1 diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
2 index fe86c1e..e4583d6 100644
3 --- a/include/mbedtls/check_config.h
4 +++ b/include/mbedtls/check_config.h
6 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
9 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED) && \
10 + ( !defined(MBEDTLS_ECDH_C) )
11 +#error "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED defined, but not all prerequisites"
14 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
15 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
16 !defined(MBEDTLS_X509_CRT_PARSE_C) )
17 diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
18 index 27abbd9..fa4db26 100644
19 --- a/include/mbedtls/compat-1.3.h
20 +++ b/include/mbedtls/compat-1.3.h
22 #if defined MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
23 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
25 +#if defined MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
26 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
28 #if defined MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
29 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
32 #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
33 #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
34 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
35 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON MBEDTLS_KEY_EXCHANGE_ECDH_ANON
36 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
37 #define POLARSSL_KEY_EXCHANGE_ECDH_RSA MBEDTLS_KEY_EXCHANGE_ECDH_RSA
38 #define POLARSSL_KEY_EXCHANGE_NONE MBEDTLS_KEY_EXCHANGE_NONE
40 #define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
41 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
42 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
43 +#define TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
44 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
45 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
46 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
47 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
48 index ba499d2..8046e6e 100644
49 --- a/include/mbedtls/ssl.h
50 +++ b/include/mbedtls/ssl.h
51 @@ -358,7 +358,8 @@ union mbedtls_ssl_premaster_secret
52 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
53 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
54 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
55 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
56 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
57 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
58 unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */
60 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
61 diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
62 index deaaa37..4f10540 100644
63 --- a/include/mbedtls/ssl_ciphersuites.h
64 +++ b/include/mbedtls/ssl_ciphersuites.h
65 @@ -158,6 +158,8 @@ extern "C" {
66 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
67 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
69 +#define MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 0xFF00 /**< TLS 1.2 */
71 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */
72 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */
73 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */
74 @@ -247,6 +249,7 @@ typedef enum {
75 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
76 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
77 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
78 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
79 } mbedtls_key_exchange_type_t;
81 /* Key exchanges using a certificate */
82 @@ -271,7 +274,8 @@ typedef enum {
83 /* Key exchanges using a ECDHE */
84 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
85 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
86 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
87 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
88 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
89 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
92 diff --git a/library/entropy_poll.c b/library/entropy_poll.c
93 index a116e60..c022caf 100644
94 --- a/library/entropy_poll.c
95 +++ b/library/entropy_poll.c
97 #define _WIN32_WINNT 0x0400
100 -#include <wincrypt.h>
103 int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
106 - HCRYPTPROV provider;
110 - if( CryptAcquireContext( &provider, NULL, NULL,
111 - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
113 + * size_t may be 64 bits, but ULONG is always 32.
114 + * If len is larger than the maximum for ULONG, just fail.
115 + * It's unlikely anything ever will want to ask for this much randomness.
117 + if ( len > 0xFFFFFFFFULL )
119 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
122 - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
123 + if ( !BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, (ULONG) len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) )
125 - CryptReleaseContext( provider, 0 );
126 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
129 - CryptReleaseContext( provider, 0 );
133 diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
134 index a762bf7..021ab50 100644
135 --- a/library/ssl_ciphersuites.c
136 +++ b/library/ssl_ciphersuites.c
137 @@ -95,6 +95,7 @@ static const int ciphersuite_preference[] =
138 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
139 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
140 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
141 + MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256,
143 /* All CAMELLIA-128 ephemeral suites */
144 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
145 @@ -407,6 +408,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
146 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
147 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
150 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
151 +#if defined(MBEDTLS_AES_C)
152 +#if defined(MBEDTLS_SHA256_C)
153 +#if defined(MBEDTLS_CIPHER_MODE_CBC)
154 + { MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ANON-WITH-AES-128-CBC-SHA256",
155 + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
156 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
157 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
159 +#endif /* MBEDTLS_CIPHER_MODE_CBC */
160 +#endif /* MBEDTLS_SHA256_C */
161 +#endif /* MBEDTLS_AES_C */
162 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
165 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
166 #if defined(MBEDTLS_AES_C)
167 #if defined(MBEDTLS_SHA1_C)
168 @@ -1829,6 +1846,7 @@ int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
169 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
170 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
171 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
172 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
176 diff --git a/library/ssl_cli.c b/library/ssl_cli.c
177 index 223823b..945c973 100644
178 --- a/library/ssl_cli.c
179 +++ b/library/ssl_cli.c
180 @@ -1904,7 +1904,8 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *
181 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
182 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
183 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
184 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
185 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
186 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
187 static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
189 const mbedtls_ecp_curve_info *curve_info;
190 @@ -1934,11 +1935,13 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
191 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
192 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
193 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
194 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
195 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ||
196 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
198 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
199 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
200 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
201 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
202 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
203 static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
206 @@ -1970,40 +1973,80 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
208 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
209 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
210 - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
211 + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
212 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED*/
214 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
215 static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
219 - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
225 + if( ssl->conf->f_psk == NULL &&
226 + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
227 + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
229 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
230 + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
236 - * opaque psk_identity_hint<0..2^16-1>;
237 + * Receive client pre-shared key identity name
239 - len = (*p)[0] << 8 | (*p)[1];
242 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
243 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
246 + n = ( (*p)[0] << 8 ) | (*p)[1];
249 - if( (*p) + len > end )
252 - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) );
253 - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
258 - * Note: we currently ignore the PKS identity hint, as we only allow one
259 - * PSK to be provisionned on the client. This could be changed later if
260 - * someone needs that feature.
