1 diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
2 index fe86c1e..e4583d6 100644
3 --- a/include/mbedtls/check_config.h
4 +++ b/include/mbedtls/check_config.h
6 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
9 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED) && \
10 + ( !defined(MBEDTLS_ECDH_C) )
11 +#error "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED defined, but not all prerequisites"
14 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
15 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
16 !defined(MBEDTLS_X509_CRT_PARSE_C) )
17 diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
18 index 27abbd9..fa4db26 100644
19 --- a/include/mbedtls/compat-1.3.h
20 +++ b/include/mbedtls/compat-1.3.h
22 #if defined MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
23 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
25 +#if defined MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
26 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
28 #if defined MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
29 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
32 #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
33 #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
34 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
35 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON MBEDTLS_KEY_EXCHANGE_ECDH_ANON
36 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
37 #define POLARSSL_KEY_EXCHANGE_ECDH_RSA MBEDTLS_KEY_EXCHANGE_ECDH_RSA
38 #define POLARSSL_KEY_EXCHANGE_NONE MBEDTLS_KEY_EXCHANGE_NONE
40 #define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
41 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
42 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
43 +#define TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
44 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
45 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
46 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
47 diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
48 index 6fc9c77..9798b39 100644
49 --- a/include/mbedtls/config.h
50 +++ b/include/mbedtls/config.h
52 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
55 + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
57 + * Enable the ECDHE-ANON based ciphersuite modes in SSL / TLS.
59 + * Requires: MBEDTLS_ECDH_C
62 + * This enables the following ciphersuites (if other requisites are
64 + * MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
66 +#define MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
70 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
72 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
75 * Comment this macro to disable support for SSL session tickets
77 -#define MBEDTLS_SSL_SESSION_TICKETS
78 +//#define MBEDTLS_SSL_SESSION_TICKETS
81 * \def MBEDTLS_SSL_EXPORT_KEYS
83 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
84 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
85 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
86 + * MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
88 * PEM_PARSE uses AES for decrypting encrypted keys.
90 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
91 index ba499d2..8046e6e 100644
92 --- a/include/mbedtls/ssl.h
93 +++ b/include/mbedtls/ssl.h
94 @@ -358,7 +358,8 @@ union mbedtls_ssl_premaster_secret
95 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
96 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
97 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
98 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
99 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
100 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
101 unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */
103 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
104 diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
105 index deaaa37..4f10540 100644
106 --- a/include/mbedtls/ssl_ciphersuites.h
107 +++ b/include/mbedtls/ssl_ciphersuites.h
108 @@ -158,6 +158,8 @@ extern "C" {
109 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
110 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
112 +#define MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 0xFF00 /**< TLS 1.2 */
114 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */
115 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */
116 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */
117 @@ -247,6 +249,7 @@ typedef enum {
118 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
119 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
120 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
121 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
122 } mbedtls_key_exchange_type_t;
124 /* Key exchanges using a certificate */
125 @@ -271,7 +274,8 @@ typedef enum {
126 /* Key exchanges using a ECDHE */
127 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
128 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
129 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
130 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
131 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
132 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
135 diff --git a/library/entropy_poll.c b/library/entropy_poll.c
136 index a116e60..c022caf 100644
137 --- a/library/entropy_poll.c
138 +++ b/library/entropy_poll.c
140 #define _WIN32_WINNT 0x0400
143 -#include <wincrypt.h>
146 int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
149 - HCRYPTPROV provider;
153 - if( CryptAcquireContext( &provider, NULL, NULL,
154 - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
156 + * size_t may be 64 bits, but ULONG is always 32.
157 + * If len is larger than the maximum for ULONG, just fail.
158 + * It's unlikely anything ever will want to ask for this much randomness.
