diff options
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/Makefile | 3 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_handshake_msg.c | 188 | ||||
| -rw-r--r-- | src/lib/libssl/tls13_internal.h | 25 | 
3 files changed, 213 insertions, 3 deletions
| diff --git a/src/lib/libssl/Makefile b/src/lib/libssl/Makefile index d23aaa7249..12cfd3d4f0 100644 --- a/src/lib/libssl/Makefile +++ b/src/lib/libssl/Makefile | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: Makefile,v 1.49 2019/01/20 10:31:54 jsing Exp $ | 1 | # $OpenBSD: Makefile,v 1.50 2019/01/20 12:27:34 jsing Exp $ | 
| 2 | 2 | ||
| 3 | .include <bsd.own.mk> | 3 | .include <bsd.own.mk> | 
| 4 | .ifndef NOMAN | 4 | .ifndef NOMAN | 
| @@ -63,6 +63,7 @@ SRCS= \ | |||
| 63 | t1_lib.c \ | 63 | t1_lib.c \ | 
| 64 | tls13_buffer.c \ | 64 | tls13_buffer.c \ | 
| 65 | tls13_handshake.c \ | 65 | tls13_handshake.c \ | 
| 66 | tls13_handshake_msg.c \ | ||
| 66 | tls13_key_schedule.c \ | 67 | tls13_key_schedule.c \ | 
| 67 | tls13_record.c \ | 68 | tls13_record.c \ | 
| 68 | tls13_record_layer.c | 69 | tls13_record_layer.c | 
| diff --git a/src/lib/libssl/tls13_handshake_msg.c b/src/lib/libssl/tls13_handshake_msg.c new file mode 100644 index 0000000000..f85271a537 --- /dev/null +++ b/src/lib/libssl/tls13_handshake_msg.c | |||
| @@ -0,0 +1,188 @@ | |||
| 1 | /* $OpenBSD: tls13_handshake_msg.c,v 1.1 2019/01/20 12:27:34 jsing Exp $ */ | ||
| 2 | /* | ||
| 3 | * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org> | ||
| 4 | * | ||
| 5 | * Permission to use, copy, modify, and distribute this software for any | ||
| 6 | * purpose with or without fee is hereby granted, provided that the above | ||
| 7 | * copyright notice and this permission notice appear in all copies. | ||
| 8 | * | ||
| 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
| 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
| 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
| 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
| 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
| 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
| 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
| 16 | */ | ||
| 17 | |||
| 18 | #include "bytestring.h" | ||
| 19 | #include "ssl_locl.h" | ||
| 20 | #include "tls13_internal.h" | ||
| 21 | |||
| 22 | #define TLS13_HANDSHAKE_MSG_HEADER_LEN 4 | ||
| 23 | #define TLS13_HANDSHAKE_MSG_INITIAL_LEN 256 | ||
| 24 | #define TLS13_HANDSHAKE_MSG_MAX_LEN (256 * 1024) | ||
| 25 | |||
| 26 | struct tls13_handshake_msg { | ||
| 27 | uint8_t msg_type; | ||
| 28 | uint32_t msg_len; | ||
| 29 | uint8_t *data; | ||
| 30 | size_t data_len; | ||
| 31 | |||
| 32 | struct tls13_buffer *buf; | ||
| 33 | CBS cbs; | ||
| 34 | CBB cbb; | ||
| 35 | }; | ||
| 36 | |||
| 37 | struct tls13_handshake_msg * | ||
| 38 | tls13_handshake_msg_new() | ||
| 39 | { | ||
| 40 | struct tls13_handshake_msg *msg = NULL; | ||
| 41 | |||
| 42 | if ((msg = calloc(1, sizeof(struct tls13_handshake_msg))) == NULL) | ||
| 43 | goto err; | ||
| 44 | if ((msg->buf = tls13_buffer_new(0)) == NULL) | ||
| 45 | goto err; | ||
| 46 | |||
| 47 | return msg; | ||
| 48 | |||
| 49 | err: | ||
| 50 | tls13_handshake_msg_free(msg); | ||
| 51 | |||
| 52 | return NULL; | ||
| 53 | } | ||
| 54 | |||
| 55 | void | ||
| 56 | tls13_handshake_msg_free(struct tls13_handshake_msg *msg) | ||
| 57 | { | ||
| 58 | if (msg == NULL) | ||
