openssl/util/TLSProxy/ServerKeyExchange.pm
Matt Caswell 79d8c16785 Extend ServerKeyExchange parsing to work with a signature
Previously SKE in TLSProxy only knew about one anonymous ciphersuite so
there was never a signature. Extend that to include a ciphersuite that is
not anonymous. This also fixes a bug where the existing SKE processing was
checking against the wrong anon ciphersuite value. This has a knock on
impact on the sslskewith0p test. The bug meant the test was working...but
entirely by accident!

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
2017-01-10 23:02:50 +00:00

157 lines
3.4 KiB
Perl

# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
use strict;
package TLSProxy::ServerKeyExchange;
use vars '@ISA';
push @ISA, 'TLSProxy::Message';
sub new
{
my $class = shift;
my ($server,
$data,
$records,
$startoffset,
$message_frag_lens) = @_;
my $self = $class->SUPER::new(
$server,
TLSProxy::Message::MT_SERVER_KEY_EXCHANGE,
$data,
$records,
$startoffset,
$message_frag_lens);
#DHE
$self->{p} = "";
$self->{g} = "";
$self->{pub_key} = "";
$self->{sigalg} = -1;
$self->{sig} = "";
return $self;
}
sub parse
{
my $self = shift;
my $sigalg = -1;
#Minimal SKE parsing. Only supports one known DHE ciphersuite at the moment
return if TLSProxy::Proxy->ciphersuite()
!= TLSProxy::Message::CIPHER_ADH_AES_128_SHA
&& TLSProxy::Proxy->ciphersuite()
!= TLSProxy::Message::CIPHER_DHE_RSA_AES_128_SHA;
my $p_len = unpack('n', $self->data);
my $ptr = 2;
my $p = substr($self->data, $ptr, $p_len);
$ptr += $p_len;
my $g_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my $g = substr($self->data, $ptr, $g_len);
$ptr += $g_len;
my $pub_key_len = unpack('n', substr($self->data, $ptr));
$ptr += 2;
my $pub_key = substr($self->data, $ptr, $pub_key_len);
$ptr += $pub_key_len;
#We assume its signed
my $record = ${$self->records}[0];
if (TLSProxy::Proxy->is_tls13()
|| $record->version() == TLSProxy::Record::VERS_TLS_1_2) {
$sigalg = unpack('n', substr($self->data, $ptr));
$ptr += 2;
}
my $sig = "";
if (defined $sigalg) {
my $sig_len = unpack('n', substr($self->data, $ptr));
if (defined $sig_len) {
$ptr += 2;
$sig = substr($self->data, $ptr, $sig_len);
$ptr += $sig_len;
}
}
$self->p($p);
$self->g($g);
$self->pub_key($pub_key);
$self->sigalg($sigalg) if defined $sigalg;
$self->signature($sig);
}
#Reconstruct the on-the-wire message data following changes
sub set_message_contents
{
my $self = shift;
my $data;
$data = pack('n', length($self->p));
$data .= $self->p;
$data .= pack('n', length($self->g));
$data .= $self->g;
$data .= pack('n', length($self->pub_key));
$data .= $self->pub_key;
$data .= pack('n', $self->sigalg) if ($self->sigalg != -1);
if (length($self->signature) > 0) {
$data .= pack('n', length($self->signature));
$data .= $self->signature;
}
$self->data($data);
}
#Read/write accessors
#DHE
sub p
{
my $self = shift;
if (@_) {
$self->{p} = shift;
}
return $self->{p};
}
sub g
{
my $self = shift;
if (@_) {
$self->{g} = shift;
}
return $self->{g};
}
sub pub_key
{
my $self = shift;
if (@_) {
$self->{pub_key} = shift;
}
return $self->{pub_key};
}
sub sigalg
{
my $self = shift;
if (@_) {
$self->{sigalg} = shift;
}
return $self->{sigalg};
}
sub signature
{
my $self = shift;
if (@_) {
$self->{sig} = shift;
}
return $self->{sig};
}
1;