Netty FIPS fixes for cross-signed certs, empty protocol array, SNI caching

Author: JeremiahM37

src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java

@@ -101,6 +101,9 @@ public class WolfSSLEngine extends SSLEngine {
     private int lastSSLConnectRet = WolfSSL.SSL_FAILURE;
     private int lastSSLAcceptRet = WolfSSL.SSL_FAILURE;
 
+    /* SNI mismatch detected during handshake */
+    private boolean sniMismatch = false;
+
     /* closeNotify status when shutting down */
     private boolean closeNotifySent = false;
     private boolean closeNotifyReceived = false;
@@ -1036,6 +1039,11 @@ else if (produced == 0) {
                     () -> "==================================================");
             }
 
+            if (this.sniMismatch) {
+                throw new SSLHandshakeException(
+                    "Unrecognized Server Name");
+            }
+
             return new SSLEngineResult(status, hs, consumed, produced);
 
         } finally {
@@ -1333,6 +1341,13 @@ public synchronized SSLEngineResult unwrap(ByteBuffer in, ByteBuffer[] out,
             inRemaining = in.remaining();
         }
 
+        /* Cache SNI from ClientHello before native handshake consumes
+         * the data. The read callback advances netData position, so
+         * SNI must be parsed here while the buffer is still intact. */
+        if (!this.handshakeFinished) {
+            cacheRequestedServerNamesFromNetData();
+        }
+
         if (extraDebugEnabled) {
             final SSLEngineResult.Status tmpStatus = status;
             WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
@@ -1816,6 +1831,11 @@ else if (!this.handshakeFinished && (ret == 0) &&
                     () -> "==================================================");
             }
 
+            if (this.sniMismatch) {
+                throw new SSLHandshakeException(
+                    "Unrecognized Server Name");
+            }
+
             return new SSLEngineResult(status, hs, consumed, produced);
 
         } catch (SSLException | RuntimeException e) {
@@ -1918,6 +1938,10 @@ else if (this.closeNotifyReceived == true &&
                             (this.nativeWantsToWrite == 0) &&
                             (this.nativeWantsToRead == 0)) {
 
+                            if (!this.getUseClientMode() &&
+                                !this.engineHelper.matchSNI()) {
+                                this.sniMismatch = true;
+                            }
                             this.handshakeFinished = true;
                             hs = SSLEngineResult.HandshakeStatus.FINISHED;
                             this.engineHelper.getSession().updateStoredSessionValues();

src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java

@@ -564,8 +564,8 @@ protected synchronized void setCiphers(String[] suites)
      *
      * @param p String array of SSL/TLS protocols to be enabled
      *
-     * @throws IllegalArgumentException if input array is null,
-     *         has length zero, or contains invalid/unsupported protocols
+     * @throws IllegalArgumentException if input array is null or
+     *         contains invalid/unsupported protocols
      */
     protected synchronized void setProtocols(String[] p)
         throws IllegalArgumentException {
@@ -575,7 +575,9 @@ protected synchronized void setProtocols(String[] p)
         }
 
         if (p.length == 0) {
-            throw new IllegalArgumentException("input array has length zero");
+            /* Empty array is valid, store empty set */
+            this.params.setProtocols(new String[0]);
+            return;
         }
 
         /* sanitize protocol array for unsupported strings */

src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java

@@ -1118,8 +1118,10 @@ public String[] getLocalSupportedSignatureAlgorithms() {
 
     @Override
     public String[] getPeerSupportedSignatureAlgorithms() {
-        /* TODO */
-        return null;
+        /* TODO: Wire to native wolfSSL_get_peer_sigalgs() once
+         * available. Returns String[0] not null because JSSE
+         * callers iterate the result directly. Null causes NPE. */
+        return new String[0];
     }
 
     /**

src/java/com/wolfssl/provider/jsse/WolfSSLServerSocket.java

@@ -235,7 +235,9 @@ synchronized public void setEnabledProtocols(String[] protocols)
         }
 
         if (protocols.length == 0) {
-            throw new IllegalArgumentException("input array has length zero");
+            /* Empty array is valid, store empty set */
+            params.setProtocols(new String[0]);
+            return;
         }
 
         /* sanitize protocol array for unsupported strings */

src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java

@@ -573,10 +573,33 @@ private List<X509Certificate> certManagerVerify(
         ret = cm.CertManagerVerifyBuffer(peer, peer.length,
                 WolfSSL.SSL_FILETYPE_ASN1);
         if (ret != WolfSSL.SSL_SUCCESS) {
-            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
-                () -> "Failed to verify peer certificate");
-            cm.free();
-            throw new CertificateException("Failed to verify peer certificate");
+            /* Native CA lookup by subject hash may return wrong issuer
+             * for cross-signed certs. Find correct one by signature,
+             * reload it, and retry. */
+            X509Certificate issuer = findIssuerBySignature(
+                sortedCerts[0], this.store);
+            if (issuer != null) {
+                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                    () -> "Found issuer by signature for peer: " +
+                    sortedCerts[0].getSubjectX500Principal().getName());
+                try {
+                    cm.CertManagerUnloadCAs();
+                    byte[] issuerEnc = issuer.getEncoded();
+                    cm.CertManagerLoadCABuffer(issuerEnc,
+                        issuerEnc.length, WolfSSL.SSL_FILETYPE_ASN1);
+                } catch (Exception e) {
+                    /* Fall through to failure below */
+                }
+                ret = cm.CertManagerVerifyBuffer(peer, peer.length,
+                    WolfSSL.SSL_FILETYPE_ASN1);
+            }
+            if (ret != WolfSSL.SSL_SUCCESS) {
+                WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,
+                    () -> "Failed to verify peer certificate");
+                cm.free();
+                throw new CertificateException(
+                    "Failed to verify peer certificate");
+            }
         }
 
         WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,

src/test/com/wolfssl/provider/jsse/test/WolfSSLServerSocketTest.java

@@ -413,16 +413,19 @@ public void testGetSetEnabledProtocols()
                 /* expected */
             }
 
-            /* test failure, empty string */
+            String[] savedProtos = s.getEnabledProtocols();
+
+            /* test empty array accepted */
             try {
                 String[] empty = {};
                 s.setEnabledProtocols(empty);
-                System.out.println("\t... failed");
-                fail("setEnabledProtocols() failed");
             } catch (IllegalArgumentException e) {
-                /* expected */
+                System.out.println("\t... failed");
+                fail("setEnabledProtocols() should accept empty");
             }
 
+            s.setEnabledProtocols(savedProtos);
+
             /* test failure, bad value */
             try {
                 String[] badvalue = { "badvalue" };

src/test/com/wolfssl/provider/jsse/test/WolfSSLSocketTest.java

@@ -474,16 +474,19 @@ public void testGetSetEnabledProtocols()
                 /* expected */
             }
 
-            /* test failure, empty string */
+            String[] savedProtos = s.getEnabledProtocols();
+
+            /* test empty array accepted */
             try {
                 String[] empty = {};
                 s.setEnabledProtocols(empty);
-                System.out.println("\t\t... failed");
-                fail("SSLSocket.setEnabledProtocols() failed");
             } catch (IllegalArgumentException e) {
-                /* expected */
+                System.out.println("\t\t... failed");
+                fail("SSLSocket.setEnabledProtocols() should accept empty");
             }
 
+            s.setEnabledProtocols(savedProtos);
+
             /* test failure, bad value */
             try {
                 String[] badvalue = { "badvalue" };