mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-25 20:21:10 +00:00
Merge branch 'profiles' into development
* profiles: Update Changelog for the profiles branch Add SSL presets. Implement sig_hashes Create API for mbedtls_ssl_conf_sig_hashes(). Small internal changes in curve checking Extra check in verify_with_profile() Clarify a point in the documentation Fix define for ssl_conf_curves() Add mbedtls_ssl_conf_cert_profile() Implement cert profile checking Change data structure of profiles to bitfields Add pre-defined profiles for cert verification Create cert profile API (unimplemented yet) Remove duplicated tests for x509_verify_info() Add tests for dhm_min_bitlen Add dhmlen option in ssl_client2.c Add ssl_conf_dhm_min_bitlen()
This commit is contained in:
commit
6934afa234
12
ChangeLog
12
ChangeLog
|
@ -9,8 +9,12 @@ Features
|
||||||
ability to override the whole module.
|
ability to override the whole module.
|
||||||
* New server-side implementation of session tickets that rotate keys to
|
* New server-side implementation of session tickets that rotate keys to
|
||||||
preserve forward secrecy, and allows sharing across multiple contexts.
|
preserve forward secrecy, and allows sharing across multiple contexts.
|
||||||
* Reduced ROM fooprint of SHA-256 and added an option to reduce it even
|
* Added a concept of X.509 cerificate verification profile that controls
|
||||||
more (at the expense of performance) MBEDTLS_SHA256_SMALLER.
|
which algorithms and key sizes (curves for ECDSA) are acceptable.
|
||||||
|
* Expanded configurability of security parameters in the SSL module with
|
||||||
|
mbedtls_ssl_conf_dhm_min_bitlen() and mbedtls_ssl_conf_sig_hashes().
|
||||||
|
* Introduced a concept of presets for SSL security-relevant configuration
|
||||||
|
parameters.
|
||||||
|
|
||||||
API Changes
|
API Changes
|
||||||
* All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace.
|
* All public identifiers moved to the mbedtls_* or MBEDTLS_* namespace.
|
||||||
|
@ -129,6 +133,8 @@ Default behavior changes
|
||||||
enabled in the default configuration, this is only noticeable if using a
|
enabled in the default configuration, this is only noticeable if using a
|
||||||
custom config.h
|
custom config.h
|
||||||
* Default DHM parameters server-side upgraded from 1024 to 2048 bits.
|
* Default DHM parameters server-side upgraded from 1024 to 2048 bits.
|
||||||
|
* A minimum RSA key size of 2048 bits is now enforced during ceritificate
|
||||||
|
chain verification.
|
||||||
* Negotiation of truncated HMAC is now disabled by default on server too.
|
* Negotiation of truncated HMAC is now disabled by default on server too.
|
||||||
* The following functions are now case-sensitive:
|
* The following functions are now case-sensitive:
|
||||||
mbedtls_cipher_info_from_string()
|
mbedtls_cipher_info_from_string()
|
||||||
|
@ -157,6 +163,8 @@ API changes from the 1.4 preview branch
|
||||||
Changes
|
Changes
|
||||||
* mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
|
* mbedtls_ctr_drbg_random() and mbedtls_hmac_drbg_random() are now
|
||||||
thread-safe if MBEDTLS_THREADING_C is enabled.
|
thread-safe if MBEDTLS_THREADING_C is enabled.
|
||||||
|
* Reduced ROM fooprint of SHA-256 and added an option to reduce it even
|
||||||
|
more (at the expense of performance) MBEDTLS_SHA256_SMALLER.
|
||||||
|
|
||||||
= mbed TLS 1.3 branch
|
= mbed TLS 1.3 branch
|
||||||
|
|
||||||
|
|
|
@ -585,9 +585,6 @@
|
||||||
#if defined MBEDTLS_SSL_SESSION_TICKETS
|
#if defined MBEDTLS_SSL_SESSION_TICKETS
|
||||||
#define POLARSSL_SSL_SESSION_TICKETS MBEDTLS_SSL_SESSION_TICKETS
|
#define POLARSSL_SSL_SESSION_TICKETS MBEDTLS_SSL_SESSION_TICKETS
|
||||||
#endif
|
#endif
|
||||||
#if defined MBEDTLS_SSL_SET_CURVES
|
|
||||||
#define POLARSSL_SSL_SET_CURVES MBEDTLS_SSL_SET_CURVES
|
|
||||||
#endif
|
|
||||||
#if defined MBEDTLS_SSL_SRV_C
|
#if defined MBEDTLS_SSL_SRV_C
|
||||||
#define POLARSSL_SSL_SRV_C MBEDTLS_SSL_SRV_C
|
#define POLARSSL_SSL_SRV_C MBEDTLS_SSL_SRV_C
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -1154,20 +1154,6 @@
|
||||||
*/
|
*/
|
||||||
#define MBEDTLS_SSL_TRUNCATED_HMAC
|
#define MBEDTLS_SSL_TRUNCATED_HMAC
|
||||||
|
|
||||||
/**
|
|
||||||
* \def MBEDTLS_SSL_SET_CURVES
|
|
||||||
*
|
|
||||||
* Enable mbedtls_ssl_conf_curves().
|
|
||||||
*
|
|
||||||
* This is disabled by default since it breaks binary compatibility with the
|
|
||||||
* 1.3.x line. If you choose to enable it, you will need to rebuild your
|
|
||||||
* application against the new header files, relinking will not be enough.
|
|
||||||
* It will be enabled by default, or no longer an option, in the 1.4 branch.
|
|
||||||
*
|
|
||||||
* Uncomment to make mbedtls_ssl_conf_curves() available.
|
|
||||||
*/
|
|
||||||
//#define MBEDTLS_SSL_SET_CURVES
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \def MBEDTLS_THREADING_ALT
|
* \def MBEDTLS_THREADING_ALT
|
||||||
*
|
*
|
||||||
|
|
|
@ -70,6 +70,12 @@
|
||||||
#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
|
#define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
||||||
|
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
||||||
|
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
||||||
|
#define MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* SSL Error codes
|
* SSL Error codes
|
||||||
*/
|
*/
|
||||||
|
@ -190,6 +196,9 @@
|
||||||
#define MBEDTLS_SSL_ARC4_ENABLED 0
|
#define MBEDTLS_SSL_ARC4_ENABLED 0
|
||||||
#define MBEDTLS_SSL_ARC4_DISABLED 1
|
#define MBEDTLS_SSL_ARC4_DISABLED 1
|
||||||
|
|
||||||
|
#define MBEDTLS_SSL_PRESET_DEFAULT 0
|
||||||
|
#define MBEDTLS_SSL_PRESET_SUITEB 2
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Default range for DTLS retransmission timer value, in milliseconds.
|
* Default range for DTLS retransmission timer value, in milliseconds.
|
||||||
* RFC 6347 4.2.4.1 says from 1 second to 60 seconds.
|
* RFC 6347 4.2.4.1 says from 1 second to 60 seconds.
|
||||||
|
@ -529,12 +538,17 @@ struct mbedtls_ssl_config
|
||||||
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
|
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_SRV_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
const mbedtls_x509_crt_profile *cert_profile; /*!< verification profile */
|
||||||
mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */
|
mbedtls_ssl_key_cert *key_cert; /*!< own certificate/key pair(s) */
|
||||||
mbedtls_x509_crt *ca_chain; /*!< trusted CAs */
|
mbedtls_x509_crt *ca_chain; /*!< trusted CAs */
|
||||||
mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */
|
mbedtls_x509_crl *ca_crl; /*!< trusted CAs CRLs */
|
||||||
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
#endif /* MBEDTLS_X509_CRT_PARSE_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
const int *sig_hashes; /*!< allowed signature hashes */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */
|
const mbedtls_ecp_group_id *curve_list; /*!< allowed curves */
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -577,6 +591,10 @@ struct mbedtls_ssl_config
|
||||||
unsigned int badmac_limit; /*!< limit of records with a bad MAC */
|
unsigned int badmac_limit; /*!< limit of records with a bad MAC */
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
|
||||||
|
unsigned int dhm_min_bitlen; /*!< min. bit length of the DHM prime */
|
||||||
|
#endif
|
||||||
|
|
||||||
unsigned char max_major_ver; /*!< max. major version used */
|
unsigned char max_major_ver; /*!< max. major version used */
|
||||||
unsigned char max_minor_ver; /*!< max. minor version used */
|
unsigned char max_minor_ver; /*!< max. minor version used */
|
||||||
unsigned char min_major_ver; /*!< min. major version used */
|
unsigned char min_major_ver; /*!< min. major version used */
|
||||||
|
@ -1347,6 +1365,15 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
|
||||||
int major, int minor );
|
int major, int minor );
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
/**
|
||||||
|
* \brief Set the X.509 security profile used for verification
|
||||||
|
*
|
||||||
|
* \param conf SSL configuration
|
||||||
|
* \param profile Profile to use
|
||||||
|
*/
|
||||||
|
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
|
||||||
|
mbedtls_x509_crt_profile *profile );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Set the data required to verify peer certificate
|
* \brief Set the data required to verify peer certificate
|
||||||
*
|
*
|
||||||
|
@ -1477,7 +1504,20 @@ int mbedtls_ssl_conf_dh_param( mbedtls_ssl_config *conf, const char *dhm_P, cons
|
||||||
int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
|
int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context *dhm_ctx );
|
||||||
#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
|
#endif /* MBEDTLS_DHM_C && defined(MBEDTLS_SSL_SRV_C) */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
|
||||||
|
/**
|
||||||
|
* \brief Set the minimum length for Diffie-Hellman parameters.
|
||||||
|
* (Client-side only.)
|
||||||
|
* (Default: 1024 bits.)
|
||||||
|
*
|
||||||
|
* \param conf SSL configuration
|
||||||
|
* \param bitlen Minimum bit length of the DHM prime
|
||||||
|
*/
|
||||||
|
void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
|
||||||
|
unsigned int bitlen );
|
||||||
|
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
/**
|
/**
|
||||||
* \brief Set the allowed curves in order of preference.
|
* \brief Set the allowed curves in order of preference.
|
||||||
* (Default: all defined curves.)
|
* (Default: all defined curves.)
|
||||||
|
@ -1490,14 +1530,49 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
|
||||||
* use. The server can override our preference order.
|
* use. The server can override our preference order.
|
||||||
*
|
*
|
||||||
* Both sides: limits the set of curves used by peer to the
|
* Both sides: limits the set of curves used by peer to the
|
||||||
* listed curves for any use (ECDH(E), certificates).
