diff options
| -rw-r--r-- | rules.mk | 70 | ||||
| -rw-r--r-- | src/crypto/x509v3/v3_utl.c | 2 | ||||
| -rw-r--r-- | src/include/openssl/tls1.h | 8 | ||||
| -rw-r--r-- | src/ssl/ssl_cipher.c | 23 | ||||
| -rw-r--r-- | src/ssl/ssl_test.cc | 2 | ||||
| -rw-r--r-- | src/ssl/test/runner/cipher_suites.go | 4 | ||||
| -rw-r--r-- | src/ssl/test/runner/runner.go | 2 |
7 files changed, 109 insertions, 2 deletions
diff --git a/rules.mk b/rules.mk new file mode 100644 index 0000000..5f4960b --- /dev/null +++ b/rules.mk @@ -0,0 +1,70 @@ +# Copyright (C) 2015 The Android Open Source Project. +# +# Permission to use, copy, modify, and/or distribute this software for any +# purpose with or without fee is hereby granted, provided that the above +# copyright notice and this permission notice appear in all copies. +# +# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY +# SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +# OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +# CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +# This file is not used in the Android build process! It's used only by Trusty. + + +LOCAL_DIR := $(GET_LOCAL_DIR) +LOCAL_PATH := $(GET_LOCAL_DIR) + +MODULE := $(LOCAL_DIR) + +TARGET_ARCH := $(ARCH) +TARGET_2ND_ARCH := $(ARCH) + +# Reset local variables +LOCAL_CFLAGS := +LOCAL_C_INCLUDES := +LOCAL_SRC_FILES_$(TARGET_ARCH) := +LOCAL_SRC_FILES_$(TARGET_2ND_ARCH) := +LOCAL_CFLAGS_$(TARGET_ARCH) := +LOCAL_CFLAGS_$(TARGET_2ND_ARCH) := +LOCAL_ADDITIONAL_DEPENDENCIES := + +# get target_c_flags, target_c_includes, target_src_files +MODULE_SRCDEPS += $(LOCAL_DIR)/crypto-sources.mk +include $(LOCAL_DIR)/crypto-sources.mk + +# Some files in BoringSSL use OS functions that aren't supported by Trusty. The +# easiest way to deal with them is not to include them. As long as no path to +# the functions defined in these files exists, the linker will be happy. If +# such a path is created, it'll be a link-time error and something more complex +# may need to be considered. +LOCAL_SRC_FILES := $(filter-out android_compat_hacks.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/bio/connect.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/bio/fd.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/bio/file.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/bio/socket.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/bio/socket_helper.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/directory_posix.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/rand/urandom.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/time_support.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/x509/by_dir.c,$(LOCAL_SRC_FILES)) +LOCAL_SRC_FILES := $(filter-out src/crypto/x509v3/v3_utl.c,$(LOCAL_SRC_FILES)) + +# BoringSSL detects Trusty based on this define and does things like switch to +# no-op threading functions. +MODULE_CFLAGS += -DTRUSTY + +MODULE_SRCS += $(addprefix $(LOCAL_DIR)/,$(LOCAL_SRC_FILES)) +MODULE_SRCS += $(addprefix $(LOCAL_DIR)/,$(LOCAL_SRC_FILES_$(ARCH))) +LOCAL_C_INCLUDES := src/crypto src/include + +GLOBAL_INCLUDES += $(addprefix $(LOCAL_DIR)/,$(LOCAL_C_INCLUDES)) + +MODULE_DEPS := \ + lib/openssl-stubs \ + lib/libc-trusty + +include make/module.mk diff --git a/src/crypto/x509v3/v3_utl.c b/src/crypto/x509v3/v3_utl.c index 14a2f3b..77fc65c 100644 --- a/src/crypto/x509v3/v3_utl.c +++ b/src/crypto/x509v3/v3_utl.c @@ -882,9 +882,9 @@ static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal, if (astrlen < 0) return -1; rv = equal(astr, astrlen, (unsigned char *)b, blen, flags); - OPENSSL_free(astr); if (rv > 0 && peername) *peername = BUF_strndup((char *)astr, astrlen); + OPENSSL_free(astr); } return rv; } diff --git a/src/include/openssl/tls1.h b/src/include/openssl/tls1.h index 999a5ca..f2bee27 100644 --- a/src/include/openssl/tls1.h +++ b/src/include/openssl/tls1.h @@ -361,6 +361,10 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( #define TLS1_CK_PSK_WITH_AES_128_CBC_SHA 0x0300008C #define TLS1_CK_PSK_WITH_AES_256_CBC_SHA 0x0300008D +/* PSK ciphersuites from RFC 5489 */ +#define TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA 0x0300C035 +#define TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA 0x0300C036 + /* Additional TLS ciphersuites from expired Internet Draft * draft-ietf-tls-56-bit-ciphersuites-01.txt * (available if TLS1_ALLOW_EXPERIMENTAL_CIPHERSUITES is defined, see @@ -580,6 +584,10 @@ OPENSSL_EXPORT int SSL_CTX_set_tlsext_ticket_key_cb( #define TLS1_TXT_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA" #define TLS1_TXT_PSK_WITH_AES_256_CBC_SHA "PSK-AES256-CBC-SHA" +/* PSK ciphersuites from RFC 5489 */ +#define TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA "ECDHE-PSK-AES128-CBC-SHA" +#define TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA "ECDHE-PSK-AES256-CBC-SHA" + /* SRP ciphersuite from RFC 5054 */ #define TLS1_TXT_SRP_SHA_WITH_3DES_EDE_CBC_SHA "SRP-3DES-EDE-CBC-SHA" #define TLS1_TXT_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA "SRP-RSA-3DES-EDE-CBC-SHA" diff --git a/src/ssl/ssl_cipher.c b/src/ssl/ssl_cipher.c index 2f1548a..8d03c9e 100644 --- a/src/ssl/ssl_cipher.c +++ b/src/ssl/ssl_cipher.c @@ -240,6 +240,8 @@ const SSL_CIPHER kCiphers[] = { SSL_HANDSHAKE_MAC_SHA256, 256, 256, }, + /* PSK cipher suites. */ + /* Cipher 8A */ { TLS1_TXT_PSK_WITH_RC4_128_SHA, TLS1_CK_PSK_WITH_RC4_128_SHA, SSL_kPSK, @@ -261,7 +263,6 @@ const SSL_CIPHER kCiphers[] = { SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, }, - /* GCM ciphersuites from RFC5288 */ /* Cipher 9C */ @@ -429,6 +430,26 @@ const SSL_CIPHER kCiphers[] = { 256, 256, }, + /* ECDHE-PSK cipher suites. */ + + /* Cipher C035 */ + { + TLS1_TXT_ECDHE_PSK_WITH_AES_128_CBC_SHA, + TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, + SSL_kECDHE, SSL_aPSK, SSL_AES128, SSL_SHA1, SSL_TLSV1, SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT, 128, 128, + }, + + /* Cipher C036 */ + { + TLS1_TXT_ECDHE_PSK_WITH_AES_256_CBC_SHA, + TLS1_CK_ECDHE_PSK_WITH_AES_256_CBC_SHA, + SSL_kECDHE, SSL_aPSK, SSL_AES256, SSL_SHA1, SSL_TLSV1, SSL_HIGH | SSL_FIPS, + SSL_HANDSHAKE_MAC_DEFAULT, 256, 256, + }, + + /* ChaCha20-Poly1305 cipher suites. */ + #if !defined(ANDROID) { TLS1_TXT_ECDHE_RSA_WITH_CHACHA20_POLY1305, diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc index decf893..1c6e24a 100644 --- a/src/ssl/ssl_test.cc +++ b/src/ssl/ssl_test.cc @@ -502,6 +502,8 @@ static const CIPHER_RFC_NAME_TEST kCipherRFCNameTests[] = { { TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" }, { TLS1_CK_PSK_WITH_RC4_128_SHA, "TLS_PSK_WITH_RC4_SHA" }, + { TLS1_CK_ECDHE_PSK_WITH_AES_128_CBC_SHA, + "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" }, // These names are non-standard: { TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" }, diff --git a/src/ssl/test/runner/cipher_suites.go b/src/ssl/test/runner/cipher_suites.go index 162c0c0..70c7262 100644 --- a/src/ssl/test/runner/cipher_suites.go +++ b/src/ssl/test/runner/cipher_suites.go @@ -124,6 +124,8 @@ var cipherSuites = []*cipherSuite{ {TLS_PSK_WITH_RC4_128_SHA, 16, 20, 0, pskKA, suiteNoDTLS | suitePSK, cipherRC4, macSHA1, nil}, {TLS_PSK_WITH_AES_128_CBC_SHA, 16, 20, 16, pskKA, suitePSK, cipherAES, macSHA1, nil}, {TLS_PSK_WITH_AES_256_CBC_SHA, 32, 20, 16, pskKA, suitePSK, cipherAES, macSHA1, nil}, + {TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil}, + {TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil}, } func cipherRC4(key, iv []byte, isRead bool) interface{} { @@ -402,6 +404,8 @@ const ( TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030 + TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA uint16 = 0xc035 + TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA uint16 = 0xc036 fallbackSCSV uint16 = 0x5600 ) diff --git a/src/ssl/test/runner/runner.go b/src/ssl/test/runner/runner.go index f60d8ba..94c1d32 100644 --- a/src/ssl/test/runner/runner.go +++ b/src/ssl/test/runner/runner.go @@ -1625,6 +1625,8 @@ var testCipherSuites = []struct { {"ECDHE-RSA-RC4-SHA", TLS_ECDHE_RSA_WITH_RC4_128_SHA}, {"PSK-AES128-CBC-SHA", TLS_PSK_WITH_AES_128_CBC_SHA}, {"PSK-AES256-CBC-SHA", TLS_PSK_WITH_AES_256_CBC_SHA}, + {"ECDHE-PSK-AES128-CBC-SHA", TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA}, + {"ECDHE-PSK-AES256-CBC-SHA", TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA}, {"PSK-RC4-SHA", TLS_PSK_WITH_RC4_128_SHA}, {"RC4-MD5", TLS_RSA_WITH_RC4_128_MD5}, {"RC4-SHA", TLS_RSA_WITH_RC4_128_SHA}, |