TLSv1.3: Certificate and CertificateStatus#2020
TLSv1.3: Certificate and CertificateStatus#2020mattcaswell wants to merge 9 commits intoopenssl:masterfrom
Conversation
|
I added a commit to update SSL_trace() for the new format Certificate message. |
mattcaswell
force-pushed
the
tls1_3-certificate-changes
branch
from
210c4c1 to
7759e04
Compare
|
I rebased this onto the latest master (phew that was hard....loads of conflicts). Anyway, this PR no longer depends on anything else so can be reviewed. |
mattcaswell
force-pushed
the
tls1_3-certificate-changes
branch
from
7759e04 to
049385a
Compare
|
Rebased this against latest master. Ping? |
|
I will not be able to look at it for a few days, if anyone else wants to jump in. |
levitte
left a comment
levitte
left a comment
There was a problem hiding this comment.
You need to do a make update and fix the issues that come up.
mattcaswell
force-pushed
the
tls1_3-certificate-changes
branch
from
049385a to
0a1df2c
Compare
|
New version pushed resolving make update issues. |
mattcaswell
force-pushed
the
tls1_3-certificate-changes
branch
from
0a1df2c to
94b8894
Compare
|
Rebased again. |
|
Also added a new commit to fix a travis failure. |
ssl/t1_trce.c
Outdated
ssl/statem/extensions.c
Outdated
There was a problem hiding this comment.
"chain" is the wrong name. It's really numcerts or xcount. And it should be an int not a size_t.
There was a problem hiding this comment.
No - it means which certificate this is in the chain as presented by the peer. numcerts or xcount would be wrong. A Certificate message contains multiple certificates, and each one has its own extensions block. Therefore the parse function is called for each one - if there are 3 certs then parse_ctos will be called three times (if the extension exists) with chain set to 0, 1 and 2. It is bounded by 0 <= chain < "number of certificates". Since the number of certificates is a quantity, the correct type is a size_t.
There was a problem hiding this comment.
I still disagree. size_t is for the size of something, not an index. int is appropriate. And chain is still a bad name, idx or index or which is better.
There was a problem hiding this comment.
Ok, I changed the name to chainidx.
I strongly disagree on the type. The range of valid values exactly matches that of a size_t. It cannot be negative and the biggest (theoretical) value is SIZE_MAX - 1. The most common operations that you tend to perform on an index is to compare it to its boundary values...which is a size_t. Without that you have to perform casts to do the comparison. In fact there is scope for overflow errors if you use an int (INT_MAX != SIZE_MAX) and other oddities where the index goes -ve if its an int. A quick google search turned up a number of discussions on this issue (e.g. https://gustedt.wordpress.com/2013/07/15/a-praise-of-size_t-and-other-unsigned-types/).
mattcaswell
force-pushed
the
tls1_3-certificate-changes
branch
from
53adf88 to
b435955
Compare
|
Fixed the blank line issue and rebased this. |
ssl/statem/statem_srvr.c
Outdated
ssl/statem/statem_clnt.c
Outdated
ssl/statem/statem_lib.c
Outdated
ssl/statem/statem_lib.c
Outdated
ssl/statem/statem_srvr.c
Outdated
ssl/t1_trce.c
Outdated
There was a problem hiding this comment.
shouldn't this be msginlen?
|
Okay on size_t for subscript.
|
The Certificate message in TLS1.3 has an extensions block for each Certificate. Therefore we need to extend tls_construct_extensions() to pass in the certificate we are working on. We also pass in the position in the chain (with 0 being the first certificate).
Continuing from the previous commit we also need to extend the extensions framework to supply the Certificate we just read during parsing.
Also updates TLSProxy to be able to understand the format and parse the contained extensions.
We remove the separate CertificateStatus message for TLSv1.3, and instead send back the response in the appropriate Certificate message extension.
al can be used uninitialised in an error path.
This variable represents the index of the cert within the chain, so give it a name that better represents that.
mattcaswell
force-pushed
the
tls1_3-certificate-changes
branch
from
ce2e815 to
92020ad
Compare
|
Fixed the various issues above and also rebased to pick up the Appveyor fix from master. |
|
+1. nice work! |
|
Pushed. Thanks! |
The Certificate message in TLS1.3 has an extensions block for each Certificate. Therefore we need to extend tls_construct_extensions() to pass in the certificate we are working on. We also pass in the position in the chain (with 0 being the first certificate). Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
Continuing from the previous commit we also need to extend the extensions framework to supply the Certificate we just read during parsing. Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
Also updates TLSProxy to be able to understand the format and parse the contained extensions. Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
We remove the separate CertificateStatus message for TLSv1.3, and instead send back the response in the appropriate Certificate message extension. Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
al can be used uninitialised in an error path. Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
This variable represents the index of the cert within the chain, so give it a name that better represents that. Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
Reviewed-by: Rich Salz <[email protected]> (Merged from #2020)
3 participants
Checklist
Description of change
This PR builds on #2015 to implement the TLSv1.3 format Certificate message, including the extensions block. It then also uses those extensions to send the CertificateStatus data and drops the old separate CertficateStatus message in TLSv1.3