diff options
Diffstat (limited to 'ssl/record')
-rw-r--r-- | ssl/record/build.info | 2 | ||||
-rw-r--r-- | ssl/record/methods/recmethod_local.h | 91 | ||||
-rw-r--r-- | ssl/record/methods/tls_common.c | 15 | ||||
-rw-r--r-- | ssl/record/methods/tlsany_meth.c | 2 | ||||
-rw-r--r-- | ssl/record/rec_layer_d1.c | 2 | ||||
-rw-r--r-- | ssl/record/rec_layer_s3.c | 56 | ||||
-rw-r--r-- | ssl/record/record.h | 67 | ||||
-rw-r--r-- | ssl/record/record_local.h | 51 | ||||
-rw-r--r-- | ssl/record/ssl3_record.c | 87 |
9 files changed, 166 insertions, 207 deletions
diff --git a/ssl/record/build.info b/ssl/record/build.info index 42bc3f3611..9703d169d6 100644 --- a/ssl/record/build.info +++ b/ssl/record/build.info @@ -11,7 +11,7 @@ IF[{- !$disabled{asm} -}] ENDIF SOURCE[../../libssl]=\ - rec_layer_s3.c rec_layer_d1.c ssl3_record.c + rec_layer_s3.c rec_layer_d1.c DEFINE[../../libssl]=$AESDEF diff --git a/ssl/record/methods/recmethod_local.h b/ssl/record/methods/recmethod_local.h index 80cf8fa973..32950769fc 100644 --- a/ssl/record/methods/recmethod_local.h +++ b/ssl/record/methods/recmethod_local.h @@ -20,6 +20,76 @@ typedef struct dtls_bitmap_st { unsigned char max_seq_num[SEQ_NUM_SIZE]; } DTLS_BITMAP; +typedef struct ssl_mac_buf_st { + unsigned char *mac; + int alloced; +} SSL_MAC_BUF; + +typedef struct ssl3_buffer_st { + /* at least SSL3_RT_MAX_PACKET_SIZE bytes */ + unsigned char *buf; + /* default buffer size (or 0 if no default set) */ + size_t default_len; + /* buffer size */ + size_t len; + /* where to 'copy from' */ + size_t offset; + /* how many bytes left */ + size_t left; + /* 'buf' is from application for KTLS */ + int app_buffer; + /* The type of data stored in this buffer. Only used for writing */ + int type; +} SSL3_BUFFER; + +typedef struct ssl3_record_st { + /* Record layer version */ + /* r */ + int rec_version; + /* type of record */ + /* r */ + int type; + /* How many bytes available */ + /* rw */ + size_t length; + /* + * How many bytes were available before padding was removed? This is used + * to implement the MAC check in constant time for CBC records. + */ + /* rw */ + size_t orig_len; + /* read/write offset into 'buf' */ + /* r */ + size_t off; + /* pointer to the record data */ + /* rw */ + unsigned char *data; + /* where the decode bytes are */ + /* rw */ + unsigned char *input; + /* only used with decompression - malloc()ed */ + /* r */ + unsigned char *comp; + /* epoch number, needed by DTLS1 */ + /* r */ + uint16_t epoch; + /* sequence number, needed by DTLS1 */ + /* r */ + unsigned char seq_num[SEQ_NUM_SIZE]; +} SSL3_RECORD; + +/* Macros/functions provided by the SSL3_RECORD component */ + +#define SSL3_RECORD_set_type(r, t) ((r)->type = (t)) +#define SSL3_RECORD_set_rec_version(r, v) ((r)->rec_version = (v)) +#define SSL3_RECORD_get_length(r) ((r)->length) +#define SSL3_RECORD_set_length(r, l) ((r)->length = (l)) +#define SSL3_RECORD_add_length(r, l) ((r)->length += (l)) +#define SSL3_RECORD_set_data(r, d) ((r)->data = (d)) +#define SSL3_RECORD_set_input(r, i) ((r)->input = (i)) +#define SSL3_RECORD_reset_input(r) ((r)->input = (r)->data) + + /* Protocol version specific function pointers */ struct record_functions_st { @@ -329,10 +399,31 @@ void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason, || (rl)->version == TLS1_2_VERSION \ || (rl)->isdtls) +void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num); + int ossl_set_tls_provider_parameters(OSSL_RECORD_LAYER *rl, EVP_CIPHER_CTX *ctx, const EVP_CIPHER *ciph, const EVP_MD *md); + +/* tls_pad.c */ +int ssl3_cbc_remove_padding_and_mac(size_t *reclen, + size_t origreclen, + unsigned char *recdata, + unsigned char **mac, + int *alloced, + size_t block_size, size_t mac_size, + OSSL_LIB_CTX *libctx); + +int tls1_cbc_remove_padding_and_mac(size_t *reclen, + size_t