mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2025-08-04 05:04:41 +02:00
Clear the keyshare instead of storing it
This commit is contained in:
Juliusz Sosinowicz
@@ -8017,12 +8017,6 @@ void SSL_ResourceFree(WOLFSSL* ssl)
|
||||
ssl->dtls13ClientHello = NULL;
|
||||
ssl->dtls13ClientHelloSz = 0;
|
||||
}
|
||||
#ifdef WOLFSSL_DTLS_CH_FRAG
|
||||
if (ssl->dtls13KSE != NULL) {
|
||||
TLSX_KeyShare_FreeAll(ssl->dtls13KSE, ssl->heap);
|
||||
ssl->dtls13KSE = NULL;
|
||||
}
|
||||
#endif
|
||||
#endif /* WOLFSSL_DTLS13 */
|
||||
|
||||
#endif /* WOLFSSL_DTLS */
|
||||
|
||||
63
src/tls.c
63
src/tls.c
@@ -67,6 +67,7 @@
|
||||
|
||||
#if defined(WOLFSSL_TLS13) && defined(HAVE_SUPPORTED_CURVES)
|
||||
static int TLSX_KeyShare_IsSupported(int namedGroup);
|
||||
static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap);
|
||||
#endif
|
||||
|
||||
#ifdef HAVE_SUPPORTED_CURVES
|
||||
@@ -7768,7 +7769,7 @@ int TLSX_KeyShare_GenKey(WOLFSSL *ssl, KeyShareEntry *kse)
|
||||
* list The linked list of key share entry objects.
|
||||
* heap The heap used for allocation.
|
||||
*/
|
||||
void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
|
||||
static void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap)
|
||||
{
|
||||
KeyShareEntry* current;
|
||||
|
||||
@@ -8783,27 +8784,12 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
|
||||
if (ssl->error != WC_PENDING_E)
|
||||
#endif
|
||||
{
|
||||
/* Check the selected group was supported by ClientHello
|
||||
* extensions. */
|
||||
/* Check the selected group was supported by ClientHello extensions. */
|
||||
if (!TLSX_SupportedGroups_Find(ssl, group, ssl->extensions)) {
|
||||
WOLFSSL_ERROR_VERBOSE(BAD_KEY_SHARE_DATA);
|
||||
return BAD_KEY_SHARE_DATA;
|
||||
}
|
||||
|
||||
#ifdef WOLFSSL_DTLS_CH_FRAG
|
||||
/* If we sent an empty key share then we can just limit the keyshare
|
||||
* to the one selected by the server. */
|
||||
if (ssl->options.dtlsSentEmptyKS) {
|
||||
if (!TLSX_KeyShare_SelectGroup(ssl, group)) {
|
||||
/* Clear out all groups if not found */
|
||||
ret = TLSX_KeyShare_Empty(ssl);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
/* Check if the group was sent. */
|
||||
if (TLSX_KeyShare_Find(ssl, group)) {
|
||||
WOLFSSL_ERROR_VERBOSE(BAD_KEY_SHARE_DATA);
|
||||
@@ -8816,17 +8802,6 @@ int TLSX_KeyShare_Parse(WOLFSSL* ssl, const byte* input, word16 length,
|
||||
return ret;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
#ifdef WOLFSSL_DTLS_CH_FRAG
|
||||
/* Check if we were able to limit the keyshare entries to one group */
|
||||
if (ssl->options.dtlsSentEmptyKS &&
|
||||
TLSX_KeyShare_SelectGroup(ssl, group)) {
|
||||
/* Nothing to do */
|
||||
}
|
||||
else
|
||||
#endif
|
||||
#ifdef HAVE_PQC
|
||||
/* For post-quantum groups, do this in TLSX_PopulateExtensions(). */
|
||||
if (!WOLFSSL_NAMED_GROUP_IS_PQC(group))
|
||||
@@ -9127,38 +9102,6 @@ int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group, word16 len, byte* data,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Clear out all entries except for group
|
||||
*
|
||||
* ssl The SSL/TLS object.
|
||||
* returns 1 when the group was found and 0 when it wasn't found.
|
||||
* */
|
||||
int TLSX_KeyShare_SelectGroup(WOLFSSL* ssl, word16 group)
|
||||
{
|
||||
TLSX* extension;
|
||||
KeyShareEntry* list;
|
||||
KeyShareEntry** prev;
|
||||
|
||||
/* Find the KeyShare extension if it exists. */
|
||||
extension = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
|
||||
if (extension != NULL) {
|
||||
for (prev = (KeyShareEntry**)&extension->data,
|
||||
list = (KeyShareEntry*)extension->data; list != NULL;
|
||||
prev = &list->next, list = list->next) {
|
||||
if (list->group == group) {
|
||||
/* Unlink it from the list */
|
||||
*prev = list->next;
|
||||
list->next = NULL;
|
||||
/* Free the list */
|
||||
TLSX_KeyShare_FreeAll((KeyShareEntry*)extension->data,
|
||||
ssl->heap);
|
||||
extension->data = list;
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Set an empty Key Share extension.
|
||||
*
|
||||
* ssl The SSL/TLS object.
