Convert the legacy TLS stack to tls_content.

This converts the legacy TLS stack to tls_content - records are now opened into a tls_content structure, rather than being written back into the same buffer that the sealed record was read into. This will allow for further clean up of the legacy record layer. ok tb@
author: jsing <> 2022-11-11 17:15:27 +0000
committer: jsing <> 2022-11-11 17:15:27 +0000
commit: 167103faa44f8407455f11f6599e9919e2b22653 (patch)
tree: a8f8e94c51cf1dc74d90e267faf0ad4720537e35 /src/lib/libssl/tls12_record_layer.c
parent: f8749b129444d560b9e645a68ec7b045800243ed (diff)
download: openbsd-167103faa44f8407455f11f6599e9919e2b22653.tar.gz
openbsd-167103faa44f8407455f11f6599e9919e2b22653.tar.bz2
openbsd-167103faa44f8407455f11f6599e9919e2b22653.zip
1 files changed, 43 insertions, 36 deletions
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c
index 3568e1876a..a65906697d 100644
--- a/src/lib/libssl/tls12_record_layer.c
+++ b/src/lib/libssl/tls12_record_layer.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls12_record_layer.c,v 1.36 2022/01/14 09:12:15 tb Exp $ */
+/* $OpenBSD: tls12_record_layer.c,v 1.37 2022/11/11 17:15:26 jsing Exp $ */
 /*
 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
 *
@@ -864,28 +864,25 @@ tls12_record_layer_aead_xored_nonce(struct tls12_record_layer *rl,
 static int
 tls12_record_layer_open_record_plaintext(struct tls12_record_layer *rl,
-    uint8_t content_type, CBS *fragment, uint8_t **out, size_t *out_len)
+    uint8_t content_type, CBS *fragment, struct tls_content *out)
 {
        if (tls12_record_protection_engaged(rl->read))
                return 0;
-        /* XXX - decrypt/process in place for now. */
+        return tls_content_dup_data(out, content_type, CBS_data(fragment),
-        *out = (uint8_t *)CBS_data(fragment);
+            CBS_len(fragment));
-        *out_len = CBS_len(fragment);
-        return 1;
 }
 static int
 tls12_record_layer_open_record_protected_aead(struct tls12_record_layer *rl,
-    uint8_t content_type, CBS *seq_num, CBS *fragment, uint8_t **out,
+    uint8_t content_type, CBS *seq_num, CBS *fragment, struct tls_content *out)
-    size_t *out_len)
 {
        struct tls12_record_protection *rp = rl->read;
        uint8_t *header = NULL;
        size_t header_len = 0;
-        uint8_t *plain;
+        uint8_t *content = NULL;
-        size_t plain_len;
+        size_t content_len = 0;
+        size_t out_len = 0;
        CBS var_nonce;
        int ret = 0;
@@ -913,43 +910,47 @@ tls12_record_layer_open_record_protected_aead(struct tls12_record_layer *rl,
                goto err;
        }
-        /* XXX - decrypt/process in place for now. */
+        content_len = CBS_len(fragment) - rp->aead_tag_len;
-        plain = (uint8_t *)CBS_data(fragment);
+        if ((content = calloc(1, CBS_len(fragment))) == NULL) {
-        plain_len = CBS_len(fragment) - rp->aead_tag_len;
+                content_len = 0;
+                goto err;
+        }
-        if (!tls12_record_layer_pseudo_header(rl, content_type, plain_len,
+        if (!tls12_record_layer_pseudo_header(rl, content_type, content_len,
            seq_num, &header, &header_len))
                goto err;
-        if (!EVP_AEAD_CTX_open(rp->aead_ctx, plain, out_len, plain_len,
+        if (!EVP_AEAD_CTX_open(rp->aead_ctx, content, &out_len, content_len,
            rp->aead_nonce, rp->aead_nonce_len, CBS_data(fragment),
            CBS_len(fragment), header, header_len)) {
                rl->alert_desc = SSL_AD_BAD_RECORD_MAC;
                goto err;
        }
-        if (*out_len > SSL3_RT_MAX_PLAIN_LENGTH) {
+        if (out_len > SSL3_RT_MAX_PLAIN_LENGTH) {
                rl->alert_desc = SSL_AD_RECORD_OVERFLOW;
                goto err;
        }
-        if (*out_len != plain_len)
+        if (out_len != content_len)
                goto err;
-        *out = plain;
+        tls_content_set_data(out, content_type, content, content_len);
