1 diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h
2 index a95af6c..a3852b2 100644
3 --- a/include/mbedtls/check_config.h
4 +++ b/include/mbedtls/check_config.h
6 #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites"
9 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED) && \
10 + ( !defined(MBEDTLS_ECDH_C) )
11 +#error "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED defined, but not all prerequisites"
14 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) && \
15 ( !defined(MBEDTLS_ECDH_C) || !defined(MBEDTLS_ECDSA_C) || \
16 !defined(MBEDTLS_X509_CRT_PARSE_C) )
17 diff --git a/include/mbedtls/compat-1.3.h b/include/mbedtls/compat-1.3.h
18 index 27abbd9..fa4db26 100644
19 --- a/include/mbedtls/compat-1.3.h
20 +++ b/include/mbedtls/compat-1.3.h
22 #if defined MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
23 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
25 +#if defined MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
26 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
28 #if defined MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
29 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA_ENABLED MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
32 #define POLARSSL_KEY_EXCHANGE_ECDHE_ECDSA MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
33 #define POLARSSL_KEY_EXCHANGE_ECDHE_PSK MBEDTLS_KEY_EXCHANGE_ECDHE_PSK
34 #define POLARSSL_KEY_EXCHANGE_ECDHE_RSA MBEDTLS_KEY_EXCHANGE_ECDHE_RSA
35 +#define POLARSSL_KEY_EXCHANGE_ECDH_ANON MBEDTLS_KEY_EXCHANGE_ECDH_ANON
36 #define POLARSSL_KEY_EXCHANGE_ECDH_ECDSA MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA
37 #define POLARSSL_KEY_EXCHANGE_ECDH_RSA MBEDTLS_KEY_EXCHANGE_ECDH_RSA
38 #define POLARSSL_KEY_EXCHANGE_NONE MBEDTLS_KEY_EXCHANGE_NONE
40 #define TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 MBEDTLS_TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
41 #define TLS_ECDHE_RSA_WITH_NULL_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_NULL_SHA
42 #define TLS_ECDHE_RSA_WITH_RC4_128_SHA MBEDTLS_TLS_ECDHE_RSA_WITH_RC4_128_SHA
43 +#define TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
44 #define TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
45 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
46 #define TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 MBEDTLS_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
47 diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h
48 index 3b7c85b..5bef190 100644
49 --- a/include/mbedtls/config.h
50 +++ b/include/mbedtls/config.h
52 #define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
55 + * \def MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
57 + * Enable the ECDHE-ANON based ciphersuite modes in SSL / TLS.
59 + * Requires: MBEDTLS_ECDH_C
62 + * This enables the following ciphersuites (if other requisites are
64 + * MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
66 +#define MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED
70 * \def MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
72 * Enable the ECDHE-ECDSA based ciphersuite modes in SSL / TLS.
75 * Comment this macro to disable support for SSL session tickets
77 -#define MBEDTLS_SSL_SESSION_TICKETS
78 +//#define MBEDTLS_SSL_SESSION_TICKETS
81 * \def MBEDTLS_SSL_EXPORT_KEYS
83 * MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256
84 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA256
85 * MBEDTLS_TLS_PSK_WITH_AES_128_CBC_SHA
86 + * MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256
88 * PEM_PARSE uses AES for decrypting encrypted keys.
90 diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
91 index 82c0760..88103ad 100644
92 --- a/include/mbedtls/ssl.h
93 +++ b/include/mbedtls/ssl.h
94 @@ -356,7 +356,8 @@ union mbedtls_ssl_premaster_secret
95 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
96 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
97 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
98 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
99 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
100 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
101 unsigned char _pms_ecdh[MBEDTLS_ECP_MAX_BYTES]; /* RFC 4492 5.10 */
103 #if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
104 diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h
105 index deaaa37..4f10540 100644
106 --- a/include/mbedtls/ssl_ciphersuites.h
107 +++ b/include/mbedtls/ssl_ciphersuites.h
108 @@ -158,6 +158,8 @@ extern "C" {
109 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 0xC031 /**< TLS 1.2 */
110 #define MBEDTLS_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 0xC032 /**< TLS 1.2 */
112 +#define MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 0xFF00 /**< TLS 1.2 */
114 #define MBEDTLS_TLS_ECDHE_PSK_WITH_RC4_128_SHA 0xC033 /**< Not in SSL3! */
115 #define MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA 0xC034 /**< Not in SSL3! */
116 #define MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA 0xC035 /**< Not in SSL3! */
117 @@ -247,6 +249,7 @@ typedef enum {
118 MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
119 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
120 MBEDTLS_KEY_EXCHANGE_ECJPAKE,
121 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
122 } mbedtls_key_exchange_type_t;
124 /* Key exchanges using a certificate */
125 @@ -271,7 +274,8 @@ typedef enum {
126 /* Key exchanges using a ECDHE */
127 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
128 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
129 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
130 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
131 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
132 #define MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED
135 diff --git a/library/entropy_poll.c b/library/entropy_poll.c
136 index a116e60..c022caf 100644
137 --- a/library/entropy_poll.c
138 +++ b/library/entropy_poll.c
140 #define _WIN32_WINNT 0x0400
143 -#include <wincrypt.h>
146 int mbedtls_platform_entropy_poll( void *data, unsigned char *output, size_t len,
149 - HCRYPTPROV provider;
153 - if( CryptAcquireContext( &provider, NULL, NULL,
154 - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT ) == FALSE )
156 + * size_t may be 64 bits, but ULONG is always 32.
