wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-01 03:34:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

ssl->suites: use ssl->ctx->suites when possible

Browse Source 
- Allocate ssl->suites when necessary for the WOLFSSL object to have its own instance. Use AllocateSuites() to allocate the object.
- Move cipher negotiation options from Suites into Options

ZD15346
This commit is contained in:
Juliusz Sosinowicz
2022-12-27 16:55:35 +01:00
committed by David Garske
parent 7120ae1961
commit e431688ca6
6 changed files with 383 additions and 331 deletions
Download Patch File Download Diff File Expand all files Collapse all files

344
src/internal.c
View File

@@ -2894,6 +2894,9 @@ void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
(void)tls1_2;
(void)keySz;
if (suites == NULL)
return;
#if defined(HAVE_ECC) || defined(HAVE_ED25519) || defined(HAVE_ED448)
if (haveECDSAsig) {
#ifdef HAVE_ECC
@@ -2985,6 +2988,38 @@ void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig, int haveRSAsig,
suites->hashSigAlgoSz = idx;
}
int AllocateCtxSuites(WOLFSSL_CTX* ctx)
{
if (ctx->suites == NULL) {
ctx->suites = (Suites*)XMALLOC(sizeof(Suites), ctx->heap,
DYNAMIC_TYPE_SUITES);
if (ctx->suites == NULL) {
WOLFSSL_MSG("Memory alloc for Suites failed");
return MEMORY_ERROR;
}
XMEMSET(ctx->suites, 0, sizeof(Suites));
}
return 0;
}
/* Call this when the ssl object needs to have its own ssl->suites object */
int AllocateSuites(WOLFSSL* ssl)
{
if (ssl->suites == NULL) {
ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
DYNAMIC_TYPE_SUITES);
if (ssl->suites == NULL) {
WOLFSSL_MSG("Suites Memory error");
return MEMORY_E;
}
if (ssl->ctx != NULL && ssl->ctx->suites != NULL)
XMEMCPY(ssl->suites, ssl->ctx->suites, sizeof(Suites));
else
XMEMSET(ssl->suites, 0, sizeof(Suites));
}
return 0;
}
void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA,
word16 havePSK, word16 haveDH, word16 haveECDSAsig,
word16 haveECC, word16 haveStaticRSA, word16 haveStaticECC,
@@ -5996,20 +6031,22 @@ int InitSSL_Suites(WOLFSSL* ssl)
keySz = ssl->buffers.keySz;
#endif
/* make sure server has DH parms, and add PSK if there */
if (ssl->options.side == WOLFSSL_SERVER_END) {
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
ssl->options.haveFalconSig, ssl->options.haveDilithiumSig,
ssl->options.haveAnon, TRUE, ssl->options.side);
}
else {
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, TRUE,
ssl->options.haveECDSAsig, ssl->options.haveECC, TRUE,
ssl->options.haveStaticECC, ssl->options.haveFalconSig,
ssl->options.haveDilithiumSig, ssl->options.haveAnon, TRUE,
ssl->options.side);
if (ssl->suites != NULL) {
/* make sure server has DH parms, and add PSK if there */
if (ssl->options.side == WOLFSSL_SERVER_END) {
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
ssl->options.haveFalconSig, ssl->options.haveDilithiumSig,
ssl->options.haveAnon, TRUE, ssl->options.side);
}
else {
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK, TRUE,
ssl->options.haveECDSAsig, ssl->options.haveECC, TRUE,
ssl->options.haveStaticECC, ssl->options.haveFalconSig,
ssl->options.haveDilithiumSig, ssl->options.haveAnon, TRUE,
ssl->options.side);
}
}
#if !defined(NO_CERTS) && !defined(WOLFSSL_SESSION_EXPORT)
@@ -6095,11 +6132,6 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
if (!ssl || !ctx)
return BAD_FUNC_ARG;
#ifndef SINGLE_THREADED
if (ssl->suites == NULL && !writeDup)
return BAD_FUNC_ARG;
#endif
newSSL = ssl->ctx == NULL; /* Assign after null check */
#ifndef NO_PSK
@@ -6328,15 +6360,11 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
}
#endif /* NO_PSK */
if (ctx->suites) {
#ifndef SINGLE_THREADED
*ssl->suites = *ctx->suites;
#else
ssl->suites = ctx->suites;
#endif
}
else {
XMEMSET(ssl->suites, 0, sizeof(Suites));
if (ssl->suites != NULL) {
if (ctx->suites == NULL)
XMEMSET(ssl->suites, 0, sizeof(Suites));
else
XMEMCPY(ssl->suites, ctx->suites, sizeof(Suites));
}
if (ssl->options.side != WOLFSSL_NEITHER_END) {
@@ -6869,28 +6897,14 @@ int InitSSL(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
XMEMSET(ssl->param, 0, sizeof(WOLFSSL_X509_VERIFY_PARAM));
#endif
#ifdef SINGLE_THREADED
if (ctx->suites == NULL)
#endif
{
if (ctx->suites == NULL) {
/* suites */
ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
DYNAMIC_TYPE_SUITES);
if (ssl->suites == NULL) {
WOLFSSL_MSG("Suites Memory error");
return MEMORY_E;
}
#ifdef OPENSSL_ALL
ssl->suites->stack = NULL;
#endif
#ifdef SINGLE_THREADED
ssl->options.ownSuites = 1;
#endif
}
#ifdef SINGLE_THREADED
else {
ssl->options.ownSuites = 0;
ret = AllocateSuites(ssl);
if (ret != 0)
return ret;
}
#ifdef OPENSSL_ALL
ssl->suitesStack = NULL;
#endif
} /* !writeDup */
@@ -7403,19 +7417,15 @@ void FreeKeyExchange(WOLFSSL* ssl)
/* Free up all memory used by Suites structure from WOLFSSL */
void FreeSuites(WOLFSSL* ssl)
{
#ifdef SINGLE_THREADED
if (ssl->options.ownSuites)
#endif
{
#ifdef OPENSSL_ALL
if (ssl->suites != NULL) {
/* Enough to free stack structure since WOLFSSL_CIPHER
* isn't allocated separately. */
wolfSSL_sk_SSL_CIPHER_free(ssl->suites->stack);
}
#endif
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
#ifdef OPENSSL_ALL
if (ssl->suitesStack != NULL) {
/* Enough to free stack structure since WOLFSSL_CIPHER
* isn't allocated separately. */
wolfSSL_sk_SSL_CIPHER_free(ssl->suitesStack);
ssl->suitesStack = NULL;
}
#endif
XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES);
ssl->suites = NULL;
}
@@ -21558,6 +21568,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
WOLF_STACK_OF(WOLFSSL_X509_NAME)* names;
#endif
const Suites* suites = WOLFSSL_SUITES(ssl);
int typeTotal = 1; /* only 1 for now */
int reqSz = ENUM_LEN + typeTotal + REQ_HEADER_SZ; /* add auth later */
@@ -21566,7 +21577,7 @@ int SendCertificateRequest(WOLFSSL* ssl)
WOLFSSL_ENTER("SendCertificateRequest");
if (IsAtLeastTLSv1_2(ssl))
reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz;
reqSz += LENGTH_SZ + suites->hashSigAlgoSz;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(HAVE_LIGHTY)
/* Certificate Authorities */
@@ -21633,12 +21644,11 @@ int SendCertificateRequest(WOLFSSL* ssl)
/* supported hash/sig */
if (IsAtLeastTLSv1_2(ssl)) {
c16toa(ssl->suites->hashSigAlgoSz, &output[i]);
c16toa(suites->hashSigAlgoSz, &output[i]);
i += OPAQUE16_LEN;
