Remove peer CRT from mbedtls_ssl_session if !KEEP_PEER_CERT
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 5df5eb1..0e5c1fe 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@@ -851,14 +851,15 @@
unsigned char master[48]; /*!< the master secret */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_x509_crt *peer_cert; /*!< peer X.509 cert chain */
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
/*! The digest of the peer's end-CRT. This must be kept to detect CRT
* changes during renegotiation, mitigating the triple handshake attack. */
unsigned char *peer_cert_digest;
size_t peer_cert_digest_len;
mbedtls_md_type_t peer_cert_digest_type;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif /* MBEDTLS_X509_CRT_PARSE_C */
uint32_t verify_result; /*!< verification result */
diff --git a/include/mbedtls/ssl_cache.h b/include/mbedtls/ssl_cache.h
index 52ba094..84254d3 100644
--- a/include/mbedtls/ssl_cache.h
+++ b/include/mbedtls/ssl_cache.h
@@ -70,7 +70,8 @@
mbedtls_time_t timestamp; /*!< entry timestamp */
#endif
mbedtls_ssl_session session; /*!< entry session */
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_x509_buf peer_cert; /*!< entry peer_cert */
#endif
mbedtls_ssl_cache_entry *next; /*!< chain pointer */
diff --git a/library/ssl_cache.c b/library/ssl_cache.c
index f542594..62a0a29 100644
--- a/library/ssl_cache.c
+++ b/library/ssl_cache.c
@@ -100,7 +100,8 @@
goto exit;
}
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/*
* Restore peer certificate (without rest of the original chain)
*/
@@ -127,7 +128,7 @@
goto exit;
}
}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
ret = 0;
goto exit;
@@ -247,7 +248,8 @@
#endif
}
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/*
* If we're reusing an entry, free its certificate first
*/
@@ -256,7 +258,7 @@
mbedtls_free( cur->peer_cert.p );
memset( &cur->peer_cert, 0, sizeof(mbedtls_x509_buf) );
}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
/* Copy the entire session; this temporarily makes a copy of the
* X.509 CRT structure even though we only want to store the raw CRT.
@@ -270,7 +272,8 @@
goto exit;
}
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/* If present, free the X.509 structure and only store the raw CRT data. */
if( cur->session.peer_cert != NULL )
{
@@ -291,7 +294,7 @@
mbedtls_free( cur->session.peer_cert );
cur->session.peer_cert = NULL;
}
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
ret = 0;
@@ -333,9 +336,10 @@
mbedtls_ssl_session_free( &prv->session );
-#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
+ defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
mbedtls_free( prv->peer_cert.p );
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif /* MBEDTLS_X509_CRT_PARSE_C && MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
mbedtls_free( prv );
}
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 5e39579..63b79a6 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -9104,8 +9104,10 @@
uint64_t start;
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
size_t cert_len;
#endif
+#endif
/*
* Add version identifier
@@ -9175,6 +9177,7 @@
* Peer's end-entity certificate
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
if( session->peer_cert == NULL )
cert_len = 0;
else
@@ -9195,8 +9198,8 @@
}
}
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
/* Digest of peer certificate */
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
if( session->peer_cert_digest != NULL )
{
used += 1 /* type */ + 1 /* length */ + session->peer_cert_digest_len;
@@ -9295,8 +9298,10 @@
uint64_t start;
#endif
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
size_t cert_len;
-#endif /* MBEDTLS_X509_CRT_PARSE_C */
+#endif
+#endif
/*
* Check version identifier
@@ -9359,10 +9364,11 @@
/* Immediately clear invalid pointer values that have been read, in case
* we exit early before we replaced them with valid ones. */
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
session->peer_cert = NULL;
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+#else
session->peer_cert_digest = NULL;
-#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
+#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
#endif
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
session->ticket = NULL;
@@ -9372,6 +9378,7 @@
* Peer certificate
*/
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
if( 3 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
@@ -9407,8 +9414,7 @@
p += cert_len;
}
-
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+#else /* defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
/* Deserialize CRT digest from the end of the ticket. */
if( 2 > (size_t)( end - p ) )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
diff --git a/tests/suites/test_suite_ssl.function b/tests/suites/test_suite_ssl.function
index 77a6afb..b59c204 100644
--- a/tests/suites/test_suite_ssl.function
+++ b/tests/suites/test_suite_ssl.function
@@ -311,14 +311,14 @@
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
session->peer_cert_digest_len =
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
-#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
-
+#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
/* Move temporary CRT. */
session->peer_cert = mbedtls_calloc( 1, sizeof( *session->peer_cert ) );
if( session->peer_cert == NULL )
return( -1 );
*session->peer_cert = tmp_crt;
memset( &tmp_crt, 0, sizeof( tmp_crt ) );
+#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
mbedtls_x509_crt_free( &tmp_crt );
}
@@ -706,6 +706,7 @@
restored.master, sizeof( original.master ) ) == 0 );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
+#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
TEST_ASSERT( ( original.peer_cert == NULL ) ==
( restored.peer_cert == NULL ) );
if( original.peer_cert != NULL )
@@ -716,7 +717,7 @@
restored.peer_cert->raw.p,
original.peer_cert->raw.len ) == 0 );
}
-#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
+#else /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
TEST_ASSERT( original.peer_cert_digest_type ==
restored.peer_cert_digest_type );
TEST_ASSERT( original.peer_cert_digest_len ==