diff options
author | Leander Schwarz <lschwarz@mozilla.com> | 2022-05-17 10:41:00 +0000 |
---|---|---|
committer | Leander Schwarz <lschwarz@mozilla.com> | 2022-05-17 10:41:00 +0000 |
commit | ba030aa8a1a3457b261bd8e44a62153f804cce72 (patch) | |
tree | eee7d87fe2de4fbf17d0dbfeb9f8c2751e5384cb | |
parent | de1cd863c7a8393d91ca0317954c3e3af556c086 (diff) | |
download | nss-hg-ba030aa8a1a3457b261bd8e44a62153f804cce72.tar.gz |
Bug 1765753 - Added RFC8422 compliant TLS <= 1.2 undefined/compressed ECPointFormat extension alerts. r=djackson
Differential Revision: https://phabricator.services.mozilla.com/D144420
-rw-r--r-- | gtests/ssl_gtest/ssl_extension_unittest.cc | 16 | ||||
-rw-r--r-- | lib/ssl/ssl3exthandle.c | 10 |
2 files changed, 25 insertions, 1 deletions
diff --git a/gtests/ssl_gtest/ssl_extension_unittest.cc b/gtests/ssl_gtest/ssl_extension_unittest.cc index b0c42c6fa..6e3f2a538 100644 --- a/gtests/ssl_gtest/ssl_extension_unittest.cc +++ b/gtests/ssl_gtest/ssl_extension_unittest.cc @@ -597,6 +597,22 @@ TEST_P(TlsExtensionTestPre13, SupportedPointsTrailingData) { client_, ssl_ec_point_formats_xtn, extension)); } +TEST_P(TlsExtensionTestPre13, SupportedPointsCompressed) { + const uint8_t val[] = {0x01, 0x02}; + DataBuffer extension(val, sizeof(val)); + ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>( + client_, ssl_ec_point_formats_xtn, extension), + kTlsAlertIllegalParameter); +} + +TEST_P(TlsExtensionTestPre13, SupportedPointsUndefined) { + const uint8_t val[] = {0x01, 0xAA}; + DataBuffer extension(val, sizeof(val)); + ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>( + client_, ssl_ec_point_formats_xtn, extension), + kTlsAlertIllegalParameter); +} + TEST_P(TlsExtensionTestPre13, RenegotiationInfoBadLength) { const uint8_t val[] = {0x99}; DataBuffer extension(val, sizeof(val)); diff --git a/lib/ssl/ssl3exthandle.c b/lib/ssl/ssl3exthandle.c index 188496e56..b5ae62f39 100644 --- a/lib/ssl/ssl3exthandle.c +++ b/lib/ssl/ssl3exthandle.c @@ -1813,8 +1813,16 @@ ssl3_HandleSupportedPointFormatsXtn(const sslSocket *ss, } } - /* Poor client doesn't support uncompressed points. */ + /* Poor client doesn't support uncompressed points. + * + * If the client sends the extension and the extension does not contain the + * uncompressed point format, and the client has used the Supported Groups + * extension to indicate support for any of the curves defined in this + * specification, then the server MUST abort the handshake and return an + * illegal_parameter alert. [RFC8422, Section 5.1.2] */ + ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE); + return SECFailure; } |