xref: /openssl/ssl/record/methods/tlsany_meth.c (revision b6461792)
1 /*
2  * Copyright 2022-2024 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <openssl/evp.h>
11 #include "../../ssl_local.h"
12 #include "../record_local.h"
13 #include "recmethod_local.h"
14 
15 #define MIN_SSL2_RECORD_LEN     9
16 
tls_any_set_crypto_state(OSSL_RECORD_LAYER * rl,int level,unsigned char * key,size_t keylen,unsigned char * iv,size_t ivlen,unsigned char * mackey,size_t mackeylen,const EVP_CIPHER * ciph,size_t taglen,int mactype,const EVP_MD * md,COMP_METHOD * comp)17 static int tls_any_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
18                                     unsigned char *key, size_t keylen,
19                                     unsigned char *iv, size_t ivlen,
20                                     unsigned char *mackey, size_t mackeylen,
21                                     const EVP_CIPHER *ciph,
22                                     size_t taglen,
23                                     int mactype,
24                                     const EVP_MD *md,
25                                     COMP_METHOD *comp)
26 {
27     if (level != OSSL_RECORD_PROTECTION_LEVEL_NONE) {
28         ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
29         return OSSL_RECORD_RETURN_FATAL;
30     }
31 
32     /* No crypto protection at the "NONE" level so nothing to be done */
33 
34     return OSSL_RECORD_RETURN_SUCCESS;
35 }
36 
tls_any_cipher(OSSL_RECORD_LAYER * rl,TLS_RL_RECORD * recs,size_t n_recs,int sending,SSL_MAC_BUF * macs,size_t macsize)37 static int tls_any_cipher(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *recs,
38                           size_t n_recs, int sending, SSL_MAC_BUF *macs,
39                           size_t macsize)
40 {
41     return 1;
42 }
43 
tls_validate_record_header(OSSL_RECORD_LAYER * rl,TLS_RL_RECORD * rec)44 static int tls_validate_record_header(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec)
45 {
46     if (rec->rec_version == SSL2_VERSION) {
47         /* SSLv2 format ClientHello */
48         if (!ossl_assert(rl->version == TLS_ANY_VERSION)) {
49             RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
50             return 0;
51         }
52         if (rec->length < MIN_SSL2_RECORD_LEN) {
53             RLAYERfatal(rl, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_TOO_SHORT);
54             return 0;
55         }
56     } else {
57         if (rl->version == TLS_ANY_VERSION) {
58             if ((rec->rec_version >> 8) != SSL3_VERSION_MAJOR) {
59                 if (rl->is_first_record) {
60                     unsigned char *p;
61 
62                     /*
63                      * Go back to start of packet, look at the five bytes that
64                      * we have.
65                      */
66                     p = rl->packet;
67                     if (HAS_PREFIX((char *)p, "GET ") ||
68                         HAS_PREFIX((char *)p, "POST ") ||
69                         HAS_PREFIX((char *)p, "HEAD ") ||
70                         HAS_PREFIX((char *)p, "PUT ")) {
71                         RLAYERfatal(rl, SSL_AD_NO_ALERT, SSL_R_HTTP_REQUEST);
72                         return 0;
73                     } else if (HAS_PREFIX((char *)p, "CONNE")) {
74                         RLAYERfatal(rl, SSL_AD_NO_ALERT,
75                                     SSL_R_HTTPS_PROXY_REQUEST);
76                         return 0;
77                     }
78 
79                     /* Doesn't look like TLS - don't send an alert */
80                     RLAYERfatal(rl, SSL_AD_NO_ALERT,
81                                 SSL_R_WRONG_VERSION_NUMBER);
82                     return 0;
83                 } else {
84                     RLAYERfatal(rl, SSL_AD_PROTOCOL_VERSION,
85                                 SSL_R_WRONG_VERSION_NUMBER);
86                     return 0;
87                 }
88             }
89         } else if (rl->version == TLS1_3_VERSION) {
90             /*
91              * In this case we know we are going to negotiate TLSv1.3, but we've
92              * had an HRR, so we haven't actually done so yet. In TLSv1.3 we
93              * must ignore the legacy record version in plaintext records.
