summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libssl/ssl_asn1.c945
1 files changed, 329 insertions, 616 deletions
diff --git a/src/lib/libssl/ssl_asn1.c b/src/lib/libssl/ssl_asn1.c
index ee00cb286d..59e7cdf7b2 100644
--- a/src/lib/libssl/ssl_asn1.c
+++ b/src/lib/libssl/ssl_asn1.c
@@ -1,691 +1,404 @@
1/* $OpenBSD: ssl_asn1.c,v 1.41 2016/03/11 07:08:45 mmcc Exp $ */ 1/* $OpenBSD: ssl_asn1.c,v 1.42 2016/11/04 15:09:29 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2
3 * All rights reserved. 3/*
4 * 4 * Copyright (c) 2016 Joel Sing <jsing@openbsd.org>
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 5 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 6 * Permission to use, copy, modify, and distribute this software for any
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 7 * purpose with or without fee is hereby granted, provided that the above
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 8 * copyright notice and this permission notice appear in all copies.
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 * 9 *
53 * The licence and distribution terms for any publically available version or 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
55 * copied and put under another distribution licence 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
56 * [including the GNU Public Licence.] 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
57 */ 17 */
58 18
59#include <stdio.h> 19#include <limits.h>
60#include <stdlib.h> 20
21#include <openssl/ssl.h>
22#include <openssl/x509.h>
61 23
62#include "ssl_locl.h" 24#include "ssl_locl.h"
63 25
64#include <openssl/objects.h> 26#include "bytestring.h"
65#include <openssl/x509.h>
66 27
67/* XXX - these are here to avoid including asn1_mac.h */ 28#define SSLASN1_TAG (CBS_ASN1_CONSTRUCTED | CBS_ASN1_CONTEXT_SPECIFIC)
68int asn1_GetSequence(ASN1_const_CTX *c, long *length); 29#define SSLASN1_TIME_TAG (SSLASN1_TAG | 1)
69void asn1_add_error(const unsigned char *address, int offset); 30#define SSLASN1_TIMEOUT_TAG (SSLASN1_TAG | 2)
70 31#define SSLASN1_PEER_CERT_TAG (SSLASN1_TAG | 3)
71typedef struct ssl_session_asn1_st { 32#define SSLASN1_SESSION_ID_CTX_TAG (SSLASN1_TAG | 4)
72 ASN1_INTEGER version; 33#define SSLASN1_VERIFY_RESULT_TAG (SSLASN1_TAG | 5)
73 ASN1_INTEGER ssl_version; 34#define SSLASN1_HOSTNAME_TAG (SSLASN1_TAG | 6)
74 ASN1_OCTET_STRING cipher; 35#define SSLASN1_LIFETIME_TAG (SSLASN1_TAG | 9)
75 ASN1_OCTET_STRING master_key; 36#define SSLASN1_TICKET_TAG (SSLASN1_TAG | 10)
76 ASN1_OCTET_STRING session_id; 37
77 ASN1_OCTET_STRING session_id_context; 38static uint64_t
78 ASN1_INTEGER time; 39time_max(void)
79 ASN1_INTEGER timeout; 40{
80 ASN1_INTEGER verify_result; 41 if (sizeof(time_t) == sizeof(int32_t))
81 ASN1_OCTET_STRING tlsext_hostname; 42 return INT32_MAX;
82 ASN1_INTEGER tlsext_tick_lifetime; 43 if (sizeof(time_t) == sizeof(int64_t))
83 ASN1_OCTET_STRING tlsext_tick; 44 return INT64_MAX;
84} SSL_SESSION_ASN1; 45 return 0;
46}
85 47
86int 48int
87i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) 49i2d_SSL_SESSION(SSL_SESSION *s, unsigned char **pp)
88{ 50{
89#define LSIZE2 (sizeof(long)*2) 51 CBB cbb, session, cipher_suite, session_id, master_key, time, timeout;
90 int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v6 = 0, v9 = 0, v10 = 0; 52 CBB peer_cert, sidctx, verify_result, hostname, lifetime, ticket;
91 unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2]; 53 CBB value;
92 unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2]; 54 unsigned char *data = NULL, *peer_cert_bytes = NULL;
93 unsigned char ibuf6[LSIZE2]; 55 int len, rv = -1;
94 SSL_SESSION_ASN1 a; 56 size_t data_len;
95 unsigned char *p; 57 uint16_t cid;
96 int len = 0, ret; 58
97 long l; 59 if (s == NULL)
98
99 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
100 return (0); 60 return (0);
101 61
102 /* 62 if (s->cipher == NULL && s->cipher_id == 0)
103 * Note that I cheat in the following 2 assignments. 63 return (0);
104 * I know that if the ASN1_INTEGER passed to ASN1_INTEGER_set
105 * is > sizeof(long)+1, the buffer will not be re-malloc()ed.
