1 1.1.1.2 christos # Copyright 2016-2026 The OpenSSL Project Authors. All Rights Reserved. 2 1.1 christos # 3 1.1 christos # Licensed under the Apache License 2.0 (the "License"). You may not use 4 1.1 christos # this file except in compliance with the License. You can obtain a copy 5 1.1 christos # in the file LICENSE in the source distribution or at 6 1.1 christos # https://www.openssl.org/source/license.html 7 1.1 christos 8 1.1 christos use strict; 9 1.1 christos 10 1.1 christos package TLSProxy::Message; 11 1.1 christos 12 1.1 christos use TLSProxy::Alert; 13 1.1 christos 14 1.1 christos use constant DTLS_MESSAGE_HEADER_LENGTH => 12; 15 1.1 christos use constant TLS_MESSAGE_HEADER_LENGTH => 4; 16 1.1 christos 17 1.1 christos #Message types 18 1.1 christos use constant { 19 1.1 christos MT_HELLO_REQUEST => 0, 20 1.1 christos MT_CLIENT_HELLO => 1, 21 1.1 christos MT_SERVER_HELLO => 2, 22 1.1 christos MT_HELLO_VERIFY_REQUEST => 3, 23 1.1 christos MT_NEW_SESSION_TICKET => 4, 24 1.1 christos MT_ENCRYPTED_EXTENSIONS => 8, 25 1.1 christos MT_CERTIFICATE => 11, 26 1.1 christos MT_SERVER_KEY_EXCHANGE => 12, 27 1.1 christos MT_CERTIFICATE_REQUEST => 13, 28 1.1 christos MT_SERVER_HELLO_DONE => 14, 29 1.1 christos MT_CERTIFICATE_VERIFY => 15, 30 1.1 christos MT_CLIENT_KEY_EXCHANGE => 16, 31 1.1 christos MT_FINISHED => 20, 32 1.1 christos MT_CERTIFICATE_STATUS => 22, 33 1.1 christos MT_COMPRESSED_CERTIFICATE => 25, 34 1.1 christos MT_NEXT_PROTO => 67 35 1.1 christos }; 36 1.1 christos 37 1.1 christos #Alert levels 38 1.1 christos use constant { 39 1.1 christos AL_LEVEL_WARN => 1, 40 1.1 christos AL_LEVEL_FATAL => 2 41 1.1 christos }; 42 1.1 christos 43 1.1 christos #Alert descriptions 44 1.1 christos use constant { 45 1.1 christos AL_DESC_CLOSE_NOTIFY => 0, 46 1.1 christos AL_DESC_UNEXPECTED_MESSAGE => 10, 47 1.1 christos AL_DESC_BAD_RECORD_MAC => 20, 48 1.1.1.2 christos AL_DESC_BAD_CERTIFICATE => 42, 49 1.1 christos AL_DESC_ILLEGAL_PARAMETER => 47, 50 1.1 christos AL_DESC_DECODE_ERROR => 50, 51 1.1 christos AL_DESC_PROTOCOL_VERSION => 70, 52 1.1 christos AL_DESC_NO_RENEGOTIATION => 100, 53 1.1 christos AL_DESC_MISSING_EXTENSION => 109 54 1.1 christos }; 55 1.1 christos 56 1.1 christos my %message_type = ( 57 1.1 christos MT_HELLO_REQUEST, "HelloRequest", 58 1.1 christos MT_CLIENT_HELLO, "ClientHello", 59 1.1 christos MT_SERVER_HELLO, "ServerHello", 60 1.1 christos MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest", 61 1.1 christos MT_NEW_SESSION_TICKET, "NewSessionTicket", 62 1.1 christos MT_ENCRYPTED_EXTENSIONS, "EncryptedExtensions", 63 1.1 christos MT_CERTIFICATE, "Certificate", 64 1.1 christos MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange", 65 1.1 christos MT_CERTIFICATE_REQUEST, "CertificateRequest", 66 1.1 christos MT_SERVER_HELLO_DONE, "ServerHelloDone", 67 1.1 christos MT_CERTIFICATE_VERIFY, "CertificateVerify", 68 1.1 christos MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange", 69 1.1 christos MT_FINISHED, "Finished", 70 1.1 christos MT_CERTIFICATE_STATUS, "CertificateStatus", 71 1.1 christos MT_COMPRESSED_CERTIFICATE, "CompressedCertificate", 72 1.1 christos MT_NEXT_PROTO, "NextProto" 73 1.1 christos ); 74 1.1 christos 75 1.1 christos use constant { 76 1.1 christos EXT_SERVER_NAME => 0, 77 1.1 christos EXT_MAX_FRAGMENT_LENGTH => 1, 78 1.1 christos EXT_STATUS_REQUEST => 5, 79 1.1 christos EXT_SUPPORTED_GROUPS => 10, 80 1.1 christos EXT_EC_POINT_FORMATS => 11, 81 1.1 christos EXT_SRP => 12, 82 1.1 christos EXT_SIG_ALGS => 13, 83 1.1 christos EXT_USE_SRTP => 14, 84 1.1 christos EXT_ALPN => 16, 85 1.1 christos EXT_SCT => 18, 86 1.1 christos EXT_CLIENT_CERT_TYPE => 19, 87 1.1 christos EXT_SERVER_CERT_TYPE => 20, 88 1.1 christos EXT_PADDING => 21, 89 1.1 christos