origreclen, + unsigned char *recdata, + unsigned char **mac, + int *alloced, + size_t block_size, size_t mac_size, + int aead, + OSSL_LIB_CTX *libctx); + /* ssl3_cbc.c */ __owur char ssl3_cbc_record_digest_supported(const EVP_MD_CTX *ctx); __owur int ssl3_cbc_digest_record(const EVP_MD *md, diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 730e4f7d63..0b3635d2bd 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -28,6 +28,21 @@ void SSL3_BUFFER_release(SSL3_BUFFER *b) b->buf = NULL; } +static void SSL3_RECORD_release(SSL3_RECORD *r, size_t num_recs) +{ + size_t i; + + for (i = 0; i < num_recs; i++) { + OPENSSL_free(r[i].comp); + r[i].comp = NULL; + } +} + +void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num) +{ + memcpy(r->seq_num, seq_num, SEQ_NUM_SIZE); +} + void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason, const char *fmt, ...) { diff --git a/ssl/record/methods/tlsany_meth.c b/ssl/record/methods/tlsany_meth.c index e52bebfba0..34a070d816 100644 --- a/ssl/record/methods/tlsany_meth.c +++ b/ssl/record/methods/tlsany_meth.c @@ -12,6 +12,8 @@ #include "../record_local.h" #include "recmethod_local.h" +#define MIN_SSL2_RECORD_LEN 9 + static int tls_any_set_crypto_state(OSSL_RECORD_LAYER *rl, int level, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, diff --git a/ssl/record/rec_layer_d1.c b/ssl/record/rec_layer_d1.c index 729f1a16e2..88f596e239 100644 --- a/ssl/record/rec_layer_d1.c +++ b/ssl/record/rec_layer_d1.c @@ -70,7 +70,7 @@ void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl) d->buffered_app_data.q = buffered_app_data; } -int dtls_buffer_record(SSL_CONNECTION *s, TLS_RECORD *rec) +static int dtls_buffer_record(SSL_CONNECTION *s, TLS_RECORD *rec) { TLS_RECORD *rdata; pitem *item; diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 32bd7cf7c2..9a4cd85389 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -66,6 +66,62 @@ int RECORD_LAYER_write_pending(const RECORD_LAYER *rl) return rl->wpend_tot > 0; } +static uint32_t ossl_get_max_early_data(SSL_CONNECTION *s) +{ + uint32_t max_early_data; + SSL_SESSION *sess = s->session; + + /* + * If we are a client then we always use the max_early_data from the + * session/psksession. Otherwise we go with the lowest out of the max early + * data set in the session and the configured max_early_data. + */ + if (!s->server && sess->ext.max_early_data == 0) { + if (!ossl_assert(s->psksession != NULL + && s->psksession->ext.max_early_data > 0)) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); + return 0; + } + sess = s->psksession; + } + + if (!s->server) + max_early_data = sess->ext.max_early_data; + else if (s->ext.early_data != SSL_EARLY_DATA_ACCEPTED) + max_early_data = s->recv_max_early_data; + else + max_early_data = s->recv_max_early_data < sess->ext.max_early_data + ? s->recv_max_early_data : sess->ext.max_early_data; + + return max_early_data; +} + +static int ossl_early_data_count_ok(SSL_CONNECTION *s, size_t length, + size_t overhead, int send) +{ + uint32_t max_early_data; + + max_early_data = ossl_get_max_early_data(s); + + if (max_early_data == 0) { + SSLfatal(s, send ? SSL_AD_INTERNAL_ERROR : SSL_AD_UNEXPECTED_MESSAGE, + SSL_R_TOO_MUCH_EARLY_DATA); + return 0; + } + + /* If we are dealing with ciphertext we need to allow for the overhead */ + max_early_data += overhead; + + if (s->early_data_count + length > max_early_data) { + SSLfatal(s, send ? SSL_AD_INTERNAL_ERROR : SSL_AD_UNEXPECTED_MESSAGE, + SSL_R_TOO_MUCH_EARLY_DATA); + return 0; + } + s->early_data_count += length; + + return 1; +} + size_t ssl3_pending(const SSL *s) { size_t i, num = 0; diff --git a/ssl/record/record.h b/ssl/record/record.h index d835703c13..06838146e8 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -8,7 +8,6 @@ */ typedef struct ssl_connection_st