• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * This file is part of the openHiTLS project.
3  *
4  * openHiTLS is licensed under the Mulan PSL v2.
5  * You can use this software according to the terms and conditions of the Mulan PSL v2.
6  * You may obtain a copy of Mulan PSL v2 at:
7  *
8  *     http://license.coscl.org.cn/MulanPSL2
9  *
10  * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11  * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12  * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13  * See the Mulan PSL v2 for more details.
14  */
15 #include "hitls_build.h"
16 #include "securec.h"
17 #include "bsl_sal.h"
18 #include "tls_binlog_id.h"
19 #include "bsl_log_internal.h"
20 #include "bsl_log.h"
21 #include "bsl_err_internal.h"
22 #include "hitls_error.h"
23 #include "bsl_uio.h"
24 #include "uio_base.h"
25 #include "rec.h"
26 #ifdef HITLS_TLS_FEATURE_INDICATOR
27 #include "indicator.h"
28 #endif
29 #include "hs.h"
30 #include "alert.h"
31 #include "change_cipher_spec.h"
32 
33 struct CcsCtx {
34     bool isReady;               /* Whether to allow receiving CCS */
35     bool ccsRecvflag;           /* Indicates whether the CCS is received. */
36     bool isAllowActiveCipher;   /* Flag for allow activating the receiving key suite */
37     bool activeCipherFlag;      /* Flag for activating the receiving key suite */
38 };
39 
CCS_IsRecv(const TLS_Ctx * ctx)40 bool CCS_IsRecv(const TLS_Ctx *ctx)
41 {
42     return ctx->ccsCtx->ccsRecvflag;
43 }
44 
CCS_Send(TLS_Ctx * ctx)45 int32_t CCS_Send(TLS_Ctx *ctx)
46 {
47     int32_t ret;
48     const uint8_t buf[1] = {1u};
49     const uint32_t len = 1u;
50     if (ctx == NULL) {
51         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15616, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "ctx null.", 0, 0, 0, 0);
52         BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
53         return HITLS_NULL_INPUT;
54     }
55 
56 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_SCTP) && defined(HITLS_TLS_FEATURE_RENEGOTIATION)
57     /*  rfc6083 4.7.  Handshake
58         Before sending a ChangeCipherSpec message, all outstanding SCTP user
59         messages MUST have been acknowledged by the SCTP peer and MUST NOT be
60         revoked by the SCTP peer. */
61     if (BSL_UIO_GetUioChainTransportType(ctx->uio, BSL_UIO_SCTP) && ctx->negotiatedInfo.isRenegotiation) {
62         bool isBuffEmpty = false;
63         ret = BSL_UIO_Ctrl(ctx->uio, BSL_UIO_SCTP_SND_BUFF_IS_EMPTY, (int32_t)sizeof(isBuffEmpty), &isBuffEmpty);
64         if (ret != BSL_SUCCESS) {
65             BSL_LOG_BINLOG_FIXLEN(BINLOG_ID16275, BSL_LOG_LEVEL_FATAL, BSL_LOG_BINLOG_TYPE_RUN,
66                 "UIO_Ctrl fail, ret %d", ret, 0, 0, 0);
67             BSL_ERR_PUSH_ERROR(HITLS_UIO_FAIL);
68             return HITLS_UIO_FAIL;
69         }
70         /* When the SCTP sending buffer is not empty, the CCS cannot be sent. */
71         if (isBuffEmpty != true) {
72             BSL_ERR_PUSH_ERROR(HITLS_REC_NORMAL_IO_BUSY);
73             return HITLS_REC_NORMAL_IO_BUSY;
74         }
75     }
76 #endif
77 
78     /** Write record */
79     ret = REC_Write(ctx, REC_TYPE_CHANGE_CIPHER_SPEC, buf, len);
80     if (ret != HITLS_SUCCESS) {
81         return RETURN_ERROR_NUMBER_PROCESS(ret, BINLOG_ID16276, "Write fail");
82     }
83 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
84     if (IS_SUPPORT_DATAGRAM(ctx->config.tlsConfig.originVersionMask) &&