264 + if( n < 1 || n > 65535 || *p + n > end )
266 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
267 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
271 + if( ssl->conf->f_psk != NULL )
273 + if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 )
274 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
278 + /* Identity is not a big secret since clients send it in the clear,
279 + * but treat it carefully anyway, just in case */
280 + if( n != ssl->conf->psk_identity_len ||
281 + mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
283 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
287 + if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
289 + MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n );
290 + if( ( ret = mbedtls_ssl_send_alert_message( ssl,
291 + MBEDTLS_SSL_ALERT_LEVEL_FATAL,
292 + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 )
297 + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
304 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
306 @@ -2299,10 +2342,12 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
307 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
308 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
309 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
310 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
311 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
312 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
313 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
314 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
315 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
316 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
317 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
319 if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
321 @@ -2313,7 +2358,8 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
323 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
324 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
325 - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
326 + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
327 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
328 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
329 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
331 @@ -2384,6 +2430,10 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
332 return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
335 +// Anonim cipher suite without sign, ecdh param only
336 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
342 @@ -2534,7 +2584,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
343 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
344 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
345 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
346 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
347 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
348 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
350 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
352 @@ -2559,7 +2610,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
353 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
354 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
355 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
356 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
357 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
358 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
360 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
362 @@ -2773,11 +2825,13 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
363 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
364 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
365 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
366 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
367 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
368 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
369 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
370 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
371 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
372 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
373 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
374 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
377 * ECDH key exchange -- send client public value
378 @@ -2812,7 +2866,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
379 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
380 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
381 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
382 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
383 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
384 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
385 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
386 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
387 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
388 @@ -3002,7 +3057,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
389 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
390 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
391 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
392 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
393 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
394 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
396 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
398 @@ -3035,7 +3091,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
399 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
400 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
401 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
402 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
403 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
404 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
406 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
408 diff --git a/library/ssl_srv.c b/library/ssl_srv.c
409 index fc0d2d7..6965f1f 100644
410 --- a/library/ssl_srv.c
411 +++ b/library/ssl_srv.c
412 @@ -2498,6 +2498,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
413 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
414 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
415 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
416 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
417 authmode == MBEDTLS_SSL_VERIFY_NONE )
419 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
420 @@ -2675,7 +2676,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
421 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
422 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
423 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
424 - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
425 + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) || \
426 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
427 unsigned char *p = ssl->out_msg + 4;
428 unsigned char *dig_signed = p;
429 size_t dig_signed_len = 0, len;
430 @@ -2736,12 +2738,11 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
431 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
432 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
434 - /* Note: we don't support identity hints, until someone asks
440 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len >> 8 );
441 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len );
442 + memcpy(p, ssl->conf->psk_identity, ssl->conf->psk_identity_len);
443 + p += ssl->conf->psk_identity_len;
444 + n += ssl->conf->psk_identity_len + 2;
446 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
447 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
448 @@ -2798,7 +2799,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
449 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
450 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
451 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
452 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
453 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
454 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
457 * Ephemeral ECDH parameters:
458 @@ -3336,11 +3338,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
459 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
460 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
461 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
462 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
463 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
464 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
465 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
466 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
467 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
468 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
469 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
470 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
472 if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
474 @@ -3539,7 +3543,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
475 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
476 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
477 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
478 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
479 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
480 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
482 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
484 @@ -3570,6 +3575,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
485 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
486 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
487 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
488 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
489 ssl->session_negotiate->peer_cert == NULL )
491 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
492 diff --git a/library/ssl_tls.c b/library/ssl_tls.c
493 index 84a04ae..938b840 100644
494 --- a/library/ssl_tls.c
495 +++ b/library/ssl_tls.c
496 @@ -4066,7 +4066,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
497 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
498 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
499 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
500 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
501 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
502 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
504 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
506 @@ -4086,7 +4087,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
507 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
508 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
509 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
510 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
511 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
512 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
514 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
516 @@ -4109,7 +4111,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
517 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
518 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
519 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
520 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
521 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
522 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
524 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
526 @@ -4225,7 +4228,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
527 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
528 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
529 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
530 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
531 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
532 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
534 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
536 @@ -7539,6 +7543,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
537 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
538 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
539 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
540 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
544 diff --git a/library/version_features.c b/library/version_features.c
545 index e866e67..3184bc2 100644
546 --- a/library/version_features.c
547 +++ b/library/version_features.c
548 @@ -264,6 +264,9 @@ static const char *features[] = {
549 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
550 "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED",
551 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
552 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
553 + "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED",
554 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
555 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
556 "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED",
557 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
558 diff --git a/library/x509_crt.c b/library/x509_crt.c
559 index 60e14f9..67cedde 100644
560 --- a/library/x509_crt.c
561 +++ b/library/x509_crt.c
564 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
566 +#include <intsafe.h>
570 @@ -1108,6 +1109,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
571 char filename[MAX_PATH];
573 size_t len = strlen( path );
574 + int lengthAsInt = 0;
576 WIN32_FIND_DATAW file_data;
578 @@ -1122,7 +1124,10 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
580 filename[len++] = '*';
582 - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,
583 + if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) )
584 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
586 + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir,
589 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
590 @@ -1139,8 +1144,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
591 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
594 + if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) )
595 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
597 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
598 - lstrlenW( file_data.cFileName ),