XMEMCPY(&output[i],
ssl->suites->hashSigAlgo, ssl->suites->hashSigAlgoSz);
i += ssl->suites->hashSigAlgoSz;
XMEMCPY(&output[i], suites->hashSigAlgo, suites->hashSigAlgoSz);
i += suites->hashSigAlgoSz;
}
/* Certificate Authorities */
@@ -24259,7 +24269,16 @@ int SetCipherList(WOLFSSL_CTX* ctx, Suites* suites, const char* list)
}
if (next[0] == 0 || XSTRCMP(next, "ALL") == 0 ||
XSTRCMP(next, "DEFAULT") == 0 || XSTRCMP(next, "HIGH") == 0)
XSTRCMP(next, "DEFAULT") == 0 || XSTRCMP(next, "HIGH") == 0) {
/* Add all ciphersuites except anonymous and null ciphers */
InitSuites(suites, ctx->method->version,
#ifndef NO_CERTS
ctx->privateKeySz,
#else
0,
#endif
1, 1, 1, 1,
1, 1, 1, 1, 1, 0, 0, ctx->method->side);
return 1; /* wolfSSL default */
do {
@@ -24932,7 +24951,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo)
#endif /* HAVE_PQC */
#ifdef WC_RSA_PSS
/* RSA certificate and PSS sig alg. */
if (ssl->suites->sigAlgo == rsa_sa_algo) {
if (ssl->options.sigAlgo == rsa_sa_algo) {
#if defined(WOLFSSL_TLS13)
/* TLS 1.3 only supports RSA-PSS. */
if (IsAtLeastTLSv1_3(ssl->version))
@@ -24944,7 +24963,7 @@ static int MatchSigAlgo(WOLFSSL* ssl, int sigAlgo)
}
#endif
/* Signature algorithm matches certificate. */
return sigAlgo == ssl->suites->sigAlgo;
return sigAlgo == ssl->options.sigAlgo;
}
#if defined(HAVE_ECC) && defined(WOLFSSL_TLS13) || \
@@ -24986,18 +25005,18 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
/* TLS 1.3 cipher suites don't have public key algorithms in them.
* Using the one in the certificate - if any.
*/
ssl->suites->sigAlgo = ssl->buffers.keyType;
ssl->options.sigAlgo = ssl->buffers.keyType;
#endif
}
else {
ssl->suites->sigAlgo = ssl->specs.sig_algo;
ssl->options.sigAlgo = ssl->specs.sig_algo;
}
if (ssl->suites->sigAlgo == anonymous_sa_algo) {
if (ssl->options.sigAlgo == anonymous_sa_algo) {
/* PSK ciphersuite - get digest to use from cipher suite */
ssl->suites->hashAlgo = ssl->specs.mac_algorithm;
ssl->options.hashAlgo = ssl->specs.mac_algorithm;
return 0;
}
ssl->suites->hashAlgo = minHash = MinHashAlgo(ssl);
ssl->options.hashAlgo = minHash = MinHashAlgo(ssl);
/* No list means go with the defaults. */
if (hashSigAlgoSz == 0)
@@ -25018,8 +25037,8 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#ifdef HAVE_ED25519
if (ssl->pkCurveOID == ECC_ED25519_OID) {
/* Matched Ed25519 - set chosen and finished. */
ssl->suites->sigAlgo = sigAlgo;
ssl->suites->hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ret = 0;
break;
}
@@ -25027,8 +25046,8 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#ifdef HAVE_ED448
if (ssl->pkCurveOID == ECC_ED448_OID) {
/* Matched Ed448 - set chosen and finished. */
ssl->suites->sigAlgo = sigAlgo;
ssl->suites->hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ret = 0;
break;
}
@@ -25038,8 +25057,8 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
if (ssl->pkCurveOID == CTC_FALCON_LEVEL1 ||
ssl->pkCurveOID == CTC_FALCON_LEVEL5 ) {
/* Matched Falcon - set chosen and finished. */
ssl->suites->sigAlgo = sigAlgo;
ssl->suites->hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ret = 0;
break;
}
@@ -25049,8 +25068,8 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
ssl->pkCurveOID == CTC_DILITHIUM_LEVEL3 ||
ssl->pkCurveOID == CTC_DILITHIUM_LEVEL5) {
/* Matched Dilithium - set chosen and finished. */
ssl->suites->sigAlgo = sigAlgo;
ssl->suites->hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ret = 0;
break;
}
@@ -25074,8 +25093,8 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
continue;
/* Matched ECDSA exaclty - set chosen and finished. */
ssl->suites->hashAlgo = hashAlgo;
ssl->suites->sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
ret = 0;
break;
}
@@ -25095,9 +25114,9 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
continue;
/* Looking for exact match or next highest. */
if (ret != 0 || hashAlgo <= ssl->suites->hashAlgo) {
ssl->suites->hashAlgo = hashAlgo;
ssl->suites->sigAlgo = sigAlgo;
if (ret != 0 || hashAlgo <= ssl->options.hashAlgo) {
ssl->options.hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
#if defined(WOLFSSL_TLS13) || defined(HAVE_FFDHE)
ssl->namedGroup = 0;
#endif
@@ -25130,16 +25149,16 @@ int PickHashSigAlgo(WOLFSSL* ssl, const byte* hashSigAlgo, word32 hashSigAlgoSz)
#endif
#ifdef WOLFSSL_STRONGEST_HASH_SIG
/* Is hash algorithm weaker than chosen/min? */
if (hashAlgo < ssl->suites->hashAlgo)
if (hashAlgo < ssl->options.hashAlgo)
break;
#else
/* Is hash algorithm stonger than last chosen? */
if (ret == 0 && hashAlgo > ssl->suites->hashAlgo)
if (ret == 0 && hashAlgo > ssl->options.hashAlgo)
break;
#endif
/* The chosen one - but keep looking. */
ssl->suites->hashAlgo = hashAlgo;
ssl->suites->sigAlgo = sigAlgo;
ssl->options.hashAlgo = hashAlgo;
ssl->options.sigAlgo = sigAlgo;
ret = 0;
break;
default:
@@ -25994,6 +26013,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
int idSz;
int ret;
word16 extSz = 0;
const Suites* suites;
if (ssl == NULL) {
return BAD_FUNC_ARG;
@@ -26009,7 +26029,9 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
WOLFSSL_START(WC_FUNC_CLIENT_HELLO_SEND);
WOLFSSL_ENTER("SendClientHello");
if (ssl->suites == NULL) {
suites = WOLFSSL_SUITES(ssl);
if (suites == NULL) {
WOLFSSL_MSG("Bad suites pointer in SendClientHello");
return SUITES_ERROR;
}
@@ -26033,7 +26055,7 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
#endif
length = VERSION_SZ + RAN_LEN
+ idSz + ENUM_LEN
+ ssl->suites->suiteSz + SUITE_LEN
+ suites->suiteSz + SUITE_LEN
+ COMP_LEN + ENUM_LEN;
#ifdef HAVE_TLS_EXTENSIONS
@@ -26046,9 +26068,9 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
return ret;
length += extSz;
#else
if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz)
if (IsAtLeastTLSv1_2(ssl) && suites->hashSigAlgoSz)
extSz += HELLO_EXT_SZ + HELLO_EXT_SIGALGO_SZ
+ ssl->suites->hashSigAlgoSz;
+ suites->hashSigAlgoSz;
#ifdef HAVE_EXTENDED_MASTER
if (ssl->options.haveEMS)
extSz += HELLO_EXT_SZ;
@@ -26130,10 +26152,10 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
}
#endif
/* then cipher suites */
c16toa(ssl->suites->suiteSz, output + idx);
c16toa(suites->suiteSz, output + idx);
idx += OPAQUE16_LEN;
XMEMCPY(output + idx, &ssl->suites->suites, ssl->suites->suiteSz);
idx += ssl->suites->suiteSz;
XMEMCPY(output + idx, &suites->suites, suites->suiteSz);
