diff options
| author | beck <> | 2019-01-28 15:52:17 +0000 |
|---|---|---|
| committer | beck <> | 2019-01-28 15:52:17 +0000 |
| commit | 844bed82106602cf4adb2648db639ae8427786ca (patch) | |
| tree | 52041316ec2478a4bbd8eb9998832215b6f2cd99 /src | |
| parent | c58264060d34a89096fa45721ffd26f246efb0df (diff) | |
| download | openbsd-844bed82106602cf4adb2648db639ae8427786ca.tar.gz openbsd-844bed82106602cf4adb2648db639ae8427786ca.tar.bz2 openbsd-844bed82106602cf4adb2648db639ae8427786ca.zip | |
Deduplicate a bunch of replicated code in the extension handling
ok tb@
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libssl/ssl_tlsext.c | 136 |
1 files changed, 50 insertions, 86 deletions
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c index cd939decbf..c99ad671dc 100644 --- a/src/lib/libssl/ssl_tlsext.c +++ b/src/lib/libssl/ssl_tlsext.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_tlsext.c,v 1.37 2019/01/28 15:44:33 beck Exp $ */ | 1 | /* $OpenBSD: ssl_tlsext.c,v 1.38 2019/01/28 15:52:17 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -25,6 +25,24 @@ | |||
| 25 | #include "ssl_sigalgs.h" | 25 | #include "ssl_sigalgs.h" |
| 26 | #include "ssl_tlsext.h" | 26 | #include "ssl_tlsext.h" |
| 27 | 27 | ||
| 28 | |||
| 29 | static int | ||
| 30 | tlsext_u16_prefixed_builder(CBB *parent, uint8_t *bytes, size_t len) | ||
| 31 | { | ||
| 32 | CBB child; | ||
| 33 | |||
| 34 | if (!CBB_add_u16_length_prefixed(parent, &child)) | ||
| 35 | return 0; | ||
| 36 | |||
| 37 | if (!CBB_add_bytes(&child, bytes, len)) | ||
| 38 | return 0; | ||
| 39 | |||
| 40 | if (!CBB_flush(parent)) | ||
| 41 | return 0; | ||
| 42 | |||
| 43 | return 1; | ||
| 44 | } | ||
| 45 | |||
| 28 | /* | 46 | /* |
| 29 | * Supported Application-Layer Protocol Negotiation - RFC 7301 | 47 | * Supported Application-Layer Protocol Negotiation - RFC 7301 |
| 30 | */ | 48 | */ |
| @@ -40,19 +58,10 @@ tlsext_alpn_client_needs(SSL *s) | |||
| 40 | int | 58 | int |
| 41 | tlsext_alpn_client_build(SSL *s, CBB *cbb) | 59 | tlsext_alpn_client_build(SSL *s, CBB *cbb) |
| 42 | { | 60 | { |
| 43 | CBB protolist; | ||
| 44 | |||
| 45 | if (!CBB_add_u16_length_prefixed(cbb, &protolist)) | ||
| 46 | return 0; | ||
| 47 | 61 | ||
| 48 | if (!CBB_add_bytes(&protolist, s->internal->alpn_client_proto_list, | 62 | return (tlsext_u16_prefixed_builder(cbb, |
| 49 | s->internal->alpn_client_proto_list_len)) | 63 | s->internal->alpn_client_proto_list, |
| 50 | return 0; | 64 | s->internal->alpn_client_proto_list_len)); |
| 51 | |||
| 52 | if (!CBB_flush(cbb)) | ||
| 53 | return 0; | ||
| 54 | |||
| 55 | return 1; | ||
| 56 | } | 65 | } |
| 57 | 66 | ||
| 58 | int | 67 | int |
| @@ -1239,16 +1248,10 @@ tlsext_keyshare_client_needs(SSL *s) | |||
| 1239 | } | 1248 | } |
| 1240 | 1249 | ||
| 1241 | int | 1250 | int |
| 1242 | tlsext_keyshare_client_build(SSL *s, CBB *cbb) | 1251 | tlsext_keyshare_x25519_generate(SSL *s, CBB *keyshare) |
| 1243 | { | 1252 | { |
| 1244 | uint8_t *public_key = NULL, *private_key = NULL; | 1253 | uint8_t *public_key = NULL, *private_key = NULL; |
| 1245 | CBB client_shares, key_exchange; | 1254 | CBB key_exchange; |
| 1246 | |||
| 1247 | /* Generate and provide key shares. */ | ||
| 1248 | if (!CBB_add_u16_length_prefixed(cbb, &client_shares)) | ||
| 1249 | return 0; | ||
| 1250 | |||
| 1251 | /* XXX - other groups. */ | ||
| 1252 | 1255 | ||
| 1253 | /* Generate X25519 key pair. */ | 1256 | /* Generate X25519 key pair. */ |
| 1254 | if ((public_key = malloc(X25519_KEY_LENGTH)) == NULL) | 1257 | if ((public_key = malloc(X25519_KEY_LENGTH)) == NULL) |
| @@ -1258,16 +1261,13 @@ tlsext_keyshare_client_build(SSL *s, CBB *cbb) | |||
| 1258 | X25519_keypair(public_key, private_key); | 1261 | X25519_keypair(public_key, private_key); |
| 1259 | 1262 | ||
| 1260 | /* Add the group and serialize the public key. */ | 1263 | /* Add the group and serialize the public key. */ |
| 1261 | if (!CBB_add_u16(&client_shares, tls1_ec_nid2curve_id(NID_X25519))) | 1264 | if (!CBB_add_u16(keyshare, tls1_ec_nid2curve_id(NID_X25519))) |
| 1262 | goto err; | 1265 | goto err; |
| 1263 | if (!CBB_add_u16_length_prefixed(&client_shares, &key_exchange)) | 1266 | if (!CBB_add_u16_length_prefixed(keyshare, &key_exchange)) |
| 1264 | goto err; | 1267 | goto err; |
| 1265 | if (!CBB_add_bytes(&key_exchange, public_key, X25519_KEY_LENGTH)) | 1268 | if (!CBB_add_bytes(&key_exchange, public_key, X25519_KEY_LENGTH)) |
| 1266 | goto err; | 1269 | goto err; |
| 1267 | 1270 | ||
| 1268 | if (!CBB_flush(cbb)) | ||
| 1269 | goto err; | ||
| 1270 | |||
| 1271 | S3I(s)->hs_tls13.x25519_public = public_key; | 1271 | S3I(s)->hs_tls13.x25519_public = public_key; |
| 1272 | S3I(s)->hs_tls13.x25519_private = private_key; | 1272 | S3I(s)->hs_tls13.x25519_private = private_key; |
| 1273 | 1273 | ||
| @@ -1281,6 +1281,22 @@ tlsext_keyshare_client_build(SSL *s, CBB *cbb) | |||
| 1281 | } | 1281 | } |
| 1282 | 1282 | ||
| 1283 | int | 1283 | int |
| 1284 | tlsext_keyshare_client_build(SSL *s, CBB *cbb) | ||
| 1285 | { | ||
| 1286 | CBB client_shares; | ||
| 1287 | |||
| 1288 | /* Generate and provide key shares. */ | ||
| 1289 | if (!CBB_add_u16_length_prefixed(cbb, &client_shares)) | ||
| 1290 | return 0; | ||
| 1291 | |||
| 1292 | if (!tlsext_keyshare_x25519_generate(s, &client_shares) || | ||
| 1293 | !CBB_flush(cbb)) | ||
| 1294 | return 0; | ||
| 1295 | |||
| 1296 | return (1); | ||
| 1297 | } | ||
| 1298 | |||
| 1299 | int | ||
| 1284 | tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert) | 1300 | tlsext_keyshare_server_parse(SSL *s, CBS *cbs, int *alert) |
| 1285 | { | 1301 | { |
| 1286 | CBS client_shares; | 1302 | CBS client_shares; |
| @@ -1342,43 +1358,15 @@ tlsext_keyshare_server_needs(SSL *s) | |||
| 1342 | int | 1358 | int |
| 1343 | tlsext_keyshare_server_build(SSL *s, CBB *cbb) | 1359 | tlsext_keyshare_server_build(SSL *s, CBB *cbb) |
| 1344 | { | 1360 | { |
| 1345 | uint8_t *public_key = NULL, *private_key = NULL; | ||
| 1346 | CBB key_exchange; | ||
| 1347 | |||
| 1348 | /* XXX deduplicate with client code */ | ||
| 1349 | |||
| 1350 | /* X25519 */ | 1361 | /* X25519 */ |
| 1351 | if (S3I(s)->hs_tls13.x25519_peer_public == NULL) | 1362 | if (S3I(s)->hs_tls13.x25519_peer_public == NULL) |
| 1352 | return 0; | 1363 | return 0; |
| 1353 | 1364 | ||
| 1354 | /* Generate X25519 key pair. */ | 1365 | if (!tlsext_keyshare_x25519_generate(s, cbb) || |
