• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  Common source code for SSL test programs. This file is included by
3  *  both ssl_client2.c and ssl_server2.c and is intended for source
4  *  code that is textually identical in both programs, but that cannot be
5  *  compiled separately because it refers to types or macros that are
6  *  different in the two programs, or because it would have an incomplete
7  *  type.
8  *
9  *  This file is meant to be #include'd and cannot be compiled separately.
10  *
11  *  Copyright The Mbed TLS Contributors
12  *  SPDX-License-Identifier: Apache-2.0
13  *
14  *  Licensed under the Apache License, Version 2.0 (the "License"); you may
15  *  not use this file except in compliance with the License.
16  *  You may obtain a copy of the License at
17  *
18  *  http://www.apache.org/licenses/LICENSE-2.0
19  *
20  *  Unless required by applicable law or agreed to in writing, software
21  *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22  *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23  *  See the License for the specific language governing permissions and
24  *  limitations under the License.
25  */
26 
eap_tls_key_derivation(void * p_expkey,mbedtls_ssl_key_export_type secret_type,const unsigned char * secret,size_t secret_len,const unsigned char client_random[32],const unsigned char server_random[32],mbedtls_tls_prf_types tls_prf_type)27 void eap_tls_key_derivation( void *p_expkey,
28                              mbedtls_ssl_key_export_type secret_type,
29                              const unsigned char *secret,
30                              size_t secret_len,
31                              const unsigned char client_random[32],
32                              const unsigned char server_random[32],
33                              mbedtls_tls_prf_types tls_prf_type )
34 {
35     eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
36 
37     /* We're only interested in the TLS 1.2 master secret */
38     if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET )
39         return;
40     if( secret_len != sizeof( keys->master_secret ) )
41         return;
42 
43     memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) );
44     memcpy( keys->randbytes, client_random, 32 );
45     memcpy( keys->randbytes + 32, server_random, 32 );
46     keys->tls_prf_type = tls_prf_type;
47 }
48 
nss_keylog_export(void * p_expkey,mbedtls_ssl_key_export_type secret_type,const unsigned char * secret,size_t secret_len,const unsigned char client_random[32],const unsigned char server_random[32],mbedtls_tls_prf_types tls_prf_type)49 void nss_keylog_export( void *p_expkey,
50                         mbedtls_ssl_key_export_type secret_type,
51                         const unsigned char *secret,
52                         size_t secret_len,
53                         const unsigned char client_random[32],
54                         const unsigned char server_random[32],
55                         mbedtls_tls_prf_types tls_prf_type )
56 {
57     char nss_keylog_line[ 200 ];
58     size_t const client_random_len = 32;
59     size_t len = 0;
60     size_t j;
61 
62     /* We're only interested in the TLS 1.2 master secret */
63     if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET )
64         return;
65 
66     ((void) p_expkey);
67     ((void) server_random);
68     ((void) tls_prf_type);
69 
70     len += sprintf( nss_keylog_line + len,
71                     "%s", "CLIENT_RANDOM " );
72 
73     for( j = 0; j < client_random_len; j++ )
74     {
75         len += sprintf( nss_keylog_line + len,
76                         "%02x", client_random[j] );
77     }
78 
79     len += sprintf( nss_keylog_line + len, " " );
80 
81     for( j = 0; j < secret_len; j++ )
82     {
83         len += sprintf( nss_keylog_line + len,
84                         "%02x", secret[j] );
85     }
86 
87     len += sprintf( nss_keylog_line + len, "\n" );
88     nss_keylog_line[ len ] = '\0';
89 
90     mbedtls_printf( "\n" );
91     mbedtls_printf( "---------------- NSS KEYLOG -----------------\n" );
92     mbedtls_printf( "%s", nss_keylog_line );
93     mbedtls_printf( "---------------------------------------------\n" );
94 
