diff --git a/configure.ac b/configure.ac index 8d84a38f0..a5e44a91e 100644 --- a/configure.ac +++ b/configure.ac @@ -1508,6 +1508,19 @@ else fi +# TLSv1.2 +AC_ARG_ENABLE([tlsv12], + [AS_HELP_STRING([--enable-tlsv12],[Enable TLS versions 1.2 (default: enabled)])], + [ ENABLED_TLSV12=$enableval ], + [ ENABLED_TLSV12=yes ] + ) + +if test "$ENABLED_TLSV12" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DWOLFSSL_NO_TLS12 -DNO_OLD_TLS" +fi + + # TLSv1.0 AC_ARG_ENABLE([tlsv10], [AS_HELP_STRING([--enable-tlsv10],[Enable old TLS versions 1.0 (default: disabled)])], diff --git a/examples/benchmark/tls_bench.c b/examples/benchmark/tls_bench.c index 1234914bd..199ab3755 100644 --- a/examples/benchmark/tls_bench.c +++ b/examples/benchmark/tls_bench.c @@ -354,7 +354,7 @@ static void* client_thread(void* args) int haveShownPeerInfo = 0; /* set up client */ - cli_ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + cli_ctx = wolfSSL_CTX_new(wolfSSLv23_client_method()); if (cli_ctx == NULL) err_sys("error creating ctx"); #ifndef NO_CERTS @@ -480,7 +480,7 @@ static void* server_thread(void* args) WOLFSSL* srv_ssl; /* set up server */ - srv_ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()); + srv_ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()); if (srv_ctx == NULL) err_sys("error creating server ctx"); #ifndef NO_CERTS diff --git a/examples/client/client.c b/examples/client/client.c index 35f46e98e..b7f2a37c3 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -182,7 +182,9 @@ static void ShowVersions(void) #endif printf("2:"); #endif /* NO_OLD_TLS */ +#ifndef WOLFSSL_NO_TLS12 printf("3:"); +#endif #ifdef WOLFSSL_TLS13 printf("4:"); #endif @@ -1489,9 +1491,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) #endif /* !NO_OLD_TLS */ #ifndef NO_TLS + #ifndef WOLFSSL_NO_TLS12 case 3: method = wolfTLSv1_2_client_method_ex; break; + #endif #ifdef WOLFSSL_TLS13 case 4: @@ -1511,9 +1515,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) break; #endif + #ifndef WOLFSSL_NO_TLS12 case -2: method = wolfDTLSv1_2_client_method_ex; break; + #endif #endif default: diff --git a/examples/server/server.c b/examples/server/server.c index 44e3b5910..b2fa31ad2 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -281,6 +281,46 @@ int ServerEchoData(SSL* ssl, int clientfd, int echoData, int block, return EXIT_SUCCESS; } +#ifdef WOLFSSL_TLS13 +static void NonBlockingServerRead(WOLFSSL* ssl, char* input, int inputLen) +{ + int ret, err; + char buffer[CYASSL_MAX_ERROR_SZ]; + + /* Read data */ + do { + err = 0; /* reset error */ + ret = SSL_read(ssl, input, inputLen); + if (ret < 0) { + err = SSL_get_error(ssl, 0); + + #ifdef WOLFSSL_ASYNC_CRYPT + if (err == WC_PENDING_E) { + ret = wolfSSL_AsyncPoll(ssl, WOLF_POLL_FLAG_CHECK_HW); + if (ret < 0) break; + } + else + #endif + #ifdef CYASSL_DTLS + if (wolfSSL_dtls(ssl) && err == DECRYPT_ERROR) { + printf("Dropped client's message due to a bad MAC\n"); + } + else + #endif + if (err != WOLFSSL_ERROR_WANT_READ) { + printf("SSL_read input error %d, %s\n", err, + ERR_error_string(err, buffer)); + err_sys_ex(runWithErrors, "SSL_read failed"); + } + } + } while (err == WC_PENDING_E || err == WOLFSSL_ERROR_WANT_READ); + if (ret > 0) { + input[ret] = 0; /* null terminate message */ + printf("Client message: %s\n", input); + } +} +#endif + static void ServerRead(WOLFSSL* ssl, char* input, int inputLen) { int ret, err; @@ -543,9 +583,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) int noPskDheKe = 0; #endif int updateKeysIVs = 0; -#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) int postHandAuth = 0; -#endif #ifdef WOLFSSL_EARLY_DATA int earlyData = 0; #endif @@ -598,6 +636,7 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) (void)crlFlags; (void)readySignal; (void)updateKeysIVs; + (void)postHandAuth; (void)mcastID; (void)useX25519; @@ -967,9 +1006,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #endif /* !NO_OLD_TLS */ #ifndef NO_TLS + #ifndef WOLFSSL_NO_TLS12 case 3: method = wolfTLSv1_2_server_method_ex; break; + #endif #ifdef WOLFSSL_TLS13 case 4: @@ -989,9 +1030,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) break; #endif + #ifndef WOLFSSL_NO_TLS12 case -2: method = wolfDTLSv1_2_server_method_ex; break; + #endif #endif default: @@ -1635,10 +1678,13 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) } ServerWrite(ssl, write_msg, write_msg_sz); -#if defined(WOLFSSL_TLS13) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) - if (postHandAuth) { +#ifdef WOLFSSL_TLS13 + if (updateKeysIVs || postHandAuth) { ServerWrite(ssl, write_msg, write_msg_sz); - ServerRead(ssl, input, sizeof(input)-1); + if (nonBlocking) + NonBlockingServerRead(ssl, input, sizeof(input)-1); + else + ServerRead(ssl, input, sizeof(input)-1); } #endif } diff --git a/scripts/google.test b/scripts/google.test index ecc126836..7b58a8a29 100755 --- a/scripts/google.test +++ b/scripts/google.test @@ -6,6 +6,13 @@ server=www.google.com [ ! -x ./examples/client/client ] && echo -e "\n\nClient doesn't exist" && exit 1 +# TODO: [TLS13] Remove this when google supports final version of TLS 1.3 +./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version' +if [ $? -eq 0 ]; then + echo -e "\n\nClient doesn't support TLS v1.2" + exit 0 +fi + # is our desired server there? ./scripts/ping.test $server 2 RESULT=$? diff --git a/scripts/openssl.test b/scripts/openssl.test index d8ed4fdf5..3fa04e058 100755 --- a/scripts/openssl.test +++ b/scripts/openssl.test @@ -21,6 +21,9 @@ wolf_suites_total=0 counter=0 testing_summary="OpenSSL Interop Testing Summary:\nVersion\tTested\t#Found\t#Tested\n" versionName="Invalid" +if [ "$OPENSSL" = "" ]; then + OPENSSL=openssl +fi version_name() { case $version in "0") @@ -73,7 +76,7 @@ else fi echo -e "\nTesting existence of openssl command...\n" -command -v openssl >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but it's not installed. Ending."; exit 0; } +command -v $OPENSSL >/dev/null 2>&1 || { echo >&2 "Requires openssl command, but it's not installed. Ending."; exit 0; } echo -e "\nTesting for _build directory as part of distcheck, different paths" @@ -92,7 +95,7 @@ found_free_port=0 while [ "$counter" -lt 20 ]; do echo -e "\nTrying to start openssl server on port $openssl_port...\n" - openssl s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -verify 10 -verify_return_error -psk 1a2b3c4d -cipher "ALL:eNULL" & + $OPENSSL s_server -accept $openssl_port -cert ./certs/server-cert.pem -key ./certs/server-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -dcert ./certs/server-ecc.pem -dkey ./certs/ecc-key.pem -verify 10 -verify_return_error -psk 1a2b3c4d -cipher "ALL:eNULL" & server_pid=$! # wait to see if s_server successfully starts before continuing sleep 0.1 @@ -127,7 +130,7 @@ case $wolf_ciphers in while [ "$counter" -lt 20 ]; do echo -e "\nTrying to start ECDH-RSA openssl server on port $ecdh_port...\n" - openssl s_server -accept $ecdh_port -cert ./certs/server-ecc-rsa.pem -key ./certs/ecc-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -cipher "ALL:eNULL" & + $OPENSSL s_server -accept $ecdh_port -cert ./certs/server-ecc-rsa.pem -key ./certs/ecc-key.pem -quiet -CAfile ./certs/client-ca.pem -www -dhparam ./certs/dh2048.pem -verify 10 -verify_return_error -cipher "ALL:eNULL" & ecdh_server_pid=$! # wait to see if s_server successfully starts before continuing sleep 0.1 @@ -193,11 +196,11 @@ do echo -e "version = $version" # get openssl ciphers depending on version case $version in "0") - openssl_ciphers=`openssl ciphers "SSLv3"` + openssl_ciphers=`$OPENSSL ciphers "SSLv3"` # double check that can actually do a sslv3 connection using # client-cert.pem to send but any file with EOF works - openssl s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ./certs/client-cert.pem + $OPENSSL s_client -ssl3 -no_ign_eof -host localhost -port $openssl_port < ./certs/client-cert.pem sslv3_sup=$? if [ $sslv3_sup != 0 ] @@ -208,7 +211,7 @@ do fi ;; "1") - openssl_ciphers=`openssl ciphers "TLSv1"` + openssl_ciphers=`$OPENSSL ciphers "TLSv1"` tlsv1_sup=$? if [ $tlsv1_sup != 0 ] then @@ -218,7 +221,7 @@ do fi ;; "2") - openssl_ciphers=`openssl ciphers "TLSv1.1"` + openssl_ciphers=`$OPENSSL ciphers "TLSv1.1"` tlsv1_1_sup=$? if [ $tlsv1_1_sup != 0 ] then @@ -228,7 +231,7 @@ do fi ;; "3") - openssl_ciphers=`openssl ciphers "TLSv1.2"` + openssl_ciphers=`$OPENSSL ciphers "TLSv1.2"` tlsv1_2_sup=$? if [ $tlsv1_2_sup != 0 ] then @@ -238,7 +241,7 @@ do fi ;; "4") #test all suites - openssl_ciphers=`openssl ciphers "ALL"` + openssl_ciphers=`$OPENSSL ciphers "ALL"` all_sup=$? if [ $all_sup != 0 ] then diff --git a/scripts/psk.test b/scripts/psk.test index 01313b91b..d8a0c3d07 100755 --- a/scripts/psk.test +++ b/scripts/psk.test @@ -83,67 +83,40 @@ echo "" # client test against the server ############################### -# usual psk server / psk client -port=0 -./examples/server/server -j -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -s -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nClient connection failed" - do_cleanup - exit 1 -fi -echo "" +./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version' +if [ $? -ne 0 ]; then + # Usual server / client. This use case is tested in + # tests/unit.test and is used here for just checking if cipher suite + # is available (one case for example is with disable-asn) + port=0 + ./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA & + server_pid=$! + create_port + ./examples/client/client -p $port + RESULT=$? + remove_ready_file + # if fail here then is a settings issue so return 0 + if [ $RESULT -ne 0 ]; then + echo -e "\n\nIssue with choosen non PSK suites" + do_cleanup + exit 0 + fi + echo "" -# Usual server / client. This use case is tested in -# tests/unit.test