Provide a way to get just the record header.

Also check record size limits when reading records and setting data.

ok tb@

2 files changed, 33 insertions, 7 deletions

diff --git a/src/lib/libssl/tls13_record.c b/src/lib/libssl/tls13_record.c
index 857d3bee49..1a4e22ee47 100644
--- a/src/lib/libssl/tls13_record.c
+++ b/src/lib/libssl/tls13_record.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record.c,v 1.1 2019/01/19 02:53:54 jsing Exp $ */
+/* $OpenBSD: tls13_record.c,v 1.2 2019/01/20 09:12:05 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -62,6 +62,17 @@ tls13_record_free(struct tls13_record *rec)
         freezero(rec, sizeof(struct tls13_record));
 }
 
+int
+tls13_record_header(struct tls13_record *rec, CBS *cbs)
+{
+        if (rec->data_len < TLS13_RECORD_HEADER_LEN)
+                return 0;
+
+        CBS_init(cbs, rec->data, TLS13_RECORD_HEADER_LEN);
+
+        return 1;
+}
+
 uint8_t
 tls13_record_content_type(struct tls13_record *rec)
 {
@@ -89,13 +100,18 @@ tls13_record_data(struct tls13_record *rec, CBS *cbs)
         CBS_init(cbs, rec->data, rec->data_len);
 }
 
-void
+int
 tls13_record_set_data(struct tls13_record *rec, uint8_t *data, size_t data_len)
 {
+        if (data_len > TLS13_RECORD_MAX_LEN)
+                return 0;
+
         freezero(rec->data, rec->data_len);
         rec->data = data;
         rec->data_len = data_len;
         CBS_init(&rec->cbs, rec->data, rec->data_len);
+
+        return 1;
 }
 
 ssize_t
@@ -124,6 +140,10 @@ tls13_record_recv(struct tls13_record *rec, tls13_read_cb wire_read,
                 if (!CBS_get_u16(&cbs, &rec_len))
                         return TLS13_IO_FAILURE;
 
+                /* XXX - record overflow alert. */
+                if (rec_len > TLS13_RECORD_MAX_CIPHERTEXT_LEN)
+                        return TLS13_IO_FAILURE;
+
                 rec->content_type = content_type;
                 rec->rec_len = rec_len;
         }
diff --git a/src/lib/libssl/tls13_record.h b/src/lib/libssl/tls13_record.h
index ca7a63f99c..72350d5d49 100644
--- a/src/lib/libssl/tls13_record.h
+++ b/src/lib/libssl/tls13_record.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_record.h,v 1.1 2019/01/19 02:53:54 jsing Exp $ */
+/* $OpenBSD: tls13_record.h,v 1.2 2019/01/20 09:12:05 jsing Exp $ */
 /*
  * Copyright (c) 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -24,7 +24,7 @@
 __BEGIN_HIDDEN_DECLS
 
 /*
- * TLSv1.3 - RFC 8446 section 5.
+ * TLSv1.3 Record Protocol - RFC 8446 section 5.
  *
  * The maximum plaintext is 2^14, however for inner plaintext an additional
  * byte is allowed for the content type. A maximum AEAD overhead of 255-bytes
@@ -36,17 +36,23 @@ __BEGIN_HIDDEN_DECLS
 #define TLS13_RECORD_MAX_PLAINTEXT_LEN          16384
 #define TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN \
         (TLS13_RECORD_MAX_PLAINTEXT_LEN + 1)
-#define TLS13_RECORD_MAX_CIPHERTEXT \
+#define TLS13_RECORD_MAX_CIPHERTEXT_LEN \
         (TLS13_RECORD_MAX_INNER_PLAINTEXT_LEN + TLS13_RECORD_MAX_AEAD_OVERHEAD)
 #define TLS13_RECORD_MAX_LEN \
-        (TLS13_RECORD_HEADER_LEN + TLS13_RECORD_MAX_CIPHERTEXT)
+        (TLS13_RECORD_HEADER_LEN + TLS13_RECORD_MAX_CIPHERTEXT_LEN)
+
+/*
+ * TLSv1.3 Per-Record Nonces and Sequence Numbers - RFC 8446 section 5.3.
+ */
+#define TLS13_RECORD_SEQ_NUM_LEN 8
 
 struct tls13_record *tls13_record_new(void);
 void tls13_record_free(struct tls13_record *_rec);
+int tls13_record_header(struct tls13_record *_rec, CBS *_cbs);
 uint8_t tls13_record_content_type(struct tls13_record *_rec);
 int tls13_record_content(struct tls13_record *_rec, CBS *_cbs);
 void tls13_record_data(struct tls13_record *_rec, CBS *_cbs);
-void tls13_record_set_data(struct tls13_record *_rec, uint8_t *_data,
+int tls13_record_set_data(struct tls13_record *_rec, uint8_t *_data,
     size_t _data_len);
 ssize_t tls13_record_recv(struct tls13_record *_rec, tls13_read_cb _wire_read,
     void *_wire_arg);