summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjsing <>2019-01-20 12:27:34 +0000
committerjsing <>2019-01-20 12:27:34 +0000
commit07fa764110a3015e1b1989f5fbbfc7a9c9f2d7ed (patch)
tree9054e9c1118082810aad468b78284ac211daca04
parent6947e0798044d26df9dfe0d3ce65dad70bc36d2a (diff)
downloadopenbsd-07fa764110a3015e1b1989f5fbbfc7a9c9f2d7ed.tar.gz
openbsd-07fa764110a3015e1b1989f5fbbfc7a9c9f2d7ed.tar.bz2
openbsd-07fa764110a3015e1b1989f5fbbfc7a9c9f2d7ed.zip
Provide a handshake message handling implementation for TLS 1.3.
It receives handshake messages by reading and parsing data from the record layer. It also provides support for building and sending handshake messages. ok tb@
Diffstat (limited to '')
-rw-r--r--src/lib/libssl/Makefile3
-rw-r--r--src/lib/libssl/tls13_handshake_msg.c188
-rw-r--r--src/lib/libssl/tls13_internal.h25
3 files changed, 213 insertions, 3 deletions
diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile
index d23aaa7249..12cfd3d4f0 100644
--- a/src/lib/libssl/Makefile
+++ b/src/lib/libssl/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.49 2019/01/20 10:31:54 jsing Exp $ 1# $OpenBSD: Makefile,v 1.50 2019/01/20 12:27:34 jsing Exp $
2 2
3.include <bsd.own.mk> 3.include <bsd.own.mk>
4.ifndef NOMAN 4.ifndef NOMAN
@@ -63,6 +63,7 @@ SRCS= \
63 t1_lib.c \ 63 t1_lib.c \
64 tls13_buffer.c \ 64 tls13_buffer.c \
65 tls13_handshake.c \ 65 tls13_handshake.c \
66 tls13_handshake_msg.c \
66 tls13_key_schedule.c \ 67 tls13_key_schedule.c \
67 tls13_record.c \ 68 tls13_record.c \
68 tls13_record_layer.c 69 tls13_record_layer.c
diff --git a/src/lib/libssl/tls13_handshake_msg.c b/src/lib/libssl/tls13_handshake_msg.c
new file mode 100644
index 0000000000..f85271a537
--- /dev/null
+++ b/src/lib/libssl/tls13_handshake_msg.c
@@ -0,0 +1,188 @@
1/* $OpenBSD: tls13_handshake_msg.c,v 1.1 2019/01/20 12:27:34 jsing Exp $ */
2/*
3 * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include "bytestring.h"
19#include "ssl_locl.h"
20#include "tls13_internal.h"
21
22#define TLS13_HANDSHAKE_MSG_HEADER_LEN 4
23#define TLS13_HANDSHAKE_MSG_INITIAL_LEN 256
24#define TLS13_HANDSHAKE_MSG_MAX_LEN (256 * 1024)
25
26struct tls13_handshake_msg {
27 uint8_t msg_type;
28 uint32_t msg_len;
29 uint8_t *data;
30 size_t data_len;
31
32 struct tls13_buffer *buf;
33 CBS cbs;
34 CBB cbb;
35};
36
37struct tls13_handshake_msg *
38tls13_handshake_msg_new()
39{
40 struct tls13_handshake_msg *msg = NULL;
41
42 if ((msg = calloc(1, sizeof(struct tls13_handshake_msg))) == NULL)
43 goto err;
44 if ((msg->buf = tls13_buffer_new(0)) == NULL)
45 goto err;
46
47 return msg;
48
49 err:
50 tls13_handshake_msg_free(msg);
51
52 return NULL;
53}
54
55void
56tls13_handshake_msg_free(struct tls13_handshake_msg *msg)
57{
58 if (msg == NULL)
59 return;
60
61 tls13_buffer_free(msg->buf);
62
63 CBB_cleanup(&msg->cbb);
64
65 freezero(msg->data, msg->data_len);
66 freezero(msg, sizeof(struct tls13_handshake_msg));
67}
68
69void
70tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs)
71{
72 CBS_init(cbs, msg->data, msg->data_len);
73}
74
75uint8_t
76tls13_handshake_msg_type(struct tls13_handshake_msg *msg)
77{
78 return msg->msg_type;
79}
80
81int
82tls13_handshake_msg_content(struct tls13_handshake_msg *msg, CBS *cbs)
83{
84 tls13_handshake_msg_data(msg, cbs);
85
86 return CBS_skip(cbs, TLS13_HANDSHAKE_MSG_HEADER_LEN);
87}
88
89int
90tls13_handshake_msg_start(struct tls13_handshake_msg *msg, CBB *body,
91 uint8_t msg_type)
92{
93 if (!CBB_init(&msg->cbb, TLS13_HANDSHAKE_MSG_INITIAL_LEN))
94 return 0;
95 if (!CBB_add_u8(&msg->cbb, msg_type))
96 return 0;
97 if (!CBB_add_u24_length_prefixed(&msg->cbb, body))
98 return 0;
99
100 return 1;
101}
102
103int
104tls13_handshake_msg_finish(struct tls13_handshake_msg *msg)
105{
106 if (!CBB_finish(&msg->cbb, &msg->data, &msg->data_len))
107 return 0;
108
109 CBS_init(&msg->cbs, msg->data, msg->data_len);
110
111 return 1;
112}
113
114static ssize_t
115tls13_handshake_msg_read_cb(void *buf, size_t n, void *cb_arg)
