Don't ask for an invalid group in an HRR #21163

mattcaswell · 2023-06-09T08:43:00Z

If the client sends us a group in a key_share that is in our
supported_groups list but is otherwise not suitable (e.g. not compatible
with TLSv1.3) we reject it. We should not ask for that same group again
in a subsequent HRR.

Fixes #21157

If the client sends us a group in a key_share that is in our supported_groups list but is otherwise not suitable (e.g. not compatible with TLSv1.3) we reject it. We should not ask for that same group again in a subsequent HRR. Fixes openssl#21157

Test that if the client sends a key share for a group in the server's supported_group list but is otherwise invalid, that we don't select it in the HRR.

tmshort

Just a couple minor things that don't block approval.

test/recipes/70-test_tls13hrr.t

tmshort · 2023-06-11T04:19:48Z

ssl/statem/extensions.c

@@ -1449,7 +1449,11 @@ static int final_key_share(SSL_CONNECTION *s, unsigned int context, int sent)
                    group_id = pgroups[i];

                    if (check_in_list(s, group_id, clntgroups, clnt_num_groups,
-                                      1))
+                                      1)


Does line-length allow for this to be put with the previous line?

No - line-length prevents this

openssl-machine · 2023-06-12T05:00:20Z

This pull request is ready to merge

t8m · 2023-06-15T12:01:25Z

@mattcaswell do you want to change what @tmshort suggests? Or just merge please.

mattcaswell · 2023-06-16T08:10:03Z

Fix up pushed to address the feedback. @t8m and @tmshort - please can you reconfirm?

tmshort · 2023-06-20T09:49:34Z

Still good, though the 1) on it's own line is ugly!

openssl-machine · 2023-06-21T10:00:16Z

This pull request is ready to merge

If the client sends us a group in a key_share that is in our supported_groups list but is otherwise not suitable (e.g. not compatible with TLSv1.3) we reject it. We should not ask for that same group again in a subsequent HRR. Fixes #21157 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #21163)

Test that if the client sends a key share for a group in the server's supported_group list but is otherwise invalid, that we don't select it in the HRR. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #21163)

If the client sends us a group in a key_share that is in our supported_groups list but is otherwise not suitable (e.g. not compatible with TLSv1.3) we reject it. We should not ask for that same group again in a subsequent HRR. Fixes #21157 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #21163) (cherry picked from commit 7a949ae)

Test that if the client sends a key share for a group in the server's supported_group list but is otherwise invalid, that we don't select it in the HRR. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #21163) (cherry picked from commit adf33f9)

If the client sends us a group in a key_share that is in our supported_groups list but is otherwise not suitable (e.g. not compatible with TLSv1.3) we reject it. We should not ask for that same group again in a subsequent HRR. Fixes #21157 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #21163) (cherry picked from commit 7a949ae)

Test that if the client sends a key share for a group in the server's supported_group list but is otherwise invalid, that we don't select it in the HRR. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from #21163) (cherry picked from commit adf33f9)

mattcaswell · 2023-06-23T13:49:04Z

Pushed to master/3.1/3.0. Thanks.

mattcaswell added 2 commits June 9, 2023 09:35

Add a test for an invalid group in the HRR

fc26f41

Test that if the client sends a key share for a group in the server's supported_group list but is otherwise invalid, that we don't select it in the HRR.

mattcaswell added branch: master Merge to master branch approval: review pending This pull request needs review by a committer approval: otc review pending This pull request needs review by an OTC member branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 labels Jun 9, 2023

mattcaswell mentioned this pull request Jun 9, 2023

TLS 1.3 failed when set the groups_list of server and client to "brainpoolP512r1:X25519" #21157

Closed

fixup! Add a test for an invalid group in the HRR

35afe2a

t8m added triaged: bug The issue/pr is/fixes a bug tests: present The PR has suitable tests present labels Jun 9, 2023

t8m approved these changes Jun 9, 2023

View reviewed changes

t8m removed the approval: otc review pending This pull request needs review by an OTC member label Jun 9, 2023

tmshort approved these changes Jun 11, 2023

View reviewed changes

tmshort added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Jun 11, 2023

openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Jun 12, 2023

fixup! Add a test for an invalid group in the HRR

f3e3a8a

mattcaswell added approval: review pending This pull request needs review by a committer approval: otc review pending This pull request needs review by an OTC member and removed approval: ready to merge The 24 hour grace period has passed, ready to merge labels Jun 16, 2023

t8m approved these changes Jun 16, 2023

View reviewed changes

t8m removed the approval: otc review pending This pull request needs review by an OTC member label Jun 16, 2023

tmshort approved these changes Jun 20, 2023

View reviewed changes

tmshort removed the approval: review pending This pull request needs review by a committer label Jun 20, 2023

tmshort added the approval: done This pull request has the required number of approvals label Jun 20, 2023

openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Jun 21, 2023

mattcaswell closed this Jun 23, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Don't ask for an invalid group in an HRR #21163

Don't ask for an invalid group in an HRR #21163

mattcaswell commented Jun 9, 2023

tmshort left a comment

tmshort Jun 11, 2023

mattcaswell Jun 16, 2023

openssl-machine commented Jun 12, 2023

t8m commented Jun 15, 2023

mattcaswell commented Jun 16, 2023

tmshort commented Jun 20, 2023

openssl-machine commented Jun 21, 2023

mattcaswell commented Jun 23, 2023

Don't ask for an invalid group in an HRR #21163

Don't ask for an invalid group in an HRR #21163

Conversation

mattcaswell commented Jun 9, 2023

tmshort left a comment

Choose a reason for hiding this comment

tmshort Jun 11, 2023

Choose a reason for hiding this comment

mattcaswell Jun 16, 2023

Choose a reason for hiding this comment

openssl-machine commented Jun 12, 2023

t8m commented Jun 15, 2023

mattcaswell commented Jun 16, 2023

tmshort commented Jun 20, 2023

openssl-machine commented Jun 21, 2023

mattcaswell commented Jun 23, 2023