and is used here for just checking if cipher suite -# is available (one case for example is with disable-asn) -port=0 -./examples/server/server -R $ready_file -p $port -l DHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-DES-CBC3-SHA & -server_pid=$! -create_port -./examples/client/client -p $port -RESULT=$? -remove_ready_file -# if fail here then is a settings issue so return 0 -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with choosen non PSK suites" - do_cleanup - exit 0 -fi -echo "" - -# psk server with non psk client -port=0 -./examples/server/server -j -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nClient connection failed" - do_cleanup - exit 1 -fi -echo "" - -# check fail if no auth, psk server with non psk client -echo "Checking fail when not sending peer cert" -port=0 -./examples/server/server -j -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -x -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -eq 0 ]; then - echo -e "\n\nClient connected when supposed to fail" - do_cleanup - exit 1 + # check fail if no auth, psk server with non psk client + echo "Checking fail when not sending peer cert" + port=0 + ./examples/server/server -j -R $ready_file -p $port & + server_pid=$! + create_port + ./examples/client/client -x -p $port + RESULT=$? + remove_ready_file + if [ $RESULT -eq 0 ]; then + echo -e "\n\nClient connected when supposed to fail" + do_cleanup + exit 1 + fi fi echo -e "\nALL Tests Passed" diff --git a/scripts/tls13.test b/scripts/tls13.test index 368256963..8154d7fdd 100755 --- a/scripts/tls13.test +++ b/scripts/tls13.test @@ -14,12 +14,13 @@ counter=0 # also let's add some randomness by adding pid in case multiple 'make check's # per source tree ready_file=`pwd`/wolfssl_tls13_ready$$ +client_file=/tmp/wolfssl_tls13_client$$ echo "ready file $ready_file" create_port() { while [ ! -s $ready_file ]; do - if [ -a "$counter" -gt 50 ]; then + if [ "$counter" -gt 50 ]; then break fi echo -e "waiting for ready file..." @@ -54,6 +55,10 @@ do_cleanup() { kill -9 $server_pid fi remove_ready_file + if [ -e $client_file ]; then + echo -e "removing existing client file" + rm $client_file + fi } do_trap() { @@ -72,7 +77,7 @@ port=0 ./examples/server/server -v 4 -R $ready_file -p $port & server_pid=$! create_port -./examples/client/client -v 4 -p $port +./examples/client/client -v 4 -p $port | tee $client_file RESULT=$? remove_ready_file if [ $RESULT -ne 0 ]; then @@ -82,268 +87,6 @@ if [ $RESULT -ne 0 ]; then fi echo "" -# Usual TLS v1.3 server / TLS v1.3 client - fragment. -echo -e "\n\nTLS v1.3 server with TLS v1.3 client - fragment" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -F 1 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 and fragments not working" - do_cleanup - exit 1 -fi -echo "" - -# Use HelloRetryRequest with TLS v1.3 server / TLS v1.3 client. -echo -e "\n\nTLS v1.3 HelloRetryRequest" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -J -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 HelloRetryRequest not working" - do_cleanup - exit 1 -fi -echo "" - -# Use HelloRetryRequest with TLS v1.3 server / TLS v1.3 client using cookie -echo -e "\n\nTLS v1.3 HelloRetryRequest with cookie" -port=0 -./examples/server/server -v 4 -J -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -J -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 HelloRetryRequest with cookie not working" - do_cleanup - exit 1 -fi -echo "" - -# Use HelloRetryRequest with TLS v1.3 server / TLS v1.3 client - SHA384. -echo -e "\n\nTLS v1.3 HelloRetryRequest - SHA384" -port=0 -./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -J -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 HelloRetryRequest with SHA384 not working" - do_cleanup - exit 1 -fi -echo "" - -# Resumption TLS v1.3 server / TLS v1.3 client. -echo -e "\n\nTLS v1.3 resumption" -port=0 -./examples/server/server -v 4 -r -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -r -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 resumption not working" - do_cleanup - exit 1 -fi -echo "" - -# Resumption TLS v1.3 server / TLS v1.3 client - SHA384 -echo -e "\n\nTLS v1.3 resumption - SHA384" -port=0 -./examples/server/server -v 4 -l TLS13-AES256-GCM-SHA384 -r -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -l TLS13-AES256-GCM-SHA384 -r -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 resumption with SHA384 not working" - do_cleanup - exit 1 -fi -echo "" - -./examples/client/client -v 4 -e 2>&1 | grep -- '-ECC' -if [ $? -eq 0 ]; then - # Usual TLS v1.3 server / TLS v1.3 client and ECC certificates. - echo -e "\n\nTLS v1.3 server with TLS v1.3 client - ECC certificates" - port=0 - ./examples/server/server -v 4 -A certs/client-ecc-cert.pem -c certs/server-ecc.pem -k certs/ecc-key.pem -R $ready_file -p $port & - server_pid=$! - create_port - ./examples/client/client -v 4 -A certs/ca-ecc-cert.pem -c certs/client-ecc-cert.pem -k certs/ecc-client-key.pem -p $port - RESULT=$? - remove_ready_file - if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 ECC certificates not working" - do_cleanup - exit 1 - fi - echo "" -fi - -# Usual TLS v1.3 server / TLS v1.3 client and no client certificate. -echo -e "\n\nTLS v1.3 server with TLS v1.3 client - no client cretificate" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -x -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 and no client certificate not working" - do_cleanup - exit 1 -fi -echo "" - -# Usual TLS v1.3 server / TLS v1.3 client and DH Key. -echo -e "\n\nTLS v1.3 server with TLS v1.3 client - DH Key Exchange" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -y -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 DH Key Exchange not working" - do_cleanup - exit 1 -fi -echo "" - -# Usual TLS v1.3 server / TLS v1.3 client and ECC Key. -echo -e "\n\nTLS v1.3 server with TLS v1.3 client - ECC Key Exchange" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -Y -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nTLS v1.3 ECDH Key Exchange not working" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.3 cipher suites server / client. -echo -e "\n\nOnly TLS v1.3 cipher suites" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256 & -server_pid=$! -create_port -./examples/client/client -v 4 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 cipher suites - only TLS v1.3" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.3 cipher suites server / client. -echo -e "\n\nOnly TLS v1.3 cipher suite - AES128-GCM SHA-256" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-GCM-SHA256 & -server_pid=$! -create_port -./examples/client/client -v 4 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 cipher suites - AES128-GCM SHA-256" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.3 cipher suites server / client. -echo -e "\n\nOnly TLS v1.3 cipher suite - AES256-GCM SHA-384" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES256-GCM-SHA384 & -server_pid=$! -create_port -./examples/client/client -v 4 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 cipher suites - AES256-GCM SHA-384" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.3 cipher suites server / client. -echo -e "\n\nOnly TLS v1.3 cipher suite - CHACHA20-POLY1305 SHA-256" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-CHACHA20-POLY1305-SHA256 & -server_pid=$! -create_port -./examples/client/client -v 4 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 cipher suites - CHACHA20-POLY1305 SHA-256" - do_cleanup - exit 1 -fi -echo "" - -./examples/client/client -v 4 -e 2>&1 | grep -- '-CCM' -if [ $? -eq 0 ]; then - # TLS 1.3 cipher suites server / client. - echo -e "\n\nOnly TLS v1.3 cipher suite - AES128-CCM SHA-256" - port=0 - ./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-CCM-SHA256 & - server_pid=$! - create_port - ./examples/client/client -v 4 -p $port - RESULT=$? - remove_ready_file - if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 cipher suites - AES128-CCM SHA-256" - do_cleanup - exit 1 - fi - echo "" - - # TLS 1.3 cipher suites server / client. - echo -e "\n\nOnly TLS v1.3 cipher suite - AES128-CCM-8 SHA-256" - port=0 - ./examples/server/server -v 4 -R $ready_file -p $port -l TLS13-AES128-CCM-8-SHA256 & - server_pid=$! - create_port - ./examples/client/client -v 4 -p $port - RESULT=$? - remove_ready_file - if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 cipher suites - AES128-CCM-8 SHA-256" - do_cleanup - exit 1 - fi - echo "" -fi - # TLS 1.3 cipher suites server / client. echo -e "\n\nTLS v1.3 cipher suite mismatch" port=0 @@ -353,189 +96,48 @@ create_port ./examples/client/client -v 4 -p $port -l TLS13-AES256-GCM-SHA384 RESULT=$? remove_ready_file -if [ $RESULT -ne 1 ]; then +if [ $RESULT -eq 0 ]; then echo -e "\n\nIssue with mismatched TLS v1.3 cipher suites" do_cleanup exit 1 fi echo "" -# TLS 1.3 server / TLS 1.2 client. -echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2" -port=0 -./examples/server/server -v 4 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 3 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -eq 0 ]; then - echo -e "\n\nIssue with TLS v1.3 server downgrading to TLS v1.2" - do_cleanup - exit 1 -fi -echo "" -# TLS Downgrade server / TLS 1.2 client. -echo -e "\n\nTLS server downgrading to TLS v1.2" -port=0 -./examples/server/server -v d -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 3 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS server downgrading to TLS v1.2" - do_cleanup - exit 1 -fi -echo "" +./examples/client/client -v 3 2>&1 | grep -- 'Bad SSL version' +if [ $? -ne 0 ]; then + # TLS 1.3 server / TLS 1.2 client. + echo -e "\n\nTLS v1.3 server downgrading to TLS v1.2" + port=0 + ./examples/server/server -v 4 -R $ready_file -p $port & + server_pid=$! + create_port + ./examples/client/client -v 3 -p $port + RESULT=$? + remove_ready_file + if [ $RESULT -eq 0 ]; then + echo -e "\n\nIssue with TLS v1.3 server downgrading to TLS v1.2" + do_cleanup + exit 1 + fi + echo "" -# TLS 1.2 server / TLS 1.3 client. -echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3" -port=0 -./examples/server/server -v 3 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -eq 0 ]; then - echo -e "\n\nIssue with TLS v1.3 client upgrading server to TLS v1.3" - do_cleanup - exit 1 + # TLS 1.2 server / TLS 1.3 client. + echo -e "\n\nTLS v1.3 client upgrading server to TLS v1.3" + port=0 + ./examples/server/server -v 3 -R $ready_file -p $port & + server_pid=$! + create_port + ./examples/client/client -v 4 -p $port + RESULT=$? + remove_ready_file + if [ $RESULT -eq 0 ]; then + echo -e "\n\nIssue with TLS v1.3 client upgrading server to TLS v1.3" + do_cleanup + exit 1 + fi + echo "" fi -echo "" - -# TLS 1.2 server / TLS downgrade client. -echo -e "\n\nTLS client downgrading to TLS v1.2" -port=0 -./examples/server/server -v 3 -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v d -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS client downgrading to TLS v1.2" - do_cleanup - exit 1 -fi -echo "" - -# TLS Downgrade server / TLS Downgrade client. -echo -e "\n\nTLS server and client able to downgrade but don't" -port=0 -./examples/server/server -v d -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v d -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS not downgrading" - do_cleanup - exit 1 -fi -echo "" - -# TLS Downgrade server / TLS Downgrade client resumption. -echo -e "\n\nTLS server and client able to downgrade but don't and resume" -port=0 -./examples/server/server -v d -r -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v d -r -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS not downgrading and resumption" - do_cleanup - exit 1 -fi -echo "" - -# TLS Downgrade server / TLS 1.2 client and resume. -echo -e "\n\nTLS server downgrade and resume" -port=0 -./examples/server/server -v d -r -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 3 -r -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS server downgrading and resumption" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.2 server / TLS downgrade client and resume. -echo -e "\n\nTLS client downgrade and resume" -port=0 -./examples/server/server -v 3 -r -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v d -r -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS client downgrading and resumption" - do_cleanup - exit 1 -fi -echo "" - -# TLS Downgrade server / TLS Downgrade client. -# TLS 1.3 server / TLS 1.3 client send KeyUpdate before sending app data. -echo -e "\n\nTLS v1.3 KeyUpdate" -port=0 -./examples/server/server -v 4 -U -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -I -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 KeyUpdate" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.3 server / TLS 1.3 client - don't use (EC)DHE with PSK. -echo -e "\n\nTLS v1.3 PSK without (EC)DHE" -port=0 -./examples/server/server -v 4 -r -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -r -K -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 PSK without (EC)DHE" - do_cleanup - exit 1 -fi -echo "" - -# TLS 1.3 server / TLS 1.3 client and Post-Handshake Authentication. -echo -e "\n\nTLS v1.3 Post-Handshake Authentication" -port=0 -./examples/server/server -v 4 -Q -R $ready_file -p $port & -server_pid=$! -create_port -./examples/client/client -v 4 -Q -p $port -RESULT=$? -remove_ready_file -if [ $RESULT -ne 0 ]; then - echo -e "\n\nIssue with TLS v1.3 Post-Handshake Auth" - do_cleanup - exit 1 -fi -echo "" echo -e "\nALL Tests Passed" diff --git a/src/internal.c b/src/internal.c index 6df5dd578..a65b2365c 100644 --- a/src/internal.c +++ b/src/internal.c @@ -85,6 +85,8 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #error Cannot use both secure-renegotiation and renegotiation-indication #endif +#ifndef WOLFSSL_NO_TLS12 + #ifndef NO_WOLFSSL_CLIENT static int DoHelloVerifyRequest(WOLFSSL* ssl, const byte* input, word32*, word32); @@ -112,6 +114,7 @@ WOLFSSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #endif /* WOLFSSL_DTLS */ #endif +#endif /* !WOLFSSL_NO_TLS12 */ #ifdef WOLFSSL_DTLS static INLINE int DtlsCheckWindow(WOLFSSL* ssl); @@ -132,6 +135,8 @@ enum processReply { }; +#ifndef WOLFSSL_NO_TLS12 + /* Server random bytes for TLS v1.3 described downgrade protection mechanism. */ static const byte tls13Downgrade[7] = { 0x44, 0x4f, 0x47, 0x4e, 0x47, 0x52, 0x44 @@ -145,6 +150,8 @@ static int SSL_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, #endif +#endif /* !WOLFSSL_NO_TLS12 */ + #ifdef HAVE_QSH int QSH_Init(WOLFSSL* ssl); #endif @@ -176,7 +183,6 @@ int IsAtLeastTLSv1_3(const ProtocolVersion pv) return (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR); } - static INLINE int IsEncryptionOn(WOLFSSL* ssl, int isSend) { (void)isSend; @@ -1832,6 +1838,45 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, if (suites->setSuites) return; /* trust user settings, don't override */ +#ifdef WOLFSSL_TLS13 +#ifdef BUILD_TLS_AES_128_GCM_SHA256 + if (tls1_3) { + suites->suites[idx++] = TLS13_BYTE; + suites->suites[idx++] = TLS_AES_128_GCM_SHA256; + } +#endif + +#ifdef BUILD_TLS_AES_256_GCM_SHA384 + if (tls1_3) { + suites->suites[idx++] = TLS13_BYTE; + suites->suites[idx++] = TLS_AES_256_GCM_SHA384; + } +#endif + +#ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256 + if (tls1_3) { + suites->suites[idx++] = TLS13_BYTE; + suites->suites[idx++] = TLS_CHACHA20_POLY1305_SHA256; + } +#endif + +#ifdef BUILD_TLS_AES_128_CCM_SHA256 + if (tls1_3) { + suites->suites[idx++] = TLS13_BYTE; + suites->suites[idx++] = TLS_AES_128_CCM_SHA256; + } +#endif + +#ifdef BUILD_TLS_AES_128_CCM_8_SHA256 + if (tls1_3) { + suites->suites[idx++] = TLS13_BYTE; + suites->suites[idx++] = TLS_AES_128_CCM_8_SHA256; + } +#endif +#endif /* WOLFSSL_TLS13 */ + +#ifndef WOLFSSL_NO_TLS12 + #ifndef NO_WOLFSSL_SERVER if (side == WOLFSSL_SERVER_END && haveStaticECC) { haveRSA = 0; /* can't do RSA with ECDSA key */ @@ -1895,43 +1940,6 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, } #endif -#ifdef WOLFSSL_TLS13 -#ifdef BUILD_TLS_AES_128_GCM_SHA256 - if (tls1_3) { - suites->suites[idx++] = TLS13_BYTE; - suites->suites[idx++] = TLS_AES_128_GCM_SHA256; - } -#endif - -#ifdef BUILD_TLS_AES_256_GCM_SHA384 - if (tls1_3) { - suites->suites[idx++] = TLS13_BYTE; - suites->suites[idx++] = TLS_AES_256_GCM_SHA384; - } -#endif - -#ifdef BUILD_TLS_CHACHA20_POLY1305_SHA256 - if (tls1_3) { - suites->suites[idx++] = TLS13_BYTE; - suites->suites[idx++] = TLS_CHACHA20_POLY1305_SHA256; - } -#endif - -#ifdef BUILD_TLS_AES_128_CCM_SHA256 - if (tls1_3) { - suites->suites[idx++] = TLS13_BYTE; - suites->suites[idx++] = TLS_AES_128_CCM_SHA256; - } -#endif - -#ifdef BUILD_TLS_AES_128_CCM_8_SHA256 - if (tls1_3) { - suites->suites[idx++] = TLS13_BYTE; - suites->suites[idx++] = TLS_AES_128_CCM_8_SHA256; - } -#endif -#endif /* WOLFSSL_TLS13 */ - #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 if (tls1_2 && haveECC) { suites->suites[idx++] = ECC_BYTE; @@ -2681,6 +2689,8 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, } #endif +#endif /* !WOLFSSL_NO_TLS12 */ + suites->suiteSz = idx; InitSuitesHashSigAlgo(suites, haveECDSAsig, haveRSAsig, 0, tls1_2, keySz); @@ -2724,8 +2734,10 @@ static INLINE void DecodeSigAlg(const byte* input, byte* hashAlgo, byte* hsType) } #endif /* !NO_WOLFSSL_SERVER || !NO_CERTS */ +#ifndef WOLFSSL_NO_TLS12 + #if !defined(NO_DH) || defined(HAVE_ECC) || \ - (!defined(NO_RSA) && defined(WC_RSA_PSS)) + (!defined(NO_RSA) && defined(WC_RSA_PSS)) static enum wc_HashType HashAlgoToType(int hashAlgo) { @@ -2757,6 +2769,8 @@ static enum wc_HashType HashAlgoToType(int hashAlgo) #endif /* !NO_DH || HAVE_ECC || (!NO_RSA && WC_RSA_PSS) */ +#endif + #ifndef NO_CERTS @@ -2889,7 +2903,7 @@ static INLINE void EncodeSigAlg(byte hashAlgo, byte hsType, byte* output) (void)output; } -#if !defined(WOLFSSL_NO_CLIENT_AUTH) +#if !defined(WOLFSSL_NO_TLS12) && !defined(WOLFSSL_NO_CLIENT_AUTH) static void SetDigest(WOLFSSL* ssl, int hashAlgo) { switch (hashAlgo) { @@ -2919,10 +2933,11 @@ static void SetDigest(WOLFSSL* ssl, int hashAlgo) #endif /* WOLFSSL_SHA512 */ } /* switch */ } -#endif /* !WOLFSSL_NO_CLIENT_AUTH */ +#endif /* !WOLFSSL_NO_TLS12 && !WOLFSSL_NO_CLIENT_AUTH */ #endif /* !NO_CERTS */ #ifndef NO_RSA +#ifndef WOLFSSL_NO_TLS12 static int TypeHash(int hashAlgo) { switch (hashAlgo) { @@ -2946,6 +2961,7 @@ static int TypeHash(int hashAlgo) return 0; } +#endif /* !WOLFSSL_NO_TLS12 */ #if defined(WC_RSA_PSS) int ConvertHashPss(int hashAlgo, enum wc_HashType* hashType, int* mgf) @@ -3250,6 +3266,8 @@ int VerifyRsaSign(WOLFSSL* ssl, byte* verifySig, word32 sigSz, return ret; } +#ifndef WOLFSSL_NO_TLS12 + int RsaDec(WOLFSSL* ssl, byte* in, word32 inSz, byte** out, word32* outSz, RsaKey* key, DerBuffer* keyBufInfo, void* ctx) { @@ -3367,6 +3385,8 @@ int RsaEnc(WOLFSSL* ssl, const byte* in, word32 inSz, byte* out, word32* outSz, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ + #endif /* NO_RSA */ #ifdef HAVE_ECC @@ -3803,6 +3823,8 @@ int Ed25519Verify(WOLFSSL* ssl, const byte* in, word32 inSz, const byte* msg, } #endif /* HAVE_ED25519 */ +#ifndef WOLFSSL_NO_TLS12 + #ifdef HAVE_CURVE25519 #ifdef HAVE_PK_CALLBACKS /* Gets X25519 key for shared secret callback testing @@ -4003,6 +4025,8 @@ int DhAgree(WOLFSSL* ssl, DhKey* dhKey, #endif /* !NO_DH */ #endif /* !NO_CERTS || !NO_PSK */ +#endif /* !WOLFSSL_NO_TLS12 */ + #ifdef HAVE_PK_CALLBACKS int wolfSSL_CTX_IsPrivatePkSet(WOLFSSL_CTX* ctx) @@ -4504,7 +4528,7 