Check server selected cipher suite indicating a Hash associated with the PSK Signed-off-by: Xiaokang Qian <xiaokang.qian@arm.com>

commit: f10f47498187e62e2f272f8393fa5766828942f3 [log] [tgz]
author: Xiaokang Qian <xiaokang.qian@arm.com> Fri Jan 06 03:43:56 2023 +0000
committer: Xiaokang Qian <xiaokang.qian@arm.com> Wed Feb 08 05:47:47 2023 +0000
tree: 10861354b362c7cd75791f46f24d069a1c66b2ad
parent: 592021aceb44f15755ea3c4a10c44aa70ff08578 [diff]
diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h
index 8bc8fd0..086f980 100644
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h

@@ -1180,6 +1180,7 @@
     mbedtls_time_t MBEDTLS_PRIVATE(start);       /*!< starting time      */
 #endif
     int MBEDTLS_PRIVATE(ciphersuite);            /*!< chosen ciphersuite */
+    int MBEDTLS_PRIVATE(res_ciphersuite);        /*!< resumption ciphersuite */
     size_t MBEDTLS_PRIVATE(id_len);              /*!< session id length  */
     unsigned char MBEDTLS_PRIVATE(id)[32];       /*!< session identifier */
     unsigned char MBEDTLS_PRIVATE(master)[48];   /*!< the master secret  */

diff --git a/library/ssl_tls13_client.c b/library/ssl_tls13_client.c
index 57843a5..fb94a89 100644
--- a/library/ssl_tls13_client.c
+++ b/library/ssl_tls13_client.c

@@ -1106,12 +1106,30 @@
     }
 
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
+    if (ssl->session_negotiate->res_ciphersuite !=
+        ssl->session_negotiate->ciphersuite) {
+        MBEDTLS_SSL_DEBUG_MSG(
+            1, ("Invalid ciphersuite for session ticket psk."));
+
+        MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
+                                     MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
+        return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
+    }
     if (selected_identity == 0 && ssl_tls13_has_configured_ticket(ssl)) {
         ret = ssl_tls13_ticket_get_psk(ssl, &hash_alg, &psk, &psk_len);
     } else
 #endif
     if (mbedtls_ssl_conf_has_static_psk(ssl->conf)) {
         ret = ssl_tls13_psk_get_psk(ssl, &hash_alg, &psk, &psk_len);
+        if (ssl_tls13_get_ciphersuite_hash_alg(
+                ssl->session_negotiate->ciphersuite) != hash_alg) {
+            MBEDTLS_SSL_DEBUG_MSG(
+                1, ("Invalid ciphersuite for external psk."));
+
+            MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ILLEGAL_PARAMETER,
+                                         MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER);
+            return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
+        }
     } else {
         MBEDTLS_SSL_DEBUG_MSG(1, ("should never happen"));
         return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
@@ -1683,6 +1701,8 @@
     mbedtls_ssl_optimize_checksum(ssl, ciphersuite_info);
 
     handshake->ciphersuite_info = ciphersuite_info;
+    ssl->session_negotiate->res_ciphersuite =
+        ssl->session_negotiate->ciphersuite;
     ssl->session_negotiate->ciphersuite = cipher_suite;
 
     MBEDTLS_SSL_DEBUG_MSG(3, ("server hello, chosen ciphersuite: ( %04x ) - %s",
commit	f10f47498187e62e2f272f8393fa5766828942f3	[log] [tgz]
author	Xiaokang Qian <xiaokang.qian@arm.com>	Fri Jan 06 03:43:56 2023 +0000
committer	Xiaokang Qian <xiaokang.qian@arm.com>	Wed Feb 08 05:47:47 2023 +0000
tree	10861354b362c7cd75791f46f24d069a1c66b2ad
parent	592021aceb44f15755ea3c4a10c44aa70ff08578 [diff]