1 /* 2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 /* ==================================================================== 11 * Copyright 2005 Nokia. All rights reserved. 12 * 13 * The portions of the attached software ("Contribution") is developed by 14 * Nokia Corporation and is licensed pursuant to the OpenSSL open source 15 * license. 16 * 17 * The Contribution, originally written by Mika Kousa and Pasi Eronen of 18 * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites 19 * support (see RFC 4279) to OpenSSL. 20 * 21 * No patent licenses or other rights except those expressly stated in 22 * the OpenSSL open source license shall be deemed granted or received 23 * expressly, by implication, estoppel, or otherwise. 24 * 25 * No assurances are provided by Nokia that the Contribution does not 26 * infringe the patent or other intellectual property rights of any third 27 * party or that the license provides you with all the necessary rights 28 * to make use of the Contribution. 29 * 30 * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN 31 * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA 32 * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY 33 * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR 34 * OTHERWISE. 35 */ 36 37 #include <stdio.h> 38 #include <stdlib.h> 39 #include "ssl_locl.h" 40 #include "internal/asn1t.h" 41 #include <openssl/x509.h> 42 43 typedef struct { 44 uint32_t version; 45 int32_t ssl_version; 46 ASN1_OCTET_STRING *cipher; 47 ASN1_OCTET_STRING *comp_id; 48 ASN1_OCTET_STRING *master_key; 49 ASN1_OCTET_STRING *session_id; 50 ASN1_OCTET_STRING *key_arg; 51 int64_t time; 52 int64_t timeout; 53 X509 *peer; 54 ASN1_OCTET_STRING *session_id_context; 55 int32_t verify_result; 56 ASN1_OCTET_STRING *tlsext_hostname; 57 int64_t tlsext_tick_lifetime_hint; 58 ASN1_OCTET_STRING *tlsext_tick; 59 #ifndef OPENSSL_NO_PSK 60 ASN1_OCTET_STRING *psk_identity_hint; 61 ASN1_OCTET_STRING *psk_identity; 62 #endif 63 #ifndef OPENSSL_NO_SRP 64 ASN1_OCTET_STRING *srp_username; 65 #endif 66 uint64_t flags; 67 } SSL_SESSION_ASN1; 68 69 ASN1_SEQUENCE(SSL_SESSION_ASN1) = { 70 ASN1_EMBED(SSL_SESSION_ASN1, version, UINT32), 71 ASN1_EMBED(SSL_SESSION_ASN1, ssl_version, INT32), 72 ASN1_SIMPLE(SSL_SESSION_ASN1, cipher, ASN1_OCTET_STRING), 73 ASN1_SIMPLE(SSL_SESSION_ASN1, session_id, ASN1_OCTET_STRING), 74 ASN1_SIMPLE(SSL_SESSION_ASN1, master_key, ASN1_OCTET_STRING), 75 ASN1_IMP_OPT(SSL_SESSION_ASN1, key_arg, ASN1_OCTET_STRING, 0), 76 ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, time, ZINT64, 1), 77 ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, timeout, ZINT64, 2), 78 ASN1_EXP_OPT(SSL_SESSION_ASN1, peer, X509, 3), 79 ASN1_EXP_OPT(SSL_SESSION_ASN1, session_id_context, ASN1_OCTET_STRING, 4), 80 ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, verify_result, ZINT32, 5), 81 ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_hostname, ASN1_OCTET_STRING, 6), 82 #ifndef OPENSSL_NO_PSK 83 ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity_hint, ASN1_OCTET_STRING, 7), 84 ASN1_EXP_OPT(SSL_SESSION_ASN1, psk_identity, ASN1_OCTET_STRING, 8), 85 #endif 86 ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, tlsext_tick_lifetime_hint, ZUINT64, 9), 87 ASN1_EXP_OPT(SSL_SESSION_ASN1, tlsext_tick, ASN1_OCTET_STRING, 10), 88 ASN1_EXP_OPT(SSL_SESSION_ASN1, comp_id, ASN1_OCTET_STRING, 11), 89 #ifndef OPENSSL_NO_SRP 90 ASN1_EXP_OPT(SSL_SESSION_ASN1, srp_username, ASN1_OCTET_STRING, 12), 91 #endif 92 ASN1_EXP_OPT_EMBED(SSL_SESSION_ASN1, flags, ZUINT64, 13) 93 } static_ASN1_SEQUENCE_END(SSL_SESSION_ASN1) 94 95 IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(SSL_SESSION_ASN1) 96 97 /* Utility functions for i2d_SSL_SESSION */ 98 99 /* Initialise OCTET STRING from buffer and length */ 100 101 static void ssl_session_oinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os, 102 unsigned char *data, size_t len) 103 { 104 os->data = data; 105 os->length = len; 106 os->flags = 0; 107 *dest = os; 108 } 109 110 /* Initialise OCTET STRING from string */ 111 static void ssl_session_sinit(ASN1_OCTET_STRING **dest, ASN1_OCTET_STRING *os, 112 char *data) 113 { 114 if (data != NULL) 115 ssl_session_oinit(dest, os, (unsigned char *)data, strlen(data)); 116 else 117 *dest = NULL; 118 } 119 120 int i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) 121 { 122 123 SSL_SESSION_ASN1 as; 124 125 ASN1_OCTET_STRING cipher; 126 unsigned char cipher_data[2]; 127 ASN1_OCTET_STRING master_key, session_id, sid_ctx; 128 129 #ifndef OPENSSL_NO_COMP 130 ASN1_OCTET_STRING comp_id; 131 unsigned char comp_id_data; 132 #endif 133 134 ASN1_OCTET_STRING tlsext_hostname, tlsext_tick; 135 136 #ifndef OPENSSL_NO_SRP 137 ASN1_OCTET_STRING srp_username; 138 #endif 139 140 #ifndef OPENSSL_NO_PSK 141 ASN1_OCTET_STRING psk_identity, psk_identity_hint; 142 #endif 143 144 long l; 145 146 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0))) 147 return 0; 148 149 memset(&as, 0, sizeof(as)); 150 151 as.version = SSL_SESSION_ASN1_VERSION; 152 as.ssl_version = in->ssl_version; 153 154 if (in->cipher == NULL) 155 l = in->cipher_id; 156 else 157 l = in->cipher->id; 158 cipher_data[0] = ((unsigned char)(l >> 8L)) & 0xff; 159 cipher_data[1] = ((unsigned char)(l)) & 0xff; 160 161 ssl_session_oinit(&as.cipher, &cipher, cipher_data, 2); 162 163 #ifndef OPENSSL_NO_COMP 164 if (in->compress_meth) { 165 comp_id_data = (unsigned char)in->compress_meth; 166 ssl_session_oinit(&as.comp_id, &comp_id, &comp_id_data, 1); 167 } 168 #endif 169 170 ssl_session_oinit(&as.master_key, &master_key, 171 in->master_key, in->master_key_length); 172 173 ssl_session_oinit(&as.session_id, &session_id, 174 in->session_id, in->session_id_length); 175 176 ssl_session_oinit(&as.session_id_context, &sid_ctx, 177 in->sid_ctx, in->sid_ctx_length); 178 179 as.time = in->time; 180 as.timeout = in->timeout; 181 as.verify_result = in->verify_result; 182 183 as.peer = in->peer; 184 185 ssl_session_sinit(&as.tlsext_hostname, &tlsext_hostname, 186 in->tlsext_hostname); 187 if (in->tlsext_tick) { 188 ssl_session_oinit(&as.tlsext_tick, &tlsext_tick, 189 in->tlsext_tick, in->tlsext_ticklen); 190 } 191 if (in->tlsext_tick_lifetime_hint > 0) 192 as.tlsext_tick_lifetime_hint = in->tlsext_tick_lifetime_hint; 193 #ifndef OPENSSL_NO_PSK 194 ssl_session_sinit(&as.psk_identity_hint, &psk_identity_hint, 195 in->psk_identity_hint); 196 ssl_session_sinit(&as.psk_identity, &psk_identity, in->psk_identity); 197 #endif /* OPENSSL_NO_PSK */ 198 #ifndef OPENSSL_NO_SRP 199 ssl_session_sinit(&as.srp_username, &srp_username, in->srp_username); 200 #endif /* OPENSSL_NO_SRP */ 201 202 as.flags = in->flags; 203 204 return i2d_SSL_SESSION_ASN1(&as, pp); 205 206 } 207 208 /* Utility functions for d2i_SSL_SESSION */ 209 210 /* OPENSSL_strndup an OCTET STRING */ 211 212 static int ssl_session_strndup(char **pdst, ASN1_OCTET_STRING *src) 213 { 214 OPENSSL_free(*pdst); 215 *pdst = NULL; 216 if (src == NULL) 217 return 1; 218 *pdst = OPENSSL_strndup((char *)src->data, src->length); 219 if (*pdst == NULL) 220 return 0; 221 return 1; 222 } 223 224 /* Copy an OCTET STRING, return error if it exceeds maximum length */ 225 226 static int ssl_session_memcpy(unsigned char *dst, unsigned int *pdstlen, 227 