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup) #ifndef NO_OLD_TLS ssl->hmac = SSL_hmac; /* default to SSLv3 */ - #else + #elif !defined(WOLFSSL_NO_TLS12) ssl->hmac = TLS_hmac; #endif @@ -5864,6 +5888,8 @@ ProtocolVersion MakeDTLSv1(void) return pv; } +#ifndef WOLFSSL_NO_TLS12 + ProtocolVersion MakeDTLSv1_2(void) { ProtocolVersion pv; @@ -5873,6 +5899,8 @@ ProtocolVersion MakeDTLSv1_2(void) return pv; } +#endif /* !WOLFSSL_NO_TLS12 */ + #endif /* WOLFSSL_DTLS */ @@ -6295,6 +6323,7 @@ static void AddRecordHeader(byte* output, word32 length, byte type, WOLFSSL* ssl } +#if !defined(WOLFSSL_NO_TLS12) || defined(HAVE_SESSION_TICKET) /* add handshake header for message */ static void AddHandShakeHeader(byte* output, word32 length, word32 fragOffset, word32 fragLength, @@ -6325,7 +6354,6 @@ static void AddHandShakeHeader(byte* output, word32 length, #endif } - /* add both headers for handshake message */ static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl) { @@ -6342,8 +6370,10 @@ static void AddHeaders(byte* output, word32 length, byte type, WOLFSSL* ssl) AddRecordHeader(output, length + lengthAdj, handshake, ssl); AddHandShakeHeader(output + outputAdj, length, 0, length, type, ssl); } +#endif /* !WOLFSSL_NO_TLS12 || HAVE_SESSION_TICKET */ +#ifndef WOLFSSL_NO_TLS12 #ifndef NO_CERTS static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset, word32 length, byte type, WOLFSSL* ssl) @@ -6363,6 +6393,7 @@ static void AddFragHeaders(byte* output, word32 fragSz, word32 fragOffset, AddHandShakeHeader(output + outputAdj, length, fragOffset, fragSz, type, ssl); } #endif /* NO_CERTS */ +#endif /* !WOLFSSL_NO_TLS12 */ /* return bytes received, -1 on error */ @@ -6810,7 +6841,7 @@ static int GetRecordHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return 0; } - +#ifndef WOLFSSL_NO_TLS12 static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx, byte *type, word32 *size, word32 totalSz) { @@ -6826,7 +6857,7 @@ static int GetHandShakeHeader(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return 0; } - +#endif #ifdef WOLFSSL_DTLS static int GetDtlsHandShakeHeader(WOLFSSL* ssl, const byte* input, @@ -6985,6 +7016,8 @@ static int BuildSHA(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } #endif +#ifndef WOLFSSL_NO_TLS12 + /* Finished doesn't support SHA512, not SHA512 cipher suites yet */ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) { @@ -7043,6 +7076,7 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) return ret; } +#endif /* WOLFSSL_NO_TLS12 */ /* cipher requirements */ enum { @@ -7063,6 +7097,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) static int CipherRequires(byte first, byte second, int requirement) { + (void)requirement; + +#ifndef WOLFSSL_NO_TLS12 + if (first == CHACHA_BYTE) { switch (second) { @@ -7350,6 +7388,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } /* switch */ } /* if */ +#endif /* !WOLFSSL_NO_TLS12 */ + /* Distinct TLS v1.3 cipher suites with cipher and digest only. */ if (first == TLS13_BYTE) { @@ -7370,6 +7410,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } } +#ifndef WOLFSSL_NO_TLS12 + if (first != ECC_BYTE && first != CHACHA_BYTE && first != TLS13_BYTE) { /* normal suites */ switch (second) { @@ -7586,6 +7628,8 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) } /* switch */ } /* if ECC / Normal suites else */ +#endif /* !WOLFSSL_NO_TLS12 */ + return 0; } @@ -9501,6 +9545,8 @@ exit_ppc: return ret; } +#ifndef WOLFSSL_NO_TLS12 + /* handle processing of certificate (11) */ static int DoCertificate(WOLFSSL* ssl, byte* input, word32* inOutIdx, word32 size) @@ -9736,8 +9782,11 @@ static int DoCertificateStatus(WOLFSSL* ssl, byte* input, word32* inOutIdx, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ + #endif /* !NO_CERTS */ +#ifndef WOLFSSL_NO_TLS12 static int DoHelloRequest(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size, word32 totalSz) @@ -10484,6 +10533,8 @@ static int DoHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ + #ifdef WOLFSSL_DTLS static INLINE int DtlsCheckWindow(WOLFSSL* ssl) @@ -10866,6 +10917,7 @@ static int DoDtlsHandShakeMsg(WOLFSSL* ssl, byte* input, word32* inOutIdx, } #endif +#ifndef WOLFSSL_NO_TLS12 #ifdef HAVE_AEAD static INLINE void AeadIncrementExpIV(WOLFSSL* ssl) @@ -11753,6 +11805,8 @@ static INLINE int Decrypt(WOLFSSL* ssl, byte* plain, const byte* input, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ + /* Check conditions for a cipher to have an explicit IV. * * ssl The SSL/TLS object. @@ -11806,7 +11860,6 @@ static int SanityCheckCipherText(WOLFSSL* ssl, word32 encryptSz) return 0; } - #ifndef NO_OLD_TLS static INLINE void Md5Rounds(int rounds, const byte* data, int sz) @@ -11837,6 +11890,7 @@ static INLINE void ShaRounds(int rounds, const byte* data, int sz) } #endif +#ifndef WOLFSSL_NO_TLS12 #ifndef NO_SHA256 @@ -11894,7 +11948,6 @@ static INLINE void Sha512Rounds(int rounds, const byte* data, int sz) #endif - #ifdef WOLFSSL_RIPEMD static INLINE void RmdRounds(int rounds, const byte* data, int sz) @@ -12062,6 +12115,8 @@ static int TimingPadVerify(WOLFSSL* ssl, const byte* input, int padLen, int t, return ret; } +#endif /* WOLFSSL_NO_TLS12 */ + int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx) { @@ -12273,6 +12328,7 @@ static int GetInputData(WOLFSSL *ssl, word32 size) static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, int content, word32* padSz) { +#ifndef WOLFSSL_NO_TLS12 int ivExtra = 0; int ret; word32 pad = 0; @@ -12285,6 +12341,7 @@ static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, #endif byte verify[WC_MAX_DIGEST_SIZE]; + if (ssl->specs.cipher_type == block) { if (ssl->options.tls1_1) ivExtra = ssl->specs.block_size; @@ -12329,12 +12386,20 @@ static INLINE int VerifyMac(WOLFSSL* ssl, const byte* input, word32 msgSz, return VERIFY_MAC_ERROR; } +#endif /* WOLFSSL_NO_TLS12 */ + if (ssl->specs.cipher_type == aead) { *padSz = ssl->specs.aead_mac_size; } +#ifndef WOLFSSL_NO_TLS12 else { *padSz = digestSz + pad + padByte; } +#endif /* WOLFSSL_NO_TLS12 */ + + (void)input; + (void)msgSz; + (void)content; return 0; } @@ -12553,13 +12618,18 @@ int ProcessReply(WOLFSSL* ssl) } else { if (!ssl->options.tls1_3) { + #ifndef WOLFSSL_NO_TLS12 ret = Decrypt(ssl, in->buffer + in->idx, in->buffer + in->idx, ssl->curSize); + #else + ret = DECRYPT_ERROR; + #endif } - else { - #ifdef WOLFSSL_TLS13 + else + { + #ifdef WOLFSSL_TLS13 #if defined(WOLFSSL_TLS13_DRAFT_18) || \ defined(WOLFSSL_TLS13_DRAFT_22) || \ defined(WOLFSSL_TLS13_DRAFT_23) @@ -12574,9 +12644,9 @@ int ProcessReply(WOLFSSL* ssl) ssl->curSize, (byte*)&ssl->curRL, RECORD_HEADER_SZ); #endif - #else + #else ret = DECRYPT_ERROR; - #endif /* WOLFSSL_TLS13 */ + #endif /* WOLFSSL_TLS13 */ } } @@ -12586,12 +12656,14 @@ int ProcessReply(WOLFSSL* ssl) #endif if (ret >= 0) { + #ifndef WOLFSSL_NO_TLS12 /* handle success */ if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) ssl->buffers.inputBuffer.idx += ssl->specs.block_size; /* go past TLSv1.1 IV */ if (CipherHasExpIV(ssl)) ssl->buffers.inputBuffer.idx += AESGCM_EXP_IV_SZ; + #endif } else { WOLFSSL_MSG("Decrypt failed"); @@ -12712,10 +12784,14 @@ int ProcessReply(WOLFSSL* ssl) #endif } else if (!IsAtLeastTLSv1_3(ssl->version)) { +#ifndef WOLFSSL_NO_TLS12 ret = DoHandShakeMsg(ssl, ssl->buffers.inputBuffer.buffer, &ssl->buffers.inputBuffer.idx, ssl->buffers.inputBuffer.length); +#else + ret = BUFFER_ERROR; +#endif } else { #ifdef WOLFSSL_TLS13 @@ -12780,6 +12856,7 @@ int ProcessReply(WOLFSSL* ssl) #endif #endif +#ifndef WOLFSSL_NO_TLS12 ret = SanityCheckMsgReceived(ssl, change_cipher_hs); if (ret != 0) { if (!ssl->options.dtls) { @@ -12864,6 +12941,7 @@ int ProcessReply(WOLFSSL* ssl) server : client); if (ret != 0) return ret; +#endif /* !WOLFSSL_NO_TLS12 */ break; case application_data: @@ -13298,8 +13376,9 @@ int BuildCertHashes(WOLFSSL* ssl, Hashes* hashes) return ret; } -#endif /* WOLFSSL_LEANPSK */ +#endif /* !NO_CERTS */ +#ifndef WOLFSSL_NO_TLS12 /* Persistable BuildMessage arguments */ typedef struct BuildMsgArgs { word32 digestSz; @@ -13321,11 +13400,13 @@ static void FreeBuildMsgArgs(WOLFSSL* ssl, void* pArgs) /* no allocations in BuildMessage */ } +#endif /* Build SSL Message, encrypted */ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, int inSz, int type, int hashOutput, int sizeOnly, int asyncOkay) { +#ifndef WOLFSSL_NO_TLS12 int ret = 0; BuildMsgArgs* args; BuildMsgArgs lcl_args; @@ -13333,6 +13414,7 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, args = (BuildMsgArgs*)ssl->async.args; typedef char args_test[sizeof(ssl->async.args) >= sizeof(*args) ? 