157 + * If len is larger than the maximum for ULONG, just fail.
158 + * It's unlikely anything ever will want to ask for this much randomness.
160 + if ( len > 0xFFFFFFFFULL )
162 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
165 - if( CryptGenRandom( provider, (DWORD) len, output ) == FALSE )
166 + if ( !BCRYPT_SUCCESS(BCryptGenRandom(NULL, output, (ULONG) len, BCRYPT_USE_SYSTEM_PREFERRED_RNG)) )
168 - CryptReleaseContext( provider, 0 );
169 return( MBEDTLS_ERR_ENTROPY_SOURCE_FAILED );
172 - CryptReleaseContext( provider, 0 );
176 diff --git a/library/ssl_ciphersuites.c b/library/ssl_ciphersuites.c
177 index 3546331..74cef29 100644
178 --- a/library/ssl_ciphersuites.c
179 +++ b/library/ssl_ciphersuites.c
180 @@ -96,6 +96,7 @@ static const int ciphersuite_preference[] =
181 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
182 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
183 MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM_8,
184 + MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256,
186 /* All CAMELLIA-128 ephemeral suites */
187 MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256,
188 @@ -408,6 +409,22 @@ static const mbedtls_ssl_ciphersuite_t ciphersuite_definitions[] =
189 #endif /* MBEDTLS_CIPHER_NULL_CIPHER */
190 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
193 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
194 +#if defined(MBEDTLS_AES_C)
195 +#if defined(MBEDTLS_SHA256_C)
196 +#if defined(MBEDTLS_CIPHER_MODE_CBC)
197 + { MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, "TLS-ECDH-ANON-WITH-AES-128-CBC-SHA256",
198 + MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDH_ANON,
199 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
200 + MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
202 +#endif /* MBEDTLS_CIPHER_MODE_CBC */
203 +#endif /* MBEDTLS_SHA256_C */
204 +#endif /* MBEDTLS_AES_C */
205 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
208 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
209 #if defined(MBEDTLS_AES_C)
210 #if defined(MBEDTLS_SHA1_C)
211 @@ -1830,6 +1847,7 @@ int mbedtls_ssl_ciphersuite_uses_ec( const mbedtls_ssl_ciphersuite_t *info )
212 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
213 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
214 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
215 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
219 diff --git a/library/ssl_cli.c b/library/ssl_cli.c
220 index cd39db0..2503022 100644
221 --- a/library/ssl_cli.c
222 +++ b/library/ssl_cli.c
223 @@ -1897,7 +1897,8 @@ static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char *
224 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
225 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
226 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
227 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
228 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
229 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
230 static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
232 const mbedtls_ecp_curve_info *curve_info;
233 @@ -1927,11 +1928,13 @@ static int ssl_check_server_ecdh_params( const mbedtls_ssl_context *ssl )
234 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
235 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
236 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
237 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
238 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED ||
239 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
241 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
242 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
243 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED)
244 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
245 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
246 static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
249 @@ -1963,40 +1966,75 @@ static int ssl_parse_server_ecdh_params( mbedtls_ssl_context *ssl,
251 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
252 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
253 - MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
254 + MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
255 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED*/
257 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
258 static int ssl_parse_server_psk_hint( mbedtls_ssl_context *ssl,
262 - int ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
268 + if( ssl->conf->f_psk == NULL &&
269 + ( ssl->conf->psk == NULL || ssl->conf->psk_identity == NULL ||
270 + ssl->conf->psk_identity_len == 0 || ssl->conf->psk_len == 0 ) )
272 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "got no pre-shared key" ) );
273 + return( MBEDTLS_ERR_SSL_PRIVATE_KEY_REQUIRED );
279 - * opaque psk_identity_hint<0..2^16-1>;
280 + * Receive client pre-shared key identity name
282 - len = (*p)[0] << 8 | (*p)[1];
285 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
286 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
289 + n = ( (*p)[0] << 8 ) | (*p)[1];
292 - if( (*p) + len > end )
293 + if( n < 1 || n > 65535 || *p + n > end )
295 - MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message (psk_identity_hint length)" ) );
296 - return( MBEDTLS_ERR_SSL_BAD_HS_SERVER_KEY_EXCHANGE );
297 + MBEDTLS_SSL_DEBUG_MSG( 1, ( "bad server key exchange message" ) );
298 + return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
302 - * Note: we currently ignore the PKS identity hint, as we only allow one
303 - * PSK to be provisionned on the client. This could be changed later if
304 - * someone needs that feature.
308 + if( ssl->conf->f_psk != NULL )
310 + if( ssl->conf->f_psk( ssl->conf->p_psk, ssl, *p, n ) != 0 )
311 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
315 + /* Identity is not a big secret since clients send it in the clear,
316 + * but treat it carefully anyway, just in case */
317 + if( n != ssl->conf->psk_identity_len ||
318 + mbedtls_ssl_safer_memcmp( ssl->conf->psk_identity, *p, n ) != 0 )
320 + ret = MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY;
325 + if( ret == MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY )
327 + MBEDTLS_SSL_DEBUG_BUF( 3, "Unknown PSK identity", *p, n );
328 + if( ( ret = mbedtls_ssl_send_alert_message( ssl,
329 + MBEDTLS_SSL_ALERT_LEVEL_FATAL,
330 + MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY ) ) != 0 )
335 + return( MBEDTLS_ERR_SSL_UNKNOWN_IDENTITY );
342 #endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
344 @@ -2292,10 +2330,12 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
345 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
346 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
347 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
348 - defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
349 + defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
350 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
351 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
352 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
353 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA )
354 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
355 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
357 if( ssl_parse_server_ecdh_params( ssl, &p, end ) != 0 )
359 @@ -2306,7 +2346,8 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
361 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
362 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED ||
363 - MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
364 + MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
365 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
366 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
367 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
369 @@ -2377,6 +2418,10 @@ static int ssl_parse_server_key_exchange( mbedtls_ssl_context *ssl )
370 return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
373 +// Anonim cipher suite without sign, ecdh param only
374 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
380 @@ -2525,7 +2570,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
381 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
382 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
383 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
384 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
385 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
386 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
388 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
390 @@ -2550,7 +2596,8 @@ static int ssl_parse_certificate_request( mbedtls_ssl_context *ssl )
391 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
392 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
393 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
394 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
395 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
396 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
398 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate request" ) );
400 @@ -2753,11 +2800,13 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
401 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
402 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
403 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
404 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
405 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
406 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
407 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
408 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
409 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
410 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
411 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
412 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
415 * ECDH key exchange -- send client public value
416 @@ -2792,7 +2841,8 @@ static int ssl_write_client_key_exchange( mbedtls_ssl_context *ssl )
417 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED ||
418 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED ||
419 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED ||
420 - MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED */
421 + MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
422 + MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
423 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
424 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
425 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
426 @@ -2980,7 +3030,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
427 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
428 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
429 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
430 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
431 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
432 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
434 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
436 @@ -3013,7 +3064,8 @@ static int ssl_write_certificate_verify( mbedtls_ssl_context *ssl )
437 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
438 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
439 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
440 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
441 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
442 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
444 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
446 diff --git a/library/ssl_srv.c b/library/ssl_srv.c
447 index 7271045..2964015 100644
448 --- a/library/ssl_srv.c
449 +++ b/library/ssl_srv.c
450 @@ -2500,6 +2500,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
451 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
452 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
453 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
454 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
455 authmode == MBEDTLS_SSL_VERIFY_NONE )
457 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
458 @@ -2677,7 +2678,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
459 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
460 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
461 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
462 - defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
463 + defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED) || \
464 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
465 unsigned char *p = ssl->out_msg + 4;
466 unsigned char *dig_signed = p;
467 size_t dig_signed_len = 0, len;
468 @@ -2738,12 +2740,11 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
469 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
470 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
472 - /* Note: we don't support identity hints, until someone asks