ASN1_OCTET_STRING *src, int maxlen) 228 { 229 if (src == NULL) { 230 *pdstlen = 0; 231 return 1; 232 } 233 if (src->length > maxlen) 234 return 0; 235 memcpy(dst, src->data, src->length); 236 *pdstlen = src->length; 237 return 1; 238 } 239 240 SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, 241 long length) 242 { 243 long id; 244 unsigned int tmpl; 245 const unsigned char *p = *pp; 246 SSL_SESSION_ASN1 *as = NULL; 247 SSL_SESSION *ret = NULL; 248 249 as = d2i_SSL_SESSION_ASN1(NULL, &p, length); 250 /* ASN.1 code returns suitable error */ 251 if (as == NULL) 252 goto err; 253 254 if (!a || !*a) { 255 ret = SSL_SESSION_new(); 256 if (ret == NULL) 257 goto err; 258 } else { 259 ret = *a; 260 } 261 262 if (as->version != SSL_SESSION_ASN1_VERSION) { 263 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION); 264 goto err; 265 } 266 267 if ((as->ssl_version >> 8) != SSL3_VERSION_MAJOR 268 && (as->ssl_version >> 8) != DTLS1_VERSION_MAJOR 269 && as->ssl_version != DTLS1_BAD_VER) { 270 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNSUPPORTED_SSL_VERSION); 271 goto err; 272 } 273 274 ret->ssl_version = (int)as->ssl_version; 275 276 if (as->cipher->length != 2) { 277 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_CIPHER_CODE_WRONG_LENGTH); 278 goto err; 279 } 280 281 id = 0x03000000L | ((unsigned long)as->cipher->data[0] << 8L) 282 | (unsigned long)as->cipher->data[1]; 283 284 ret->cipher = NULL; 285 ret->cipher_id = id; 286 287 if (!ssl_session_memcpy(ret->session_id, &ret->session_id_length, 288 as->session_id, SSL3_MAX_SSL_SESSION_ID_LENGTH)) 289 goto err; 290 291 if (!ssl_session_memcpy(ret->master_key, &tmpl, 292 as->master_key, SSL_MAX_MASTER_KEY_LENGTH)) 293 goto err; 294 295 ret->master_key_length = tmpl; 296 297 if (as->time != 0) 298 ret->time = as->time; 299 else 300 ret->time = (unsigned long)time(NULL); 301 302 if (as->timeout != 0) 303 ret->timeout = as->timeout; 304 else 305 ret->timeout = 3; 306 307 X509_free(ret->peer); 308 ret->peer = as->peer; 309 as->peer = NULL; 310 311 if (!ssl_session_memcpy(ret->sid_ctx, &ret->sid_ctx_length, 312 as->session_id_context, SSL_MAX_SID_CTX_LENGTH)) 313 goto err; 314 315 /* NB: this defaults to zero which is X509_V_OK */ 316 ret->verify_result = as->verify_result; 317 318 if (!ssl_session_strndup(&ret->tlsext_hostname, as->tlsext_hostname)) 319 goto err; 320 321 #ifndef OPENSSL_NO_PSK 322 if (!ssl_session_strndup(&ret->psk_identity_hint, as->psk_identity_hint)) 323 goto err; 324 if (!ssl_session_strndup(&ret->psk_identity, as->psk_identity)) 325 goto err; 326 #endif 327 328 ret->tlsext_tick_lifetime_hint = as->tlsext_tick_lifetime_hint; 329 if (as->tlsext_tick) { 330 ret->tlsext_tick = as->tlsext_tick->data; 331 ret->tlsext_ticklen = as->tlsext_tick->length; 332 as->tlsext_tick->data = NULL; 333 } else { 334 ret->tlsext_tick = NULL; 335 } 336 #ifndef OPENSSL_NO_COMP 337 if (as->comp_id) { 338 if (as->comp_id->length != 1) { 339 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH); 340 goto err; 341 } 342 ret->compress_meth = as->comp_id->data[0]; 343 } else { 344 ret->compress_meth = 0; 345 } 346 #endif 347 348 #ifndef OPENSSL_NO_SRP 349 if (!ssl_session_strndup(&ret->srp_username, as->srp_username)) 350 goto err; 351 #endif /* OPENSSL_NO_SRP */ 352 /* Flags defaults to zero which is fine */ 353 ret->flags = as->flags; 354 355 M_ASN1_free_of(as, SSL_SESSION_ASN1); 356 357 if ((a != NULL) && (*a == NULL)) 358 *a = ret; 359 *pp = p; 360 return ret; 361 362 err: 363 M_ASN1_free_of(as, SSL_SESSION_ASN1); 364 if ((a == NULL) || (*a != ret)) 365 SSL_SESSION_free(ret); 366 return NULL; 367 } 368