diff --git a/include/gmssl/tls.h b/include/gmssl/tls.h index a6c91efd..35790e33 100644 --- a/include/gmssl/tls.h +++ b/include/gmssl/tls.h @@ -770,6 +770,10 @@ typedef struct { size_t cacertslen; int verify_depth; + // CertificateRequest + int certificate_request; + + // NewSessionTicket int new_session_ticket; int new_session_ticket_cnt; @@ -1100,6 +1104,7 @@ typedef struct { // 13. signature_algorithms // in ClientHello, CertificateRequest; + // 这两个变量应该删除,目前仅在TLS12实现中使用 int signature_algorithms[2]; size_t signature_algorithms_cnt; @@ -1671,6 +1676,10 @@ int tls13_cert_chains_select(const uint8_t *cert_chains, size_t cert_chains_len, int *prefered_sig_alg); +// CertificateRequest +int tls_ctx_enable_certificate_request(TLS_CTX *ctx, int enable); + + // Extensions @@ -1909,7 +1918,7 @@ int tls13_ctx_set_psk_key_exchange_modes(TLS_CTX *ctx, int psk_ke, int psk_dhe_k // 47. certificate_authorities -int tls13_enable_certificate_authorities(TLS_CONNECT *conn); +int tls13_enable_certificate_authorities(TLS_CONNECT *conn, int enable); int tls13_certificate_authorities_ext_to_bytes(const uint8_t *ca_names, size_t ca_names_len, uint8_t **out, size_t *outlen); int tls13_certificate_authorities_from_bytes(const uint8_t **ca_names, size_t *ca_names_len, diff --git a/src/tls.c b/src/tls.c index 0b9e1a2f..1b8466e2 100644 --- a/src/tls.c +++ b/src/tls.c @@ -1965,6 +1965,8 @@ int tls_shutdown(TLS_CONNECT *conn) return 1; } +// ca_names中存储的是什么结构的数据? +// 看来这个函数是有问题的,这里面存储的应该是GeneralNames类型的数据,subject是什么结构? int tls_authorities_from_certs(uint8_t *names, size_t *nameslen, size_t maxlen, const uint8_t *certs, size_t certslen) { const uint8_t *cert; @@ -1989,7 +1991,10 @@ int tls_authorities_from_certs(uint8_t *names, size_t *nameslen, size_t maxlen, error_print(); return -1; } - tls_uint16_to_bytes((uint16_t)alen, &names, nameslen); + + tls_uint16_to_bytes(alen, &names, nameslen); + maxlen -= tls_uint16_size(); + if (asn1_sequence_to_der(name, namelen, &names, nameslen) != 1) { error_print(); return -1; @@ -2001,6 +2006,7 @@ int tls_authorities_from_certs(uint8_t *names, size_t *nameslen, size_t maxlen, // 这个函数在语义上有问题: // 首先我们判断的是证书链,因此函数名上应该是一个cert_chain +// 调用这个函数传进来的就不是一个证书链 int tls_authorities_issued_certificate(const uint8_t *ca_names, size_t ca_names_len, const uint8_t *certs, size_t certslen) { const uint8_t *cert; @@ -2008,11 +2014,20 @@ int tls_authorities_issued_certificate(const uint8_t *ca_names, size_t ca_names_ const uint8_t *issuer; size_t issuer_len; + + //x509_certs_print(stderr, 0, 0, "cert_chain", certs, certslen); + + if (x509_certs_get_last(certs, certslen, &cert, &certlen) != 1 || x509_cert_get_issuer(cert, certlen, &issuer, &issuer_len) != 1) { error_print(); return -1; } + + //x509_cert_print(stderr, 0, 0, "last cert", cert, certlen); + + //x509_name_print(stderr, 0, 0, "issuer", issuer, issuer_len); + while (ca_names_len) { const uint8_t *p; size_t len; @@ -2028,6 +2043,10 @@ int tls_authorities_issued_certificate(const uint8_t *ca_names, size_t ca_names_ error_print(); return -1; } + + //x509_name_print(stderr, 0, 0, "ca", name, namelen); + + if (x509_name_equ(name, namelen, issuer, issuer_len) == 1) { return 1; } @@ -2349,6 +2368,8 @@ int tls_ctx_set_ca_certificates(TLS_CTX *ctx, const char *cacertsfile, int depth error_print(); return -1; } + + // 在读取CA证书的时候,提取了证书的名字 if (tls_authorities_from_certs(ctx->ca_names, &ctx->ca_names_len, sizeof(ctx->ca_names), ctx->cacerts, ctx->cacertslen) != 1) { error_print(); @@ -2359,6 +2380,24 @@ int tls_ctx_set_ca_certificates(TLS_CTX *ctx, const char *cacertsfile, int depth return 1; } + +int tls_ctx_enable_certificate_request(TLS_CTX *ctx, int enable) +{ + if (!ctx) { + error_print(); + return -1; + } + + if (ctx->is_client) { + error_print(); + return -1; + } + + ctx->certificate_request = enable ? 1 : 0; + return 1; +} + + int tls_ctx_add_certificate_list_and_key(TLS_CTX *ctx, const char *chainfile, const uint8_t *entity_status_request_ocsp_response, size_t entity_status_request_ocsp_response_len, // optional const uint8_t *entity_signed_certificate_timestamp_list, size_t entity_signed_certificate_timestamp_list_len, // optional diff --git a/src/tls12.c b/src/tls12.c index b196448a..2f230fde 100644 --- a/src/tls12.c +++ b/src/tls12.c @@ -102,13 +102,10 @@ int tls_recv_record(TLS_CONNECT *conn) size_t left; tls_ret_t n; - // 说明报文已经完整的读取到了 if (conn->recordlen) { return 1; } - fprintf(stderr, "110 conn->record_offset = %zu\n", conn->record_offset); - if (conn->record_offset < 5) { left = 5 - conn->record_offset; while (left) { @@ -132,7 +129,6 @@ int tls_recv_record(TLS_CONNECT *conn) left -= n; } } - fprintf(stderr, "135 conn->record_offset = %zu\n", conn->record_offset); if (conn->record_offset == 5) { if (!tls_record_type_name(tls_record_type(conn->record))) { @@ -149,9 +145,6 @@ int tls_recv_record(TLS_CONNECT *conn) } } - fprintf(stderr, "152 conn->record_offset = %zu\n", conn->record_offset); - fprintf(stderr, "153 conn->recordlen = %zu\n", tls_record_length(conn->record)); - if (conn->record_offset >= tls_record_length(conn->record)) { error_print(); return -1; diff --git a/src/tls13.c b/src/tls13.c index f9719c2e..d097ae12 100644 --- a/src/tls13.c +++ b/src/tls13.c @@ -453,8 +453,6 @@ int tls13_do_recv(TLS_CONNECT *conn) switch (conn->state) { case 0: case TLS_state_early_data: - error_print(); - fprintf(stderr, "----------------------------------------------------------------\n"); conn->record_offset = 0; conn->recordlen = TLS_RECORD_HEADER_SIZE; conn->state = TLS_state_recv_record_header; @@ -483,11 +481,6 @@ int tls13_do_recv(TLS_CONNECT *conn) return -1; } conn->recordlen = tls_record_data_length(conn->record); - - fprintf(stderr, "%d: recordlen = %zu\n", __LINE__, conn->recordlen); - - fprintf(stderr, "record_offset = %zu\n", conn->record_offset); - conn->state = TLS_state_recv_record_data; case TLS_state_recv_record_data: @@ -516,8 +509,6 @@ int tls13_do_recv(TLS_CONNECT *conn) conn->recordlen = tls_record_length(conn->record); - fprintf(stderr, "%d: recordlen = %zu\n", __LINE__, conn->recordlen); - tls13_record_print(stderr, 0, 0, conn->record, conn->recordlen); @@ -527,18 +518,18 @@ int tls13_do_recv(TLS_CONNECT *conn) iv = conn->server_write_iv; seq_num = conn->server_seq_num; - format_bytes(stderr, 0, 4, "server_write_iv", iv, 12); - format_bytes(stderr, 0, 4, "server_seq_num", seq_num, 8); - format_print(stderr, 0, 0, "\n"); + //format_bytes(stderr, 0, 4, "server_write_iv", iv, 