|
||||
|
||||
36
src/tls13.c
36
src/tls13.c
@@ -4426,29 +4426,18 @@ int SendTls13ClientHello(WOLFSSL* ssl)
|
||||
TLSX_Find(ssl->extensions, TLSX_COOKIE) == NULL) {
|
||||
/* Try again with an empty key share if we would be fragmenting
|
||||
* without a cookie */
|
||||
TLSX* ks = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
|
||||
if (ks == NULL) {
|
||||
WOLFSSL_MSG("No key share and CH can't fit in one fragment.");
|
||||
return BUFFER_ERROR;
|
||||
}
|
||||
args->length = lenWithoutExts;
|
||||
if (ssl->dtls13KSE != NULL)
|
||||
TLSX_KeyShare_FreeAll(ssl->dtls13KSE, ssl->heap);
|
||||
ssl->dtls13KSE = (KeyShareEntry*)ks->data;
|
||||
ks->data = NULL;
|
||||
ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
|
||||
if (ret != 0) {
|
||||
/* Restore key share data */
|
||||
ks->data = ssl->dtls13KSE;
|
||||
ssl->dtls13KSE = NULL;
|
||||
ret = TLSX_KeyShare_Empty(ssl);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
args->length = lenWithoutExts;
|
||||
ret = TLSX_GetRequestSize(ssl, client_hello, &args->length);
|
||||
if (ret != 0)
|
||||
return ret;
|
||||
}
|
||||
if (args->length > maxFrag) {
|
||||
WOLFSSL_MSG("Can't fit first CH in one fragment.");
|
||||
return BUFFER_ERROR;
|
||||
}
|
||||
WOLFSSL_MSG("Sending empty key share so we don't fragment CH1");
|
||||
ssl->options.dtlsSentEmptyKS = 1;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
@@ -4691,19 +4680,6 @@ int SendTls13ClientHello(WOLFSSL* ssl)
|
||||
if (ret == 0)
|
||||
FreeAsyncCtx(ssl, 0);
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS_CH_FRAG
|
||||
if ((ret == 0 || ret == WANT_WRITE) && ssl->dtls13KSE != NULL) {
|
||||
/* Restore the keyshare */
|
||||
TLSX* ks = TLSX_Find(ssl->extensions, TLSX_KEY_SHARE);
|
||||
if (ks == NULL || ks->data != NULL) {
|
||||
WOLFSSL_MSG("Missing key share or key share data not NULL");
|
||||
return BUFFER_ERROR;
|
||||
}
|
||||
WOLFSSL_MSG("Restored key share");
|
||||
ks->data = ssl->dtls13KSE;
|
||||
ssl->dtls13KSE = NULL;
|
||||
}
|
||||
#endif
|
||||
|
||||
WOLFSSL_LEAVE("SendTls13ClientHello", ret);
|
||||
WOLFSSL_END(WC_FUNC_CLIENT_HELLO_SEND);
|
||||
|
||||
@@ -169,7 +169,7 @@ wolfSSL_Logging_cb wolfSSL_GetLoggingCb(void)
|
||||
int wolfSSL_Debugging_ON(void)
|
||||
{
|
||||
#ifdef DEBUG_WOLFSSL
|
||||
loggingEnabled = 1;
|
||||
loggingEnabled = 0;
|
||||
#if defined(WOLFSSL_APACHE_MYNEWT)
|
||||
log_register("wolfcrypt", &mynewt_log, &log_console_handler, NULL, LOG_SYSLEVEL);
|
||||
#endif /* WOLFSSL_APACHE_MYNEWT */
|
||||
|
||||
@@ -3353,10 +3353,8 @@ typedef struct KeyShareEntry {
|
||||
struct KeyShareEntry* next; /* List pointer */
|
||||
} KeyShareEntry;
|
||||
|
||||
WOLFSSL_LOCAL void TLSX_KeyShare_FreeAll(KeyShareEntry* list, void* heap);
|
||||
WOLFSSL_LOCAL int TLSX_KeyShare_Use(const WOLFSSL* ssl, word16 group,
|
||||
word16 len, byte* data, KeyShareEntry **kse, TLSX** extensions);
|
||||
WOLFSSL_LOCAL int TLSX_KeyShare_SelectGroup(WOLFSSL* ssl, word16 group);
|
||||
WOLFSSL_LOCAL int TLSX_KeyShare_Empty(WOLFSSL* ssl);
|
||||
WOLFSSL_LOCAL int TLSX_KeyShare_SetSupported(const WOLFSSL* ssl,
|
||||
TLSX** extensions);
|
||||
@@ -4620,9 +4618,6 @@ struct Options {
|
||||
word16 dtls:1; /* using datagrams ? */
|
||||
#ifdef WOLFSSL_DTLS
|
||||
word16 dtlsStateful:1; /* allow stateful processing ? */
|
||||
#endif
|
||||
#ifdef WOLFSSL_DTLS_CH_FRAG
|
||||
word16 dtlsSentEmptyKS:1; /* did we send an empty key share ? */
|
||||
#endif
|
||||
word16 connReset:1; /* has the peer reset */
|
||||
word16 isClosed:1; /* if we consider conn closed */
|
||||
@@ -5621,9 +5616,6 @@ struct WOLFSSL {
|
||||
Dtls13Rtx dtls13Rtx;
|
||||
byte *dtls13ClientHello;
|
||||
word16 dtls13ClientHelloSz;
|
||||
#ifdef WOLFSSL_DTLS_CH_FRAG
|
||||
KeyShareEntry* dtls13KSE;
|
||||
#endif
|
||||
|
||||
#endif /* WOLFSSL_DTLS13 */
|
||||
#ifdef WOLFSSL_DTLS_CID
|
||||
|
||||
Reference in New Issue
Block a user