1 : -1]; (void)sizeof(args_test); +#endif #endif WOLFSSL_ENTER("BuildMessage"); @@ -13341,6 +13423,10 @@ int BuildMessage(WOLFSSL* ssl, byte* output, int outSz, const byte* input, return BAD_FUNC_ARG; } +#ifdef WOLFSSL_NO_TLS12 + return BuildTls13Message(ssl, output, outSz, input, inSz, type, + hashOutput, sizeOnly, asyncOkay); +#else #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) { return BuildTls13Message(ssl, output, outSz, input, inSz, type, @@ -13575,8 +13661,10 @@ exit_buildmsg: FreeBuildMsgArgs(ssl, args); return ret; +#endif /* !WOLFSSL_NO_TLS12 */ } +#ifndef WOLFSSL_NO_TLS12 int SendFinished(WOLFSSL* ssl) { @@ -14548,6 +14636,7 @@ int SendCertificateStatus(WOLFSSL* ssl) #endif /* !NO_CERTS */ +#endif /* WOLFSSL_NO_TLS12 */ int SendData(WOLFSSL* ssl, const void* data, int sz) { @@ -15356,6 +15445,8 @@ void SetErrorString(int error, char* str) static const CipherSuiteInfo cipher_names[] = { +#ifndef WOLFSSL_NO_TLS12 + #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA {"RC4-SHA", NAME_IANA("SSL_RSA_WITH_RC4_128_SHA"), CIPHER_BYTE, SSL_RSA_WITH_RC4_128_SHA}, #endif @@ -15800,6 +15891,12 @@ static const CipherSuiteInfo cipher_names[] = {"EDH-RSA-DES-CBC3-SHA", NAME_IANA("TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"), CIPHER_BYTE, TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA}, #endif +#ifdef BUILD_WDM_WITH_NULL_SHA256 + {"WDM-NULL-SHA256", NAME_IANA("WDM_WITH_NULL_SHA256"), CIPHER_BYTE, WDM_WITH_NULL_SHA256}, +#endif + +#endif /* WOLFSSL_NO_TLS12 */ + #ifdef BUILD_TLS_AES_128_GCM_SHA256 {"TLS13-AES128-GCM-SHA256", NAME_IANA("TLS_AES_128_GCM_SHA256"), TLS13_BYTE, TLS_AES_128_GCM_SHA256}, #endif @@ -15819,10 +15916,6 @@ static const CipherSuiteInfo cipher_names[] = #ifdef BUILD_TLS_AES_128_CCM_8_SHA256 {"TLS13-AES128-CCM-8-SHA256", NAME_IANA("TLS_AES_128_CCM_8_SHA256"), TLS13_BYTE, TLS_AES_128_CCM_8_SHA256}, #endif - -#ifdef BUILD_WDM_WITH_NULL_SHA256 - {"WDM-NULL-SHA256", NAME_IANA("WDM_WITH_NULL_SHA256"), CIPHER_BYTE, WDM_WITH_NULL_SHA256}, -#endif }; #undef NAME_IANA @@ -16038,6 +16131,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, ssl->suites->sigAlgo = ssl->buffers.keyType; #endif } +#ifndef WOLFSSL_NO_TLS12 else if (IsAtLeastTLSv1_2(ssl)) { #ifdef WOLFSSL_ALLOW_TLS_SHA1 ssl->suites->hashAlgo = sha_mac; @@ -16048,6 +16142,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, else { ssl->suites->hashAlgo = sha_mac; } +#endif /* i+1 since peek a byte ahead for type */ for (i = 0; (i+1) < hashSigAlgoSz; i += HELLO_EXT_SIGALGO_SZ) { @@ -16288,10 +16383,11 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, #endif /* WOLFSSL_CALLBACKS */ - /* client only parts */ #ifndef NO_WOLFSSL_CLIENT +#ifndef WOLFSSL_NO_TLS12 + /* handle generation of client_hello (1) */ int SendClientHello(WOLFSSL* ssl) { @@ -17006,6 +17102,8 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, return SetCipherSpecs(ssl); } +#endif /* WOLFSSL_NO_TLS12 */ + /* Make sure client setup is valid for this suite, true on success */ int VerifyClientSuite(WOLFSSL* ssl) @@ -17031,6 +17129,7 @@ void PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, return 1; /* success */ } +#ifndef WOLFSSL_NO_TLS12 #ifndef NO_CERTS /* handle processing of certificate_request (13) */ @@ -19609,6 +19708,7 @@ exit_scke: return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ #ifndef NO_CERTS @@ -19791,6 +19891,7 @@ exit_dpk: return ret; } +#ifndef WOLFSSL_NO_TLS12 #ifndef WOLFSSL_NO_CLIENT_AUTH typedef struct ScvArgs { @@ -20260,6 +20361,8 @@ exit_scv: } #endif /* WOLFSSL_NO_CLIENT_AUTH */ +#endif /* WOLFSSL_NO_TLS12 */ + #endif /* NO_CERTS */ @@ -20300,6 +20403,8 @@ int SetTicket(WOLFSSL* ssl, const byte* ticket, word32 length) return 0; } +#ifndef WOLFSSL_NO_TLS12 + /* handle processing of session_ticket (4) */ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word32 size) @@ -20347,12 +20452,17 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return 0; } + +#endif /* !WOLFSSL_NO_TLS12 */ + #endif /* HAVE_SESSION_TICKET */ #endif /* NO_WOLFSSL_CLIENT */ #ifndef NO_WOLFSSL_SERVER +#ifndef WOLFSSL_NO_TLS12 + /* handle generation of server_hello (2) */ int SendServerHello(WOLFSSL* ssl) { @@ -22133,6 +22243,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif +#endif /* !WOLFSSL_NO_TLS12 */ + /* Make sure server cert/key are valid for this suite, true on success */ static int VerifyServerSuite(WOLFSSL* ssl, word16 idx) { @@ -22528,6 +22640,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* OLD_HELLO_ALLOWED */ +#ifndef WOLFSSL_NO_TLS12 + int HandleTlsResumption(WOLFSSL* ssl, int bogusID, Suites* clSuites) { int ret = 0; @@ -23509,6 +23623,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ #ifdef HAVE_SESSION_TICKET @@ -23807,6 +23922,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, #endif /* HAVE_SESSION_TICKET */ +#ifndef WOLFSSL_NO_TLS12 #ifdef WOLFSSL_DTLS /* handle generation of DTLS hello_verify_request (3) */ @@ -24956,6 +25072,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ #if defined(OPENSSL_ALL) || defined(HAVE_STUNNEL) || defined(WOLFSSL_NGINX) || \ defined(WOLFSSL_HAPROXY) diff --git a/src/keys.c b/src/keys.c index 3418da2a1..d4211a382 100644 --- a/src/keys.c +++ b/src/keys.c @@ -2125,7 +2125,9 @@ int SetCipherSpecs(WOLFSSL* ssl) if (ssl->version.major == 3 && ssl->version.minor >= 1) { #ifndef NO_TLS ssl->options.tls = 1; + #ifndef WOLFSSL_NO_TLS12 ssl->hmac = TLS_hmac; + #endif if (ssl->version.minor >= 2) { ssl->options.tls1_1 = 1; if (ssl->version.minor >= 4) @@ -3440,14 +3442,14 @@ int MakeMasterSecret(WOLFSSL* ssl) } #endif -#ifdef NO_OLD_TLS - return MakeTlsMasterSecret(ssl); -#elif !defined(NO_TLS) - if (ssl->options.tls) return MakeTlsMasterSecret(ssl); -#endif - #ifndef NO_OLD_TLS + if (ssl->options.tls) return MakeTlsMasterSecret(ssl); return MakeSslMasterSecret(ssl); +#elif !defined(WOLFSSL_NO_TLS12) + return MakeTlsMasterSecret(ssl); +#else + (void)ssl; + return 0; #endif } diff --git a/src/ssl.c b/src/ssl.c index 5c7ba8b8f..3bebd01d6 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -564,11 +564,16 @@ int NotifyWriteSide(WOLFSSL* ssl, int err) /* set if to use old poly 1 for yes 0 to use new poly */ int wolfSSL_use_old_poly(WOLFSSL* ssl, int value) { + (void)ssl; + (void)value; + +#ifndef WOLFSSL_NO_TLS12 WOLFSSL_ENTER("SSL_use_old_poly"); WOLFSSL_MSG("Warning SSL connection auto detects old/new and this function" "is depriciated"); ssl->options.oldPoly = (word16)value; WOLFSSL_LEAVE("SSL_use_old_poly", 0); +#endif return 0; } #endif @@ -3455,10 +3460,17 @@ static int SetMinVersionHelper(byte* minVersion, int version) *minVersion = TLSv1_1_MINOR; break; #endif + #ifndef WOLFSSL_NO_TLS12 case WOLFSSL_TLSV1_2: *minVersion = TLSv1_2_MINOR; break; + #endif #endif + #ifdef WOLFSSL_TLS13 + case WOLFSSL_TLSV1_3: + *minVersion = TLSv1_3_MINOR; + break; + #endif default: WOLFSSL_MSG("Bad function argument"); @@ -3555,9 +3567,11 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version) ssl->version = MakeTLSv1_1(); break; #endif + #ifndef WOLFSSL_NO_TLS12 case WOLFSSL_TLSV1_2: ssl->version = MakeTLSv1_2(); break; + #endif #endif #ifdef WOLFSSL_TLS13 case WOLFSSL_TLSV1_3: @@ -5021,14 +5035,18 @@ static INLINE WOLFSSL_METHOD* cm_pick_method(void) #ifndef NO_WOLFSSL_CLIENT #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) return wolfSSLv3_client_method(); - #else + #elif !defined(WOLFSSL_NO_TLS12) return wolfTLSv1_2_client_method(); + #elif defined(WOLFSSL_TLS13) + return wolfTLSv1_3_client_method(); #endif #elif !defined(NO_WOLFSSL_SERVER) #if defined(WOLFSSL_ALLOW_SSLV3) && !defined(NO_OLD_TLS) return wolfSSLv3_server_method(); - #else + #elif !defined(WOLFSSL_NO_TLS12) return wolfTLSv1_2_server_method(); + #elif defined(WOLFSSL_TLS13) + return wolfTLSv1_3_server_method(); #endif #else return NULL; @@ -8518,7 +8536,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, /* please see note at top of README if you get an error from connect */ int wolfSSL_connect(WOLFSSL* ssl) { + #ifndef WOLFSSL_NO_TLS12 int neededState; + #endif WOLFSSL_ENTER("SSL_connect()"); @@ -8540,6 +8560,9 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, return WOLFSSL_FATAL_ERROR; } + #ifdef WOLFSSL_NO_TLS12 + return wolfSSL_connect_TLSv13(ssl); + #else #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) return wolfSSL_connect_TLSv13(ssl); @@ -8789,6 +8812,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, WOLFSSL_MSG("Unknown connect state ERROR"); return WOLFSSL_FATAL_ERROR; /* unknown connect state */ } + #endif /* !WOLFSSL_NO_TLS12 */ } #endif /* NO_WOLFSSL_CLIENT */ @@ -8874,14 +8898,19 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, int wolfSSL_accept(WOLFSSL* ssl) { +#ifndef WOLFSSL_NO_TLS12 word16 havePSK = 0; word16 haveAnon = 0; word16 haveMcast = 0; +#endif -#ifdef WOLFSSL_TLS13 +#ifdef WOLFSSL_NO_TLS12 + return wolfSSL_accept_TLSv13(ssl); +#else + #ifdef WOLFSSL_TLS13 if (ssl->options.tls1_3) return wolfSSL_accept_TLSv13(ssl); -#endif + #endif WOLFSSL_ENTER("SSL_accept()"); #ifdef HAVE_ERRNO_H @@ -9160,6 +9189,7 @@ int wolfSSL_DTLS_SetCookieSecret(WOLFSSL* ssl, WOLFSSL_MSG("Unknown accept state ERROR"); return WOLFSSL_FATAL_ERROR; } +#endif /* !WOLFSSL_NO_TLS12 */ } #endif /* NO_WOLFSSL_SERVER */ @@ -15247,7 +15277,22 @@ const char* wolfSSL_get_version(WOLFSSL* ssl) return "TLSv1.2"; #ifdef WOLFSSL_TLS13 case TLSv1_3_MINOR : + /* TODO: [TLS13] Remove draft versions. */ + #ifndef WOLFSSL_TLS13_FINAL + #ifdef WOLFSSL_TLS13_DRAFT_18 + return "TLSv1.3 (Draft 18)"; + #elif defined(WOLFSSL_TLS13_DRAFT_22) + return "TLSv1.3 (Draft 22)"; + #elif defined(WOLFSSL_TLS13_DRAFT_23) + return "TLSv1.3 (Draft 23)"; + #elif defined(WOLFSSL_TLS13_DRAFT_26) + return "TLSv1.3 (Draft 26)"; + #else + return "TLSv1.3 (Draft 28)"; + #endif + #else return "TLSv1.3"; + #endif #endif default: return "unknown"; diff --git a/src/tls.c b/src/tls.c index 3364c53c2..df8ac64f5 100755 --- a/src/tls.c +++ b/src/tls.c @@ -99,13 +99,14 @@ static int TLSX_PopulateSupportedGroups(WOLFSSL* ssl, TLSX** extensions); #endif +#ifndef WOLFSSL_NO_TLS12 + #ifdef WOLFSSL_SHA384 #define P_HASH_MAX_SIZE WC_SHA384_DIGEST_SIZE #else #define P_HASH_MAX_SIZE WC_SHA256_DIGEST_SIZE #endif - /* compute p_hash for MD5, SHA-1, SHA-256, or SHA-384 for TLSv1 PRF */ static int p_hash(byte* result, word32 resLen, const byte* secret, word32 secLen, const byte* seed, word32 seedLen, int hash, @@ -233,6 +234,8 @@ static int p_hash(byte* result, word32 resLen, const byte* secret, #undef P_HASH_MAX_SIZE +#endif /* !WOLFSSL_NO_TLS12 */ + #ifndef NO_OLD_TLS @@ -325,6 +328,8 @@ static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen, #endif +#ifndef WOLFSSL_NO_TLS12 + /* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack use */ static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, @@ -452,6 +457,7 @@ int BuildTlsFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ #ifndef NO_OLD_TLS @@ -479,6 +485,8 @@ ProtocolVersion MakeTLSv1_1(void) #endif /* !NO_OLD_TLS */ +#ifndef WOLFSSL_NO_TLS12 + ProtocolVersion MakeTLSv1_2(void) { ProtocolVersion pv; @@ -488,6 +496,8 @@ ProtocolVersion MakeTLSv1_2(void) return pv; } +#endif /* !WOLFSSL_NO_TLS12 */ + #ifdef WOLFSSL_TLS13 /* The TLS v1.3 protocol version. * @@ -503,6 +513,7 @@ ProtocolVersion MakeTLSv1_3(void) } #endif +#ifndef WOLFSSL_NO_TLS12 #ifdef HAVE_EXTENDED_MASTER static const byte ext_master_label[EXT_MASTER_LABEL_SZ + 1] = @@ -877,6 +888,8 @@ int TLS_hmac(WOLFSSL* ssl, byte* digest, const byte* in, word32 sz, return ret; } +#endif /* !WOLFSSL_NO_TLS12 */ + #ifdef HAVE_TLS_EXTENSIONS /** @@ -9464,6 +9477,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, #endif /* !NO_OLD_TLS */ +#ifndef WOLFSSL_NO_TLS12 WOLFSSL_METHOD* wolfTLSv1_2_client_method(void) { @@ -9481,6 +9495,8 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, return method; } +#endif /* WOLFSSL_NO_TLS12 */ + #ifdef WOLFSSL_TLS13 /* The TLS v1.3 client method data. * @@ -9586,6 +9602,7 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, } #endif /* !NO_OLD_TLS */ +#ifndef WOLFSSL_NO_TLS12 WOLFSSL_METHOD* wolfTLSv1_2_server_method(void) { @@ -9605,6 +9622,8 @@ int TLSX_Parse(WOLFSSL* ssl, byte* input, word16 length, byte msgType, return method; } +#endif /* !WOLFSSL_NO_TLS12 */ + #ifdef WOLFSSL_TLS13 /* The TLS v1.3 server method data. * diff --git a/src/tls13.c b/src/tls13.c index ce444ea47..694298bb6 100755 --- a/src/tls13.c +++ b/src/tls13.c @@ -2376,11 +2376,18 @@ int SendTls13ClientHello(WOLFSSL* ssl) if (ssl->options.resuming && (ssl->session.version.major != ssl->version.major || ssl->session.version.minor != ssl->version.minor)) { - /* Cannot resume with a different protocol version - new handshake. */ - ssl->options.resuming = 0; - ssl->version.major = ssl->session.version.major; - ssl->version.minor = ssl->session.version.minor; - return SendClientHello(ssl); + #ifndef WOLFSSL_NO_TLS12 + if (ssl->session.version.major == ssl->version.major && + ssl->session.version.minor < ssl->version.minor) { + /* Cannot resume with a different protocol version. */ + ssl->options.resuming = 0; + ssl->version.major = ssl->session.version.major; + ssl->version.minor = ssl->session.version.minor; + return SendClientHello(ssl); + } + else + #endif + return VERSION_ERROR; } #endif @@ -2774,15 +2781,18 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (ret != 0) return ret; if (!IsAtLeastTLSv1_3(pv) && pv.major != TLS_DRAFT_MAJOR) { +#ifndef WOLFSSL_NO_TLS12 if (ssl->options.downgrade) { ssl->version = pv; return DoServerHello(ssl, input, inOutIdx, helloSz); } +#endif - WOLFSSL_MSG("CLient using higher version, fatal error"); + WOLFSSL_MSG("Client using higher version, fatal error"); return VERSION_ERROR; } #else +#ifndef WOLFSSL_NO_TLS12 if (pv.major == ssl->version.major && pv.minor < TLSv1_2_MINOR && ssl->options.downgrade) { /* Force client hello version 1.2 to work for static RSA. */ @@ -2790,6 +2800,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->version.minor = TLSv1_2_MINOR; return DoServerHello(ssl, input, inOutIdx, helloSz); } +#endif if (pv.major != ssl->version.major || pv.minor != TLSv1_2_MINOR) return VERSION_ERROR; #endif @@ -2848,7 +2859,9 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if ((i - begin) + OPAQUE16_LEN > helloSz) { if (!ssl->options.downgrade) return BUFFER_ERROR; +#ifndef WOLFSSL_NO_TLS12 ssl->version.minor = TLSv1_2_MINOR; +#endif ssl->options.haveEMS = 0; } if ((i - begin) < helloSz) @@ -2891,6 +2904,7 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, * Only now do we know how to deal with session id. */ if (!IsAtLeastTLSv1_3(ssl->version)) { +#ifndef WOLFSSL_NO_TLS12 ssl->arrays->sessionIDSz = sessIdSz; if (ssl->arrays->sessionIDSz > ID_LEN) { @@ -2907,6 +2921,10 @@ int DoTls13ServerHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ssl->chVersion.minor = TLSv1_2_MINOR; /* Complete TLS v1.2 processing of ServerHello. */ ret = CompleteServerHello(ssl); +#else + WOLFSSL_MSG("Client using higher version, fatal error"); + ret = VERSION_ERROR; +#endif WOLFSSL_LEAVE("DoTls13ServerHello", ret); @@ -3744,7 +3762,9 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, word16 totalExtSz = 0; int usingPSK = 0; byte sessIdSz; +#ifndef WOLFSSL_NO_TLS12 int bogusID = 0; +#endif WOLFSSL_START(WC_FUNC_CLIENT_HELLO_DO); WOLFSSL_ENTER("DoTls13ClientHello"); @@ -3766,8 +3786,10 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, if (pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_3_MINOR) pv.minor = TLSv1_2_MINOR; +#ifndef WOLFSSL_NO_TLS12 if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor < TLSv1_3_MINOR) return DoClientHello(ssl, input, inOutIdx, helloSz); +#endif #ifdef HAVE_SESSION_TICKET if (ssl->options.downgrade) { @@ -3802,9 +3824,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, XMEMCPY(ssl->session.sessionID, input + i, sessIdSz); i += ID_LEN; } -#ifdef HAVE_SESSION_TICKET - if (sessIdSz > 0 && sessIdSz < ID_LEN) - bogusID = 1; +#ifndef WOLFSSL_NO_TLS12 + #ifdef HAVE_SESSION_TICKET + if (sessIdSz > 0 && sessIdSz < ID_LEN) + bogusID = 1; + #endif #endif /* Cipher suites */ @@ -3919,6 +3943,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return ret; #endif } +#ifndef WOLFSSL_NO_TLS12 else if (ssl->options.resuming) { ret = HandleTlsResumption(ssl, bogusID, &clSuites); if (ret != 0) @@ -3931,6 +3956,12 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, return ret; } } +#else + else { + WOLFSSL_MSG("Negotiated lesser version than TLS v1.3"); + return VERSION_ERROR; + } +#endif if (!usingPSK) { if ((ret = MatchSuite(ssl, &clSuites)) < 0) { @@ -3941,6 +3972,7 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, /* Check that the negotiated ciphersuite matches protocol version. */ if (IsAtLeastTLSv1_3(ssl->version)) { if (ssl->options.cipherSuite0 != TLS13_BYTE) { +#ifndef WOLFSSL_NO_TLS12 TLSX* ext; if (!ssl->options.downgrade) { @@ -3960,6 +3992,11 @@ int DoTls13ClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx, ext = TLSX_Find(ssl->extensions, TLSX_SUPPORTED_VERSIONS); if (ext != NULL) ext->resp = 0; +#else + WOLFSSL_MSG("Negotiated ciphersuite from lesser version than " + "TLS v1.3"); + return VERSION_ERROR; +#endif } } /* VerifyServerSuite handles when version is less than 1.3 */ @@ -7360,8 +7397,10 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) return WOLFSSL_SUCCESS; if (!ssl->options.tls1_3) { + #ifndef WOLFSSL_NO_TLS12 if (ssl->options.downgrade) return wolfSSL_connect(ssl); + #endif WOLFSSL_MSG("Client using higher version, fatal error"); return VERSION_ERROR; @@ -7462,9 +7501,14 @@ int wolfSSL_connect_TLSv13(WOLFSSL* ssl) FALL_THROUGH; case FIRST_REPLY_THIRD: - if ((ssl->error = SendTls13Finished(ssl)) != 0) { - WOLFSSL_ERROR(ssl->error); - return WOLFSSL_FATAL_ERROR; + #if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) + if (!ssl->options.sendVerify || !ssl->options.postHandshakeAuth) + #endif + { + if ((ssl->error = SendTls13Finished(ssl)) != 0) { + WOLFSSL_ERROR(ssl->error); + return WOLFSSL_FATAL_ERROR; + } } WOLFSSL_MSG("sent: finished"); diff --git a/tests/api.c b/tests/api.c index 123e18396..48a1ee885 100644 --- a/tests/api.c +++ b/tests/api.c @@ -462,11 +462,26 @@ static void test_wolfSSL_Method_Allocators(void) TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_server_method); TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_1_client_method); #endif +#ifndef WOLFSSL_NO_TLS12 + #ifndef NO_WOLFSSL_SERVER + TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method); + #endif + #ifndef NO_WOLFSSL_CLIENT + TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method); + #endif +#endif +#ifdef WOLFSSL_TLS13 + #ifndef NO_WOLFSSL_SERVER + TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_server_method); + #endif + #ifndef NO_WOLFSSL_CLIENT + TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_3_client_method); + #endif +#endif #ifndef NO_WOLFSSL_SERVER - TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_server_method); + TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_server_method); #endif #ifndef NO_WOLFSSL_CLIENT - TEST_VALID_METHOD_ALLOCATOR(wolfTLSv1_2_client_method); TEST_VALID_METHOD_ALLOCATOR(wolfSSLv23_client_method); #endif #ifdef WOLFSSL_DTLS @@ -898,12 +913,18 @@ static int test_wolfSSL_SetMinVersion(void) #ifndef NO_OLD_TLS const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1, WOLFSSL_TLSV1_2}; - #else + #elif !defined(WOLFSSL_NO_TLS12) const int versions[] = { WOLFSSL_TLSV1_2 }; + #else + const int versions[] = { WOLFSSL_TLSV1_3 }; #endif AssertTrue(wolfSSL_Init()); - ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + #ifndef WOLFSSL_NO_TLS12 + ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + #else + ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); + #endif ssl = wolfSSL_new(ctx); printf(testingFmt, "wolfSSL_SetMinVersion()"); @@ -2945,7 +2966,11 @@ static void test_wolfSSL_PKCS8(void) /* Note that wolfSSL_Init() or wolfCrypt_Init() has been called before these * function calls */ +#ifndef WOLFSSL_NO_TLS12 AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method())); +#else + AssertNotNull(ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method())); +#endif wolfSSL_CTX_set_default_passwd_cb(ctx, &PKCS8TestCallBack); wolfSSL_CTX_set_default_passwd_cb_userdata(ctx, (void*)&flag); AssertIntEQ(wolfSSL_CTX_use_PrivateKey_buffer(ctx, buffer, bytes, @@ -3032,14 +3057,20 @@ static int test_wolfSSL_CTX_SetMinVersion(void) #ifndef NO_OLD_TLS const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1, WOLFSSL_TLSV1_2 }; - #else + #elif !defined(WOLFSSL_NO_TLS12) const int versions[] = { WOLFSSL_TLSV1_2 }; + #elif defined(WOLFSSL_TLS13) + const int versions[] = { WOLFSSL_TLSV1_3 }; #endif failFlag = WOLFSSL_SUCCESS; AssertTrue(wolfSSL_Init()); +#ifndef WOLFSSL_NO_TLS12 ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); +#else + ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); +#endif printf(testingFmt, "wolfSSL_CTX_SetMinVersion()"); @@ -3078,7 +3109,11 @@ static int test_wolfSSL_UseOCSPStapling(void) WOLFSSL* ssl; wolfSSL_Init(); + #ifndef WOLFSSL_NO_TLS12 ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + #else + ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); + #endif ssl = wolfSSL_new(ctx); printf(testingFmt, "wolfSSL_UseOCSPStapling()"); @@ -3118,7 +3153,11 @@ static int test_wolfSSL_UseOCSPStaplingV2 (void) WOLFSSL* ssl; wolfSSL_Init(); + #ifndef WOLFSSL_NO_TLS12 ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + #else + ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); + #endif ssl = wolfSSL_new(ctx); printf(testingFmt, "wolfSSL_UseOCSPStaplingV2()"); @@ -15513,7 +15552,11 @@ static void test_wolfSSL_PEM_PrivateKey(void) SSL_CTX* ctx; char passwd[] = "bad password"; + #ifndef WOLFSSL_NO_TLS12 AssertNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method())); + #else + AssertNotNull(ctx = SSL_CTX_new(TLSv1_3_server_method())); + #endif AssertNotNull(bio = BIO_new_file("./certs/server-keyEnc.pem", "rb")); SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); @@ -15550,7 +15593,11 @@ static void test_wolfSSL_PEM_PrivateKey(void) XFILE f; SSL_CTX* ctx; + #ifndef WOLFSSL_NO_TLS12 AssertNotNull(ctx = SSL_CTX_new(TLSv1_2_server_method())); + #else + AssertNotNull(ctx = SSL_CTX_new(TLSv1_3_server_method())); + #endif AssertNotNull(f = XFOPEN("./certs/ecc-key.der", "rb")); bytes = XFREAD(buf, 1, sizeof(buf), f); @@ -15852,7 +15899,8 @@ static void test_wolfSSL_ERR_peek_last_error_line(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \ - !defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES) + !defined(NO_OLD_TLS) && !defined(WOLFSSL_NO_TLS12) && \ + defined(HAVE_IO_TESTS_DEPENDENCIES) tcp_ready ready; func_args client_args; func_args server_args; @@ -16381,7 +16429,7 @@ static void msg_cb(int write_p, int version, int content_type, #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \ - !defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES) + defined(HAVE_IO_TESTS_DEPENDENCIES) #ifndef SINGLE_THREADED static int msgCb(SSL_CTX *ctx, SSL *ssl) { @@ -16401,7 +16449,7 @@ static void test_wolfSSL_msgCb(void) { #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && \ !defined(NO_FILESYSTEM) && defined(DEBUG_WOLFSSL) && \ - !defined(NO_OLD_TLS) && defined(HAVE_IO_TESTS_DEPENDENCIES) + defined(HAVE_IO_TESTS_DEPENDENCIES) tcp_ready ready; func_args client_args; @@ -16426,8 +16474,13 @@ static void test_wolfSSL_msgCb(void) XMEMSET(&client_cb, 0, sizeof(callback_functions)); XMEMSET(&server_cb, 0, sizeof(callback_functions)); +#ifndef WOLFSSL_NO_TLS12 client_cb.method = wolfTLSv1_2_client_method; server_cb.method = wolfTLSv1_2_server_method; +#else + client_cb.method = wolfTLSv1_3_client_method; + server_cb.method = wolfTLSv1_3_server_method; +#endif server_args.signal = &ready; server_args.callbacks = &server_cb; @@ -18403,10 +18456,12 @@ static char earlyDataBuffer[1]; static int test_tls13_apis(void) { int ret = 0; +#ifndef WOLFSSL_NO_TLS12 WOLFSSL_CTX* clientTls12Ctx; WOLFSSL* clientTls12Ssl; WOLFSSL_CTX* serverTls12Ctx; WOLFSSL* serverTls12Ssl; +#endif WOLFSSL_CTX* clientCtx; WOLFSSL* clientSsl; WOLFSSL_CTX* serverCtx; @@ -18421,6 +18476,7 @@ static int test_tls13_apis(void) int groups[1] = { WOLFSSL_ECC_X25519 }; int numGroups = 1; +#ifndef WOLFSSL_NO_TLS12 clientTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); clientTls12Ssl = wolfSSL_new(clientTls12Ctx); serverTls12Ctx = wolfSSL_CTX_new(wolfTLSv1_2_server_method()); @@ -18429,6 +18485,7 @@ static int test_tls13_apis(void) wolfSSL_CTX_use_PrivateKey_file(serverTls12Ctx, ourKey, WOLFSSL_FILETYPE_PEM); #endif serverTls12Ssl = wolfSSL_new(serverTls12Ctx); +#endif clientCtx = wolfSSL_CTX_new(wolfTLSv1_3_client_method()); clientSsl = wolfSSL_new(clientCtx); @@ -18442,7 +18499,9 @@ static int test_tls13_apis(void) #ifdef WOLFSSL_SEND_HRR_COOKIE AssertIntEQ(wolfSSL_send_hrr_cookie(NULL, NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_send_hrr_cookie(clientSsl, NULL, 0), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_send_hrr_cookie(serverTls12Ssl, NULL, 0), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, NULL, 0), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_send_hrr_cookie(serverSsl, fixedKey, sizeof(fixedKey)), @@ -18453,88 +18512,116 @@ static int test_tls13_apis(void) AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_SECP256R1), WOLFSSL_SUCCESS); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1), WOLFSSL_SUCCESS); +#endif AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1), WOLFSSL_SUCCESS); #elif defined(HAVE_CURVE25519) AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_X25519), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_UseKeyShare(serverSsl, WOLFSSL_ECC_X25519), WOLFSSL_SUCCESS); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_X25519), WOLFSSL_SUCCESS); +#endif AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_X25519), WOLFSSL_SUCCESS); #else AssertIntEQ(wolfSSL_UseKeyShare(NULL, WOLFSSL_ECC_SECP256R1), BAD_FUNC_ARG); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_UseKeyShare(clientTls12Ssl, WOLFSSL_ECC_SECP256R1), NOT_COMPILED_IN); +#endif AssertIntEQ(wolfSSL_UseKeyShare(clientSsl, WOLFSSL_ECC_SECP256R1), NOT_COMPILED_IN); #endif AssertIntEQ(wolfSSL_NoKeyShares(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_NoKeyShares(serverSsl), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_NoKeyShares(clientTls12Ssl), WOLFSSL_SUCCESS); +#endif AssertIntEQ(wolfSSL_NoKeyShares(clientSsl), WOLFSSL_SUCCESS); AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(clientCtx), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverTls12Ctx), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_CTX_no_ticket_TLSv13(serverCtx), 0); AssertIntEQ(wolfSSL_no_ticket_TLSv13(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_no_ticket_TLSv13(clientSsl), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverTls12Ssl), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_no_ticket_TLSv13(serverSsl), 0); AssertIntEQ(wolfSSL_CTX_no_dhe_psk(NULL), BAD_FUNC_ARG); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientTls12Ctx), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_CTX_no_dhe_psk(serverCtx), 0); AssertIntEQ(wolfSSL_CTX_no_dhe_psk(clientCtx), 0); AssertIntEQ(wolfSSL_no_dhe_psk(NULL), BAD_FUNC_ARG); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_no_dhe_psk(clientTls12Ssl), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_no_dhe_psk(serverSsl), 0); AssertIntEQ(wolfSSL_no_dhe_psk(clientSsl), 0); AssertIntEQ(wolfSSL_update_keys(NULL), BAD_FUNC_ARG); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_update_keys(clientTls12Ssl), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_update_keys(serverSsl), BUILD_MSG_ERROR); AssertIntEQ(wolfSSL_update_keys(clientSsl), BUILD_MSG_ERROR); #if !defined(NO_CERTS) && defined(WOLFSSL_POST_HANDSHAKE_AUTH) AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(serverCtx), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientTls12Ctx), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_CTX_allow_post_handshake_auth(clientCtx), 0); AssertIntEQ(wolfSSL_allow_post_handshake_auth(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_allow_post_handshake_auth(serverSsl), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientTls12Ssl), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_allow_post_handshake_auth(clientSsl), 0); AssertIntEQ(wolfSSL_request_certificate(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_request_certificate(clientSsl), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_request_certificate(serverTls12Ssl), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_request_certificate(serverSsl), NOT_READY_ERROR); #endif #ifndef WOLFSSL_NO_SERVER_GROUPS_EXT AssertIntEQ(wolfSSL_preferred_group(NULL), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_preferred_group(serverSsl), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_preferred_group(clientTls12Ssl), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_preferred_group(clientSsl), NOT_READY_ERROR); #endif AssertIntEQ(wolfSSL_CTX_set_groups(NULL, NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_CTX_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_CTX_set_groups(clientTls12Ctx, groups, numGroups), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_CTX_set_groups(clientCtx, groups, WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG); @@ -18546,8 +18633,10 @@ static int test_tls13_apis(void) AssertIntEQ(wolfSSL_set_groups(NULL, NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_set_groups(clientSsl, NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_set_groups(NULL, groups, numGroups), BAD_FUNC_ARG); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_set_groups(clientTls12Ssl, groups, numGroups), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_set_groups(clientSsl, groups, WOLFSSL_MAX_GROUP_COUNT + 1), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_set_groups(clientSsl, groups, numGroups), @@ -18558,13 +18647,17 @@ static int test_tls13_apis(void) #ifdef WOLFSSL_EARLY_DATA AssertIntEQ(wolfSSL_CTX_set_max_early_data(NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_CTX_set_max_early_data(clientCtx, 0), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverTls12Ctx, 0), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_CTX_set_max_early_data(serverCtx, 0), 