85         BSL_UIO_GetUioChainTransportType(ctx->uio, BSL_UIO_UDP)) {
86         ret = REC_RetransmitListAppend(ctx->recCtx, REC_TYPE_CHANGE_CIPHER_SPEC, buf, len);
87         if (ret != HITLS_SUCCESS) {
88             return ret;
89         }
90     }
91 #endif
92 #ifdef HITLS_TLS_FEATURE_INDICATOR
93     INDICATOR_MessageIndicate(1, HS_GetVersion(ctx), REC_TYPE_CHANGE_CIPHER_SPEC, buf, 1,
94     ctx, ctx->config.tlsConfig.msgArg);
95 #endif
96     BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15617, BSL_LOG_LEVEL_INFO, BSL_LOG_BINLOG_TYPE_RUN,
97         "written a change cipher spec message.", 0, 0, 0, 0);
98     return HITLS_SUCCESS;
99 }
100 
CCS_Ctrl(TLS_Ctx * ctx,CCS_Cmd cmd)101 int32_t CCS_Ctrl(TLS_Ctx *ctx, CCS_Cmd cmd)
102 {
103     if (ctx == NULL) {
104         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15618, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "ctx null.", 0, 0, 0, 0);
105         BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
106         return HITLS_NULL_INPUT;
107     }
108     switch (cmd) {
109         case CCS_CMD_RECV_READY:
110             ctx->ccsCtx->isReady = true;
111             break;
112         case CCS_CMD_RECV_EXIT_READY:
113             ctx->ccsCtx->isReady = false;
114             ctx->ccsCtx->ccsRecvflag = false;
115             ctx->ccsCtx->isAllowActiveCipher = false;
116             ctx->ccsCtx->activeCipherFlag = false;
117             break;
118         case CCS_CMD_RECV_ACTIVE_CIPHER_SPEC:
119             ctx->ccsCtx->isAllowActiveCipher = true;
120             if (ctx->ccsCtx->ccsRecvflag == true && ctx->ccsCtx->activeCipherFlag == false) {
121                 /** Enable key specification */
122                 int32_t ret = REC_ActivePendingState(ctx, false);
123                 if (ret != HITLS_SUCCESS) {
124                     ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_INTERNAL_ERROR);
125                     return ret;
126                 }
127                 ctx->ccsCtx->activeCipherFlag = true;
128             }
129             break;
130         default:
131             BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15619, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
132                 "ChangeCipherSpec error ctrl cmd", 0, 0, 0, 0);
133             BSL_ERR_PUSH_ERROR(HITLS_CCS_INVALID_CMD);
134             return HITLS_CCS_INVALID_CMD;
135     }
136     return HITLS_SUCCESS;
137 }
138 
CCS_Init(TLS_Ctx * ctx)139 int32_t CCS_Init(TLS_Ctx *ctx)
140 {
141     if (ctx == NULL) {
142         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15620, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "ctx null.", 0, 0, 0, 0);
143         BSL_ERR_PUSH_ERROR(HITLS_NULL_INPUT);
144         return HITLS_NULL_INPUT;
145     }
146     // Prevent the ctx->ccsCtx from being initialized multiple times.
147     if (ctx->ccsCtx != NULL) {
148         return HITLS_SUCCESS;
149     }
150     ctx->ccsCtx = (struct CcsCtx *)BSL_SAL_Malloc(sizeof(struct CcsCtx));
151     if (ctx->ccsCtx == NULL) {
152         BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15621, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
153             "ccs ctx malloc failed.", 0, 0, 0, 0);
154         BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
155         return HITLS_MEMALLOC_FAIL;
156     }
157     (void)memset_s(ctx->ccsCtx, sizeof(struct CcsCtx), 0, sizeof(struct CcsCtx));
158     return HITLS_SUCCESS;
