[331] | 1 | /*
|
---|
| 2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
|
---|
| 3 | *
|
---|
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use
|
---|
| 5 | * this file except in compliance with the License. You can obtain a copy
|
---|
| 6 | * in the file LICENSE in the source distribution or at
|
---|
| 7 | * https://www.openssl.org/source/license.html
|
---|
| 8 | */
|
---|
| 9 |
|
---|
| 10 | /* ====================================================================
|
---|
| 11 | * Copyright 2005 Nokia. All rights reserved.
|
---|
| 12 | *
|
---|
| 13 | * The portions of the attached software ("Contribution") is developed by
|
---|
| 14 | * Nokia Corporation and is licensed pursuant to the OpenSSL open source
|
---|
| 15 | * license.
|
---|
| 16 | *
|
---|
| 17 | * The Contribution, originally written by Mika Kousa and Pasi Eronen of
|
---|
| 18 | * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites
|
---|
| 19 | * support (see RFC 4279) to OpenSSL.
|
---|
| 20 | *
|
---|
| 21 | * No patent licenses or other rights except those expressly stated in
|
---|
| 22 | * the OpenSSL open source license shall be deemed granted or received
|
---|
| 23 | * expressly, by implication, estoppel, or otherwise.
|
---|
| 24 | *
|
---|
| 25 | * No assurances are provided by Nokia that the Contribution does not
|
---|
| 26 | * infringe the patent or other intellectual property rights of any third
|
---|
| 27 | * party or that the license provides you with all the necessary rights
|
---|
| 28 | * to make use of the Contribution.
|
---|
| 29 | *
|
---|
| 30 | * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN
|
---|
| 31 | * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA
|
---|
| 32 | * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY
|
---|
| 33 | * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR
|
---|
| 34 | * OTHERWISE.
|
---|
| 35 | */
|
---|
| 36 |
|
---|
| 37 | #include <stdio.h>
|
---|
| 38 | #include <stdlib.h>
|
---|
| 39 | #include "ssl_locl.h"
|
---|
| 40 | #include <openssl/asn1t.h>
|
---|
| 41 | #include <openssl/x509.h>
|
---|
| 42 |
|
---|
| 43 | typedef struct {
|
---|
| 44 | long version;
|
---|
| 45 | long ssl_version;
|
---|
| 46 | ASN1_OCTET_STRING *cipher;
|
---|
| 47 | ASN1_OCTET_STRING *comp_id;
|
---|
| 48 | ASN1_OCTET_STRING *master_key;
|
---|
| 49 | ASN1_OCTET_STRING *session_id;
|
---|
| 50 | ASN1_OCTET_STRING *key_arg;
|
---|
| 51 | long time;
|
---|
| 52 | long timeout;
|
---|
| 53 | X509 *peer;
|
---|
| 54 | ASN1_OCTET_STRING *session_id_context;
|
---|
| 55 | long verify_result;
|
---|
| 56 | ASN1_OCTET_STRING *tlsext_hostname;
|
---|
| 57 | long tlsext_tick_lifetime_hint;
|
---|
| 58 | ASN1_OCTET_STRING *tlsext_tick;
|
---|
| 59 | #ifndef OPENSSL_NO_PSK
|
---|
| 60 | ASN1_OCTET_STRING *psk_identity_hint;
|
---|
| 61 | ASN1_OCTET_STRING *psk_identity;
|
---|
| 62 | #endif
|
---|
| 63 | #ifndef OPENSSL_NO_SRP
|
---|
| 64 | ASN1_OCTET_STRING *srp_username;
|
---|
| 65 | #endif
|
---|
| 66 | long flags;
|
---|
| 67 | } SSL_SESSION_ASN1;
|
---|
| 68 |
|
---|
| 69 | ASN1_SEQUENCE(SSL_SESSION_ASN1) = {
|
---|
| 70 | ASN1_SIMPLE(SSL_SESSION_ASN1, version, LONG),
|
---|
| 71 | ASN1_SIMPLE(SSL_SESSION_ASN1, ssl_version, LONG),
|
---|
| 72 | ASN1_SIMPLE(SSL_SESSION_ASN1, cipher, ASN1_OCTET_STRING),
|
---|
| 73 | ASN1_SIMPLE(SSL_SESSION_ASN1, session_id, ASN1_OCTET_STRING),
|
---|
| 74 | ASN1_SIMPLE(SSL_SESSION_ASN1, master_key, ASN1_OCTET_STRING),
|
---|
| 75 | ASN1_IMP_OPT(SSL_SESSION_ASN1, key_arg, ASN1_OCTET_STRING, 0),
|
---|
| 76 | ASN1_EXP_OPT(SSL_SESSION_ASN1, time, ZLONG, 1),
|
---|
| 77 | ASN1_EXP_OPT(SSL_SESSION_ASN1, timeout, ZLONG, 2),
|
---|
| 78 | ASN1_EXP_OPT(SSL_SESSION_ASN1, peer, X509, 3),
|
---|
| 79 | ASN1_EXP_OPT(SSL_SESSION_ASN1, session_id_context, ASN1_OCTET_STRING, 4),
|
---|
| 80 | ASN1_EXP_OPT(SSL_SESSION_ASN1, verify_result, ZLONG, 5),
|
---|
| 81 | ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_hostname, ASN1_OCTET_STRING, 6),
|
---|
| 82 | #ifndef OPENSSL_NO_PSK
|
---|
| 83 | ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity_hint, ASN1_OCTET_STRING, 7),
|
---|
| 84 | ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity, ASN1_OCTET_STRING, 8),
|
---|
| 85 | #endif
|
---|
| 86 | ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick_lifetime_hint, ZLONG, 9),
|
---|
| 87 | ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick, ASN1_OCTET_STRING, 10),
|
---|
| 88 | ASN1_EXP_OPT(SSL_SESSION_ASN1, comp_id, ASN1_OCTET_STRING, 11),
|
---|
| 89 | #ifndef OPENSSL_NO_SRP
|
---|
| 90 | ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12),
|
---|
| 91 | #endif
|
---|
| 92 | ASN1_EXP_OPT(SSL_SESSION_ASN1, flags, ZLONG, 13)
|
---|
| 93 | } static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1)
|
---|
| 94 |
|
---|
| 95 | IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1)
|
---|
| 96 |
|
---|
| 97 | /* Utility functions for i2d_SSL_SESSION */
|
---|
| 98 |
|
---|
| 99 | /* Initialise OCTET STRING from buffer and length */
|
---|
| 100 |
|
---|
| 101 | static void ssl_session_oinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os,
|
---|
| 102 | unsigned char *data, size_t len)
|
---|
| 103 | {
|
---|
| 104 | os->data = data;
|
---|
| 105 | os->length = len;
|
---|
| 106 | os->flags = 0;
|
---|
| 107 | *dest = os;
|
---|
| 108 | }
|
---|
| 109 |
|
---|
| 110 | /* Initialise OCTET STRING from string */
|
---|
| 111 | static void ssl_session_sinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os,
|
---|
| 112 | char *data)
|
---|
| 113 | {
|
---|
| 114 | if (data != NULL)
|
---|
| 115 | ssl_session_oinit(dest, os, (unsigned char *)data, strlen(data));
|
---|
| 116 | else
|
---|
| 117 | *dest = NULL;
|
---|
| 118 | }
|
---|
| 119 |
|
---|
| 120 | int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp)
|
---|
| 121 | {
|
---|
| 122 |
|
---|
| 123 | SSL_SESSION_ASN1 as;
|
---|
| 124 |
|
---|
| 125 | ASN1_OCTET_STRING cipher;
|
---|
| 126 | unsigned char cipher_data[2];
|
---|