116{
117 struct tls13_record_layer *rl = cb_arg;
118
119 return tls13_read_handshake_data(rl, buf, n);
120}
121
122int
123tls13_handshake_msg_recv(struct tls13_handshake_msg *msg,
124 struct tls13_record_layer *rl)
125{
126 uint8_t msg_type;
127 uint32_t msg_len;
128 CBS cbs;
129 int ret;
130
131 if (msg->data != NULL)
132 return TLS13_IO_FAILURE;
133
134 if (msg->msg_type == 0) {
135 if ((ret = tls13_buffer_extend(msg->buf,
136 TLS13_HANDSHAKE_MSG_HEADER_LEN,
137 tls13_handshake_msg_read_cb, rl)) <= 0)
138 return ret;
139
140 tls13_buffer_cbs(msg->buf, &cbs);
141
142 if (!CBS_get_u8(&cbs, &msg_type))
143 return TLS13_IO_FAILURE;
144 if (!CBS_get_u24(&cbs, &msg_len))
145 return TLS13_IO_FAILURE;
146
147 /* XXX - do we want to make this variable on message type? */
148 if (msg_len > TLS13_HANDSHAKE_MSG_MAX_LEN)
149 return TLS13_IO_FAILURE;
150
151 msg->msg_type = msg_type;
152 msg->msg_len = msg_len;
153 }
154
155 if ((ret = tls13_buffer_extend(msg->buf,
156 TLS13_HANDSHAKE_MSG_HEADER_LEN + msg->msg_len,
157 tls13_handshake_msg_read_cb, rl)) <= 0)
158 return ret;
159
160 if (!tls13_buffer_finish(msg->buf, &msg->data, &msg->data_len))
161 return TLS13_IO_FAILURE;
162
163 return TLS13_IO_SUCCESS;
164}
165
166int
167tls13_handshake_msg_send(struct tls13_handshake_msg *msg,
168 struct tls13_record_layer *rl)
169{
170 ssize_t ret;
171
172 if (msg->data == NULL)
173 return TLS13_IO_FAILURE;
174
175 if (CBS_len(&msg->cbs) == 0)
176 return TLS13_IO_FAILURE;
177
178 while (CBS_len(&msg->cbs) > 0) {
179 if ((ret = tls13_write_handshake_data(rl, CBS_data(&msg->cbs),
180 CBS_len(&msg->cbs))) <= 0)
181 return ret;
182
183 if (!CBS_skip(&msg->cbs, ret))
184 return TLS13_IO_FAILURE;
185 }
186
187 return TLS13_IO_SUCCESS;
188}
diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h
index 496627c0cd..6b85cfdab9 100644
--- a/src/lib/libssl/tls13_internal.h
+++ b/src/lib/libssl/tls13_internal.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_internal.h,v 1.9 2019/01/20 10:31:54 jsing Exp $ */ 1/* $OpenBSD: tls13_internal.h,v 1.10 2019/01/20 12:27:34 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018 Bob Beck <beck@openbsd.org>
4 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2018 Theo Buehler <tb@openbsd.org>
@@ -97,6 +97,9 @@ int tls13_derive_application_secrets(struct tls13_secrets *secrets,
97 97
98struct tls13_ctx; 98struct tls13_ctx;
99 99
100/*
101 * Record Layer.
102 */
100struct tls13_record_layer; 103struct tls13_record_layer;
101 104
102struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read, 105struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read,
@@ -119,7 +122,25 @@ ssize_t tls13_write_application_data(struct tls13_record_layer *rl, const uint8_
119 size_t n); 122 size_t n);
120 123
121/* 124/*
122 * RFC 8446, Section B.3 125 * Handshake Messages.
126 */
127struct tls13_handshake_msg;
128
129struct tls13_handshake_msg *tls13_handshake_msg_new(void);
130void tls13_handshake_msg_free(struct tls13_handshake_msg *msg);
131void tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs);
132uint8_t tls13_handshake_msg_type(struct tls13_handshake_msg *msg);
133int tls13_handshake_msg_content(struct tls13_handshake_msg *msg, CBS *cbs);
134int tls13_handshake_msg_start(struct tls13_handshake_msg *msg, CBB *body,
135 uint8_t msg_type);
136int tls13_handshake_msg_finish(struct tls13_handshake_msg *msg);
137int tls13_handshake_msg_recv(struct tls13_handshake_msg *msg,
138 struct tls13_record_layer *rl);
139int tls13_handshake_msg_send(struct tls13_handshake_msg *msg,
140 struct tls13_record_layer *rl);
141
142/*
143 * Message Types - RFC 8446, Section B.3.
123 * 144 *
124 * Values listed as "_RESERVED" were used in previous versions of TLS and are 145 * Values listed as "_RESERVED" were used in previous versions of TLS and are
125 * listed here for completeness. TLS 1.3 implementations MUST NOT send them but 146 * listed here for completeness. TLS 1.3 implementations MUST NOT send them but