Implement RFC 7685 in TLS

author: Peter Dettman <peter.dettman@bouncycastle.org> 2016-02-03 17:29:12 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2016-02-03 17:29:12 +0700
commit: 651ac04de1249a97a63c3b54ada4ba468aca9787 (patch)
tree: 8e1eb82b52f9093aa896bb0266d11627bcf96697 /crypto/src
parent: Add various ExtensionType values (diff)
download: BouncyCastle.NET-ed25519-651ac04de1249a97a63c3b54ada4ba468aca9787.tar.xz
4 files changed, 45 insertions, 0 deletions
diff --git a/crypto/src/crypto/tls/AbstractTlsClient.cs b/crypto/src/crypto/tls/AbstractTlsClient.cs
index ee7a93803..be4702e5e 100644
--- a/crypto/src/crypto/tls/AbstractTlsClient.cs
+++ b/crypto/src/crypto/tls/AbstractTlsClient.cs
@@ -198,6 +198,11 @@ namespace Org.BouncyCastle.Crypto.Tls
                 {
                     CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.ec_point_formats);
                 }
+
+                /*
+                 * RFC 7685 3. The server MUST NOT echo the extension.
+                 */
+                CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.padding);
             }
         }
 
diff --git a/crypto/src/crypto/tls/DtlsServerProtocol.cs b/crypto/src/crypto/tls/DtlsServerProtocol.cs
index 171984b6f..d05af193c 100644
--- a/crypto/src/crypto/tls/DtlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/DtlsServerProtocol.cs
@@ -618,6 +618,9 @@ namespace Org.BouncyCastle.Crypto.Tls
 
             if (state.clientExtensions != null)
             {
+                // NOTE: Validates the padding extension data, if present
+                TlsExtensionsUtilities.GetPaddingExtension(state.clientExtensions);
+
                 state.server.ProcessClientExtensions(state.clientExtensions);
             }
         }
diff --git a/crypto/src/crypto/tls/TlsExtensionsUtilities.cs b/crypto/src/crypto/tls/TlsExtensionsUtilities.cs
index 46851b66c..7f6a26ef2 100644
--- a/crypto/src/crypto/tls/TlsExtensionsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsExtensionsUtilities.cs
@@ -36,6 +36,12 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static void AddPaddingExtension(IDictionary extensions, int dataLength)
+        {
+            extensions[ExtensionType.padding] = CreatePaddingExtension(dataLength);
+        }
+
+        /// <exception cref="IOException"></exception>
         public static void AddServerNameExtension(IDictionary extensions, ServerNameList serverNameList)
         {
             extensions[ExtensionType.server_name] = CreateServerNameExtension(serverNameList);
@@ -67,6 +73,13 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static int GetPaddingExtension(IDictionary extensions)
+        {
+            byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.padding);
+            return extensionData == null ? -1 : ReadPaddingExtension(extensionData);
+        }
+
+        /// <exception cref="IOException"></exception>
         public static ServerNameList GetServerNameExtension(IDictionary extensions)
         {
             byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name);
@@ -136,6 +149,13 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static byte[] CreatePaddingExtension(int dataLength)
+        {
+            TlsUtilities.CheckUint16(dataLength);
+            return new byte[dataLength];
+        }
+
+        /// <exception cref="IOException"></exception>
         public static byte[] CreateServerNameExtension(ServerNameList serverNameList)
         {
             if (serverNameList == null)
@@ -220,6 +240,20 @@ namespace Org.BouncyCastle.Crypto.Tls
         }
 
         /// <exception cref="IOException"></exception>
+        public static int ReadPaddingExtension(byte[] extensionData)
+        {
+            if (extensionData == null)
+                throw new ArgumentNullException("extensionData");
+
+            for (int i = 0; i < extensionData.Length; ++i)
+            {
+                if (extensionData[i] != 0)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            return extensionData.Length;
+        }
+
+        /// <exception cref="IOException"></exception>
         public static ServerNameList ReadServerNameExtension(byte[] extensionData)
         {
             if (extensionData == null)
diff --git a/crypto/src/crypto/tls/TlsServerProtocol.cs b/crypto/src/crypto/tls/TlsServerProtocol.cs
index 1b790c9e0..38f2befea 100644
--- a/crypto/src/crypto/tls/TlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/TlsServerProtocol.cs
@@ -612,6 +612,9 @@ namespace Org.BouncyCastle.Crypto.Tls
 
             if (mClientExtensions != null)
             {
+                // NOTE: Validates the padding extension data, if present
+                TlsExtensionsUtilities.GetPaddingExtension(mClientExtensions);
+
                 mTlsServer.ProcessClientExtensions(mClientExtensions);
             }
         }
author	Peter Dettman <peter.dettman@bouncycastle.org>	2016-02-03 17:29:12 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2016-02-03 17:29:12 +0700
commit	651ac04de1249a97a63c3b54ada4ba468aca9787 (patch)
tree	8e1eb82b52f9093aa896bb0266d11627bcf96697 /crypto/src
parent	Add various ExtensionType values (diff)
download	BouncyCastle.NET-ed25519-651ac04de1249a97a63c3b54ada4ba468aca9787.tar.xz