| 127 | ASN1_OCTET_STRING master_key, session_id, sid_ctx;
|
---|
| 128 |
|
---|
| 129 | #ifndef OPENSSL_NO_COMP
|
---|
| 130 | ASN1_OCTET_STRING comp_id;
|
---|
| 131 | unsigned char comp_id_data;
|
---|
| 132 | #endif
|
---|
| 133 |
|
---|
| 134 | ASN1_OCTET_STRING tlsext_hostname, tlsext_tick;
|
---|
| 135 |
|
---|
| 136 | #ifndef OPENSSL_NO_SRP
|
---|
| 137 | ASN1_OCTET_STRING srp_username;
|
---|
| 138 | #endif
|
---|
| 139 |
|
---|
| 140 | #ifndef OPENSSL_NO_PSK
|
---|
| 141 | ASN1_OCTET_STRING psk_identity, psk_identity_hint;
|
---|
| 142 | #endif
|
---|
| 143 |
|
---|
| 144 | long l;
|
---|
| 145 |
|
---|
| 146 | if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
|
---|
| 147 | return 0;
|
---|
| 148 |
|
---|
| 149 | memset(&as, 0, sizeof(as));
|
---|
| 150 |
|
---|
| 151 | as.version = SSL_SESSION_ASN1_VERSION;
|
---|
| 152 | as.ssl_version = in->ssl_version;
|
---|
| 153 |
|
---|
| 154 | if (in->cipher == NULL)
|
---|
| 155 | l = in->cipher_id;
|
---|
| 156 | else
|
---|
| 157 | l = in->cipher->id;
|
---|
| 158 | cipher_data[0] = ((unsigned char)(l >> 8L)) & 0xff;
|
---|
| 159 | cipher_data[1] = ((unsigned char)(l)) & 0xff;
|
---|
| 160 |
|
---|
| 161 | ssl_session_oinit(&as.cipher, &cipher, cipher_data, 2);
|
---|
| 162 |
|
---|
| 163 | #ifndef OPENSSL_NO_COMP
|
---|
| 164 | if (in->compress_meth) {
|
---|
| 165 | comp_id_data = (unsigned char)in->compress_meth;
|
---|
| 166 | ssl_session_oinit(&as.comp_id, &comp_id, &comp_id_data, 1);
|
---|
| 167 | }
|
---|
| 168 | #endif
|
---|
| 169 |
|
---|
| 170 | ssl_session_oinit(&as.master_key, &master_key,
|
---|
| 171 | in->master_key, in->master_key_length);
|
---|
| 172 |
|
---|
| 173 | ssl_session_oinit(&as.session_id, &session_id,
|
---|
| 174 | in->session_id, in->session_id_length);
|
---|
| 175 |
|
---|
| 176 | ssl_session_oinit(&as.session_id_context, &sid_ctx,
|
---|
| 177 | in->sid_ctx, in->sid_ctx_length);
|
---|
| 178 |
|
---|
| 179 | as.time = in->time;
|
---|
| 180 | as.timeout = in->timeout;
|
---|
| 181 | as.verify_result = in->verify_result;
|
---|
| 182 |
|
---|
| 183 | as.peer = in->peer;
|
---|
| 184 |
|
---|
| 185 | ssl_session_sinit(&as.tlsext_hostname, &tlsext_hostname,
|
---|
| 186 | in->tlsext_hostname);
|
---|
| 187 | if (in->tlsext_tick) {
|
---|
| 188 | ssl_session_oinit(&as.tlsext_tick, &tlsext_tick,
|
---|
| 189 | in->tlsext_tick, in->tlsext_ticklen);
|
---|
| 190 | }
|
---|
| 191 | if (in->tlsext_tick_lifetime_hint > 0)
|
---|
| 192 | as.tlsext_tick_lifetime_hint = in->tlsext_tick_lifetime_hint;
|
---|
| 193 | #ifndef OPENSSL_NO_PSK
|
---|
| 194 | ssl_session_sinit(&as.psk_identity_hint, &psk_identity_hint,
|
---|
| 195 | in->psk_identity_hint);
|
---|
| 196 | ssl_session_sinit(&as.psk_identity, &psk_identity, in->psk_identity);
|
---|
| 197 | #endif /* OPENSSL_NO_PSK */
|
---|
| 198 | #ifndef OPENSSL_NO_SRP
|
---|
| 199 | ssl_session_sinit(&as.srp_username, &srp_username, in->srp_username);
|
---|
| 200 | #endif /* OPENSSL_NO_SRP */
|
---|
| 201 |
|
---|
| 202 | as.flags = in->flags;
|
---|
| 203 |
|
---|
| 204 | return i2d_SSL_SESSION_ASN1(&as, pp);
|
---|
| 205 |
|
---|
| 206 | }
|
---|
| 207 |
|
---|
| 208 | /* Utility functions for d2i_SSL_SESSION */
|
---|
| 209 |
|
---|
| 210 | /* OPENSSL_strndup an OCTET STRING */
|
---|
| 211 |
|
---|
| 212 | static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src)
|
---|
| 213 | {
|
---|
| 214 | OPENSSL_free(*pdst);
|
---|
| 215 | *pdst = NULL;
|
---|
| 216 | if (src == NULL)
|
---|
| 217 | return 1;
|
---|
| 218 | *pdst = OPENSSL_strndup((char *)src->data, src->length);
|
---|
| 219 | if (*pdst == NULL)
|
---|
| 220 | return 0;
|
---|
| 221 | return 1;
|
---|
| 222 | }
|
---|
| 223 |
|
---|
| 224 | /* Copy an OCTET STRING, return error if it exceeds maximum length */
|
---|
| 225 |
|
---|
| 226 | static int ssl_session_memcpy(unsigned char *dst, unsigned int *pdstlen,
|
---|
| 227 | ASN1_OCTET_STRING *src, int maxlen)
|
---|
| 228 | {
|
---|
| 229 | if (src == NULL) {
|
---|
| 230 | *pdstlen = 0;
|
---|
| 231 | return 1;
|
---|
| 232 | }
|
---|
| 233 | if (src->length > maxlen)
|
---|
| 234 | return 0;
|
---|
| 235 | memcpy(dst, src->data, src->length);
|
---|
| 236 | *pdstlen = src->length;
|
---|
| 237 | return 1;
|
---|
| 238 | }
|
---|
| 239 |
|
---|
| 240 | SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp,
|
---|
| 241 | long length)
|
---|
| 242 | {
|
---|
| 243 | long id;
|
---|
| 244 | unsigned int tmpl;
|
---|
| 245 | const unsigned char *p = *pp;
|
---|
| 246 | SSL_SESSION_ASN1 *as = NULL;
|
---|
| 247 | SSL_SESSION *ret = NULL;
|
---|
| 248 |
|
---|
| 249 | as = d2i_SSL_SESSION_ASN1(NULL, &p, length);
|
---|
| 250 | /* ASN.1 code returns suitable error */
|
---|
| 251 | if (as == NULL)
|
---|
| 252 | goto err;
|
---|
| 253 |
|
---|
| 254 | if (!a || !*a) {
|
---|
| 255 | ret = SSL_SESSION_new();
|
---|
| 256 | if (ret == NULL)
|
---|
| 257 | goto err;
|
---|
| 258 | } else {
|
---|
| 259 | ret = *a;
|
---|
| 260 | }
|
---|
| 261 |
|
---|
| 262 | if (as->version != SSL_SESSION_ASN1_VERSION) {
|
---|
| 263 | SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION);
|
---|
| 264 | goto err;
|
---|
| 265 | }
|
---|
| 266 |
|
---|
| 267 | if ((as->ssl_version >> 8) != SSL3_VERSION_MAJOR
|
---|
| 268 | && (as->ssl_version >> 8) != DTLS1_VERSION_MAJOR
|
---|
| 269 | && as->ssl_version != DTLS1_BAD_VER) {
|
---|
| 270 | SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION);
|
---|
| 271 | goto err;
|
---|
| 272 | }
|
---|
| 273 |
|
---|
| 274 | ret->ssl_version = (int)as->ssl_version;
|
---|
| 275 |
|
---|
| 276 | if (as->cipher->length != 2) {
|
---|
| 277 | SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_CIPHER_CODE_WRONG_LENGTH);
|
---|
| 278 | goto err;
|
---|
| 279 | }
|
---|
| 280 |
|
---|
| 281 | p = as->cipher->data;
|
---|
| 282 | id = 0x03000000L | ((unsigned long)p[0] << 8L) | (unsigned long)p[1];
|
---|
| 283 |
|
---|
| 284 | ret->cipher = NULL;
|
---|
| 285 | ret->cipher_id = id;
|
---|
| 286 |
|
---|
| 287 | if (!ssl_session_memcpy(ret->session_id, &ret->session_id_length,
