Import OpenSSL 1.1.0h

2018-04-13 17:45:41 +00:00
parent f39d324ed3
commit 807cee26df
513 changed files with 11248 additions and 3603 deletions
--- a/util/perl/TLSProxy/Message.pm
+++ b/util/perl/TLSProxy/Message.pm
@@ -0,0 +1,456 @@
+# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+
+package TLSProxy::Message;
+
+use constant TLS_MESSAGE_HEADER_LENGTH => 4;
+
+#Message types
+use constant {
+    MT_HELLO_REQUEST => 0,
+    MT_CLIENT_HELLO => 1,
+    MT_SERVER_HELLO => 2,
+    MT_NEW_SESSION_TICKET => 4,
+    MT_CERTIFICATE => 11,
+    MT_SERVER_KEY_EXCHANGE => 12,
+    MT_CERTIFICATE_REQUEST => 13,
+    MT_SERVER_HELLO_DONE => 14,
+    MT_CERTIFICATE_VERIFY => 15,
+    MT_CLIENT_KEY_EXCHANGE => 16,
+    MT_FINISHED => 20,
+    MT_CERTIFICATE_STATUS => 22,
+    MT_NEXT_PROTO => 67
+};
+
+#Alert levels
+use constant {
+    AL_LEVEL_WARN => 1,
+    AL_LEVEL_FATAL => 2
+};
+
+#Alert descriptions
+use constant {
+    AL_DESC_CLOSE_NOTIFY => 0,
+    AL_DESC_UNEXPECTED_MESSAGE => 10,
+    AL_DESC_NO_RENEGOTIATION => 100
+};
+
+my %message_type = (
+    MT_HELLO_REQUEST, "HelloRequest",
+    MT_CLIENT_HELLO, "ClientHello",
+    MT_SERVER_HELLO, "ServerHello",
+    MT_NEW_SESSION_TICKET, "NewSessionTicket",
+    MT_CERTIFICATE, "Certificate",
+    MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange",
+    MT_CERTIFICATE_REQUEST, "CertificateRequest",
+    MT_SERVER_HELLO_DONE, "ServerHelloDone",
+    MT_CERTIFICATE_VERIFY, "CertificateVerify",
+    MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange",
+    MT_FINISHED, "Finished",
+    MT_CERTIFICATE_STATUS, "CertificateStatus",
+    MT_NEXT_PROTO, "NextProto"
+);
+
+use constant {
+    EXT_STATUS_REQUEST => 5,
+    EXT_ENCRYPT_THEN_MAC => 22,
+    EXT_EXTENDED_MASTER_SECRET => 23,
+    EXT_SESSION_TICKET => 35,
+    # This extension does not exist and isn't recognised by OpenSSL.
+    # We use it to test handling of duplicate extensions.
+    EXT_DUPLICATE_EXTENSION => 1234
+};
+
+my $payload = "";
+my $messlen = -1;
+my $mt;
+my $startoffset = -1;
+my $server = 0;
+my $success = 0;
+my $end = 0;
+my @message_rec_list = ();
+my @message_frag_lens = ();
+my $ciphersuite = 0;
+
+sub clear
+{
+    $payload = "";
+    $messlen = -1;
+    $startoffset = -1;
+    $server = 0;
+    $success = 0;
+    $end = 0;
+    @message_rec_list = ();
+    @message_frag_lens = ();
+}
+
+#Class method to extract messages from a record
+sub get_messages
+{
+    my $class = shift;
+    my $serverin = shift;
+    my $record = shift;
+    my @messages = ();
+    my $message;
+
+    @message_frag_lens = ();
+
+    if ($serverin != $server && length($payload) != 0) {
+        die "Changed peer, but we still have fragment data\n";
+    }
+    $server = $serverin;
+
+    if ($record->content_type == TLSProxy::Record::RT_CCS) {
+        if ($payload ne "") {
+            #We can't handle this yet
+            die "CCS received before message data complete\n";
+        }
+        if ($server) {
+            TLSProxy::Record->server_ccs_seen(1);
+        } else {
+            TLSProxy::Record->client_ccs_seen(1);
+        }
+    } elsif ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) {
+        if ($record->len == 0 || $record->len_real == 0) {
+            print "  Message truncated\n";
+        } else {
+            my $recoffset = 0;
+
+            if (length $payload > 0) {
+                #We are continuing processing a message started in a previous
+                #record. Add this record to the list associated with this
+                #message
+                push @message_rec_list, $record;
+
+                if ($messlen <= length($payload)) {
+                    #Shouldn't happen
+                    die "Internal error: invalid messlen: ".$messlen
+                        ." payload length:".length($payload)."\n";
+                }
+                if (length($payload) + $record->decrypt_len >= $messlen) {
+                    #We can complete the message with this record
+                    $recoffset = $messlen - length($payload);
+                    $payload .= substr($record->decrypt_data, 0, $recoffset);
+                    push @message_frag_lens, $recoffset;
+                    $message = create_message($server, $mt, $payload,
+                                              $startoffset);
+                    push @messages, $message;
+
+                    $payload = "";
+                } else {
+                    #This is just part of the total message
+                    $payload .= $record->decrypt_data;
