Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
openssl
提交
ef7daaf9
O
openssl
项目概览
btwise
/
openssl
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
ef7daaf9
编写于
11月 03, 2016
作者:
M
Matt Caswell
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Validate that the provided key_share is in supported_groups
Reviewed-by:
N
Rich Salz
<
rsalz@openssl.org
>
上级
0f1e51ea
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
101 addition
and
34 deletion
+101
-34
ssl/statem/statem_srvr.c
ssl/statem/statem_srvr.c
+1
-1
ssl/t1_lib.c
ssl/t1_lib.c
+100
-33
未找到文件。
ssl/statem/statem_srvr.c
浏览文件 @
ef7daaf9
...
...
@@ -1450,7 +1450,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
}
/* Check we've got a key_share for TLSv1.3 */
if
(
s
->
version
==
TLS1_3_VERSION
&&
s
->
s3
->
peer_tmp
==
NULL
)
{
if
(
s
->
version
==
TLS1_3_VERSION
&&
s
->
s3
->
peer_tmp
==
NULL
&&
!
s
->
hit
)
{
/* No suitable share */
/* TODO(1.3): Send a HelloRetryRequest */
al
=
SSL_AD_HANDSHAKE_FAILURE
;
...
...
ssl/t1_lib.c
浏览文件 @
ef7daaf9
...
...
@@ -1649,7 +1649,7 @@ int ssl_add_serverhello_tlsext(SSL *s, WPACKET *pkt, int *al)
}
#endif
if
(
s
->
version
==
TLS1_3_VERSION
)
{
if
(
s
->
version
==
TLS1_3_VERSION
&&
!
s
->
hit
)
{
unsigned
char
*
encodedPoint
;
size_t
encoded_pt_len
=
0
;
EVP_PKEY
*
ckey
=
NULL
,
*
skey
=
NULL
;
...
...
@@ -1885,6 +1885,79 @@ static void ssl_check_for_safari(SSL *s, const CLIENTHELLO_MSG *hello)
}
#endif
/* !OPENSSL_NO_EC */
/*
* Process the supported_groups extension if present. Returns success if the
* extension is absent, or if it has been successfully processed.
*
* Returns
* 1 on success
* 0 on failure
*/
static
int
tls_process_supported_groups
(
SSL
*
s
,
CLIENTHELLO_MSG
*
hello
)
{
#ifndef OPENSSL_NO_EC
PACKET
supported_groups_list
;
RAW_EXTENSION
*
suppgroups
=
tls_get_extension_by_type
(
hello
->
pre_proc_exts
,
hello
->
num_extensions
,
TLSEXT_TYPE_supported_groups
);
if
(
suppgroups
==
NULL
)
return
1
;
/* Each group is 2 bytes and we must have at least 1. */
if
(
!
PACKET_as_length_prefixed_2
(
&
suppgroups
->
data
,
&
supported_groups_list
)
||
PACKET_remaining
(
&
supported_groups_list
)
==
0
||
(
PACKET_remaining
(
&
supported_groups_list
)
%
2
)
!=
0
)
{
return
0
;
}
if
(
!
s
->
hit
&&
!
PACKET_memdup
(
&
supported_groups_list
,
&
s
->
session
->
tlsext_supportedgroupslist
,
&
s
->
session
->
tlsext_supportedgroupslist_length
))
{
return
0
;
}
#endif
return
1
;
}
/*
* Checks a list of |groups| to determine if the |group_id| is in it. If it is
* and |checkallow| is 1 then additionally check if the group is allowed to be
* used.
*
* Returns:
* 1 if the group is in the list (and allowed if |checkallow| is 1)
* 0 otherwise
*/
static
int
check_in_list
(
SSL
*
s
,
unsigned
int
group_id
,
const
unsigned
char
*
groups
,
size_t
num_groups
,
int
checkallow
)
{
size_t
i
;
if
(
groups
==
NULL
||
num_groups
==
0
)
return
0
;
for
(
i
=
0
;
i
<
num_groups
;
i
++
,
groups
+=
2
)
{
unsigned
int
share_id
=
(
groups
[
0
]
<<
8
)
|
(
groups
[
1
]);
if
(
group_id
==
share_id
&&
(
!
checkallow
||
tls_curve_allowed
(
s
,
groups
,
SSL_SECOP_CURVE_CHECK
)))
{
break
;
}
}
if
(
i
==
num_groups
)
{
/* Not in list */
return
0
;
}
return
1
;
}
/*
* Loop through all remaining ClientHello extensions that we collected earlier
* and haven't already processed. For each one parse it and update the SSL
...
...
@@ -1933,6 +2006,15 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al)
s
->
srtp_profile
=
NULL
;
/*
* We process the supported_groups extension first so that is done before
* we get to key_share which needs to use the information in it.
*/
if
(
!
tls_process_supported_groups
(
s
,
hello
))
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
}
/*
* We parse all extensions to ensure the ClientHello is well-formed but,
* unless an extension specifies otherwise, we ignore extensions upon
...
...
@@ -2074,26 +2156,6 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al)
return
0
;
}
}
}
else
if
(
currext
->
type
==
TLSEXT_TYPE_supported_groups
)
{
PACKET
supported_groups_list
;
/* Each group is 2 bytes and we must have at least 1. */
if
(
!
PACKET_as_length_prefixed_2
(
&
currext
->
data
,
&
supported_groups_list
)
||
PACKET_remaining
(
&
supported_groups_list
)
==
0
||
(
PACKET_remaining
(
&
supported_groups_list
)
%
2
)
!=
0
)
{
return
0
;
}
if
(
!
s
->
hit
)
{
if
(
!
PACKET_memdup
(
&
supported_groups_list
,
&
s
->
session
->
tlsext_supportedgroupslist
,
&
s
->
session
->
tlsext_supportedgroupslist_length
))
{
*
al
=
TLS1_AD_INTERNAL_ERROR
;
return
0
;
}
}
}
#endif
/* OPENSSL_NO_EC */
else
if
(
currext
->
type
==
TLSEXT_TYPE_session_ticket
)
{
...
...
@@ -2251,11 +2313,11 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al)
&&
!
(
s
->
options
&
SSL_OP_NO_ENCRYPT_THEN_MAC
))
{
s
->
s3
->
flags
|=
TLS1_FLAGS_ENCRYPT_THEN_MAC
;
}
else
if
(
currext
->
type
==
TLSEXT_TYPE_key_share
&&
s
->
version
==
TLS1_3_VERSION
)
{
&&
s
->
version
==
TLS1_3_VERSION
&&
!
s
->
hit
)
{
unsigned
int
group_id
;
PACKET
key_share_list
,
encoded_pt
;
const
unsigned
char
*
curves
;
size_t
num_curves
,
i
;
size_t
num_curves
;
int
group_nid
;
unsigned
int
curve_flags
;
...
...
@@ -2283,23 +2345,28 @@ static int ssl_scan_clienthello_tlsext(SSL *s, CLIENTHELLO_MSG *hello, int *al)
return
0
;
}
/*
Find a share that we can use
*/
if
(
!
tls1_get_curvelist
(
s
,
0
,
&
curves
,
&
num_curves
))
{
/*
Check this share is in supported_groups
*/
if
(
!
tls1_get_curvelist
(
s
,
1
,
&
curves
,
&
num_curves
))
{
*
al
=
SSL_AD_INTERNAL_ERROR
;
SSLerr
(
SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT
,
ERR_R_INTERNAL_ERROR
);
return
0
;
}
for
(
i
=
0
;
i
<
num_curves
;
i
++
,
curves
+=
2
)
{
unsigned
int
share_id
=
(
curves
[
0
]
<<
8
)
|
(
curves
[
1
]);
if
(
group_id
==
share_id
&&
tls_curve_allowed
(
s
,
curves
,
SSL_SECOP_CURVE_CHECK
))
{
break
;
}
if
(
!
check_in_list
(
s
,
group_id
,
curves
,
num_curves
,
0
))
{
*
al
=
SSL_AD_HANDSHAKE_FAILURE
;
SSLerr
(
SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT
,
SSL_R_BAD_KEY_SHARE
);
return
0
;
}
if
(
i
==
num_curves
)
{
/* Find a share that we can use */
if
(
!
tls1_get_curvelist
(
s
,
0
,
&
curves
,
&
num_curves
))
{
*
al
=
SSL_AD_INTERNAL_ERROR
;
SSLerr
(
SSL_F_SSL_SCAN_CLIENTHELLO_TLSEXT
,
ERR_R_INTERNAL_ERROR
);
return
0
;
}
if
(
!
check_in_list
(
s
,
group_id
,
curves
,
num_curves
,
1
))
{
/* Share not suitable */
continue
;
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录