1 /*
2 * This file is part of the openHiTLS project.
3 *
4 * openHiTLS is licensed under the Mulan PSL v2.
5 * You can use this software according to the terms and conditions of the Mulan PSL v2.
6 * You may obtain a copy of Mulan PSL v2 at:
7 *
8 * http://license.coscl.org.cn/MulanPSL2
9 *
10 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
11 * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
12 * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
13 * See the Mulan PSL v2 for more details.
14 */
15 #include "hitls_build.h"
16 #include "securec.h"
17 #include "tls_binlog_id.h"
18 #include "bsl_log_internal.h"
19 #include "bsl_log.h"
20 #include "bsl_sal.h"
21 #include "bsl_err_internal.h"
22 #include "bsl_bytes.h"
23 #include "hitls_error.h"
24 #include "tls.h"
25 #include "hs.h"
26 #include "hs_ctx.h"
27 #include "hs_extensions.h"
28 #include "parse_common.h"
29 #include "parse_extensions.h"
30
31 // Parse an empty extended message.
ParseEmptyExtension(TLS_Ctx * ctx,uint16_t extMsgType,uint32_t extMsgLen,bool * haveExtension)32 int32_t ParseEmptyExtension(TLS_Ctx *ctx, uint16_t extMsgType, uint32_t extMsgLen, bool *haveExtension)
33 {
34 /* Parsed extensions of the same type */
35 if (*haveExtension) {
36 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15120, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
37 "extension message type:%d len:%lu in hello message is repeated.", extMsgType, extMsgLen, 0, 0);
38 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_ILLEGAL_PARAMETER);
39 BSL_ERR_PUSH_ERROR(HITLS_PARSE_DUPLICATE_EXTENDED_MSG);
40 return HITLS_PARSE_DUPLICATE_EXTENDED_MSG;
41 }
42
43 /* Parse the empty extended message */
44 if (extMsgLen != 0u) {
45 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15121, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
46 "extension message type:%d len:%lu in hello message is nonzero.", extMsgType, extMsgLen, 0, 0);
47 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_DECODE_ERROR);
48 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
49 return HITLS_PARSE_INVALID_MSG_LEN;
50 }
51
52 *haveExtension = true;
53 return HITLS_SUCCESS;
54 }
55
ParseExCookie(const uint8_t * buf,uint32_t bufLen,uint8_t ** cookie,uint16_t * cookieLen)56 int32_t ParseExCookie(const uint8_t *buf, uint32_t bufLen, uint8_t **cookie, uint16_t *cookieLen)
57 {
58 *cookie = NULL; // Initialize the function entry to prevent wild pointers
59
60 uint32_t bufOffset = 0;
61 if (bufLen < sizeof(uint16_t)) {
62 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17007, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "bufLen error", 0, 0, 0, 0);
63 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
64 return HITLS_PARSE_INVALID_MSG_LEN;
65 }
66
67 /* Extract the cookie length */
68 uint32_t tmpCookieLen = BSL_ByteToUint16(&buf[bufOffset]);
69 bufOffset += sizeof(uint16_t);
70
71 /* If the cookie length is incorrect, an error code is returned */
72 if (tmpCookieLen != (bufLen - bufOffset) || tmpCookieLen == 0u) {
73 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17008, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "bufLen error", 0, 0, 0, 0);
74 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
75 return HITLS_PARSE_INVALID_MSG_LEN;
76 }
77
78 /* Obtain the cookie */
79 uint8_t *tmpCookie = BSL_SAL_Dump(&buf[bufOffset], tmpCookieLen);
80 if (tmpCookie == NULL) {
81 BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
82 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15161, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "cookie malloc fail.", 0, 0,
83 0, 0);
84 return HITLS_MEMALLOC_FAIL;
85 }
86
87 *cookie = tmpCookie;
88 *cookieLen = (uint16_t)tmpCookieLen;
89 return HITLS_SUCCESS;
90 }
91 #if defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12)