| 59 | return; | ||
| 60 | |||
| 61 | tls13_buffer_free(msg->buf); | ||
| 62 | |||
| 63 | CBB_cleanup(&msg->cbb); | ||
| 64 | |||
| 65 | freezero(msg->data, msg->data_len); | ||
| 66 | freezero(msg, sizeof(struct tls13_handshake_msg)); | ||
| 67 | } | ||
| 68 | |||
| 69 | void | ||
| 70 | tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs) | ||
| 71 | { | ||
| 72 | CBS_init(cbs, msg->data, msg->data_len); | ||
| 73 | } | ||
| 74 | |||
| 75 | uint8_t | ||
| 76 | tls13_handshake_msg_type(struct tls13_handshake_msg *msg) | ||
| 77 | { | ||
| 78 | return msg->msg_type; | ||
| 79 | } | ||
| 80 | |||
| 81 | int | ||
| 82 | tls13_handshake_msg_content(struct tls13_handshake_msg *msg, CBS *cbs) | ||
| 83 | { | ||
| 84 | tls13_handshake_msg_data(msg, cbs); | ||
| 85 | |||
| 86 | return CBS_skip(cbs, TLS13_HANDSHAKE_MSG_HEADER_LEN); | ||
| 87 | } | ||
| 88 | |||
| 89 | int | ||
| 90 | tls13_handshake_msg_start(struct tls13_handshake_msg *msg, CBB *body, | ||
| 91 | uint8_t msg_type) | ||
| 92 | { | ||
| 93 | if (!CBB_init(&msg->cbb, TLS13_HANDSHAKE_MSG_INITIAL_LEN)) | ||
| 94 | return 0; | ||
| 95 | if (!CBB_add_u8(&msg->cbb, msg_type)) | ||
| 96 | return 0; | ||
| 97 | if (!CBB_add_u24_length_prefixed(&msg->cbb, body)) | ||
| 98 | return 0; | ||
| 99 | |||
| 100 | return 1; | ||
| 101 | } | ||
| 102 | |||
| 103 | int | ||
| 104 | tls13_handshake_msg_finish(struct tls13_handshake_msg *msg) | ||
| 105 | { | ||
| 106 | if (!CBB_finish(&msg->cbb, &msg->data, &msg->data_len)) | ||
| 107 | return 0; | ||
| 108 | |||
| 109 | CBS_init(&msg->cbs, msg->data, msg->data_len); | ||
| 110 | |||
| 111 | return 1; | ||
| 112 | } | ||
| 113 | |||
| 114 | static ssize_t | ||
| 115 | tls13_handshake_msg_read_cb(void *buf, size_t n, void *cb_arg) | ||
| 116 | { | ||
| 117 | struct tls13_record_layer *rl = cb_arg; | ||
| 118 | |||
| 119 | return tls13_read_handshake_data(rl, buf, n); | ||
| 120 | } | ||
| 121 | |||
| 122 | int | ||
| 123 | tls13_handshake_msg_recv(struct tls13_handshake_msg *msg, | ||
| 124 | struct tls13_record_layer *rl) | ||
| 125 | { | ||
| 126 | uint8_t msg_type; | ||
| 127 | uint32_t msg_len; | ||
| 128 | CBS cbs; | ||
| 129 | int ret; | ||
| 130 | |||
| 131 | if (msg->data != NULL) | ||
| 132 | return TLS13_IO_FAILURE; | ||
| 133 | |||
| 134 | if (msg->msg_type == 0) { | ||
| 135 | if ((ret = tls13_buffer_extend(msg->buf, | ||
| 136 | TLS13_HANDSHAKE_MSG_HEADER_LEN, | ||
| 137 | tls13_handshake_msg_read_cb, rl)) <= 0) | ||
| 138 | return ret; | ||
| 139 | |||
| 140 | tls13_buffer_cbs(msg->buf, &cbs); | ||
| 141 | |||
| 142 | if (!CBS_get_u8(&cbs, &msg_type)) | ||
| 143 | return TLS13_IO_FAILURE; | ||
| 144 | if (!CBS_get_u24(&cbs, &msg_len)) | ||
| 145 | return TLS13_IO_FAILURE; | ||
| 146 | |||
| 147 | /* XXX - do we want to make this variable on message type? */ | ||
| 148 | if (msg_len > TLS13_HANDSHAKE_MSG_MAX_LEN) | ||
| 149 | return TLS13_IO_FAILURE; | ||
| 150 | |||
| 151 | msg->msg_type = msg_type; | ||
| 152 | msg->msg_len = msg_len; | ||
| 153 | } | ||
| 154 | |||
| 155 | if ((ret = tls13_buffer_extend(msg->buf, | ||
| 156 | TLS13_HANDSHAKE_MSG_HEADER_LEN + msg->msg_len, | ||
| 157 | tls13_handshake_msg_read_cb, rl)) <= 0) | ||
| 158 | return ret; | ||
| 159 | |||
| 160 | if (!tls13_buffer_finish(msg->buf, &msg->data, &msg->data_len)) | ||
| 161 | return TLS13_IO_FAILURE; | ||
| 162 | |||
| 163 | return TLS13_IO_SUCCESS; | ||
