diff options
author | Jack Lloyd <[email protected]> | 2018-10-16 12:08:48 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-10-16 12:08:48 -0400 |
commit | 138e558099ffac68bdd10a89c6c9172b17228878 (patch) | |
tree | 943ea3d338ac6bceade44ca4375ee4cbbef82b97 /src | |
parent | 7f296b44e06b29b01d04ba638c3f179a81f3201c (diff) |
Fix TLS signature algorithm intolerance
GH #1708
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/tls/tls_algos.cpp | 8 | ||||
-rw-r--r-- | src/lib/tls/tls_extensions.h | 24 | ||||
-rw-r--r-- | src/lib/tls/tls_handshake_state.cpp | 8 | ||||
-rw-r--r-- | src/tests/unit_tls.cpp | 10 |
4 files changed, 33 insertions, 17 deletions
diff --git a/src/lib/tls/tls_algos.cpp b/src/lib/tls/tls_algos.cpp index 9c3c2d9f8..9501cfdfb 100644 --- a/src/lib/tls/tls_algos.cpp +++ b/src/lib/tls/tls_algos.cpp @@ -223,7 +223,7 @@ std::string hash_function_of_scheme(Signature_Scheme scheme) return ""; } - throw Invalid_State("Unknown signature algorithm enum"); + throw Invalid_State("hash_function_of_scheme: Unknown signature algorithm enum"); } const std::vector<Signature_Scheme>& all_signature_schemes() @@ -323,7 +323,7 @@ std::string signature_algorithm_of_scheme(Signature_Scheme scheme) return ""; } - throw Invalid_State("Unknown signature algorithm enum"); + throw Invalid_State("signature_algorithm_of_scheme: Unknown signature algorithm enum"); } std::string sig_scheme_to_string(Signature_Scheme scheme) @@ -373,7 +373,7 @@ std::string sig_scheme_to_string(Signature_Scheme scheme) return ""; } - throw Invalid_State("Unknown signature algorithm enum"); + throw Invalid_State("sig_scheme_to_string: Unknown signature algorithm enum"); } std::string padding_string_for_scheme(Signature_Scheme scheme) @@ -418,7 +418,7 @@ std::string padding_string_for_scheme(Signature_Scheme scheme) return ""; } - throw Invalid_State("Unknown signature algorithm enum"); + throw Invalid_State("padding_string_for_scheme: Unknown signature algorithm enum"); } } diff --git a/src/lib/tls/tls_extensions.h b/src/lib/tls/tls_extensions.h index ce7e2e94b..98856b951 100644 --- a/src/lib/tls/tls_extensions.h +++ b/src/lib/tls/tls_extensions.h @@ -71,7 +71,7 @@ class BOTAN_UNSTABLE_API Extension /** * Server Name Indicator extension (RFC 3546) */ -class Server_Name_Indicator final : public Extension +class BOTAN_UNSTABLE_API Server_Name_Indicator final : public Extension { public: static Handshake_Extension_Type static_type() @@ -98,7 +98,7 @@ class Server_Name_Indicator final : public Extension /** * SRP identifier extension (RFC 5054) */ -class SRP_Identifier final : public Extension +class BOTAN_UNSTABLE_API SRP_Identifier final : public Extension { public: static Handshake_Extension_Type static_type() @@ -125,7 +125,7 @@ class SRP_Identifier final : public Extension /** * Renegotiation Indication Extension (RFC 5746) */ -class Renegotiation_Extension final : public Extension +class BOTAN_UNSTABLE_API Renegotiation_Extension final : public Extension { public: static Handshake_Extension_Type static_type() @@ -154,7 +154,7 @@ class Renegotiation_Extension final : public Extension /** * ALPN (RFC 7301) */ -class Application_Layer_Protocol_Notification final : public Extension +class BOTAN_UNSTABLE_API Application_Layer_Protocol_Notification final : public Extension { public: static Handshake_Extension_Type static_type() { return TLSEXT_ALPN; } @@ -190,7 +190,7 @@ class Application_Layer_Protocol_Notification final : public Extension /** * Session Ticket Extension (RFC 5077) */ -class Session_Ticket final : public Extension +class BOTAN_UNSTABLE_API Session_Ticket final : public Extension { public: static Handshake_Extension_Type static_type() @@ -230,7 +230,7 @@ class Session_Ticket final : public Extension /** * Supported Groups Extension (RFC 7919) */ -class