ssl/t1_reneg.c

   1 /*
   2  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the OpenSSL license (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include <openssl/objects.h>
  12 #include "ssl_locl.h"
  13
  14 /*
  15  * Parse the client's renegotiation binding and abort if it's not right
  16  */
  17 int ssl_parse_clienthello_renegotiate_ext(SSL *s, PACKET *pkt, int *al)
  18 {
  19     unsigned int ilen;
  20     const unsigned char *d;
  21
  22     /* Parse the length byte */
  23     if (!PACKET_get_1(pkt, &ilen)
  24         || !PACKET_get_bytes(pkt, &d, ilen)) {
  25         SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
  26                SSL_R_RENEGOTIATION_ENCODING_ERR);
  27         *al = SSL_AD_ILLEGAL_PARAMETER;
  28         return 0;
  29     }
  30
  31     /* Check that the extension matches */
  32     if (ilen != s->s3->previous_client_finished_len) {
  33         SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
  34                SSL_R_RENEGOTIATION_MISMATCH);
  35         *al = SSL_AD_HANDSHAKE_FAILURE;
  36         return 0;
  37     }
  38
  39     if (memcmp(d, s->s3->previous_client_finished,
  40                s->s3->previous_client_finished_len)) {
  41         SSLerr(SSL_F_SSL_PARSE_CLIENTHELLO_RENEGOTIATE_EXT,
  42                SSL_R_RENEGOTIATION_MISMATCH);
  43         *al = SSL_AD_HANDSHAKE_FAILURE;
  44         return 0;
  45     }
  46
  47     s->s3->send_connection_binding = 1;
  48
  49     return 1;
  50 }
  51
  52 /* Add the server's renegotiation binding */
  53 int ssl_add_serverhello_renegotiate_ext(SSL *s, WPACKET *pkt)
  54 {
  55     if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_renegotiate)
  56             || !WPACKET_start_sub_packet_u16(pkt)
  57             || !WPACKET_start_sub_packet_u8(pkt)
  58             || !WPACKET_memcpy(pkt, s->s3->previous_client_finished,
  59                                s->s3->previous_client_finished_len)
  60             || !WPACKET_memcpy(pkt, s->s3->previous_server_finished,
  61                                s->s3->previous_server_finished_len)
  62             || !WPACKET_close(pkt)
  63             || !WPACKET_close(pkt))
  64         return 0;
  65
  66     return 1;
  67 }
  68
  69 /*
  70  * Parse the server's renegotiation binding and abort if it's not right
  71  */
  72 int ssl_parse_serverhello_renegotiate_ext(SSL *s, PACKET *pkt, int *al)
  73 {
  74     unsigned int expected_len = s->s3->previous_client_finished_len
  75         + s->s3->previous_server_finished_len;
  76     unsigned int ilen;
  77     const unsigned char *data;
  78
  79     /* Check for logic errors */
  80     OPENSSL_assert(!expected_len || s->s3->previous_client_finished_len);
  81     OPENSSL_assert(!expected_len || s->s3->previous_server_finished_len);
  82
  83     /* Parse the length byte */
  84     if (!PACKET_get_1(pkt, &ilen)) {
  85         SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
  86                SSL_R_RENEGOTIATION_ENCODING_ERR);
  87         *al = SSL_AD_ILLEGAL_PARAMETER;
  88         return 0;
  89     }
  90
  91     /* Consistency check */
  92     if (PACKET_remaining(pkt) != ilen) {
  93         SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
  94                SSL_R_RENEGOTIATION_ENCODING_ERR);
  95         *al = SSL_AD_ILLEGAL_PARAMETER;
  96         return 0;
  97     }
  98
  99     /* Check that the extension matches */
 100     if (ilen != expected_len) {
 101         SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
 102                SSL_R_RENEGOTIATION_MISMATCH);
 103         *al = SSL_AD_HANDSHAKE_FAILURE;
 104         return 0;
 105     }
 106
 107     if (!PACKET_get_bytes(pkt, &data, s->s3->previous_client_finished_len)
 108         || memcmp(data, s->s3->previous_client_finished,
 109                   s->s3->previous_client_finished_len) != 0) {
 110         SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
 111                SSL_R_RENEGOTIATION_MISMATCH);
 112         *al = SSL_AD_HANDSHAKE_FAILURE;
 113         return 0;
 114     }
 115
 116     if (!PACKET_get_bytes(pkt, &data, s->s3->previous_server_finished_len)
 117         || memcmp(data, s->s3->previous_server_finished,
 118                   s->s3->previous_server_finished_len) != 0) {
 119         SSLerr(SSL_F_SSL_PARSE_SERVERHELLO_RENEGOTIATE_EXT,
 120                SSL_R_RENEGOTIATION_MISMATCH);
 121         *al = SSL_AD_ILLEGAL_PARAMETER;
 122         return 0;
 123     }
 124     s->s3->send_connection_binding = 1;
 125
 126     return 1;
 127 }