106 * This is a bit evil but makes things simple, no dynamic allocation
107 * to clean up :-)
108 */
109 a.version.length = LSIZE2;
110 a.version.type = V_ASN1_INTEGER;
111 a.version.data = ibuf1;
112 ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION);
113 len += i2d_ASN1_INTEGER(&(a.version), NULL);
114
115 a.ssl_version.length = LSIZE2;
116 a.ssl_version.type = V_ASN1_INTEGER;
117 a.ssl_version.data = ibuf2;
118 ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version);
119 len += i2d_ASN1_INTEGER(&(a.ssl_version), NULL);
120
121 a.cipher.length = 2;
122 a.cipher.type = V_ASN1_OCTET_STRING;
123 l = (in->cipher == NULL) ? in->cipher_id : in->cipher->id;
124 buf[0] = ((unsigned char)(l >> 8L)) & 0xff;
125 buf[1] = ((unsigned char)(l)) & 0xff;
126 a.cipher.data = buf;
127 len += i2d_ASN1_OCTET_STRING(&(a.cipher), NULL);
128
129 a.master_key.length = in->master_key_length;
130 a.master_key.type = V_ASN1_OCTET_STRING;
131 a.master_key.data = in->master_key;
132 len += i2d_ASN1_OCTET_STRING(&(a.master_key), NULL);
133
134 a.session_id.length = in->session_id_length;
135 a.session_id.type = V_ASN1_OCTET_STRING;
136 a.session_id.data = in->session_id;
137 len += i2d_ASN1_OCTET_STRING(&(a.session_id), NULL);
138
139 if (in->time != 0L) {
140 a.time.length = LSIZE2;
141 a.time.type = V_ASN1_INTEGER;
142 a.time.data = ibuf3;
143 ASN1_INTEGER_set(&(a.time), in->time); /* XXX 2038 */
144 v1 = i2d_ASN1_INTEGER(&(a.time), NULL);
145 len += ASN1_object_size(1, v1, 1);
146 }
147 64
148 if (in->timeout != 0L) { 65 if (!CBB_init(&cbb, 0))
149 a.timeout.length = LSIZE2; 66 goto err;
150 a.timeout.type = V_ASN1_INTEGER;
151 a.timeout.data = ibuf4;
152 ASN1_INTEGER_set(&(a.timeout), in->timeout);
153 v2 = i2d_ASN1_INTEGER(&(a.timeout), NULL);
154 len += ASN1_object_size(1, v2, 2);
155 }
156 67
157 if (in->peer != NULL) { 68 if (!CBB_add_asn1(&cbb, &session, CBS_ASN1_SEQUENCE))
158 v3 = i2d_X509(in->peer, NULL); 69 goto err;
159 len += ASN1_object_size(1, v3, 3);
160 }
161 70
162 a.session_id_context.length = in->sid_ctx_length; 71 /* Session ASN1 version. */
163 a.session_id_context.type = V_ASN1_OCTET_STRING; 72 if (!CBB_add_asn1_uint64(&session, SSL_SESSION_ASN1_VERSION))
164 a.session_id_context.data = in->sid_ctx; 73 goto err;
165 v4 = i2d_ASN1_OCTET_STRING(&(a.session_id_context), NULL);
166 len += ASN1_object_size(1, v4, 4);
167
168 if (in->verify_result != X509_V_OK) {
169 a.verify_result.length = LSIZE2;
170 a.verify_result.type = V_ASN1_INTEGER;
171 a.verify_result.data = ibuf5;
172 ASN1_INTEGER_set(&a.verify_result, in->verify_result);
173 v5 = i2d_ASN1_INTEGER(&(a.verify_result), NULL);
174 len += ASN1_object_size(1, v5, 5);
175 }
176 74
177 if (in->tlsext_hostname) { 75 /* TLS/SSL protocol version. */
178 a.tlsext_hostname.length = strlen(in->tlsext_hostname); 76 if (s->ssl_version < 0)
179 a.tlsext_hostname.type = V_ASN1_OCTET_STRING; 77 goto err;
180 a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname; 78 if (!CBB_add_asn1_uint64(&session, s->ssl_version))
181 v6 = i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), NULL); 79 goto err;
182 len += ASN1_object_size(1, v6, 6);
183 }
184 80
185 /* 7 - PSK identity hint. */ 81 /* Cipher suite ID. */
186 /* 8 - PSK identity. */ 82 /* XXX - require cipher to be non-NULL or always/only use cipher_id. */
187 83 cid = (uint16_t)(s->cipher_id & 0xffff);
188 if (in->tlsext_tick_lifetime_hint > 0) { 84 if (s->cipher != NULL)
189 a.tlsext_tick_lifetime.length = LSIZE2; 85 cid = ssl3_cipher_get_value(s->cipher);
190 a.tlsext_tick_lifetime.type = V_ASN1_INTEGER; 86 if (!CBB_add_asn1(&session, &cipher_suite, CBS_ASN1_OCTETSTRING))
191 a.tlsext_tick_lifetime.data = ibuf6; 87 goto err;
192 ASN1_INTEGER_set(&a.tlsext_tick_lifetime, 88 if (!CBB_add_u16(&cipher_suite, cid))
193 in->tlsext_tick_lifetime_hint); 89 goto err;
194 v9 = i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), NULL);
195 len += ASN1_object_size(1, v9, 9);
196 }
197 90
198 if (in->tlsext_tick) { 91 /* Session ID. */
199 a.tlsext_tick.length = in->tlsext_ticklen; 92 if (!CBB_add_asn1(&session, &session_id, CBS_ASN1_OCTETSTRING))
200 a.tlsext_tick.type = V_ASN1_OCTET_STRING; 93 goto err;
201 a.tlsext_tick.data = (unsigned char *)in->tlsext_tick; 94 if (!CBB_add_bytes(&session_id, s->session_id, s->session_id_length))
202 v10 = i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), NULL); 95 goto err;
203 len += ASN1_object_size(1, v10, 10); 96
97 /* Master key. */
98 if (!CBB_add_asn1(&session, &master_key, CBS_ASN1_OCTETSTRING))
99 goto err;
100 if (!CBB_add_bytes(&master_key, s->master_key, s->master_key_length))
101 goto err;
102
103 /* Time [1]. */
104 if (s->time != 0) {
105 if (s->time < 0)
106 goto err;
107 if (!CBB_add_asn1(&session, &time, SSLASN1_TIME_TAG))
108 goto err;
109 if (!CBB_add_asn1_uint64(&time, s->time))
110 goto err;
204 } 111 }
205 112
206 /* 11 - Compression method. */ 113 /* Timeout [2]. */
207 /* 12 - SRP username. */ 114 if (s->timeout != 0) {
208 115 if (s->timeout < 0)
209 /* If given a NULL pointer, return the length only. */ 116 goto err;
210 ret = (ASN1_object_size(1, len, V_ASN1_SEQUENCE)); 117 if (!CBB_add_asn1(&session, &timeout, SSLASN1_TIMEOUT_TAG))
211 if (pp == NULL) 118 goto err;
212 return (ret); 119 if (!CBB_add_asn1_uint64(&timeout, s->timeout))
213 120 goto err;
214 /* Burp out the ASN1. */
215 p = *pp;
216 ASN1_put_object(&p, 1, len, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
217 i2d_ASN1_INTEGER(&(a.version), &p);
218 i2d_ASN1_INTEGER(&(a.ssl_version), &p);
219 i2d_ASN1_OCTET_STRING(&(a.cipher), &p);
220 i2d_ASN1_OCTET_STRING(&(a.session_id), &p);
221 i2d_ASN1_OCTET_STRING(&(a.master_key), &p);
222 if (in->time != 0L) {
223 ASN1_put_object(&p, 1, v1, 1, V_ASN1_CONTEXT_SPECIFIC);
224 i2d_ASN1_INTEGER(&(a.time), &p);
225 } 121 }
226 if (in->timeout != 0L) { 122
227 ASN1_put_object(&p, 1, v2, 2, V_ASN1_CONTEXT_SPECIFIC); 123 /* Peer certificate [3]. */
228 i2d_ASN1_INTEGER(&(a.timeout), &p); 124 if (s->peer != NULL) {
125 if (!CBB_add_asn1(&session, &peer_cert, SSLASN1_PEER_CERT_TAG))
126 goto err;
127 if (!CBB_add_asn1(&peer_cert, &value, CBS_ASN1_OCTETSTRING))
128 goto err;
129 if ((len = i2d_X509(s->peer, &peer_cert_bytes)) <= 0)
130 goto err;
131 if (!CBB_add_bytes(&value, peer_cert_bytes, len))
132 goto err;
229 } 133 }
230 if (in->peer != NULL) { 134
231 ASN1_put_object(&p, 1, v3, 3, V_ASN1_CONTEXT_SPECIFIC); 135 /* Session ID context [4]. */
232 i2d_X509(in->peer, &p); 136 /* XXX - Actually handle this as optional? */
137 if (!CBB_add_asn1(&session, &sidctx, SSLASN1_SESSION_ID_CTX_TAG))
138 goto err;
139 if (!CBB_add_asn1(&sidctx, &value, CBS_ASN1_OCTETSTRING))
140 goto err;
141 if (!CBB_add_bytes(&value, s->sid_ctx, s->sid_ctx_length))
142 goto err;
143
144 /* Verify result [5]. */
145 if (s->verify_result != X509_V_OK) {
146 if (s->verify_result < 0)
147 goto err;
148 if (!CBB_add_asn1(&session, &verify_result,
149 SSLASN1_VERIFY_RESULT_TAG))
150 goto err;
151 if (!CBB_add_asn1_uint64(&verify_result, s->verify_result))
152 goto err;
233 } 153 }
234 ASN1_put_object(&p, 1, v4, 4, V_ASN1_CONTEXT_SPECIFIC); 154
235 i2d_ASN1_OCTET_STRING(&(a.session_id_context), &p); 155 /* Hostname [6]. */
236 if (in->verify_result != X509_V_OK) { 156 if (s->tlsext_hostname != NULL) {
237 ASN1_put_object(&p, 1, v5, 5, V_ASN1_CONTEXT_SPECIFIC); 157 if (!CBB_add_asn1(&session, &hostname, SSLASN1_HOSTNAME_TAG))
238 i2d_ASN1_INTEGER(&(a.verify_result), &p); 158 goto err;
159 if (!CBB_add_asn1(&hostname, &value, CBS_ASN1_OCTETSTRING))
160 goto err;
161 if (!CBB_add_bytes(&value, s->tlsext_hostname,
162 strlen(s->tlsext_hostname)))
163 goto err;
239 } 164 }
240 if (in->tlsext_hostname) { 165
241 ASN1_put_object(&p, 1, v6, 6, V_ASN1_CONTEXT_SPECIFIC); 166 /* PSK identity hint [7]. */
242 i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), &p); 167 /* PSK identity [8]. */
168
169 /* Ticket lifetime hint [9]. */
170 if (s->tlsext_tick_lifetime_hint > 0) {
171 if (!CBB_add_asn1(&session, &lifetime, SSLASN1_LIFETIME_TAG))
172 goto err;
173 if (!CBB_add_asn1_uint64(&lifetime,
174 s->tlsext_tick_lifetime_hint))
175 goto err;
243 } 176 }
244 /* 7 - PSK identity hint. */ 177
245 /* 8 - PSK identity. */ 178 /* Ticket [10]. */
246 if (in->tlsext_tick_lifetime_hint > 0) { 179 if (s->tlsext_tick) {
247 ASN1_put_object(&p, 1, v9, 9, V_ASN1_CONTEXT_SPECIFIC); 180 if (!CBB_add_asn1(&session, &ticket, SSLASN1_TICKET_TAG))
248 i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), &p); 181 goto err;
182 if (!CBB_add_asn1(&ticket, &value, CBS_ASN1_OCTETSTRING))
183 goto err;
184 if (!CBB_add_bytes(&value, s->tlsext_tick, s->tlsext_ticklen))
185 goto err;
249 } 186 }
250 if (in->tlsext_tick) { 187
251 ASN1_put_object(&p, 1, v10, 10, V_ASN1_CONTEXT_SPECIFIC); 188 /* Compression method [11]. */
252 i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), &p); 189 /* SRP username [12]. */
190
191 if (!CBB_finish(&cbb, &data, &data_len))
192 goto err;
193
194 if (data_len > INT_MAX)
195 goto err;
196
197 if (pp != NULL) {
198 if (*pp == NULL) {
199 *pp = data;
200 data = NULL;
201 } else {
202 memcpy(*pp, data, data_len);
203 }
253 } 204 }
254 /* 11 - Compression method. */
255 /* 12 - SRP username. */
256 205
257 *pp = p; 206 rv = (int)data_len;
258 return (ret); 207
208 err:
209 CBB_cleanup(&session);
210 free(peer_cert_bytes);
211 free(data);
212
213 return rv;
259} 214}
260 215
261SSL_SESSION * 216SSL_SESSION *
262d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) 217d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length)
263{ 218{
264 SSL_SESSION *ret = NULL; 219 CBS cbs, session, cipher_suite, session_id, master_key, peer_cert;
265 ASN1_const_CTX c; 220 CBS hostname, ticket;
266 ASN1_INTEGER ai, *aip; 221 uint64_t version, tls_version, stime, timeout, verify_result, lifetime;
267 ASN1_OCTET_STRING os, *osp; 222 const unsigned char *peer_cert_bytes;
268 int ssl_version = 0, i; 223 uint16_t cipher_value;
269 int Tinf, Ttag, Tclass; 224 SSL_SESSION *s = NULL;
270 long Tlen; 225 size_t data_len;
271 long id; 226 int present;
272 227
273 c.pp = pp; 228 if (a != NULL)
274 c.p = *pp; 229 s = *a;
275 c.q = *pp; 230
276 c.max = (length == 0) ? 0 : (c.p + length); 231 if (s == NULL) {
277 c.slen = length; 232 if ((s = SSL_SESSION_new()) == NULL) {
278 233 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_MALLOC_FAILURE);
279 if (a == NULL || *a == NULL) {
280 if ((ret = SSL_SESSION_new()) == NULL) {
281 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
282 goto err; 234 goto err;
283 } 235 }
284 } else 236 }
285 ret = *a;
286 237
287 aip = &ai; 238 CBS_init(&cbs, *pp, length);
288 osp = &os;
289 239
290 if (!asn1_GetSequence(&c, &length)) { 240 if (!CBS_get_asn1(&cbs, &session, CBS_ASN1_SEQUENCE))
291 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
292 goto err; 241 goto err;
293 }
294 242
295 ai.data = NULL; 243 /* Session ASN1 version. */
296 ai.length = 0; 244 if (!CBS_get_asn1_uint64(&session, &version))
297 c.q = c.p; 245 goto err;
298 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 246 if (version != SSL_SESSION_ASN1_VERSION)
299 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
300 goto err; 247 goto err;
301 }
302 c.slen -= (c.p - c.q);
303
304 if (ai.data != NULL) {
305 free(ai.data);
306 ai.data = NULL;
307 ai.length = 0;
308 }
309 248
310 /* we don't care about the version right now :-) */ 249 /* TLS/SSL Protocol Version. */
311 c.q = c.p; 250 if (!CBS_get_asn1_uint64(&session, &tls_version))
312 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) {
313 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
314 goto err; 251 goto err;
315 } 252 if (tls_version > INT_MAX)
316 c.slen -= (c.p - c.q); 253 goto err;
317 ssl_version = (int)ASN1_INTEGER_get(aip); 254 s->ssl_version = (int)tls_version;
318 ret->ssl_version = ssl_version;
319 if (ai.data != NULL) {
320 free(ai.data);
321 ai.data = NULL;
322 ai.length = 0;
323 }
324 255
325 os.data = NULL; 256 /* Cipher suite. */
326 os.length = 0; 257 if (!CBS_get_asn1(&session, &cipher_suite, CBS_ASN1_OCTETSTRING))
327 c.q = c.p;
328 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) {
329 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
330 goto err; 258 goto err;
331 } 259 if (!CBS_get_u16(&cipher_suite, &cipher_value))
332 c.slen -= (c.p - c.q); 260 goto err;
333 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) { 261 if (CBS_len(&cipher_suite) != 0)
334 if (os.length != 2) {
335 SSLerr(SSL_F_D2I_SSL_SESSION,
336 SSL_R_CIPHER_CODE_WRONG_LENGTH);
337 goto err;
338 }
339 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) |
340 (unsigned long)os.data[1];
341 } else {
342 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
343 goto err; 262 goto err;
344 }
345 263
346 ret->cipher = NULL; 264 /* XXX - populate cipher instead? */
347 ret->cipher_id = id; 265 s->cipher = NULL;
266 s->cipher_id = SSL3_CK_ID | cipher_value;
348 267
349 c.q = c.p; 268 /* Session ID. */
350 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 269 if (!CBS_get_asn1(&session, &session_id, CBS_ASN1_OCTETSTRING))
351 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
352 goto err; 270 goto err;
353 } 271 if (!CBS_write_bytes(&session_id, s->session_id, sizeof(s->session_id),
354 c.slen -= (c.p - c.q); 272 &data_len))
273 goto err;
274 if (data_len > UINT_MAX)
275 goto err;
276 s->session_id_length = (unsigned int)data_len;
355 277
356 i = SSL3_MAX_SSL_SESSION_ID_LENGTH; 278 /* Master key. */
357 if (os.length > i) 279 if (!CBS_get_asn1(&session, &master_key, CBS_ASN1_OCTETSTRING))
358 os.length = i; 280 goto err;
359 if (os.length > (int)sizeof(ret->session_id)) /* can't happen */ 281 if (!CBS_write_bytes(&master_key, s->master_key, sizeof(s->master_key),
360 os.length = sizeof(ret->session_id); 282 &data_len))
283 goto err;
284 if (data_len > INT_MAX)
285 goto err;
286 s->master_key_length = (int)data_len;
361 287
362 ret->session_id_length = os.length; 288 /* Time [1]. */
363 OPENSSL_assert(os.length <= (int)sizeof(ret->session_id)); 289 s->time = time(NULL);
364 memcpy(ret->session_id, os.data, os.length); 290 if (!CBS_get_optional_asn1_uint64(&session, &stime, SSLASN1_TIME_TAG,
291 0))
292 goto err;
293 if (stime > time_max())
294 goto err;
295 if (stime != 0)
296 s->time = (time_t)stime;
365 297
366 c.q = c.p; 298 /* Timeout [2]. */
367 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 299 s->timeout = 3;
368 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 300 if (!CBS_get_optional_asn1_uint64(&session, &timeout,
301 SSLASN1_TIMEOUT_TAG, 0))
369 goto err; 302 goto err;
370 } 303 if (timeout > LONG_MAX)
371 c.slen -= (c.p - c.q); 304 goto err;
372 if (os.length > SSL_MAX_MASTER_KEY_LENGTH) 305 if (timeout != 0)
373 ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH; 306 s->timeout = (long)timeout;
374 else 307
375 ret->master_key_length = os.length; 308 /* Peer certificate [3]. */
376 memcpy(ret->master_key, os.data, ret->master_key_length); 309 X509_free(s->peer);
377 310 s->peer = NULL;
378 os.length = 0; 311 if (!CBS_get_optional_asn1_octet_string(&session, &peer_cert, &present,
379 312 SSLASN1_PEER_CERT_TAG))
380 /* 1 - Time (INTEGER). */ 313 goto err;
381 /* XXX 2038 */ 314 if (present) {
382 ai.length = 0; 315 data_len = CBS_len(&peer_cert);
383 if (c.slen != 0L && 316 if (data_len > LONG_MAX)
384 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 1)) {
385 c.q = c.p;
386 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
387 if (Tinf & 0x80) {
388 SSLerr(SSL_F_D2I_SSL_SESSION,
389 ERR_R_BAD_ASN1_OBJECT_HEADER);
390 goto err;
391 }
392 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
393 Tlen = c.slen - (c.p - c.q) - 2;
394 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
395 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
396 goto err;
397 }
398 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
399 Tlen = c.slen - (c.p - c.q);
400 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
401 SSLerr(SSL_F_D2I_SSL_SESSION,
402 ERR_R_MISSING_ASN1_EOS);
403 goto err;
404 }
405 }
406 c.slen -= (c.p - c.q);
407 }
408 if (ai.data != NULL) {
409 ret->time = ASN1_INTEGER_get(aip);
410 free(ai.data);
411 ai.data = NULL;
412 ai.length = 0;
413 } else
414 ret->time = time(NULL);
415
416 /* 2 - Timeout (INTEGER). */
417 ai.length = 0;
418 if (c.slen != 0L &&
419 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 2)) {
420 c.q = c.p;
421 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
422 if (Tinf & 0x80) {
423 SSLerr(SSL_F_D2I_SSL_SESSION,
424 ERR_R_BAD_ASN1_OBJECT_HEADER);
425 goto err;
426 }
427 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
428 Tlen = c.slen - (c.p - c.q) - 2;
429 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
430 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
431 goto err;
432 }
433 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
434 Tlen = c.slen - (c.p - c.q);
435 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
436 SSLerr(SSL_F_D2I_SSL_SESSION,
437 ERR_R_MISSING_ASN1_EOS);
438 goto err;
439 }
440 }
441 c.slen -= (c.p - c.q);
442 }
443 if (ai.data != NULL) {
444 ret->timeout = ASN1_INTEGER_get(aip);
445 free(ai.data);
446 ai.data = NULL;
447 ai.length = 0;
448 } else
449 ret->timeout = 3;
450
451 /* 3 - Peer (X509). */
452 X509_free(ret->peer);
453 ret->peer = NULL;
454
455 if (c.slen != 0L &&
456 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 3)) {
457 c.q = c.p;
458 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
459 if (Tinf & 0x80) {
460 SSLerr(SSL_F_D2I_SSL_SESSION,
461 ERR_R_BAD_ASN1_OBJECT_HEADER);
462 goto err; 317 goto err;
463 } 318 peer_cert_bytes = CBS_data(&peer_cert);
464 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 319 if (d2i_X509(&s->peer, &peer_cert_bytes,
465 Tlen = c.slen - (c.p - c.q) - 2; 320 (long)data_len) == NULL)
466 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) {
467 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
468 goto err; 321 goto err;
469 }
470 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
471 Tlen = c.slen - (c.p - c.q);
472 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
473 SSLerr(SSL_F_D2I_SSL_SESSION,
474 ERR_R_MISSING_ASN1_EOS);
475 goto err;
476 }
477 }
478 c.slen -= (c.p - c.q);
479 } 322 }
480 323
481 /* 4 - Session ID (OCTET STRING). */ 324 /* Session ID context [4]. */
482 os.length = 0; 325 s->sid_ctx_length = 0;
483 free(os.data); 326 if (!CBS_get_optional_asn1_octet_string(&session, &session_id, &present,
484 os.data = NULL; 327 SSLASN1_SESSION_ID_CTX_TAG))
485 if (c.slen != 0L && 328 goto err;
486 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) { 329 if (present) {
487 c.q = c.p; 330 if (!CBS_write_bytes(&session_id, (uint8_t *)&s->sid_ctx,
488 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 331 sizeof(s->sid_ctx), &data_len))
489 if (Tinf & 0x80) {
490 SSLerr(SSL_F_D2I_SSL_SESSION,
491 ERR_R_BAD_ASN1_OBJECT_HEADER);
492 goto err;
493 }
494 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
495 Tlen = c.slen - (c.p - c.q) - 2;
496 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
497 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
498 goto err;
499 }
500 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
501 Tlen = c.slen - (c.p - c.q);
502 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
503 SSLerr(SSL_F_D2I_SSL_SESSION,
504 ERR_R_MISSING_ASN1_EOS);
505 goto err;
506 }
507 }
508 c.slen -= (c.p - c.q);
509 }
510 if (os.data != NULL) {
511 if (os.length > SSL_MAX_SID_CTX_LENGTH) {
512 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
513 goto err;
514 } else {
515 ret->sid_ctx_length = os.length;
516 memcpy(ret->sid_ctx, os.data, os.length);
517 }
518 free(os.data);
519 os.data = NULL;
520 os.length = 0;
521 } else
522 ret->sid_ctx_length = 0;
523
524 /* 5 - Verify_result. */
525 ai.length = 0;
526 if (c.slen != 0L &&
527 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 5)) {
528 c.q = c.p;
529 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
530 if (Tinf & 0x80) {
531 SSLerr(SSL_F_D2I_SSL_SESSION,
532 ERR_R_BAD_ASN1_OBJECT_HEADER);
533 goto err;
534 }
535 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
536 Tlen = c.slen - (c.p - c.q) - 2;
537 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
538 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
539 goto err;
540 }
541 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
542 Tlen = c.slen - (c.p - c.q);
543 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
544 SSLerr(SSL_F_D2I_SSL_SESSION,
545 ERR_R_MISSING_ASN1_EOS);
546 goto err;
547 }
548 }
549 c.slen -= (c.p - c.q);
550 }
551 if (ai.data != NULL) {
552 ret->verify_result = ASN1_INTEGER_get(aip);
553 free(ai.data);
554 ai.data = NULL;
555 ai.length = 0;
556 } else
557 ret->verify_result = X509_V_OK;
558
559 /* 6 - HostName (OCTET STRING). */
560 os.length = 0;
561 os.data = NULL;
562 if (c.slen != 0L &&
563 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 6)) {
564 c.q = c.p;
565 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen);
566 if (Tinf & 0x80) {
567 SSLerr(SSL_F_D2I_SSL_SESSION,
568 ERR_R_BAD_ASN1_OBJECT_HEADER);
569 goto err; 332 goto err;
570 } 333 if (data_len > UINT_MAX)
571 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
572 Tlen = c.slen - (c.p - c.q) - 2;
573 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) {
574 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
575 goto err; 334 goto err;
576 } 335 s->sid_ctx_length = (unsigned int)data_len;
577 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
578 Tlen = c.slen - (c.p - c.q);
579 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
580 SSLerr(SSL_F_D2I_SSL_SESSION,
581 ERR_R_MISSING_ASN1_EOS);
582 goto err;
583 }
584 }
585 c.slen -= (c.p - c.q);
586 } 336 }
587 if (os.data) { 337
588 ret->tlsext_hostname = strndup((char *)os.data, os.length); 338 /* Verify result [5]. */
589 free(os.data); 339 s->verify_result = X509_V_OK;
590 os.data = NULL; 340 if (!CBS_get_optional_asn1_uint64(&session, &verify_result,
591 os.length = 0; 341 SSLASN1_VERIFY_RESULT_TAG, X509_V_OK))
592 } else 342 goto err;
593 ret->tlsext_hostname = NULL; 343 if (verify_result > LONG_MAX)
594 344 goto err;
595 /* 7 - PSK identity hint (OCTET STRING). */ 345 s->verify_result = (long)verify_result;
596 /* 8 - PSK identity (OCTET STRING). */ 346
597 347 /* Hostname [6]. */
598 /* 9 - Ticket lifetime. */ 348 free(s->tlsext_hostname);
599 ai.length = 0; 349 s->tlsext_hostname = NULL;
600 if (c.slen != 0L && 350 if (!CBS_get_optional_asn1_octet_string(&session, &hostname, &present,
601 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 9)) { 351 SSLASN1_HOSTNAME_TAG))
602 c.q = c.p; 352 goto err;
603 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 353 if (present) {
604 if (Tinf & 0x80) { 354 if (CBS_contains_zero_byte(&hostname))
605 SSLerr(SSL_F_D2I_SSL_SESSION,
606 ERR_R_BAD_ASN1_OBJECT_HEADER);
607 goto err; 355 goto err;
608 } 356 if (!CBS_strdup(&hostname, &s->tlsext_hostname))
609 if (Tinf == (V_ASN1_CONSTRUCTED + 1))
610 Tlen = c.slen - (c.p - c.q) - 2;
611 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) {
612 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
613 goto err; 357 goto err;
614 }
615 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
616 Tlen = c.slen - (c.p - c.q);
617 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
618 SSLerr(SSL_F_D2I_SSL_SESSION,
619 ERR_R_MISSING_ASN1_EOS);
620 goto err;
621 }
622 }
623 c.slen -= (c.p - c.q);
624 } 358 }
625 if (ai.data != NULL) { 359
626 ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip); 360 /* PSK identity hint [7]. */
627 free(ai.data); 361 /* PSK identity [8]. */
628 ai.data = NULL; 362
629 ai.length = 0; 363 /* Ticket lifetime [9]. */
630 } else if (ret->tlsext_ticklen && ret->session_id_length) 364 s->tlsext_tick_lifetime_hint = 0;
631 ret->tlsext_tick_lifetime_hint = -1; 365 /* XXX - tlsext_ticklen is not yet set... */
632 else 366 if (s->tlsext_ticklen > 0 && s->session_id_length > 0)
633 ret->tlsext_tick_lifetime_hint = 0; 367 s->tlsext_tick_lifetime_hint = -1;
634 os.length = 0; 368 if (!CBS_get_optional_asn1_uint64(&session, &lifetime,
635 os.data = NULL; 369 SSLASN1_LIFETIME_TAG, 0))
636 370 goto err;
637 /* 10 - Ticket (OCTET STRING). */ 371 if (lifetime > LONG_MAX)
638 if (c.slen != 0L && 372 goto err;
639 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 10)) { 373 if (lifetime > 0)
640 c.q = c.p; 374 s->tlsext_tick_lifetime_hint = (long)lifetime;
641 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 375
642 if (Tinf & 0x80) { 376 /* Ticket [10]. */
643 SSLerr(SSL_F_D2I_SSL_SESSION, 377 free(s->tlsext_tick);
644 ERR_R_BAD_ASN1_OBJECT_HEADER); 378 s->tlsext_tick = NULL;
645 goto err; 379 if (!CBS_get_optional_asn1_octet_string(&session, &ticket, &present,
646 } 380 SSLASN1_TICKET_TAG))
647 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 381 goto err;
648 Tlen = c.slen - (c.p - c.q) - 2; 382 if (present) {
649 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 383 if (!CBS_stow(&ticket, &s->tlsext_tick, &s->tlsext_ticklen))
650 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
651 goto err; 384 goto err;
652 }
653 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) {
654 Tlen = c.slen - (c.p - c.q);
655 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) {
656 SSLerr(SSL_F_D2I_SSL_SESSION,
657 ERR_R_MISSING_ASN1_EOS);
658 goto err;
659 }
660 }
661 c.slen -= (c.p - c.q);
662 } 385 }
663 if (os.data) {
664 ret->tlsext_tick = os.data;
665 ret->tlsext_ticklen = os.length;
666 os.data = NULL;
667 os.length = 0;
668 } else
669 ret->tlsext_tick = NULL;
670 386
671 /* 11 - Compression method (OCTET STRING). */ 387 /* Compression method [11]. */
672 /* 12 - SRP username (OCTET STRING). */ 388 /* SRP username [12]. */
673 389
674 if (!asn1_const_Finish(&c)) { 390 *pp = CBS_data(&cbs);
675 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR);
676 goto err;
677 }
678 391
679 *pp = c.p;
680 if (a != NULL) 392 if (a != NULL)
681 *a = ret; 393 *a = s;
682 394
683 return (ret); 395 return (s);
684 396
685err: 397err:
686 ERR_asprintf_error_data("offset=%d", (int)(c.q - *pp)); 398 ERR_asprintf_error_data("offset=%d", (int)(CBS_data(&cbs) - *pp));
687 if (ret != NULL && (a == NULL || *a != ret)) 399
688 SSL_SESSION_free(ret); 400 if (s != NULL && (a == NULL || *a != s))
401 SSL_SESSION_free(s);
689 402
690 return (NULL); 403 return (NULL);
691} 404}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 08:26:39 +0000