160 + if ( len > 0xFFFFFFFFULL )
162 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
165 - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
166 + if ( !BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, (ULONG) len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) )
168 - CryptReleaseContext( provider, 0 );
169 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
172 - CryptReleaseContext( provider, 0 );
176 diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
177 index a762bf7..021ab50 100644
178 --- a/library/ssl_ciphersuites.c
179 +++ b/library/ssl_ciphersuites.c
180 @@ -95,6 +95,7 @@ static const int ciphersuite_preference[] =
181 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
182 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
183 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
184 + MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256,
186 /* All CAMELLIA-128 ephemeral suites */
187 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
188 @@ -407,6 +408,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
189 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
190 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
193 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
194 +#if defined(MBEDTLS_AES_C)
195 +#if defined(MBEDTLS_SHA256_C)
196 +#if defined(MBEDTLS_CIPHER_MODE_CBC)
197 + { MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ANON-WITH-AES-128-CBC-SHA256",
198 + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
199 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
200 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
202 +#endif /* MBEDTLS_CIPHER_MODE_CBC */
203 +#endif /* MBEDTLS_SHA256_C */
204 +#endif /* MBEDTLS_AES_C */
205 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
208 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
209 #if defined(MBEDTLS_AES_C)
210 #if defined(MBEDTLS_SHA1_C)
211 @@ -1829,6 +1846,7 @@ int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
212 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
213 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
214 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
215 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
219 diff --git a/library/ssl_cli.c b/library/ssl_cli.c
220 index 223823b..945c973 100644
221 --- a/library/ssl_cli.c
222 +++ b/library/ssl_cli.c
223 @@ -1904,7 +1904,8 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *
224 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
225 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
226 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
227 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
228 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
229 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
230 static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
232 const mbedtls_ecp_curve_info *curve_info;
233 @@ -1934,11 +1935,13 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
234 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
235 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
236 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
237 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
238 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ||
239 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
241 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
242 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
243 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
244 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
245 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
246 static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
249 @@ -1970,40 +1973,80 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
251 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
252 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
253 - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
254 + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
255 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED*/
257 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
258 static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
262 - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
268 + if( ssl->conf->f_psk == NULL &&
269 + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
270 + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
272 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
273 + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
279 - * opaque psk_identity_hint<0..2^16-1>;
280 + * Receive client pre-shared key identity name
282 - len = (*p)[0] << 8 | (*p)[1];
285 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
286 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
289 + n = ( (*p)[0] << 8 ) | (*p)[1];
292 - if( (*p) + len > end )
295 - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) );
296 - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
301 - * Note: we currently ignore the PKS identity hint, as we only allow one
302 - * PSK to be provisionned on the client. This could be changed later if
303 - * someone needs that feature.
307 + if( n < 1 || n > 65535 || *p + n > end )
309 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
310 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
314 + if( ssl->conf->f_psk != NULL )
316 + if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 )
317 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
321 + /* Identity is not a big secret since clients send it in the clear,
322 + * but treat it carefully anyway, just in case */
323 + if( n != ssl->conf->psk_identity_len ||
324 + mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
326 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
330 + if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
332 + MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n );
333 + if( ( ret = mbedtls_ssl_send_alert_message( ssl,
334 + MBEDTLS_SSL_ALERT_LEVEL_FATAL,
335 + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 )
340 + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
347 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
349 @@ -2299,10 +2342,12 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
350 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
351 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
352 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
353 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
354 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
355 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
356 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
357 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
358 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
359 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
360 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
362 if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
364 @@ -2313,7 +2358,8 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
366 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
367 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
368 - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
369 + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
370 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
371 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
372 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
374 @@ -2384,6 +2430,10 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
375 return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
378 +// Anonim cipher suite without sign, ecdh param only
379 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
385 @@ -2534,7 +2584,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
386 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
387 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
388 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
389 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
390 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
391 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
393 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
395 @@ -2559,7 +2610,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
396 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
397 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
398 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
399 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
400 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
401 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
403 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
405 @@ -2773,11 +2825,13 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
406 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
407 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
408 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
409 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
410 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
411 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
412 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
413 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
414 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
415 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
416 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
417 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
420 * ECDH key exchange -- send client public value
421 @@ -2812,7 +2866,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
422 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
423 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
424 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
425 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
426 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
427 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
428 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
429 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
430 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
431 @@ -3002,7 +3057,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
432 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
433 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
434 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
435 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
436 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
437 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
439 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
441 @@ -3035,7 +3091,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
442 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
443 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
444 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
445 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
446 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
447 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
449 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
451 diff --git a/library/ssl_srv.c b/library/ssl_srv.c
452 index fc0d2d7..6965f1f 100644
453 --- a/library/ssl_srv.c
454 +++ b/library/ssl_srv.c
455 @@ -2498,6 +2498,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
456 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
457 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
458 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
459 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
460 authmode == MBEDTLS_SSL_VERIFY_NONE )
462 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
463 @@ -2675,7 +2676,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
464 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
465 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
466 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
467 - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
468 + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) || \
469 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
470 unsigned char *p = ssl->out_msg + 4;
471 unsigned char *dig_signed = p;
472 size_t dig_signed_len = 0, len;
473 @@ -2736,12 +2738,11 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
474 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
475 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
477 - /* Note: we don't support identity hints, until someone asks
483 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len >> 8 );
484 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len );
485 + memcpy(p, ssl->conf->psk_identity, ssl->conf->psk_identity_len);
486 + p += ssl->conf->psk_identity_len;
487 + n += ssl->conf->psk_identity_len + 2;
489 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
490 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
491 @@ -2798,7 +2799,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
492 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
493 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
494 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
495 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
496 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
497 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
500 * Ephemeral ECDH parameters:
501 @@ -3336,11 +3338,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
502 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
503 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
504 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
505 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
506 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
507 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
508 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
509 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
510 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
511 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
512 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
513 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
515 if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
517 @@ -3539,7 +3543,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
518 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
519 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
520 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
521 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
522 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
523 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
525 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
527 @@ -3570,6 +3575,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
528 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
529 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
530 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
531 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
532 ssl->session_negotiate->peer_cert == NULL )
534 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
535 diff --git a/library/ssl_tls.c b/library/ssl_tls.c
536 index 84a04ae..938b840 100644
537 --- a/library/ssl_tls.c
538 +++ b/library/ssl_tls.c
539 @@ -4066,7 +4066,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
540 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
541 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
542 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
543 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
544 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
545 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
547 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
549 @@ -4086,7 +4087,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
550 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
551 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
552 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
553 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
554 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
555 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
557 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
559 @@ -4109,7 +4111,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
560 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
561 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
562 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
563 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
564 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
565 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
567 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
569 @@ -4225,7 +4228,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
570 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
571 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
572 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
573 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
574 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
575 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
577 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
579 @@ -7539,6 +7543,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
580 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
581 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
582 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
583 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
587 diff --git a/library/version_features.c b/library/version_features.c
588 index e866e67..3184bc2 100644
589 --- a/library/version_features.c
590 +++ b/library/version_features.c
591 @@ -264,6 +264,9 @@ static const char *features[] = {
592 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
593 "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED",
594 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
595 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
596 + "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED",
597 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
598 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
599 "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED",
600 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
601 diff --git a/library/x509_crt.c b/library/x509_crt.c
602 index 60e14f9..67cedde 100644
603 --- a/library/x509_crt.c
604 +++ b/library/x509_crt.c
607 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
609 +#include <intsafe.h>
613 @@ -1108,6 +1109,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
614 char filename[MAX_PATH];
616 size_t len = strlen( path );
617 + int lengthAsInt = 0;
619 WIN32_FIND_DATAW file_data;
621 @@ -1122,7 +1124,10 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
623 filename[len++] = '*';
625 - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,
626 + if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) )
627 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
629 + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir,
632 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
633 @@ -1139,8 +1144,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
634 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
637 + if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) )
638 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
640 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
641 - lstrlenW( file_data.cFileName ),