| 164 | } | ||
| 165 | |||
| 166 | int | ||
| 167 | tls13_handshake_msg_send(struct tls13_handshake_msg *msg, | ||
| 168 | struct tls13_record_layer *rl) | ||
| 169 | { | ||
| 170 | ssize_t ret; | ||
| 171 | |||
| 172 | if (msg->data == NULL) | ||
| 173 | return TLS13_IO_FAILURE; | ||
| 174 | |||
| 175 | if (CBS_len(&msg->cbs) == 0) | ||
| 176 | return TLS13_IO_FAILURE; | ||
| 177 | |||
| 178 | while (CBS_len(&msg->cbs) > 0) { | ||
| 179 | if ((ret = tls13_write_handshake_data(rl, CBS_data(&msg->cbs), | ||
| 180 | CBS_len(&msg->cbs))) <= 0) | ||
| 181 | return ret; | ||
| 182 | |||
| 183 | if (!CBS_skip(&msg->cbs, ret)) | ||
| 184 | return TLS13_IO_FAILURE; | ||
| 185 | } | ||
| 186 | |||
| 187 | return TLS13_IO_SUCCESS; | ||
| 188 | } | ||
| diff --git a/src/lib/libssl/tls13_internal.h b/src/lib/libssl/tls13_internal.h index 496627c0cd..6b85cfdab9 100644 --- a/src/lib/libssl/tls13_internal.h +++ b/src/lib/libssl/tls13_internal.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_internal.h,v 1.9 2019/01/20 10:31:54 jsing Exp $ */ | 1 | /* $OpenBSD: tls13_internal.h,v 1.10 2019/01/20 12:27:34 jsing Exp $ */ | 
| 2 | /* | 2 | /* | 
| 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018 Bob Beck <beck@openbsd.org> | 
| 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> | 
| @@ -97,6 +97,9 @@ int tls13_derive_application_secrets(struct tls13_secrets *secrets, | |||
| 97 | 97 | ||
| 98 | struct tls13_ctx; | 98 | struct tls13_ctx; | 
| 99 | 99 | ||
| 100 | /* | ||
| 101 | * Record Layer. | ||
| 102 | */ | ||
| 100 | struct tls13_record_layer; | 103 | struct tls13_record_layer; | 
| 101 | 104 | ||
| 102 | struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read, | 105 | struct tls13_record_layer *tls13_record_layer_new(tls13_read_cb wire_read, | 
| @@ -119,7 +122,25 @@ ssize_t tls13_write_application_data(struct tls13_record_layer *rl, const uint8_ | |||
| 119 | size_t n); | 122 | size_t n); | 
| 120 | 123 | ||
| 121 | /* | 124 | /* | 
| 122 | * RFC 8446, Section B.3 | 125 | * Handshake Messages. | 
| 126 | */ | ||
| 127 | struct tls13_handshake_msg; | ||
| 128 | |||
| 129 | struct tls13_handshake_msg *tls13_handshake_msg_new(void); | ||
| 130 | void tls13_handshake_msg_free(struct tls13_handshake_msg *msg); | ||
| 131 | void tls13_handshake_msg_data(struct tls13_handshake_msg *msg, CBS *cbs); | ||
| 132 | uint8_t tls13_handshake_msg_type(struct tls13_handshake_msg *msg); | ||
| 133 | int tls13_handshake_msg_content(struct tls13_handshake_msg *msg, CBS *cbs); | ||
| 134 | int tls13_handshake_msg_start(struct tls13_handshake_msg *msg, CBB *body, | ||
| 135 | uint8_t msg_type); | ||
| 136 | int tls13_handshake_msg_finish(struct tls13_handshake_msg *msg); | ||
| 137 | int tls13_handshake_msg_recv(struct tls13_handshake_msg *msg, | ||
| 138 | struct tls13_record_layer *rl); | ||
| 139 | int tls13_handshake_msg_send(struct tls13_handshake_msg *msg, | ||
| 140 | struct tls13_record_layer *rl); | ||
| 141 | |||
| 142 | /* | ||
| 143 | * Message Types - RFC 8446, Section B.3. | ||
| 123 | * | 144 | * | 
| 124 | * Values listed as "_RESERVED" were used in previous versions of TLS and are | 145 | * Values listed as "_RESERVED" were used in previous versions of TLS and are | 
| 125 | * listed here for completeness. TLS 1.3 implementations MUST NOT send them but | 146 | * listed here for completeness. TLS 1.3 implementations MUST NOT send them but | 