EXT_ENCRYPT_THEN_MAC => 22, 90 1.1 christos EXT_EXTENDED_MASTER_SECRET => 23, 91 1.1 christos EXT_COMPRESS_CERTIFICATE => 27, 92 1.1 christos EXT_SESSION_TICKET => 35, 93 1.1 christos EXT_KEY_SHARE => 51, 94 1.1 christos EXT_PSK => 41, 95 1.1 christos EXT_SUPPORTED_VERSIONS => 43, 96 1.1 christos EXT_COOKIE => 44, 97 1.1 christos EXT_PSK_KEX_MODES => 45, 98 1.1 christos EXT_POST_HANDSHAKE_AUTH => 49, 99 1.1 christos EXT_SIG_ALGS_CERT => 50, 100 1.1 christos EXT_RENEGOTIATE => 65281, 101 1.1 christos EXT_NPN => 13172, 102 1.1 christos EXT_CRYPTOPRO_BUG_EXTENSION => 0xfde8, 103 1.1 christos EXT_UNKNOWN => 0xfffe, 104 1.1 christos #Unknown extension that should appear last 105 1.1 christos EXT_FORCE_LAST => 0xffff 106 1.1 christos }; 107 1.1 christos 108 1.1 christos # SignatureScheme of TLS 1.3 from: 109 1.1 christos # https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme 110 1.1 christos # We have to manually grab the SHA224 equivalents from the old registry 111 1.1 christos use constant { 112 1.1 christos SIG_ALG_RSA_PKCS1_SHA256 => 0x0401, 113 1.1 christos SIG_ALG_RSA_PKCS1_SHA384 => 0x0501, 114 1.1 christos SIG_ALG_RSA_PKCS1_SHA512 => 0x0601, 115 1.1 christos SIG_ALG_ECDSA_SECP256R1_SHA256 => 0x0403, 116 1.1 christos SIG_ALG_ECDSA_SECP384R1_SHA384 => 0x0503, 117 1.1 christos SIG_ALG_ECDSA_SECP521R1_SHA512 => 0x0603, 118 1.1 christos SIG_ALG_RSA_PSS_RSAE_SHA256 => 0x0804, 119 1.1 christos SIG_ALG_RSA_PSS_RSAE_SHA384 => 0x0805, 120 1.1 christos SIG_ALG_RSA_PSS_RSAE_SHA512 => 0x0806, 121 1.1 christos SIG_ALG_ED25519 => 0x0807, 122 1.1 christos SIG_ALG_ED448 => 0x0808, 123 1.1 christos SIG_ALG_RSA_PSS_PSS_SHA256 => 0x0809, 124 1.1 christos SIG_ALG_RSA_PSS_PSS_SHA384 => 0x080a, 125 1.1 christos SIG_ALG_RSA_PSS_PSS_SHA512 => 0x080b, 126 1.1 christos SIG_ALG_RSA_PKCS1_SHA1 => 0x0201, 127 1.1 christos SIG_ALG_ECDSA_SHA1 => 0x0203, 128 1.1 christos SIG_ALG_DSA_SHA1 => 0x0202, 129 1.1 christos SIG_ALG_DSA_SHA256 => 0x0402, 130 1.1 christos SIG_ALG_DSA_SHA384 => 0x0502, 131 1.1 christos SIG_ALG_DSA_SHA512 => 0x0602, 132 1.1.1.2 christos SIG_ALG_MLDSA65 => 0x0905, 133 1.1 christos OSSL_SIG_ALG_RSA_PKCS1_SHA224 => 0x0301, 134 1.1 christos OSSL_SIG_ALG_DSA_SHA224 => 0x0302, 135 1.1 christos OSSL_SIG_ALG_ECDSA_SHA224 => 0x0303 136 1.1 christos }; 137 1.1 christos 138 1.1 christos use constant { 139 1.1 christos CIPHER_RSA_WITH_AES_128_CBC_SHA => 0x002f, 140 1.1 christos CIPHER_DHE_RSA_AES_128_SHA => 0x0033, 141 1.1 christos CIPHER_ADH_AES_128_SHA => 0x0034, 142 1.1 christos CIPHER_TLS13_AES_128_GCM_SHA256 => 0x1301, 143 1.1 christos CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302 144 1.1 christos }; 145 1.1 christos 146 1.1 christos use constant { 147 1.1 christos CLIENT => 0, 148 1.1 christos SERVER => 1 149 1.1 christos }; 150 1.1 christos 151 1.1 christos my $payload = ""; 152 1.1 christos my $messlen = -1; 153 1.1 christos my $mt; 154 1.1 christos my $startoffset = -1; 155 1.1 christos my $server = 0; 156 1.1 christos my $success = 0; 157 1.1 christos my $end = 0; 158 1.1 christos my @message_rec_list = (); 159 1.1 christos my @message_frag_lens = (); 160 1.1 christos my $ciphersuite = 0; 161 1.1 christos my $successondata = 0; 162 1.1 christos my $alert; 163 1.1 christos 164 1.1 christos sub clear 165 1.1 christos { 166 1.1 christos $payload = ""; 167 1.1 christos $messlen = -1; 168 1.1 christos $startoffset = -1; 169 1.1 christos $server = 0; 170 1.1 christos $success = 0; 171 1.1 christos $end = 0; 172 1.1 christos $successondata = 0; 173 1.1 christos @message_rec_list = (); 174 1.1 christos @message_frag_lens = (); 175 1.1 christos $alert = undef; 176 1.1 christos } 177 1.1 christos 178 1.1 christos #Class method to extract messages from a record 179 1.1 christos sub get_messages 