tls: include signature_algorithms extension in client hello message
function old new delta tls_xread_record 629 645 +16 .rodata 105167 105179 +12 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 28/0) Total: 28 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
parent
526625bc83
commit
9bab580cd4
@ -948,11 +948,46 @@ static int tls_has_buffered_record(tls_state_t *tls)
|
|||||||
|
|
||||||
static const char *alert_text(int code)
|
static const char *alert_text(int code)
|
||||||
{
|
{
|
||||||
|
//10 unexpected_message
|
||||||
|
//20 bad_record_mac
|
||||||
|
//21 decryption_failed
|
||||||
|
//22 record_overflow
|
||||||
|
//30 decompression_failure
|
||||||
|
//40 handshake_failure
|
||||||
|
//41 no_certificate
|
||||||
|
//42 bad_certificate
|
||||||
|
//43 unsupported_certificate
|
||||||
|
//44 certificate_revoked
|
||||||
|
//45 certificate_expired
|
||||||
|
//46 certificate_unknown
|
||||||
|
//47 illegal_parameter
|
||||||
|
//48 unknown_ca
|
||||||
|
//49 access_denied
|
||||||
|
//50 decode_error
|
||||||
|
//51 decrypt_error
|
||||||
|
//52 too_many_cids_requested
|
||||||
|
//60 export_restriction
|
||||||
|
//70 protocol_version
|
||||||
|
//71 insufficient_security
|
||||||
|
//80 internal_error
|
||||||
|
//86 inappropriate_fallback
|
||||||
|
//90 user_canceled
|
||||||
|
//100 no_renegotiation
|
||||||
|
//109 missing_extension
|
||||||
|
//110 unsupported_extension
|
||||||
|
//111 certificate_unobtainable
|
||||||
|
//112 unrecognized_name
|
||||||
|
//113 bad_certificate_status_response
|
||||||
|
//114 bad_certificate_hash_value
|
||||||
|
//115 unknown_psk_identity
|
||||||
|
//116 certificate_required
|
||||||
|
//120 no_application_protocol
|
||||||
switch (code) {
|
switch (code) {
|
||||||
case 20: return "bad MAC";
|
case 20: return "bad MAC";
|
||||||
case 50: return "decode error";
|
case 50: return "decode error";
|
||||||
case 51: return "decrypt error";
|
|
||||||
case 40: return "handshake failure";
|
case 40: return "handshake failure";
|
||||||
|
case 51: return "decrypt error";
|
||||||
|
case 80: return "internal error";
|
||||||
case 112: return "unrecognized name";
|
case 112: return "unrecognized name";
|
||||||
}
|
}
|
||||||
return itoa(code);
|
return itoa(code);
|
||||||
@ -1531,26 +1566,47 @@ static void send_client_hello_and_alloc_hsd(tls_state_t *tls, const char *sni)
|
|||||||
#endif
|
#endif
|
||||||
0x01,0x00, //not a cipher - comprtypes_len, comprtype
|
0x01,0x00, //not a cipher - comprtypes_len, comprtype
|
||||||
};
|
};
|
||||||
static const uint8_t supported_groups[] = {
|
// https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml
|
||||||
|
static const uint8_t extensions[] = {
|
||||||
|
// is.gd responds with "handshake failure" to our hello if there's no supported_groups
|
||||||
0x00,0x0a, //extension_type: "supported_groups"
|
0x00,0x0a, //extension_type: "supported_groups"
|
||||||
0x00,2 * (1 + ALLOW_CURVE_P256 + ALLOW_CURVE_X25519), //ext len
|
0x00,2 * (1 + ALLOW_CURVE_P256 + ALLOW_CURVE_X25519), //ext len
|
||||||
0x00,2 * (0 + ALLOW_CURVE_P256 + ALLOW_CURVE_X25519), //list len
|
0x00,2 * (0 + ALLOW_CURVE_P256 + ALLOW_CURVE_X25519), //list len
|
||||||
#if ALLOW_CURVE_P256
|
#if ALLOW_CURVE_P256
|
||||||
0x00,0x17, //curve_secp256r1 (aka P256, aka prime256v1)
|
0x00,0x17, //curve_secp256r1 (aka P256, aka prime256v1)
|
||||||
#endif
|
#endif
|
||||||
//0x00,0x18, //curve_secp384r1
|
//0x00,0x18, //curve_secp384r1
|
||||||
//0x00,0x19, //curve_secp521r1
|
//0x00,0x19, //curve_secp521r1
|
||||||
#if ALLOW_CURVE_X25519
|
#if ALLOW_CURVE_X25519
|
||||||
0x00,0x1d, //curve_x25519 (RFC 7748)
|
0x00,0x1d, //curve_x25519 (RFC 7748)
|
||||||
#endif
|
#endif
|
||||||
//0x00,0x1e, //curve_x448 (RFC 7748)
|
//0x00,0x1e, //curve_x448 (RFC 7748)
|
||||||
|
|
||||||
|
//0x00,0x0b,0x00,0x04,0x03,0x00,0x01,0x02, //extension_type: "ec_point_formats"
|
||||||
|
//0x00,0x16,0x00,0x00, //extension_type: "encrpypt-then-mac"
|
||||||
|
//0x00,0x17,0x00,0x00, //extension_type: "extended_master"
|
||||||
|
//0x00,0x23,0x00,0x00, //extension_type: "session_ticket"
|
||||||
|
|
||||||
|
// kojipkgs.fedoraproject.org responds with alert code 80 ("internal error")
|
||||||
|
// to our hello without signature_algorithms.
