Skip to content

Instantly share code, notes, and snippets.

@zb3
Created April 10, 2018 09:43
Show Gist options
  • Save zb3/c1257c0888418d2721e198db337b11c0 to your computer and use it in GitHub Desktop.
Save zb3/c1257c0888418d2721e198db337b11c0 to your computer and use it in GitHub Desktop.
Add support for Anonymous Diffie-Hellman key exchange in MbedTLS. This patch is experimental and ADH is not secure.
diff -Naur mbedtls/include/mbedtls/config.h mbedtls-dh-anon/include/mbedtls/config.h
--- mbedtls/include/mbedtls/config.h 2018-04-10 11:30:33.713503768 +0200
+++ mbedtls-dh-anon/include/mbedtls/config.h 2018-04-10 11:38:50.001356927 +0200
@@ -637,6 +637,36 @@
#define MBEDTLS_ECDSA_DETERMINISTIC
/**
+ * \def MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED
+ *
+ * Enable the ADH based ciphersuite modes in SSL / TLS.
+ *
+ * Requires: MBEDTLS_DHM_C
+ *
+ * This enables the following ciphersuites (if other requisites are
+ * enabled as well):
+ * MBEDTLS_TLS_DH_anon_WITH_AES_256_GCM_SHA384
+ * MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA256
+ * MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA
+ * MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384
+ * MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256
+ * MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
+ * MBEDTLS_TLS_DH_anon_WITH_AES_128_GCM_SHA256
+ * MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA256
+ * MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA
+ * MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256
+ * MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
+ * MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
+ * MBEDTLS_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
+ * MBEDTLS_TLS_DH_anon_WITH_DES_CBC_SHA
+ * MBEDTLS_TLS_DH_anon_WITH_RC4_128_MD5
+ *
+ * \warning ADH is suspectible to MITM attack, and thus not secure.
+ *
+ */
+#define MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED
+
+/**
* \def MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
*
* Enable the PSK based ciphersuite modes in SSL / TLS.
diff -Naur mbedtls/include/mbedtls/ssl_ciphersuites.h mbedtls-dh-anon/include/mbedtls/ssl_ciphersuites.h
--- mbedtls/include/mbedtls/ssl_ciphersuites.h 2018-04-10 11:30:33.727503888 +0200
+++ mbedtls-dh-anon/include/mbedtls/ssl_ciphersuites.h 2018-04-10 11:30:05.377258724 +0200
@@ -47,14 +47,20 @@
#define MBEDTLS_TLS_DHE_RSA_WITH_DES_CBC_SHA 0x15 /**< Weak! Not in TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA 0x16
+#define MBEDTLS_TLS_DH_anon_WITH_RC4_128_MD5 0x18
+#define MBEDTLS_TLS_DH_anon_WITH_DES_CBC_SHA 0x1A
+#define MBEDTLS_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA 0x1B
+
#define MBEDTLS_TLS_PSK_WITH_NULL_SHA 0x2C /**< Weak! */
#define MBEDTLS_TLS_DHE_PSK_WITH_NULL_SHA 0x2D /**< Weak! */
#define MBEDTLS_TLS_RSA_PSK_WITH_NULL_SHA 0x2E /**< Weak! */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA 0x2F
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA 0x33
+#define MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA 0x34
#define MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA 0x35
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA 0x39
+#define MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA 0x3A
#define MBEDTLS_TLS_RSA_WITH_NULL_SHA256 0x3B /**< Weak! */
#define MBEDTLS_TLS_RSA_WITH_AES_128_CBC_SHA256 0x3C /**< TLS 1.2 */
@@ -62,12 +68,16 @@
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA 0x41
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA 0x45
+#define MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA 0x46
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 0x67 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 0x6B /**< TLS 1.2 */
+#define MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA256 0x6C
+#define MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA256 0x6D
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA 0x84
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA 0x88
+#define MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA 0x89
#define MBEDTLS_TLS_PSK_WITH_RC4_128_SHA 0x8A
#define MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA 0x8B
@@ -89,6 +99,9 @@
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 0x9E /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 0x9F /**< TLS 1.2 */
+#define MBEDTLS_TLS_DH_anon_WITH_AES_128_GCM_SHA256 0xA6
+#define MBEDTLS_TLS_DH_anon_WITH_AES_256_GCM_SHA384 0xA7
+
#define MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256 0xA8 /**< TLS 1.2 */
#define MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384 0xA9 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 0xAA /**< TLS 1.2 */
@@ -113,9 +126,11 @@
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBA /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 0xBE /**< TLS 1.2 */
+#define MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 0xBF
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC0 /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 0xC4 /**< TLS 1.2 */
+#define MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 0xC5
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_NULL_SHA 0xC001 /**< Weak! */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_RC4_128_SHA 0xC002 /**< Not in SSL3! */
@@ -182,6 +197,8 @@
#define MBEDTLS_TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07B /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 0xC07C /**< TLS 1.2 */
#define MBEDTLS_TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 0xC07D /**< TLS 1.2 */
+#define MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 0xC084
+#define MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 0xC085
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC086 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 0xC087 /**< TLS 1.2 */
#define MBEDTLS_TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 0xC088 /**< TLS 1.2 */
@@ -232,6 +249,9 @@
#define MBEDTLS_TLS_ECJPAKE_WITH_AES_128_CCM_8 0xC0FF /**< experimental */
+
+
+
/* Reminder: update mbedtls_ssl_premaster_secret when adding a new key exchange.