ParseSecRenegoInfo(TLS_Ctx * ctx,const uint8_t * buf,uint32_t bufLen,uint8_t ** secRenegoInfo,uint8_t * secRenegoInfoSize)92 int32_t ParseSecRenegoInfo(TLS_Ctx *ctx, const uint8_t *buf, uint32_t bufLen, uint8_t **secRenegoInfo,
93 uint8_t *secRenegoInfoSize)
94 {
95 /* The message length is not enough to parse secRenegoInfo */
96 if (bufLen < sizeof(uint8_t)) {
97 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
98 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15184, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
99 "extension message length (renegotiation info) in client hello message is incorrect.", 0, 0, 0, 0);
100 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_DECODE_ERROR);
101 return HITLS_PARSE_INVALID_MSG_LEN;
102 }
103
104 /* Parse the length of secRenegoInfo */
105 uint32_t bufOffset = 0;
106 uint8_t tmpSize = buf[bufOffset];
107 bufOffset++;
108
109 if (tmpSize != (bufLen - bufOffset)) {
110 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
111 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15185, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
112 "the renegotiation info size in the hello messag is incorrect.", 0, 0, 0, 0);
113 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_DECODE_ERROR);
114 return HITLS_PARSE_INVALID_MSG_LEN;
115 }
116
117 if (tmpSize == 0) {
118 return HITLS_SUCCESS;
119 }
120
121 /* Parse secRenegoInfo */
122 uint8_t *tmpInfo = (uint8_t *)BSL_SAL_Dump(&buf[bufOffset], tmpSize);
123 if (tmpInfo == NULL) {
124 BSL_ERR_PUSH_ERROR(HITLS_MEMALLOC_FAIL);
125 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15186, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
126 "secRenegoInfo malloc fail when parse renegotiation info.", 0, 0, 0, 0);
127 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_INTERNAL_ERROR);
128 return HITLS_MEMALLOC_FAIL;
129 }
130
131 *secRenegoInfo = tmpInfo;
132 *secRenegoInfoSize = tmpSize;
133 return HITLS_SUCCESS;
134 }
135 #endif /* defined(HITLS_TLS_PROTO_TLS_BASIC) || defined(HITLS_TLS_PROTO_DTLS12) */
136 /**
137 * @brief Parse the extended message type and length.
138 *
139 * @param ctx [IN] TLS context
140 * @param buf [IN] message buffer, starting from the extension type.
141 * @param bufLen [IN] Packet length
142 * @param extMsgType [OUT] Extended message type
143 * @param extMsgLen [OUT] Extended message length
144 *
145 * @retval HITLS_SUCCESS parsed successfully.
146 * @retval HITLS_PARSE_INVALID_MSG_LEN The message length is incorrect.
147 * @retval HITLS_MEMALLOC_FAIL Memory application failed.
148 * @retval HITLS_PARSE_DUPLICATE_EXTENSIVE_MSG Extended message
149 */
ParseExHeader(TLS_Ctx * ctx,const uint8_t * buf,uint32_t bufLen,uint16_t * extMsgType,uint32_t * extMsgLen)150 int32_t ParseExHeader(TLS_Ctx *ctx, const uint8_t *buf, uint32_t bufLen, uint16_t *extMsgType, uint32_t *extMsgLen)
151 {
152 if (bufLen < HS_EX_HEADER_LEN) {
153 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
154 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15189, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
155 "the extension len of client hello msg is incorrect", 0, 0, 0, 0);
156 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_DECODE_ERROR);
157 return HITLS_PARSE_INVALID_MSG_LEN;
158 }
159
160 uint32_t bufOffset = 0u;
161 uint16_t type = 0u;
162 uint32_t len = 0u;
163 /* Obtain the message type */
164 type = BSL_ByteToUint16(&buf[bufOffset]);
165 bufOffset += sizeof(uint16_t);
166 /* Obtain the message length */
167 len = BSL_ByteToUint16(&buf[bufOffset]);
168 bufOffset += sizeof(uint16_t);
169
170 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15190, BSL_LOG_LEVEL_INFO, BSL_LOG_BINLOG_TYPE_RUN,
171 "get extension message in hello, type:%d len:%lu.", type, len, 0, 0);
172 if (len > (bufLen - bufOffset)) {
173 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
174 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID15191, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