95     if( opt.nss_keylog_file != NULL )
96     {
97         FILE *f;
98 
99         if( ( f = fopen( opt.nss_keylog_file, "a" ) ) == NULL )
100         {
101             goto exit;
102         }
103 
104         if( fwrite( nss_keylog_line, 1, len, f ) != len )
105         {
106             fclose( f );
107             goto exit;
108         }
109 
110         fclose( f );
111     }
112 
113 exit:
114     mbedtls_platform_zeroize( nss_keylog_line,
115                               sizeof( nss_keylog_line ) );
116 }
117 
118 #if defined( MBEDTLS_SSL_DTLS_SRTP )
dtls_srtp_key_derivation(void * p_expkey,mbedtls_ssl_key_export_type secret_type,const unsigned char * secret,size_t secret_len,const unsigned char client_random[32],const unsigned char server_random[32],mbedtls_tls_prf_types tls_prf_type)119 void dtls_srtp_key_derivation( void *p_expkey,
120                                mbedtls_ssl_key_export_type secret_type,
121                                const unsigned char *secret,
122                                size_t secret_len,
123                                const unsigned char client_random[32],
124                                const unsigned char server_random[32],
125                                mbedtls_tls_prf_types tls_prf_type )
126 {
127     dtls_srtp_keys *keys = (dtls_srtp_keys *)p_expkey;
128 
129     /* We're only interested in the TLS 1.2 master secret */
130     if( secret_type != MBEDTLS_SSL_KEY_EXPORT_TLS12_MASTER_SECRET )
131         return;
132     if( secret_len != sizeof( keys->master_secret ) )
133         return;
134 
135     memcpy( keys->master_secret, secret, sizeof( keys->master_secret ) );
136     memcpy( keys->randbytes, client_random, 32 );
137     memcpy( keys->randbytes + 32, server_random, 32 );
138     keys->tls_prf_type = tls_prf_type;
139 }
140 #endif /* MBEDTLS_SSL_DTLS_SRTP */
141 
ssl_check_record(mbedtls_ssl_context const * ssl,unsigned char const * buf,size_t len)142 int ssl_check_record( mbedtls_ssl_context const *ssl,
143                       unsigned char const *buf, size_t len )
144 {
145     int my_ret = 0, ret_cr1, ret_cr2;
146     unsigned char *tmp_buf;
147 
148     /* Record checking may modify the input buffer,
149      * so make a copy. */
150     tmp_buf = mbedtls_calloc( 1, len );
151     if( tmp_buf == NULL )
152         return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
153     memcpy( tmp_buf, buf, len );
154 
155     ret_cr1 = mbedtls_ssl_check_record( ssl, tmp_buf, len );
156     if( ret_cr1 != MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE )
157     {
158         /* Test-only: Make sure that mbedtls_ssl_check_record()
159          *            doesn't alter state. */
160         memcpy( tmp_buf, buf, len ); /* Restore buffer */
161         ret_cr2 = mbedtls_ssl_check_record( ssl, tmp_buf, len );
162         if( ret_cr2 != ret_cr1 )
163         {
164             mbedtls_printf( "mbedtls_ssl_check_record() returned inconsistent results.\n" );
165             my_ret = -1;
166             goto cleanup;
167         }
168 
169         switch( ret_cr1 )
170         {
171             case 0:
172                 break;
173 
174             case MBEDTLS_ERR_SSL_INVALID_RECORD:
175                 if( opt.debug_level > 1 )
176                     mbedtls_printf( "mbedtls_ssl_check_record() detected invalid record.\n" );
177                 break;
178 
179             case MBEDTLS_ERR_SSL_INVALID_MAC:
180                 if( opt.debug_level > 1 )
181                     mbedtls_printf( "mbedtls_ssl_check_record() detected unauthentic record.\n" );
182                 break;
183 
184             case MBEDTLS_ERR_SSL_UNEXPECTED_RECORD:
185                 if( opt.debug_level > 1 )
186                     mbedtls_printf( "mbedtls_ssl_check_record() detected unexpected record.\n" );
187                 break;
188 
189             default:
190                 mbedtls_printf( "mbedtls_ssl_check_record() failed fatally with -%#04x.\n", (unsigned int) -ret_cr1 );
191                 my_ret = -1;
192                 goto cleanup;
193         }
194 
195         /* Regardless of the outcome, forward the record to the stack. */
196     }
197 
198 cleanup:
199     mbedtls_free( tmp_buf );
200 