12); + //format_bytes(stderr, 0, 4, "server_seq_num", seq_num, 8); + //format_print(stderr, 0, 0, "\n"); } else { key = &conn->client_write_key; iv = conn->client_write_iv; seq_num = conn->client_seq_num; - format_bytes(stderr, 0, 4, "client_write_iv", iv, 12); - format_bytes(stderr, 0, 4, "client_seq_num", seq_num, 8); - format_print(stderr, 0, 0, "\n"); + //format_bytes(stderr, 0, 4, "client_write_iv", iv, 12); + //format_bytes(stderr, 0, 4, "client_seq_num", seq_num, 8); + //format_print(stderr, 0, 0, "\n"); } @@ -572,10 +563,6 @@ int tls13_do_recv(TLS_CONNECT *conn) // NewSessionTicket 也不应该是被单独接收的,只能在解密并解析了handshake之后才可以 case TLS_handshake_new_session_ticket: - - error_print(); - fprintf(stderr, "tls13_process_new_session_ticket\n"); - if (tls13_process_new_session_ticket(conn) != 1) { error_print(); return -1; @@ -1630,14 +1617,26 @@ int tls13_certificate_authorities_ext_to_bytes(const uint8_t *ca_names, size_t c const uint8_t *p; size_t len; + if (!ca_names || !ca_names_len || !outlen) { + error_print(); + return -1; + } + + + /* p = ca_names; len = ca_names_len; authorities_len = 0; while (len) { + + if (x509_name_from_der(&name, &namelen, &p, &len) != 1) { error_print(); return -1; } + // 这里应该首先把name封装为一个sequence,然后再封装为一个uint16array + + tls_uint16array_to_bytes(name, namelen, NULL, &authorities_len); } if (authorities_len < 3 || authorities_len > (1 << 16) - 1) { @@ -1653,6 +1652,12 @@ int tls13_certificate_authorities_ext_to_bytes(const uint8_t *ca_names, size_t c x509_name_from_der(&name, &namelen, &ca_names, &ca_names_len); tls_uint16array_to_bytes(name, namelen, out, outlen); } + */ + + tls_uint16_to_bytes(ext_type, out, outlen); + tls_uint16_to_bytes(tls_uint16_size() + ca_names_len, out, outlen); + tls_uint16array_to_bytes(ca_names, ca_names_len, out, outlen); + return 1; } @@ -1671,7 +1676,7 @@ int tls13_certificate_authorities_from_bytes(const uint8_t **ca_names, size_t *c return 1; } -int tls13_enable_certificate_authorities(TLS_CONNECT *conn) +int tls13_enable_certificate_authorities(TLS_CONNECT *conn, int enable) { if (!conn) { error_print(); @@ -1681,7 +1686,7 @@ int tls13_enable_certificate_authorities(TLS_CONNECT *conn) error_print(); return -1; } - conn->certificate_authorities = 1; + conn->certificate_authorities = enable ? 1 : 0; return 1; } @@ -1691,21 +1696,30 @@ int tls13_certificate_authorities_print(FILE *fp, int fmt, int ind, const uint8_t *authorities; size_t authorities_len; + format_print(fp, fmt, ind, "authorities\n"); + ind += 4; + if (tls_uint16array_from_bytes(&authorities, &authorities_len, &ext_data, &ext_datalen) != 1 || tls_length_is_zero(ext_datalen) != 1) { error_print(); return -1; } while (authorities_len) { - const uint8_t *dn; - size_t dn_len; + const uint8_t *name; + size_t namelen; + const uint8_t *d; + size_t dlen; - if (tls_uint16array_from_bytes(&dn, &dn_len, &authorities, &authorities_len) != 1) { + if (tls_uint16array_from_bytes(&name, &namelen, &authorities, &authorities_len) != 1) { error_print(); return -1; } - - x509_name_print(fp, fmt, ind, "DistinguishedName", dn, dn_len); + if (asn1_sequence_from_der(&d, &dlen, &name, &namelen) != 1 + || asn1_length_is_zero(namelen) != 1) { + error_print(); + return -1; + } + x509_name_print(fp, fmt, ind, "DistinguishedName", d, dlen); } return 1; } @@ -1863,6 +1877,9 @@ int tls13_client_hello_print(FILE *fp, int fmt, int ind, const uint8_t *d, size_ case TLS_extension_signature_algorithms_cert: tls_signature_algorithms_print(fp, fmt, ind + 4, ext_data, ext_datalen); break; + case TLS_extension_certificate_authorities: + tls13_certificate_authorities_print(fp, fmt, ind + 4, ext_data, ext_datalen); + break; case TLS_extension_server_name: tls_server_name_print(fp, fmt, ind + 4, ext_data, ext_datalen); break; @@ -3305,7 +3322,8 @@ int tls_handshake_digest_print(FILE *fp, int fmt, int ind, const char *label, co digest_finish(&tmp_ctx, dgst, &dgstlen); - format_bytes(fp, fmt, ind, label, dgst, dgstlen); + format_print(fp, fmt, ind, "Transcript-Hash "); + format_bytes(fp, 0, 0, label, dgst, dgstlen); return 1; } @@ -3525,7 +3543,6 @@ int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx) { size_t i; - if (!ctx->supported_versions_cnt) { error_print(); return -1; @@ -3546,7 +3563,6 @@ int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx) conn->protocol = ctx->protocol; - conn->new_session_ticket = ctx->new_session_ticket; @@ -3580,9 +3596,6 @@ int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx) * [signature_algorithms_cert] */ - - fprintf(stderr, "tls13_init\n"); - // key_exchange_modes conn->key_exchange_modes = ctx->psk_key_exchange_modes; if (ctx->supported_groups_cnt && ctx->signature_algorithms_cnt) { @@ -3593,9 +3606,6 @@ int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx) } - tls_key_exchange_modes_print(stderr, 0, 0, "server key_exchange_modes", conn->key_exchange_modes); - - if (!conn->key_exchange_modes) { error_print(); return -1; @@ -3616,6 +3626,13 @@ int tls13_init(TLS_CONNECT *conn, TLS_CTX *ctx) conn->early_data = ctx->early_data; conn->max_early_data_size = ctx->max_early_data_size; + + // CertificateRequest + if (!ctx->is_client) { + conn->certificate_request = ctx->certificate_request; + } + + return 1; } @@ -3759,8 +3776,6 @@ int tls13_send_client_hello(TLS_CONNECT *conn) } // server_name - fprintf(stderr, "conn->server_name = %d\n", conn->server_name); - format_string(stderr, 0, 0, "conn->host_name", conn->host_name, conn->host_name_len); if (conn->server_name) { if (tls_server_name_ext_to_bytes( conn->host_name, conn->host_name_len, &pexts, &extslen) != 1) { @@ -3820,9 +3835,6 @@ int tls13_send_client_hello(TLS_CONNECT *conn) } } - fprintf(stderr, ">>>>> conn->pre_shared_key = %d\n", conn->pre_shared_key); - - // pre_shared_key (must be the last extension) if (conn->pre_shared_key) { uint8_t *ptruncated_exts = pexts; @@ -3831,9 +3843,6 @@ int tls13_send_client_hello(TLS_CONNECT *conn) uint8_t *pbinders = binders; size_t binderslen = 0; - - fprintf(stderr, "add pre_shared_key\n"); - if (!conn->psk_identities_len || !conn->psk_keys_len || !conn->psk_cipher_suites_cnt ) { @@ -4902,7 +4911,6 @@ int tls13_recv_server_hello(TLS_CONNECT *conn) error_print(); return -1; } - format_bytes(stderr, 0, 0, "ClientHello data", conn->plain_record + 5, conn->plain_recordlen - 5); tls_handshake_digest_print(stderr, 0, 0, "ClientHello", &conn->dgst_ctx); // update(ServerHello) @@ -4910,7 +4918,6 @@ int tls13_recv_server_hello(TLS_CONNECT *conn) error_print(); return -1; } - format_bytes(stderr, 0, 0, "ServerHello data", conn->record + 5, conn->recordlen - 5); tls_handshake_digest_print(stderr, 0, 0, "ServerHello", &conn->dgst_ctx); } @@ -5282,7 +5289,7 @@ int tls_cert_chain_match_extensions( // certificate_authorities if (ca_names && ca_names_len) { if ((ret = tls_authorities_issued_certificate( - ca_names, ca_names_len, cert, certlen)) < 0) { + ca_names, ca_names_len, cert_chain, cert_chain_len)) < 0) { error_print(); return -1; } else if (ret == 0) { @@ -5310,8 +5317,11 @@ int tls13_cert_chains_select(const uint8_t *cert_chains, size_t cert_chains_len, { size_t i; - if (!cert_chains || !cert_chains_len - || !signature_algorithms || !signature_algorithms_cnt) { + if (!cert_chains || !cert_chains_len) { + error_print(); + return -1; + } + if (!signature_algorithms || !signature_algorithms_cnt) { error_print(); return -1; } @@ -5420,6 +5430,8 @@ int tls13_recv_certificate_request(TLS_CONNECT *conn) tls_trace(" no {CertificateRequest}\n"); return 0; } + tls13_record_print(stderr, 0, 0, conn->plain_record, conn->plain_recordlen); + if ((ret = tls13_record_get_handshake_certificate_request(conn->plain_record, &request_context, &request_context_len, &exts, &extslen)) != 1) { @@ -5635,6 +5647,12 @@ int tls13_recv_certificate_request(TLS_CONNECT *conn) conn->certificate_request = 1; + + conn->record_offset = 0; + conn->recordlen = 0; + conn->plain_recordlen = 0; + + return ret; } @@ -5879,6 +5897,9 @@ int tls13_recv_client_certificate_verify(TLS_CONNECT *conn) tls_seq_num_incr(conn->client_seq_num); tls13_record_print(stderr, 0, 0, conn->plain_record, conn->plain_recordlen); + + + if ((ret = tls13_record_get_handshake_certificate_verify(conn->plain_record, &sig_alg, &sig, &siglen)) < 0) { error_print(); @@ -5901,6 +5922,7 @@ int tls13_recv_client_certificate_verify(TLS_CONNECT *conn) return -1; } + if (x509_certs_get_cert_by_index(conn->peer_cert_chain, conn->peer_cert_chain_len, 0, &cert, &certlen) != 1 || x509_cert_get_subject_public_key(cert, certlen, &public_key) != 1) { error_print(); @@ -5908,17 +5930,21 @@ int tls13_recv_client_certificate_verify(TLS_CONNECT *conn) return -1; } + // verify signature - if (tls13_verify_certificate_verify(TLS_server_mode, sig_alg, &public_key, + //tls_handshake_digest_print(stderr, 0, 0, "signed client CertificateVerify", &conn->dgst_ctx); + if (tls13_verify_certificate_verify(TLS_client_mode, sig_alg, &public_key, &conn->dgst_ctx, sig, siglen) != 1) { error_print(); return -1; } + // must update after tls13_verify_certificate_verify if (digest_update(&conn->dgst_ctx, conn->plain_record + 5, conn->plain_recordlen - 5) != 1) { error_print(); return -1; } + tls_handshake_digest_print(stderr, 0, 0, "after client CertificateVerify", &conn->dgst_ctx); return 1; } @@ -6019,7 +6045,7 @@ int tls13_send_client_certificate(TLS_CONNECT *conn) { int ret; - tls_trace("send {Certificate}\n"); + tls_trace("send client {Certificate*}\n"); if (conn->recordlen == 0) { const uint8_t *request_context = NULL; @@ -6057,6 +6083,8 @@ int tls13_send_client_certificate(TLS_CONNECT *conn) error_print(); return -1; } + tls_handshake_digest_print(stderr, 0, 0, "after client