180 1.1 christos { 181 1.1 christos my $class = shift; 182 1.1 christos my $serverin = shift; 183 1.1 christos my $record = shift; 184 1.1 christos my $isdtls = shift; 185 1.1 christos my @messages = (); 186 1.1 christos my $message; 187 1.1 christos 188 1.1 christos @message_frag_lens = (); 189 1.1 christos 190 1.1 christos if ($serverin != $server && length($payload) != 0) { 191 1.1 christos die "Changed peer, but we still have fragment data\n"; 192 1.1 christos } 193 1.1 christos $server = $serverin; 194 1.1 christos 195 1.1 christos if ($record->content_type == TLSProxy::Record::RT_CCS) { 196 1.1 christos if ($payload ne "") { 197 1.1 christos #We can't handle this yet 198 1.1 christos die "CCS received before message data complete\n"; 199 1.1 christos } 200 1.1 christos if (!TLSProxy::Proxy->is_tls13()) { 201 1.1 christos if ($server) { 202 1.1 christos TLSProxy::Record->server_encrypting(1); 203 1.1 christos } else { 204 1.1 christos TLSProxy::Record->client_encrypting(1); 205 1.1 christos } 206 1.1 christos } 207 1.1 christos } elsif ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) { 208 1.1 christos if ($record->len == 0 || $record->len_real == 0) { 209 1.1 christos print " Message truncated\n"; 210 1.1 christos } else { 211 1.1 christos my $recoffset = 0; 212 1.1 christos 213 1.1 christos if (length $payload > 0) { 214 1.1 christos #We are continuing processing a message started in a previous 215 1.1 christos #record. Add this record to the list associated with this 216 1.1 christos #message 217 1.1 christos push @message_rec_list, $record; 218 1.1 christos 219 1.1 christos if ($messlen <= length($payload)) { 220 1.1 christos #Shouldn't happen 221 1.1 christos die "Internal error: invalid messlen: ".$messlen 222 1.1 christos ." payload length:".length($payload)."\n"; 223 1.1 christos } 224 1.1 christos if (length($payload) + $record->decrypt_len >= $messlen) { 225 1.1 christos #We can complete the message with this record 226 1.1 christos $recoffset = $messlen - length($payload); 227 1.1 christos $payload .= substr($record->decrypt_data, 0, $recoffset); 228 1.1 christos push @message_frag_lens, $recoffset; 229 1.1 christos if ($isdtls) { 230 1.1 christos # We must set $msgseq, $msgfrag, $msgfragoffs 231 1.1 christos die "Internal error: cannot handle partial dtls messages\n" 232 1.1 christos } 233 1.1 christos $message = create_message($server, $mt, 234 1.1 christos #$msgseq, $msgfrag, $msgfragoffs, 235 1.1 christos 0, 0, 0, 236 1.1 christos $payload, $startoffset, $isdtls); 237 1.1 christos push @messages, $message; 238 1.1 christos 239 1.1 christos $payload = ""; 240 1.1 christos } else { 241 1.1 christos #This is just part of the total message 242 1.1 christos $payload .= $record->decrypt_data; 243 1.1 christos $recoffset = $record->decrypt_len; 244 1.1 christos push @message_frag_lens, $record->decrypt_len; 245 1.1 christos } 246 1.1 christos print " Partial message data read: ".$recoffset." bytes\n"; 247 1.1 christos } 248 1.1 christos 249 1.1 christos while ($record->decrypt_len > $recoffset) { 250 1.1 christos #We are at the start of a new message 251 1.1 christos my $msgheaderlen = $isdtls ? DTLS_MESSAGE_HEADER_LENGTH 252 1.1 christos : TLS_MESSAGE_HEADER_LENGTH; 253 1.1 christos if ($record->decrypt_len - $recoffset < $msgheaderlen) { 254 1.1 christos #Whilst technically probably valid we can't cope with this 255 1.1 christos die "End of record in the middle of a message header\n"; 256 1.1 christos } 257 1.1 christos @message_rec_list = ($record); 258 1.1 christos my $lenhi; 259 1.1 christos my $lenlo; 260 1.1 christos my $msgseq; 261 1.1 christos my $msgfrag; 262 1.1 christos my $msgfragoffs; 263 1.1 christos if ($isdtls) { 264 1.1 christos my $msgfraghi; 265 1.1 