diff options
| author | Ander Juaristi <a@juaristi.eus> | 2018-01-04 13:11:38 +0100 |
|---|---|---|
| committer | Ander Juaristi <a@juaristi.eus> | 2018-01-05 15:59:13 +0100 |
| commit | 49d6d7d579f7b28eaebf2f8be3c4a88a18754edf (patch) | |
| tree | 0728d4965d7f3f18d00ab78e4662f87e5988e6c3 | |
| parent | 338e3e0bfcdc3bad7daead57e1b971120c79de74 (diff) | |
| download | gnutls-49d6d7d579f7b28eaebf2f8be3c4a88a18754edf.tar.gz | |
TLS 1.3 - Wait until handshake is complete for NST
Signed-off-by: Ander Juaristi <a@juaristi.eus>
| -rw-r--r-- | lib/handshake-tls13.c | 7 | ||||
| -rw-r--r-- | lib/handshake.c | 17 | ||||
| -rw-r--r-- | lib/tls13/session_ticket.c | 22 | ||||
| -rw-r--r-- | lib/tls13/session_ticket.h | 4 |
4 files changed, 37 insertions, 13 deletions
diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index 64dbe2b22a..ac9bc1d4f6 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -54,7 +54,6 @@ #include "tls13/certificate.h" #include "tls13/finished.h" #include "tls13/key_update.h" -#include "tls13/session_ticket.h" #include "ext/pre_shared_key.h" static int generate_hs_traffic_keys(gnutls_session_t session); @@ -337,11 +336,8 @@ int _gnutls13_handshake_server(gnutls_session_t session) generate_ap_traffic_keys(session); STATE = STATE110; IMED_RET("generate app keys", ret, 0); - /* fall through */ - case STATE111: - ret = _gnutls13_send_session_ticket(session, AGAIN(STATE111)); + STATE = STATE0; - IMED_RET("send new session ticket", ret, 0); break; default: return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); @@ -416,6 +412,7 @@ _gnutls13_recv_async_handshake(gnutls_session_t session, gnutls_buffer_st *buf) if (session->security_parameters.entity != GNUTLS_CLIENT) return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET); + memset(&ticket, 0, sizeof(struct tls13_nst_st)); ret = _gnutls13_recv_session_ticket(session, buf, &ticket); if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/handshake.c b/lib/handshake.c index 43492124a5..7a1bafe3a5 100644 --- a/lib/handshake.c +++ b/lib/handshake.c @@ -54,6 +54,7 @@ #include <random.h> #include <dtls.h> #include "secrets.h" +#include "tls13/session_ticket.h" #define TRUE 1 #define FALSE 0 @@ -2474,6 +2475,22 @@ int gnutls_handshake(gnutls_session_t session) return ret; } + /* + * Handshake is complete, and application traffic keys are available. + * Now we send a TLS 1.3 NewSessionTicket if requested. + */ + if (session->security_parameters.entity == GNUTLS_SERVER && + get_version(session)->tls13_sem) { + ret = _gnutls13_send_session_ticket(session, AGAIN(STATE111)); + STATE = STATE111; + + if (ret < 0) + return gnutls_assert_val(ret); + + session->internals.ticket_sent = 1; + STATE = STATE0; + } + /* clear handshake buffer */ if (session->security_parameters.entity != GNUTLS_CLIENT || !(session->internals.flags & GNUTLS_ENABLE_FALSE_START) || diff --git a/lib/tls13/session_ticket.c b/lib/tls13/session_ticket.c index 375c87239f..21781f030c 100644 --- a/lib/tls13/session_ticket.c +++ b/lib/tls13/session_ticket.c @@ -330,9 +330,10 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned again) ticket_len = sizeof(uint32_t) + /* ticket_lifetime */ sizeof(uint32_t) + /* ticket_age_add */ - ticket.ticket_nonce.size + - ticket.ticket.size; - bufel = _gnutls_handshake_alloc(session, ticket_len + 2); + ticket.ticket_nonce.size + 1 + + ticket.ticket.size + 2 + + 2; /* extensions length */ + bufel = _gnutls_handshake_alloc(session, ticket_len); if (bufel == NULL) { ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); goto cleanup; @@ -341,23 +342,28 @@ int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned again) data = _mbuffer_get_udata_ptr(bufel); p = data; - _gnutls_write_uint16(ticket_len, p); - p += 2; + /* append ticket_lifetime */ _gnutls_write_uint32(ticket.ticket_lifetime, p); p += 4; + /* append ticket_age_add */ _gnutls_write_uint32(ticket.ticket_age_add, p); p += 4; - _gnutls_write_uint16(ticket.ticket_nonce.size, p); - p += 2; + /* append ticket_nonce */ + *p = (uint8_t) ticket.ticket_nonce.size; + p++; memcpy(p, ticket.ticket_nonce.data, ticket.ticket_nonce.size); p += ticket.ticket_nonce.size; + /* append ticket */ _gnutls_write_uint16(ticket.ticket.size, p); p += 2; memcpy(p, ticket.ticket.data, ticket.ticket.size); p += ticket.ticket.size; + /* No extensions */ + _gnutls_write_uint16(0, p); + p += 2; + data_size = p - data; - session->internals.ticket_sent = 1; } return _gnutls_send_handshake(session, data_size ? bufel : NULL, diff --git a/lib/tls13/session_ticket.h b/lib/tls13/session_ticket.h index 91c0c9839b..2058e1b113 100644 --- a/lib/tls13/session_ticket.h +++ b/lib/tls13/session_ticket.h @@ -33,4 +33,8 @@ struct tls13_nst_st { int _gnutls13_send_session_ticket(gnutls_session_t session, unsigned again); int _gnutls13_recv_session_ticket(gnutls_session_t session, gnutls_buffer_st *buf, struct tls13_nst_st *ticket); +/* TODO maybe we don't need these two */ +int _gnutls13_recv_session_ticket2(gnutls_session_t session, gnutls_datum_t *dat, struct tls13_nst_st *ticket); +int _gnutls13_parse_session_ticket(struct tls13_nst_st *ticket); + #endif |