summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2016-02-03 17:29:12 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2016-02-03 17:29:12 +0700
commit651ac04de1249a97a63c3b54ada4ba468aca9787 (patch)
tree8e1eb82b52f9093aa896bb0266d11627bcf96697
parentAdd various ExtensionType values (diff)
downloadBouncyCastle.NET-ed25519-651ac04de1249a97a63c3b54ada4ba468aca9787.tar.xz
Implement RFC 7685 in TLS
-rw-r--r--crypto/Readme.html9
-rw-r--r--crypto/src/crypto/tls/AbstractTlsClient.cs5
-rw-r--r--crypto/src/crypto/tls/DtlsServerProtocol.cs3
-rw-r--r--crypto/src/crypto/tls/TlsExtensionsUtilities.cs34
-rw-r--r--crypto/src/crypto/tls/TlsServerProtocol.cs3
-rw-r--r--crypto/test/src/crypto/tls/test/MockDtlsClient.cs1
-rw-r--r--crypto/test/src/crypto/tls/test/MockTlsClient.cs1
7 files changed, 56 insertions, 0 deletions
diff --git a/crypto/Readme.html b/crypto/Readme.html
index d5cda3032..674e775d1 100644
--- a/crypto/Readme.html
+++ b/crypto/Readme.html
@@ -31,6 +31,8 @@
 				<a href="#mozTocId3413">Notes:</a>
 		<ol>
             <li>
+                <a href="#mozTocId85316">Release 1.8.2</a>
+            <li>
                 <a href="#mozTocId85315">Release 1.8.1</a>
             <li>
                 <a href="#mozTocId85314">Release 1.8.0</a>
@@ -290,6 +292,13 @@ We state, where EC MQV has not otherwise been disabled or removed:
 		<hr style="WIDTH: 100%; HEIGHT: 2px">
 		<h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>
 
+        <h4><a class="mozTocH4" name="mozTocId85316"></a>Release 1.8.2, Release Date TBD</h4>
+
+        <h5>Additional Features and Functionality</h5>
+        <ul>
+            <li>TLS: support for ClientHello Padding Extension (RFC 7685).</li>
+        </ul>
+
         <h4><a class="mozTocH4" name="mozTocId85315"></a>Release 1.8.1, Monday December 28, 2015</h4>
 
         <h5>Security Advisory</h5>
diff --git a/crypto/src/crypto/tls/AbstractTlsClient.cs b/crypto/src/crypto/tls/AbstractTlsClient.cs
index ee7a93803..be4702e5e 100644
--- a/crypto/src/crypto/tls/AbstractTlsClient.cs
+++ b/crypto/src/crypto/tls/AbstractTlsClient.cs
@@ -198,6 +198,11 @@ namespace Org.BouncyCastle.Crypto.Tls
                 {
                     CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.ec_point_formats);
                 }
+
+                /*
+                 * RFC 7685 3. The server MUST NOT echo the extension.
+                 */
+                CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.padding);
             }
         }
 
diff --git a/crypto/src/crypto/tls/DtlsServerProtocol.cs b/crypto/src/crypto/tls/DtlsServerProtocol.cs
index 171984b6f..d05af193c 100644
--- a/crypto/src/crypto/tls/DtlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/DtlsServerProtocol.cs
@@ -618,6 +618,9 @@ namespace Org.BouncyCastle.Crypto.Tls
 
             if (state.clientExtensions != null)
             {
+                // NOTE: Validates the padding extension data, if present
+                TlsExtensionsUtilities.GetPaddingExtension(state.clientExtensions);
+
                 state.server.ProcessClientExtensions(state.clientExtensions);
             }
         }
diff --git a/crypto/src/crypto/tls/TlsExtensionsUtilities.cs b/crypto/src/crypto/tls/TlsExtensionsUtilities.cs
index 46851b66c..7f6a26ef2 100644
--- a/crypto/src/crypto/tls/TlsExtensionsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsExtensionsUtilities.cs
@@ -36,6 +36,12 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static void AddPaddingExtension(IDictionary extensions, int dataLength)
+        {
+            extensions[ExtensionType.padding] = CreatePaddingExtension(dataLength);
+        }
+
+        /// <exception cref="IOException"></exception>
         public static void AddServerNameExtension(IDictionary extensions, ServerNameList serverNameList)
         {
             extensions[ExtensionType.server_name] = CreateServerNameExtension(serverNameList);
@@ -67,6 +73,13 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static int GetPaddingExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.padding);
+            return extensionData == null ? -1 : ReadPaddingExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
         public static ServerNameList GetServerNameExtension(IDictionary extensions)
         {
             byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name);
@@ -136,6 +149,13 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static byte[] CreatePaddingExtension(int dataLength)
+        {
+            TlsUtilities.CheckUint16(dataLength);
+            return new byte[dataLength];
+        }
+
+        /// <exception cref="IOException"></exception>
         public static byte[] CreateServerNameExtension(ServerNameList serverNameList)
         {
             if (serverNameList == null)
@@ -220,6 +240,20 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static int ReadPaddingExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            for (int i = 0; i < extensionData.Length; ++i)
+            {
+                if (extensionData[i] != 0)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            return extensionData.Length;
+        }
+
+        /// <exception cref="IOException"></exception>
         public static ServerNameList ReadServerNameExtension(byte[] extensionData)
         {
             if (extensionData == null)
diff --git a/crypto/src/crypto/tls/TlsServerProtocol.cs b/crypto/src/crypto/tls/TlsServerProtocol.cs
index 1b790c9e0..38f2befea 100644
--- a/crypto/src/crypto/tls/TlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/TlsServerProtocol.cs
@@ -612,6 +612,9 @@ namespace Org.BouncyCastle.Crypto.Tls
 
             if (mClientExtensions != null)
             {
+                // NOTE: Validates the padding extension data, if present
+                TlsExtensionsUtilities.GetPaddingExtension(mClientExtensions);
+
                 mTlsServer.ProcessClientExtensions(mClientExtensions);
             }
         }
diff --git a/crypto/test/src/crypto/tls/test/MockDtlsClient.cs b/crypto/test/src/crypto/tls/test/MockDtlsClient.cs
index e87617e30..8d76c97b2 100644
--- a/crypto/test/src/crypto/tls/test/MockDtlsClient.cs
+++ b/crypto/test/src/crypto/tls/test/MockDtlsClient.cs
@@ -74,6 +74,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
                  * NOTE: If you are copying test code, do not blindly set these extensions in your own client.
                  */
                 TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
+                TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, mContext.SecureRandom.Next(16));
                 TlsExtensionsUtilities.AddTruncatedHMacExtension(clientExtensions);
             }
             return clientExtensions;
diff --git a/crypto/test/src/crypto/tls/test/MockTlsClient.cs b/crypto/test/src/crypto/tls/test/MockTlsClient.cs
index 747369da2..d8deabf96 100644
--- a/crypto/test/src/crypto/tls/test/MockTlsClient.cs
+++ b/crypto/test/src/crypto/tls/test/MockTlsClient.cs
@@ -64,6 +64,7 @@ namespace Org.BouncyCastle.Crypto.Tls.Tests
                  * NOTE: If you are copying test code, do not blindly set these extensions in your own client.
                  */
                 TlsExtensionsUtilities.AddMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
+                TlsExtensionsUtilities.AddPaddingExtension(clientExtensions, mContext.SecureRandom.Next(16));
                 TlsExtensionsUtilities.AddTruncatedHMacExtension(clientExtensions);
             }
             return clientExtensions;