|
* listed curves for any use ECDHE and the end-entity
|
||||||
|
* certificate.
|
||||||
|
*
|
||||||
|
* \note This has no influence on which curve are allowed inside the
|
||||||
|
* certificate chains, see \c mbedtls_ssl_conf_cert_profile()
|
||||||
|
* for that. For example, if the peer's certificate chain is
|
||||||
|
* EE -> CA_int -> CA_root, then the allowed curves for EE are
|
||||||
|
* controlled by \c mbedtls_ssl_conf_curves() but for CA_int
|
||||||
|
* and CA_root it's \c mbedtls_ssl_conf_cert_profile().
|
||||||
|
*
|
||||||
|
* \note This list should be ordered by decreasing preference
|
||||||
|
* (preferred curve first).
|
||||||
*
|
*
|
||||||
* \param conf SSL configuration
|
* \param conf SSL configuration
|
||||||
* \param curves Ordered list of allowed curves,
|
* \param curves Ordered list of allowed curves,
|
||||||
* terminated by MBEDTLS_ECP_DP_NONE.
|
* terminated by MBEDTLS_ECP_DP_NONE.
|
||||||
*/
|
*/
|
||||||
void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf, const mbedtls_ecp_group_id *curves );
|
void mbedtls_ssl_conf_curves( mbedtls_ssl_config *conf,
|
||||||
#endif /* MBEDTLS_SSL_SET_CURVES */
|
const mbedtls_ecp_group_id *curves );
|
||||||
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
/**
|
||||||
|
* \brief Set the allowed hashes for signatures during the handshake.
|
||||||
|
* (Default: all available hashes.)
|
||||||
|
*
|
||||||
|
* \note This only affects which hashes are offered and can be used
|
||||||
|
* for signatures during the handshake. Hashes for message
|
||||||
|
* authentication and the TLS PRF are controlled by the
|
||||||
|
* ciphersuite, see \c mbedtls_ssl_conf_ciphersuites(). Hashes
|
||||||
|
* used for certificate signature are controlled by the
|
||||||
|
* verification profile, see \c mbedtls_ssl_conf_cert_profile().
|
||||||
|
*
|
||||||
|
* \note This list should be ordered by decreasing preference
|
||||||
|
* (preferred hash first).
|
||||||
|
*
|
||||||
|
* \param conf SSL configuration
|
||||||
|
* \param hashes Ordered list of allowed signature hashes,
|
||||||
|
* terminated by \c MBEDTLS_MD_NONE.
|
||||||
|
*/
|
||||||
|
void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
|
||||||
|
const int *hashes );
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
/**
|
/**
|
||||||
|
@ -2093,6 +2168,8 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
|
||||||
* \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
|
* \param endpoint MBEDTLS_SSL_IS_CLIENT or MBEDTLS_SSL_IS_SERVER
|
||||||
* \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
|
* \param transport MBEDTLS_SSL_TRANSPORT_STREAM for TLS, or
|
||||||
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
|
* MBEDTLS_SSL_TRANSPORT_DATAGRAM for DTLS
|
||||||
|
* \param preset a MBEDTLS_SSL_PRESET_XXX value
|
||||||
|
* (currently unused).
|
||||||
*
|
*
|
||||||
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
|
* \note See \c mbedtls_ssl_conf_transport() for notes on DTLS.
|
||||||
*
|
*
|
||||||
|
@ -2100,7 +2177,7 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf );
|
||||||
* MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
|
* MBEDTLS_ERR_XXX_ALLOC_FAILED on memory allocation error.
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
||||||
int endpoint, int transport );
|
int endpoint, int transport, int preset );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Free an SSL configuration context
|
* \brief Free an SSL configuration context
|
||||||
|
|
|
@ -374,9 +374,15 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
|
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash );
|
||||||
|
unsigned char mbedtls_ssl_hash_from_md_alg( int md );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
int mbedtls_ssl_curve_is_acceptable( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
|
int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
|
||||||
|
mbedtls_md_type_t md );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
|
|
@ -97,6 +97,13 @@
|
||||||
#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */
|
#define MBEDTLS_X509_BADCERT_KEY_USAGE 0x0800 /**< Usage does not match the keyUsage extension. */
|
||||||
#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */
|
#define MBEDTLS_X509_BADCERT_EXT_KEY_USAGE 0x1000 /**< Usage does not match the extendedKeyUsage extension. */
|
||||||
#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */
|
#define MBEDTLS_X509_BADCERT_NS_CERT_TYPE 0x2000 /**< Usage does not match the nsCertType extension. */
|
||||||
|
#define MBEDTLS_X509_BADCERT_BAD_MD 0x4000 /**< The certificate is signed with an unacceptable hash. */
|
||||||
|
#define MBEDTLS_X509_BADCERT_BAD_PK 0x8000 /**< The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
|
||||||
|
#define MBEDTLS_X509_BADCERT_BAD_KEY 0x010000 /**< The certificate is signed with an unacceptable key (eg bad curve, RSA too short). */
|
||||||
|
#define MBEDTLS_X509_BADCRL_BAD_MD 0x020000 /**< The CRL is signed with an unacceptable hash. */
|
||||||
|
#define MBEDTLS_X509_BADCRL_BAD_PK 0x040000 /**< The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA). */
|
||||||
|
#define MBEDTLS_X509_BADCRL_BAD_KEY 0x080000 /**< The CRL is signed with an unacceptable key (eg bad curve, RSA too short). */
|
||||||
|
|
||||||
/* \} name */
|
/* \} name */
|
||||||
/* \} addtogroup x509_module */
|
/* \} addtogroup x509_module */
|
||||||
|
|
||||||
|
|
|
@ -94,6 +94,26 @@ typedef struct mbedtls_x509_crt
|
||||||
}
|
}
|
||||||
mbedtls_x509_crt;
|
mbedtls_x509_crt;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Build flag from an algorithm/curve identifier (pk, md, ecp)
|
||||||
|
* Since 0 is always XXX_NONE, ignore it.
|
||||||
|
*/
|
||||||
|
#define MBEDTLS_X509_ID_FLAG( id ) ( 1 << ( id - 1 ) )
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Security profile for certificate verification.
|
||||||
|
*
|
||||||
|
* All lists are bitfields, built by ORing flags from MBEDTLS_X509_ID_FLAG().
|
||||||
|
*/
|
||||||
|
typedef struct
|
||||||
|
{
|
||||||
|
uint32_t allowed_mds; /**< MDs for signatures */
|
||||||
|
uint32_t allowed_pks; /**< PK algs for signatures */
|
||||||
|
uint32_t allowed_curves; /**< Elliptic curves for ECDSA */
|
||||||
|
uint32_t rsa_min_bitlen; /**< Minimum size for RSA keys */
|
||||||
|
}
|
||||||
|
mbedtls_x509_crt_profile;
|
||||||
|
|
||||||
#define MBEDTLS_X509_CRT_VERSION_1 0
|
#define MBEDTLS_X509_CRT_VERSION_1 0
|
||||||
#define MBEDTLS_X509_CRT_VERSION_2 1
|
#define MBEDTLS_X509_CRT_VERSION_2 1
|
||||||
#define MBEDTLS_X509_CRT_VERSION_3 2
|
#define MBEDTLS_X509_CRT_VERSION_3 2
|
||||||
|
@ -120,6 +140,23 @@ typedef struct mbedtls_x509write_cert
|
||||||
mbedtls_x509write_cert;
|
mbedtls_x509write_cert;
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
/**
|
||||||
|
* Default security profile. Should provide a good balance between security
|
||||||
|
* and compatibility with current deployments.
|
||||||
|
*/
|
||||||
|
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Expected next default profile. Recommended for new deployments.
|
||||||
|
* Currently targets a 128-bit security level, except for RSA-2048.
|
||||||
|
*/
|
||||||
|
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* NSA Suite B profile.
|
||||||
|
*/
|
||||||
|
extern const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* \brief Parse a single DER formatted certificate and add it
|
* \brief Parse a single DER formatted certificate and add it
|
||||||
* to the chained list.
|
* to the chained list.
|
||||||
|
@ -232,6 +269,9 @@ int mbedtls_x509_crt_verify_info( char *buf, size_t size, const char *prefix,
|
||||||
* \note In case verification failed, the results can be displayed
|
* \note In case verification failed, the results can be displayed
|
||||||
* using \c mbedtls_x509_crt_verify_info()
|
* using \c mbedtls_x509_crt_verify_info()
|
||||||
*
|
*
|
||||||
|
* \note Same as \c mbedtls_x509_crt_verify_with_profile() with the
|
||||||
|
* default security profile.
|
||||||
|
*
|
||||||
* \param crt a certificate to be verified
|
* \param crt a certificate to be verified
|
||||||
* \param trust_ca the trusted CA chain
|
* \param trust_ca the trusted CA chain
|
||||||
* \param ca_crl the CRL chain for trusted CA's
|
* \param ca_crl the CRL chain for trusted CA's
|
||||||
|
@ -255,6 +295,41 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||||
void *p_vrfy );
|
void *p_vrfy );
|
||||||
|
|
||||||
|
/**
|
||||||
|
* \brief Verify the certificate signature according to profile
|
||||||
|
*
|
||||||
|
* \note Same as \c mbedtls_x509_crt_verify(), but with explicit
|
||||||
|
* security profile.
|
||||||
|
*
|
||||||
|
* \note The restrictions on keys (RSA minimum size, allowed curves
|
||||||
|
* for ECDSA) only applys to (intermediate) CAs, not to the
|
||||||
|
* end-entity certificate.
|
||||||
|
*
|
||||||
|
* \param crt a certificate to be verified
|
||||||
|
* \param trust_ca the trusted CA chain
|
||||||
|
* \param ca_crl the CRL chain for trusted CA's
|
||||||
|
* \param profile security profile for verification
|
||||||
|
* \param cn expected Common Name (can be set to
|
||||||
|
* NULL if the CN must not be verified)
|
||||||
|
* \param flags result of the verification
|
||||||
|
* \param f_vrfy verification function
|
||||||
|
* \param p_vrfy verification parameter
|
||||||
|
*
|
||||||
|
* \return 0 if successful or MBEDTLS_ERR_X509_CERT_VERIFY_FAILED
|
||||||
|
* in which case *flags will have one or more
|
||||||
|
* MBEDTLS_X509_BADCERT_XXX or MBEDTLS_X509_BADCRL_XXX flags
|
||||||
|
* set,
|
||||||
|
* or another error in case of a fatal error encountered
|
||||||
|
* during the verification process.