0); AssertIntEQ(wolfSSL_set_max_early_data(NULL, 0), BAD_FUNC_ARG); AssertIntEQ(wolfSSL_set_max_early_data(clientSsl, 0), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_set_max_early_data(serverTls12Ssl, 0), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_set_max_early_data(serverSsl, 0), 0); AssertIntEQ(wolfSSL_write_early_data(NULL, earlyData, sizeof(earlyData), @@ -18579,9 +18672,11 @@ static int test_tls13_apis(void) AssertIntEQ(wolfSSL_write_early_data(serverSsl, earlyData, sizeof(earlyData), &outSz), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_write_early_data(clientTls12Ssl, earlyData, sizeof(earlyData), &outSz), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_write_early_data(clientSsl, earlyData, sizeof(earlyData), &outSz), WOLFSSL_FATAL_ERROR); @@ -18600,9 +18695,11 @@ static int test_tls13_apis(void) AssertIntEQ(wolfSSL_read_early_data(clientSsl, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), SIDE_ERROR); +#ifndef WOLFSSL_NO_TLS12 AssertIntEQ(wolfSSL_read_early_data(serverTls12Ssl, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), BAD_FUNC_ARG); +#endif AssertIntEQ(wolfSSL_read_early_data(serverSsl, earlyDataBuffer, sizeof(earlyDataBuffer), &outSz), WOLFSSL_FATAL_ERROR); @@ -18613,10 +18710,12 @@ static int test_tls13_apis(void) wolfSSL_free(clientSsl); wolfSSL_CTX_free(clientCtx); +#ifndef WOLFSSL_NO_TLS12 wolfSSL_free(serverTls12Ssl); wolfSSL_CTX_free(serverTls12Ctx); wolfSSL_free(clientTls12Ssl); wolfSSL_CTX_free(clientTls12Ctx); +#endif return ret; } @@ -18744,12 +18843,20 @@ static void test_DhCallbacks(void) /* set callbacks to use DH functions */ func_cb_client.ctx_ready = &test_dh_ctx_setup; func_cb_client.ssl_ready = &test_dh_ssl_setup; +#ifndef WOLFSSL_NO_TLS12 func_cb_client.method = wolfTLSv1_2_client_method; +#else + func_cb_client.method = wolfTLSv1_3_client_method; +#endif client_args.callbacks = &func_cb_client; func_cb_server.ctx_ready = &test_dh_ctx_setup; func_cb_server.ssl_ready = &test_dh_ssl_setup; +#ifndef WOLFSSL_NO_TLS12 func_cb_server.method = wolfTLSv1_2_server_method; +#else + func_cb_server.method = wolfTLSv1_3_server_method; +#endif server_args.callbacks = &func_cb_server; start_thread(test_server_nofail, &server_args, &serverThread); @@ -18791,12 +18898,20 @@ static void test_DhCallbacks(void) /* set callbacks to use DH functions */ func_cb_client.ctx_ready = &test_dh_ctx_setup; func_cb_client.ssl_ready = &test_dh_ssl_setup_fail; +#ifndef WOLFSSL_NO_TLS12 func_cb_client.method = wolfTLSv1_2_client_method; +#else + func_cb_client.method = wolfTLSv1_3_client_method; +#endif client_args.callbacks = &func_cb_client; func_cb_server.ctx_ready = &test_dh_ctx_setup; func_cb_server.ssl_ready = &test_dh_ssl_setup_fail; +#ifndef WOLFSSL_NO_TLS12 func_cb_server.method = wolfTLSv1_2_server_method; +#else + func_cb_server.method = wolfTLSv1_3_server_method; +#endif server_args.callbacks = &func_cb_server; start_thread(test_server_nofail, &server_args, &serverThread); diff --git a/tests/include.am b/tests/include.am index 91100e49a..9c7aa09ca 100644 --- a/tests/include.am +++ b/tests/include.am @@ -21,8 +21,11 @@ endif EXTRA_DIST += tests/unit.h EXTRA_DIST += tests/test.conf \ tests/test-tls13.conf \ + tests/test-tls13-down.conf \ tests/test-tls13-ecc.conf \ + tests/test-tls13-psk.conf \ tests/test-qsh.conf \ + tests/test-psk.conf \ tests/test-psk-no-id.conf \ tests/test-dtls.conf \ tests/test-sctp.conf \ diff --git a/tests/suites.c b/tests/suites.c index f6ef5b06b..bf25430e8 100644 --- a/tests/suites.c +++ b/tests/suites.c @@ -576,7 +576,7 @@ int SuiteTest(void) (void)test_harness; - cipherSuiteCtx = wolfSSL_CTX_new(wolfTLSv1_2_client_method()); + cipherSuiteCtx = wolfSSL_CTX_new(wolfSSLv23_client_method()); if (cipherSuiteCtx == NULL) { printf("can't get cipher suite ctx\n"); exit(EXIT_FAILURE); @@ -634,6 +634,16 @@ int SuiteTest(void) exit(EXIT_FAILURE); } #endif + #ifndef WOLFSSL_NO_TLS12 + /* add TLSv13 downgrade tets */ + strcpy(argv0[1], "tests/test-tls13-down.conf"); + printf("starting TLSv13 Downgrade extra tests\n"); + test_harness(&args); + if (args.return_code != 0) { + printf("error from script %d\n", args.return_code); + exit(EXIT_FAILURE); + } + #endif #endif #if defined(HAVE_CURVE25519) && defined(HAVE_ED25519) /* add ED25519 certificate cipher suite tests */ @@ -692,15 +702,28 @@ int SuiteTest(void) } #endif #ifndef NO_PSK - /* add psk extra suites */ - strcpy(argv0[1], "tests/test-psk-no-id.conf"); - printf("starting psk no identity extra cipher suite tests\n"); + #ifndef WOLFSSL_NO_TLS12 + /* add psk cipher suites */ + strcpy(argv0[1], "tests/test-psk.conf"); + printf("starting psk cipher suite tests\n"); test_harness(&args); if (args.return_code != 0) { printf("error from script %d\n", args.return_code); args.return_code = EXIT_FAILURE; goto exit; } + #endif + #ifdef WOLFSSL_TLS13 + /* add psk extra suites */ + strcpy(argv0[1], "tests/test-tls13-psk.conf"); + printf("starting TLS 1.3 psk no identity extra cipher suite tests\n"); + test_harness(&args); + if (args.return_code != 0) { + printf("error from script %d\n", args.return_code); + args.return_code = EXIT_FAILURE; + goto exit; + } + #endif #endif #if defined(WOLFSSL_ENCRYPTED_KEYS) && !defined(NO_DES3) /* test encrypted keys */ diff --git a/tests/test-psk.conf b/tests/test-psk.conf new file mode 100644 index 000000000..4086b3e93 --- /dev/null +++ b/tests/test-psk.conf @@ -0,0 +1,15 @@ +# server - standard PSK +-j +-l PSK-CHACHA20-POLY1305 + +# client- standard PSK +-s +-l PSK-CHACHA20-POLY1305 + +# server +-j +-l ECDHE-RSA-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305 + +# client +-l ECDHE-RSA-AES256-GCM-SHA384:PSK-CHACHA20-POLY1305 + diff --git a/tests/test-tls13-down.conf b/tests/test-tls13-down.conf new file mode 100644 index 000000000..b52910e67 --- /dev/null +++ b/tests/test-tls13-down.conf @@ -0,0 +1,43 @@ +# server TLSv1.3 downgrade +-v d +-l TLS13-CHACHA20-POLY1305-SHA256 + +# client TLSv1.2 +-v 3 + +# server TLSv1.2 +-v 3 + +# client TLSv1.3 downgrade +-v d + +# server TLSv1.3 downgrade +-v d + +# client TLSv1.3 downgrade +-v d + +# server TLSv1.3 downgrade but don't and resume +-v d +-r + +# client TLSv1.3 downgrade but don't and resume +-v d +-r + +# server TLSv1.3 downgrade and resume +-v d +-r + +# client TLSv1.2 and resume +-v 3 +-r + +# server TLSv1.2 and resume +-v d +-r + +# lcient TLSv1.3 downgrade and resume +-v 3 +-r + diff --git a/tests/test-tls13-psk.conf b/tests/test-tls13-psk.conf new file mode 100644 index 000000000..b8b7e2607 --- /dev/null +++ b/tests/test-tls13-psk.conf @@ -0,0 +1,31 @@ +# server TLSv1.3 PSK +-v 4 +-s +-l TLS13-AES128-GCM-SHA256 +-d + +# client TLSv1.3 PSK +-v 4 +-s +-l TLS13-AES128-GCM-SHA256 + +# server TLSv1.3 PSK +-v 4 +-j +-l TLS13-AES128-GCM-SHA256 +-d + +# client TLSv1.3 PSK +-v 4 +-s +-l TLS13-AES128-GCM-SHA256 + +# server TLSv1.3 PSK +-v 4 +-j +-l TLS13-AES128-GCM-SHA256 +-d + +# client TLSv1.3 not-PSK +-v 4 +-l TLS13-AES128-GCM-SHA256 diff --git a/tests/test-tls13.conf b/tests/test-tls13.conf index 8233626d9..5e07ad3fe 100644 --- a/tests/test-tls13.conf +++ b/tests/test-tls13.conf @@ -38,6 +38,37 @@ -v 4 -l TLS13-AES128-CCM-8-SHA256 +# server TLSv1.3 resumption +-v 4 +-l TLS13-AES128-GCM-SHA256 +-r + +# client TLSv1.3 resumption +-v 4 +-l TLS13-AES128-GCM-SHA256 +-r + +# server TLSv1.3 resumption - SHA384 +-v 4 +-l TLS13-AES256-GCM-SHA384 +-r + +# client TLSv1.3 resumption - SHA384 +-v 4 +-l TLS13-AES256-GCM-SHA384 +-r + +# server TLSv1.3 PSK without (EC)DHE +-v 4 +-l TLS13-AES128-GCM-SHA256 +-r + +# client TLSv1.3 PSK without (EC)DHE +-v 4 +-l TLS13-AES128-GCM-SHA256 +-r +-K + # server TLSv1.3 accepting EarlyData -v 4 -l TLS13-AES128-GCM-SHA256 @@ -71,3 +102,94 @@ -v 4 -l TLS13-AES128-GCM-SHA256 -r + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 + +# client TLSv1.3 Fragments +-v 4 +-l TLS13-AES128-GCM-SHA256 +-F 1 + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 + +# client TLSv1.3 HelloRetryRequest to negotiate Key Exchange algorithm +-v 4 +-l TLS13-AES128-GCM-SHA256 +-J + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 +-J + +# client TLSv1.3 HelloRetryRequest with cookie +-v 4 +-l TLS13-AES128-GCM-SHA256 +-J + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 + +# client TLSv1.3 no client certificate +-v 4 +-l TLS13-AES128-GCM-SHA256 +-x + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 + +# client TLSv1.3 DH key exchange +-v 4 +-l TLS13-AES128-GCM-SHA256 +-y + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 + +# client TLSv1.3 ECC key exchange +-v 4 +-l TLS13-AES128-GCM-SHA256 +-Y + +# server TLSv1.3 +-v 4 +-l TLS13-AES128-GCM-SHA256 + +# client TLSv1.3 ECC key exchange +-v 4 +-l TLS13-AES128-GCM-SHA256 +-Y + +# server TLSv1.3 multiple cipher suites +-v 4 +-l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256 + +# client TLSv1.3 +-v 4 + +# server TLSv1.3 KeyUpdate +-v 4 +-l TLS13-AES128-GCM-SHA256 +-U + +# client TLSv1.3 KeyUpdate +-v 4 +-l TLS13-AES128-GCM-SHA256 +-I + +# server TLSv1.3 Post-Handshake Authentication +-v 4 +-l TLS13-AES128-GCM-SHA256 +-Q + +# client TLSv1.3 Post-Handshake Authentication +-v 4 +-l TLS13-AES128-GCM-SHA256 +-Q diff --git a/wolfssl/test.h b/wolfssl/test.h index 2c66ee6f5..f446828db 100644 --- a/wolfssl/test.h +++ b/wolfssl/test.h @@ -220,11 +220,19 @@ #endif +#ifndef WOLFSSL_NO_TLS12 #define SERVER_DEFAULT_VERSION 3 +#else +#define SERVER_DEFAULT_VERSION 4 +#endif #define SERVER_DTLS_DEFAULT_VERSION (-2) #define SERVER_INVALID_VERSION (-99) #define SERVER_DOWNGRADE_VERSION (-98) +#ifndef WOLFSSL_NO_TLS12 #define CLIENT_DEFAULT_VERSION 3 +#else +#define CLIENT_DEFAULT_VERSION 4 +#endif #define CLIENT_DTLS_DEFAULT_VERSION (-2) #define CLIENT_INVALID_VERSION (-99) #define CLIENT_DOWNGRADE_VERSION (-98)