diff options
Diffstat (limited to 'src/openvpn/ssl_mbedtls.c')
| -rw-r--r-- | src/openvpn/ssl_mbedtls.c | 124 |
1 files changed, 75 insertions, 49 deletions
diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 81dd906..4ece37e 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -41,6 +41,7 @@ #include "buffer.h" #include "misc.h" #include "manage.h" +#include "mbedtls_compat.h" #include "pkcs11_backend.h" #include "ssl_common.h" @@ -58,25 +59,6 @@ #include <mbedtls/oid.h> #include <mbedtls/pem.h> -/** - * Compatibility: mbedtls_ctr_drbg_update was deprecated in mbedtls 2.16 and - * replaced with mbedtls_ctr_drbg_update_ret, which returns an error code. - * For older versions, we call mbedtls_ctr_drbg_update and return 0 (success). - * - * Note: this change was backported to other mbedTLS branches, therefore we - * rely on function detection at configure time. - */ -#ifndef HAVE_CTR_DRBG_UPDATE_RET -static int -mbedtls_ctr_drbg_update_ret(mbedtls_ctr_drbg_context *ctx, - const unsigned char *additional, - size_t add_len) -{ - mbedtls_ctr_drbg_update(ctx, additional, add_len); - return 0; -} -#endif - static const mbedtls_x509_crt_profile openvpn_x509_crt_profile_legacy = { /* Hashes from SHA-1 and above */ @@ -108,6 +90,7 @@ static const mbedtls_x509_crt_profile openvpn_x509_crt_profile_preferred = void tls_init_lib(void) { + mbedtls_compat_psa_crypto_init(); } void @@ -430,7 +413,7 @@ tls_ctx_load_dh_params(struct tls_root_ctx *ctx, const char *dh_file, } msg(D_TLS_DEBUG_LOW, "Diffie-Hellman initialized with " counter_format " bit key", - (counter_type) 8 * mbedtls_mpi_size(&ctx->dhm_ctx->P)); + (counter_type) mbedtls_dhm_get_bitlen(ctx->dhm_ctx)); } void @@ -504,29 +487,40 @@ tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, if (priv_key_inline) { - status = mbedtls_pk_parse_key(ctx->priv_key, - (const unsigned char *) priv_key_file, - strlen(priv_key_file) + 1, NULL, 0); + status = mbedtls_compat_pk_parse_key(ctx->priv_key, + (const unsigned char *) priv_key_file, + strlen(priv_key_file) + 1, NULL, 0, + mbedtls_ctr_drbg_random, + rand_ctx_get()); if (MBEDTLS_ERR_PK_PASSWORD_REQUIRED == status) { char passbuf[512] = {0}; pem_password_callback(passbuf, 512, 0, NULL); - status = mbedtls_pk_parse_key(ctx->priv_key, - (const unsigned char *) priv_key_file, - strlen(priv_key_file) + 1, - (unsigned char *) passbuf, - strlen(passbuf)); + status = mbedtls_compat_pk_parse_key(ctx->priv_key, + (const unsigned char *) priv_key_file, + strlen(priv_key_file) + 1, + (unsigned char *) passbuf, + strlen(passbuf), + mbedtls_ctr_drbg_random, + rand_ctx_get()); } } else { - status = mbedtls_pk_parse_keyfile(ctx->priv_key, priv_key_file, NULL); + status = mbedtls_compat_pk_parse_keyfile(ctx->priv_key, + priv_key_file, + NULL, + mbedtls_ctr_drbg_random, + rand_ctx_get()); if (MBEDTLS_ERR_PK_PASSWORD_REQUIRED == status) { char passbuf[512] = {0}; pem_password_callback(passbuf, 512, 0, NULL); - status = mbedtls_pk_parse_keyfile(ctx->priv_key, priv_key_file, passbuf); + status = mbedtls_compat_pk_parse_keyfile(ctx->priv_key, + priv_key_file, passbuf, + mbedtls_ctr_drbg_random, + rand_ctx_get()); } } if (!mbed_ok(status)) @@ -542,7 +536,10 @@ tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, return 1; } - if (!mbed_ok(mbedtls_pk_check_pair(&ctx->crt_chain->pk, ctx->priv_key))) + if (!mbed_ok(mbedtls_compat_pk_check_pair(&ctx->crt_chain->pk, + ctx->priv_key, + mbedtls_ctr_drbg_random, + rand_ctx_get()))) { msg(M_WARN, "Private key does not match the certificate"); return 1; @@ -558,7 +555,6 @@ tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, * @param ctx_voidptr Management external key context. * @param f_rng (Unused) * @param p_rng (Unused) - * @param mode RSA mode (should be RSA_PRIVATE). * @param md_alg Message digest ('hash') algorithm type. * @param hashlen Length of hash (overridden by length specified by md_alg * if md_alg != MBEDTLS_MD_NONE). @@ -572,7 +568,10 @@ tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, */ static inline int external_pkcs1_sign( void *ctx_voidptr, - int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, int mode, + int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, +#if MBEDTLS_VERSION_NUMBER < 0x03020100 + int mode, +#endif mbedtls_md_type_t md_alg, unsigned