|
||||||
|
*/
|
||||||
|
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
|
||||||
|
mbedtls_x509_crt *trust_ca,
|
||||||
|
mbedtls_x509_crl *ca_crl,
|
||||||
|
const mbedtls_x509_crt_profile *profile,
|
||||||
|
const char *cn, uint32_t *flags,
|
||||||
|
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||||
|
void *p_vrfy );
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
|
#if defined(MBEDTLS_X509_CHECK_KEY_USAGE)
|
||||||
/**
|
/**
|
||||||
* \brief Check usage of certificate against keyUsage extension.
|
* \brief Check usage of certificate against keyUsage extension.
|
||||||
|
|
|
@ -124,6 +124,8 @@ typedef enum
|
||||||
*
|
*
|
||||||
* Curves are listed in order: largest curves first, and for a given size,
|
* Curves are listed in order: largest curves first, and for a given size,
|
||||||
* fastest curves first. This provides the default order for the SSL module.
|
* fastest curves first. This provides the default order for the SSL module.
|
||||||
|
*
|
||||||
|
* Reminder: update profiles in x509_crt.c when adding a new curves!
|
||||||
*/
|
*/
|
||||||
static const mbedtls_ecp_curve_info ecp_supported_curves[] =
|
static const mbedtls_ecp_curve_info ecp_supported_curves[] =
|
||||||
{
|
{
|
||||||
|
|
|
@ -54,6 +54,9 @@ static void mbedtls_zeroize( void *v, size_t n ) {
|
||||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Reminder: update profiles in x509_crt.c when adding a new hash!
|
||||||
|
*/
|
||||||
static const int supported_digests[] = {
|
static const int supported_digests[] = {
|
||||||
|
|
||||||
#if defined(MBEDTLS_SHA512_C)
|
#if defined(MBEDTLS_SHA512_C)
|
||||||
|
|
|
@ -156,6 +156,7 @@ static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl,
|
||||||
{
|
{
|
||||||
unsigned char *p = buf;
|
unsigned char *p = buf;
|
||||||
size_t sig_alg_len = 0;
|
size_t sig_alg_len = 0;
|
||||||
|
const int *md;
|
||||||
#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
|
#if defined(MBEDTLS_RSA_C) || defined(MBEDTLS_ECDSA_C)
|
||||||
unsigned char *sig_alg_list = buf + 6;
|
unsigned char *sig_alg_list = buf + 6;
|
||||||
#endif
|
#endif
|
||||||
|
@ -170,55 +171,22 @@ static void ssl_write_signature_algorithms_ext( mbedtls_ssl_context *ssl,
|
||||||
/*
|
/*
|
||||||
* Prepare signature_algorithms extension (TLS 1.2)
|
* Prepare signature_algorithms extension (TLS 1.2)
|
||||||
*/
|
*/
|
||||||
#if defined(MBEDTLS_RSA_C)
|
for( md = ssl->conf->sig_hashes; *md != MBEDTLS_MD_NONE; md++ )
|
||||||
#if defined(MBEDTLS_SHA512_C)
|
{
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA512;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA384;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
|
||||||
#endif
|
|
||||||
#if defined(MBEDTLS_SHA256_C)
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA256;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA224;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
|
||||||
#endif
|
|
||||||
#if defined(MBEDTLS_SHA1_C)
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA1;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
|
||||||
#endif
|
|
||||||
#if defined(MBEDTLS_MD5_C)
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_MD5;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
|
||||||
#endif
|
|
||||||
#endif /* MBEDTLS_RSA_C */
|
|
||||||
#if defined(MBEDTLS_ECDSA_C)
|
#if defined(MBEDTLS_ECDSA_C)
|
||||||
#if defined(MBEDTLS_SHA512_C)
|
sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md );
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA512;
|
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA384;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_SHA256_C)
|
#if defined(MBEDTLS_RSA_C)
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA256;
|
sig_alg_list[sig_alg_len++] = mbedtls_ssl_hash_from_md_alg( *md );
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_RSA;
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA224;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
|
||||||
#endif
|
#endif
|
||||||
#if defined(MBEDTLS_SHA1_C)
|
}
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_SHA1;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
|
||||||
#endif
|
|
||||||
#if defined(MBEDTLS_MD5_C)
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_HASH_MD5;
|
|
||||||
sig_alg_list[sig_alg_len++] = MBEDTLS_SSL_SIG_ECDSA;
|
|
||||||
#endif
|
|
||||||
#endif /* MBEDTLS_ECDSA_C */
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* enum {
|
* enum {
|
||||||
* none(0), mbedtls_md5(1), mbedtls_sha1(2), sha224(3), mbedtls_sha256(4), sha384(5),
|
* none(0), md5(1), sha1(2), sha224(3), sha256(4), sha384(5),
|
||||||
* mbedtls_sha512(6), (255)
|
* sha512(6), (255)
|
||||||
* } HashAlgorithm;
|
* } HashAlgorithm;
|
||||||
*
|
*
|
||||||
* enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) }
|
* enum { anonymous(0), rsa(1), dsa(2), ecdsa(3), (255) }
|
||||||
|
@ -255,7 +223,7 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *elliptic_curve_list = p + 6;
|
unsigned char *elliptic_curve_list = p + 6;
|
||||||
size_t elliptic_curve_len = 0;
|
size_t elliptic_curve_len = 0;
|
||||||
const mbedtls_ecp_curve_info *info;
|
const mbedtls_ecp_curve_info *info;
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
const mbedtls_ecp_group_id *grp_id;
|
const mbedtls_ecp_group_id *grp_id;
|
||||||
#else
|
#else
|
||||||
((void) ssl);
|
((void) ssl);
|
||||||
|
@ -265,7 +233,7 @@ static void ssl_write_supported_elliptic_curves_ext( mbedtls_ssl_context *ssl,
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported_elliptic_curves extension" ) );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ )
|
for( grp_id = ssl->conf->curve_list; *grp_id != MBEDTLS_ECP_DP_NONE; grp_id++ )
|
||||||
{
|
{
|
||||||
info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
|
info = mbedtls_ecp_curve_info_from_grp_id( *grp_id );
|
||||||
|
@ -1648,10 +1616,11 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ssl->handshake->dhm_ctx.len < 64 ||
|
if( ssl->handshake->dhm_ctx.len * 8 < ssl->conf->dhm_min_bitlen )
|
||||||
ssl->handshake->dhm_ctx.len > 512 )
|
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (DHM length)" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "DHM prime too short: %d < %d",
|
||||||
|
ssl->handshake->dhm_ctx.len * 8,
|
||||||
|
ssl->conf->dhm_min_bitlen ) );
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1682,8 +1651,8 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDH curve: %s", curve_info->name ) );
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
if( ! mbedtls_ssl_curve_is_acceptable( ssl, ssl->handshake->ecdh_ctx.grp.id ) )
|
if( mbedtls_ssl_check_curve( ssl, ssl->handshake->ecdh_ctx.grp.id ) != 0 )
|
||||||
#else
|
#else
|
||||||
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
|
if( ssl->handshake->ecdh_ctx.grp.nbits < 163 ||
|
||||||
ssl->handshake->ecdh_ctx.grp.nbits > 521 )
|
ssl->handshake->ecdh_ctx.grp.nbits > 521 )
|
||||||
|
@ -1835,9 +1804,7 @@ static int ssl_write_encrypted_pms( mbedtls_ssl_context *ssl,
|
||||||
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
|
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
|
|
||||||
static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
||||||
unsigned char **p,
|
unsigned char **p,
|
||||||
unsigned char *end,
|
unsigned char *end,
|
||||||
|
@ -1877,18 +1844,25 @@ static int ssl_parse_signature_algorithm( mbedtls_ssl_context *ssl,
|
||||||
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check if the hash is acceptable
|
||||||
|
*/
|
||||||
|
if( mbedtls_ssl_check_sig_hash( ssl, *md_alg ) != 0 )
|
||||||
|
{
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "server used HashAlgorithm "
|
||||||
|
"that was not offered" ) );
|
||||||
|
return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
|
||||||
|
}
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used SignatureAlgorithm %d", (*p)[1] ) );
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) );
|
MBEDTLS_SSL_DEBUG_MSG( 2, ( "Server used HashAlgorithm %d", (*p)[0] ) );
|
||||||
*p += 2;
|
*p += 2;
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
|
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED */
|
||||||
MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
|
|
||||||
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
|
|
||||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
#endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
|
||||||
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
|
||||||
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
|
||||||
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
static int ssl_get_ecdh_params_from_cert( mbedtls_ssl_context *ssl )
|
||||||
|
|
|
@ -211,7 +211,7 @@ static int ssl_parse_signature_algorithms_ext( mbedtls_ssl_context *ssl,
|
||||||
*
|
*
|
||||||
* So, just look at the HashAlgorithm part.
|
* So, just look at the HashAlgorithm part.
