diff --git a/include/polarssl/config.h b/include/polarssl/config.h index bb88ea9b4..41013d846 100644 --- a/include/polarssl/config.h +++ b/include/polarssl/config.h @@ -549,6 +549,15 @@ */ #define POLARSSL_SSL_SESSION_TICKETS +/** + * \def POLARSSL_SSL_TRUNCATED_HMAC + * + * Enable support for RFC 6066 truncated HMAC in SSL + * + * Comment this macro to disable support for truncated HMAC in SSL + */ +#define POLARSSL_SSL_TRUNCATED_HMAC + /** * \def POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION * diff --git a/include/polarssl/ssl.h b/include/polarssl/ssl.h index d0e71e392..8f7271081 100644 --- a/include/polarssl/ssl.h +++ b/include/polarssl/ssl.h @@ -366,7 +366,9 @@ struct _ssl_session unsigned char mfl_code; /*!< MaxFragmentLength negotiated by peer */ #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) int trunc_hmac; /*!< flag for truncated hmac activation */ +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ }; /* @@ -601,7 +603,9 @@ struct _ssl_context int disable_renegotiation; /*!< enable/disable renegotiation */ int allow_legacy_renegotiation; /*!< allow legacy renegotiation */ const int *ciphersuite_list[4]; /*!< allowed ciphersuites / version */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) int trunc_hmac; /*!< negotiate truncated hmac? */ +#endif #if defined(POLARSSL_SSL_SESSION_TICKETS) int session_tickets; /*!< use session tickets? */ int ticket_lifetime; /*!< session ticket lifetime */ @@ -1049,6 +1053,7 @@ void ssl_set_min_version( ssl_context *ssl, int major, int minor ); int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code ); #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) /** * \brief Activate negotiation of truncated HMAC (Client only) * (Default: SSL_TRUNC_HMAC_ENABLED) @@ -1061,6 +1066,7 @@ int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code ); * POLARSSL_ERR_SSL_BAD_INPUT_DATA if used server-side */ int ssl_set_truncated_hmac( ssl_context *ssl, int truncate ); +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) /** diff --git a/library/ssl_cli.c b/library/ssl_cli.c index 772b2c983..a80a769c0 100644 --- a/library/ssl_cli.c +++ b/library/ssl_cli.c @@ -302,6 +302,7 @@ static void ssl_write_max_fragment_length_ext( ssl_context *ssl, } #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) static void ssl_write_truncated_hmac_ext( ssl_context *ssl, unsigned char *buf, size_t *olen ) { @@ -323,6 +324,7 @@ static void ssl_write_truncated_hmac_ext( ssl_context *ssl, *olen = 4; } +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) static void ssl_write_session_ticket_ext( ssl_context *ssl, @@ -553,8 +555,10 @@ static int ssl_write_client_hello( ssl_context *ssl ) ext_len += olen; #endif +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; +#endif #if defined(POLARSSL_SSL_SESSION_TICKETS) ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); @@ -645,6 +649,7 @@ static int ssl_parse_max_fragment_length_ext( ssl_context *ssl, } #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) static int ssl_parse_truncated_hmac_ext( ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -661,6 +666,7 @@ static int ssl_parse_truncated_hmac_ext( ssl_context *ssl, return( 0 ); } +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) static int ssl_parse_session_ticket_ext( ssl_context *ssl, @@ -910,6 +916,7 @@ static int ssl_parse_server_hello( ssl_context *ssl ) break; #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) case TLS_EXT_TRUNCATED_HMAC: SSL_DEBUG_MSG( 3, ( "found truncated_hmac extension" ) ); @@ -920,6 +927,7 @@ static int ssl_parse_server_hello( ssl_context *ssl ) } break; +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) case TLS_EXT_SESSION_TICKET: diff --git a/library/ssl_srv.c b/library/ssl_srv.c index ff0e9d1f5..2b6f06f4b 100644 --- a/library/ssl_srv.c +++ b/library/ssl_srv.c @@ -581,6 +581,7 @@ static int ssl_parse_max_fragment_length_ext( ssl_context *ssl, } #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) static int