx->ticketEncCtx = NULL; - XMEMSET(ctx->ticketCompatName, 0, WOLFSSL_TICKET_NAME_SZ); -#if defined(HAVE_SESSION_TICKET) && !defined(NO_WOLFSSL_SERVER) && \ - defined(OPENSSL_EXTRA) && ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) \ - || (!defined(NO_AES) && defined(HAVE_AESGCM) && defined(HAVE_AESGCM))) - ForceZero(ctx->ticketCompatKey, sizeof(ctx->ticketCompatKey)); -#endif WOLFSSL_MSG("\tSSL_OP_NO_TICKET"); } #endif diff --git a/tests/api.c b/tests/api.c index 6c10128dc..d3ed6e13b 100644 --- a/tests/api.c +++ b/tests/api.c @@ -2605,6 +2605,75 @@ static int nonblocking_accept_read(void* args, WOLFSSL* ssl, SOCKET_T* sockfd) } #endif /* WOLFSSL_SESSION_EXPORT */ + +#if defined(HAVE_SESSION_TICKET) && \ + ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) && \ + defined(OPENSSL_EXTRA) + + typedef struct openssl_key_ctx { + byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */ + byte key[AES_256_KEY_SIZE]; /* cipher key */ + byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */ + byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */ + } openssl_key_ctx; + + static THREAD_LS_T openssl_key_ctx myOpenSSLKey_ctx; + static THREAD_LS_T WC_RNG myOpenSSLKey_rng; + + static WC_INLINE int OpenSSLTicketInit(void) + { + int ret = wc_InitRng(&myOpenSSLKey_rng); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.name, + sizeof(myOpenSSLKey_ctx.name)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.key, + sizeof(myOpenSSLKey_ctx.key)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.hmacKey, + sizeof(myOpenSSLKey_ctx.hmacKey)); + if (ret != 0) return ret; + + ret = wc_RNG_GenerateBlock(&myOpenSSLKey_rng, myOpenSSLKey_ctx.iv, + sizeof(myOpenSSLKey_ctx.iv)); + if (ret != 0) return ret; + + return 0; + } + + static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl, + byte name[WOLFSSL_TICKET_NAME_SZ], + byte iv[WOLFSSL_TICKET_IV_SZ], + WOLFSSL_EVP_CIPHER_CTX *ectx, + WOLFSSL_HMAC_CTX *hctx, int enc) { + (void)ssl; + if (enc) { + XMEMCPY(name, myOpenSSLKey_ctx.name, sizeof(myOpenSSLKey_ctx.name)); + XMEMCPY(iv, myOpenSSLKey_ctx.iv, sizeof(myOpenSSLKey_ctx.iv)); + } + else if (XMEMCMP(name, myOpenSSLKey_ctx.name, + sizeof(myOpenSSLKey_ctx.name)) != 0 || + XMEMCMP(iv, myOpenSSLKey_ctx.iv, + sizeof(myOpenSSLKey_ctx.iv)) != 0) { + return 0; + } + HMAC_Init_ex(hctx, myOpenSSLKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL); + if (enc) + EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv); + else + EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myOpenSSLKey_ctx.key, iv); + return 1; + } + + static WC_INLINE void OpenSSLTicketCleanup(void) + { + wc_FreeRng(&myOpenSSLKey_rng); + } +#endif + static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) { SOCKET_T sockfd = 0; @@ -2646,12 +2715,13 @@ static THREAD_RETURN WOLFSSL_THREAD test_server_nofail(void* args) ctx = wolfSSL_CTX_new(method); } -#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ +#if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) - TicketInit(); #ifdef OPENSSL_EXTRA + OpenSSLTicketInit(); wolfSSL_CTX_set_tlsext_ticket_key_cb(ctx, myTicketEncCbOpenSSL); -#else +#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) + TicketInit(); wolfSSL_CTX_set_TicketEncCb(ctx, myTicketEncCb); #endif #endif @@ -2837,10 +2907,14 @@ done: wc_ecc_fp_free(); /* free per thread cache */ #endif -#if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ +#if defined(HAVE_SESSION_TICKET) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || defined(HAVE_AESGCM)) +#ifdef OPENSSL_EXTRA + OpenSSLTicketCleanup(); +#elif defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) TicketCleanup(); #endif +#endif #ifndef WOLFSSL_TIRTOS return 0; diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 5269bbd00..aebfb3a69 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -2935,11 +2935,9 @@ struct WOLFSSL_CTX { #endif #endif #endif - #endif #ifdef HAVE_SUPPORTED_CURVES byte userCurves; /* indicates user called wolfSSL_CTX_UseSupportedCurve */ #endif -#endif #ifdef ATOMIC_USER CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */ CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */ diff --git a/wolfssl/test.h b/wolfssl/test.h index 6e0df1ceb..5da853e60 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -3930,71 +3930,10 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) } + #if defined(HAVE_SESSION_TICKET) && defined(WOLFSSL_NO_DEF_TICKET_ENC_CB) && \ ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ defined(HAVE_AESGCM)) - static THREAD_LS_T WC_RNG myKey_rng; - - static WC_INLINE void TicketCleanup(void) - { - wc_FreeRng(&myKey_rng); - } - -#ifdef OPENSSL_EXTRA - - typedef struct key_ctx { - byte name[WOLFSSL_TICKET_NAME_SZ]; /* server name */ - byte key[AES_256_KEY_SIZE]; /* cipher key */ - byte hmacKey[WOLFSSL_TICKET_NAME_SZ]; /* hmac key */ - byte iv[WOLFSSL_TICKET_IV_SZ]; /* cipher iv */ - } key_ctx; - - static THREAD_LS_T key_ctx myKey_ctx; - - static WC_INLINE int TicketInit(void) - { - int ret = wc_InitRng(&myKey_rng); - if (ret != 0) return ret; - - ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.name, sizeof(myKey_ctx.name)); - if (ret != 0) return ret; - - ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.key, sizeof(myKey_ctx.key)); - if (ret != 0) return ret; - - ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.hmacKey, sizeof(myKey_ctx.hmacKey)); - if (ret != 0) return ret; - - ret = wc_RNG_GenerateBlock(&myKey_rng, myKey_ctx.iv,sizeof(myKey_ctx.iv)); - if (ret != 0) return ret; - - return 0; - } - - static WC_INLINE int myTicketEncCbOpenSSL(WOLFSSL* ssl, - byte name[WOLFSSL_TICKET_NAME_SZ], - byte iv[WOLFSSL_TICKET_IV_SZ], - WOLFSSL_EVP_CIPHER_CTX *ectx, - WOLFSSL_HMAC_CTX *hctx, int enc) { - (void)ssl; - if (enc) { - XMEMCPY(name, myKey_ctx.name, sizeof(myKey_ctx.name)); - XMEMCPY(iv, myKey_ctx.iv, sizeof(myKey_ctx.iv)); - } - else if (XMEMCMP(name, myKey_ctx.name, sizeof(myKey_ctx.name)) != 0 || - XMEMCMP(iv, myKey_ctx.iv, sizeof(myKey_ctx.iv)) != 0) { - return 0; - } - HMAC_Init_ex(hctx, myKey_ctx.hmacKey, WOLFSSL_TICKET_NAME_SZ, EVP_sha256(), NULL); - if (enc) - EVP_EncryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myKey_ctx.key, iv); - else - EVP_DecryptInit_ex(ectx, EVP_aes_256_cbc(), NULL, myKey_ctx.key, iv); - return 1; - } - -#elif ((defined(HAVE_CHACHA) && defined(HAVE_POLY1305)) || \ - defined(HAVE_AESGCM)) #if defined(HAVE_CHACHA) && defined(HAVE_POLY1305) #include @@ -4011,6 +3950,7 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) } key_ctx; static THREAD_LS_T key_ctx myKey_ctx; + static THREAD_LS_T WC_RNG myKey_rng; static WC_INLINE int TicketInit(void) { @@ -4026,6 +3966,11 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) return 0; } + static WC_INLINE void TicketCleanup(void) + { + wc_FreeRng(&myKey_rng); + } + static WC_INLINE int myTicketEncCb(WOLFSSL* ssl, byte key_name[WOLFSSL_TICKET_NAME_SZ], byte iv[WOLFSSL_TICKET_IV_SZ], @@ -4123,8 +4068,9 @@ static WC_INLINE const char* mymktemp(char *tempfn, int len, int num) return WOLFSSL_TICKET_RET_OK; } -#endif /* OPENSSL_EXTRA elif ((HAVE_CHACHA && HAVE_POLY1305) || HAVE_AESGCM) */ -#endif /* HAVE_SESSION_TICKET */ + +#endif /* HAVE_SESSION_TICKET && ((HAVE_CHACHA && HAVE_POLY1305) || HAVE_AESGCM) */ + static WC_INLINE word16 GetRandomPort(void) {