Implement Server side of PSK extension parsing (1053a6e2) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

include/openssl/ssl.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -2324,6 +2324,7 @@ int ERR_load_SSL_strings(void);
		# define SSL_F_TLS_GET_MESSAGE_HEADER 387
		# define SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT 449
		# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE 463
		# define SSL_F_TLS_PARSE_CTOS_PSK 505
		# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 464
		# define SSL_F_TLS_PARSE_CTOS_USE_SRTP 465
		# define SSL_F_TLS_PARSE_STOC_KEY_SHARE 445
		@@ -2361,6 +2362,7 @@ int ERR_load_SSL_strings(void);
		# define SSL_F_TLS_PROCESS_SKE_ECDHE 420
		# define SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE 421
		# define SSL_F_TLS_PROCESS_SKE_SRP 422
		# define SSL_F_TLS_PSK_DO_BINDER 506
		# define SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT 450
		# define SSL_F_TLS_SETUP_HANDSHAKE 508
		# define SSL_F_USE_CERTIFICATE_CHAIN_FILE 220

ssl/ssl_ciph.c

+11 −0

Original line number	Diff line number	Diff line
		@@ -2018,3 +2018,14 @@ int ssl_cipher_get_overhead(const SSL_CIPHER c, size_t mac_overhead,

		return 1;
		}

		const EVP_MD *ssl_cipher_get_handshake_md(int cipher_id)
		{
		const SSL_CIPHER *cipher = ssl3_get_cipher_by_id(cipher_id);
		if (cipher == NULL) {
		/* Don't recognise this cipher */
		return NULL;
		}

		return ssl_md(cipher->algorithm2);
		}

ssl/ssl_err.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -370,6 +370,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
		{ERR_FUNC(SSL_F_TLS_PARSE_CLIENTHELLO_TLSEXT),
		"tls_parse_clienthello_tlsext"},
		{ERR_FUNC(SSL_F_TLS_PARSE_CTOS_KEY_SHARE), "tls_parse_ctos_key_share"},
		{ERR_FUNC(SSL_F_TLS_PARSE_CTOS_PSK), "tls_parse_ctos_psk"},
		{ERR_FUNC(SSL_F_TLS_PARSE_CTOS_RENEGOTIATE),
		"tls_parse_ctos_renegotiate"},
		{ERR_FUNC(SSL_F_TLS_PARSE_CTOS_USE_SRTP), "tls_parse_ctos_use_srtp"},
		@@ -423,6 +424,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
		{ERR_FUNC(SSL_F_TLS_PROCESS_SKE_PSK_PREAMBLE),
		"tls_process_ske_psk_preamble"},
		{ERR_FUNC(SSL_F_TLS_PROCESS_SKE_SRP), "tls_process_ske_srp"},
		{ERR_FUNC(SSL_F_TLS_PSK_DO_BINDER), "tls_psk_do_binder"},
		{ERR_FUNC(SSL_F_TLS_SCAN_CLIENTHELLO_TLSEXT),
		"tls_scan_clienthello_tlsext"},
		{ERR_FUNC(SSL_F_TLS_SETUP_HANDSHAKE), "tls_setup_handshake"},

ssl/ssl_locl.h

+12 −0

Original line number	Diff line number	Diff line
		@@ -1956,6 +1956,7 @@ __owur int ssl_cipher_get_overhead(const SSL_CIPHER c, size_t mac_overhead,
		__owur int ssl_cipher_get_cert_index(const SSL_CIPHER *c);
		__owur const SSL_CIPHER ssl_get_cipher_by_char(SSL ssl,
		const unsigned char *ptr);
		__owur const EVP_MD *ssl_cipher_get_handshake_md(int cipher_id);
		__owur int ssl_cert_set0_chain(SSL s, SSL_CTX ctx, STACK_OF(X509) *chain);
		__owur int ssl_cert_set1_chain(SSL s, SSL_CTX ctx, STACK_OF(X509) *chain);
		__owur int ssl_cert_add0_chain_cert(SSL s, SSL_CTX ctx, X509 *x);
		@@ -2193,6 +2194,17 @@ void ssl_set_default_md(SSL *s);
		__owur int tls1_set_server_sigalgs(SSL *s);
		__owur int tls_get_ticket_from_client(SSL s, CLIENTHELLO_MSG hello,
		SSL_SESSION **ret);

		/* Return codes for tls_decrypt_ticket */
		#define TICKET_FATAL_ERR_MALLOC -2
		#define TICKET_FATAL_ERR_OTHER -1
		#define TICKET_NO_DECRYPT 2
		#define TICKET_SUCCESS 3
		#define TICKET_SUCCESS_RENEW 4
		__owur int tls_decrypt_ticket(SSL s, const unsigned char etick,
		size_t eticklen, const unsigned char *sess_id,
		size_t sesslen, SSL_SESSION **psess);

		__owur int tls_use_ticket(SSL *s);

		__owur int tls12_get_sigandhash(SSL s, WPACKET pkt, const EVP_PKEY *pk,

ssl/ssl_sess.c

+36 −23

Original line number	Diff line number	Diff line
		@@ -39,6 +39,7 @@
		#include <openssl/rand.h>
		#include <openssl/engine.h>
		#include "ssl_locl.h"
		#include "statem/statem_locl.h"

		static void SSL_SESSION_list_remove(SSL_CTX ctx, SSL_SESSION s);
		static void SSL_SESSION_list_add(SSL_CTX ctx, SSL_SESSION s);
		@@ -444,8 +445,9 @@ int ssl_get_new_session(SSL *s, int session)
		* hello: The parsed ClientHello data
		*
		* Returns:
		* -1: error
		* 0: a session may have been found.
		* -1: fatal error
		* 0: no session found
		* 1: a session may have been found.
		*
		* Side effects:
		* - If a session is found then s->session is pointed at it (after freeing an
		@@ -459,12 +461,18 @@ int ssl_get_prev_session(SSL s, CLIENTHELLO_MSG hello)

		SSL_SESSION *ret = NULL;
		int fatal = 0;
		int try_session_cache = 1;
		int try_session_cache = 0;
		int r;

		if (hello->session_id_len == 0)
		try_session_cache = 0;
		if (SSL_IS_TLS13(s)) {
		int al;

		if (!tls_parse_extension(s, TLSEXT_IDX_psk, EXT_CLIENT_HELLO,
		hello->pre_proc_exts, NULL, 0, &al))
		return -1;

		ret = s->session;
		} else {
		/* sets s->ext.ticket_expected */
		r = tls_get_ticket_from_client(s, hello, &ret);
		switch (r) {
		@@ -473,14 +481,15 @@ int ssl_get_prev_session(SSL s, CLIENTHELLO_MSG hello)
		goto err;
		case 0: /* No ticket found */
		case 1: /* Zero length ticket found */
		try_session_cache = 1;
		break; /* Ok to carry on processing session id. */
		case 2: /* Ticket found but not decrypted. */
		case 3: /* Ticket decrypted, ret has been set. /
		try_session_cache = 0;
		break;
		default:
		abort();
		}
		}

		if (try_session_cache &&
		ret == NULL &&
		@@ -628,11 +637,15 @@ int ssl_get_prev_session(SSL s, CLIENTHELLO_MSG hello)
		goto err;
		}

		s->session_ctx->stats.sess_hit++;

		if (!SSL_IS_TLS13(s)) {
		/* We already did this for TLS1.3 */
		SSL_SESSION_free(s->session);
		s->session = ret;
		}

		s->session_ctx->stats.sess_hit++;
		s->verify_result = s->session->verify_result;

		return 1;

		err: