From 020896dbd0ddfdf43bf328783a0f9c7f453577ba Mon Sep 17 00:00:00 2001 From: Zhi Guan Date: Thu, 21 May 2026 15:21:41 +0800 Subject: [PATCH] Update TLS 1.3 Cross-validation with openssl s_client. HelloRetryReqeust not OK. --- include/gmssl/error.h | 2 +- src/ecdsa_p256.sage | 1 + src/tls13.c | 26 ++++++++++++++++++-------- src/tls_ext.c | 14 ++++++++------ tools/tls13_server.c | 14 +++++++++++--- 5 files changed, 39 insertions(+), 18 deletions(-) create mode 100644 src/ecdsa_p256.sage diff --git a/include/gmssl/error.h b/include/gmssl/error.h index 50ad803b..2c4360b1 100644 --- a/include/gmssl/error.h +++ b/include/gmssl/error.h @@ -37,7 +37,7 @@ extern "C" { #endif #define warning_print() \ - do { if (DEBUG) fprintf(stderr, "%s:%d:%s():\n",__FILE__, __LINE__, __FUNCTION__); } while (0) + do { if (DEBUG) fprintf(stderr, " warning %s:%d:%s():\n",__FILE__, __LINE__, __FUNCTION__); } while (0) #define error_print() \ do { if (DEBUG) fprintf(stderr, "%s:%d:%s():\n",__FILE__, __LINE__, __FUNCTION__); } while (0) diff --git a/src/ecdsa_p256.sage b/src/ecdsa_p256.sage new file mode 100644 index 00000000..8b137891 --- /dev/null +++ b/src/ecdsa_p256.sage @@ -0,0 +1 @@ + diff --git a/src/tls13.c b/src/tls13.c index c57c182d..331c95c1 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -1706,12 +1706,13 @@ int tls13_key_share_entry_from_bytes(int *group, const uint8_t **key_exchange, s } *group = named_curve; if (!tls_named_curve_name(named_curve)) { - error_print(); - return -1; + warning_print(); + //return -1; } if (*key_exchange_len != 65) { - error_print(); - return -1; + // 只有SM2/P256才满足,但是对方可能发送其他类型的key_share + warning_print(); // FIXME: + //return -1; } return 1; } @@ -2286,7 +2287,7 @@ int tls13_client_hello_print(FILE *fp, int fmt, int ind, const uint8_t *d, size_ break; default: format_bytes(fp, fmt, ind + 4, "data", ext_data, ext_datalen); - error_print(); + //error_print(); //return -1; } } @@ -6863,9 +6864,9 @@ int tls13_recv_client_hello(TLS_CONNECT *conn) case TLS_extension_cookie: error_print(); default: - error_print(); - tls13_send_alert(conn, TLS_alert_illegal_parameter); - return -1; + warning_print(); + //tls13_send_alert(conn, TLS_alert_illegal_parameter); + //return -1; } } @@ -7003,6 +7004,15 @@ int tls13_recv_client_hello(TLS_CONNECT *conn) int common_cipher_suites[4]; size_t common_cipher_suites_cnt; + if (!conn->ctx->cert_chains) { + error_print(); + return -1; + } + if (!conn->ctx->cert_chains_len) { + error_print(); + return -1; + } + if ((ret = tls13_cert_chains_select( conn->ctx->cert_chains, conn->ctx->cert_chains_len, common_sig_algs, common_sig_algs_cnt, diff --git a/src/tls_ext.c b/src/tls_ext.c index 3ffd0714..1acd1342 100644 --- a/src/tls_ext.c +++ b/src/tls_ext.c @@ -246,8 +246,8 @@ int tls_process_supported_groups(const uint8_t *ext_data, size_t ext_datalen, return -1; } if (!tls_named_curve_name(group)) { - error_print(); - return -1; + warning_print(); + //return -1; } if (group == local_groups[0] && j < max_cnt) { common_groups[j++] = group; @@ -483,8 +483,8 @@ int tls_process_signature_algorithms(const uint8_t *ext_data, size_t ext_datalen return -1; } if (!tls_signature_scheme_name(sig_alg)) { - error_print(); - return -1; + warning_print(); // FIXME + //return -1; } if (sig_alg == local_sig_algs[0] && j < max_cnt) { common_sig_algs[j++] = sig_alg; @@ -667,9 +667,11 @@ int tls_ext_from_bytes(int *type, const uint8_t **data, size_t *datalen, const u return -1; } *type = ext_type; + + // FIXME: handle unkonwn ext if (!tls_extension_name(ext_type)) { - error_print(); - return -1; + warning_print(); + //return -1; } return 1; } diff --git a/tools/tls13_server.c b/tools/tls13_server.c index 85596e57..df4170a7 100644 --- a/tools/tls13_server.c +++ b/tools/tls13_server.c @@ -140,17 +140,21 @@ static const char *help = "\n" "TLS 1.3 with TLS_AES_128_GCM_SHA256\n" " sudo gmssl tls13_server -port 4430 \\\n" -" -cipher_suite TLS_AES_128_GCM_SHA256 -supported_group prime256v1 -sig_alg ecdsa_secp256r1_sha256\n" +" -cipher_suite TLS_AES_128_GCM_SHA256 -supported_group prime256v1 -sig_alg ecdsa_secp256r1_sha256 \\\n" " -cert p256certs.pem -key p256signkey.pem -pass 1234\n" "\n" " gmssl tls13_client -host 127.0.0.1 -port 4430 -cacert rootcacerts.pem \\\n" " -cipher_suite TLS_AES_128_GCM_SHA256 -supported_group prime256v1 -sig_alg ecdsa_secp256r1_sha256\n" "\n" " add `SSL_CTX_clear_options(ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);` to openssl apps/s_server.c\n" +" add `SSL_CTX_clear_options(ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);` to openssl apps/s_client.c\n" +"\n" " /usr/local/bin/openssl s_server -accept 4430 -cert p256signcert.pem -cert_chain p256cacert.pem -key p256signkey.exp \\\n" " -tls1_3 -ciphersuites TLS_AES_128_GCM_SHA256 -named_curve prime256v1 \\\n" " -trace -keylogfile sslkeys.log\n" "\n" +" /usr/local/bin/openssl s_client -connect 127.0.0.1:4430 -tls1_3 -CAfile p256rootcacert.pem -groups prime256v1 -trace\n" +"\n" "TLS 1.3 SNI\n" "\n" " sudo gmssl tls13_server -port 4430 \\\n" @@ -361,12 +365,17 @@ int tls13_server_main(int argc , char **argv) if (--argc < 1) goto bad; certfile = *(++argv); + error_print(); + if (certfiles_cnt >= sizeof(certfiles)/sizeof(certfiles[0])) { error_print(); return -1; } certfiles[certfiles_cnt++] = certfile; + + fprintf(stderr, "111certfiles_cnt = %zu\n", certfiles_cnt); + } else if (!strcmp(*argv, "-key")) { if (--argc < 1) goto bad; keyfile = *(++argv); @@ -520,9 +529,8 @@ bad: goto end; } + // FIXME: 打印载入的证书信息 for (i = 0; i < certfiles_cnt; i++) { - - fprintf(stderr, "add_certificate_chain_and_key\n"); if (tls_ctx_add_certificate_chain_and_key(&ctx, certfiles[i], keyfiles[i], passes[i]) != 1) { error_print(); return -1;