Certficate", &conn->dgst_ctx); + tls13_padding_len_rand(&padding_len); if (tls13_record_encrypt(&conn->client_write_key, conn->client_write_iv, @@ -6082,7 +6110,7 @@ int tls13_send_client_certificate_verify(TLS_CONNECT *conn) { int ret; - tls_trace("send {CertificateVerify*}\n"); + tls_trace("send client {CertificateVerify*}\n"); if (!conn->recordlen) { X509_KEY *sign_key = &conn->ctx->x509_keys[conn->cert_chain_idx - 1]; @@ -6090,6 +6118,7 @@ int tls13_send_client_certificate_verify(TLS_CONNECT *conn) size_t siglen; size_t padding_len; + //tls_handshake_digest_print(stderr, 0, 0, "signed client CertificateVerify", &conn->dgst_ctx); if (tls13_sign_certificate_verify(TLS_client_mode, conn->sig_alg, sign_key, &conn->dgst_ctx, sig, &siglen) != 1) { error_print(); @@ -6109,6 +6138,7 @@ int tls13_send_client_certificate_verify(TLS_CONNECT *conn) error_print(); return -1; } + tls_handshake_digest_print(stderr, 0, 0, "after client CertificateVerify", &conn->dgst_ctx); tls13_padding_len_rand(&padding_len); if (tls13_record_encrypt(&conn->client_write_key, conn->client_write_iv, @@ -6144,7 +6174,7 @@ int tls13_send_client_finished(TLS_CONNECT *conn) size_t padding_len; - tls_handshake_digest_print(stderr, 0, 0, "before ClientFinished", &conn->dgst_ctx); + //tls_handshake_digest_print(stderr, 0, 0, "before ClientFinished", &conn->dgst_ctx); tls13_compute_verify_data(conn->client_handshake_traffic_secret, &conn->dgst_ctx, verify_data, &verify_data_len); @@ -7682,13 +7712,13 @@ int tls13_send_certificate_request(TLS_CONNECT *conn) // * signed_certificate_timestamp // signature_algorithms - if (!conn->signature_algorithms_cnt) { + if (!conn->ctx->signature_algorithms_cnt) { error_print(); return -1; } // subset of ClientHello.signature_algorithms if (tls_signature_algorithms_ext_to_bytes( - conn->signature_algorithms, conn->signature_algorithms_cnt, + conn->ctx->signature_algorithms, conn->ctx->signature_algorithms_cnt, &pexts, &extslen) != 1) { error_print(); return -1; @@ -7697,12 +7727,15 @@ int tls13_send_certificate_request(TLS_CONNECT *conn) // signature_algorithms_cert, only when ClientHello.signature_algorithms_cert if (conn->signature_algorithms_cert) { if (tls13_signature_algorithms_cert_ext_to_bytes( - conn->signature_algorithms, conn->signature_algorithms_cnt, &pexts, &extslen) != 1) { + conn->ctx->signature_algorithms, conn->ctx->signature_algorithms_cnt, &pexts, &extslen) != 1) { error_print(); return -1; } } + // certificate_authorities 不应该默认发送吗? + conn->certificate_authorities = 1; + // certificate_authorities if (conn->certificate_authorities) { if (tls13_certificate_authorities_ext_to_bytes( @@ -7750,6 +7783,9 @@ int tls13_send_certificate_request(TLS_CONNECT *conn) } tls13_record_print(stderr, 0, 0, conn->plain_record, conn->plain_recordlen); + tls_handshake_digest_print(stderr, 0, 0, "after CertificateRequest", &conn->dgst_ctx); + + format_bytes(stderr, 0, 0, "server_seq_num", conn->server_seq_num, 8); tls13_padding_len_rand(&padding_len); if (tls13_record_encrypt(&conn->server_write_key, conn->server_write_iv, @@ -8008,10 +8044,12 @@ int tls13_recv_client_certificate(TLS_CONNECT *conn) tls13_record_trace(stderr, conn->plain_record, conn->plain_recordlen, 0, 0); - if (digest_update(&conn->dgst_ctx, conn->record + 5, conn->recordlen - 5) != 1) { + if (digest_update(&conn->dgst_ctx, conn->plain_record + 5, conn->plain_recordlen - 5) != 1) { error_print(); return -1; } + tls_handshake_digest_print(stderr, 0, 0, "after client Certificate", &conn->dgst_ctx); + if ((ret = tls13_record_get_handshake_certificate(conn->plain_record, &request_context, &request_context_len, @@ -8152,6 +8190,11 @@ int tls13_recv_client_finished(TLS_CONNECT *conn) } memset(&conn->dgst_ctx, 0, sizeof(conn->dgst_ctx)); + + // 当客户端发送了Certificate的时候,这个验证是不对的 + // 服务器多发送了CertificateRequest + // 客户端多发送了 Certificate, CertificateVerify + if (local_verify_data_len != verify_data_len || memcmp(local_verify_data, verify_data, verify_data_len) != 0) { error_print(); @@ -8433,7 +8476,7 @@ int tls13_do_client_handshake(TLS_CONNECT *conn) ret = tls13_recv_server_finished(conn); if (conn->early_data) next_state = TLS_state_end_of_early_data; - else if (conn->client_certificate_verify) + else if (conn->certificate_request) next_state = TLS_state_client_certificate; else next_state = TLS_state_client_finished; break; diff --git a/tools/tls13_client.c b/tools/tls13_client.c index 109afa93..867aed8f 100644 --- a/tools/tls13_client.c +++ b/tools/tls13_client.c @@ -42,6 +42,7 @@ static const char *help = " -pass str Password to decrypt private key\n" " -server_name Send server_name (SNI) request\n" " -signature_algorithms_cert Send signature_algorithms_cert extension\n" +" -certificate_authorities Send certificate_authorities extension\n" " -status_request Send status_request (OCSP Stapling) request\n" " -ct Send signed_certificate_timestamp (SCT) request\n" " -psk_ke Support PSK-only key exchange\n" @@ -146,6 +147,8 @@ int tls13_client_main(int argc, char *argv[]) size_t sig_algs_cnt = 0; + int certificate_authorities = 0; + int server_name = 0; int signature_algorithms_cert = 0; int status_request = 0; @@ -185,6 +188,8 @@ int tls13_client_main(int argc, char *argv[]) server_name = 1; } else if (!strcmp(*argv, "-signature_algorithms_cert")) { signature_algorithms_cert = 1; + } else if (!strcmp(*argv, "-certificate_authorities")) { + certificate_authorities = 1; } else if (!strcmp(*argv, "-status_request")) { status_request = 1; } else if (!strcmp(*argv, "-ct")) { @@ -354,9 +359,12 @@ bad: fprintf(stderr, "%s: context init error\n", prog); goto end; } + + + } if (certfile) { - if (tls_ctx_set_certificate_and_key(&ctx, certfile, keyfile, pass) != 1) { + if (tls_ctx_add_certificate_chain_and_key(&ctx, certfile, keyfile, pass) != 1) { fprintf(stderr, "%s: context init error\n", prog); goto end; } @@ -412,6 +420,13 @@ bad: } } + if (certificate_authorities) { + if (tls13_enable_certificate_authorities(&conn, 1) != 1) { + error_print(); + return -1; + } + } + if (sess_in) { FILE *sess_infp; int psk_ret = 1; diff --git a/tools/tls13_server.c b/tools/tls13_server.c index 3aae804a..9b280acb 100644 --- a/tools/tls13_server.c +++ b/tools/tls13_server.c @@ -24,6 +24,10 @@ // psk_cipher_suite 和 cipher_suite 是冗余的 +// 现在我要尝试CertificateRequest +// + + static const char *options = "[-port num] -cert file -key file -pass str [-cacert file]"; static const char *help = @@ -36,7 +40,6 @@ static const char *help = " -cert