2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/evp.h>
11 #include "../../ssl_local.h"
12 #include "../record_local.h"
13 #include "recmethod_local.h"
15 static int tls_any_set_crypto_state(OSSL_RECORD_LAYER *rl, int level,
16 unsigned char *key, size_t keylen,
17 unsigned char *iv, size_t ivlen,
18 unsigned char *mackey, size_t mackeylen,
19 const EVP_CIPHER *ciph,
25 if (level != OSSL_RECORD_PROTECTION_LEVEL_NONE) {
26 ERR_raise(ERR_LIB_SSL, ERR_R_INTERNAL_ERROR);
27 return OSSL_RECORD_RETURN_FATAL;
30 /* No crypto protection at the "NONE" level so nothing to be done */
32 return OSSL_RECORD_RETURN_SUCCESS;
35 static int tls_any_cipher(OSSL_RECORD_LAYER *rl, SSL3_RECORD *recs,
36 size_t n_recs, int sending, SSL_MAC_BUF *macs,
42 static int tls_validate_record_header(OSSL_RECORD_LAYER *rl, SSL3_RECORD *rec)
44 if (rec->rec_version == SSL2_VERSION) {
45 /* SSLv2 format ClientHello */
46 if (!ossl_assert(rl->version == TLS_ANY_VERSION)) {
47 RLAYERfatal(rl, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
50 if (rec->length < MIN_SSL2_RECORD_LEN) {
51 RLAYERfatal(rl, SSL_AD_DECODE_ERROR, SSL_R_LENGTH_TOO_SHORT);
55 if (rl->version == TLS_ANY_VERSION) {
56 if ((rec->rec_version >> 8) != SSL3_VERSION_MAJOR) {
57 if (rl->is_first_record) {
61 * Go back to start of packet, look at the five bytes that
65 if (HAS_PREFIX((char *)p, "GET ") ||
66 HAS_PREFIX((char *)p, "POST ") ||
67 HAS_PREFIX((char *)p, "HEAD ") ||
68 HAS_PREFIX((char *)p, "PUT ")) {
69 RLAYERfatal(rl, SSL_AD_NO_ALERT, SSL_R_HTTP_REQUEST);
71 } else if (HAS_PREFIX((char *)p, "CONNE")) {
72 RLAYERfatal(rl, SSL_AD_NO_ALERT,
73 SSL_R_HTTPS_PROXY_REQUEST);
77 /* Doesn't look like TLS - don't send an alert */
78 RLAYERfatal(rl, SSL_AD_NO_ALERT,
79 SSL_R_WRONG_VERSION_NUMBER);
82 RLAYERfatal(rl, SSL_AD_PROTOCOL_VERSION,
83 SSL_R_WRONG_VERSION_NUMBER);
87 } else if (rl->version == TLS1_3_VERSION) {
89 * In this case we know we are going to negotiate TLSv1.3, but we've
90 * had an HRR, so we haven't actually done so yet. In TLSv1.3 we
91 * must ignore the legacy record version in plaintext records.
93 } else if (rec->rec_version != rl->version) {
94 if ((rl->version & 0xFF00) == (rec->rec_version & 0xFF00)) {
95 if (rec->type == SSL3_RT_ALERT) {
97 * The record is using an incorrect version number,
98 * but what we've got appears to be an alert. We
99 * haven't read the body yet to check whether its a
100 * fatal or not - but chances are it is. We probably
101 * shouldn't send a fatal alert back. We'll just
104 RLAYERfatal(rl, SSL_AD_NO_ALERT,
105 SSL_R_WRONG_VERSION_NUMBER);
108 /* Send back error using their minor version number */
109 rl->version = (unsigned short)rec->rec_version;
111 RLAYERfatal(rl, SSL_AD_PROTOCOL_VERSION,
112 SSL_R_WRONG_VERSION_NUMBER);
116 if (rec->length > SSL3_RT_MAX_PLAIN_LENGTH) {
118 * We use SSL_R_DATA_LENGTH_TOO_LONG instead of
119 * SSL_R_ENCRYPTED_LENGTH_TOO_LONG here because we are the "any" method
120 * and we know that we are dealing with plaintext data
122 RLAYERfatal(rl, SSL_AD_RECORD_OVERFLOW, SSL_R_DATA_LENGTH_TOO_LONG);
128 static int tls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
130 if (rl->version != TLS_ANY_VERSION && rl->version != vers)
137 static int tls_any_prepare_for_encryption(OSSL_RECORD_LAYER *rl,
142 /* No encryption, so nothing to do */
146 struct record_functions_st tls_any_funcs = {
147 tls_any_set_crypto_state,
150 tls_any_set_protocol_version,
152 tls_get_more_records,
153 tls_validate_record_header,
154 tls_default_post_process_record,
155 tls_get_max_records_default,
156 tls_write_records_default,
157 tls_allocate_write_buffers_default,
158 tls_initialise_write_packets_default,
160 tls_prepare_record_header_default,
162 tls_any_prepare_for_encryption,
163 tls_post_encryption_processing_default,
167 static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
169 if (rl->version != DTLS_ANY_VERSION && rl->version != vers)
176 struct record_functions_st dtls_any_funcs = {
177 tls_any_set_crypto_state,
180 dtls_any_set_protocol_version,
182 dtls_get_more_records,
187 tls_allocate_write_buffers_default,
188 tls_initialise_write_packets_default,
190 dtls_prepare_record_header,
192 tls_prepare_for_encryption_default,
193 tls_post_encryption_processing_default,