mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 22:10:53 +02:00
Cap session ticket lifetime hint at half of key lifetime
The default ticket encryption callback rotates two keys and can only honor a hint below WOLFSSL_TICKET_KEY_LIFETIME/2; a larger hint previously left no key available for encryption, failing every handshake after the first on a reused server CTX. Now these values are rejected.
This commit is contained in:
@@ -1055,6 +1055,8 @@ int wolfSSL_CTX_set_TicketEncCb(WOLFSSL_CTX* ctx, SessionTicketEncCb cb)
|
||||
*
|
||||
* @param [in] ctx SSL/TLS context object.
|
||||
* @param [in] hint Lifetime hint in seconds. No more than 604800 (7 days).
|
||||
* With the default ticket encryption callback, must also be
|
||||
* less than WOLFSSL_TICKET_KEY_LIFETIME / 2.
|
||||
* @return WOLFSSL_SUCCESS on success.
|
||||
* @return BAD_FUNC_ARG when ctx is NULL or hint is out of range.
|
||||
*/
|
||||
@@ -1068,6 +1070,15 @@ int wolfSSL_CTX_set_TicketHint(WOLFSSL_CTX* ctx, int hint)
|
||||
if (hint < 0 || hint > 604800)
|
||||
return BAD_FUNC_ARG;
|
||||
|
||||
#ifdef WOLFSSL_TICKET_KEY_LIFETIME
|
||||
/* The default ticket encryption callback rotates two keys, each living
|
||||
* WOLFSSL_TICKET_KEY_LIFETIME seconds. Its staggered rotation can only
|
||||
* honor a hint below half that; a larger hint would leave no key available
|
||||
* for encryption. */
|
||||
if (hint >= WOLFSSL_TICKET_KEY_LIFETIME / 2)
|
||||
return BAD_FUNC_ARG;
|
||||
#endif
|
||||
|
||||
ctx->ticketHint = hint;
|
||||
|
||||
return WOLFSSL_SUCCESS;
|
||||
|
||||
@@ -188,7 +188,18 @@ int test_wolfSSL_CTX_set_TicketHint_ext(void)
|
||||
ExpectIntEQ(wolfSSL_CTX_set_TicketHint(ctx, 604801),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
ExpectIntEQ(wolfSSL_CTX_set_TicketHint(ctx, 0), WOLFSSL_SUCCESS);
|
||||
#ifdef WOLFSSL_TICKET_KEY_LIFETIME
|
||||
/* The default ticket encryption callback can only honor a hint below half
|
||||
* the ticket key lifetime; larger values are rejected. */
|
||||
ExpectIntEQ(wolfSSL_CTX_set_TicketHint(ctx, WOLFSSL_TICKET_KEY_LIFETIME / 2),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
ExpectIntEQ(wolfSSL_CTX_set_TicketHint(ctx,
|
||||
WOLFSSL_TICKET_KEY_LIFETIME / 2 - 1), WOLFSSL_SUCCESS);
|
||||
ExpectIntEQ(wolfSSL_CTX_set_TicketHint(ctx, 604800),
|
||||
WC_NO_ERR_TRACE(BAD_FUNC_ARG));
|
||||
#else
|
||||
ExpectIntEQ(wolfSSL_CTX_set_TicketHint(ctx, 604800), WOLFSSL_SUCCESS);
|
||||
#endif
|
||||
|
||||
wolfSSL_CTX_free(ctx);
|
||||
#endif
|
||||
|
||||
+2
-2
@@ -2047,8 +2047,8 @@ WOLFSSL_LOCAL int NamedGroupIsPqcHybrid(int group);
|
||||
/* Default lifetime is 1 hour from issue of first ticket with key. */
|
||||
#define WOLFSSL_TICKET_KEY_LIFETIME (60 * 60)
|
||||
#endif
|
||||
#if WOLFSSL_TICKET_KEY_LIFETIME <= SESSION_TICKET_HINT_DEFAULT
|
||||
#error "Ticket Key lifetime must be longer than ticket life hint."
|
||||
#if WOLFSSL_TICKET_KEY_LIFETIME <= 2 * SESSION_TICKET_HINT_DEFAULT
|
||||
#error "Ticket Key lifetime must be more than twice the ticket life hint."
|
||||
#endif
|
||||
#endif
|
||||
|
||||
|
||||
Reference in New Issue
Block a user