Allow TLS PSK without server certificate #2083
Open
+8
−22
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WillChilds-Klein
changed the title
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2083 +/- ##
==========================================
- Coverage 78.75% 78.74% -0.01%
==========================================
Files 598 598
Lines 103650 103652 +2
Branches 14718 14719 +1
==========================================
- Hits 81633 81625 -8
- Misses 21366 21372 +6
- Partials 651 655 +4 ☔ View full report in Codecov by Sentry. |
WillChilds-Klein
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
While we currently support TLS pre-shared keys (PSKs) for TLS 1.2, our
python integration tests have shown that we don't currently support TLS 1.2
PSKs on the server side unless a certificate has been configured. PSKs can be
used for both secret establishment and authentication, so there likely exist
legitimate use-cases for establishing PSK connections without certificates.
CPython's integration tests expect this behavior.
This gap appears to be incidental, not intentional. Unrelated OCSP work
introduced a requirement that a valid certificate public key is loaded on the
server before we sort out handshake parameters. If that load fails, the
hanshake is aborted before PSK can be negotiated for secret establishment. To
fix this, we simply check whether the server has a PSK callback enabled, and
allow the certificate loading to fail if so. We also handle the potential
nullity of the public key.
Call-outs:
This PR only applies to TLSv1.2 PSK. TLSv1.3 moved PSK negotiation earlier in
the handshake to client/server hello's, so does utilize this code path.
Currently, we only support TLSv1.3 PSK for session resumption, _not "pure" PSK
used for initial shared secret establishment. I have a branch where I'm
implementing this, but it's non-trivial.
We won't be able to delete the TLSv1.3 PSK python test patch until we implement
"pure" TLSv1.3 PSK.
Testing:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.