added basic hello extension support for TLSv1.2, renumbered the algorithm enumerations to match RFC

2012-07-09 10:02:34 -07:00 · 2012-07-09 10:02:34 -07:00 · 1ac6db9d1d
parent 56d2180cf3
commit 1ac6db9d1d
2 changed files with 42 additions and 9 deletions
--- a/cyassl/internal.h
+++ b/cyassl/internal.h
@ -341,6 +341,7 @@ enum Misc {
    TLSv1_2_MINOR   = 3,        /* TLSv1_2 minor version number */
    NO_COMPRESSION  =  0,
    ZLIB_COMPRESSION = 221,     /* CyaSSL zlib compression */
+    HELLO_EXT_SIG_ALGO = 13,    /* ID for the sig_algo hello extension */
    SECRET_LEN      = 48,       /* pre RSA and all master */
    ENCRYPT_LEN     = 512,      /* allow 4096 bit static buffer */
    SIZEOF_SENDER   =  4,       /* clnt or srvr           */
@ -380,6 +381,7 @@ enum Misc {
    CERT_HEADER_SZ      = 3,   /* always 3 bytes          */
    REQ_HEADER_SZ       = 2,   /* cert request header sz  */
    HINT_LEN_SZ         = 2,   /* length of hint size field */
+    HELLO_EXT_SZ        = 14,  /* length of the lazy hello extensions */

    DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */
    DTLS_RECORD_HEADER_SZ    = 13, /* normal + epoch(2) + seq_num(6) */
@ -841,7 +843,7 @@ enum BulkCipherAlgorithm {

 /* Supported Message Authentication Codes from page 43 */
 enum MACAlgorithm { 
-    no_mac = 10,
+    no_mac = 0,
    md5_mac,
    sha_mac,
    sha224_mac,
@ -854,7 +856,7 @@ enum MACAlgorithm {

 /* Supported Key Exchange Protocols */
 enum KeyExchangeAlgorithm { 
-    no_kea = 20,
+    no_kea = 0,
    rsa_kea, 
    diffie_hellman_kea, 
    fortezza_kea,
@ -867,7 +869,7 @@ enum KeyExchangeAlgorithm {

 /* Supported Authentication Schemes */
 enum SignatureAlgorithm {
-    anonymous_sa_algo = 30,
+    anonymous_sa_algo = 0,
    rsa_sa_algo,
    dsa_sa_algo,
    ecc_dsa_sa_algo
--- a/src/internal.c
+++ b/src/internal.c
@ -55,7 +55,7 @@

 #ifndef NO_CYASSL_CLIENT
    static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*);
-    static int DoServerHello(CYASSL* ssl, const byte* input, word32*);
+    static int DoServerHello(CYASSL* ssl, const byte* input, word32*, word32);
    static int DoCertificateRequest(CYASSL* ssl, const byte* input, word32*);
    static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*);
 #endif
@ -2125,7 +2125,7 @@ static int DoHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx,
            
    case server_hello:
        CYASSL_MSG("processing server hello");
-        ret = DoServerHello(ssl, input, inOutIdx);
+        ret = DoServerHello(ssl, input, inOutIdx, size);
        break;

    case certificate_request:
@ -4384,7 +4384,10 @@ int SetCipherList(Suites* s, const char* list)
        length = sizeof(ProtocolVersion) + RAN_LEN
               + idSz + ENUM_LEN                      
               + ssl->suites.suiteSz + SUITE_LEN
-               + COMP_LEN  + ENUM_LEN;
+               + COMP_LEN + ENUM_LEN;
+
+        if (IsAtLeastTLSv1_2(ssl))
+            length += HELLO_EXT_SZ;

        sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ;

@ -4450,7 +4453,28 @@ int SetCipherList(Suites* s, const char* list)
            output[idx++] = ZLIB_COMPRESSION;
        else
            output[idx++] = NO_COMPRESSION;
-            
+
+        if (IsAtLeastTLSv1_2(ssl))
+        {
+            /* add in the extensions length */
+            c16toa(HELLO_EXT_SZ-2, output + idx);
+            idx += 2;
+
+            c16toa(HELLO_EXT_SIG_ALGO, output + idx);
+            idx += 2;
+            c16toa(HELLO_EXT_SZ-6, output + idx);
+            idx += 2;
+
+            c16toa(HELLO_EXT_SZ-8, output + idx);
+            idx += 2;
+            output[idx++] = sha_mac;
+            output[idx++] = rsa_sa_algo;
+            output[idx++] = sha_mac;
+            output[idx++] = dsa_sa_algo;
+            output[idx++] = sha_mac;
+            output[idx++] = ecc_dsa_sa_algo;
+        }
+
        HashOutput(ssl, output, sendSz, 0);

        ssl->options.clientState = CLIENT_HELLO_COMPLETE;
@ -4492,12 +4516,15 @@ int SetCipherList(Suites* s, const char* list)
    }


-    static int DoServerHello(CYASSL* ssl, const byte* input, word32* inOutIdx)
+    static int DoServerHello(CYASSL* ssl, const byte* input, word32* inOutIdx,
+                             word32 helloSz)
    {
        byte b;
        byte compression;
        ProtocolVersion pv;
+        word16 extSz;
        word32 i = *inOutIdx;
+        word32 begin = i;

 #ifdef CYASSL_CALLBACKS
        if (ssl->hsInfoOn) AddPacketName("ServerHello", &ssl->handShakeInfo);
@ -4549,7 +4576,11 @@ int SetCipherList(Suites* s, const char* list)
            CYASSL_MSG("Server refused compression, turning off"); 
            ssl->options.usingCompression = 0;  /* turn off if server refused */
        }
-        
+
+        *inOutIdx = i;
+        if ( (i - begin) < helloSz)
+            *inOutIdx = begin + helloSz;  /* skip extensions */
+
        ssl->options.serverState = SERVER_HELLO_COMPLETE;

        *inOutIdx = i;