1 diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
2 index a95af6c..a3852b2 100644
3 --- a/include/mbedtls/check_config.h
4 +++ b/include/mbedtls/check_config.h
6 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
9 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED) && \
10 + ( !defined(MBEDTLS_ECDH_C) )
11 +#error "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED defined, but not all prerequisites"
14 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
15 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
16 !defined(MBEDTLS_X509_CRT_PARSE_C) )
17 diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
18 index 27abbd9..fa4db26 100644
19 --- a/include/mbedtls/compat-1.3.h
20 +++ b/include/mbedtls/compat-1.3.h
22 #if defined MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
23 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
25 +#if defined MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
26 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
28 #if defined MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
29 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
32 #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
33 #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
34 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
35 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON MBEDTLS_KEY_EXCHANGE_ECDH_ANON
36 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
37 #define POLARSSL_KEY_EXCHANGE_ECDH_RSA MBEDTLS_KEY_EXCHANGE_ECDH_RSA
38 #define POLARSSL_KEY_EXCHANGE_NONE MBEDTLS_KEY_EXCHANGE_NONE
40 #define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
41 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
42 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
43 +#define TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
44 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
45 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
46 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
47 diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
48 index 3b7c85b..5bef190 100644
49 --- a/include/mbedtls/config.h
50 +++ b/include/mbedtls/config.h
52 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
55 + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
57 + * Enable the ECDHE-ANON based ciphersuite modes in SSL / TLS.
59 + * Requires: MBEDTLS_ECDH_C
62 + * This enables the following ciphersuites (if other requisites are
64 + * MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
66 +#define MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
70 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
72 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
75 * Comment this macro to disable support for SSL session tickets
77 -#define MBEDTLS_SSL_SESSION_TICKETS
78 +//#define MBEDTLS_SSL_SESSION_TICKETS
81 * \def MBEDTLS_SSL_EXPORT_KEYS
83 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
84 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
85 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
86 + * MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
88 * PEM_PARSE uses AES for decrypting encrypted keys.
90 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
91 index 82c0760..88103ad 100644
92 --- a/include/mbedtls/ssl.h
93 +++ b/include/mbedtls/ssl.h
94 @@ -356,7 +356,8 @@ union mbedtls_ssl_premaster_secret
95 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
96 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
97 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
98 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
99 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
100 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
101 unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */
103 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
104 diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
105 index deaaa37..4f10540 100644
106 --- a/include/mbedtls/ssl_ciphersuites.h
107 +++ b/include/mbedtls/ssl_ciphersuites.h
108 @@ -158,6 +158,8 @@ extern "C" {
109 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
110 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
112 +#define MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 0xFF00 /**< TLS 1.2 */
114 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */
115 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */
116 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */
117 @@ -247,6 +249,7 @@ typedef enum {
118 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
119 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
120 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
121 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
122 } mbedtls_key_exchange_type_t;
124 /* Key exchanges using a certificate */
125 @@ -271,7 +274,8 @@ typedef enum {
126 /* Key exchanges using a ECDHE */
127 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
128 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
129 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
130 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
131 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
132 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
135 diff --git a/library/entropy_poll.c b/library/entropy_poll.c
136 index a116e60..c022caf 100644
137 --- a/library/entropy_poll.c
138 +++ b/library/entropy_poll.c
140 #define _WIN32_WINNT 0x0400
143 -#include <wincrypt.h>
146 int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
149 - HCRYPTPROV provider;
153 - if( CryptAcquireContext( &provider, NULL, NULL,
154 - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
156 + * size_t may be 64 bits, but ULONG is always 32.
157 + * If len is larger than the maximum for ULONG, just fail.
158 + * It's unlikely anything ever will want to ask for this much randomness.