|
||||||
|
// It is satisfied with just 0x04,0x01.
|
||||||
|
0x00,0x0d, //extension_type: "signature_algorithms" (RFC5246 section 7.4.1.4.1):
|
||||||
|
#define SIGALGS (3 + 3 * ENABLE_FEATURE_TLS_SHA1)
|
||||||
|
0x00,2 * (1 + SIGALGS), //ext len
|
||||||
|
0x00,2 * (0 + SIGALGS), //list len
|
||||||
|
//Format: two bytes
|
||||||
|
// byte 1: 0:none,1:md5,2:sha1,3:sha224,4:sha256,5:sha384,6:sha512
|
||||||
|
// byte 2: 1:rsa,2:dsa,3:ecdsa
|
||||||
|
// (note that TLS 1.3 changes this, see RFC8446 section 4.2.3)
|
||||||
|
#if ENABLE_FEATURE_TLS_SHA1
|
||||||
|
0x02,0x01, //sha1 + rsa
|
||||||
|
0x02,0x02, //sha1 + dsa
|
||||||
|
0x02,0x03, //sha1 + ecdsa
|
||||||
|
#endif
|
||||||
|
0x04,0x01, //sha256 + rsa - kojipkgs.fedoraproject.org wants this
|
||||||
|
0x04,0x02, //sha256 + dsa
|
||||||
|
0x04,0x03, //sha256 + ecdsa
|
||||||
};
|
};
|
||||||
//static const uint8_t signature_algorithms[] = {
|
|
||||||
// 000d
|
|
||||||
// 0020
|
|
||||||
// 001e
|
|
||||||
// 0601 0602 0603 0501 0502 0503 0401 0402 0403 0301 0302 0303 0201 0202 0203
|
|
||||||
//};
|
|
||||||
|
|
||||||
struct client_hello {
|
struct client_hello {
|
||||||
uint8_t type;
|
uint8_t type;
|
||||||
@ -1591,8 +1647,7 @@ static void send_client_hello_and_alloc_hsd(tls_state_t *tls, const char *sni)
|
|||||||
int sni_len = sni ? strnlen(sni, 127 - 5) : 0;
|
int sni_len = sni ? strnlen(sni, 127 - 5) : 0;
|
||||||
|
|
||||||
ext_len = 0;
|
ext_len = 0;
|
||||||
/* is.gd responds with "handshake failure" to our hello if there's no supported_groups element */
|
ext_len += sizeof(extensions);
|
||||||
ext_len += sizeof(supported_groups);
|
|
||||||
if (sni_len)
|
if (sni_len)
|
||||||
ext_len += 9 + sni_len;
|
ext_len += 9 + sni_len;
|
||||||
|
|
||||||
@ -1626,7 +1681,7 @@ static void send_client_hello_and_alloc_hsd(tls_state_t *tls, const char *sni)
|
|||||||
ptr[8] = sni_len; //name len
|
ptr[8] = sni_len; //name len
|
||||||
ptr = mempcpy(&ptr[9], sni, sni_len);
|
ptr = mempcpy(&ptr[9], sni, sni_len);
|
||||||
}
|
}
|
||||||
memcpy(ptr, supported_groups, sizeof(supported_groups));
|
memcpy(ptr, extensions, sizeof(extensions));
|
||||||
|
|
||||||
tls->hsd = xzalloc(sizeof(*tls->hsd));
|
tls->hsd = xzalloc(sizeof(*tls->hsd));
|
||||||
/* HANDSHAKE HASH: ^^^ + len if need to save saved_client_hello */
|
/* HANDSHAKE HASH: ^^^ + len if need to save saved_client_hello */
|
||||||
|
Loading…
Reference in New Issue
Block a user