Supported_Groups final : public Extension +class BOTAN_UNSTABLE_API Supported_Groups final : public Extension { public: static Handshake_Extension_Type static_type() @@ -259,7 +259,7 @@ class Supported_Groups final : public Extension /** * Supported Point Formats Extension (RFC 4492) */ -class Supported_Point_Formats final : public Extension +class BOTAN_UNSTABLE_API Supported_Point_Formats final : public Extension { public: enum ECPointFormat : uint8_t { @@ -292,7 +292,7 @@ class Supported_Point_Formats final : public Extension /** * Signature Algorithms Extension for TLS 1.2 (RFC 5246) */ -class Signature_Algorithms final : public Extension +class BOTAN_UNSTABLE_API Signature_Algorithms final : public Extension { public: static Handshake_Extension_Type static_type() @@ -318,7 +318,7 @@ class Signature_Algorithms final : public Extension /** * Used to indicate SRTP algorithms for DTLS (RFC 5764) */ -class SRTP_Protection_Profiles final : public Extension +class BOTAN_UNSTABLE_API SRTP_Protection_Profiles final : public Extension { public: static Handshake_Extension_Type static_type() @@ -344,7 +344,7 @@ class SRTP_Protection_Profiles final : public Extension /** * Extended Master Secret Extension (RFC 7627) */ -class Extended_Master_Secret final : public Extension +class BOTAN_UNSTABLE_API Extended_Master_Secret final : public Extension { public: static Handshake_Extension_Type static_type() @@ -364,7 +364,7 @@ class Extended_Master_Secret final : public Extension /** * Encrypt-then-MAC Extension (RFC 7366) */ -class Encrypt_then_MAC final : public Extension +class BOTAN_UNSTABLE_API Encrypt_then_MAC final : public Extension { public: static Handshake_Extension_Type static_type() @@ -384,7 +384,7 @@ class Encrypt_then_MAC final : public Extension /** * Certificate Status Request (RFC 6066) */ -class Certificate_Status_Request final : public Extension +class BOTAN_UNSTABLE_API Certificate_Status_Request final : public Extension { public: static Handshake_Extension_Type static_type() diff --git a/src/lib/tls/tls_handshake_state.cpp b/src/lib/tls/tls_handshake_state.cpp index d113276b3..a9c7514c1 100644 --- a/src/lib/tls/tls_handshake_state.cpp +++ b/src/lib/tls/tls_handshake_state.cpp @@ -398,6 +398,11 @@ Handshake_State::choose_sig_format(const Private_Key& key, for(Signature_Scheme scheme : schemes) { + if(signature_scheme_is_known(scheme) == false) + { + continue; + } + if(signature_algorithm_of_scheme(scheme) == sig_algo) { if(std::find(allowed.begin(), allowed.end(), scheme) != allowed.end()) @@ -451,7 +456,8 @@ bool supported_algos_include( { for(Signature_Scheme scheme : schemes) { - if(hash_function_of_scheme(scheme) == hash_type && + if(signature_scheme_is_known(scheme) && + hash_function_of_scheme(scheme) == hash_type && signature_algorithm_of_scheme(scheme) == key_type) { return true; diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index a26c6e9f7..f60e44a14 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -391,6 +391,16 @@ class TLS_Handshake_Test final void tls_modify_extensions(Botan::TLS::Extensions& extn, Botan::TLS::Connection_Side which_side) override { extn.add(new Test_Extension(which_side)); + + // Insert an unsupported signature scheme as highest prio, to ensure we are tolerant of this + if(auto sig_algs = extn.get<Botan::TLS::Signature_Algorithms>()) + { + std::vector<Botan::TLS::Signature_Scheme> schemes = sig_algs->supported_schemes(); + // 0x0301 is RSA PKCS1/SHA-224, which is not supported anymore + schemes.insert(schemes.begin(), static_cast<Botan::TLS::Signature_Scheme>(0x0301)); + // This replaces the previous extension value + extn.add(new Botan::TLS::Signature_Algorithms(schemes)); + } } void tls_examine_extensions(const Botan::TLS::Extensions& extn, Botan::TLS::Connection_Side which_side) override |