ssl_parse_truncated_hmac_ext( ssl_context *ssl, const unsigned char *buf, size_t len ) @@ -597,6 +598,7 @@ static int ssl_parse_truncated_hmac_ext( ssl_context *ssl, return( 0 ); } +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) static int ssl_parse_session_ticket_ext( ssl_context *ssl, @@ -1186,6 +1188,7 @@ static int ssl_parse_client_hello( ssl_context *ssl ) break; #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) case TLS_EXT_TRUNCATED_HMAC: SSL_DEBUG_MSG( 3, ( "found truncated hmac extension" ) ); @@ -1193,6 +1196,7 @@ static int ssl_parse_client_hello( ssl_context *ssl ) if( ret != 0 ) return( ret ); break; +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) case TLS_EXT_SESSION_TICKET: @@ -1313,6 +1317,7 @@ have_ciphersuite: return( 0 ); } +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) static void ssl_write_truncated_hmac_ext( ssl_context *ssl, unsigned char *buf, size_t *olen ) @@ -1335,6 +1340,7 @@ static void ssl_write_truncated_hmac_ext( ssl_context *ssl, *olen = 4; } +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ #if defined(POLARSSL_SSL_SESSION_TICKETS) static void ssl_write_session_ticket_ext( ssl_context *ssl, @@ -1562,8 +1568,10 @@ static int ssl_write_server_hello( ssl_context *ssl ) ext_len += olen; #endif +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) ssl_write_truncated_hmac_ext( ssl, p + 2 + ext_len, &olen ); ext_len += olen; +#endif #if defined(POLARSSL_SSL_SESSION_TICKETS) ssl_write_session_ticket_ext( ssl, p + 2 + ext_len, &olen ); diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 1281bc827..039b536d8 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -516,6 +516,7 @@ int ssl_derive_keys( ssl_context *ssl ) transform->maclen = md_get_size( md_info ); +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) /* * If HMAC is to be truncated, we shall keep the leftmost bytes, * (rfc 6066 page 13 or rfc 2104 section 4), @@ -523,6 +524,7 @@ int ssl_derive_keys( ssl_context *ssl ) */ if( session->trunc_hmac == SSL_TRUNC_HMAC_ENABLED ) transform->maclen = SSL_TRUNCATED_HMAC_LEN; +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ } transform->keylen = cipher_info->key_length; @@ -3255,6 +3257,7 @@ int ssl_set_max_frag_len( ssl_context *ssl, unsigned char mfl_code ) } #endif /* POLARSSL_SSL_MAX_FRAGMENT_LENGTH */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) int ssl_set_truncated_hmac( ssl_context *ssl, int truncate ) { if( ssl->endpoint != SSL_IS_CLIENT ) @@ -3264,6 +3267,7 @@ int ssl_set_truncated_hmac( ssl_context *ssl, int truncate ) return( 0 ); } +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ void ssl_set_renegotiation( ssl_context *ssl, int renegotiation ) { diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index a422bf43a..7dd11b9b7 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -185,6 +185,13 @@ static int my_verify( void *data, x509_cert *crt, int depth, int *flags ) #define USAGE_TICKETS "" #endif /* POLARSSL_SSL_SESSION_TICKETS */ +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) +#define USAGE_TRUNC_HMAC \ + " trunc_hmac=%%d default: 0 (disabled)\n" +#else +#define USAGE_TRUNC_HMAC "" +#endif /* POLARSSL_SSL_TRUNCATED_HMAC */ + #if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH) #define USAGE_MAX_FRAG_LEN \ " max_frag_len=%%d default: 16384 (tls default)\n" \ @@ -213,7 +220,7 @@ static int my_verify( void *data, x509_cert *crt, int depth, int *flags ) " auth_mode=%%s default: \"optional\"\n" \ " options: none, optional, required\n" \ USAGE_MAX_FRAG_LEN \ - " trunc_hmac=%%d default: 0 (disabled)\n" \ + USAGE_TRUNC_HMAC \ USAGE_PSK \ "\n" \ " force_ciphersuite= default: all enabled\n"\ @@ -682,8 +689,10 @@ int main( int argc, char *argv[] ) ssl_set_max_frag_len( &ssl, opt.mfl_code ); #endif +#if defined(POLARSSL_SSL_TRUNCATED_HMAC) if( opt.trunc_hmac != 0 ) ssl_set_truncated_hmac( &ssl, SSL_TRUNC_HMAC_ENABLED ); +#endif ssl_set_rng( &ssl, ctr_drbg_random, &ctr_drbg ); ssl_set_dbg( &ssl, my_debug, stdout );