94              */
95         } else if (rec->rec_version != rl->version) {
96             if ((rl->version & 0xFF00) == (rec->rec_version & 0xFF00)) {
97                 if (rec->type == SSL3_RT_ALERT) {
98                     /*
99                      * The record is using an incorrect version number,
100                      * but what we've got appears to be an alert. We
101                      * haven't read the body yet to check whether its a
102                      * fatal or not - but chances are it is. We probably
103                      * shouldn't send a fatal alert back. We'll just
104                      * end.
105                      */
106                     RLAYERfatal(rl, SSL_AD_NO_ALERT,
107                                 SSL_R_WRONG_VERSION_NUMBER);
108                     return 0;
109                 }
110                 /* Send back error using their minor version number */
111                 rl->version = (unsigned short)rec->rec_version;
112             }
113             RLAYERfatal(rl, SSL_AD_PROTOCOL_VERSION,
114                         SSL_R_WRONG_VERSION_NUMBER);
115             return 0;
116         }
117     }
118     if (rec->length > SSL3_RT_MAX_PLAIN_LENGTH) {
119         /*
120          * We use SSL_R_DATA_LENGTH_TOO_LONG instead of
121          * SSL_R_ENCRYPTED_LENGTH_TOO_LONG here because we are the "any" method
122          * and we know that we are dealing with plaintext data
123          */
124         RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW, SSL_R_DATA_LENGTH_TOO_LONG);
125         return 0;
126     }
127     return 1;
128 }
129 
tls_any_set_protocol_version(OSSL_RECORD_LAYER * rl,int vers)130 static int tls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
131 {
132     if (rl->version != TLS_ANY_VERSION && rl->version != vers)
133         return 0;
134     rl->version = vers;
135 
136     return 1;
137 }
138 
tls_any_prepare_for_encryption(OSSL_RECORD_LAYER * rl,size_t mac_size,WPACKET * thispkt,TLS_RL_RECORD * thiswr)139 static int tls_any_prepare_for_encryption(OSSL_RECORD_LAYER *rl,
140                                           size_t mac_size,
141                                           WPACKET *thispkt,
142                                           TLS_RL_RECORD *thiswr)
143 {
144     /* No encryption, so nothing to do */
145     return 1;
146 }
147 
148 const struct record_functions_st tls_any_funcs = {
149     tls_any_set_crypto_state,
150     tls_any_cipher,
151     NULL,
152     tls_any_set_protocol_version,
153     tls_default_read_n,
154     tls_get_more_records,
155     tls_validate_record_header,
156     tls_default_post_process_record,
157     tls_get_max_records_default,
158     tls_write_records_default,
159     tls_allocate_write_buffers_default,
160     tls_initialise_write_packets_default,
161     NULL,
162     tls_prepare_record_header_default,
163     NULL,
164     tls_any_prepare_for_encryption,
165     tls_post_encryption_processing_default,
166     NULL
167 };
168 
dtls_any_set_protocol_version(OSSL_RECORD_LAYER * rl,int vers)169 static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
170 {
171     if (rl->version != DTLS_ANY_VERSION && rl->version != vers)
172         return 0;
173     rl->version = vers;
174 
175     return 1;
176 }
177 
178 const struct record_functions_st dtls_any_funcs = {
179     tls_any_set_crypto_state,
180     tls_any_cipher,
181     NULL,
182     dtls_any_set_protocol_version,
183     tls_default_read_n,
184     dtls_get_more_records,
185     NULL,
186     NULL,
187     NULL,
188     tls_write_records_default,
189     tls_allocate_write_buffers_default,
190     tls_initialise_write_packets_default,
191     NULL,
192     dtls_prepare_record_header,
193     NULL,
194     tls_prepare_for_encryption_default,
195     dtls_post_encryption_processing,
196     NULL
197 };
198