diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 5df5eb1b5..0e5c1fe98 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -851,14 +851,15 @@ struct mbedtls_ssl_session unsigned char master[48]; /*!< the master secret */ #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */ -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /*! The digest of the peer's end-CRT. This must be kept to detect CRT * changes during renegotiation, mitigating the triple handshake attack. */ unsigned char *peer_cert_digest; size_t peer_cert_digest_len; mbedtls_md_type_t peer_cert_digest_type; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif /* MBEDTLS_X509_CRT_PARSE_C */ uint32_t verify_result; /*!< verification result */ diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h index 52ba0948c..84254d3d1 100644 --- a/include/mbedtls/ssl_cache.h +++ b/include/mbedtls/ssl_cache.h @@ -70,7 +70,8 @@ struct mbedtls_ssl_cache_entry mbedtls_time_t timestamp; /*!< entry timestamp */ #endif mbedtls_ssl_session session; /*!< entry session */ -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) mbedtls_x509_buf peer_cert; /*!< entry peer_cert */ #endif mbedtls_ssl_cache_entry *next; /*!< chain pointer */ diff --git a/library/ssl_cache.c b/library/ssl_cache.c index f5425944e..62a0a2987 100644 --- a/library/ssl_cache.c +++ b/library/ssl_cache.c @@ -100,7 +100,8 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* * Restore peer certificate (without rest of the original chain) */ @@ -127,7 +128,7 @@ int mbedtls_ssl_cache_get( void *data, mbedtls_ssl_session *session ) goto exit; } } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ ret = 0; goto exit; @@ -247,7 +248,8 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) #endif } -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* * If we're reusing an entry, free its certificate first */ @@ -256,7 +258,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) mbedtls_free( cur->peer_cert.p ); memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) ); } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Copy the entire session; this temporarily makes a copy of the * X.509 CRT structure even though we only want to store the raw CRT. @@ -270,7 +272,8 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) goto exit; } -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) /* If present, free the X.509 structure and only store the raw CRT data. */ if( cur->session.peer_cert != NULL ) { @@ -291,7 +294,7 @@ int mbedtls_ssl_cache_set( void *data, const mbedtls_ssl_session *session ) mbedtls_free( cur->session.peer_cert ); cur->session.peer_cert = NULL; } -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ ret = 0; @@ -333,9 +336,10 @@ void mbedtls_ssl_cache_free( mbedtls_ssl_cache_context *cache ) mbedtls_ssl_session_free( &prv->session ); -#if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_X509_CRT_PARSE_C) && \ + defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) mbedtls_free( prv->peer_cert.p ); -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ mbedtls_free( prv ); } diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 5e39579fb..63b79a633 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -9104,7 +9104,9 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, uint64_t start; #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) size_t cert_len; +#endif #endif /* @@ -9175,6 +9177,7 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, * Peer's end-entity certificate */ #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) if( session->peer_cert == NULL ) cert_len = 0; else @@ -9195,8 +9198,8 @@ int mbedtls_ssl_session_save( const mbedtls_ssl_session *session, } } +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Digest of peer certificate */ -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) if( session->peer_cert_digest != NULL ) { used += 1 /* type */ + 1 /* length */ + session->peer_cert_digest_len; @@ -9295,8 +9298,10 @@ static int ssl_session_load( mbedtls_ssl_session *session, uint64_t start; #endif #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) size_t cert_len; -#endif /* MBEDTLS_X509_CRT_PARSE_C */ +#endif +#endif /* * Check version identifier @@ -9359,10 +9364,11 @@ static int ssl_session_load( mbedtls_ssl_session *session, /* Immediately clear invalid pointer values that have been read, in case * we exit early before we replaced them with valid ones. */ #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) session->peer_cert = NULL; -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +#else session->peer_cert_digest = NULL; -#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ +#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ #endif #if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C) session->ticket = NULL; @@ -9372,6 +9378,7 @@ static int ssl_session_load( mbedtls_ssl_session *session, * Peer certificate */ #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) if( 3 > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); @@ -9407,8 +9414,7 @@ static int ssl_session_load( mbedtls_ssl_session *session, p += cert_len; } - -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +#else /* defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Deserialize CRT digest from the end of the ticket. */ if( 2 > (size_t)( end - p ) ) return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA ); diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function index 77a6afb5e..b59c204e2 100644 --- a/tests/suites/test_suite_ssl.function +++ b/tests/suites/test_suite_ssl.function @@ -311,14 +311,14 @@ static int ssl_populate_session( mbedtls_ssl_session *session, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE; session->peer_cert_digest_len = MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN; -#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ - +#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ /* Move temporary CRT. */ session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) ); if( session->peer_cert == NULL ) return( -1 ); *session->peer_cert = tmp_crt; memset( &tmp_crt, 0, sizeof( tmp_crt ) ); +#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ mbedtls_x509_crt_free( &tmp_crt ); } @@ -706,6 +706,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) restored.master, sizeof( original.master ) ) == 0 ); #if defined(MBEDTLS_X509_CRT_PARSE_C) +#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) TEST_ASSERT( ( original.peer_cert == NULL ) == ( restored.peer_cert == NULL ) ); if( original.peer_cert != NULL ) @@ -716,7 +717,7 @@ void ssl_serialize_session_save_load( int ticket_len, char *crt_file ) restored.peer_cert->raw.p, original.peer_cert->raw.len ) == 0 ); } -#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE) +#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */ TEST_ASSERT( original.peer_cert_digest_type == restored.peer_cert_digest_type ); TEST_ASSERT( original.peer_cert_digest_len ==