160 + if ( len > 0xFFFFFFFFULL )
162 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
165 - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
166 + if ( !BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, (ULONG) len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) )
168 - CryptReleaseContext( provider, 0 );
169 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
172 - CryptReleaseContext( provider, 0 );
176 diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
177 index 3546331..74cef29 100644
178 --- a/library/ssl_ciphersuites.c
179 +++ b/library/ssl_ciphersuites.c
180 @@ -96,6 +96,7 @@ static const int ciphersuite_preference[] =
181 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
182 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
183 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
184 + MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256,
186 /* All CAMELLIA-128 ephemeral suites */
187 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
188 @@ -408,6 +409,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
189 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
190 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
193 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
194 +#if defined(MBEDTLS_AES_C)
195 +#if defined(MBEDTLS_SHA256_C)
196 +#if defined(MBEDTLS_CIPHER_MODE_CBC)
197 + { MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ANON-WITH-AES-128-CBC-SHA256",
198 + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
199 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
200 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
202 +#endif /* MBEDTLS_CIPHER_MODE_CBC */
203 +#endif /* MBEDTLS_SHA256_C */
204 +#endif /* MBEDTLS_AES_C */
205 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
208 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
209 #if defined(MBEDTLS_AES_C)
210 #if defined(MBEDTLS_SHA1_C)
211 @@ -1830,6 +1847,7 @@ int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
212 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
213 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
214 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
215 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
219 diff --git a/library/ssl_cli.c b/library/ssl_cli.c
220 index cd39db0..1347167 100644
221 --- a/library/ssl_cli.c
222 +++ b/library/ssl_cli.c
223 @@ -1897,7 +1897,8 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *
224 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
225 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
226 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
227 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
228 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
229 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
230 static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
232 const mbedtls_ecp_curve_info *curve_info;
233 @@ -1927,11 +1928,13 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
234 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
235 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
236 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
237 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
238 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ||
239 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
241 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
242 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
243 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
244 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
245 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
246 static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
249 @@ -1963,40 +1966,75 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
251 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
252 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
253 - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
254 + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
255 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED*/
257 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
258 static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
262 - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
268 + if( ssl->conf->f_psk == NULL &&
269 + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
270 + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
272 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
273 + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
279 - * opaque psk_identity_hint<0..2^16-1>;
280 + * Receive client pre-shared key identity name
282 - len = (*p)[0] << 8 | (*p)[1];
285 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
286 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
289 + n = ( (*p)[0] << 8 ) | (*p)[1];
292 - if( (*p) + len > end )
293 + if( n < 1 || n > 65535 || *p + n > end )
295 - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) );
296 - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
297 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
298 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
302 - * Note: we currently ignore the PKS identity hint, as we only allow one
303 - * PSK to be provisionned on the client. This could be changed later if
304 - * someone needs that feature.
308 + if( ssl->conf->f_psk != NULL )
310 + if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 )
311 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
315 + /* Identity is not a big secret since clients send it in the clear,
316 + * but treat it carefully anyway, just in case */
317 + if( n != ssl->conf->psk_identity_len ||
318 + mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
320 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
325 + if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
327 + MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n );
328 + if( ( ret = mbedtls_ssl_send_alert_message( ssl,
329 + MBEDTLS_SSL_ALERT_LEVEL_FATAL,
330 + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 )
335 + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
342 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
344 @@ -2292,10 +2330,12 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
345 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
346 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
347 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
348 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
349 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
350 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
351 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
352 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
353 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
354 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
355 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
357 if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
359 @@ -2306,7 +2346,8 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
361 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
362 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
363 - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
364 + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
365 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
366 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
367 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
369 @@ -2377,6 +2418,13 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
370 return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
373 +// Anonim cipher suite without sign, ecdh param only
374 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
375 + if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
383 @@ -2525,7 +2573,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
384 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
385 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
386 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
387 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
388 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
389 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
391 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
393 @@ -2550,7 +2599,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
394 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
395 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
396 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
397 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
398 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
399 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
401 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
403 @@ -2753,11 +2803,13 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
404 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
405 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
406 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
407 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
408 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
409 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
410 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
411 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
412 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
413 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
414 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
415 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
418 * ECDH key exchange -- send client public value
419 @@ -2792,7 +2844,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
420 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