| 1355 | if ((public_key = malloc(X25519_KEY_LENGTH)) == NULL) | 1366 | !CBB_flush(cbb)) |
| 1356 | goto err; | 1367 | return 0; |
| 1357 | if ((private_key = malloc(X25519_KEY_LENGTH)) == NULL) | ||
| 1358 | goto err; | ||
| 1359 | X25519_keypair(public_key, private_key); | ||
| 1360 | |||
| 1361 | /* Add the group and serialize the public key. */ | ||
| 1362 | if (!CBB_add_u16(cbb, tls1_ec_nid2curve_id(NID_X25519))) | ||
| 1363 | goto err; | ||
| 1364 | if (!CBB_add_u16_length_prefixed(cbb, &key_exchange)) | ||
| 1365 | goto err; | ||
| 1366 | if (!CBB_add_bytes(&key_exchange, public_key, X25519_KEY_LENGTH)) | ||
| 1367 | goto err; | ||
| 1368 | |||
| 1369 | if (!CBB_flush(cbb)) | ||
| 1370 | goto err; | ||
| 1371 | |||
| 1372 | S3I(s)->hs_tls13.x25519_public = public_key; | ||
| 1373 | S3I(s)->hs_tls13.x25519_private = private_key; | ||
| 1374 | 1368 | ||
| 1375 | return 1; | 1369 | return 1; |
| 1376 | |||
| 1377 | err: | ||
| 1378 | freezero(public_key, X25519_KEY_LENGTH); | ||
| 1379 | freezero(private_key, X25519_KEY_LENGTH); | ||
| 1380 | |||
| 1381 | return 0; | ||
| 1382 | } | 1370 | } |
| 1383 | 1371 | ||
| 1384 | int | 1372 | int |
| @@ -1555,19 +1543,8 @@ tlsext_cookie_client_needs(SSL *s) | |||
| 1555 | int | 1543 | int |
| 1556 | tlsext_cookie_client_build(SSL *s, CBB *cbb) | 1544 | tlsext_cookie_client_build(SSL *s, CBB *cbb) |
| 1557 | { | 1545 | { |
| 1558 | CBB cookie; | 1546 | return (tlsext_u16_prefixed_builder(cbb, |
| 1559 | 1547 | S3I(s)->hs_tls13.cookie, S3I(s)->hs_tls13.cookie_len)); | |
| 1560 | if (!CBB_add_u16_length_prefixed(cbb, &cookie)) | ||
| 1561 | return 0; | ||
| 1562 | |||
| 1563 | if (!CBB_add_bytes(&cookie, S3I(s)->hs_tls13.cookie, | ||
| 1564 | S3I(s)->hs_tls13.cookie_len)) | ||
| 1565 | return 0; | ||
| 1566 | |||
| 1567 | if (!CBB_flush(cbb)) | ||
| 1568 | return 0; | ||
| 1569 | |||
| 1570 | return 1; | ||
| 1571 | } | 1548 | } |
| 1572 | 1549 | ||
| 1573 | int | 1550 | int |
| @@ -1619,21 +1596,8 @@ tlsext_cookie_server_needs(SSL *s) | |||
| 1619 | int | 1596 | int |
| 1620 | tlsext_cookie_server_build(SSL *s, CBB *cbb) | 1597 | tlsext_cookie_server_build(SSL *s, CBB *cbb) |
| 1621 | { | 1598 | { |
| 1622 | CBB cookie; | 1599 | return (tlsext_u16_prefixed_builder(cbb, |
| 1623 | 1600 | S3I(s)->hs_tls13.cookie, S3I(s)->hs_tls13.cookie_len)); | |
| 1624 | /* XXX deduplicate with client code */ | ||
| 1625 | |||
| 1626 | if (!CBB_add_u16_length_prefixed(cbb, &cookie)) | ||
| 1627 | return 0; | ||
| 1628 | |||
| 1629 | if (!CBB_add_bytes(&cookie, S3I(s)->hs_tls13.cookie, | ||
| 1630 | S3I(s)->hs_tls13.cookie_len)) | ||
| 1631 | return 0; | ||
| 1632 | |||
| 1633 | if (!CBB_flush(cbb)) | ||
| 1634 | return 0; | ||
| 1635 | |||
| 1636 | return 1; | ||
| 1637 | } | 1601 | } |
| 1638 | 1602 | ||
| 1639 | int | 1603 | int |
| @@ -1891,7 +1855,7 @@ tlsext_funcs(struct tls_extension *tlsext, int is_server) | |||
| 1891 | if (is_server) | 1855 | if (is_server) |
| 1892 | return &tlsext->server; | 1856 | return &tlsext->server; |
| 1893 | 1857 | ||
| 1894 | return &tlsext->client; | 1858 | return &tlsext->client; |
| 1895 | } | 1859 | } |
| 1896 | 1860 | ||
| 1897 | static int | 1861 | static int |