idx += suites->suiteSz;
/* last, compression */
output[idx++] = COMP_LEN;
@@ -26156,20 +26178,20 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
idx += HELLO_EXT_SZ_SZ;
if (IsAtLeastTLSv1_2(ssl)) {
if (ssl->suites->hashSigAlgoSz) {
if (suites->hashSigAlgoSz) {
word16 i;
/* extension type */
c16toa(HELLO_EXT_SIG_ALGO, output + idx);
idx += HELLO_EXT_TYPE_SZ;
/* extension data length */
c16toa(HELLO_EXT_SIGALGO_SZ + ssl->suites->hashSigAlgoSz,
c16toa(HELLO_EXT_SIGALGO_SZ + suites->hashSigAlgoSz,
output + idx);
idx += HELLO_EXT_SZ_SZ;
/* sig algos length */
c16toa(ssl->suites->hashSigAlgoSz, output + idx);
c16toa(suites->hashSigAlgoSz, output + idx);
idx += HELLO_EXT_SIGALGO_SZ;
for (i=0; i < ssl->suites->hashSigAlgoSz; i++, idx++) {
output[idx] = ssl->suites->hashSigAlgo[i];
for (i=0; i < suites->hashSigAlgoSz; i++, idx++) {
output[idx] = suites->hashSigAlgo[i];
}
}
}
@@ -26588,10 +26610,11 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
#ifndef WOLFSSL_NO_STRICT_CIPHER_SUITE
{
word32 idx, found = 0;
const Suites* suites = WOLFSSL_SUITES(ssl);
/* confirm server_hello cipher suite is one sent in client_hello */
for (idx = 0; idx < ssl->suites->suiteSz; idx += 2) {
if (ssl->suites->suites[idx] == cs0 &&
ssl->suites->suites[idx+1] == cs1) {
for (idx = 0; idx < suites->suiteSz; idx += 2) {
if (suites->suites[idx] == cs0 &&
suites->suites[idx+1] == cs1) {
found = 1;
break;
}
@@ -26910,8 +26933,8 @@ static int HashSkeData(WOLFSSL* ssl, enum wc_HashType hashType,
*inOutIdx += len;
#ifdef WC_RSA_PSS
ssl->pssAlgo = 0;
if (ssl->suites->sigAlgo == rsa_pss_sa_algo)
ssl->pssAlgo |= 1 << ssl->suites->hashAlgo;
if (ssl->options.sigAlgo == rsa_pss_sa_algo)
ssl->pssAlgo |= 1 << ssl->options.hashAlgo;
#endif
}
@@ -29887,7 +29910,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
#ifdef WC_RSA_PSS
if (IsAtLeastTLSv1_2(ssl) &&
(ssl->pssAlgo & (1 << ssl->suites->hashAlgo))) {
(ssl->pssAlgo & (1 << ssl->options.hashAlgo))) {
args->sigAlgo = rsa_pss_sa_algo;
}
else
@@ -29902,10 +29925,10 @@ int SendCertificateVerify(WOLFSSL* ssl)
args->sigAlgo = ed448_sa_algo;
if (IsAtLeastTLSv1_2(ssl)) {
EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo,
EncodeSigAlg(ssl->options.hashAlgo, args->sigAlgo,
args->verify);
args->extraSz = HASH_SIG_SIZE;
SetDigest(ssl, ssl->suites->hashAlgo);
SetDigest(ssl, ssl->options.hashAlgo);
}
#ifndef NO_OLD_TLS
else {
@@ -29925,7 +29948,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
ssl->buffers.sig.length = wc_EncodeSignature(
ssl->buffers.sig.buffer, ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
TypeHash(ssl->suites->hashAlgo));
TypeHash(ssl->options.hashAlgo));
}
/* prepend hdr */
@@ -30024,7 +30047,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
ret = RsaSign(ssl,
ssl->buffers.sig.buffer, ssl->buffers.sig.length,
args->verify + args->extraSz + VERIFY_HEADER, &args->sigSz,
args->sigAlgo, ssl->suites->hashAlgo, key,
args->sigAlgo, ssl->options.hashAlgo, key,
ssl->buffers.key
);
}
@@ -30105,7 +30128,7 @@ int SendCertificateVerify(WOLFSSL* ssl)
ret = VerifyRsaSign(ssl,
args->verifySig, args->sigSz,
ssl->buffers.sig.buffer, ssl->buffers.sig.length,
args->sigAlgo, ssl->suites->hashAlgo, key,
args->sigAlgo, ssl->options.hashAlgo, key,
ssl->buffers.key
);
@@ -31444,7 +31467,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ERROR_OUT(NO_PRIVATE_KEY, exit_sske);
}
else {
switch(ssl->suites->sigAlgo) {
switch(ssl->options.sigAlgo) {
#ifndef NO_RSA
#ifdef WC_RSA_PSS
case rsa_pss_sa_algo:
@@ -31571,12 +31594,12 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* Determine hash type */
if (IsAtLeastTLSv1_2(ssl)) {
EncodeSigAlg(ssl->suites->hashAlgo,
ssl->suites->sigAlgo,
EncodeSigAlg(ssl->options.hashAlgo,
ssl->options.sigAlgo,
&args->output[args->idx]);
args->idx += 2;
hashType = HashAlgoToType(ssl->suites->hashAlgo);
hashType = HashAlgoToType(ssl->options.hashAlgo);
if (hashType == WC_HASH_TYPE_NONE) {
ERROR_OUT(ALGO_ID_E, exit_sske);
}
@@ -31585,7 +31608,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* only using sha and md5 for rsa */
#ifndef NO_OLD_TLS
hashType = WC_HASH_TYPE_SHA;
if (ssl->suites->sigAlgo == rsa_sa_algo) {
if (ssl->options.sigAlgo == rsa_sa_algo) {
hashType = WC_HASH_TYPE_MD5_SHA;
}
#else
@@ -31604,7 +31627,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ret = HashSkeData(ssl, hashType,
args->output + preSigIdx, preSigSz,
ssl->suites->sigAlgo);
ssl->options.sigAlgo);
if (ret != 0) {
goto exit_sske;
}
@@ -31612,7 +31635,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->sigSz = args->tmpSigSz;
/* Sign hash to create signature */
switch (ssl->suites->sigAlgo)
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
case rsa_sa_algo:
@@ -31630,7 +31653,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
wc_EncodeSignature(encodedSig,
ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
TypeHash(ssl->suites->hashAlgo));
TypeHash(ssl->options.hashAlgo));
/* Replace sig buffer with new one */
XFREE(ssl->buffers.digest.buffer, ssl->heap,
@@ -31795,12 +31818,12 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* Determine hash type */
if (IsAtLeastTLSv1_2(ssl)) {
EncodeSigAlg(ssl->suites->hashAlgo,
ssl->suites->sigAlgo,
EncodeSigAlg(ssl->options.hashAlgo,
ssl->options.sigAlgo,
&args->output[args->idx]);
args->idx += 2;
hashType = HashAlgoToType(ssl->suites->hashAlgo);
hashType = HashAlgoToType(ssl->options.hashAlgo);
if (hashType == WC_HASH_TYPE_NONE) {
ERROR_OUT(ALGO_ID_E, exit_sske);
}
@@ -31808,7 +31831,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
/* only using sha and md5 for rsa */
#ifndef NO_OLD_TLS
hashType = WC_HASH_TYPE_SHA;
if (ssl->suites->sigAlgo == rsa_sa_algo) {
if (ssl->options.sigAlgo == rsa_sa_algo) {
hashType = WC_HASH_TYPE_MD5_SHA;
}
#else
@@ -31822,7 +31845,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ret = HashSkeData(ssl, hashType,
args->output + preSigIdx, preSigSz,
ssl->suites->sigAlgo);
ssl->options.sigAlgo);
if (ret != 0) {
goto exit_sske;
}
@@ -31830,7 +31853,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->sigSz = args->tmpSigSz;
/* Sign hash to create signature */
switch (ssl->suites->sigAlgo)
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
case rsa_sa_algo:
@@ -31848,7 +31871,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