|
||||||
*/
|
*/
|
||||||
for( md_cur = mbedtls_md_list(); *md_cur != MBEDTLS_MD_NONE; md_cur++ ) {
|
for( md_cur = ssl->conf->sig_hashes; *md_cur != MBEDTLS_MD_NONE; md_cur++ ) {
|
||||||
for( p = buf + 2; p < end; p += 2 ) {
|
for( p = buf + 2; p < end; p += 2 ) {
|
||||||
if( *md_cur == (int) mbedtls_ssl_md_alg_from_hash( p[0] ) ) {
|
if( *md_cur == (int) mbedtls_ssl_md_alg_from_hash( p[0] ) ) {
|
||||||
ssl->handshake->sig_alg = p[0];
|
ssl->handshake->sig_alg = p[0];
|
||||||
|
@ -2641,7 +2641,7 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
|
||||||
* } ServerECDHParams;
|
* } ServerECDHParams;
|
||||||
*/
|
*/
|
||||||
const mbedtls_ecp_curve_info **curve = NULL;
|
const mbedtls_ecp_curve_info **curve = NULL;
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
const mbedtls_ecp_group_id *gid;
|
const mbedtls_ecp_group_id *gid;
|
||||||
|
|
||||||
/* Match our preference list against the offered curves */
|
/* Match our preference list against the offered curves */
|
||||||
|
|
|
@ -4064,10 +4064,13 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
|
||||||
/*
|
/*
|
||||||
* Main check: verify certificate
|
* Main check: verify certificate
|
||||||
*/
|
*/
|
||||||
ret = mbedtls_x509_crt_verify( ssl->session_negotiate->peer_cert,
|
ret = mbedtls_x509_crt_verify_with_profile(
|
||||||
ca_chain, ca_crl, ssl->hostname,
|
ssl->session_negotiate->peer_cert,
|
||||||
&ssl->session_negotiate->verify_result,
|
ca_chain, ca_crl,
|
||||||
ssl->conf->f_vrfy, ssl->conf->p_vrfy );
|
ssl->conf->cert_profile,
|
||||||
|
ssl->hostname,
|
||||||
|
&ssl->session_negotiate->verify_result,
|
||||||
|
ssl->conf->f_vrfy, ssl->conf->p_vrfy );
|
||||||
|
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
{
|
{
|
||||||
|
@ -4078,20 +4081,20 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
|
||||||
* Secondary checks: always done, but change 'ret' only if it was 0
|
* Secondary checks: always done, but change 'ret' only if it was 0
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
{
|
{
|
||||||
const mbedtls_pk_context *pk = &ssl->session_negotiate->peer_cert->pk;
|
const mbedtls_pk_context *pk = &ssl->session_negotiate->peer_cert->pk;
|
||||||
|
|
||||||
/* If certificate uses an EC key, make sure the curve is OK */
|
/* If certificate uses an EC key, make sure the curve is OK */
|
||||||
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) &&
|
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) &&
|
||||||
! mbedtls_ssl_curve_is_acceptable( ssl, mbedtls_pk_ec( *pk )->grp.id ) )
|
mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id ) != 0 )
|
||||||
{
|
{
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) );
|
MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad certificate (EC key curve)" ) );
|
||||||
if( ret == 0 )
|
if( ret == 0 )
|
||||||
ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
|
ret = MBEDTLS_ERR_SSL_BAD_HS_CERTIFICATE;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_SET_CURVES */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
|
||||||
if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert,
|
if( mbedtls_ssl_check_cert_usage( ssl->session_negotiate->peer_cert,
|
||||||
ciphersuite_info,
|
ciphersuite_info,
|
||||||
|
@ -5292,6 +5295,12 @@ void mbedtls_ssl_conf_ciphersuites_for_version( mbedtls_ssl_config *conf,
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
void mbedtls_ssl_conf_cert_profile( mbedtls_ssl_config *conf,
|
||||||
|
mbedtls_x509_crt_profile *profile )
|
||||||
|
{
|
||||||
|
conf->cert_profile = profile;
|
||||||
|
}
|
||||||
|
|
||||||
/* Append a new keycert entry to a (possibly empty) list */
|
/* Append a new keycert entry to a (possibly empty) list */
|
||||||
static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
|
static int ssl_append_key_cert( mbedtls_ssl_key_cert **head,
|
||||||
mbedtls_x509_crt *cert,
|
mbedtls_x509_crt *cert,
|
||||||
|
@ -5458,7 +5467,29 @@ int mbedtls_ssl_conf_dh_param_ctx( mbedtls_ssl_config *conf, mbedtls_dhm_context
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
|
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_SRV_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
|
||||||
|
/*
|
||||||
|
* Set the minimum length for Diffie-Hellman parameters
|
||||||
|
*/
|
||||||
|
void mbedtls_ssl_conf_dhm_min_bitlen( mbedtls_ssl_config *conf,
|
||||||
|
unsigned int bitlen )
|
||||||
|
{
|
||||||
|
conf->dhm_min_bitlen = bitlen;
|
||||||
|
}
|
||||||
|
#endif /* MBEDTLS_DHM_C && MBEDTLS_SSL_CLI_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
/*
|
||||||
|
* Set allowed/preferred hashes for handshake signatures
|
||||||
|
*/
|
||||||
|
void mbedtls_ssl_conf_sig_hashes( mbedtls_ssl_config *conf,
|
||||||
|
const int *hashes )
|
||||||
|
{
|
||||||
|
conf->sig_hashes = hashes;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
/*
|
/*
|
||||||
* Set the allowed elliptic curves
|
* Set the allowed elliptic curves
|
||||||
*/
|
*/
|
||||||
|
@ -6581,11 +6612,33 @@ void mbedtls_ssl_config_init( mbedtls_ssl_config *conf )
|
||||||
memset( conf, 0, sizeof( mbedtls_ssl_config ) );
|
memset( conf, 0, sizeof( mbedtls_ssl_config ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static int ssl_preset_suiteb_ciphersuites[] = {
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
|
||||||
|
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
|
||||||
|
0
|
||||||
|
};
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
static int ssl_preset_suiteb_hashes[] = {
|
||||||
|
MBEDTLS_MD_SHA256,
|
||||||
|
MBEDTLS_MD_SHA384,
|
||||||
|
MBEDTLS_MD_NONE
|
||||||
|
};
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
static mbedtls_ecp_group_id ssl_preset_suiteb_curves[] = {
|
||||||
|
MBEDTLS_ECP_DP_SECP256R1,
|
||||||
|
MBEDTLS_ECP_DP_SECP384R1,
|
||||||
|
MBEDTLS_ECP_DP_NONE
|
||||||
|
};
|
||||||
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Load default in mbetls_ssl_config
|
* Load default in mbetls_ssl_config
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
||||||
int endpoint, int transport )
|
int endpoint, int transport, int preset )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
|
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
|
||||||
int ret;
|
int ret;
|
||||||
|
@ -6596,19 +6649,9 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
||||||
mbedtls_ssl_conf_endpoint( conf, endpoint );
|
mbedtls_ssl_conf_endpoint( conf, endpoint );
|
||||||
mbedtls_ssl_conf_transport( conf, transport );
|
mbedtls_ssl_conf_transport( conf, transport );
|
||||||
|
|
||||||
conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
|
/*
|
||||||
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_1; /* TLS 1.0 */
|
* Things that are common to all presets
|
||||||
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
|
*/
|
||||||
conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
|
||||||
if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
|
||||||
{
|
|
||||||
/* DTLS starts with TLS 1.1 */
|
|
||||||
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_CLI_C)
|
#if defined(MBEDTLS_SSL_CLI_C)
|
||||||
if( endpoint == MBEDTLS_SSL_IS_CLIENT )
|
if( endpoint == MBEDTLS_SSL_IS_CLIENT )
|
||||||
{
|
{
|
||||||
|
@ -6619,12 +6662,6 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
|
|
||||||
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
|
|
||||||
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
|
|
||||||
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
|
|
||||||
mbedtls_ssl_list_ciphersuites();
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_ARC4_C)
|
#if defined(MBEDTLS_ARC4_C)
|
||||||
conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED;
|
conf->arc4_disabled = MBEDTLS_SSL_ARC4_DISABLED;
|
||||||
#endif
|
#endif
|
||||||
|
@ -6641,10 +6678,6 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
||||||
conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED;
|
conf->cbc_record_splitting = MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
|
||||||
conf->curve_list = mbedtls_ecp_grp_id_list( );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
|
#if defined(MBEDTLS_SSL_DTLS_HELLO_VERIFY) && defined(MBEDTLS_SSL_SRV_C)
|
||||||
conf->f_cookie_write = ssl_cookie_write_dummy;
|
conf->f_cookie_write = ssl_cookie_write_dummy;
|
||||||
conf->f_cookie_check = ssl_cookie_check_dummy;
|
conf->f_cookie_check = ssl_cookie_check_dummy;
|
||||||
|
@ -6666,17 +6699,86 @@ int mbedtls_ssl_config_defaults( mbedtls_ssl_config *conf,
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
|
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_SRV_C)
|
||||||
if( endpoint == MBEDTLS_SSL_IS_SERVER )
|
if( endpoint == MBEDTLS_SSL_IS_SERVER )
|
||||||
{
|
{
|
||||||
if( ( ret = mbedtls_ssl_conf_dh_param( conf,
|
if( ( ret = mbedtls_ssl_conf_dh_param( conf,
|
||||||
MBEDTLS_DHM_RFC5114_MODP_2048_P,
|
MBEDTLS_DHM_RFC5114_MODP_2048_P,
|
||||||
MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 )
|
MBEDTLS_DHM_RFC5114_MODP_2048_G ) ) != 0 )
|
||||||
{
|
{
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Preset-specific defaults
|
||||||
|
*/
|
||||||
|
switch( preset )
|
||||||
|
{
|
||||||
|
/*
|
||||||
|
* NSA Suite B
|
||||||
|
*/
|
||||||
|
case MBEDTLS_SSL_PRESET_SUITEB:
|
||||||
|
conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
|
||||||
|
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_3; /* TLS 1.2 */
|
||||||
|
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
|
||||||
|
conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
|
||||||
|
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
|
||||||
|
ssl_preset_suiteb_ciphersuites;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
conf->cert_profile = &mbedtls_x509_crt_profile_suiteb;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
conf->sig_hashes = ssl_preset_suiteb_hashes;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
conf->curve_list = ssl_preset_suiteb_curves;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default
|
||||||
|
*/
|
||||||
|
default:
|
||||||
|
conf->min_major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
|
||||||
|
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_1; /* TLS 1.0 */
|
||||||
|
conf->max_major_ver = MBEDTLS_SSL_MAX_MAJOR_VERSION;
|
||||||
|
conf->max_minor_ver = MBEDTLS_SSL_MAX_MINOR_VERSION;
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||||
|
if( transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
|
||||||
|
conf->min_minor_ver = MBEDTLS_SSL_MINOR_VERSION_2;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_0] =
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_1] =
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_2] =
|
||||||
|
conf->ciphersuite_list[MBEDTLS_SSL_MINOR_VERSION_3] =
|
||||||
|
mbedtls_ssl_list_ciphersuites();
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
|
conf->cert_profile = &mbedtls_x509_crt_profile_default;
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
conf->sig_hashes = mbedtls_md_list();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
conf->curve_list = mbedtls_ecp_grp_id_list();
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_DHM_C) && defined(MBEDTLS_SSL_CLI_C)
|
||||||
|
conf->dhm_min_bitlen = 1024;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -6745,7 +6847,7 @@ mbedtls_pk_type_t mbedtls_ssl_pk_alg_from_sig( unsigned char sig )
|
||||||
#endif /* MBEDTLS_PK_C */
|
#endif /* MBEDTLS_PK_C */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Convert between SSL_HASH_XXX and MBEDTLS_MD_XXX
|
* Convert from MBEDTLS_SSL_HASH_XXX to MBEDTLS_MD_XXX
|
||||||
*/
|
*/
|
||||||
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash )
|
mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash )
|
||||||
{
|
{
|
||||||
|
@ -6776,22 +6878,78 @@ mbedtls_md_type_t mbedtls_ssl_md_alg_from_hash( unsigned char hash )
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
|
||||||
/*
|
/*
|
||||||
* Check is a curve proposed by the peer is in our list.