+        content = NULL;
+        content_len = 0;
        ret = 1;
 err:
        freezero(header, header_len);
+        freezero(content, content_len);
        return ret;
 }
 static int
 tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
-    uint8_t content_type, CBS *seq_num, CBS *fragment, uint8_t **out,
+    uint8_t content_type, CBS *seq_num, CBS *fragment, struct tls_content *out)
-    size_t *out_len)
 {
        EVP_CIPHER_CTX *enc = rl->read->cipher_ctx;
        SSL3_RECORD_INTERNAL rrec;
@@ -958,8 +959,8 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
        size_t mac_len = 0;
        uint8_t *out_mac = NULL;
        size_t out_mac_len = 0;
-        uint8_t *plain;
+        uint8_t *content = NULL;
-        size_t plain_len;
+        size_t content_len = 0;
        size_t min_len;
        CBB cbb_mac;
        int ret = 0;
@@ -1001,16 +1002,16 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
                goto err;
        }
-        /* XXX - decrypt/process in place for now. */
+        if ((content = calloc(1, CBS_len(fragment))) == NULL)
-        plain = (uint8_t *)CBS_data(fragment);
+                goto err;
-        plain_len = CBS_len(fragment);
+        content_len = CBS_len(fragment);
-        if (!EVP_Cipher(enc, plain, CBS_data(fragment), plain_len))
+        if (!EVP_Cipher(enc, content, CBS_data(fragment), CBS_len(fragment)))
                goto err;
-        rrec.data = plain;
+        rrec.data = content;
-        rrec.input = plain;
+        rrec.input = content;
-        rrec.length = plain_len;
+        rrec.length = content_len;
        /*
         * We now have to remove padding, extract MAC, calculate MAC
@@ -1058,8 +1059,13 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
                goto err;
        }
-        *out = rrec.data;
+        tls_content_set_data(out, content_type, content, content_len);
-        *out_len = rrec.length;
+        content = NULL;
+        content_len = 0;
+        /* Actual content is after EIV, minus padding and MAC. */
+        if (!tls_content_set_bounds(out, eiv_len, rrec.length))
+                goto err;
        ret = 1;
@@ -1067,13 +1073,14 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
        CBB_cleanup(&cbb_mac);
        freezero(mac, mac_len);
        freezero(out_mac, out_mac_len);
+        freezero(content, content_len);
        return ret;
 }
 int
 tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf,
-    size_t buf_len, uint8_t **out, size_t *out_len)
+    size_t buf_len, struct tls_content *out)
 {
        CBS cbs, fragment, seq_num;
        uint16_t version;
@@ -1105,15 +1112,15 @@ tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf,
        if (rl->read->aead_ctx != NULL) {
                if (!tls12_record_layer_open_record_protected_aead(rl,
-                    content_type, &seq_num, &fragment, out, out_len))
+                    content_type, &seq_num, &fragment, out))
                        return 0;
        } else if (rl->read->cipher_ctx != NULL) {
                if (!tls12_record_layer_open_record_protected_cipher(rl,
-                    content_type, &seq_num, &fragment, out, out_len))
+                    content_type, &seq_num, &fragment, out))
                        return 0;
        } else {
                if (!tls12_record_layer_open_record_plaintext(rl,
-                    content_type, &fragment, out, out_len))
+                    content_type, &fragment, out))
                        return 0;
        }
author	jsing <>	2022-11-11 17:15:27 +0000
committer	jsing <>	2022-11-11 17:15:27 +0000
commit	167103faa44f8407455f11f6599e9919e2b22653 (patch)
tree	a8f8e94c51cf1dc74d90e267faf0ad4720537e35 /src/lib/libssl/tls12_record_layer.c
parent	f8749b129444d560b9e645a68ec7b045800243ed (diff)
download	openbsd-167103faa44f8407455f11f6599e9919e2b22653.tar.gz openbsd-167103faa44f8407455f11f6599e9919e2b22653.tar.bz2 openbsd-167103faa44f8407455f11f6599e9919e2b22653.zip