wc_EncodeSignature(encodedSig,
ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
TypeHash(ssl->suites->hashAlgo));
TypeHash(ssl->options.hashAlgo));
/* Replace sig buffer with new one */
XFREE(ssl->buffers.digest.buffer, ssl->heap,
@@ -31860,7 +31883,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* NO_RSA */
default:
break;
} /* switch (ssl->suites->sigAlgo) */
} /* switch (ssl->options.sigAlgo) */
break;
}
#endif /* !defined(NO_DH) && !defined(NO_RSA) */
@@ -31906,7 +31929,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case ecc_diffie_hellman_kea:
{
/* Sign hash to create signature */
switch (ssl->suites->sigAlgo)
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
#ifdef WC_RSA_PSS
@@ -31921,7 +31944,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->buffers.digest.length,
args->output + args->idx,
&args->sigSz,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
ssl->options.sigAlgo, ssl->options.hashAlgo,
key,
ssl->buffers.key
);
@@ -31998,7 +32021,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
case diffie_hellman_kea:
{
/* Sign hash to create signature */
switch (ssl->suites->sigAlgo)
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
#ifdef WC_RSA_PSS
@@ -32017,7 +32040,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
ssl->buffers.digest.length,
args->output + args->idx,
&args->sigSz,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
ssl->options.sigAlgo, ssl->options.hashAlgo,
key,
ssl->buffers.key
);
@@ -32026,7 +32049,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#endif /* NO_RSA */
default:
break;
} /* switch (ssl->suites->sigAlgo) */
} /* switch (ssl->options.sigAlgo) */
break;
}
@@ -32075,7 +32098,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
defined(HAVE_CURVE448)
case ecc_diffie_hellman_kea:
{
switch(ssl->suites->sigAlgo)
switch(ssl->options.sigAlgo)
{
#ifndef NO_RSA
#ifdef WC_RSA_PSS
@@ -32104,7 +32127,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->verifySig, args->sigSz,
ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
ssl->options.sigAlgo, ssl->options.hashAlgo,
key, ssl->buffers.key
);
break;
@@ -32163,7 +32186,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#if !defined(NO_DH) && !defined(NO_RSA)
case diffie_hellman_kea:
{
switch (ssl->suites->sigAlgo)
switch (ssl->options.sigAlgo)
{
#ifndef NO_RSA
#ifndef WC_RSA_PSS
@@ -32196,13 +32219,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
args->verifySig, args->sigSz,
ssl->buffers.digest.buffer,
ssl->buffers.digest.length,
ssl->suites->sigAlgo, ssl->suites->hashAlgo,
ssl->options.sigAlgo, ssl->options.hashAlgo,
key, ssl->buffers.key
);
break;
}
#endif
} /* switch (ssl->suites->sigAlgo) */
} /* switch (ssl->options.sigAlgo) */
break;
}
#endif /* !defined(NO_DH) && !defined(NO_RSA) */
@@ -32324,7 +32347,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
* Returns 1 for valid server suite or 0 if not found
* For asynchronous this can return WC_PENDING_E
*/
static int VerifyServerSuite(WOLFSSL* ssl, word16 idx)
static int VerifyServerSuite(WOLFSSL* ssl, const Suites* suites, word16 idx)
{
#ifndef NO_PSK
int havePSK = ssl->options.havePSK;
@@ -32334,13 +32357,13 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
WOLFSSL_ENTER("VerifyServerSuite");
if (ssl->suites == NULL) {
if (suites == NULL) {
WOLFSSL_MSG("Suites pointer error");
return 0;
}
first = ssl->suites->suites[idx];
second = ssl->suites->suites[idx+1];
first = suites->suites[idx];
second = suites->suites[idx+1];
if (CipherRequires(first, second, REQUIRES_RSA)) {
WOLFSSL_MSG("Requires RSA");
@@ -32450,20 +32473,20 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
return 1;
}
static int CompareSuites(WOLFSSL* ssl, Suites* peerSuites, word16 i,
word16 j)
static int CompareSuites(WOLFSSL* ssl, const Suites* suites,
Suites* peerSuites, word16 i, word16 j)
{
if (ssl->suites->suites[i] == peerSuites->suites[j] &&
ssl->suites->suites[i+1] == peerSuites->suites[j+1] ) {
if (suites->suites[i] == peerSuites->suites[j] &&
suites->suites[i+1] == peerSuites->suites[j+1] ) {
int ret = VerifyServerSuite(ssl, i);
int ret = VerifyServerSuite(ssl, suites, i);
if (ret < 0) {
return ret;
}
if (ret) {
WOLFSSL_MSG("Verified suite validity");
ssl->options.cipherSuite0 = ssl->suites->suites[i];
ssl->options.cipherSuite = ssl->suites->suites[i+1];
ssl->options.cipherSuite0 = suites->suites[i];
ssl->options.cipherSuite = suites->suites[i+1];
ret = SetCipherSpecs(ssl);
if (ret == 0) {
ret = PickHashSigAlgo(ssl, peerSuites->hashSigAlgo,
@@ -32483,6 +32506,7 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
{
int ret;
word16 i, j;
const Suites* suites = WOLFSSL_SUITES(ssl);
WOLFSSL_ENTER("MatchSuite");
@@ -32490,14 +32514,14 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
if (peerSuites->suiteSz == 0 || peerSuites->suiteSz & 0x1)
return BUFFER_ERROR;
if (ssl->suites == NULL)
if (suites == NULL)
return SUITES_ERROR;
if (!ssl->options.useClientOrder) {
/* Server order */
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
for (i = 0; i < suites->suiteSz; i += 2) {
for (j = 0; j < peerSuites->suiteSz; j += 2) {
ret = CompareSuites(ssl, peerSuites, i, j);
ret = CompareSuites(ssl, suites, peerSuites, i, j);
if (ret != MATCH_SUITE_ERROR)
return ret;
}
@@ -32506,8 +32530,8 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
else {
/* Client order */
for (j = 0; j < peerSuites->suiteSz; j += 2) {
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
ret = CompareSuites(ssl, peerSuites, i, j);
for (i = 0; i < suites->suiteSz; i += 2) {
ret = CompareSuites(ssl, suites, peerSuites, i, j);
if (ret != MATCH_SUITE_ERROR)
return ret;
}
@@ -32610,7 +32634,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
ret = AllocateSuites(ssl);
if (ret != 0)
return ret;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -32997,6 +33023,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
ret = AllocateSuites(ssl);
if (ret != 0)
goto out;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -33068,6 +33097,9 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
keySz = ssl->buffers.keySz;
#endif
ret = AllocateSuites(ssl);
if (ret != 0)
goto out;
/* reset cipher suites to account for TLS version change */
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,