|
* Convert from MBEDTLS_MD_XXX to MBEDTLS_SSL_HASH_XXX
|
||||||
* Return 1 if we're willing to use it, 0 otherwise.
|
|
||||||
*/
|
*/
|
||||||
int mbedtls_ssl_curve_is_acceptable( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id )
|
unsigned char mbedtls_ssl_hash_from_md_alg( int md )
|
||||||
|
{
|
||||||
|
switch( md )
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_MD5_C)
|
||||||
|
case MBEDTLS_MD_MD5:
|
||||||
|
return( MBEDTLS_SSL_HASH_MD5 );
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_SHA1_C)
|
||||||
|
case MBEDTLS_MD_SHA1:
|
||||||
|
return( MBEDTLS_SSL_HASH_SHA1 );
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_SHA256_C)
|
||||||
|
case MBEDTLS_MD_SHA224:
|
||||||
|
return( MBEDTLS_SSL_HASH_SHA224 );
|
||||||
|
case MBEDTLS_MD_SHA256:
|
||||||
|
return( MBEDTLS_SSL_HASH_SHA256 );
|
||||||
|
#endif
|
||||||
|
#if defined(MBEDTLS_SHA512_C)
|
||||||
|
case MBEDTLS_MD_SHA384:
|
||||||
|
return( MBEDTLS_SSL_HASH_SHA384 );
|
||||||
|
case MBEDTLS_MD_SHA512:
|
||||||
|
return( MBEDTLS_SSL_HASH_SHA512 );
|
||||||
|
#endif
|
||||||
|
default:
|
||||||
|
return( MBEDTLS_SSL_HASH_NONE );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
/*
|
||||||
|
* Check if a curve proposed by the peer is in our list.
|
||||||
|
* Return 0 if we're willing to use it, -1 otherwise.
|
||||||
|
*/
|
||||||
|
int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id )
|
||||||
{
|
{
|
||||||
const mbedtls_ecp_group_id *gid;
|
const mbedtls_ecp_group_id *gid;
|
||||||
|
|
||||||
|
if( ssl->conf->curve_list == NULL )
|
||||||
|
return( -1 );
|
||||||
|
|
||||||
for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ )
|
for( gid = ssl->conf->curve_list; *gid != MBEDTLS_ECP_DP_NONE; gid++ )
|
||||||
if( *gid == grp_id )
|
if( *gid == grp_id )
|
||||||
return( 1 );
|
return( 0 );
|
||||||
|
|
||||||
return( 0 );
|
return( -1 );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_SSL_SET_CURVES */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED)
|
||||||
|
/*
|
||||||
|
* Check if a hash proposed by the peer is in our list.
|
||||||
|
* Return 0 if we're willing to use it, -1 otherwise.
|
||||||
|
*/
|
||||||
|
int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
|
||||||
|
mbedtls_md_type_t md )
|
||||||
|
{
|
||||||
|
const int *cur;
|
||||||
|
|
||||||
|
if( ssl->conf->sig_hashes == NULL )
|
||||||
|
return( -1 );
|
||||||
|
|
||||||
|
for( cur = ssl->conf->sig_hashes; *cur != MBEDTLS_MD_NONE; cur++ )
|
||||||
|
if( *cur == (int) md )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
|
return( -1 );
|
||||||
|
}
|
||||||
|
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__SIGNATURE_ENABLED */
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
#if defined(MBEDTLS_X509_CRT_PARSE_C)
|
||||||
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
|
int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
|
||||||
|
|
|
@ -385,9 +385,6 @@ static const char *features[] = {
|
||||||
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
|
#if defined(MBEDTLS_SSL_TRUNCATED_HMAC)
|
||||||
"MBEDTLS_SSL_TRUNCATED_HMAC",
|
"MBEDTLS_SSL_TRUNCATED_HMAC",
|
||||||
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
#endif /* MBEDTLS_SSL_TRUNCATED_HMAC */
|
||||||
#if defined(MBEDTLS_SSL_SET_CURVES)
|
|
||||||
"MBEDTLS_SSL_SET_CURVES",
|
|
||||||
#endif /* MBEDTLS_SSL_SET_CURVES */
|
|
||||||
#if defined(MBEDTLS_THREADING_ALT)
|
#if defined(MBEDTLS_THREADING_ALT)
|
||||||
"MBEDTLS_THREADING_ALT",
|
"MBEDTLS_THREADING_ALT",
|
||||||
#endif /* MBEDTLS_THREADING_ALT */
|
#endif /* MBEDTLS_THREADING_ALT */
|
||||||
|
|
|
@ -81,6 +81,127 @@ static void mbedtls_zeroize( void *v, size_t n ) {
|
||||||
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Default profile
|
||||||
|
*/
|
||||||
|
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_default =
|
||||||
|
{
|
||||||
|
/* Hashes from SHA-1 and above */
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
|
||||||
|
0xFFFFFFF, /* Any PK alg */
|
||||||
|
0xFFFFFFF, /* Any curve */
|
||||||
|
2048,
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Next-default profile
|
||||||
|
*/
|
||||||
|
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_next =
|
||||||
|
{
|
||||||
|
/* Hashes from SHA-256 and above */
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ),
|
||||||
|
0xFFFFFFF, /* Any PK alg */
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
/* Curves at or above 128-bit security level */
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP521R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP256R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP384R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_BP512R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256K1 ),
|
||||||
|
#else
|
||||||
|
0,
|
||||||
|
#endif
|
||||||
|
2048,
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* NSA Suite B Profile
|
||||||
|
*/
|
||||||
|
const mbedtls_x509_crt_profile mbedtls_x509_crt_profile_suiteb =
|
||||||
|
{
|
||||||
|
/* Only SHA-256 and 384 */
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ),
|
||||||
|
/* Only ECDSA */
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_PK_ECDSA ),
|
||||||
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
/* Only NIST P-256 and P-384 */
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP256R1 ) |
|
||||||
|
MBEDTLS_X509_ID_FLAG( MBEDTLS_ECP_DP_SECP384R1 ),
|
||||||
|
#else
|
||||||
|
0,
|
||||||
|
#endif
|
||||||
|
0,
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check md_alg against profile
|
||||||
|
* Return 0 if md_alg acceptable for this profile, -1 otherwise
|
||||||
|
*/
|
||||||
|
static int x509_profile_check_md_alg( const mbedtls_x509_crt_profile *profile,
|
||||||
|
mbedtls_md_type_t md_alg )
|
||||||
|
{
|
||||||
|
if( ( profile->allowed_mds & MBEDTLS_X509_ID_FLAG( md_alg ) ) != 0 )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
|
return( -1 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check pk_alg against profile
|
||||||
|
* Return 0 if pk_alg acceptable for this profile, -1 otherwise
|
||||||
|
*/
|
||||||
|
static int x509_profile_check_pk_alg( const mbedtls_x509_crt_profile *profile,
|
||||||
|
mbedtls_pk_type_t pk_alg )
|
||||||
|
{
|
||||||
|
if( ( profile->allowed_pks & MBEDTLS_X509_ID_FLAG( pk_alg ) ) != 0 )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
|
return( -1 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Check key against profile
|
||||||
|
* Return 0 if pk_alg acceptable for this profile, -1 otherwise
|
||||||
|
*/
|
||||||
|
static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile,
|
||||||
|
mbedtls_pk_type_t pk_alg,
|
||||||
|
const mbedtls_pk_context *pk )
|
||||||
|
{
|
||||||
|
#if defined(MBEDTLS_RSA_C)
|
||||||
|
if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS )
|
||||||
|
{
|
||||||
|
if( mbedtls_pk_get_size( pk ) >= profile->rsa_min_bitlen )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
|
return( -1 );
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_ECDSA_C)
|
||||||
|
if( pk_alg == MBEDTLS_PK_ECDSA )
|
||||||
|
{
|
||||||
|
mbedtls_ecp_group_id gid = mbedtls_pk_ec( *pk )->grp.id;
|
||||||
|
|
||||||
|
if( ( profile->allowed_curves & MBEDTLS_X509_ID_FLAG( gid ) ) != 0 )
|
||||||
|
return( 0 );
|
||||||
|
|
||||||
|
return( -1 );
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return( -1 );
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
|
* Version ::= INTEGER { v1(0), v2(1), v3(2) }
|
||||||
*/
|
*/
|
||||||
|
@ -1401,6 +1522,12 @@ static const struct x509_crt_verify_string x509_crt_verify_strings[] = {
|
||||||
{ MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" },
|
{ MBEDTLS_X509_BADCERT_KEY_USAGE, "Usage does not match the keyUsage extension" },
|
||||||
{ MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
|
{ MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, "Usage does not match the extendedKeyUsage extension" },
|
||||||
{ MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" },
|
{ MBEDTLS_X509_BADCERT_NS_CERT_TYPE, "Usage does not match the nsCertType extension" },
|
||||||
|
{ MBEDTLS_X509_BADCERT_BAD_MD, "The certificate is signed with an unacceptable hash." },
|
||||||
|
{ MBEDTLS_X509_BADCERT_BAD_PK, "The certificate is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
|
||||||
|
{ MBEDTLS_X509_BADCERT_BAD_KEY, "The certificate is signed with an unacceptable key (eg bad curve, RSA too short)." },
|
||||||
|
{ MBEDTLS_X509_BADCRL_BAD_MD, "The CRL is signed with an unacceptable hash." },
|
||||||
|
{ MBEDTLS_X509_BADCRL_BAD_PK, "The CRL is signed with an unacceptable PK alg (eg RSA vs ECDSA)." },
|
||||||
|
{ MBEDTLS_X509_BADCRL_BAD_KEY, "The CRL is signed with an unacceptable key (eg bad curve, RSA too short)." },
|
||||||
{ 0, NULL }
|
{ 0, NULL }
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -1502,7 +1629,8 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt, const mbedtls_x509
|
||||||
* Check that the given certificate is valid according to the CRL.
|
* Check that the given certificate is valid according to the CRL.
