diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2020-05-09 15:05:51 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2020-05-09 15:05:51 +0000 |
| commit | aa4845482e5480cd41315bdedb247917043d35f7 (patch) | |
| tree | c43c7566f89b0a7dcb33da3dbb21b78e60d48a4f | |
| parent | 456211843e8d6d53f7f18ebbdde8b55cc616923f (diff) | |
Add support for certificate status requests in TLS 1.3 client
ok jsing@, tb@, inoguchi@
| -rw-r--r-- | lib/libssl/ssl_tlsext.c | 43 | ||||
| -rw-r--r-- | lib/libssl/tls13_client.c | 16 | ||||
| -rw-r--r-- | lib/libssl/tls13_internal.h | 4 | ||||
| -rw-r--r-- | lib/libssl/tls13_lib.c | 30 |
4 files changed, 81 insertions, 12 deletions
diff --git a/lib/libssl/ssl_tlsext.c b/lib/libssl/ssl_tlsext.c index cb2b2cadc74..bc122686c9b 100644 --- a/lib/libssl/ssl_tlsext.c +++ b/lib/libssl/ssl_tlsext.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_tlsext.c,v 1.64 2020/05/09 10:51:55 jsing Exp $ */ +/* $OpenBSD: ssl_tlsext.c,v 1.65 2020/05/09 15:05:50 beck Exp $ */ /* * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> @@ -921,12 +921,43 @@ tlsext_ocsp_server_build(SSL *s, CBB *cbb) int tlsext_ocsp_client_parse(SSL *s, CBS *cbs, int *alert) { - if (s->tlsext_status_type == -1) { - *alert = TLS1_AD_UNSUPPORTED_EXTENSION; - return 0; + CBS response; + size_t stow_len; + uint16_t version = TLS1_get_client_version(s); + uint8_t status_type; + + if (version >= TLS1_3_VERSION) { + if (!CBS_get_u8(cbs, &status_type)) { + SSLerror(s, SSL_R_LENGTH_MISMATCH); + return 0; + } + if (status_type != TLSEXT_STATUSTYPE_ocsp) { + SSLerror(s, SSL_R_UNSUPPORTED_STATUS_TYPE); + return 0; + } + if (!CBS_get_u24_length_prefixed(cbs, &response)) { + SSLerror(s, SSL_R_LENGTH_MISMATCH); + return 0; + } + if (CBS_len(&response) > 65536) { + SSLerror(s, SSL_R_DATA_LENGTH_TOO_LONG); + return 0; + } + if (!CBS_stow(&response, &s->internal->tlsext_ocsp_resp, + &stow_len)) { + s->internal->tlsext_ocsp_resplen = 0; + *alert = SSL_AD_INTERNAL_ERROR; + return 0; + } + s->internal->tlsext_ocsp_resplen = (int)stow_len; + } else { + if (s->tlsext_status_type == -1) { + *alert = TLS1_AD_UNSUPPORTED_EXTENSION; + return 0; + } + /* Set flag to expect CertificateStatus message */ + s->internal->tlsext_status_expected = 1; } - /* Set flag to expect CertificateStatus message */ - s->internal->tlsext_status_expected = 1; return 1; } diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c index 79318d93135..aab83dcc692 100644 --- a/lib/libssl/tls13_client.c +++ b/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.54 2020/04/28 20:37:22 jsing Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.55 2020/05/09 15:05:50 beck Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * @@ -550,13 +550,13 @@ tls13_server_certificate_request_recv(struct tls13_ctx *ctx, CBS *cbs) int tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) { - CBS cert_request_context, cert_list, cert_data, cert_exts; + CBS cert_request_context, cert_list, cert_data; struct stack_st_X509 *certs = NULL; SSL *s = ctx->ssl; X509 *cert = NULL; EVP_PKEY *pkey; const uint8_t *p; - int cert_idx; + int cert_idx, alert_desc; int ret = 0; if ((certs = sk_X509_new_null()) == NULL) @@ -572,8 +572,12 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) while (CBS_len(&cert_list) > 0) { if (!CBS_get_u24_length_prefixed(&cert_list, &cert_data)) goto err; - if (!CBS_get_u16_length_prefixed(&cert_list, &cert_exts)) + + if (!tlsext_client_parse(ctx->ssl, &cert_list, &alert_desc, + SSL_TLSEXT_MSG_CT)) { + ctx->alert = alert_desc; goto err; + } p = CBS_data(&cert_data); if ((cert = d2i_X509(NULL, &p, CBS_len(&cert_data))) == NULL) @@ -628,6 +632,10 @@ tls13_server_certificate_recv(struct tls13_ctx *ctx, CBS *cbs) s->session->peer = cert; s->session->verify_result = s->verify_result; + if (ctx->ocsp_status_recv_cb != NULL && + !ctx->ocsp_status_recv_cb(ctx)) + goto err; + ret = 1; err: diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index d53672dbfe5..b699b205010 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.67 2020/04/28 20:37:22 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.68 2020/05/09 15:05:50 beck Exp $ */ /* * Copyright (c) 2018 Bob Beck <beck@openbsd.org> * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> @@ -51,6 +51,7 @@ typedef ssize_t (*tls13_read_cb)(void *_buf, size_t _buflen, void *_cb_arg); typedef ssize_t (*tls13_write_cb)(const void *_buf, size_t _buflen, void *_cb_arg); typedef void (*tls13_handshake_message_cb)(void *_cb_arg); +typedef int (*tls13_ocsp_status_cb)(void *_cb_arg); /* * Buffers. @@ -233,6 +234,7 @@ struct tls13_ctx { tls13_handshake_message_cb handshake_message_sent_cb; tls13_handshake_message_cb handshake_message_recv_cb; + tls13_ocsp_status_cb ocsp_status_recv_cb; }; #ifndef TLS13_PHH_LIMIT_TIME #define TLS13_PHH_LIMIT_TIME 3600 diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index 199f43ca16c..37f300ae43b 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.36 2020/04/28 20:30:41 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.37 2020/05/09 15:05:50 beck Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> * Copyright (c) 2019 Bob Beck <beck@openbsd.org> @@ -163,6 +163,33 @@ tls13_legacy_handshake_message_sent_cb(void *arg) } static int +tls13_legacy_ocsp_status_recv_cb(void *arg) +{ + struct tls13_ctx *ctx = arg; + SSL *s = ctx->ssl; + int ret; + + if (s->ctx->internal->tlsext_status_cb == NULL || + s->internal->tlsext_ocsp_resplen == 0) + return 1; + + ret = s->ctx->internal->tlsext_status_cb(s, + s->ctx->internal->tlsext_status_arg); + if (ret < 0) { + ctx->alert = SSL_AD_INTERNAL_ERROR; + SSLerror(s, ERR_R_MALLOC_FAILURE); + return 0; + } + if (ret == 0) { + ctx->alert = SSL_AD_BAD_CERTIFICATE_STATUS_RESPONSE; + SSLerror(s, SSL_R_INVALID_STATUS_RESPONSE); + return 0; + } + + return 1; +} + +static int tls13_phh_update_local_traffic_secret(struct tls13_ctx *ctx) { struct tls13_secrets *secrets = ctx->hs->secrets; @@ -322,6 +349,7 @@ tls13_ctx_new(int mode) ctx->handshake_message_sent_cb = tls13_legacy_handshake_message_sent_cb; ctx->handshake_message_recv_cb = tls13_legacy_handshake_message_recv_cb; + ctx->ocsp_status_recv_cb = tls13_legacy_ocsp_status_recv_cb; return ctx; |