yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-23 22:30:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #5536 from mpg/fix-ecdh-psa-2.28

Browse source 
[Backport 2.28] Fix PSA-based ECDH in TLS 1.2
This commit is contained in:
Manuel Pégourié-Gonnard 2022-02-15 09:09:13 +01:00 committed by GitHub
parent 97f188289d 0178487fb2
commit 617fb004fd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog.d/use-psa-ecdhe-curve.txt Normal file
View file

@ -0,0 +1,7 @@
Bugfix
* Fix a bug in (D)TLS curve negotiation: when MBEDTLS_USE_PSA_CRYPTO was
enabled and an ECDHE-ECDSA or ECDHE-RSA key exchange was used, the
client would fail to check that the curve selected by the server for
ECDHE was indeed one that was offered. As a result, the client would
accept any curve that it supported, even if that curve was not allowed
according to its configuration.

1
include/mbedtls/ssl_internal.h
View file

@ -1112,6 +1112,7 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
#if defined(MBEDTLS_ECP_C) #if defined(MBEDTLS_ECP_C)
int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id ); int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id );
#endif #endif
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)

4
library/ssl_cli.c
View file

@ -2703,6 +2703,10 @@ static int ssl_parse_server_ecdh_params_psa( mbedtls_ssl_context *ssl,
tls_id <<= 8; tls_id <<= 8;
tls_id |= *(*p)++; tls_id |= *(*p)++;
/* Check it's a curve we offered */
if( mbedtls_ssl_check_curve_tls_id( ssl, tls_id ) != 0 )
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
/* Convert EC group to PSA key type. */ /* Convert EC group to PSA key type. */
if( ( handshake->ecdh_psa_type = if( ( handshake->ecdh_psa_type =
mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 ) mbedtls_psa_parse_tls_ecc_group( tls_id, &ecdh_bits ) ) == 0 )

12
library/ssl_tls.c
View file

@ -7326,6 +7326,18 @@ int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_i
return( -1 ); return( -1 );
} }
/*
* Same as mbedtls_ssl_check_curve() but takes a TLS ID for the curve.
*/
int mbedtls_ssl_check_curve_tls_id( const mbedtls_ssl_context *ssl, uint16_t tls_id )
{
const mbedtls_ecp_curve_info *curve_info =
mbedtls_ecp_curve_info_from_tls_id( tls_id );
if( curve_info == NULL )
return( -1 );
return( mbedtls_ssl_check_curve( ssl, curve_info->grp_id ) );
}
#endif /* MBEDTLS_ECP_C */ #endif /* MBEDTLS_ECP_C */
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) #if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)