|
||||||
*/
|
*/
|
||||||
static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
|
static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
|
||||||
mbedtls_x509_crl *crl_list)
|
mbedtls_x509_crl *crl_list,
|
||||||
|
const mbedtls_x509_crt_profile *profile )
|
||||||
{
|
{
|
||||||
int flags = 0;
|
int flags = 0;
|
||||||
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
|
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
|
||||||
|
@ -1542,6 +1670,12 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
|
||||||
/*
|
/*
|
||||||
* Check if CRL is correctly signed by the trusted CA
|
* Check if CRL is correctly signed by the trusted CA
|
||||||
*/
|
*/
|
||||||
|
if( x509_profile_check_md_alg( profile, crl_list->sig_md ) != 0 )
|
||||||
|
flags |= MBEDTLS_X509_BADCRL_BAD_MD;
|
||||||
|
|
||||||
|
if( x509_profile_check_pk_alg( profile, crl_list->sig_pk ) != 0 )
|
||||||
|
flags |= MBEDTLS_X509_BADCRL_BAD_PK;
|
||||||
|
|
||||||
md_info = mbedtls_md_info_from_type( crl_list->sig_md );
|
md_info = mbedtls_md_info_from_type( crl_list->sig_md );
|
||||||
if( md_info == NULL )
|
if( md_info == NULL )
|
||||||
{
|
{
|
||||||
|
@ -1554,6 +1688,9 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
|
||||||
|
|
||||||
mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
|
mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
|
||||||
|
|
||||||
|
if( x509_profile_check_key( profile, crl_list->sig_pk, &ca->pk ) != 0 )
|
||||||
|
flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||||
|
|
||||||
if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
|
if( mbedtls_pk_verify_ext( crl_list->sig_pk, crl_list->sig_opts, &ca->pk,
|
||||||
crl_list->sig_md, hash, mbedtls_md_get_size( md_info ),
|
crl_list->sig_md, hash, mbedtls_md_get_size( md_info ),
|
||||||
crl_list->sig.p, crl_list->sig.len ) != 0 )
|
crl_list->sig.p, crl_list->sig.len ) != 0 )
|
||||||
|
@ -1582,6 +1719,7 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
|
||||||
|
|
||||||
crl_list = crl_list->next;
|
crl_list = crl_list->next;
|
||||||
}
|
}
|
||||||
|
|
||||||
return( flags );
|
return( flags );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_X509_CRL_PARSE_C */
|
#endif /* MBEDTLS_X509_CRL_PARSE_C */
|
||||||
|
@ -1764,7 +1902,9 @@ static int x509_crt_check_parent( const mbedtls_x509_crt *child,
|
||||||
|
|
||||||
static int x509_crt_verify_top(
|
static int x509_crt_verify_top(
|
||||||
mbedtls_x509_crt *child, mbedtls_x509_crt *trust_ca,
|
mbedtls_x509_crt *child, mbedtls_x509_crt *trust_ca,
|
||||||
mbedtls_x509_crl *ca_crl, int path_cnt, uint32_t *flags,
|
mbedtls_x509_crl *ca_crl,
|
||||||
|
const mbedtls_x509_crt_profile *profile,
|
||||||
|
int path_cnt, uint32_t *flags,
|
||||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||||
void *p_vrfy )
|
void *p_vrfy )
|
||||||
{
|
{
|
||||||
|
@ -1780,6 +1920,12 @@ static int x509_crt_verify_top(
|
||||||
if( mbedtls_x509_time_is_future( &child->valid_from ) )
|
if( mbedtls_x509_time_is_future( &child->valid_from ) )
|
||||||
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
|
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
|
||||||
|
|
||||||
|
if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 )
|
||||||
|
*flags |= MBEDTLS_X509_BADCERT_BAD_MD;
|
||||||
|
|
||||||
|
if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 )
|
||||||
|
*flags |= MBEDTLS_X509_BADCERT_BAD_PK;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Child is the top of the chain. Check against the trust_ca list.
|
* Child is the top of the chain. Check against the trust_ca list.
|
||||||
*/
|
*/
|
||||||
|
@ -1820,6 +1966,9 @@ static int x509_crt_verify_top(
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if( x509_profile_check_key( profile, child->sig_pk, &trust_ca->pk ) != 0 )
|
||||||
|
*flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||||
|
|
||||||
if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
|
if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
|
||||||
child->sig_md, hash, mbedtls_md_get_size( md_info ),
|
child->sig_md, hash, mbedtls_md_get_size( md_info ),
|
||||||
child->sig.p, child->sig.len ) != 0 )
|
child->sig.p, child->sig.len ) != 0 )
|
||||||
|
@ -1846,7 +1995,7 @@ static int x509_crt_verify_top(
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
/* Check trusted CA's CRL for the chain's top crt */
|
/* Check trusted CA's CRL for the chain's top crt */
|
||||||
*flags |= x509_crt_verifycrl( child, trust_ca, ca_crl );
|
*flags |= x509_crt_verifycrl( child, trust_ca, ca_crl, profile );
|
||||||
#else
|
#else
|
||||||
((void) ca_crl);
|
((void) ca_crl);
|
||||||
#endif
|
#endif
|
||||||
|
@ -1880,8 +2029,10 @@ static int x509_crt_verify_top(
|
||||||
}
|
}
|
||||||
|
|
||||||
static int x509_crt_verify_child(
|
static int x509_crt_verify_child(
|
||||||
mbedtls_x509_crt *child, mbedtls_x509_crt *parent, mbedtls_x509_crt *trust_ca,
|
mbedtls_x509_crt *child, mbedtls_x509_crt *parent,
|
||||||
mbedtls_x509_crl *ca_crl, int path_cnt, uint32_t *flags,
|
mbedtls_x509_crt *trust_ca, mbedtls_x509_crl *ca_crl,
|
||||||
|
const mbedtls_x509_crt_profile *profile,
|
||||||
|
int path_cnt, uint32_t *flags,
|
||||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||||
void *p_vrfy )
|
void *p_vrfy )
|
||||||
{
|
{
|
||||||
|
@ -1891,6 +2042,8 @@ static int x509_crt_verify_child(
|
||||||
mbedtls_x509_crt *grandparent;
|
mbedtls_x509_crt *grandparent;
|
||||||
const mbedtls_md_info_t *md_info;
|
const mbedtls_md_info_t *md_info;
|
||||||
|
|
||||||
|
(void) profile; /* WIP */
|
||||||
|
|
||||||
/* path_cnt is 0 for the first intermediate CA */
|
/* path_cnt is 0 for the first intermediate CA */
|
||||||
if( 1 + path_cnt > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
|
if( 1 + path_cnt > MBEDTLS_X509_MAX_INTERMEDIATE_CA )
|
||||||
{
|
{
|
||||||
|
@ -1904,6 +2057,12 @@ static int x509_crt_verify_child(
|
||||||
if( mbedtls_x509_time_is_future( &child->valid_from ) )
|
if( mbedtls_x509_time_is_future( &child->valid_from ) )
|
||||||
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
|
*flags |= MBEDTLS_X509_BADCERT_FUTURE;
|
||||||
|
|
||||||
|
if( x509_profile_check_md_alg( profile, child->sig_md ) != 0 )
|
||||||
|
*flags |= MBEDTLS_X509_BADCERT_BAD_MD;
|
||||||
|
|
||||||
|
if( x509_profile_check_pk_alg( profile, child->sig_pk ) != 0 )
|
||||||
|
*flags |= MBEDTLS_X509_BADCERT_BAD_PK;
|
||||||
|
|
||||||
md_info = mbedtls_md_info_from_type( child->sig_md );
|
md_info = mbedtls_md_info_from_type( child->sig_md );
|
||||||
if( md_info == NULL )
|
if( md_info == NULL )
|
||||||
{
|
{
|
||||||
|
@ -1916,6 +2075,9 @@ static int x509_crt_verify_child(
|
||||||
{
|
{
|
||||||
mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash );
|
mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash );
|
||||||
|
|
||||||
|
if( x509_profile_check_key( profile, child->sig_pk, &parent->pk ) != 0 )
|
||||||
|
*flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||||
|
|
||||||
if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
|
if( mbedtls_pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
|
||||||
child->sig_md, hash, mbedtls_md_get_size( md_info ),
|
child->sig_md, hash, mbedtls_md_get_size( md_info ),
|
||||||
child->sig.p, child->sig.len ) != 0 )
|
child->sig.p, child->sig.len ) != 0 )
|
||||||
|
@ -1926,7 +2088,7 @@ static int x509_crt_verify_child(
|
||||||
|
|
||||||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||||
/* Check trusted CA's CRL for the given crt */
|
/* Check trusted CA's CRL for the given crt */
|
||||||
*flags |= x509_crt_verifycrl(child, parent, ca_crl);
|
*flags |= x509_crt_verifycrl(child, parent, ca_crl, profile );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Look for a grandparent upwards the chain */
|
/* Look for a grandparent upwards the chain */
|
||||||
|
@ -1942,14 +2104,14 @@ static int x509_crt_verify_child(
|
||||||
/* Is our parent part of the chain or at the top? */
|
/* Is our parent part of the chain or at the top? */
|
||||||
if( grandparent != NULL )
|
if( grandparent != NULL )
|
||||||
{
|
{
|
||||||
ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl,
|
ret = x509_crt_verify_child( parent, grandparent, trust_ca, ca_crl, profile,
|
||||||
path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ret = x509_crt_verify_top( parent, trust_ca, ca_crl,
|
ret = x509_crt_verify_top( parent, trust_ca, ca_crl, profile,
|
||||||
path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
path_cnt + 1, &parent_flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -1974,6 +2136,22 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||||
const char *cn, uint32_t *flags,
|
const char *cn, uint32_t *flags,
|
||||||
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||||
void *p_vrfy )
|
void *p_vrfy )
|
||||||
|
{
|
||||||
|
return( mbedtls_x509_crt_verify_with_profile( crt, trust_ca, ca_crl,
|
||||||
|
&mbedtls_x509_crt_profile_default, cn, flags, f_vrfy, p_vrfy ) );
