From 7d425a5ce618e37b9c2e5bba328392e168b1dda8 Mon Sep 17 00:00:00 2001 From: thivyaashok <34463424+thivyaashok@users.noreply.github.com> Date: Fri, 20 Apr 2018 10:35:37 -0700 Subject: [PATCH] Added support for an anonymous cipher suite (#1267) * Added support for cipher suite TLS_DH_anon_WITH_AES256_GCM_SHA384 * Added test cases for verification of anonymous cipher suite --- examples/client/client.c | 5 ++++- examples/server/server.c | 6 +++++- src/internal.c | 25 +++++++++++++++++++++++++ src/keys.c | 19 +++++++++++++++++++ tests/test.conf | 30 ++++++++++++++++++++++++++++++ wolfssl/internal.h | 5 +++++ 6 files changed, 88 insertions(+), 2 deletions(-) diff --git a/examples/client/client.c b/examples/client/client.c index d5bc0d544..e533f0849 100644 --- a/examples/client/client.c +++ b/examples/client/client.c @@ -1605,8 +1605,11 @@ THREAD_RETURN WOLFSSL_THREAD client_test(void* args) if (useAnon) { #ifdef HAVE_ANON if (cipherList == NULL || (cipherList && useDefCipherList)) { + const char* defaultCipherList; wolfSSL_CTX_allow_anon_cipher(ctx); - if (wolfSSL_CTX_set_cipher_list(ctx,"ADH-AES128-SHA") + defaultCipherList = "ADH-AES256-GCM-SHA384:" + "ADH-AES128-SHA"; + if (wolfSSL_CTX_set_cipher_list(ctx,defaultCipherList) != WOLFSSL_SUCCESS) { wolfSSL_CTX_free(ctx); err_sys("client can't set cipher list 4"); diff --git a/examples/server/server.c b/examples/server/server.c index 896d4760a..09d49abea 100644 --- a/examples/server/server.c +++ b/examples/server/server.c @@ -1149,7 +1149,11 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) #ifdef HAVE_ANON CyaSSL_CTX_allow_anon_cipher(ctx); if (cipherList == NULL || (cipherList && useDefCipherList)) { - if (SSL_CTX_set_cipher_list(ctx, "ADH-AES128-SHA") != WOLFSSL_SUCCESS) + const char* defaultCipherList; + defaultCipherList = "ADH-AES256-GCM-SHA384:" + "ADH-AES128-SHA"; + if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) + != WOLFSSL_SUCCESS) err_sys_ex(runWithErrors, "server can't set cipher list 4"); } #endif diff --git a/src/internal.c b/src/internal.c index c96189994..814a67d87 100644 --- a/src/internal.c +++ b/src/internal.c @@ -2022,6 +2022,13 @@ void InitSuites(Suites* suites, ProtocolVersion pv, int keySz, word16 haveRSA, } #endif +#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 + if (tls1_2 && haveDH) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DH_anon_WITH_AES_256_GCM_SHA384; + } +#endif + #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 if (tls1_2 && haveDH && havePSK) { suites->suites[idx++] = 0; @@ -7451,6 +7458,10 @@ static int BuildFinished(WOLFSSL* ssl, Hashes* hashes, const byte* sender) if (requirement == REQUIRES_DHE) return 1; break; + case TLS_DH_anon_WITH_AES_256_GCM_SHA384: + if (requirement == REQUIRES_DHE) + return 1; + break; #endif #ifdef WOLFSSL_MULTICAST case WDM_WITH_NULL_SHA256 : @@ -15613,6 +15624,10 @@ static const char* const cipher_names[] = "ADH-AES128-SHA", #endif +#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 + "ADH-AES256-GCM-SHA384", +#endif + #ifdef BUILD_TLS_QSH "QSH", #endif @@ -16082,6 +16097,10 @@ static const int cipher_name_idx[] = TLS_DH_anon_WITH_AES_128_CBC_SHA, #endif +#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 + TLS_DH_anon_WITH_AES_256_GCM_SHA384, +#endif + #ifdef BUILD_TLS_QSH TLS_QSH, #endif @@ -16644,6 +16663,12 @@ const char* wolfSSL_get_cipher_name_from_suite(const unsigned char cipherSuite, case TLS_DH_anon_WITH_AES_128_CBC_SHA : return "TLS_DH_anon_WITH_AES_128_CBC_SHA"; #endif + +#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 + case TLS_DH_anon_WITH_AES_256_GCM_SHA384: + return "TLS_DH_anon_WITH_AES_256_GCM_SHA384"; +#endif + #ifdef BUILD_WDM_WITH_NULL_SHA256 case WDM_WITH_NULL_SHA256 : return "WDM_WITH_NULL_SHA256"; diff --git a/src/keys.c b/src/keys.c index 2718e45bb..3418da2a1 100644 --- a/src/keys.c +++ b/src/keys.c @@ -1416,6 +1416,25 @@ int SetCipherSpecs(WOLFSSL* ssl) ssl->options.usingPSK_cipher = 1; break; #endif + +#ifdef BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 + case TLS_DH_anon_WITH_AES_256_GCM_SHA384: + ssl->specs.bulk_cipher_algorithm = wolfssl_aes_gcm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = WC_SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AESGCM_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + ssl->options.usingAnon_cipher = 1; + break; +#endif #ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : diff --git a/tests/test.conf b/tests/test.conf index 560b84743..ebd0664cc 100644 --- a/tests/test.conf +++ b/tests/test.conf @@ -2048,6 +2048,36 @@ -v 1 -l ADH-AES128-SHA +# server TLSv1.2 ADH-AES256-GCM-SHA384 +-a +-v 3 +-l ADH-AES256-GCM-SHA384 + +# client TLSv1.2 ADH-AES256-GCM-SHA384 +-a +-v 3 +-l ADH-AES256-GCM-SHA384 + +# server TLSv1.1 ADH-AES256-GCM-SHA384 +-a +-v 2 +-l ADH-AES256-GCM-SHA384 + +# client TLSv1.1 ADH-AES256-GCM-SHA384 +-a +-v 2 +-l ADH-AES256-GCM-SHA384 + +# server TLSv1.0 ADH-AES256-GCM-SHA384 +-a +-v 1 +-l ADH-AES256-GCM-SHA384 + +# client TLSv1.0 ADH-AES256-GCM-SHA384 +-a +-v 1 +-l ADH-AES256-GCM-SHA384 + # server TLSv1 NTRU_RC4 -v 1 -l NTRU-RC4-SHA diff --git a/wolfssl/internal.h b/wolfssl/internal.h index 432365d17..02e201888 100644 --- a/wolfssl/internal.h +++ b/wolfssl/internal.h @@ -463,6 +463,10 @@ #if defined(HAVE_ANON) && !defined(NO_TLS) && !defined(NO_DH) && \ !defined(NO_AES) && !defined(NO_SHA) && defined(WOLFSSL_AES_128) #define BUILD_TLS_DH_anon_WITH_AES_128_CBC_SHA + + #if defined(WOLFSSL_SHA384) && defined(HAVE_AESGCM) + #define BUILD_TLS_DH_anon_WITH_AES_256_GCM_SHA384 + #endif #endif #if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) @@ -913,6 +917,7 @@ enum { TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f, + TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0xa7, TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8, TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9, TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa,