diff options
Diffstat (limited to 'src/lib/libssl/tls12_record_layer.c')
| -rw-r--r-- | src/lib/libssl/tls12_record_layer.c | 47 |
1 files changed, 28 insertions, 19 deletions
diff --git a/src/lib/libssl/tls12_record_layer.c b/src/lib/libssl/tls12_record_layer.c index b45a625fd4..0104443286 100644 --- a/src/lib/libssl/tls12_record_layer.c +++ b/src/lib/libssl/tls12_record_layer.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls12_record_layer.c,v 1.14 2021/01/20 07:05:25 tb Exp $ */ | 1 | /* $OpenBSD: tls12_record_layer.c,v 1.15 2021/01/26 14:22:20 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2020 Joel Sing <jsing@openbsd.org> |
| 4 | * | 4 | * |
| @@ -23,6 +23,7 @@ | |||
| 23 | 23 | ||
| 24 | struct tls12_record_protection { | 24 | struct tls12_record_protection { |
| 25 | uint16_t epoch; | 25 | uint16_t epoch; |
| 26 | uint8_t seq_num[SSL3_SEQUENCE_SIZE]; | ||
| 26 | 27 | ||
| 27 | int stream_mac; | 28 | int stream_mac; |
| 28 | 29 | ||
| @@ -37,8 +38,6 @@ struct tls12_record_protection { | |||
| 37 | 38 | ||
| 38 | EVP_CIPHER_CTX *cipher_ctx; | 39 | EVP_CIPHER_CTX *cipher_ctx; |
| 39 | EVP_MD_CTX *hash_ctx; | 40 | EVP_MD_CTX *hash_ctx; |
| 40 | |||
| 41 | uint8_t *seq_num; | ||
| 42 | }; | 41 | }; |
| 43 | 42 | ||
| 44 | static struct tls12_record_protection * | 43 | static struct tls12_record_protection * |
| @@ -48,12 +47,22 @@ tls12_record_protection_new(void) | |||
| 48 | } | 47 | } |
| 49 | 48 | ||
| 50 | static void | 49 | static void |
| 50 | tls12_record_protection_clear(struct tls12_record_protection *rp) | ||
| 51 | { | ||
| 52 | memset(rp->seq_num, 0, sizeof(rp->seq_num)); | ||
| 53 | |||
| 54 | freezero(rp->mac_key, rp->mac_key_len); | ||
| 55 | rp->mac_key = NULL; | ||
| 56 | rp->mac_key_len = 0; | ||
| 57 | } | ||
| 58 | |||
| 59 | static void | ||
| 51 | tls12_record_protection_free(struct tls12_record_protection *rp) | 60 | tls12_record_protection_free(struct tls12_record_protection *rp) |
| 52 | { | 61 | { |
| 53 | if (rp == NULL) | 62 | if (rp == NULL) |
| 54 | return; | 63 | return; |
| 55 | 64 | ||
| 56 | freezero(rp->mac_key, rp->mac_key_len); | 65 | tls12_record_protection_clear(rp); |
| 57 | 66 | ||
| 58 | freezero(rp, sizeof(struct tls12_record_protection)); | 67 | freezero(rp, sizeof(struct tls12_record_protection)); |
| 59 | } | 68 | } |
| @@ -294,32 +303,24 @@ void | |||
| 294 | tls12_record_layer_clear_read_state(struct tls12_record_layer *rl) | 303 | tls12_record_layer_clear_read_state(struct tls12_record_layer *rl) |
| 295 | { | 304 | { |
| 296 | tls12_record_layer_set_read_state(rl, NULL, NULL, NULL, 0); | 305 | tls12_record_layer_set_read_state(rl, NULL, NULL, NULL, 0); |
| 297 | tls12_record_layer_set_read_mac_key(rl, NULL, 0); | 306 | tls12_record_protection_clear(rl->read); |
| 298 | rl->read->seq_num = NULL; | ||
| 299 | } | 307 | } |
| 300 | 308 | ||
| 301 | void | 309 | void |
| 302 | tls12_record_layer_clear_write_state(struct tls12_record_layer *rl) | 310 | tls12_record_layer_clear_write_state(struct tls12_record_layer *rl) |
| 303 | { | 311 | { |
| 304 | tls12_record_layer_set_write_state(rl, NULL, NULL, NULL, 0); | 312 | tls12_record_layer_set_write_state(rl, NULL, NULL, NULL, 0); |
| 305 | rl->write->seq_num = NULL; | 313 | tls12_record_protection_clear(rl->write); |
| 306 | 314 | ||
| 307 | tls12_record_protection_free(rl->write_previous); | 315 | tls12_record_protection_free(rl->write_previous); |
| 308 | rl->write_previous = NULL; | 316 | rl->write_previous = NULL; |
| 309 | } | 317 | } |
| 310 | 318 | ||
| 311 | void | 319 | void |
| 312 | tls12_record_layer_set_read_seq_num(struct tls12_record_layer *rl, | 320 | tls12_record_layer_reflect_seq_num(struct tls12_record_layer *rl) |
| 313 | uint8_t *seq_num) | ||
| 314 | { | 321 | { |
| 315 | rl->read->seq_num = seq_num; | 322 | memcpy(rl->write->seq_num, rl->read->seq_num, |
| 316 | } | 323 | sizeof(rl->write->seq_num)); |
| 317 | |||
| 318 | void | ||
| 319 | tls12_record_layer_set_write_seq_num(struct tls12_record_layer *rl, | ||
| 320 | uint8_t *seq_num) | ||
| 321 | { | ||
| 322 | rl->write->seq_num = seq_num; | ||
| 323 | } | 324 | } |
| 324 | 325 | ||
| 325 | int | 326 | int |
| @@ -391,6 +392,8 @@ tls12_record_layer_change_read_cipher_state(struct tls12_record_layer *rl, | |||
| 391 | if ((read_new = tls12_record_protection_new()) == NULL) | 392 | if ((read_new = tls12_record_protection_new()) == NULL) |
| 392 | goto err; | 393 | goto err; |
| 393 | 394 | ||
| 395 | /* Read sequence number gets reset to zero. */ | ||
| 396 | |||
| 394 | /* XXX - change cipher state. */ | 397 | /* XXX - change cipher state. */ |
| 395 | 398 | ||
| 396 | tls12_record_protection_free(rl->read_current); | 399 | tls12_record_protection_free(rl->read_current); |
| @@ -416,6 +419,8 @@ tls12_record_layer_change_write_cipher_state(struct tls12_record_layer *rl, | |||
| 416 | if ((write_new = tls12_record_protection_new()) == NULL) | 419 | if ((write_new = tls12_record_protection_new()) == NULL) |
| 417 | goto err; | 420 | goto err; |
| 418 | 421 | ||
| 422 | /* Write sequence number gets reset to zero. */ | ||
| 423 | |||
| 419 | /* XXX - change cipher state. */ | 424 | /* XXX - change cipher state. */ |
| 420 | 425 | ||
| 421 | if (rl->dtls) { | 426 | if (rl->dtls) { |
| @@ -434,6 +439,7 @@ tls12_record_layer_change_write_cipher_state(struct tls12_record_layer *rl, | |||
| 434 | 439 | ||
| 435 | return ret; | 440 | return ret; |
| 436 | } | 441 | } |
| 442 | |||
| 437 | static int | 443 | static int |
| 438 | tls12_record_layer_build_seq_num(struct tls12_record_layer *rl, CBB *cbb, | 444 | tls12_record_layer_build_seq_num(struct tls12_record_layer *rl, CBB *cbb, |
| 439 | uint16_t epoch, uint8_t *seq_num, size_t seq_num_len) | 445 | uint16_t epoch, uint8_t *seq_num, size_t seq_num_len) |
| @@ -896,7 +902,7 @@ tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf, | |||
| 896 | uint8_t content_type; | 902 | uint8_t content_type; |
| 897 | 903 | ||
| 898 | CBS_init(&cbs, buf, buf_len); | 904 | CBS_init(&cbs, buf, buf_len); |
| 899 | CBS_init(&seq_num, rl->read->seq_num, SSL3_SEQUENCE_SIZE); | 905 | CBS_init(&seq_num, rl->read->seq_num, sizeof(rl->read->seq_num)); |
| 900 | 906 | ||
| 901 | if (!CBS_get_u8(&cbs, &content_type)) | 907 | if (!CBS_get_u8(&cbs, &content_type)) |
| 902 | return 0; | 908 | return 0; |
| @@ -912,6 +918,9 @@ tls12_record_layer_open_record(struct tls12_record_layer *rl, uint8_t *buf, | |||
| 912 | */ | 918 | */ |
| 913 | if (!CBS_get_bytes(&cbs, &seq_num, SSL3_SEQUENCE_SIZE)) | 919 | if (!CBS_get_bytes(&cbs, &seq_num, SSL3_SEQUENCE_SIZE)) |
| 914 | return 0; | 920 | return 0; |
| 921 | if (!CBS_write_bytes(&seq_num, rl->read->seq_num, | ||
| 922 | sizeof(rl->read->seq_num), NULL)) | ||
| 923 | return 0; | ||
| 915 | } | 924 | } |
| 916 | if (!CBS_get_u16_length_prefixed(&cbs, &fragment)) | 925 | if (!CBS_get_u16_length_prefixed(&cbs, &fragment)) |
| 917 | return 0; | 926 | return 0; |
| @@ -1096,7 +1105,7 @@ tls12_record_layer_seal_record(struct tls12_record_layer *rl, | |||
| 1096 | if (!CBB_init(&seq_num_cbb, SSL3_SEQUENCE_SIZE)) | 1105 | if (!CBB_init(&seq_num_cbb, SSL3_SEQUENCE_SIZE)) |
| 1097 | goto err; | 1106 | goto err; |
| 1098 | if (!tls12_record_layer_build_seq_num(rl, &seq_num_cbb, rl->write->epoch, | 1107 | if (!tls12_record_layer_build_seq_num(rl, &seq_num_cbb, rl->write->epoch, |
| 1099 | rl->write->seq_num, SSL3_SEQUENCE_SIZE)) | 1108 | rl->write->seq_num, sizeof(rl->write->seq_num))) |
| 1100 | goto err; | 1109 | goto err; |
| 1101 | if (!CBB_finish(&seq_num_cbb, &seq_num_data, &seq_num_len)) | 1110 | if (!CBB_finish(&seq_num_cbb, &seq_num_data, &seq_num_len)) |
| 1102 | goto err; | 1111 | goto err; |