|
---|
| 288 | as->session_id, SSL3_MAX_SSL_SESSION_ID_LENGTH))
|
---|
| 289 | goto err;
|
---|
| 290 |
|
---|
| 291 | if (!ssl_session_memcpy(ret->master_key, &tmpl,
|
---|
| 292 | as->master_key, SSL_MAX_MASTER_KEY_LENGTH))
|
---|
| 293 | goto err;
|
---|
| 294 |
|
---|
| 295 | ret->master_key_length = tmpl;
|
---|
| 296 |
|
---|
| 297 | if (as->time != 0)
|
---|
| 298 | ret->time = as->time;
|
---|
| 299 | else
|
---|
| 300 | ret->time = (unsigned long)time(NULL);
|
---|
| 301 |
|
---|
| 302 | if (as->timeout != 0)
|
---|
| 303 | ret->timeout = as->timeout;
|
---|
| 304 | else
|
---|
| 305 | ret->timeout = 3;
|
---|
| 306 |
|
---|
| 307 | X509_free(ret->peer);
|
---|
| 308 | ret->peer = as->peer;
|
---|
| 309 | as->peer = NULL;
|
---|
| 310 |
|
---|
| 311 | if (!ssl_session_memcpy(ret->sid_ctx, &ret->sid_ctx_length,
|
---|
| 312 | as->session_id_context, SSL_MAX_SID_CTX_LENGTH))
|
---|
| 313 | goto err;
|
---|
| 314 |
|
---|
| 315 | /* NB: this defaults to zero which is X509_V_OK */
|
---|
| 316 | ret->verify_result = as->verify_result;
|
---|
| 317 |
|
---|
| 318 | if (!ssl_session_strndup(&ret->tlsext_hostname, as->tlsext_hostname))
|
---|
| 319 | goto err;
|
---|
| 320 |
|
---|
| 321 | #ifndef OPENSSL_NO_PSK
|
---|
| 322 | if (!ssl_session_strndup(&ret->psk_identity_hint, as->psk_identity_hint))
|
---|
| 323 | goto err;
|
---|
| 324 | if (!ssl_session_strndup(&ret->psk_identity, as->psk_identity))
|
---|
| 325 | goto err;
|
---|
| 326 | #endif
|
---|
| 327 |
|
---|
| 328 | ret->tlsext_tick_lifetime_hint = as->tlsext_tick_lifetime_hint;
|
---|
| 329 | if (as->tlsext_tick) {
|
---|
| 330 | ret->tlsext_tick = as->tlsext_tick->data;
|
---|
| 331 | ret->tlsext_ticklen = as->tlsext_tick->length;
|
---|
| 332 | as->tlsext_tick->data = NULL;
|
---|
| 333 | } else {
|
---|
| 334 | ret->tlsext_tick = NULL;
|
---|
| 335 | }
|
---|
| 336 | #ifndef OPENSSL_NO_COMP
|
---|
| 337 | if (as->comp_id) {
|
---|
| 338 | if (as->comp_id->length != 1) {
|
---|
| 339 | SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH);
|
---|
| 340 | goto err;
|
---|
| 341 | }
|
---|
| 342 | ret->compress_meth = as->comp_id->data[0];
|
---|
| 343 | } else {
|
---|
| 344 | ret->compress_meth = 0;
|
---|
| 345 | }
|
---|
| 346 | #endif
|
---|
| 347 |
|
---|
| 348 | #ifndef OPENSSL_NO_SRP
|
---|
| 349 | if (!ssl_session_strndup(&ret->srp_username, as->srp_username))
|
---|
| 350 | goto err;
|
---|
| 351 | #endif /* OPENSSL_NO_SRP */
|
---|
| 352 | /* Flags defaults to zero which is fine */
|
---|
| 353 | ret->flags = as->flags;
|
---|
| 354 |
|
---|
| 355 | M_ASN1_free_of(as, SSL_SESSION_ASN1);
|
---|
| 356 |
|
---|
| 357 | if ((a != NULL) && (*a == NULL))
|
---|
| 358 | *a = ret;
|
---|
| 359 | *pp = p;
|
---|
| 360 | return ret;
|
---|
| 361 |
|
---|
| 362 | err:
|
---|
| 363 | M_ASN1_free_of(as, SSL_SESSION_ASN1);
|
---|
| 364 | if ((a == NULL) || (*a != ret))
|
---|
| 365 | SSL_SESSION_free(ret);
|
---|
| 366 | return NULL;
|
---|
| 367 | }
|
---|