SSL_CONNECTION; -typedef struct ssl3_buffer_st SSL3_BUFFER; #include <openssl/core_dispatch.h> #include "recordmethod.h" @@ -20,61 +19,8 @@ typedef struct ssl3_buffer_st SSL3_BUFFER; * * *****************************************************************************/ -struct ssl3_buffer_st { - /* at least SSL3_RT_MAX_PACKET_SIZE bytes */ - unsigned char *buf; - /* default buffer size (or 0 if no default set) */ - size_t default_len; - /* buffer size */ - size_t len; - /* where to 'copy from' */ - size_t offset; - /* how many bytes left */ - size_t left; - /* 'buf' is from application for KTLS */ - int app_buffer; - /* The type of data stored in this buffer. Only used for writing */ - int type; -}; - #define SEQ_NUM_SIZE 8 -typedef struct ssl3_record_st { - /* Record layer version */ - /* r */ - int rec_version; - /* type of record */ - /* r */ - int type; - /* How many bytes available */ - /* rw */ - size_t length; - /* - * How many bytes were available before padding was removed? This is used - * to implement the MAC check in constant time for CBC records. - */ - /* rw */ - size_t orig_len; - /* read/write offset into 'buf' */ - /* r */ - size_t off; - /* pointer to the record data */ - /* rw */ - unsigned char *data; - /* where the decode bytes are */ - /* rw */ - unsigned char *input; - /* only used with decompression - malloc()ed */ - /* r */ - unsigned char *comp; - /* epoch number, needed by DTLS1 */ - /* r */ - uint16_t epoch; - /* sequence number, needed by DTLS1 */ - /* r */ - unsigned char seq_num[SEQ_NUM_SIZE]; -} SSL3_RECORD; - typedef struct tls_record_st { void *rechandle; int version; @@ -184,21 +130,9 @@ typedef struct record_layer_st { * * *****************************************************************************/ -struct ssl_mac_buf_st { - unsigned char *mac; - int alloced; -}; -typedef struct ssl_mac_buf_st SSL_MAC_BUF; - -#define MIN_SSL2_RECORD_LEN 9 - #define RECORD_LAYER_set_read_ahead(rl, ra) ((rl)->read_ahead = (ra)) #define RECORD_LAYER_get_read_ahead(rl) ((rl)->read_ahead) -#define RECORD_LAYER_get_packet(rl) ((rl)->packet) -#define RECORD_LAYER_add_packet_length(rl, inc) ((rl)->packet_length += (inc)) #define DTLS_RECORD_LAYER_get_w_epoch(rl) ((rl)->d->w_epoch) -#define RECORD_LAYER_get_rbuf(rl) (&(rl)->rbuf) -#define RECORD_LAYER_get_wbuf(rl) ((rl)->wbuf) void RECORD_LAYER_init(RECORD_LAYER *rl, SSL_CONNECTION *s); void RECORD_LAYER_clear(RECORD_LAYER *rl); @@ -216,7 +150,6 @@ __owur int ssl3_read_bytes(SSL *s, int type, int *recvd_type, int DTLS_RECORD_LAYER_new(RECORD_LAYER *rl); void DTLS_RECORD_LAYER_free(RECORD_LAYER *rl); void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl); -void DTLS_RECORD_LAYER_clear(RECORD_LAYER *rl); __owur int dtls1_read_bytes(SSL *s, int type, int *recvd_type, unsigned char *buf, size_t len, int peek, size_t *readbytes); diff --git a/ssl/record/record_local.h b/ssl/record/record_local.h index 1f26d3b3bd..7bcbd14f24 100644 --- a/ssl/record/record_local.h +++ b/ssl/record/record_local.h @@ -18,55 +18,4 @@ /* Functions/macros provided by the RECORD_LAYER component */ -#define RECORD_LAYER_get_write_sequence(rl) ((rl)->write_sequence) -#define RECORD_LAYER_inc_empty_record_count(rl) ((rl)->empty_record_count++) -#define RECORD_LAYER_reset_empty_record_count(rl) \ - ((rl)->empty_record_count = 0) -#define RECORD_LAYER_get_empty_record_count(rl) ((rl)->empty_record_count) #define DTLS_RECORD_LAYER_get_r_epoch(rl) ((rl)->d->r_epoch) - -int dtls_buffer_record(SSL_CONNECTION *s, TLS_RECORD *rec); - -/* Macros/functions provided by the SSL3_RECORD component */ - -#define SSL3_RECORD_get_type(r) ((r)->type) -#define SSL3_RECORD_set_type(r, t) ((r)->type = (t)) -#define SSL3_RECORD_set_rec_version(r, v) ((r)->rec_version = (v)) -#define SSL3_RECORD_get_length(r) ((r)->length) -#define