christos my $msgfraglo; 266 1.1 christos my $msgfragoffshi; 267 1.1 christos my $msgfragoffslo; 268 1.1 christos ($mt, $lenhi, $lenlo, $msgseq, $msgfraghi, $msgfraglo, $msgfragoffshi, $msgfragoffslo) = 269 1.1 christos unpack('CnCnnCnC', substr($record->decrypt_data, $recoffset)); 270 1.1 christos $msgfrag = ($msgfraghi << 8) | $msgfraglo; 271 1.1 christos $msgfragoffs = ($msgfragoffshi << 8) | $msgfragoffslo; 272 1.1 christos } else { 273 1.1 christos ($mt, $lenhi, $lenlo) = 274 1.1 christos unpack('CnC', substr($record->decrypt_data, $recoffset)); 275 1.1 christos } 276 1.1 christos $messlen = ($lenhi << 8) | $lenlo; 277 1.1 christos print " Message type: $message_type{$mt}($mt)\n"; 278 1.1 christos print " Message Length: $messlen\n"; 279 1.1 christos $startoffset = $recoffset; 280 1.1 christos $recoffset += $msgheaderlen; 281 1.1 christos $payload = ""; 282 1.1 christos 283 1.1 christos if ($recoffset <= $record->decrypt_len) { 284 1.1 christos #Some payload data is present in this record 285 1.1 christos if ($record->decrypt_len - $recoffset >= $messlen) { 286 1.1 christos #We can complete the message with this record 287 1.1 christos $payload .= substr($record->decrypt_data, $recoffset, 288 1.1 christos $messlen); 289 1.1 christos $recoffset += $messlen; 290 1.1 christos push @message_frag_lens, $messlen; 291 1.1 christos $message = create_message($server, $mt, $msgseq, 292 1.1 christos $msgfrag, $msgfragoffs, 293 1.1 christos $payload, $startoffset, $isdtls); 294 1.1 christos push @messages, $message; 295 1.1 christos 296 1.1 christos $payload = ""; 297 1.1 christos } else { 298 1.1 christos #This is just part of the total message 299 1.1 christos $payload .= substr($record->decrypt_data, $recoffset, 300 1.1 christos $record->decrypt_len - $recoffset); 301 1.1 christos $recoffset = $record->decrypt_len; 302 1.1 christos push @message_frag_lens, $recoffset; 303 1.1 christos } 304 1.1 christos } 305 1.1 christos } 306 1.1 christos } 307 1.1 christos } elsif ($record->content_type == TLSProxy::Record::RT_APPLICATION_DATA) { 308 1.1 christos print " [ENCRYPTED APPLICATION DATA]\n"; 309 1.1 christos print " [".$record->decrypt_data."]\n"; 310 1.1 christos 311 1.1 christos if ($successondata) { 312 1.1 christos $success = 1; 313 1.1 christos $end = 1; 314 1.1 christos } 315 1.1 christos } elsif ($record->content_type == TLSProxy::Record::RT_ALERT) { 316 1.1 christos my ($alertlev, $alertdesc) = unpack('CC', $record->decrypt_data); 317 1.1 christos print " [$alertlev, $alertdesc]\n"; 318 1.1 christos #A CloseNotify from the client indicates we have finished successfully 319 1.1 christos #(we assume) 320 1.1 christos if (!$end && !$server && $alertlev == AL_LEVEL_WARN 321 1.1 christos && $alertdesc == AL_DESC_CLOSE_NOTIFY) { 322 1.1 christos $success = 1; 323 1.1 christos } 324 1.1 christos #Fatal or close notify alerts end the test 325 1.1 christos if ($alertlev == AL_LEVEL_FATAL || $alertdesc == AL_DESC_CLOSE_NOTIFY) { 326 1.1 christos $end = 1; 327 1.1 christos } 328 1.1 christos $alert = TLSProxy::Alert->new( 329 1.1 christos $server, 330 1.1 christos $record->encrypted, 331 1.1 christos $alertlev, 332 1.1 christos $alertdesc); 333 1.1 christos } 334 1.1 christos 335 1.1 christos return @messages; 336 1.1 christos } 337 1.1 christos 338 1.1 christos #Function to work out which sub-class we need to create and then 339 1.1 christos #construct it 340 1.1 christos sub create_message 341 1.1 christos { 342 1.1 christos my ($server, $mt, $msgseq, $msgfrag, $msgfragoffs, $data, $startoffset, $isdtls) = @_; 343 1.1 christos my $message; 344 1.1 christos 345 1.1 christos if ($mt == MT_CLIENT_HELLO) { 346 1.1 christos $message = TLSProxy::ClientHello->new( 347 1.1 christos $isdtls, 348 1.1 christos $server, 349 1.1 christos $msgseq, 350 1.1 christos $msgfrag, 351 1.1 christos $msgfragoffs, 352 1.1 christos $data, 353 1.1 christos [@message_rec_list], 354 1.1 christos $startoffset, 355 1.1 christos [@message_frag_lens] 356 1.1 christos ); 357 1.1 christos $message->parse(); 358 1.1 christos } elsif ($mt == MT_SERVER_HELLO) { 359 1.1 christos $message = TLSProxy::ServerHello->new( 360 1.1 christos $isdtls, 361 1.1 christos $server, 362 1.1 christos $msgseq, 363 1.1 christos $msgfrag, 364 1.1 christos $msgfragoffs, 365 1.1 christos $data, 366 1.1 christos [@message_rec_list], 367 1.1 christos $startoffset, 368 1.1 christos [@message_frag_lens] 369 1.1 christos ); 370 1.1 christos $message->parse(); 371 1.1 christos } elsif ($mt == MT_HELLO_VERIFY_REQUEST) { 372 1.1 christos $message = TLSProxy::HelloVerifyRequest->new( 373 1.1 christos $isdtls, 374 1.1 christos $server, 375 1.1 christos $msgseq, 376 1.1 christos $msgfrag, 377 1.1 christos $msgfragoffs, 378 1.1 christos $data, 379 1.1 christos [@message_rec_list], 380 1.1 christos $startoffset, 381 1.1 christos [@message_frag_lens] 382 1.1 christos ); 383 1.1 christos $message->parse(); 384 1.1 christos } elsif ($mt == MT_ENCRYPTED_EXTENSIONS) { 385 1.1 christos $message = TLSProxy::EncryptedExtensions->new( 386 1.1 christos $isdtls, 387 1.1 christos $server, 388 1.1 christos $msgseq, 389 1.1 christos $msgfrag, 390 1.1 christos $msgfragoffs, 391 1.1 christos $data, 392 1.1 christos [@message_rec_list], 393 1.1 christos $startoffset, 394 1.1 christos [@message_frag_lens] 395 1.1 christos ); 396 1.1 christos $message->parse(); 397 1.1 christos } elsif ($mt == MT_CERTIFICATE) { 398 1.1 christos $message = TLSProxy::Certificate->new( 399 1.1 christos $isdtls, 400 1.1 christos $server, 401 1.1 christos $msgseq, 402 1.1 christos $msgfrag, 403 1.1 christos $msgfragoffs, 404 1.1 christos $data, 405 1.1 christos [@message_rec_list], 406 1.1 christos $startoffset, 407 1.1 christos [@message_frag_lens] 408 1.1 christos ); 409 1.1 christos $message->parse(); 410 1.1 christos } elsif ($mt == MT_CERTIFICATE_REQUEST) { 411 1.1 christos $message = TLSProxy::CertificateRequest->new( 412 1.1 christos $isdtls, 413 1.1 christos $server, 414 1.1 christos $msgseq, 415 1.1 christos $msgfrag, 416 1.1 christos $msgfragoffs, 417 1.1 christos $data, 418 1.1 christos [@message_rec_list], 419 1.1 christos $startoffset, 420 1.1 christos [@message_frag_lens] 421 1.1 christos ); 422 1.1 christos $message->parse(); 423 1.1 christos } elsif ($mt == MT_CERTIFICATE_VERIFY) { 424 1.1 christos $message = TLSProxy::CertificateVerify->new( 425 1.1 christos $isdtls, 426 1.1 christos $server, 427 1.1 christos $msgseq, 428 1.1 christos $msgfrag, 429 1.1 christos $msgfragoffs, 430 1.1 christos $data, 431 1.1 christos [@message_rec_list], 432 1.1 christos $startoffset, 433 1.1 christos [@message_frag_lens] 434 1.1 christos ); 435 1.1 christos $message->parse(); 436 1.1 christos } elsif ($mt == MT_SERVER_KEY_EXCHANGE) { 437 1.1 christos $message = TLSProxy::ServerKeyExchange->new( 438 1.1 christos $isdtls, 439 1.1 christos $server, 440 1.1 christos $msgseq, 441 1.1 christos $msgfrag, 442 1.1 christos $msgfragoffs, 443 1.1 christos $data, 444 1.1 christos [@message_rec_list], 445 1.1 christos $startoffset, 446 1.1 christos [@message_frag_lens] 447 1.1 christos ); 448 1.1 christos $message->parse(); 449 1.1 christos } elsif ($mt == MT_NEW_SESSION_TICKET) { 450 1.1 christos if ($isdtls) { 451 1.1 christos $message = TLSProxy::NewSessionTicket->new_dtls( 452 1.1 christos $server, 453 1.1 christos $msgseq, 454 1.1 christos $msgfrag, 455 1.1 christos $msgfragoffs, 456 1.1 christos $data, 457 1.1 christos [@message_rec_list], 458 1.1 christos $startoffset, 459 1.1 christos [@message_frag_lens] 460 1.1 christos ); 461 1.1 christos } else { 462 1.1 christos $message = TLSProxy::NewSessionTicket->new( 463 1.1 christos $server, 464 1.1 christos $data, 465 1.1 christos [@message_rec_list], 466 1.1 christos $startoffset, 467 1.1 christos [@message_frag_lens] 468 1.1 christos ); 469 1.1 christos } 470 1.1 christos $message->parse(); 471 1.1 christos } elsif ($mt == MT_NEXT_PROTO) { 472 1.1 christos $message = TLSProxy::NextProto->new( 473 1.1 christos $isdtls, 474 1.1 christos $server, 475 1.1 christos $msgseq, 476 1.1 christos $msgfrag, 477 1.1 christos $msgfragoffs, 478 1.1 christos $data, 479 1.1 christos [@message_rec_list], 480 1.1 christos $startoffset, 481 1.1 christos [@message_frag_lens] 482 1.1 christos ); 483 1.1 christos $message->parse(); 484 1.1 christos } else { 485 1.1 christos #Unknown message type 486 1.1 christos $message = TLSProxy::Message->new( 487 1.1 christos $isdtls, 488 1.1 christos $server, 489 1.1 christos $mt, 490 1.1 christos $msgseq, 491 1.1 christos $msgfrag, 492 1.1 christos $msgfragoffs, 493 1.1 christos $data, 494 1.1 christos [@message_rec_list], 495 1.1 christos $startoffset, 496 1.1 christos [@message_frag_lens] 497 1.1 christos ); 498 1.1 christos } 499 1.1 christos 500 1.1 christos return $message; 501 1.1 christos } 502 1.1 christos 503 1.1 christos sub end 504 1.1 christos { 505 1.1 christos my $class = shift; 506 1.1 christos return $end; 507 1.1 christos } 508 1.1 christos sub success 509 1.1 christos { 510 1.1 christos my $class = shift; 511 1.1 christos return $success; 512 1.1 christos } 513 1.1 christos sub fail 514 1.1 christos { 515 1.1 christos my $class = shift; 516 1.1 christos return !$success && $end; 517 1.1 christos } 518 1.1 christos 519 1.1 christos sub alert 520 1.1 christos { 521 1.1 christos return $alert; 522 1.1 christos } 523 1.1 christos 524 1.1 christos sub new 525 1.1 christos { 526 1.1 christos my $class = shift; 527 1.1 christos my ($isdtls, 528 1.1 christos $server, 529 1.1 christos $mt, 530 1.1 christos $msgseq, 531 1.1 christos $msgfrag, 532 1.1 christos $msgfragoffs, 533 1.1 christos $data, 534 1.1 christos $records, 535 1.1 christos $startoffset, 536 1.1 christos $message_frag_lens) = @_; 537 1.1 christos 538 1.1 christos my $self = { 539 1.1 christos isdtls => $isdtls, 540 1.1 christos server => $server, 541 1.1 christos data => $data, 542 1.1 christos records => $records, 543 1.1 christos mt => $mt, 544 1.1 christos msgseq => $msgseq, 545 1.1 christos msgfrag => $msgfrag, 546 1.1 christos msgfragoffs => $msgfragoffs, 547 1.1 christos startoffset => $startoffset, 548 1.1 christos message_frag_lens => $message_frag_lens, 549 1.1 christos dupext => -1 550 1.1 christos }; 551 1.1 christos 552 1.1 christos return bless $self, $class; 553 1.1 christos } 554 1.1 christos 555 1.1 christos sub ciphersuite 556 1.1 christos { 557 1.1 christos my $class = shift; 558 1.1 christos if (@_) { 559 1.1 christos $ciphersuite = shift; 560 1.1 christos } 561 1.1 christos return $ciphersuite; 562 1.1 christos } 563 1.1 christos 564 1.1 christos #Update all the underlying records with the modified data from this message 565 1.1 christos #Note: Only supports TLSv1.3 and ETM encryption 566 1.1 christos sub repack 567 1.1 christos { 568 1.1 christos my $self = shift; 569 1.1 christos my $msgdata; 570 1.1 christos 571 1.1 christos my $numrecs = $#{$self->records}; 572 1.1 christos 573 1.1 christos $self->set_message_contents(); 574 1.1 christos 575 1.1 christos my $lenlo = length($self->data) & 0xff; 576 1.1 christos my $lenhi = length($self->data) >> 8; 577 1.1 christos 578 1.1 christos if ($self->{isdtls}) { 579 1.1 christos my $msgfraghi = $self->msgfrag >> 8; 580 1.1 christos my $msgfraglo = $self->msgfrag & 0xff; 581 1.1 christos my $msgfragoffshi = $self->msgfragoffs >> 8; 582 1.1 christos my $msgfragoffslo = $self->msgfragoffs & 0xff; 583 1.1 christos 584 1.1 christos $msgdata = pack('CnCnnCnC', $self->mt, $lenhi, $lenlo, $self->msgseq, 585 1.1 christos $msgfraghi, $msgfraglo, 586 1.1 christos $msgfragoffshi, $msgfragoffslo).