int hashlen, const unsigned char *hash, unsigned char *sig ) { @@ -587,10 +586,12 @@ external_pkcs1_sign( void *ctx_voidptr, return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } +#if MBEDTLS_VERSION_NUMBER < 0x03020100 if (MBEDTLS_RSA_PRIVATE != mode) { return MBEDTLS_ERR_RSA_BAD_INPUT_DATA; } +#endif /* * Support a wide range of hashes. TLSv1.1 and before only need SIG_RSA_RAW, @@ -967,7 +968,7 @@ tls_ctx_personalise_random(struct tls_root_ctx *ctx) if (0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash))) { - if (!mbed_ok(mbedtls_ctr_drbg_update_ret(cd_ctx, sha256_hash, 32))) + if (!mbed_ok(mbedtls_compat_ctr_drbg_update(cd_ctx, sha256_hash, 32))) { msg(M_WARN, "WARNING: failed to personalise random, could not update CTR_DRBG"); } @@ -979,12 +980,16 @@ tls_ctx_personalise_random(struct tls_root_ctx *ctx) int tls_version_max(void) { -#if defined(MBEDTLS_SSL_MAJOR_VERSION_3) && defined(MBEDTLS_SSL_MINOR_VERSION_3) +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + return TLS_VER_1_3; +#elif defined(MBEDTLS_SSL_PROTO_TLS1_2) return TLS_VER_1_2; -#elif defined(MBEDTLS_SSL_MAJOR_VERSION_3) && defined(MBEDTLS_SSL_MINOR_VERSION_2) +#elif defined(MBEDTLS_SSL_PROTO_TLS1_1) return TLS_VER_1_1; -#else +#elif defined(MBEDTLS_SSL_PROTO_TLS1) return TLS_VER_1_0; +#else /* if defined(MBEDTLS_SSL_PROTO_TLS1_3) */ + #error "mbedtls is compiled without support for any version of TLS." #endif } @@ -1006,23 +1011,36 @@ tls_version_to_major_minor(int tls_ver, int *major, int *minor) switch (tls_ver) { +#if defined(MBEDTLS_SSL_PROTO_TLS1) case TLS_VER_1_0: *major = MBEDTLS_SSL_MAJOR_VERSION_3; *minor = MBEDTLS_SSL_MINOR_VERSION_1; break; +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_1) case TLS_VER_1_1: *major = MBEDTLS_SSL_MAJOR_VERSION_3; *minor = MBEDTLS_SSL_MINOR_VERSION_2; break; +#endif +#if defined(MBEDTLS_SSL_PROTO_TLS1_2) case TLS_VER_1_2: *major = MBEDTLS_SSL_MAJOR_VERSION_3; *minor = MBEDTLS_SSL_MINOR_VERSION_3; break; +#endif + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3) + case TLS_VER_1_3: + *major = MBEDTLS_SSL_MAJOR_VERSION_3; + *minor = MBEDTLS_SSL_MINOR_VERSION_4; + break; +#endif default: - msg(M_FATAL, "%s: invalid TLS version %d", __func__, tls_ver); + msg(M_FATAL, "%s: invalid or unsupported TLS version %d", __func__, tls_ver); break; } } @@ -1149,17 +1167,17 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialize minimum TLS version */ { - const int tls_version_min = + const int configured_tls_version_min = (session->opt->ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) &SSLF_TLS_VERSION_MIN_MASK; - /* default to TLS 1.0 */ + /* default to TLS 1.2 */ int major = MBEDTLS_SSL_MAJOR_VERSION_3; - int minor = MBEDTLS_SSL_MINOR_VERSION_1; + int minor = MBEDTLS_SSL_MINOR_VERSION_3; - if (tls_version_min > TLS_VER_UNSPEC) + if (configured_tls_version_min > TLS_VER_UNSPEC) { - tls_version_to_major_minor(tls_version_min, &major, &minor); + tls_version_to_major_minor(configured_tls_version_min, &major, &minor); } mbedtls_ssl_conf_min_version(ks_ssl->ssl_config, major, minor); @@ -1167,16 +1185,24 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialize maximum TLS version */ { - const int tls_version_max = + const int configured_tls_version_max = (session->opt->ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) &SSLF_TLS_VERSION_MAX_MASK; - if (tls_version_max > TLS_VER_UNSPEC) + int major = 0; + int minor = 0; + + if (configured_tls_version_max > TLS_VER_UNSPEC) + { + tls_version_to_major_minor(configured_tls_version_max, &major, &minor); + } + else { - int major, minor; - tls_version_to_major_minor(tls_version_max, &major, &minor); - mbedtls_ssl_conf_max_version(ks_ssl->ssl_config, major, minor); + /* Default to tls_version_max(). */ + tls_version_to_major_minor(tls_version_max(), &major, &minor); } + + mbedtls_ssl_conf_max_version(ks_ssl->ssl_config, major, minor); } #ifdef HAVE_EXPORT_KEYING_MATERIAL @@ -1188,7 +1214,7 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialise SSL context */ ALLOC_OBJ_CLEAR(ks_ssl->ctx, mbedtls_ssl_context); mbedtls_ssl_init(ks_ssl->ctx); - mbedtls_ssl_setup(ks_ssl->ctx, ks_ssl->ssl_config); + mbed_ok(mbedtls_ssl_setup(ks_ssl->ctx, ks_ssl->ssl_config)); /* Initialise BIOs */ ALLOC_OBJ_CLEAR(ks_ssl->bio_ctx, bio_ctx); |