SSL3_RECORD_set_length(r, l) ((r)->length = (l)) -#define SSL3_RECORD_add_length(r, l) ((r)->length += (l)) -#define SSL3_RECORD_sub_length(r, l) ((r)->length -= (l)) -#define SSL3_RECORD_get_data(r) ((r)->data) -#define SSL3_RECORD_set_data(r, d) ((r)->data = (d)) -#define SSL3_RECORD_get_input(r) ((r)->input) -#define SSL3_RECORD_set_input(r, i) ((r)->input = (i)) -#define SSL3_RECORD_reset_input(r) ((r)->input = (r)->data) -#define SSL3_RECORD_reset_data(r) ((r)->data = (r)->input) -#define SSL3_RECORD_get_seq_num(r) ((r)->seq_num) -#define SSL3_RECORD_get_off(r) ((r)->off) -#define SSL3_RECORD_set_off(r, o) ((r)->off = (o)) -#define SSL3_RECORD_add_off(r, o) ((r)->off += (o)) -#define SSL3_RECORD_get_epoch(r) ((r)->epoch) - -void SSL3_RECORD_release(SSL3_RECORD *r, size_t num_recs); -void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num); -__owur int ssl3_do_compress(SSL_CONNECTION *ssl, SSL3_RECORD *wr); -__owur int ssl3_do_uncompress(SSL_CONNECTION *ssl, SSL3_RECORD *rr); -__owur int ssl3_cbc_remove_padding_and_mac(size_t *reclen, - size_t origreclen, - unsigned char *recdata, - unsigned char **mac, - int *alloced, - size_t block_size, size_t mac_size, - OSSL_LIB_CTX *libctx); -__owur int tls1_cbc_remove_padding_and_mac(size_t *reclen, - size_t origreclen, - unsigned char *recdata, - unsigned char **mac, - int *alloced, - size_t block_size, size_t mac_size, - int aead, - OSSL_LIB_CTX *libctx); -uint32_t ossl_get_max_early_data(SSL_CONNECTION *s); -int ossl_early_data_count_ok(SSL_CONNECTION *s, size_t length, size_t overhead, - int send); diff --git a/ssl/record/ssl3_record.c b/ssl/record/ssl3_record.c deleted file mode 100644 index 278320b52e..0000000000 --- a/ssl/record/ssl3_record.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <assert.h> -#include "../ssl_local.h" -#include <openssl/trace.h> -#include <openssl/rand.h> -#include <openssl/core_names.h> -#include "record_local.h" -#include "internal/cryptlib.h" - -void SSL3_RECORD_release(SSL3_RECORD *r, size_t num_recs) -{ - size_t i; - - for (i = 0; i < num_recs; i++) { - OPENSSL_free(r[i].comp); - r[i].comp = NULL; - } -} - -void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num) -{ - memcpy(r->seq_num, seq_num, SEQ_NUM_SIZE); -} - -uint32_t ossl_get_max_early_data(SSL_CONNECTION *s) -{ - uint32_t max_early_data; - SSL_SESSION *sess = s->session; - - /* - * If we are a client then we always use the max_early_data from the - * session/psksession. Otherwise we go with the lowest out of the max early - * data set in the session and the configured max_early_data. - */ - if (!s->server && sess->ext.max_early_data == 0) { - if (!ossl_assert(s->psksession != NULL - && s->psksession->ext.max_early_data > 0)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); - return 0; - } - sess = s->psksession; - } - - if (!s->server) - max_early_data = sess->ext.max_early_data; - else if (s->ext.early_data != SSL_EARLY_DATA_ACCEPTED) - max_early_data = s->recv_max_early_data; - else - max_early_data = s->recv_max_early_data < sess->ext.max_early_data - ? s->recv_max_early_data : sess->ext.max_early_data; - - return max_early_data; -} - -int ossl_early_data_count_ok(SSL_CONNECTION *s, size_t length, size_t overhead, - int send) -{ - uint32_t max_early_data; - - max_early_data = ossl_get_max_early_data(s); - - if (max_early_data == 0) { - SSLfatal(s, send ? SSL_AD_INTERNAL_ERROR : SSL_AD_UNEXPECTED_MESSAGE, - SSL_R_TOO_MUCH_EARLY_DATA); - return 0; - } - - /* If we are dealing with ciphertext we need to allow for the overhead */ - max_early_data += overhead; - - if (s->early_data_count + length > max_early_data) { - SSLfatal(s, send ? SSL_AD_INTERNAL_ERROR : SSL_AD_UNEXPECTED_MESSAGE, - SSL_R_TOO_MUCH_EARLY_DATA); - return 0; - } - s->early_data_count += length; - - return 1; -} |