177
src/ssl.c
View File

@@ -2221,6 +2221,7 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
word16 havePSK;
word16 haveRSA;
int keySz = 0;
int ret;
#ifndef NO_PSK
havePSK = ssl->options.havePSK;
@@ -2235,6 +2236,9 @@ int wolfSSL_SetTmpDH(WOLFSSL* ssl, const unsigned char* p, int pSz,
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
ret = AllocateSuites(ssl);
if (ret != 0)
return ret;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -3247,11 +3251,12 @@ static int _Rehandshake(WOLFSSL* ssl)
#ifndef NO_FORCE_SCR_SAME_SUITE
/* force same suite */
if (ssl->suites) {
ssl->suites->suiteSz = SUITE_LEN;
ssl->suites->suites[0] = ssl->options.cipherSuite0;
ssl->suites->suites[1] = ssl->options.cipherSuite;
}
ret = AllocateSuites(ssl);
if (ret != 0)
return ret;
ssl->suites->suiteSz = SUITE_LEN;
ssl->suites->suites[0] = ssl->options.cipherSuite0;
ssl->suites->suites[1] = ssl->options.cipherSuite;
#endif
/* reset handshake states */
@@ -4799,6 +4804,8 @@ int wolfSSL_SetVersion(WOLFSSL* ssl, int version)
keySz = ssl->buffers.keySz;
#endif
if (AllocateSuites(ssl) != 0)
return WOLFSSL_FAILURE;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -6656,7 +6663,11 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
return WOLFSSL_BAD_FILE;
}
if (ssl && ssl->options.side == WOLFSSL_SERVER_END) {
if (ssl) {
if (ssl->options.side == WOLFSSL_SERVER_END)
resetSuites = 1;
}
else if (ctx && ctx->method->side == WOLFSSL_SERVER_END) {
resetSuites = 1;
}
if (ssl && ssl->ctx->haveECDSAsig) {
@@ -6997,7 +7008,7 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
word16 havePSK = 0;
word16 haveRSA = 0;
#ifndef NO_PSK
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
if (ssl->options.havePSK) {
havePSK = 1;
}
@@ -7007,6 +7018,8 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
#endif
keySz = ssl->buffers.keySz;
if (AllocateSuites(ssl) != 0)
return WOLFSSL_FAILURE;
/* let's reset suites */
InitSuites(ssl->suites, ssl->version, keySz, haveRSA,
havePSK, ssl->options.haveDH, ssl->options.haveECDSAsig,
@@ -7014,6 +7027,34 @@ int ProcessBuffer(WOLFSSL_CTX* ctx, const unsigned char* buff,
ssl->options.haveFalconSig, ssl->options.haveDilithiumSig,
ssl->options.haveAnon, TRUE, ssl->options.side);
}
else if (ctx && resetSuites) {
word16 havePSK = 0;
word16 haveRSA = 0;
#if defined(HAVE_SESSION_TICKET) || !defined(NO_PSK)
if (ctx->havePSK) {
havePSK = 1;
}
#endif
#ifndef NO_RSA
haveRSA = 1;
#endif
keySz = ctx->privateKeySz;
if (AllocateCtxSuites(ctx) != 0)
return WOLFSSL_FAILURE;
/* let's reset suites */
InitSuites(ctx->suites, ctx->method->version, keySz, haveRSA,
havePSK, ctx->haveDH, ctx->haveECDSAsig,
ctx->haveECC, TRUE, ctx->haveStaticECC,
ctx->haveFalconSig, ctx->haveDilithiumSig,
#ifdef HAVE_ANON
ctx->haveAnon,
#else
FALSE,
#endif
TRUE, ctx->method->side);
}
return WOLFSSL_SUCCESS;
}
@@ -11877,16 +11918,8 @@ int wolfSSL_CTX_set_cipher_list(WOLFSSL_CTX* ctx, const char* list)
if (ctx == NULL)
return WOLFSSL_FAILURE;
/* alloc/init on demand only */
if (ctx->suites == NULL) {
ctx->suites = (Suites*)XMALLOC(sizeof(Suites), ctx->heap,
DYNAMIC_TYPE_SUITES);
if (ctx->suites == NULL) {
WOLFSSL_MSG("Memory alloc for Suites failed");
return WOLFSSL_FAILURE;
}
XMEMSET(ctx->suites, 0, sizeof(Suites));
}
if (AllocateCtxSuites(ctx) != 0)
return WOLFSSL_FAILURE;
#ifdef OPENSSL_EXTRA
return wolfSSL_parse_cipher_list(ctx, ctx->suites, list);
@@ -11905,16 +11938,8 @@ int wolfSSL_CTX_set_cipher_list_bytes(WOLFSSL_CTX* ctx, const byte* list,
if (ctx == NULL)
return WOLFSSL_FAILURE;
/* alloc/init on demand only */
if (ctx->suites == NULL) {
ctx->suites = (Suites*)XMALLOC(sizeof(Suites), ctx->heap,
DYNAMIC_TYPE_SUITES);
if (ctx->suites == NULL) {
WOLFSSL_MSG("Memory alloc for Suites failed");
return WOLFSSL_FAILURE;
}
XMEMSET(ctx->suites, 0, sizeof(Suites));
}
if (AllocateCtxSuites(ctx) != 0)
return WOLFSSL_FAILURE;
return (SetCipherListFromBytes(ctx, ctx->suites, list, listSz)) ?
WOLFSSL_SUCCESS : WOLFSSL_FAILURE;
@@ -11929,18 +11954,8 @@ int wolfSSL_set_cipher_list(WOLFSSL* ssl, const char* list)
return WOLFSSL_FAILURE;
}
#ifdef SINGLE_THREADED
if (ssl->ctx->suites == ssl->suites) {
ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
DYNAMIC_TYPE_SUITES);
if (ssl->suites == NULL) {
WOLFSSL_MSG("Suites Memory error");
return MEMORY_E;
}
*ssl->suites = *ssl->ctx->suites;
ssl->options.ownSuites = 1;
}
#endif
if (AllocateSuites(ssl) != 0)
return WOLFSSL_FAILURE;
#ifdef OPENSSL_EXTRA
return wolfSSL_parse_cipher_list(ssl->ctx, ssl->suites, list);
@@ -11961,18 +11976,8 @@ int wolfSSL_set_cipher_list_bytes(WOLFSSL* ssl, const byte* list,
return WOLFSSL_FAILURE;
}
#ifdef SINGLE_THREADED
if (ssl->ctx->suites == ssl->suites) {
ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
DYNAMIC_TYPE_SUITES);
if (ssl->suites == NULL) {
WOLFSSL_MSG("Suites Memory error");
return MEMORY_E;
}
*ssl->suites = *ssl->ctx->suites;
ssl->options.ownSuites = 1;
}
#endif
if (AllocateSuites(ssl) != 0)
return WOLFSSL_FAILURE;
return (SetCipherListFromBytes(ssl->ctx, ssl->suites, list, listSz))
? WOLFSSL_SUCCESS
@@ -15435,6 +15440,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
if (AllocateSuites(ssl) != 0)
return;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -15488,6 +15495,8 @@ int wolfSSL_set_compression(WOLFSSL* ssl)
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
if (AllocateSuites(ssl) != 0)
return;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -23476,12 +23485,15 @@ long wolfSSL_set_options(WOLFSSL* ssl, long op)
keySz = ssl->buffers.keySz;
#endif
if (ssl->suites != NULL && ssl->options.side != WOLFSSL_NEITHER_END)
if (ssl->options.side != WOLFSSL_NEITHER_END) {
if (AllocateSuites(ssl) != 0)
return 0;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, havePSK,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
ssl->options.haveFalconSig, ssl->options.haveDilithiumSig,
ssl->options.haveAnon, TRUE, ssl->options.side);
}
return ssl->options.mask;
}
@@ -28192,16 +28204,8 @@ int wolfSSL_CTX_set1_sigalgs_list(WOLFSSL_CTX* ctx, const char* list)
return WOLFSSL_FAILURE;
}
/* alloc/init on demand only */
if (ctx->suites == NULL) {
ctx->suites = (Suites*)XMALLOC(sizeof(Suites), ctx->heap,
DYNAMIC_TYPE_SUITES);
if (ctx->suites == NULL) {
WOLFSSL_MSG("Memory alloc for Suites failed");
return WOLFSSL_FAILURE;
}
XMEMSET(ctx->suites, 0, sizeof(Suites));
}
if (AllocateCtxSuites(ctx) != 0)
return WOLFSSL_FAILURE;
return SetSuitesHashSigAlgo(ctx->suites, list);
}
@@ -28213,28 +28217,14 @@ int wolfSSL_set1_sigalgs_list(WOLFSSL* ssl, const char* list)
{
WOLFSSL_MSG("wolfSSL_set1_sigalg_list");
if (ssl == NULL) {
WOLFSSL_MSG("Bad function arguments");
return WOLFSSL_FAILURE;
}
#ifdef SINGLE_THREADED
if (ssl->ctx->suites == ssl->suites) {
ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap,
DYNAMIC_TYPE_SUITES);
if (ssl->suites == NULL) {
WOLFSSL_MSG("Suites Memory error");
return MEMORY_E;
}
*ssl->suites = *ssl->ctx->suites;
ssl->options.ownSuites = 1;
}
#endif
if (ssl == NULL || list == NULL) {
WOLFSSL_MSG("Bad function arguments");
return WOLFSSL_FAILURE;
}
if (AllocateSuites(ssl) != 0)
return WOLFSSL_FAILURE;
return SetSuitesHashSigAlgo(ssl->suites, list);
}
@@ -28331,8 +28321,8 @@ int wolfSSL_get_signature_nid(WOLFSSL *ssl, int* nid)
}
for (i = 0; i < WOLFSSL_HASH_SIG_INFO_SZ; i++) {
if (ssl->suites->hashAlgo == wolfssl_hash_sig_info[i].hashAlgo &&
ssl->suites->sigAlgo == wolfssl_hash_sig_info[i].sigAlgo) {
if (ssl->options.hashAlgo == wolfssl_hash_sig_info[i].hashAlgo &&
ssl->options.sigAlgo == wolfssl_hash_sig_info[i].sigAlgo) {
*nid = wolfssl_hash_sig_info[i].nid;
ret = WOLFSSL_SUCCESS;
break;
@@ -33244,31 +33234,22 @@ static WC_INLINE int sslCipherMinMaxCheck(const WOLFSSL *ssl, byte suite0,
WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
{
WOLF_STACK_OF(WOLFSSL_CIPHER)* ret = NULL;
Suites* suites;
const Suites* suites;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
const CipherSuiteInfo* cipher_names = GetCipherNames();
int cipherSz = GetCipherNamesSize();
#endif
WOLFSSL_ENTER("wolfSSL_get_ciphers_compat");
if (ssl == NULL || (ssl->suites == NULL && ssl->ctx->suites == NULL)) {
if (ssl == NULL)
return NULL;
}
if (ssl->suites != NULL) {
if (ssl->suites->suiteSz == 0 &&
InitSSL_Suites((WOLFSSL*)ssl) != WOLFSSL_SUCCESS) {
WOLFSSL_MSG("Suite initialization failure");
return NULL;
}
suites = ssl->suites;
}
else {
suites = ssl->ctx->suites;
}
suites = WOLFSSL_SUITES(ssl);
if (suites == NULL)
return NULL;
/* check if stack needs populated */
if (suites->stack == NULL) {
if (ssl->suitesStack == NULL) {
int i;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
int j;
@@ -33320,9 +33301,9 @@ WOLF_STACK_OF(WOLFSSL_CIPHER) *wolfSSL_get_ciphers_compat(const WOLFSSL *ssl)
ret = add;
}
}
suites->stack = ret;
((WOLFSSL*)ssl)->suitesStack = ret;
}
return suites->stack;
return ssl->suitesStack;
}
#endif /* OPENSSL_ALL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */

59
src/tls.c
View File

@@ -3943,13 +3943,14 @@ static void TLSX_SupportedCurve_ValidateRequest(const WOLFSSL* ssl,
static void TLSX_SupportedCurve_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
{
word16 i;
const Suites* suites = WOLFSSL_SUITES(ssl);
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
if (ssl->suites->suites[i] == TLS13_BYTE)
for (i = 0; i < suites->suiteSz; i += 2) {
if (suites->suites[i] == TLS13_BYTE)
return;
if ((ssl->suites->suites[i] == ECC_BYTE) ||
(ssl->suites->suites[i] == ECDHE_PSK_BYTE) ||
(ssl->suites->suites[i] == CHACHA_BYTE)) {
if ((suites->suites[i] == ECC_BYTE) ||
(suites->suites[i] == ECDHE_PSK_BYTE) ||
(suites->suites[i] == CHACHA_BYTE)) {
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
defined(HAVE_CURVE448)
return;
@@ -3971,24 +3972,28 @@ static void TLSX_SupportedCurve_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
*/
static void TLSX_PointFormat_ValidateRequest(WOLFSSL* ssl, byte* semaphore)
{
#ifdef HAVE_FFDHE
(void)ssl;
(void)semaphore;
#else
word16 i;
const Suites* suites = WOLFSSL_SUITES(ssl);
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
if (ssl->suites->suites[i] == TLS13_BYTE)
if (suites == NULL)
return;
for (i = 0; i < suites->suiteSz; i += 2) {
if (suites->suites[i] == TLS13_BYTE)
return;
if ((ssl->suites->suites[i] == ECC_BYTE) ||
(ssl->suites->suites[i] == ECDHE_PSK_BYTE) ||
(ssl->suites->suites[i] == CHACHA_BYTE)) {
if ((suites->suites[i] == ECC_BYTE) ||
(suites->suites[i] == ECDHE_PSK_BYTE) ||
(suites->suites[i] == CHACHA_BYTE)) {
#if defined(HAVE_ECC) || defined(HAVE_CURVE25519) || \
defined(HAVE_CURVE448)
return;
#endif
}
}
#ifdef HAVE_FFDHE
(void)semaphore;
return;
#else
/* turns semaphore on to avoid sending this extension. */
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_EC_POINT_FORMATS));
#endif
@@ -6370,7 +6375,7 @@ static word16 TLSX_SignatureAlgorithms_GetSize(void* data)
{
WOLFSSL* ssl = (WOLFSSL*)data;
return OPAQUE16_LEN + ssl->suites->hashSigAlgoSz;
return OPAQUE16_LEN + WOLFSSL_SUITES(ssl)->hashSigAlgoSz;
}
/* Creates a bit string of supported hash algorithms with RSA PSS.
@@ -6415,15 +6420,16 @@ static int TLSX_SignatureAlgorithms_MapPss(WOLFSSL *ssl, const byte* input,
static word16 TLSX_SignatureAlgorithms_Write(void* data, byte* output)
{
WOLFSSL* ssl = (WOLFSSL*)data;
const Suites* suites = WOLFSSL_SUITES(ssl);
c16toa(ssl->suites->hashSigAlgoSz, output);
XMEMCPY(output + OPAQUE16_LEN, ssl->suites->hashSigAlgo,
ssl->suites->hashSigAlgoSz);
c16toa(suites->hashSigAlgoSz, output);
XMEMCPY(output + OPAQUE16_LEN, suites->hashSigAlgo,
suites->hashSigAlgoSz);
TLSX_SignatureAlgorithms_MapPss(ssl, output + OPAQUE16_LEN,
ssl->suites->hashSigAlgoSz);
suites->hashSigAlgoSz);
return OPAQUE16_LEN + ssl->suites->hashSigAlgoSz;
return OPAQUE16_LEN + suites->hashSigAlgoSz;
}
/* Parse the SignatureAlgorithms extension.
@@ -11205,9 +11211,10 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
#ifndef WOLFSSL_PSK_ONE_ID
if (ssl->options.client_psk_cs_cb != NULL) {
int i;
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
byte cipherSuite0 = ssl->suites->suites[i + 0];
byte cipherSuite = ssl->suites->suites[i + 1];
const Suites* suites = WOLFSSL_SUITES(ssl);
for (i = 0; i < suites->suiteSz; i += 2) {
byte cipherSuite0 = suites->suites[i + 0];
byte cipherSuite = suites->suites[i + 1];
unsigned int keySz;
#ifdef WOLFSSL_PSK_MULTI_ID_PER_CS
int cnt = 0;
@@ -11242,7 +11249,7 @@ int TLSX_PopulateExtensions(WOLFSSL* ssl, byte isServer)
ret = TLSX_PreSharedKey_Use(ssl,
(byte*)ssl->arrays->client_identity,
(word16)XSTRLEN(ssl->arrays->client_identity),
0, SuiteMac(ssl->suites->suites + i),
0, SuiteMac(WOLFSSL_SUITES(ssl)->suites + i),
cipherSuite0, cipherSuite, 0, NULL);
if (ret != 0)
return ret;
@@ -11383,7 +11390,7 @@ int TLSX_GetRequestSize(WOLFSSL* ssl, byte msgType, word16* pLength)
PF_VALIDATE_REQUEST(ssl, semaphore);
WOLF_STK_VALIDATE_REQUEST(ssl);
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
if (ssl->suites->hashSigAlgoSz == 0)
if (WOLFSSL_SUITES(ssl)->hashSigAlgoSz == 0)
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
#endif
#if defined(WOLFSSL_TLS13)
@@ -11476,7 +11483,7 @@ int TLSX_WriteRequest(WOLFSSL* ssl, byte* output, byte msgType, word16* pOffset)
PF_VALIDATE_REQUEST(ssl, semaphore);
WOLF_STK_VALIDATE_REQUEST(ssl);
#if !defined(NO_CERTS) && !defined(WOLFSSL_NO_SIGALG)
if (ssl->suites->hashSigAlgoSz == 0)
if (WOLFSSL_SUITES(ssl)->hashSigAlgoSz == 0)
TURN_ON(semaphore, TLSX_ToSemaphore(TLSX_SIGNATURE_ALGORITHMS));
#endif
#ifdef WOLFSSL_TLS13

