Enable restart for certificate verify
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 00a8db4..4cfe154 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -231,6 +231,8 @@
mbedtls_x509_crt_restart_ctx ecrs_ctx; /*!< restart context */
enum {
ssl_ecrs_init = 0, /*!< just getting started */
+ ssl_ecrs_crt_parsed, /*!< server certificate was parsed */
+ ssl_ecrs_crt_verified, /*!< server certificate was verified*/
ssl_ecrs_ske_read, /*!< ServerKeyExchange was read */
ssl_ecrs_ske_verified, /*!< ServerKeyExchange was verified */
ssl_ecrs_ecdh_public_done, /*!< wrote ECDHE public share */
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index f91e2a8..f3cde7f 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -4518,6 +4518,7 @@
#else
const int authmode = ssl->conf->authmode;
#endif
+ void *rs_ctx = NULL;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> parse certificate" ) );
@@ -4545,11 +4546,20 @@
{
ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_SKIP_VERIFY;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
+
ssl->state++;
return( 0 );
}
#endif
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled &&
+ ssl->handshake->ecrs_state == ssl_ecrs_crt_parsed )
+ {
+ goto crt_verify;
+ }
+#endif
+
if( ( ret = mbedtls_ssl_read_record( ssl ) ) != 0 )
{
/* mbedtls_ssl_read_record may have sent an alert already. We
@@ -4572,6 +4582,15 @@
return( ret );
}
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled)
+ ssl->handshake->ecrs_state++;
+
+crt_verify:
+ if( ssl->handshake->ecrs_enabled)
+ rs_ctx = &ssl->handshake->ecrs_ctx;
+#endif
+
if( authmode != MBEDTLS_SSL_VERIFY_NONE )
{
mbedtls_x509_crt *ca_chain;
@@ -4593,19 +4612,24 @@
/*
* Main check: verify certificate
*/
- ret = mbedtls_x509_crt_verify_with_profile(
+ ret = mbedtls_x509_crt_verify_restartable(
ssl->session_negotiate->peer_cert,
ca_chain, ca_crl,
ssl->conf->cert_profile,
ssl->hostname,
&ssl->session_negotiate->verify_result,
- ssl->conf->f_vrfy, ssl->conf->p_vrfy );
+ ssl->conf->f_vrfy, ssl->conf->p_vrfy, rs_ctx );
if( ret != 0 )
{
MBEDTLS_SSL_DEBUG_RET( 1, "x509_verify_cert", ret );
}
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ret == MBEDTLS_ERR_ECP_IN_PROGRESS )
+ return( ret );
+#endif
+
/*
* Secondary checks: always done, but change 'ret' only if it was 0
*/
@@ -4702,6 +4726,11 @@
#endif /* MBEDTLS_DEBUG_C */
}
+#if defined(MBEDTLS_SSL__ECP_RESTARTABLE)
+ if( ssl->handshake->ecrs_enabled)
+ ssl->handshake->ecrs_state++;
+#endif
+
ssl->state++;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 2e03758..1dea049 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -3450,6 +3450,7 @@
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1" \
0 \
+ -C "x509_verify_cert.*4b80" \
-C "mbedtls_pk_verify.*4b80" \
-C "mbedtls_ecdh_make_public.*4b80" \
-C "mbedtls_pk_sign.*4b80"
@@ -3461,6 +3462,7 @@
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1 ec_max_ops=0" \
0 \
+ -C "x509_verify_cert.*4b80" \
-C "mbedtls_pk_verify.*4b80" \
-C "mbedtls_ecdh_make_public.*4b80" \
-C "mbedtls_pk_sign.*4b80"
@@ -3472,6 +3474,7 @@
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1 ec_max_ops=65535" \
0 \
+ -C "x509_verify_cert.*4b80" \
-C "mbedtls_pk_verify.*4b80" \
-C "mbedtls_ecdh_make_public.*4b80" \
-C "mbedtls_pk_sign.*4b80"
@@ -3483,17 +3486,70 @@
key_file=data_files/server5.key crt_file=data_files/server5.crt \
debug_level=1 ec_max_ops=1000" \
0 \
+ -c "x509_verify_cert.*4b80" \
-c "mbedtls_pk_verify.*4b80" \
-c "mbedtls_ecdh_make_public.*4b80" \
-c "mbedtls_pk_sign.*4b80"
requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, badsign" \
+ "$P_SRV auth_mode=required \
+ crt_file=data_files/server5-badsign.crt \
+ key_file=data_files/server5.key" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000" \
+ 1 \
+ -c "x509_verify_cert.*4b80" \
+ -C "mbedtls_pk_verify.*4b80" \
+ -C "mbedtls_ecdh_make_public.*4b80" \
+ -C "mbedtls_pk_sign.*4b80" \
+ -c "! The certificate is not correctly signed by the trusted CA" \
+ -c "! mbedtls_ssl_handshake returned" \
+ -c "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
+ "$P_SRV auth_mode=required \
+ crt_file=data_files/server5-badsign.crt \
+ key_file=data_files/server5.key" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000 auth_mode=optional" \
+ 0 \
+ -c "x509_verify_cert.*4b80" \
+ -c "mbedtls_pk_verify.*4b80" \
+ -c "mbedtls_ecdh_make_public.*4b80" \
+ -c "mbedtls_pk_sign.*4b80" \
+ -c "! The certificate is not correctly signed by the trusted CA" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
+run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
+ "$P_SRV auth_mode=required \
+ crt_file=data_files/server5-badsign.crt \
+ key_file=data_files/server5.key" \
+ "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
+ key_file=data_files/server5.key crt_file=data_files/server5.crt \
+ debug_level=1 ec_max_ops=1000 auth_mode=none" \
+ 0 \
+ -C "x509_verify_cert.*4b80" \
+ -c "mbedtls_pk_verify.*4b80" \
+ -c "mbedtls_ecdh_make_public.*4b80" \
+ -c "mbedtls_pk_sign.*4b80" \
+ -C "! The certificate is not correctly signed by the trusted CA" \
+ -C "! mbedtls_ssl_handshake returned" \
+ -C "X509 - Certificate verification failed"
+
+requires_config_enabled MBEDTLS_ECP_RESTARTABLE
run_test "EC restart: DTLS, max_ops=1000" \
"$P_SRV auth_mode=required dtls=1" \
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
key_file=data_files/server5.key crt_file=data_files/server5.crt \
dtls=1 debug_level=1 ec_max_ops=1000" \
0 \
+ -c "x509_verify_cert.*4b80" \
-c "mbedtls_pk_verify.*4b80" \
-c "mbedtls_ecdh_make_public.*4b80" \
-c "mbedtls_pk_sign.*4b80"
@@ -3504,6 +3560,7 @@
"$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
debug_level=1 ec_max_ops=1000" \
0 \
+ -c "x509_verify_cert.*4b80" \
-c "mbedtls_pk_verify.*4b80" \
-c "mbedtls_ecdh_make_public.*4b80" \
-C "mbedtls_pk_sign.*4b80"
@@ -3514,6 +3571,7 @@
"$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
psk=abc123 debug_level=1 ec_max_ops=1000" \
0 \
+ -C "x509_verify_cert.*4b80" \
-C "mbedtls_pk_verify.*4b80" \
-C "mbedtls_ecdh_make_public.*4b80" \
-C "mbedtls_pk_sign.*4b80"