159 }
160 
CCS_DeInit(TLS_Ctx * ctx)161 void CCS_DeInit(TLS_Ctx *ctx)
162 {
163     if (ctx == NULL) {
164         return;
165     }
166     BSL_SAL_FREE(ctx->ccsCtx);
167     return;
168 }
169 
ProcessPlainCCS(TLS_Ctx * ctx,const uint8_t * data,uint32_t dataLen)170 int32_t ProcessPlainCCS(TLS_Ctx *ctx, const uint8_t *data, uint32_t dataLen)
171 {
172     if (ctx->ccsCtx->isReady == false) {
173 #if defined(HITLS_TLS_PROTO_DTLS12) && defined(HITLS_BSL_UIO_UDP)
174         if (IS_SUPPORT_DATAGRAM(ctx->config.tlsConfig.originVersionMask) &&
175             BSL_UIO_GetUioChainTransportType(ctx->uio, BSL_UIO_UDP)) {
176             ctx->rwstate = HITLS_READING;
177             return HITLS_REC_NORMAL_RECV_BUF_EMPTY;
178         }
179 #endif
180         return RETURN_ALERT_PROCESS(ctx, HITLS_REC_NORMAL_RECV_UNEXPECT_MSG, BINLOG_ID15612,
181             "recv unexpected ccs msg", ALERT_UNEXPECTED_MESSAGE);
182     }
183 
184     /** The read length is abnormal. */
185     if (dataLen != 1u) {
186         return RETURN_ALERT_PROCESS(ctx, HITLS_REC_NORMAL_RECV_UNEXPECT_MSG, BINLOG_ID15613,
187             "ccs msg length err", ALERT_UNEXPECTED_MESSAGE);
188     }
189 
190     /** Message exception. */
191     if (data[0] != 1u) {
192         return RETURN_ALERT_PROCESS(ctx, HITLS_REC_NORMAL_RECV_UNEXPECT_MSG, BINLOG_ID15614,
193             "ccs msg err", ALERT_UNEXPECTED_MESSAGE);
194     }
195     /** Multiple generate ccs messages are received: If UDP transmission is used, ignore the ccs. */
196     if (ctx->ccsCtx->ccsRecvflag == true && !BSL_UIO_GetUioChainTransportType(ctx->uio, BSL_UIO_UDP) &&
197         HS_GetVersion(ctx) != HITLS_VERSION_TLS13) {
198         return RETURN_ALERT_PROCESS(ctx, HITLS_REC_NORMAL_RECV_UNEXPECT_MSG, BINLOG_ID16277,
199             "Multiple generate ccs msg are received", ALERT_UNEXPECTED_MESSAGE);
200     }
201 
202     if (ctx->ccsCtx->isAllowActiveCipher == true && ctx->ccsCtx->activeCipherFlag == false) {
203         /** Enable key specification */
204         if (REC_ActivePendingState(ctx, false) != HITLS_SUCCESS) {
205             return RETURN_ALERT_PROCESS(ctx, HITLS_REC_NORMAL_RECV_UNEXPECT_MSG, BINLOG_ID16278,
206                 "ActivePendingState err", ALERT_INTERNAL_ERROR);
207         }
208         ctx->ccsCtx->activeCipherFlag = true;
209     }
210     ctx->ccsCtx->ccsRecvflag = true;
211 #ifdef HITLS_TLS_FEATURE_INDICATOR
212     INDICATOR_MessageIndicate(0, HS_GetVersion(ctx), REC_TYPE_CHANGE_CIPHER_SPEC, data, 1,
213                               ctx, ctx->config.tlsConfig.msgArg);
214 #endif
215     BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15615, BSL_LOG_LEVEL_INFO, BSL_LOG_BINLOG_TYPE_RUN,
216         "got a change cipher spec message.", 0, 0, 0, 0);
217 #ifdef HITLS_TLS_SUITE_CIPHER_CBC
218     ctx->negotiatedInfo.isEncryptThenMacRead = ctx->negotiatedInfo.isEncryptThenMac;
219 #endif
220     return HITLS_REC_NORMAL_RECV_UNEXPECT_MSG;
221 }
222 
ProcessDecryptedCCS(TLS_Ctx * ctx,const uint8_t * data,uint32_t dataLen)223 int32_t ProcessDecryptedCCS(TLS_Ctx *ctx, const uint8_t *data, uint32_t dataLen)
224 {
225 #ifdef HITLS_TLS_PROTO_TLS13
226     if (HS_GetVersion(ctx) == HITLS_VERSION_TLS13) {
227         return RETURN_ALERT_PROCESS(ctx, HITLS_REC_NORMAL_RECV_UNEXPECT_MSG, BINLOG_ID15612,
228             "recv encrypted ccs msg", ALERT_UNEXPECTED_MESSAGE);
229     }
230 #endif
231     return ProcessPlainCCS(ctx, data, dataLen);
232 }