Implement server side of PSK extension construction (0247086d) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

include/openssl/ssl.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -2315,6 +2315,7 @@ int ERR_load_SSL_strings(void);
		# define SSL_F_TLS_CONSTRUCT_STOC_KEY_EXCHANGE 377
		# define SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE 456
		# define SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG 457
		# define SSL_F_TLS_CONSTRUCT_STOC_PSK 504
		# define SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE 458
		# define SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME 459
		# define SSL_F_TLS_CONSTRUCT_STOC_SESSION_TICKET 460

+3 −0

Original line number	Diff line number	Diff line
		@@ -4113,6 +4113,9 @@ int ssl_derive(SSL s, EVP_PKEY privkey, EVP_PKEY *pubkey, int gensecret)
		rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL,
		0,
		(unsigned char *)&s->early_secret);
		else
		rv = 1;

		rv = rv && tls13_generate_handshake_secret(s, pms, pmslen);
		} else {
		/* Generate master secret and discard premaster */

+1 −0

Original line number	Diff line number	Diff line
		@@ -355,6 +355,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
		"tls_construct_stoc_key_share"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_NEXT_PROTO_NEG),
		"tls_construct_stoc_next_proto_neg"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_PSK), "tls_construct_stoc_psk"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_RENEGOTIATE),
		"tls_construct_stoc_renegotiate"},
		{ERR_FUNC(SSL_F_TLS_CONSTRUCT_STOC_SERVER_NAME),

+1 −1

Original line number	Diff line number	Diff line
		@@ -279,7 +279,7 @@ static const EXTENSION_DEFINITION ext_defs[] = {
		TLSEXT_TYPE_psk,
		EXT_CLIENT_HELLO \| EXT_TLS1_3_SERVER_HELLO \| EXT_TLS_IMPLEMENTATION_ONLY
		\| EXT_TLS1_3_ONLY,
		NULL, tls_parse_ctos_psk, tls_parse_stoc_psk, NULL,
		NULL, tls_parse_ctos_psk, tls_parse_stoc_psk, tls_construct_stoc_psk,
		tls_construct_ctos_psk, NULL
		}
		};

+24 −5

Original line number	Diff line number	Diff line
		@@ -1006,13 +1006,15 @@ int tls_construct_stoc_key_share(SSL s, WPACKET pkt, X509 *x, size_t chainidx,
		size_t encoded_pt_len = 0;
		EVP_PKEY ckey = s->s3->peer_tmp, skey = NULL;

		if (s->hit)
		return 1;

		if (ckey == NULL) {
		/* No key_share received from client, must be resuming. */
		if (!s->hit \|\| !tls13_generate_handshake_secret(s, NULL, 0)) {
		*al = SSL_AD_INTERNAL_ERROR;
		SSLerr(SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR);
		return 0;
		}
		return 1;
		}

		if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_key_share)
		\|\| !WPACKET_start_sub_packet_u16(pkt)
		@@ -1079,3 +1081,20 @@ int tls_construct_stoc_cryptopro_bug(SSL s, WPACKET pkt, X509 *x,

		return 1;
		}

		int tls_construct_stoc_psk(SSL s, WPACKET pkt, X509 *x, size_t chainidx,
		int *al)
		{
		if (!s->hit)
		return 1;

		if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_psk)
		\|\| !WPACKET_start_sub_packet_u16(pkt)
		\|\| !WPACKET_put_bytes_u16(pkt, s->session->ext.tick_identity)
		\|\| !WPACKET_close(pkt)) {
		SSLerr(SSL_F_TLS_CONSTRUCT_STOC_PSK, ERR_R_INTERNAL_ERROR);
		return 0;
		}

		return 1;
		}