478 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len >> 8 );
479 + *(p++) = (unsigned char)( ssl->conf->psk_identity_len );
480 + memcpy(p, ssl->conf->psk_identity, ssl->conf->psk_identity_len);
481 + p += ssl->conf->psk_identity_len;
482 + n += ssl->conf->psk_identity_len + 2;
484 #endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
485 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED */
486 @@ -2800,7 +2801,8 @@ static int ssl_write_server_key_exchange( mbedtls_ssl_context *ssl )
487 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__ECDHE_ENABLED)
488 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
489 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
490 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK )
491 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
492 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON)
495 * Ephemeral ECDH parameters:
496 @@ -3338,11 +3340,13 @@ static int ssl_parse_client_key_exchange( mbedtls_ssl_context *ssl )
497 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
498 defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
499 defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
500 - defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED)
501 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED) || \
502 + defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
503 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_RSA ||
504 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA ||
505 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_RSA ||
506 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA )
507 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA ||
508 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
510 if( ( ret = mbedtls_ecdh_read_public( &ssl->handshake->ecdh_ctx,
512 @@ -3539,7 +3543,8 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
513 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
514 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
515 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
516 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
517 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
518 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
520 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
522 @@ -3570,6 +3575,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
523 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
524 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
525 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
526 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON ||
527 ssl->session_negotiate->peer_cert == NULL )
529 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
530 diff --git a/library/ssl_tls.c b/library/ssl_tls.c
531 index 80a908d..94c8fd7 100644
532 --- a/library/ssl_tls.c
533 +++ b/library/ssl_tls.c
534 @@ -4037,7 +4037,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
535 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
536 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
537 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
538 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
539 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
540 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
542 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
544 @@ -4057,7 +4058,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
545 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
546 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
547 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
548 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
549 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
550 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
552 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
554 @@ -4080,7 +4082,8 @@ int mbedtls_ssl_write_certificate( mbedtls_ssl_context *ssl )
555 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
556 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
557 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
558 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
559 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
560 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
562 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
564 @@ -4196,7 +4199,8 @@ int mbedtls_ssl_parse_certificate( mbedtls_ssl_context *ssl )
565 if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
566 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
567 ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
568 - ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
569 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
570 + ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDH_ANON )
572 MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
574 @@ -7510,6 +7514,7 @@ int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
575 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
576 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
577 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
578 + case MBEDTLS_KEY_EXCHANGE_ECDH_ANON:
582 diff --git a/library/version_features.c b/library/version_features.c
583 index 5d20ba0..6404a0c 100644
584 --- a/library/version_features.c
585 +++ b/library/version_features.c
586 @@ -264,6 +264,9 @@ static const char *features[] = {
587 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED)
588 "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED",
589 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED */
590 +#if defined(MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED)
591 + "MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED",
592 +#endif /* MBEDTLS_KEY_EXCHANGE_ECDH_ANON_ENABLED */
593 #if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
594 "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED",
595 #endif /* MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED */
596 diff --git a/library/x509_crt.c b/library/x509_crt.c
597 index af6c2a4..6dcb6aa 100644
598 --- a/library/x509_crt.c
599 +++ b/library/x509_crt.c
602 #if defined(_WIN32) && !defined(EFIX64) && !defined(EFI32)
604 +#include <intsafe.h>
608 @@ -1108,6 +1109,7 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
609 char filename[MAX_PATH];
611 size_t len = strlen( path );
612 + int lengthAsInt = 0;
614 WIN32_FIND_DATAW file_data;
616 @@ -1122,7 +1124,10 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
618 filename[len++] = '*';
620 - w_ret = MultiByteToWideChar( CP_ACP, 0, filename, len, szDir,
621 + if ( FAILED ( SizeTToInt( len, &lengthAsInt ) ) )
622 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
624 + w_ret = MultiByteToWideChar( CP_ACP, 0, filename, lengthAsInt, szDir,
627 return( MBEDTLS_ERR_X509_BAD_INPUT_DATA );
628 @@ -1139,8 +1144,11 @@ int mbedtls_x509_crt_parse_path( mbedtls_x509_crt *chain, const char *path )
629 if( file_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY )
632 + if ( FAILED( SizeTToInt( wcslen( file_data.cFileName ), &lengthAsInt ) ) )
633 + return( MBEDTLS_ERR_X509_FILE_IO_ERROR );
635 w_ret = WideCharToMultiByte( CP_ACP, 0, file_data.cFileName,
636 - lstrlenW( file_data.cFileName ),