94
src/tls13.c
View File

@@ -3232,10 +3232,11 @@ exit_buildmsg:
static int FindSuiteSSL(WOLFSSL* ssl, byte* suite)
{
word16 i;
const Suites* suites = WOLFSSL_SUITES(ssl);
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
if (ssl->suites->suites[i+0] == suite[0] &&
ssl->suites->suites[i+1] == suite[1]) {
for (i = 0; i < suites->suiteSz; i += 2) {
if (suites->suites[i+0] == suite[0] &&
suites->suites[i+1] == suite[1]) {
return 1;
}
}
@@ -3250,7 +3251,7 @@ static int FindSuiteSSL(WOLFSSL* ssl, byte* suite)
* @param [in] suite.
* @return A value from wc_MACAlgorithm enumeration.
*/
byte SuiteMac(byte* suite)
byte SuiteMac(const byte* suite)
{
byte mac = no_mac;
@@ -3856,6 +3857,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
Sch13Args args[1];
#endif
byte major, tls12minor;
const Suites* suites;
WOLFSSL_START(WC_FUNC_CLIENT_HELLO_SEND);
@@ -3898,7 +3900,8 @@ int SendTls13ClientHello(WOLFSSL* ssl)
}
#endif
if (ssl->suites == NULL) {
suites = WOLFSSL_SUITES(ssl);
if (suites == NULL) {
WOLFSSL_MSG("Bad suites pointer in SendTls13ClientHello");
return SUITES_ERROR;
}
@@ -3940,7 +3943,7 @@ int SendTls13ClientHello(WOLFSSL* ssl)
#endif /* WOLFSSL_DTLS13 */
/* Version | Random | Session Id | Cipher Suites | Compression */
args->length = VERSION_SZ + RAN_LEN + ENUM_LEN + ssl->suites->suiteSz +
args->length = VERSION_SZ + RAN_LEN + ENUM_LEN + suites->suiteSz +
SUITE_LEN + COMP_LEN + ENUM_LEN;
#ifdef WOLFSSL_QUIC
if (WOLFSSL_IS_QUIC(ssl)) {
@@ -4101,18 +4104,18 @@ int SendTls13ClientHello(WOLFSSL* ssl)
#endif /* WOLFSSL_DTLS13 */
/* Cipher suites */
c16toa(ssl->suites->suiteSz, args->output + args->idx);
c16toa(suites->suiteSz, args->output + args->idx);
args->idx += OPAQUE16_LEN;
XMEMCPY(args->output + args->idx, &ssl->suites->suites,
ssl->suites->suiteSz);
args->idx += ssl->suites->suiteSz;
XMEMCPY(args->output + args->idx, &suites->suites,
suites->suiteSz);
args->idx += suites->suiteSz;
#ifdef WOLFSSL_DEBUG_TLS
{
int ii;
WOLFSSL_MSG("Ciphers:");
for (ii = 0 ; ii < ssl->suites->suiteSz; ii += 2) {
WOLFSSL_MSG(GetCipherNameInternal(ssl->suites->suites[ii+0],
ssl->suites->suites[ii+1]));
for (ii = 0 ; ii < suites->suiteSz; ii += 2) {
WOLFSSL_MSG(GetCipherNameInternal(suites->suites[ii+0],
suites->suites[ii+1]));
}
}
#endif
@@ -4956,6 +4959,9 @@ static void RefineSuites(WOLFSSL* ssl, Suites* peerSuites)
word16 i;
word16 j;
if (AllocateSuites(ssl) != 0)
return;
XMEMSET(suites, 0, WOLFSSL_MAX_SUITE_SZ);
if (!ssl->options.useClientOrder) {
@@ -5018,7 +5024,7 @@ static void RefineSuites(WOLFSSL* ssl, Suites* peerSuites)
* @return 1 when a match found - but check error code.
* @return 0 when no match found.
*/
static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err)
static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, const byte* suite, int* err)
{
int ret = 0;
int found = 0;
@@ -5054,9 +5060,13 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err)
found = (suite[0] == cipherSuite0) && (suite[1] == cipherSuite);
#else
/* Check whether PSK ciphersuite is in SSL. */
suite[0] = cipherSuite0;
suite[1] = cipherSuite;
found = FindSuiteSSL(ssl, suite);
{
byte s[2] = {
cipherSuite0,
cipherSuite,
};
found = FindSuiteSSL(ssl, s);
}
#endif
}
if ((ret == 0) && found) {
@@ -5073,8 +5083,8 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err)
}
if ((ret == 0) && found) {
/* Set PSK ciphersuite into SSL. */
ssl->options.cipherSuite0 = suite[0];
ssl->options.cipherSuite = suite[1];
ssl->options.cipherSuite0 = cipherSuite0;
ssl->options.cipherSuite = cipherSuite;
ret = SetCipherSpecs(ssl);
}
if ((ret == 0) && found) {
@@ -5104,7 +5114,7 @@ static int FindPsk(WOLFSSL* ssl, PreSharedKey* psk, byte* suite, int* err)
* returns 0 on success and otherwise failure.
*/
static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 inputSz,
byte* suite, int* usingPSK, int* first)
const byte* suite, int* usingPSK, int* first)
{
int ret = 0;
TLSX* ext;
@@ -5194,11 +5204,15 @@ static int DoPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 inputSz,
continue;
}
#else
suite[0] = ssl->session->cipherSuite0;
suite[1] = ssl->session->cipherSuite;
if (!FindSuiteSSL(ssl, suite)) {
current = current->next;
continue;
{
byte s[2] = {
ssl->session->cipherSuite0,
ssl->session->cipherSuite,
};
if (!FindSuiteSSL(ssl, s)) {
current = current->next;
continue;
}
}
#endif
@@ -5326,6 +5340,7 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
int first = 0;
#ifndef WOLFSSL_PSK_ONE_ID
int i;
const Suites* suites = WOLFSSL_SUITES(ssl);
#else
byte suite[2];
#endif
@@ -5370,9 +5385,9 @@ static int CheckPreSharedKeys(WOLFSSL* ssl, const byte* input, word32 helloSz,
/* Server list has only common suites from refining in server or client
* order. */
for (i = 0; !(*usingPSK) && i < ssl->suites->suiteSz; i += 2) {
for (i = 0; !(*usingPSK) && i < suites->suiteSz; i += 2) {
ret = DoPreSharedKeys(ssl, input, helloSz - bindersLen,
ssl->suites->suites + i, usingPSK, &first);
suites->suites + i, usingPSK, &first);
if (ret != 0) {
return ret;
}
@@ -7727,7 +7742,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
else {
ERROR_OUT(ALGO_ID_E, exit_scv);
}
EncodeSigAlg(ssl->suites->hashAlgo, args->sigAlgo, args->verify);
EncodeSigAlg(ssl->options.hashAlgo, args->sigAlgo, args->verify);
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
int sigLen = MAX_SIG_DATA_SZ;
@@ -7760,7 +7775,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
}
ret = CreateRSAEncodedSig(sig->buffer, args->sigData,
args->sigDataSz, args->sigAlgo, ssl->suites->hashAlgo);
args->sigDataSz, args->sigAlgo, ssl->options.hashAlgo);
if (ret < 0)
goto exit_scv;
sig->length = ret;
@@ -7775,7 +7790,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
sig->length = args->sendSz - args->idx - HASH_SIG_SIZE -
VERIFY_HEADER;
ret = CreateECCEncodedSig(args->sigData,
args->sigDataSz, ssl->suites->hashAlgo);
args->sigDataSz, ssl->options.hashAlgo);
if (ret < 0)
goto exit_scv;
args->sigDataSz = (word16)ret;
@@ -7886,7 +7901,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
if (ssl->hsType == DYNAMIC_TYPE_RSA) {
ret = RsaSign(ssl, sig->buffer, (word32)sig->length,
args->verify + HASH_SIG_SIZE + VERIFY_HEADER, &args->sigLen,
args->sigAlgo, ssl->suites->hashAlgo,
args->sigAlgo, ssl->options.hashAlgo,
(RsaKey*)ssl->hsKey,
ssl->buffers.key
);
@@ -7920,7 +7935,7 @@ static int SendTls13CertificateVerify(WOLFSSL* ssl)
/* check for signature faults */
ret = VerifyRsaSign(ssl, args->sigData, args->sigLen,
sig->buffer, (word32)sig->length, args->sigAlgo,
ssl->suites->hashAlgo, (RsaKey*)ssl->hsKey,
ssl->options.hashAlgo, (RsaKey*)ssl->hsKey,
ssl->buffers.key
);
}
@@ -11657,6 +11672,8 @@ void wolfSSL_set_psk_client_cs_callback(WOLFSSL* ssl,
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
if (AllocateSuites(ssl) != 0)
return;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -11708,6 +11725,8 @@ void wolfSSL_set_psk_client_tls13_callback(WOLFSSL* ssl,
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
if (AllocateSuites(ssl) != 0)
return;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -11756,6 +11775,8 @@ void wolfSSL_set_psk_server_tls13_callback(WOLFSSL* ssl,
#ifndef NO_CERTS
keySz = ssl->buffers.keySz;
#endif
if (AllocateSuites(ssl) != 0)
return;
InitSuites(ssl->suites, ssl->version, keySz, haveRSA, TRUE,
ssl->options.haveDH, ssl->options.haveECDSAsig,
ssl->options.haveECC, TRUE, ssl->options.haveStaticECC,
@@ -11775,6 +11796,7 @@ const char* wolfSSL_get_cipher_name_by_hash(WOLFSSL* ssl, const char* hash)
const char* name = NULL;
byte mac = no_mac;
int i;
const Suites* suites = WOLFSSL_SUITES(ssl);
if (XSTRCMP(hash, "SHA256") == 0) {
mac = sha256_mac;
@@ -11783,10 +11805,10 @@ const char* wolfSSL_get_cipher_name_by_hash(WOLFSSL* ssl, const char* hash)
mac = sha384_mac;
}
if (mac != no_mac) {
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
if (SuiteMac(ssl->suites->suites + i) == mac) {
name = GetCipherNameInternal(ssl->suites->suites[i + 0],
ssl->suites->suites[i + 1]);
for (i = 0; i < suites->suiteSz; i += 2) {
if (SuiteMac(suites->suites + i) == mac) {
name = GetCipherNameInternal(suites->suites[i + 0],
suites->suites[i + 1]);
break;
}
}