* Reminder: update MBEDTLS_KEY_EXCHANGE__xxx below
*/
@@ -248,6 +268,7 @@
MBEDTLS_KEY_EXCHANGE_ECDH_RSA,
MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA,
MBEDTLS_KEY_EXCHANGE_ECJPAKE,
+ MBEDTLS_KEY_EXCHANGE_DH_ANON,
} mbedtls_key_exchange_type_t;
/* Key exchanges using a certificate */
@@ -295,6 +316,7 @@
/* Key exchanges that involve ephemeral keys */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
@@ -312,7 +334,8 @@
/* Key exchanges using DHE */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
#define MBEDTLS_KEY_EXCHANGE__SOME__DHE_ENABLED
#endif
@@ -370,6 +393,7 @@
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+ case MBEDTLS_KEY_EXCHANGE_DH_ANON:
case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
@@ -439,6 +463,7 @@
{
case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
+ case MBEDTLS_KEY_EXCHANGE_DH_ANON:
return( 1 );
default:
diff -Naur mbedtls/include/mbedtls/ssl.h mbedtls-dh-anon/include/mbedtls/ssl.h
--- mbedtls/include/mbedtls/ssl.h 2018-04-10 11:30:33.726503879 +0200
+++ mbedtls-dh-anon/include/mbedtls/ssl.h 2018-04-10 11:30:05.375258706 +0200
@@ -366,7 +366,8 @@
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
unsigned char _pms_rsa[48]; /* RFC 5246 8.1.1 */
#endif
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
unsigned char _pms_dhm[MBEDTLS_MPI_MAX_SIZE]; /* RFC 5246 8.1.2 */
#endif
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
diff -Naur mbedtls/library/ssl_ciphersuites.c mbedtls-dh-anon/library/ssl_ciphersuites.c
--- mbedtls/library/ssl_ciphersuites.c 2018-04-10 11:30:33.765504214 +0200
+++ mbedtls-dh-anon/library/ssl_ciphersuites.c 2018-04-10 11:30:05.379258742 +0200
@@ -221,6 +221,22 @@
MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8,
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,
+
+ MBEDTLS_TLS_DH_anon_WITH_AES_256_GCM_SHA384,
+ MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA256,
+ MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA,
+ MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384,
+ MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256,
+ MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA,
+ MBEDTLS_TLS_DH_anon_WITH_AES_128_GCM_SHA256,
+ MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA256,
+ MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA,
+ MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256,
+ MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256,
+ MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA,
+ MBEDTLS_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA,
+ MBEDTLS_TLS_DH_anon_WITH_DES_CBC_SHA,
+ MBEDTLS_TLS_DH_anon_WITH_RC4_128_MD5,
/* RC4 suites */
MBEDTLS_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
@@ -1530,6 +1546,133 @@
#endif /* MBEDTLS_AES_C */
#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
+#if defined(MBEDTLS_AES_C)
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+ { MBEDTLS_TLS_DH_anon_WITH_AES_128_GCM_SHA256, "TLS-ANON-DH-WITH-AES-128-GCM-SHA256",
+ MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+ { MBEDTLS_TLS_DH_anon_WITH_AES_256_GCM_SHA384, "TLS-ANON-DH-WITH-AES-256-GCM-SHA384",
+ MBEDTLS_CIPHER_AES_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA256_C)
+ { MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA256, "TLS-ANON-DH-WITH-AES-128-CBC-SHA256",
+ MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+ { MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA256, "TLS-ANON-DH-WITH-AES-256-CBC-SHA256",
+ MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA1_C)
+ { MBEDTLS_TLS_DH_anon_WITH_AES_128_CBC_SHA, "TLS-ANON-DH-WITH-AES-128-CBC-SHA",
+ MBEDTLS_CIPHER_AES_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+
+ { MBEDTLS_TLS_DH_anon_WITH_AES_256_CBC_SHA, "TLS-ANON-DH-WITH-AES-256-CBC-SHA",
+ MBEDTLS_CIPHER_AES_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_AES_C */
+
+#if defined(MBEDTLS_CAMELLIA_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+ { MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA, "TLS-ANON-DH-WITH-CAMELLIA-128-CBC-SHA",
+ MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+ { MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA, "TLS-ANON-DH-WITH-CAMELLIA-256-CBC-SHA",
+ MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA1_C */
+#if defined(MBEDTLS_SHA256_C)
+ { MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256, "TLS-ANON-DH-WITH-CAMELLIA-128-CBC-SHA256",
+ MBEDTLS_CIPHER_CAMELLIA_128_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+ { MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256, "TLS-ANON-DH-WITH-CAMELLIA-256-CBC-SHA256",
+ MBEDTLS_CIPHER_CAMELLIA_256_CBC, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA256_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+
+#if defined(MBEDTLS_GCM_C)
+#if defined(MBEDTLS_SHA256_C)
+ { MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256, "TLS-ANON-DH-WITH-CAMELLIA-128-GCM-SHA256",
+ MBEDTLS_CIPHER_CAMELLIA_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA256_C */
+
+#if defined(MBEDTLS_SHA512_C)
+ { MBEDTLS_TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384, "TLS-ANON-DH-WITH-CAMELLIA-256-GCM-SHA384",
+ MBEDTLS_CIPHER_CAMELLIA_256_GCM, MBEDTLS_MD_SHA384, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+#endif /* MBEDTLS_SHA512_C */
+#endif /* MBEDTLS_GCM_C */
+#endif /* MBEDTLS_CAMELLIA_C */
+
+#if defined(MBEDTLS_DES_C)
+#if defined(MBEDTLS_CIPHER_MODE_CBC)
+#if defined(MBEDTLS_SHA1_C)
+ { MBEDTLS_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA, "TLS-ANON-DH-WITH-3DES-EDE-CBC-SHA",
+ MBEDTLS_CIPHER_DES_EDE3_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ 0 },
+ { MBEDTLS_TLS_DH_anon_WITH_DES_CBC_SHA, "TLS-ANON-DH-WITH-DES-CBC-SHA",
+ MBEDTLS_CIPHER_DES_CBC, MBEDTLS_MD_SHA1, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_CIPHERSUITE_WEAK },
+#endif /* MBEDTLS_SHA1_C */
+#endif /* MBEDTLS_CIPHER_MODE_CBC */
+#endif /* MBEDTLS_DES_C */
+
+#if defined(MBEDTLS_ARC4_C)
+#if defined(MBEDTLS_MD5_C)
+ { MBEDTLS_TLS_DH_anon_WITH_RC4_128_MD5, "TLS-ANON-DH-WITH-RC4-128-MD5",
+ MBEDTLS_CIPHER_ARC4_128, MBEDTLS_MD_MD5, MBEDTLS_KEY_EXCHANGE_DH_ANON,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_0,
+ MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
+ MBEDTLS_CIPHERSUITE_NODTLS },
+#endif /* MBEDTLS_MD5_C */
+#endif /* MBEDTLS_ARC4_C */
+
+#endif /* MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
+
+
#if defined(MBEDTLS_ENABLE_WEAK_CIPHERSUITES)
#if defined(MBEDTLS_CIPHER_NULL_CIPHER)
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED)
diff -Naur mbedtls/library/ssl_cli.c mbedtls-dh-anon/library/ssl_cli.c
--- mbedtls/library/ssl_cli.c 2018-04-10 11:30:33.767504231 +0200
+++ mbedtls-dh-anon/library/ssl_cli.c 2018-04-10 11:30:05.381258759 +0200
@@ -1934,7 +1934,8 @@
}
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
static int ssl_parse_server_dh_params( mbedtls_ssl_context *ssl, unsigned char **p,
unsigned char *end )
{
@@ -1970,7 +1971,8 @@
return( ret );
}
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+ MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
@@ -2375,10 +2377,12 @@
else
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED ||
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED */
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
if( ssl_parse_server_dh_params( ssl, &p, end ) != 0 )
{
@@ -2390,7 +2394,8 @@
}
else
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+ MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED)
@@ -2781,8 +2786,10 @@
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client key exchange" ) );
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
- if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA )
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
/*
* DHM key exchange -- send G^X mod P
@@ -2819,7 +2826,8 @@
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
}
else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
@@ -3050,7 +3058,8 @@
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
ssl->state++;
@@ -3084,7 +3093,8 @@
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate verify" ) );
ssl->state++;
diff -Naur mbedtls/library/ssl_srv.c mbedtls-dh-anon/library/ssl_srv.c
--- mbedtls/library/ssl_srv.c 2018-04-10 11:30:33.770504257 +0200
+++ mbedtls-dh-anon/library/ssl_srv.c 2018-04-10 11:30:05.384258785 +0200
@@ -2625,7 +2625,8 @@
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
ssl->state++;
@@ -2664,6 +2665,7 @@
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON ||
authmode == MBEDTLS_SSL_VERIFY_NONE )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) );
@@ -3236,7 +3238,8 @@
}
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
- defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
+ defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
static int ssl_parse_client_dh_public( mbedtls_ssl_context *ssl, unsigned char **p,
const unsigned char *end )
{
@@ -3274,7 +3277,8 @@
return( ret );
}
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
- MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
+ MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED)
@@ -3472,8 +3476,10 @@
return( MBEDTLS_ERR_SSL_BAD_HS_CLIENT_KEY_EXCHANGE );
}
-#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED)
- if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA )
+#if defined(MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED) || \
+ defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
+ if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_RSA ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
if( ( ret = ssl_parse_client_dh_public( ssl, &p, end ) ) != 0 )
{
@@ -3500,7 +3506,8 @@
MBEDTLS_SSL_DEBUG_MPI( 3, "DHM: K ", &ssl->handshake->dhm_ctx.K );
}
else
-#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED */
+#endif /* MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED ||
+ MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED) || \
defined(MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED) || \
@@ -3708,7 +3715,8 @@
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_RSA_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
ssl->state++;
@@ -3740,6 +3748,7 @@
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON ||
ssl->session_negotiate->peer_cert == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate verify" ) );
diff -Naur mbedtls/library/ssl_tls.c mbedtls-dh-anon/library/ssl_tls.c
--- mbedtls/library/ssl_tls.c 2018-04-10 11:30:33.775504300 +0200
+++ mbedtls-dh-anon/library/ssl_tls.c 2018-04-10 11:30:05.388258821 +0200
@@ -4214,7 +4214,8 @@
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
ssl->state++;
@@ -4234,7 +4235,8 @@
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
ssl->state++;
@@ -4260,7 +4262,8 @@
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate" ) );
ssl->state++;
@@ -4377,7 +4380,8 @@
if( ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DHE_PSK ||
ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECDHE_PSK ||
- ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE )
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE ||
+ ciphersuite_info->key_exchange == MBEDTLS_KEY_EXCHANGE_DH_ANON )
{
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip parse certificate" ) );
ssl->state++;
@@ -8085,6 +8089,7 @@
case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
+ case MBEDTLS_KEY_EXCHANGE_DH_ANON:
usage = 0;
}
}
diff -Naur mbedtls/library/version_features.c mbedtls-dh-anon/library/version_features.c
--- mbedtls/library/version_features.c 2018-04-10 11:30:33.776504309 +0200
+++ mbedtls-dh-anon/library/version_features.c 2018-04-10 11:30:05.390258838 +0200
@@ -321,6 +321,9 @@
#if defined(MBEDTLS_KEY_EXCHANGE_PSK_ENABLED)
"MBEDTLS_KEY_EXCHANGE_PSK_ENABLED",
#endif /* MBEDTLS_KEY_EXCHANGE_PSK_ENABLED */
+#if defined(MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED)
+ "MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED",
+#endif /* MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED */
#if defined(MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED)
"MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED",
#endif /* MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED */
diff -Naur mbedtls/yotta/data/adjust-config.sh mbedtls-dh-anon/yotta/data/adjust-config.sh
--- mbedtls/yotta/data/adjust-config.sh 2018-04-10 11:30:34.062506763 +0200
+++ mbedtls-dh-anon/yotta/data/adjust-config.sh 2018-04-10 11:30:05.391258847 +0200
@@ -64,6 +64,7 @@
conf unset MBEDTLS_X509_CRT_WRITE_C
conf unset MBEDTLS_X509_CSR_WRITE_C
+conf unset MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED
conf unset MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
conf unset MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
conf unset MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
@zb3
Copy link
Author

zb3 commented Apr 10, 2018

This patch contains no real code, because ADH is an "intersection" of DHE-RSA and DHE-PSK which were already supported

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment