summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls12_record_layer.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/tls12_record_layer.c')
-rw-r--r--src/lib/libssl/tls12_record_layer.c79
1 files changed, 43 insertions, 36 deletions
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c
index 3568e1876a..a65906697d 100644
--- a/src/lib/libssl/tls12_record_layer.c
+++ b/src/lib/libssl/tls12_record_layer.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls12_record_layer.c,v 1.36 2022/01/14 09:12:15 tb Exp $ */ 1/* $OpenBSD: tls12_record_layer.c,v 1.37 2022/11/11 17:15:26 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2020 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -864,28 +864,25 @@ tls12_record_layer_aead_xored_nonce(struct tls12_record_layer *rl,
864 864
865static int 865static int
866tls12_record_layer_open_record_plaintext(struct tls12_record_layer *rl, 866tls12_record_layer_open_record_plaintext(struct tls12_record_layer *rl,
867 uint8_t content_type, CBS *fragment, uint8_t **out, size_t *out_len) 867 uint8_t content_type, CBS *fragment, struct tls_content *out)
868{ 868{
869 if (tls12_record_protection_engaged(rl->read)) 869 if (tls12_record_protection_engaged(rl->read))
870 return 0; 870 return 0;
871 871
872 /* XXX - decrypt/process in place for now. */ 872 return tls_content_dup_data(out, content_type, CBS_data(fragment),
873 *out = (uint8_t *)CBS_data(fragment); 873 CBS_len(fragment));
874 *out_len = CBS_len(fragment);
875
876 return 1;
877} 874}
878 875
879static int 876static int
880tls12_record_layer_open_record_protected_aead(struct tls12_record_layer *rl, 877tls12_record_layer_open_record_protected_aead(struct tls12_record_layer *rl,
881 uint8_t content_type, CBS *seq_num, CBS *fragment, uint8_t **out, 878 uint8_t content_type, CBS *seq_num, CBS *fragment, struct tls_content *out)
882 size_t *out_len)
883{ 879{
884 struct tls12_record_protection *rp = rl->read; 880 struct tls12_record_protection *rp = rl->read;
885 uint8_t *header = NULL; 881 uint8_t *header = NULL;
886 size_t header_len = 0; 882 size_t header_len = 0;
887 uint8_t *plain; 883 uint8_t *content = NULL;
888 size_t plain_len; 884 size_t content_len = 0;
885 size_t out_len = 0;
889 CBS var_nonce; 886 CBS var_nonce;
890 int ret = 0; 887 int ret = 0;
891 888
@@ -913,43 +910,47 @@ tls12_record_layer_open_record_protected_aead(struct tls12_record_layer *rl,
913 goto err; 910 goto err;
914 } 911 }
915 912
916 /* XXX - decrypt/process in place for now. */ 913 content_len = CBS_len(fragment) - rp->aead_tag_len;
917 plain = (uint8_t *)CBS_data(fragment); 914 if ((content = calloc(1, CBS_len(fragment))) == NULL) {
918 plain_len = CBS_len(fragment) - rp->aead_tag_len; 915 content_len = 0;
916 goto err;
917 }
919 918
920 if (!tls12_record_layer_pseudo_header(rl, content_type, plain_len, 919 if (!tls12_record_layer_pseudo_header(rl, content_type, content_len,
921 seq_num, &header, &header_len)) 920 seq_num, &header, &header_len))
922 goto err; 921 goto err;
923 922
924 if (!EVP_AEAD_CTX_open(rp->aead_ctx, plain, out_len, plain_len, 923 if (!EVP_AEAD_CTX_open(rp->aead_ctx, content, &out_len, content_len,
925 rp->aead_nonce, rp->aead_nonce_len, CBS_data(fragment), 924 rp->aead_nonce, rp->aead_nonce_len, CBS_data(fragment),
926 CBS_len(fragment), header, header_len)) { 925 CBS_len(fragment), header, header_len)) {
927 rl->alert_desc = SSL_AD_BAD_RECORD_MAC; 926 rl->alert_desc = SSL_AD_BAD_RECORD_MAC;
928 goto err; 927 goto err;
929 } 928 }
930 929
931 if (*out_len > SSL3_RT_MAX_PLAIN_LENGTH) { 930 if (out_len > SSL3_RT_MAX_PLAIN_LENGTH) {
932 rl->alert_desc = SSL_AD_RECORD_OVERFLOW; 931 rl->alert_desc = SSL_AD_RECORD_OVERFLOW;
933 goto err; 932 goto err;
934 } 933 }
935 934
936 if (*out_len != plain_len) 935 if (out_len != content_len)
937 goto err; 936 goto err;
938 937
939 *out = plain; 938 tls_content_set_data(out, content_type, content, content_len);
939 content = NULL;
940 content_len = 0;
940 941
941 ret = 1; 942 ret = 1;
942 943
943 err: 944 err:
944 freezero(header, header_len); 945 freezero(header, header_len);
946 freezero(content, content_len);
945 947
946 return ret; 948 return ret;
947} 949}
948 950
949static int 951static int
950tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl, 952tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
951 uint8_t content_type, CBS *seq_num, CBS *fragment, uint8_t **out, 953 uint8_t content_type, CBS *seq_num, CBS *fragment, struct tls_content *out)
952 size_t *out_len)
953{ 954{
954 EVP_CIPHER_CTX *enc = rl->read->cipher_ctx; 955 EVP_CIPHER_CTX *enc = rl->read->cipher_ctx;
955 SSL3_RECORD_INTERNAL rrec; 956 SSL3_RECORD_INTERNAL rrec;
@@ -958,8 +959,8 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
958 size_t mac_len = 0; 959 size_t mac_len = 0;
959 uint8_t *out_mac = NULL; 960 uint8_t *out_mac = NULL;
960 size_t out_mac_len = 0; 961 size_t out_mac_len = 0;
961 uint8_t *plain; 962 uint8_t *content = NULL;
962 size_t plain_len; 963 size_t content_len = 0;
963 size_t min_len; 964 size_t min_len;
964 CBB cbb_mac; 965 CBB cbb_mac;
965 int ret = 0; 966 int ret = 0;
@@ -1001,16 +1002,16 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
1001 goto err; 1002 goto err;
1002 } 1003 }
1003 1004
1004 /* XXX - decrypt/process in place for now. */ 1005 if ((content = calloc(1, CBS_len(fragment))) == NULL)
1005 plain = (uint8_t *)CBS_data(fragment); 1006 goto err;
1006 plain_len = CBS_len(fragment); 1007 content_len = CBS_len(fragment);
1007 1008
1008 if (!EVP_Cipher(enc, plain, CBS_data(fragment), plain_len)) 1009 if (!EVP_Cipher(enc, content, CBS_data(fragment), CBS_len(fragment)))
1009 goto err; 1010 goto err;
1010 1011
1011 rrec.data = plain; 1012 rrec.data = content;
1012 rrec.input = plain; 1013 rrec.input = content;
1013 rrec.length = plain_len; 1014 rrec.length = content_len;
1014 1015
1015 /* 1016 /*
1016 * We now have to remove padding, extract MAC, calculate MAC 1017 * We now have to remove padding, extract MAC, calculate MAC
@@ -1058,8 +1059,13 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
1058 goto err; 1059 goto err;
1059 } 1060 }
1060 1061
1061 *out = rrec.data; 1062 tls_content_set_data(out, content_type, content, content_len);
1062 *out_len = rrec.length; 1063 content = NULL;
1064 content_len = 0;
1065
1066 /* Actual content is after EIV, minus padding and MAC. */
1067 if (!tls_content_set_bounds(out, eiv_len, rrec.length))
1068 goto err;
1063 1069
1064 ret = 1; 1070 ret = 1;
1065 1071
@@ -1067,13 +1073,14 @@ tls12_record_layer_open_record_protected_cipher(struct tls12_record_layer *rl,
1067 CBB_cleanup(&cbb_mac); 1073 CBB_cleanup(&cbb_mac);
1068 freezero(mac, mac_len); 1074 freezero(mac, mac_len);
1069 freezero(out_mac, out_mac_len); 1075 freezero(out_mac, out_mac_len);
1076 freezero(content, content_len);
1070 1077
1071 return ret; 1078 return ret;
1072} 1079}
1073 1080
1074int 1081int
1075tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf, 1082tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf,
1076 size_t buf_len, uint8_t **out, size_t *out_len) 1083 size_t buf_len, struct tls_content *out)
1077{ 1084{
1078 CBS cbs, fragment, seq_num; 1085 CBS cbs, fragment, seq_num;
1079 uint16_t version; 1086 uint16_t version;
@@ -1105,15 +1112,15 @@ tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf,
1105 1112
1106 if (rl->read->aead_ctx != NULL) { 1113 if (rl->read->aead_ctx != NULL) {
1107 if (!tls12_record_layer_open_record_protected_aead(rl, 1114 if (!tls12_record_layer_open_record_protected_aead(rl,
1108 content_type, &seq_num, &fragment, out, out_len)) 1115 content_type, &seq_num, &fragment, out))
1109 return 0; 1116 return 0;
1110 } else if (rl->read->cipher_ctx != NULL) { 1117 } else if (rl->read->cipher_ctx != NULL) {
1111 if (!tls12_record_layer_open_record_protected_cipher(rl, 1118 if (!tls12_record_layer_open_record_protected_cipher(rl,
1112 content_type, &seq_num, &fragment, out, out_len)) 1119 content_type, &seq_num, &fragment, out))
1113 return 0; 1120 return 0;
1114 } else { 1121 } else {
1115 if (!tls12_record_layer_open_record_plaintext(rl, 1122 if (!tls12_record_layer_open_record_plaintext(rl,
1116 content_type, &fragment, out, out_len)) 1123 content_type, &fragment, out))
1117 return 0; 1124 return 0;
1118 } 1125 }
1119 1126