201     return( my_ret );
202 }
203 
recv_cb(void * ctx,unsigned char * buf,size_t len)204 int recv_cb( void *ctx, unsigned char *buf, size_t len )
205 {
206     io_ctx_t *io_ctx = (io_ctx_t*) ctx;
207     size_t recv_len;
208     int ret;
209 
210     if( opt.nbio == 2 )
211         ret = delayed_recv( io_ctx->net, buf, len );
212     else
213         ret = mbedtls_net_recv( io_ctx->net, buf, len );
214     if( ret < 0 )
215         return( ret );
216     recv_len = (size_t) ret;
217 
218     if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
219     {
220         /* Here's the place to do any datagram/record checking
221          * in between receiving the packet from the underlying
222          * transport and passing it on to the TLS stack. */
223         if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
224             return( -1 );
225     }
226 
227     return( (int) recv_len );
228 }
229 
recv_timeout_cb(void * ctx,unsigned char * buf,size_t len,uint32_t timeout)230 int recv_timeout_cb( void *ctx, unsigned char *buf, size_t len,
231                      uint32_t timeout )
232 {
233     io_ctx_t *io_ctx = (io_ctx_t*) ctx;
234     int ret;
235     size_t recv_len;
236 
237     ret = mbedtls_net_recv_timeout( io_ctx->net, buf, len, timeout );
238     if( ret < 0 )
239         return( ret );
240     recv_len = (size_t) ret;
241 
242     if( opt.transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
243     {
244         /* Here's the place to do any datagram/record checking
245          * in between receiving the packet from the underlying
246          * transport and passing it on to the TLS stack. */
247         if( ssl_check_record( io_ctx->ssl, buf, recv_len ) != 0 )
248             return( -1 );
249     }
250 
251     return( (int) recv_len );
252 }
253 
send_cb(void * ctx,unsigned char const * buf,size_t len)254 int send_cb( void *ctx, unsigned char const *buf, size_t len )
255 {
256     io_ctx_t *io_ctx = (io_ctx_t*) ctx;
257 
258     if( opt.nbio == 2 )
259         return( delayed_send( io_ctx->net, buf, len ) );
260 
261     return( mbedtls_net_send( io_ctx->net, buf, len ) );
262 }
263 
264 #if defined(MBEDTLS_X509_CRT_PARSE_C)
265 int ssl_sig_hashes_for_test[] = {
266 #if defined(MBEDTLS_SHA512_C)
267     MBEDTLS_MD_SHA512,
268 #endif
269 #if defined(MBEDTLS_SHA384_C)
270     MBEDTLS_MD_SHA384,
271 #endif
272 #if defined(MBEDTLS_SHA256_C)
273     MBEDTLS_MD_SHA256,
274 #endif
275 #if defined(MBEDTLS_SHA224_C)
276     MBEDTLS_MD_SHA224,
277 #endif
278 #if defined(MBEDTLS_SHA1_C)
279     /* Allow SHA-1 as we use it extensively in tests. */
280     MBEDTLS_MD_SHA1,
281 #endif
282     MBEDTLS_MD_NONE
283 };
284 #endif /* MBEDTLS_X509_CRT_PARSE_C */
285 
286 #if defined(MBEDTLS_X509_CRT_PARSE_C)
287 /** Functionally equivalent to mbedtls_x509_crt_verify_info, see that function
288  *  for more info.
289  */
x509_crt_verify_info(char * buf,size_t size,const char * prefix,uint32_t flags)290 int x509_crt_verify_info( char *buf, size_t size, const char *prefix,
291                           uint32_t flags )
292 {
293 #if !defined(MBEDTLS_X509_REMOVE_INFO)
294     return( mbedtls_x509_crt_verify_info( buf, size, prefix, flags ) );
295 
296 #else /* !MBEDTLS_X509_REMOVE_INFO */
297     int ret;
298     char *p = buf;
299     size_t n = size;
300 
301 #define X509_CRT_ERROR_INFO( err, err_str, info )                      \
302     if( ( flags & err ) != 0 )                                         \
303     {                                                                  \
304         ret = mbedtls_snprintf( p, n, "%s%s\n", prefix, info );        \
305         MBEDTLS_X509_SAFE_SNPRINTF;                                    \
306         flags ^= err;                                                  \
307     }
308 
309     MBEDTLS_X509_CRT_ERROR_INFO_LIST
310 #undef X509_CRT_ERROR_INFO
311 
312     if( flags != 0 )
313     {
314         ret = mbedtls_snprintf( p, n, "%sUnknown reason "
315                                        "(this should not happen)\n", prefix );
316         MBEDTLS_X509_SAFE_SNPRINTF;
317     }
318 
319     return( (int) ( size - n ) );
320 #endif /* MBEDTLS_X509_REMOVE_INFO */
321 }
322 #endif /* MBEDTLS_X509_CRT_PARSE_C */
323