$self->data; 587 1.1 christos } else { 588 1.1 christos $msgdata = pack('CnC', $self->mt, $lenhi, $lenlo).$self->data; 589 1.1 christos } 590 1.1 christos 591 1.1 christos if ($numrecs == 0) { 592 1.1 christos #The message is fully contained within one record 593 1.1 christos my ($rec) = @{$self->records}; 594 1.1 christos my $recdata = $rec->decrypt_data; 595 1.1 christos 596 1.1 christos my $old_length; 597 1.1 christos my $msg_header_len = $self->{isdtls} ? DTLS_MESSAGE_HEADER_LENGTH 598 1.1 christos : TLS_MESSAGE_HEADER_LENGTH; 599 1.1 christos 600 1.1 christos # We use empty message_frag_lens to indicates that pre-repacking, 601 1.1 christos # the message wasn't present. The first fragment length doesn't include 602 1.1 christos # the TLS header, so we need to check and compute the right length. 603 1.1 christos if (@{$self->message_frag_lens}) { 604 1.1 christos $old_length = ${$self->message_frag_lens}[0] + $msg_header_len; 605 1.1 christos } else { 606 1.1 christos $old_length = 0; 607 1.1 christos } 608 1.1 christos 609 1.1 christos my $prefix = substr($recdata, 0, $self->startoffset); 610 1.1 christos my $suffix = substr($recdata, $self->startoffset + $old_length); 611 1.1 christos 612 1.1 christos $rec->decrypt_data($prefix.($msgdata).($suffix)); 613 1.1 christos # TODO(openssl-team): don't keep explicit lengths. 614 1.1 christos # (If a length override is ever needed to construct invalid packets, 615 1.1 christos # use an explicit override field instead.) 616 1.1 christos $rec->decrypt_len(length($rec->decrypt_data)); 617 1.1 christos # Only support re-encryption for TLSv1.3 and ETM. 618 1.1 christos if ($rec->encrypted()) { 619 1.1 christos if (TLSProxy::Proxy->is_tls13()) { 620 1.1 christos #Add content type (1 byte) and 16 tag bytes 621 1.1 christos $rec->data($rec->decrypt_data 622 1.1 christos .pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16)); 623 1.1 christos } elsif ($rec->etm()) { 624 1.1 christos my $data = $rec->decrypt_data; 625 1.1 christos #Add padding 626 1.1 christos my $padval = length($data) % 16; 627 1.1 christos $padval = 15 - $padval; 628 1.1 christos for (0..$padval) { 629 1.1 christos $data .= pack("C", $padval); 630 1.1 christos } 631 1.1 christos 632 1.1 christos #Add MAC. Assumed to be 20 bytes 633 1.1 christos foreach my $macval (0..19) { 634 1.1 christos $data .= pack("C", $macval); 635 1.1 christos } 636 1.1 christos 637 1.1 christos if ($rec->version() >= TLSProxy::Record::VERS_TLS_1_1) { 638 1.1 christos #Explicit IV 639 1.1 christos $data = ("\0"x16).$data; 640 1.1 christos } 641 1.1 christos $rec->data($data); 642 1.1 christos } else { 643 1.1 christos die "Unsupported encryption: No ETM"; 644 1.1 christos } 645 1.1 christos } else { 646 1.1 christos $rec->data($rec->decrypt_data); 647 1.1 christos } 648 1.1 christos $rec->len(length($rec->data)); 649 1.1 christos 650 1.1 christos #Update the fragment len in case we changed it above 651 1.1 christos ${$self->message_frag_lens}[0] = length($msgdata) - $msg_header_len; 652 1.1 christos return; 653 1.1 christos } 654 1.1 christos 655 1.1 christos #Note we don't currently support changing a fragmented message length 656 1.1 christos my $recctr = 0; 657 1.1 christos my $datadone = 0; 658 1.1 christos foreach my $rec (@{$self->records}) { 659 1.1 christos my $recdata = $rec->decrypt_data; 660 1.1 christos if ($recctr == 0) { 661 1.1 christos #This is the first record 662 1.1 christos my $remainlen = length($recdata) - $self->startoffset; 663 1.1 christos $rec->data(substr($recdata, 0, $self->startoffset) 664 1.1 christos .substr(($msgdata), 0, $remainlen)); 665 1.1 christos $datadone += $remainlen; 666 1.1 christos } elsif ($recctr + 1 == $numrecs) { 667 1.1 christos #This is the last record 668 1.1 christos $rec->data(substr($msgdata, $datadone)); 669 1.1 christos } else { 670 1.1 christos #This is a middle record 671 1.1 christos $rec->data(substr($msgdata, $datadone, length($rec->data))); 672 1.1 christos $datadone += length($rec->data); 673 1.1 christos } 674 1.1 christos $recctr++; 675 1.1 christos } 676 1.1 christos } 677 1.1 christos 678 1.1 christos #To be overridden by sub-classes 679 1.1 christos sub set_message_contents 680 1.1 christos { 681 1.1 christos } 682 1.1 christos 683 1.1 christos #Read only accessors 684 1.1 christos sub server 685 1.1 christos { 686 1.1 christos my $self = shift; 687 1.1 christos return $self->{server}; 688 1.1 christos } 689 1.1 christos 690 1.1 christos #Read/write accessors 691 1.1 christos sub mt 692 1.1 christos { 693 1.1 christos my $self = shift; 694 1.1 christos if (@_) { 695 1.1 christos $self->{mt} = shift; 696 1.1 christos } 697 1.1 christos return $self->{mt}; 698 1.1 christos } 699 1.1 christos sub msgseq 700 1.1 christos { 701 1.1 christos my $self = shift; 702 1.1 christos if (@_) { 703 1.1 christos $self->{msgseq} = shift; 704 1.1 christos } 705 1.1 christos return $self->{msgseq}; 706 1.1 christos } 707 1.1 christos sub msgfrag 708 1.1 christos { 709 1.1 christos my $self = shift; 710 1.1 christos if (@_) { 711 1.1 christos $self->{msgfrag} = shift; 712 1.1 christos } 713 1.1 christos return $self->{msgfrag}; 714 1.1 christos } 715 1.1 christos sub msgfragoffs 716 1.1 christos { 717 1.1 christos my $self = shift; 718 1.1 christos if (@_) { 719 1.1 christos $self->{msgfragoffs} = shift; 720 1.1 christos } 721 1.1 christos return $self->{msgfragoffs}; 722 1.1 christos } 723 1.1 christos sub data 724 1.1 christos { 725 1.1 christos my $self = shift; 726 1.1 christos if (@_) { 727 1.1 christos $self->{data} = shift; 728 1.1 christos } 729 1.1 christos return $self->{data}; 730 1.1 christos } 731 1.1 christos sub records 732 1.1 christos { 733 1.1 christos my $self = shift; 734 1.1 christos if (@_) { 735 1.1 christos $self->{records} = shift; 736 1.1 christos } 737 1.1 christos return $self->{records}; 738 1.1 christos } 739 1.1 christos sub startoffset 740 1.1 christos { 741 1.1 christos my $self = shift; 742 1.1 christos if (@_) { 743 1.1 christos $self->{startoffset} = shift; 744 1.1 christos } 745 1.1 christos return $self->{startoffset}; 746 1.1 christos } 747 1.1 christos sub message_frag_lens 748 1.1 christos { 749 1.1 christos my $self = shift; 750 1.1 christos if (@_) { 751 1.1 christos $self->{message_frag_lens} = shift; 752 1.1 christos } 753 1.1 christos return $self->{message_frag_lens}; 754 1.1 christos } 755 1.1 christos sub encoded_length 756 1.1 christos { 757 1.1 christos my $self = shift; 758 1.1 christos my $msg_header_len = $self->{isdtls} ? DTLS_MESSAGE_HEADER_LENGTH 759 1.1 christos : TLS_MESSAGE_HEADER_LENGTH; 760 1.1 christos return $msg_header_len + length($self->data); 761 1.1 christos } 762 1.1 christos sub dupext 763 1.1 christos { 764 1.1 christos my $self = shift; 765 1.1 christos if (@_) { 766 1.1 christos $self->{dupext} = shift; 767 1.1 christos } 768 1.1 christos return $self->{dupext}; 769 1.1 christos } 770 1.1 christos sub successondata 771 1.1 christos { 772 1.1 christos my $class = shift; 773 1.1 christos if (@_) { 774 1.1 christos $successondata = shift; 775 1.1 christos } 776 1.1 christos return $successondata; 777 1.1 christos } 778 1.1 christos 1; 779
Indexes created Sun Mar 01 05:31:48 UTC 2026