175 "extension message type:%d len:%lu in hello message is incorrect.", type, len, 0, 0);
176 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_DECODE_ERROR);
177 return HITLS_PARSE_INVALID_MSG_LEN;
178 }
179
180 /* Update the extended message type and length */
181 *extMsgType = type;
182 *extMsgLen = len;
183
184 return HITLS_SUCCESS;
185 }
186
ParseDupExtProcess(TLS_Ctx * ctx,uint32_t logId,const void * format)187 int32_t ParseDupExtProcess(TLS_Ctx *ctx, uint32_t logId, const void *format)
188 {
189 BSL_ERR_PUSH_ERROR(HITLS_PARSE_DUPLICATE_EXTENDED_MSG);
190 if (format != NULL) {
191 BSL_LOG_BINLOG_VARLEN(logId, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN, "extension type %s is repeated.",
192 format);
193 }
194 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_ILLEGAL_PARAMETER);
195 return HITLS_PARSE_DUPLICATE_EXTENDED_MSG;
196 }
197
ParseErrorExtLengthProcess(TLS_Ctx * ctx,uint32_t logId,const void * format)198 int32_t ParseErrorExtLengthProcess(TLS_Ctx *ctx, uint32_t logId, const void *format)
199 {
200 BSL_ERR_PUSH_ERROR(HITLS_PARSE_INVALID_MSG_LEN);
201 if (format != NULL) {
202 BSL_LOG_BINLOG_VARLEN(logId, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
203 "%s extension message length is incorrect", format);
204 }
205 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_DECODE_ERROR);
206 return HITLS_PARSE_INVALID_MSG_LEN;
207 }
208
GetExtensionFlagValue(TLS_Ctx * ctx,uint32_t hsExTypeId)209 bool GetExtensionFlagValue(TLS_Ctx *ctx, uint32_t hsExTypeId)
210 {
211 switch (hsExTypeId) {
212 case HS_EX_TYPE_ID_SERVER_NAME: return ctx->hsCtx->extFlag.haveServerName;
213 case HS_EX_TYPE_ID_SUPPORTED_GROUPS: return ctx->hsCtx->extFlag.haveSupportedGroups;
214 case HS_EX_TYPE_ID_POINT_FORMATS: return ctx->hsCtx->extFlag.havePointFormats;
215 case HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS: return ctx->hsCtx->extFlag.haveSignatureAlgorithms;
216 case HS_EX_TYPE_ID_EXTENDED_MASTER_SECRET: return ctx->hsCtx->extFlag.haveExtendedMasterSecret;
217 case HS_EX_TYPE_ID_SUPPORTED_VERSIONS: return ctx->hsCtx->extFlag.haveSupportedVers;
218 case HS_EX_TYPE_ID_CERTIFICATE_AUTHORITIES: return ctx->hsCtx->extFlag.haveCA;
219 case HS_EX_TYPE_ID_POST_HS_AUTH: return ctx->hsCtx->extFlag.havePostHsAuth;
220 case HS_EX_TYPE_ID_KEY_SHARE: return ctx->hsCtx->extFlag.haveKeyShare;
221 case HS_EX_TYPE_ID_EARLY_DATA: return ctx->hsCtx->extFlag.haveEarlyData;
222 case HS_EX_TYPE_ID_PSK_KEY_EXCHANGE_MODES: return ctx->hsCtx->extFlag.havePskExMode;
223 case HS_EX_TYPE_ID_PRE_SHARED_KEY: return ctx->hsCtx->extFlag.havePreShareKey;
224 case HS_EX_TYPE_ID_APP_LAYER_PROTOCOLS: return ctx->hsCtx->extFlag.haveAlpn;
225 case HS_EX_TYPE_ID_SESSION_TICKET: return ctx->hsCtx->extFlag.haveTicket;
226 case HS_EX_TYPE_ID_ENCRYPT_THEN_MAC: return ctx->hsCtx->extFlag.haveEncryptThenMac;
227 case HS_EX_TYPE_ID_SIGNATURE_ALGORITHMS_CERT: return ctx->hsCtx->extFlag.haveSignatureAlgorithmsCert;
228 case HS_EX_TYPE_ID_COOKIE:
229 case HS_EX_TYPE_ID_RENEGOTIATION_INFO:
230 default:
231 break;
232 }
233 return true;
234 }
235
CheckForDuplicateExtension(uint64_t extensionTypeMask,uint32_t extensionId,TLS_Ctx * ctx)236 int32_t CheckForDuplicateExtension(uint64_t extensionTypeMask, uint32_t extensionId, TLS_Ctx *ctx)
237 {
238 // can not process duplication unknown ext, unknown ext is verified elsewhere
239 if (((extensionTypeMask & (1ULL << extensionId)) != 0) && extensionId != HS_EX_TYPE_ID_UNRECOGNIZED) {
240 BSL_ERR_PUSH_ERROR(HITLS_PARSE_DUPLICATE_EXTENDED_MSG);
241 BSL_LOG_BINLOG_FIXLEN(BINLOG_ID17328, BSL_LOG_LEVEL_ERR, BSL_LOG_BINLOG_TYPE_RUN,
242 "extension type %u is repeated.", extensionId, 0, 0, 0);
243 ctx->method.sendAlert(ctx, ALERT_LEVEL_FATAL, ALERT_ILLEGAL_PARAMETER);
244 return HITLS_PARSE_DUPLICATE_EXTENDED_MSG;
245 }
246
247 return HITLS_SUCCESS;
248 }