421 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
422 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
423 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
424 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
425 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
426 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
427 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
428 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
429 @@ -2980,7 +3033,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
430 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
431 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
432 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
433 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
434 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
435 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
437 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
439 @@ -3013,7 +3067,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
440 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
441 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
442 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
443 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
444 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
445 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
447 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
449 diff --git a/library/ssl_srv.c b/library/ssl_srv.c
450 index 7271045..2964015 100644
451 --- a/library/ssl_srv.c
452 +++ b/library/ssl_srv.c
453 @@ -2500,6 +2500,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
454 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
455 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
456 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
457 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
458 authmode == MBEDTLS_SSL_VERIFY_NONE )
460 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
461 @@ -2677,7 +2678,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
462 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
463 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
464 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
465 - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
466 + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) || \
467 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
468 unsigned char *p = ssl->out_msg + 4;
469 unsigned char *dig_signed = p;
470 size_t dig_signed_len = 0, len;
471 @@ -2738,12 +2740,11 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
472 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
473 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
475 - /* Note: we don't support identity hints, until someone asks
481 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len >> 8 );
482 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len );
483 + memcpy(p, ssl->conf->psk_identity, ssl->conf->psk_identity_len);
484 + p += ssl->conf->psk_identity_len;
485 + n += ssl->conf->psk_identity_len + 2;
487 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
488 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
489 @@ -2800,7 +2801,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
490 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
491 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
492 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
493 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
494 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
495 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
498 * Ephemeral ECDH parameters:
499 @@ -3338,11 +3340,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
500 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
501 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
502 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
503 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
504 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
505 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
506 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
507 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
508 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
509 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
510 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
511 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
513 if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
515 @@ -3539,7 +3543,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
516 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
517 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
518 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
519 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
520 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
521 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
523 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
525 @@ -3570,6 +3575,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
526 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
527 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
528 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
529 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
530 ssl->session_negotiate->peer_cert == NULL )
532 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
533 diff --git a/library/ssl_tls.c b/library/ssl_tls.c
534 index 80a908d..94c8fd7 100644
535 --- a/library/ssl_tls.c
536 +++ b/library/ssl_tls.c
537 @@ -4037,7 +4037,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
538 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
539 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
540 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
541 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
542 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
543 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
545 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
547 @@ -4057,7 +4058,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
548 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
549 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
550 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
551 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
552 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
553 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
555 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
557 @@ -4080,7 +4082,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
558 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
559 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
560 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
561 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
562 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
563 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
565 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
567 @@ -4196,7 +4199,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
568 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
569 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
570 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
571 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
572 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
573 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
575 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
577 @@ -7510,6 +7514,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
578 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
579 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
580 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
581 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
585 diff --git a/library/version_features.c b/library/version_features.c
586 index 5d20ba0..6404a0c 100644
587 --- a/library/version_features.c
588 +++ b/library/version_features.c
589 @@ -264,6 +264,9 @@ static const char *features[] = {
590 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
591 "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED",
592 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
593 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
594 + "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED",
595 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
596 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
597 "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED",
598 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
599 diff --git a/library/x509_crt.c b/library/x509_crt.c
600 index af6c2a4..6dcb6aa 100644
601 --- a/library/x509_crt.c
602 +++ b/library/x509_crt.c
605 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
607 +#include <intsafe.h>
611 @@ -1108,6 +1109,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
612 char filename[MAX_PATH];
614 size_t len = strlen( path );
615 + int lengthAsInt = 0;
617 WIN32_FIND_DATAW file_data;
619 @@ -1122,7 +1124,10 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
621 filename[len++] = '*';
623 - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,
624 + if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) )
625 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
627 + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir,
630 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
631 @@ -1139,8 +1144,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
632 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
635 + if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) )
636 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
638 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
639 - lstrlenW( file_data.cFileName ),