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Verify the certificate validity, with profile
|
||||||
|
*/
|
||||||
|
int mbedtls_x509_crt_verify_with_profile( mbedtls_x509_crt *crt,
|
||||||
|
mbedtls_x509_crt *trust_ca,
|
||||||
|
mbedtls_x509_crl *ca_crl,
|
||||||
|
const mbedtls_x509_crt_profile *profile,
|
||||||
|
const char *cn, uint32_t *flags,
|
||||||
|
int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *),
|
||||||
|
void *p_vrfy )
|
||||||
{
|
{
|
||||||
size_t cn_len;
|
size_t cn_len;
|
||||||
int ret;
|
int ret;
|
||||||
|
@ -1982,6 +2160,9 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||||
mbedtls_x509_name *name;
|
mbedtls_x509_name *name;
|
||||||
mbedtls_x509_sequence *cur = NULL;
|
mbedtls_x509_sequence *cur = NULL;
|
||||||
|
|
||||||
|
if( profile == NULL )
|
||||||
|
return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
|
||||||
|
|
||||||
*flags = 0;
|
*flags = 0;
|
||||||
|
|
||||||
if( cn != NULL )
|
if( cn != NULL )
|
||||||
|
@ -2044,14 +2225,14 @@ int mbedtls_x509_crt_verify( mbedtls_x509_crt *crt,
|
||||||
/* Are we part of the chain or at the top? */
|
/* Are we part of the chain or at the top? */
|
||||||
if( parent != NULL )
|
if( parent != NULL )
|
||||||
{
|
{
|
||||||
ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl,
|
ret = x509_crt_verify_child( crt, parent, trust_ca, ca_crl, profile,
|
||||||
pathlen, flags, f_vrfy, p_vrfy );
|
pathlen, flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
ret = x509_crt_verify_top( crt, trust_ca, ca_crl,
|
ret = x509_crt_verify_top( crt, trust_ca, ca_crl, profile,
|
||||||
pathlen, flags, f_vrfy, p_vrfy );
|
pathlen, flags, f_vrfy, p_vrfy );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
|
@ -163,7 +163,8 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -199,7 +199,8 @@ int main( void )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_SERVER,
|
MBEDTLS_SSL_IS_SERVER,
|
||||||
MBEDTLS_SSL_TRANSPORT_DATAGRAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -191,7 +191,8 @@ int main( void )
|
||||||
|
|
||||||
if( mbedtls_ssl_config_defaults( &conf,
|
if( mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) != 0 )
|
||||||
{
|
{
|
||||||
ret = ssl_config_defaults_failed;
|
ret = ssl_config_defaults_failed;
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -153,7 +153,8 @@ int main( void )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -95,6 +95,7 @@ int main( void )
|
||||||
#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
|
#define DFL_MFL_CODE MBEDTLS_SSL_MAX_FRAG_LEN_NONE
|
||||||
#define DFL_TRUNC_HMAC -1
|
#define DFL_TRUNC_HMAC -1
|
||||||
#define DFL_RECSPLIT -1
|
#define DFL_RECSPLIT -1
|
||||||
|
#define DFL_DHMLEN -1
|
||||||
#define DFL_RECONNECT 0
|
#define DFL_RECONNECT 0
|
||||||
#define DFL_RECO_DELAY 0
|
#define DFL_RECO_DELAY 0
|
||||||
#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED
|
#define DFL_TICKETS MBEDTLS_SSL_SESSION_TICKETS_ENABLED
|
||||||
|
@ -164,6 +165,13 @@ int main( void )
|
||||||
#define USAGE_RECSPLIT
|
#define USAGE_RECSPLIT
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_DHM_C)
|
||||||
|
#define USAGE_DHMLEN \
|
||||||
|
" dhmlen=%%d default: (library default: 1024 bits)\n"
|
||||||
|
#else
|
||||||
|
#define USAGE_DHMLEN
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_ALPN)
|
#if defined(MBEDTLS_SSL_ALPN)
|
||||||
#define USAGE_ALPN \
|
#define USAGE_ALPN \
|
||||||
" alpn=%%s default: \"\" (disabled)\n" \
|
" alpn=%%s default: \"\" (disabled)\n" \
|
||||||
|
@ -246,6 +254,7 @@ int main( void )
|
||||||
USAGE_EMS \
|
USAGE_EMS \
|
||||||
USAGE_ETM \
|
USAGE_ETM \
|
||||||
USAGE_RECSPLIT \
|
USAGE_RECSPLIT \
|
||||||
|
USAGE_DHMLEN \
|
||||||
"\n" \
|
"\n" \
|
||||||
" arc4=%%d default: (library default: 0)\n" \
|
" arc4=%%d default: (library default: 0)\n" \
|
||||||
" min_version=%%s default: (library default: tls1)\n" \
|
" min_version=%%s default: (library default: tls1)\n" \
|
||||||
|
@ -289,6 +298,7 @@ struct options
|
||||||
unsigned char mfl_code; /* code for maximum fragment length */
|
unsigned char mfl_code; /* code for maximum fragment length */
|
||||||
int trunc_hmac; /* negotiate truncated hmac or not */
|
int trunc_hmac; /* negotiate truncated hmac or not */
|
||||||
int recsplit; /* enable record splitting? */
|
int recsplit; /* enable record splitting? */
|
||||||
|
int dhmlen; /* minimum DHM params len in bits */
|
||||||
int reconnect; /* attempt to resume session */
|
int reconnect; /* attempt to resume session */
|
||||||
int reco_delay; /* delay in seconds before resuming session */
|
int reco_delay; /* delay in seconds before resuming session */
|
||||||
int tickets; /* enable / disable session tickets */
|
int tickets; /* enable / disable session tickets */
|
||||||
|
@ -468,6 +478,7 @@ int main( int argc, char *argv[] )
|
||||||
opt.mfl_code = DFL_MFL_CODE;
|
opt.mfl_code = DFL_MFL_CODE;
|
||||||
opt.trunc_hmac = DFL_TRUNC_HMAC;
|
opt.trunc_hmac = DFL_TRUNC_HMAC;
|
||||||
opt.recsplit = DFL_RECSPLIT;
|
opt.recsplit = DFL_RECSPLIT;
|
||||||
|
opt.dhmlen = DFL_DHMLEN;
|
||||||
opt.reconnect = DFL_RECONNECT;
|
opt.reconnect = DFL_RECONNECT;
|
||||||
opt.reco_delay = DFL_RECO_DELAY;
|
opt.reco_delay = DFL_RECO_DELAY;
|
||||||
opt.tickets = DFL_TICKETS;
|
opt.tickets = DFL_TICKETS;
|
||||||
|
@ -758,6 +769,12 @@ int main( int argc, char *argv[] )
|
||||||
if( opt.recsplit < 0 || opt.recsplit > 1 )
|
if( opt.recsplit < 0 || opt.recsplit > 1 )
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
else if( strcmp( p, "dhmlen" ) == 0 )
|
||||||
|
{
|
||||||
|
opt.dhmlen = atoi( q );
|
||||||
|
if( opt.dhmlen < 0 )
|
||||||
|
goto usage;
|
||||||
|
}
|
||||||
else
|
else
|
||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
@ -1042,7 +1059,8 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
opt.transport ) ) != 0 )
|
opt.transport,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
@ -1091,6 +1109,11 @@ int main( int argc, char *argv[] )
|
||||||
: MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
|
: MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED );
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_DHM_C)
|
||||||
|
if( opt.dhmlen != DFL_DHMLEN )
|
||||||
|
mbedtls_ssl_conf_dhm_min_bitlen( &conf, opt.dhmlen );
|
||||||
|
#endif
|
||||||
|
|
||||||
#if defined(MBEDTLS_SSL_ALPN)
|
#if defined(MBEDTLS_SSL_ALPN)
|
||||||
if( opt.alpn_string != NULL )
|
if( opt.alpn_string != NULL )
|
||||||
if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
|
if( ( ret = mbedtls_ssl_conf_alpn_protocols( &conf, alpn_list ) ) != 0 )
|
||||||
|
|
|
@ -177,7 +177,8 @@ int main( void )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_SERVER,
|
MBEDTLS_SSL_IS_SERVER,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -587,7 +587,8 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -412,7 +412,8 @@ int main( void )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_SERVER,
|
MBEDTLS_SSL_IS_SERVER,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
|
mbedtls_printf( " failed: mbedtls_ssl_config_defaults returned -0x%04x\n",
|
||||||
-ret );
|
-ret );
|
||||||
|
|
|
@ -193,7 +193,8 @@ int main( void )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_SERVER,
|
MBEDTLS_SSL_IS_SERVER,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -1533,7 +1533,8 @@ int main( int argc, char *argv[] )
|
||||||
|
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_SERVER,
|
MBEDTLS_SSL_IS_SERVER,
|
||||||
opt.transport ) ) != 0 )
|
opt.transport,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned -0x%x\n\n", -ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -399,7 +399,8 @@ int main( int argc, char *argv[] )
|
||||||
*/
|
*/
|
||||||
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
if( ( ret = mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
MBEDTLS_SSL_TRANSPORT_STREAM ) ) != 0 )
|
MBEDTLS_SSL_TRANSPORT_STREAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) ) != 0 )
|
||||||
{
|
{
|
||||||
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
mbedtls_printf( " failed\n ! mbedtls_ssl_config_defaults returned %d\n\n", ret );
|
||||||
goto exit;
|
goto exit;
|
||||||
|
|
|
@ -881,7 +881,6 @@ POLARSSL_SSL_PROTO_TLS1_2 MBEDTLS_SSL_PROTO_TLS1_2
|
||||||
POLARSSL_SSL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION
|
POLARSSL_SSL_RENEGOTIATION MBEDTLS_SSL_RENEGOTIATION
|
||||||
POLARSSL_SSL_SERVER_NAME_INDICATION MBEDTLS_SSL_SERVER_NAME_INDICATION
|
POLARSSL_SSL_SERVER_NAME_INDICATION MBEDTLS_SSL_SERVER_NAME_INDICATION
|
||||||
POLARSSL_SSL_SESSION_TICKETS MBEDTLS_SSL_SESSION_TICKETS
|
POLARSSL_SSL_SESSION_TICKETS MBEDTLS_SSL_SESSION_TICKETS
|
||||||
POLARSSL_SSL_SET_CURVES MBEDTLS_SSL_SET_CURVES
|
|
||||||
POLARSSL_SSL_SRV_C MBEDTLS_SSL_SRV_C
|
POLARSSL_SSL_SRV_C MBEDTLS_SSL_SRV_C
|
||||||
POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
|
POLARSSL_SSL_SRV_RESPECT_CLIENT_PREFERENCE MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
|
||||||
POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
|
POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
|
||||||
|
|
34
tests/data_files/dh.1000.pem
Normal file
34
tests/data_files/dh.1000.pem
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
|
||||||
|
Recommended key length: 160 bits
|
||||||
|
|
||||||
|
generator:
|
||||||
|
23:84:3c:0d:55:8c:b9:7d:a9:d5:9a:80:82:fb:50:
|
||||||
|
89:29:71:8e:8e:a1:29:2e:df:db:01:34:41:e7:66:
|
||||||
|
fa:60:dc:bc:34:83:45:70:e0:61:e9:a6:25:23:c2:
|
||||||
|
77:33:a9:8a:90:94:21:ff:84:d2:7b:36:39:9b:e5:
|
||||||
|
f0:88:2b:35:98:64:28:58:27:be:fa:bf:e3:60:cc:
|
||||||
|
c4:61:60:59:78:a7:e1:a3:b3:a7:3e:7e:5b:a8:d7:
|
||||||
|
b7:ba:25:0e:b1:9e:79:03:b5:83:ba:43:34:b6:c1:
|
||||||
|
ce:45:66:72:07:64:8a:af:14:d8:ae:18:19:ba:25:
|
||||||
|
a6:d9:36:f8:8c:
|
||||||
|
|
||||||
|
prime:
|
||||||
|
9e:a4:a8:c4:29:fe:76:18:02:4f:76:c9:29:0e:f2:
|
||||||
|
ba:0d:92:08:9d:d9:b3:28:41:5d:88:4e:fe:3c:ae:
|
||||||
|
c1:d4:3e:7e:fb:d8:2c:bf:7b:63:70:99:9e:c4:ac:
|
||||||
|
d0:1e:7c:4e:22:07:d2:b5:f9:9a:9e:52:e2:97:9d:
|
||||||
|
c3:cb:0d:66:33:75:95:a7:96:6e:69:ec:16:bd:06:
|
||||||
|
4a:1a:dc:b2:d4:29:23:ab:2e:8f:7f:6a:84:1d:82:
|
||||||
|
23:6e:42:8c:1e:70:3d:21:bb:b9:b9:8f:f9:fd:9c:
|
||||||
|
53:08:e4:e8:5a:04:ca:5f:8f:73:55:ac:e1:41:20:
|
||||||
|
c7:43:fa:8f:99:
|
||||||
|
|
||||||
|
|
||||||
|
-----BEGIN DH PARAMETERS-----
|
||||||
|
MIIBAwJ+AJ6kqMQp/nYYAk92ySkO8roNkgid2bMoQV2ITv48rsHUPn772Cy/e2Nw
|
||||||
|
mZ7ErNAefE4iB9K1+ZqeUuKXncPLDWYzdZWnlm5p7Ba9Bkoa3LLUKSOrLo9/aoQd
|
||||||
|
giNuQowecD0hu7m5j/n9nFMI5OhaBMpfj3NVrOFBIMdD+o+ZAn0jhDwNVYy5fanV
|
||||||
|
moCC+1CJKXGOjqEpLt/bATRB52b6YNy8NINFcOBh6aYlI8J3M6mKkJQh/4TSezY5
|
||||||
|
m+XwiCs1mGQoWCe++r/jYMzEYWBZeKfho7OnPn5bqNe3uiUOsZ55A7WDukM0tsHO
|
||||||
|
RWZyB2SKrxTYrhgZuiWm2Tb4jAICAKA=
|
||||||
|
-----END DH PARAMETERS-----
|
|
@ -2304,6 +2304,43 @@ run_test "DHM parameters: other parameters" \
|
||||||
-c "value of 'DHM: P ' (1024 bits)" \
|
-c "value of 'DHM: P ' (1024 bits)" \
|
||||||
-c "value of 'DHM: G ' (2 bits)"
|
-c "value of 'DHM: G ' (2 bits)"
|
||||||
|
|
||||||
|
# Tests for DHM client-side size checking
|
||||||
|
|
||||||
|
run_test "DHM size: server default, client default, OK" \
|
||||||
|
"$P_SRV" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||||
|
debug_level=1" \
|
||||||
|
0 \
|
||||||
|
-C "DHM prime too short:"
|
||||||
|
|
||||||
|
run_test "DHM size: server default, client 2048, OK" \
|
||||||
|
"$P_SRV" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||||
|
debug_level=1 dhmlen=2048" \
|
||||||
|
0 \
|
||||||
|
-C "DHM prime too short:"
|
||||||
|
|
||||||
|
run_test "DHM size: server 1024, client default, OK" \
|
||||||
|
"$P_SRV dhm_file=data_files/dhparams.pem" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||||
|
debug_level=1" \
|
||||||
|
0 \
|
||||||
|
-C "DHM prime too short:"
|
||||||
|
|
||||||
|
run_test "DHM size: server 1000, client default, rejected" \
|
||||||
|
"$P_SRV dhm_file=data_files/dh.1000.pem" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||||
|
debug_level=1" \
|
||||||
|
1 \
|
||||||
|
-c "DHM prime too short:"
|
||||||
|
|
||||||
|
run_test "DHM size: server default, client 2049, rejected" \
|
||||||
|
"$P_SRV" \
|
||||||
|
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
|
||||||
|
debug_level=1 dhmlen=2049" \
|
||||||
|
1 \
|
||||||
|
-c "DHM prime too short:"
|
||||||
|
|
||||||
# Tests for PSK callback
|
# Tests for PSK callback
|
||||||
|
|
||||||
run_test "PSK callback: psk, no callback" \
|
run_test "PSK callback: psk, no callback" \
|
||||||
|
|
|
@ -20,7 +20,8 @@ void ssl_dtls_replay( char *prevs, char *new, int ret )
|
||||||
|
|
||||||
TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
|
TEST_ASSERT( mbedtls_ssl_config_defaults( &conf,
|
||||||
MBEDTLS_SSL_IS_CLIENT,
|
MBEDTLS_SSL_IS_CLIENT,
|
||||||
MBEDTLS_SSL_TRANSPORT_DATAGRAM ) == 0 );
|
MBEDTLS_SSL_TRANSPORT_DATAGRAM,
|
||||||
|
MBEDTLS_SSL_PRESET_DEFAULT ) == 0 );
|
||||||
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
|
TEST_ASSERT( mbedtls_ssl_setup( &ssl, &conf ) == 0 );
|
||||||
|
|
||||||
/* Read previous record numbers */
|
/* Read previous record numbers */
|
||||||
|
|
|
@ -272,28 +272,7 @@ X509 Verify Information: two issues
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:"":"The certificate validity has expired\nThe CRL is expired\n"
|
x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:"":"The certificate validity has expired\nThe CRL is expired\n"
|
||||||
|
|
||||||
X509 Verify Information: two issues, one unknown
|
X509 Verify Information: two issues, one unknown
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_OTHER | 0x8000:"":"Other reason (can be used by verify callback)\nUnknown reason (this should not happen)\n"
|
x509_verify_info:MBEDTLS_X509_BADCERT_OTHER | 0x80000000:"":"Other reason (can be used by verify callback)\nUnknown reason (this should not happen)\n"
|
||||||
|
|
||||||
X509 Verify Information: empty, with prefix
|
|
||||||
x509_verify_info:0:" ! ":""
|
|
||||||
|
|
||||||
X509 Verify Information: one issue, with prefix
|
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_MISSING:" ! ":" ! Certificate was missing\n"
|
|
||||||
|
|
||||||
X509 Verify Information: two issues, with prefix
|
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:" ! ":" ! The certificate validity has expired\n ! The CRL is expired\n"
|
|
||||||
|
|
||||||
X509 Verify Information: empty
|
|
||||||
x509_verify_info:0:"":""
|
|
||||||
|
|
||||||
X509 Verify Information: one issue
|
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_MISSING:"":"Certificate was missing\n"
|
|
||||||
|
|
||||||
X509 Verify Information: two issues
|
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_EXPIRED | MBEDTLS_X509_BADCRL_EXPIRED:"":"The certificate validity has expired\nThe CRL is expired\n"
|
|
||||||
|
|
||||||
X509 Verify Information: two issues, one unknown
|
|
||||||
x509_verify_info:MBEDTLS_X509_BADCERT_OTHER | 0x8000:"":"Other reason (can be used by verify callback)\nUnknown reason (this should not happen)\n"
|
|
||||||
|
|
||||||
X509 Verify Information: empty, with prefix
|
X509 Verify Information: empty, with prefix
|
||||||
x509_verify_info:0:" ! ":""
|
x509_verify_info:0:" ! ":""
|
||||||
|
@ -434,11 +413,11 @@ x509_verify:"data_files/server2.crt":"data_files/server1.crt":"data_files/crl_ex
|
||||||
|
|
||||||
X509 Certificate verification #12 (Valid Cert MD4 Digest)
|
X509 Certificate verification #12 (Valid Cert MD4 Digest)
|
||||||
depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_MD4_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL"
|
x509_verify:"data_files/cert_md4.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"NULL"
|
||||||
|
|
||||||
X509 Certificate verification #13 (Valid Cert MD5 Digest)
|
X509 Certificate verification #13 (Valid Cert MD5 Digest)
|
||||||
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_MD5_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":0:0:"NULL"
|
x509_verify:"data_files/cert_md5.crt":"data_files/test-ca.crt":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_MD:"NULL"
|
||||||
|
|
||||||
X509 Certificate verification #14 (Valid Cert SHA1 Digest)
|
X509 Certificate verification #14 (Valid Cert SHA1 Digest)
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V15
|
||||||
|
@ -690,7 +669,7 @@ x509_verify:"data_files/server6-ss-child.crt":"data_files/server5-selfsigned.crt
|
||||||
|
|
||||||
X509 Certificate verification #75 (encoding mismatch)
|
X509 Certificate verification #75 (encoding mismatch)
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C
|
depends_on:MBEDTLS_PEM_PARSE_C
|
||||||
x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":0:0:"NULL"
|
x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_KEY:"NULL"
|
||||||
|
|
||||||
X509 Certificate verification #76 (multiple CRLs, not revoked)
|
X509 Certificate verification #76 (multiple CRLs, not revoked)
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||||
|
@ -714,7 +693,7 @@ x509_verify:"data_files/server1.crt":"data_files/test-ca_cat12.crt":"data_files/
|
||||||
|
|
||||||
X509 Certificate verification #81 (multiple CRLs, none relevant)
|
X509 Certificate verification #81 (multiple CRLs, none relevant)
|
||||||
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_SHA256_C:MBEDTLS_RSA_C
|
||||||
x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":0:0:"NULL"
|
x509_verify:"data_files/enco-cert-utf8str.pem":"data_files/enco-ca-prstr.pem":"data_files/crl_cat_rsa-ec.pem":"NULL":MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:MBEDTLS_X509_BADCERT_BAD_KEY:"NULL"
|
||||||
|
|
||||||
X509 Parse Selftest
|
X509 Parse Selftest
|
||||||
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CERTS_C
|
depends_on:MBEDTLS_SHA1_C:MBEDTLS_PEM_PARSE_C:MBEDTLS_CERTS_C
|
||||||
|
|
Loading…
Reference in a new issue