diff options
author | Jack Lloyd <[email protected]> | 2016-11-16 16:15:51 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2016-11-16 16:15:51 -0500 |
commit | 10c2f3f984c6c74d6a94270ee6e9e1be00f68500 (patch) | |
tree | 8cdc3e73fa10088590249560b1a85626c5510c5f /src | |
parent | ca86adc7ceee60abc62645067a53c0f117f28783 (diff) |
Fix incompatability with (some) common TLS stack
Several sites including oracle.com seem to send extension 11
(point format) even if we (the client) did not send it. Then the
handshake fails. To workaround this problem, simply always send this
extension as the client, instead of only sending it if we wished to
support compressed points.
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/tls/msg_client_hello.cpp | 16 | ||||
-rw-r--r-- | src/lib/tls/msg_server_hello.cpp | 11 | ||||
-rw-r--r-- | src/lib/tls/tls_extensions.cpp | 11 | ||||
-rw-r--r-- | src/lib/tls/tls_extensions.h | 3 |
4 files changed, 26 insertions, 15 deletions
diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp index 50c83c10c..2a42e1144 100644 --- a/src/lib/tls/msg_client_hello.cpp +++ b/src/lib/tls/msg_client_hello.cpp @@ -116,10 +116,10 @@ Client_Hello::Client_Hello(Handshake_IO& io, m_extensions.add(new Supported_Elliptic_Curves(policy.allowed_ecc_curves())); - if(!policy.allowed_ecc_curves().empty() && policy.use_ecc_point_compression()) - { - m_extensions.add(new Supported_Point_Formats()); - } + if(!policy.allowed_ecc_curves().empty()) + { + m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression())); + } if(m_version.supports_negotiable_signature_algorithms()) m_extensions.add(new Signature_Algorithms(policy.allowed_signature_hashes(), @@ -165,10 +165,10 @@ Client_Hello::Client_Hello(Handshake_IO& io, m_extensions.add(new Session_Ticket(session.session_ticket())); m_extensions.add(new Supported_Elliptic_Curves(policy.allowed_ecc_curves())); - if(!policy.allowed_ecc_curves().empty() && policy.use_ecc_point_compression()) - { - m_extensions.add(new Supported_Point_Formats()); - } + if(!policy.allowed_ecc_curves().empty()) + { + m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression())); + } if(session.supports_encrypt_then_mac()) m_extensions.add(new Encrypt_then_MAC); diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp index d13bc7551..3e8a8dda9 100644 --- a/src/lib/tls/msg_server_hello.cpp +++ b/src/lib/tls/msg_server_hello.cpp @@ -43,11 +43,11 @@ Server_Hello::Server_Hello(Handshake_IO& io, m_extensions.add(new Encrypt_then_MAC); } - if(c.ecc_ciphersuite() && policy.use_ecc_point_compression()) + if(c.ecc_ciphersuite()) { - m_extensions.add(new Supported_Point_Formats()); + m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression())); } - + if(client_hello.secure_renegotiation()) m_extensions.add(new Renegotiation_Extension(reneg_info)); @@ -107,6 +107,11 @@ Server_Hello::Server_Hello(Handshake_IO& io, m_extensions.add(new Encrypt_then_MAC); } + if(resumed_session.ciphersuite().ecc_ciphersuite()) + { + m_extensions.add(new Supported_Point_Formats(policy.use_ecc_point_compression())); + } + if(client_hello.secure_renegotiation()) m_extensions.add(new Renegotiation_Extension(reneg_info)); diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp index f8eef5ac6..712527fc4 100644 --- a/src/lib/tls/tls_extensions.cpp +++ b/src/lib/tls/tls_extensions.cpp @@ -384,10 +384,15 @@ Supported_Elliptic_Curves::Supported_Elliptic_Curves(TLS_Data_Reader& reader, std::vector<byte> Supported_Point_Formats::serialize() const { - // if we send this extension, we prefer compressed points, - // otherwise we don't send it (which is equal to supporting only uncompressed) // if this extension is sent, it MUST include uncompressed (RFC 4492, section 5.1) - return std::vector<byte>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED}; + if(m_prefers_compressed) + { + return std::vector<byte>{2, ANSIX962_COMPRESSED_PRIME, UNCOMPRESSED}; + } + else + { + return std::vector<byte>{1, UNCOMPRESSED}; + } } Supported_Point_Formats::Supported_Point_Formats(TLS_Data_Reader& reader, diff --git a/src/lib/tls/tls_extensions.h b/src/lib/tls/tls_extensions.h index d69e40a60..119170797 100644 --- a/src/lib/tls/tls_extensions.h +++ b/src/lib/tls/tls_extensions.h @@ -276,7 +276,8 @@ class Supported_Point_Formats final : public Extension std::vector<byte> serialize() const override; - explicit Supported_Point_Formats() : m_prefers_compressed(true) {} + explicit Supported_Point_Formats(bool prefer_compressed) : + m_prefers_compressed(prefer_compressed) {} Supported_Point_Formats(TLS_Data_Reader& reader, u16bit extension_size); |