11
tests/api.c
View File

@@ -50862,10 +50862,13 @@ static int test_tls13_cipher_suites(void)
wolfSSL_SetIOReadCtx(ssl, &msg);
/* Force server to have as many occurrences of same cipher suite as
* possible. */
ssl->suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
for (i = 0; i < ssl->suites->suiteSz; i += 2) {
ssl->suites->suites[i + 0] = TLS13_BYTE;
ssl->suites->suites[i + 1] = TLS_AES_128_GCM_SHA256;
{
Suites* suites = (Suites*)WOLFSSL_SUITES(ssl);
suites->suiteSz = WOLFSSL_MAX_SUITE_SZ;
for (i = 0; i < suites->suiteSz; i += 2) {
suites->suites[i + 0] = TLS13_BYTE;
suites->suites[i + 1] = TLS_AES_128_GCM_SHA256;
}
}
/* Test multiple occurrences of same cipher suite. */
wolfSSL_accept_TLSv13(ssl);

29
wolfssl/internal.h
View File

@@ -1940,7 +1940,7 @@ WOLFSSL_LOCAL int DoApplicationData(WOLFSSL* ssl, byte* input, word32* inOutIdx,
WOLFSSL_LOCAL int HandleTlsResumption(WOLFSSL* ssl, int bogusID,
Suites* clSuites);
#ifdef WOLFSSL_TLS13
WOLFSSL_LOCAL byte SuiteMac(byte* suite);
WOLFSSL_LOCAL byte SuiteMac(const byte* suite);
#endif
WOLFSSL_LOCAL int DoClientHello(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
word32 helloSz);
@@ -2118,17 +2118,14 @@ struct Suites {
byte suites[WOLFSSL_MAX_SUITE_SZ];
byte hashSigAlgo[WOLFSSL_MAX_SIGALGO]; /* sig/algo to offer */
byte setSuites; /* user set suites from default */
byte hashAlgo; /* selected hash algorithm */
byte sigAlgo; /* selected sig algorithm */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLF_STACK_OF(WOLFSSL_CIPHER)* stack; /* stack of available cipher suites */
#endif
};
WOLFSSL_LOCAL void InitSuitesHashSigAlgo(Suites* suites, int haveECDSAsig,
int haveRSAsig, int haveFalconSig,
int haveDilithiumSig, int haveAnon,
int tls1_2, int keySz);
int tls1_2, int keySz, word16* len);
WOLFSSL_LOCAL int AllocateCtxSuites(WOLFSSL_CTX* ctx);
WOLFSSL_LOCAL int AllocateSuites(WOLFSSL* ssl);
WOLFSSL_LOCAL void InitSuites(Suites* suites, ProtocolVersion pv, int keySz,
word16 haveRSA, word16 havePSK, word16 haveDH,
word16 haveECDSAsig, word16 haveECC,
@@ -4218,9 +4215,6 @@ typedef struct Options {
word16 dhKeyTested:1; /* Set when key has been tested. */
#endif
#endif
#ifdef SINGLE_THREADED
word16 ownSuites:1; /* if suites are malloced in ssl object */
#endif
#ifdef HAVE_ENCRYPT_THEN_MAC
word16 disallowEncThenMac:1; /* Don't do Encrypt-Then-MAC */
word16 encThenMac:1; /* Doing Encrypt-Then-MAC */
@@ -4245,6 +4239,8 @@ typedef struct Options {
byte processReply; /* nonblocking resume */
byte cipherSuite0; /* first byte, normally 0 */
byte cipherSuite; /* second byte, actual suite */
byte hashAlgo; /* selected hash algorithm */
byte sigAlgo; /* selected sig algorithm */
byte serverState;
byte clientState;
byte handShakeState;
@@ -4845,10 +4841,21 @@ typedef struct Dtls13Rtx {
typedef struct CIDInfo CIDInfo;
#endif /* WOLFSSL_DTLS_CID */
/* The idea is to re-use the context suites object whenever possible to save
* space. */
#define WOLFSSL_SUITES(ssl) \
((const Suites*) (ssl->suites != NULL ? ssl->suites : ssl->ctx->suites))
/* wolfSSL ssl type */
struct WOLFSSL {
WOLFSSL_CTX* ctx;
Suites* suites; /* only need during handshake */
Suites* suites; /* Only need during handshake. Can be NULL when
* re-using the context's object. When WOLFSSL
* object needs separate instance of suites use
* AllocateSuites(). */
#if defined(OPENSSL_ALL) || defined(WOLFSSL_NGINX) || defined(WOLFSSL_HAPROXY)
WOLF_STACK_OF(WOLFSSL_CIPHER)* suitesStack; /* stack of available cipher suites */
#endif
Arrays* arrays;
#ifdef WOLFSSL_TLS13
byte clientSecret[SECRET_LEN];