Merge pull request #109 from bosch-io/fix_processing_of_duplicates

dtls.c: Check for optional handshake messages
eclipse · Dec 8, 2021 · dd62e91 · dd62e91
2 parents 36bc694 + 40d863c
commit dd62e91
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 4 deletions.
diff --git a/dtls.c b/dtls.c
@@ -3440,6 +3440,7 @@ dtls_renegotiate(dtls_context_t *ctx, const session_t *dst)
 
  peer->handshake_params->hs_state.mseq_r = 0;
  peer->handshake_params->hs_state.mseq_s = 0;
+ peer->optional_handshake_message = DTLS_HT_NO_OPTIONAL_MESSAGE;
 
  if (peer->role == DTLS_CLIENT) {
  /* send ClientHello with empty Cookie */
@@ -3553,8 +3554,10 @@ handle_handshake_msg(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t
  }
  if (is_tls_ecdhe_ecdsa_with_aes_128_ccm_8(peer->handshake_params->cipher))
  peer->state = DTLS_STATE_WAIT_SERVERCERTIFICATE;
- else
+ else {
+ peer->optional_handshake_message = DTLS_HT_SERVER_KEY_EXCHANGE;
  peer->state = DTLS_STATE_WAIT_SERVERHELLODONE;
+ }
  /* update_hs_hash(peer, data, data_length); */
 
  break;
@@ -3588,14 +3591,16 @@ handle_handshake_msg(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t
  if (state != DTLS_STATE_WAIT_SERVERKEYEXCHANGE) {
  return dtls_alert_fatal_create(DTLS_ALERT_UNEXPECTED_MESSAGE);
  }
+ peer->optional_handshake_message = DTLS_HT_CERTIFICATE_REQUEST;
  err = check_server_key_exchange_ecdsa(ctx, peer, data, data_length);
  }
 #endif /* DTLS_ECC */
 #ifdef DTLS_PSK
  if (is_tls_psk_with_aes_128_ccm_8(peer->handshake_params->cipher)) {
- if (state != DTLS_STATE_WAIT_SERVERHELLODONE) {
+ if (state != DTLS_STATE_WAIT_SERVERHELLODONE || peer->optional_handshake_message != DTLS_HT_SERVER_KEY_EXCHANGE) {
  return dtls_alert_fatal_create(DTLS_ALERT_UNEXPECTED_MESSAGE);
  }
+ peer->optional_handshake_message = DTLS_HT_NO_OPTIONAL_MESSAGE;
  err = check_server_key_exchange_psk(ctx, peer, data, data_length);
  }
 #endif /* DTLS_PSK */
@@ -3628,10 +3633,12 @@ handle_handshake_msg(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t
 #ifdef DTLS_ECC
  case DTLS_HT_CERTIFICATE_REQUEST:
 
- if (state != DTLS_STATE_WAIT_SERVERHELLODONE) {
+ if (state != DTLS_STATE_WAIT_SERVERHELLODONE ||
+ peer->optional_handshake_message != DTLS_HT_CERTIFICATE_REQUEST ||
+ !is_tls_ecdhe_ecdsa_with_aes_128_ccm_8(peer->handshake_params->cipher)) {
  return dtls_alert_fatal_create(DTLS_ALERT_UNEXPECTED_MESSAGE);
  }
-
+ peer->optional_handshake_message = DTLS_HT_NO_OPTIONAL_MESSAGE;
  err = check_certificate_request(ctx, peer, data, data_length);
  if (err < 0) {
  dtls_warn("error in check_certificate_request err: %i\n", err);
@@ -3784,6 +3791,7 @@ handle_handshake_msg(dtls_context_t *ctx, dtls_peer_t *peer, uint8 *data, size_t
  return err;
  }
  peer->state = DTLS_STATE_CLIENTHELLO;
+ peer->optional_handshake_message = DTLS_HT_NO_OPTIONAL_MESSAGE;
  break;
 
  default:

diff --git a/dtls.h b/dtls.h
@@ -348,6 +348,11 @@ typedef struct __attribute__((__packed__)) {
 #define DTLS_HT_CLIENT_KEY_EXCHANGE 16
 #define DTLS_HT_FINISHED 20
 
+/**
+ * Pseudo handshake message type, if no optional handshake message is expected.
+ */
+#define DTLS_HT_NO_OPTIONAL_MESSAGE -1
+
 /** Header structure for the DTLS handshake protocol. */
 typedef struct __attribute__((__packed__)) {
  uint8 msg_type; /**< Type of handshake message (one of DTLS_HT_) */

diff --git a/peer.h b/peer.h
@@ -52,6 +52,7 @@ typedef struct dtls_peer_t {
 
  dtls_peer_type role; /**< denotes if this host is DTLS_CLIENT or DTLS_SERVER */
  dtls_state_t state; /**< DTLS engine state */
+ int16_t optional_handshake_message; /**< optional next handshake message, DTLS_HT_NO_OPTIONAL_MESSAGE, if no optional message is expected. */
 
  dtls_security_parameters_t *security_params[2];
  dtls_handshake_parameters_t *handshake_params;