+                    $recoffset = $record->decrypt_len;
+                    push @message_frag_lens, $record->decrypt_len;
+                }
+                print "  Partial message data read: ".$recoffset." bytes\n";
+            }
+
+            while ($record->decrypt_len > $recoffset) {
+                #We are at the start of a new message
+                if ($record->decrypt_len - $recoffset < 4) {
+                    #Whilst technically probably valid we can't cope with this
+                    die "End of record in the middle of a message header\n";
+                }
+                @message_rec_list = ($record);
+                my $lenhi;
+                my $lenlo;
+                ($mt, $lenhi, $lenlo) = unpack('CnC',
+                                               substr($record->decrypt_data,
+                                                      $recoffset));
+                $messlen = ($lenhi << 8) | $lenlo;
+                print "  Message type: $message_type{$mt}\n";
+                print "  Message Length: $messlen\n";
+                $startoffset = $recoffset;
+                $recoffset += 4;
+                $payload = "";
+                
+                if ($recoffset <= $record->decrypt_len) {
+                    #Some payload data is present in this record
+                    if ($record->decrypt_len - $recoffset >= $messlen) {
+                        #We can complete the message with this record
+                        $payload .= substr($record->decrypt_data, $recoffset,
+                                           $messlen);
+                        $recoffset += $messlen;
+                        push @message_frag_lens, $messlen;
+                        $message = create_message($server, $mt, $payload,
+                                                  $startoffset);
+                        push @messages, $message;
+
+                        $payload = "";
+                    } else {
+                        #This is just part of the total message
+                        $payload .= substr($record->decrypt_data, $recoffset,
+                                           $record->decrypt_len - $recoffset);
+                        $recoffset = $record->decrypt_len;
+                        push @message_frag_lens, $recoffset;
+                    }
+                }
+            }
+        }
+    } elsif ($record->content_type == TLSProxy::Record::RT_APPLICATION_DATA) {
+        print "  [ENCRYPTED APPLICATION DATA]\n";
+        print "  [".$record->decrypt_data."]\n";
+    } elsif ($record->content_type == TLSProxy::Record::RT_ALERT) {
+        my ($alertlev, $alertdesc) = unpack('CC', $record->decrypt_data);
+        #A CloseNotify from the client indicates we have finished successfully
+        #(we assume)
+        if (!$end && !$server && $alertlev == AL_LEVEL_WARN
+            && $alertdesc == AL_DESC_CLOSE_NOTIFY) {
+            $success = 1;
+        }
+        #All alerts end the test
+        $end = 1;
+    }
+
+    return @messages;
+}
+
+#Function to work out which sub-class we need to create and then
+#construct it
+sub create_message
+{
+    my ($server, $mt, $data, $startoffset) = @_;
+    my $message;
+
+    #We only support ClientHello in this version...needs to be extended for
+    #others
+    if ($mt == MT_CLIENT_HELLO) {
+        $message = TLSProxy::ClientHello->new(
+            $server,
+            $data,
+            [@message_rec_list],
+            $startoffset,
+            [@message_frag_lens]
+        );
+        $message->parse();
+    } elsif ($mt == MT_SERVER_HELLO) {
+        $message = TLSProxy::ServerHello->new(
+            $server,
+            $data,
+            [@message_rec_list],
+            $startoffset,
+            [@message_frag_lens]
+        );
+        $message->parse();
+    } elsif ($mt == MT_SERVER_KEY_EXCHANGE) {
+        $message = TLSProxy::ServerKeyExchange->new(
+            $server,
+            $data,
+            [@message_rec_list],
+            $startoffset,
+            [@message_frag_lens]
+        );
+        $message->parse();
+    } elsif ($mt == MT_NEW_SESSION_TICKET) {
+        $message = TLSProxy::NewSessionTicket->new(
+            $server,
+            $data,
+            [@message_rec_list],
+            $startoffset,
+            [@message_frag_lens]
+        );
+        $message->parse();
+    } else {
+        #Unknown message type
+        $message = TLSProxy::Message->new(
+            $server,
+            $mt,
+            $data,
+            [@message_rec_list],
+            $startoffset,
+            [@message_frag_lens]
+        );
+    }
+
+    return $message;
+}
+
+sub end
+{
+    my $class = shift;
+    return $end;
+}
+sub success
+{
+    my $class = shift;
+    return $success;
+}
+sub fail
+{
+    my $class = shift;
+    return !$success && $end;
+}
+sub new
+{
+    my $class = shift;
+    my ($server,
+        $mt,
+        $data,
+        $records,
+        $startoffset,
+        $message_frag_lens) = @_;
+    
+    my $self = {
+        server => $server,
+        data => $data,
+        records => $records,
+        mt => $mt,
+        startoffset => $startoffset,
+        message_frag_lens => $message_frag_lens
+    };
+
+    return bless $self, $class;
+}
+
+sub ciphersuite
+{
+    my $class = shift;
+    if (@_) {
+      $ciphersuite = shift;
+    }
+    return $ciphersuite;
+}
+
+#Update all the underlying records with the modified data from this message
+#Note: Does not currently support re-encrypting
+sub repack
+{
+    my $self = shift;
+    my $msgdata;
+
+    my $numrecs = $#{$self->records};
+
+    $self->set_message_contents();
+
+    my $lenhi;
+    my $lenlo;
+
+    $lenlo = length($self->data) & 0xff;
+    $lenhi = length($self->data) >> 8;
+    $msgdata = pack('CnC', $self->mt, $lenhi, $lenlo).$self->data;
+
+    if ($numrecs == 0) {
+        #The message is fully contained within one record
+        my ($rec) = @{$self->records};
+        my $recdata = $rec->decrypt_data;
+
+        my $old_length;
+
+        # We use empty message_frag_lens to indicates that pre-repacking,
+        # the message wasn't present. The first fragment length doesn't include
+        # the TLS header, so we need to check and compute the right length.
+        if (@{$self->message_frag_lens}) {
+            $old_length = ${$self->message_frag_lens}[0] +
+              TLS_MESSAGE_HEADER_LENGTH;
+        } else {
+            $old_length = 0;
+        }
+
+        my $prefix = substr($recdata, 0, $self->startoffset);
+        my $suffix = substr($recdata, $self->startoffset + $old_length);
+
+        $rec->decrypt_data($prefix.($msgdata).($suffix));
+        # TODO(openssl-team): don't keep explicit lengths.
+        # (If a length override is ever needed to construct invalid packets,
+        #  use an explicit override field instead.)
+        $rec->decrypt_len(length($rec->decrypt_data));
+        $rec->len($rec->len + length($msgdata) - $old_length);
+        # Don't support re-encryption.
+        $rec->data($rec->decrypt_data);
+
+        #Update the fragment len in case we changed it above
+        ${$self->message_frag_lens}[0] = length($msgdata)
+                                         - TLS_MESSAGE_HEADER_LENGTH;
+        return;
+    }
+
+    #Note we don't currently support changing a fragmented message length
+    my $recctr = 0;
+    my $datadone = 0;
+    foreach my $rec (@{$self->records}) {
+        my $recdata = $rec->decrypt_data;
+        if ($recctr == 0) {
+            #This is the first record
+            my $remainlen = length($recdata) - $self->startoffset;
+            $rec->data(substr($recdata, 0, $self->startoffset)
+                       .substr(($msgdata), 0, $remainlen));
+            $datadone += $remainlen;
+        } elsif ($recctr + 1 == $numrecs) {
+            #This is the last record
+            $rec->data(substr($msgdata, $datadone));
+        } else {
+            #This is a middle record
+            $rec->data(substr($msgdata, $datadone, length($rec->data)));
+            $datadone += length($rec->data);
+        }
+        $recctr++;
+    }
+}
+
+#To be overridden by sub-classes
+sub set_message_contents
+{
+}
+
+#Read only accessors
+sub server
+{
+    my $self = shift;
+    return $self->{server};
+}
+
+#Read/write accessors
+sub mt
+{
+    my $self = shift;
+    if (@_) {
+      $self->{mt} = shift;
+    }
+    return $self->{mt};
+}
+sub data
+{
+    my $self = shift;
+    if (@_) {
+      $self->{data} = shift;
+    }
+    return $self->{data};
+}
+sub records
+{
+    my $self = shift;
+    if (@_) {
+      $self->{records} = shift;
+    }
+    return $self->{records};
+}
+sub startoffset
+{
+    my $self = shift;
+    if (@_) {
+      $self->{startoffset} = shift;
+    }
+    return $self->{startoffset};
+}
+sub message_frag_lens
+{
+    my $self = shift;
+    if (@_) {
+      $self->{message_frag_lens} = shift;
+    }
+    return $self->{message_frag_lens};
+}
+sub encoded_length
+{
+    my $self = shift;
+    return TLS_MESSAGE_HEADER_LENGTH + length($self->data);
+}
+
+1;