file Server's certificate chain in PEM format\n" " -key file Server's encrypted private key in PEM format\n" " -pass str Password to decrypt private key\n" -" -cacert file CA certificate for client certificate verification\n" " -new_session_ticket num Send NewSessionTicket times\n" " -ticket_key hex Session ticket encrypt/decrypt key in HEX format\n" " -psk_ke Support PSK-only key exchange\n" @@ -46,6 +49,8 @@ static const char *help = " -psk_key hex PSK key in HEX format, of PSK hash length\n" " -early_data Accept EarlyData, support 0-RTT\n" " -max_early_data_size num Set extension max_early_data_size\n" +" -cert_request Client certificate request\n" +" -cacert file CA certificate for client certificate verification\n" "\n" " -cipher_suite options\n" " TLS_SM4_GCM_SM3 TLS 1.3\n" @@ -224,8 +229,29 @@ static const char *help = " gmssl tls13_client -host 127.0.0.1 -port 4430 -cipher_suite TLS_SM4_GCM_SM3 \\\n" " -psk_ke -psk_identity 001 -psk_cipher_suite TLS_SM4_GCM_SM3 -psk_key $PSK \\\n" " -early_data early_data.txt\n" + +// 有一种情况需要验证,就是服务器发送证书请求,但是客户端只是发送一个空的证书,但是不提供CertificateVerify + +// 客户端证书暂时用服务器一样的证书吧 + +"\n" +"CertificateRequest\n" +"\n" +" sudo gmssl tls13_server -port 4430 -cert sm2certs.pem -key sm2signkey.pem -pass 1234 \\\n" +" -cipher_suite TLS_SM4_GCM_SM3 -supported_group sm2p256v1 -sig_alg sm2sig_sm3 \\\n" +" -cert_request -cacert sm2rootcacert.pem\n" +"\n" +" gmssl tls13_client -host 127.0.0.1 -port 4430 -cacert sm2rootcacert.pem \\\n" +" -cipher_suite TLS_SM4_GCM_SM3 -supported_group sm2p256v1 -sig_alg sm2sig_sm3 \\\n" +// 客户端也需要支持载入多个证书 +" -cert sm2certs.pem -key sm2signkey.pem -pass 1234\n" "\n"; + + + + + int tls13_server_main(int argc , char **argv) { int ret = 1; @@ -245,7 +271,6 @@ int tls13_server_main(int argc , char **argv) - char *cacertfile = NULL; int server_ciphers[] = { TLS_cipher_sm4_gcm_sm3, }; TLS_CTX ctx; TLS_CONNECT conn; @@ -294,6 +319,10 @@ int tls13_server_main(int argc , char **argv) size_t i; + + int cert_request = 0; + char *cacertfile = NULL; + argc--; argv++; @@ -341,6 +370,8 @@ int tls13_server_main(int argc , char **argv) } passes[passes_cnt++] = pass; + } else if (!strcmp(*argv, "-cert_request")) { + cert_request = 1; } else if (!strcmp(*argv, "-cacert")) { if (--argc < 1) goto bad; cacertfile = *(++argv); @@ -473,23 +504,6 @@ bad: } } - /* - if (certfile) { - if (!keyfile) { - fprintf(stderr, "%s: '-key' option required\n", prog); - return 1; - } - if (!pass) { - fprintf(stderr, "%s: '-pass' option required\n", prog); - return 1; - } - if (tls_ctx_add_certificate_chain_and_key(&ctx, certfile, keyfile, pass) != 1) { - error_print(); - return -1; - } - } - */ - if (supported_groups_cnt > 0) { if (tls_ctx_set_supported_groups(&ctx, supported_groups, supported_groups_cnt) != 1) { error_print(); @@ -504,11 +518,24 @@ bad: } } - if (cacertfile) { + if (cert_request) { + + if (!cacertfile) { + error_print(); + return -1; + } if (tls_ctx_set_ca_certificates(&ctx, cacertfile, TLS_DEFAULT_VERIFY_DEPTH) != 1) { error_print(); return -1; } + + // 在发送CertificateRequest的时候,需要把CA的DN发送给客户端 + // 这里dn_names是在什么时候设置好的? + + if (tls_ctx_enable_certificate_request(&ctx, 1) != 1) { + error_print(); + return -1; + } } if (psk_ke || psk_dhe_ke) {