Commit 79d8c167 authored by Matt Caswell's avatar Matt Caswell
Browse files

Extend ServerKeyExchange parsing to work with a signature 



Previously SKE in TLSProxy only knew about one anonymous ciphersuite so
there was never a signature. Extend that to include a ciphersuite that is
not anonymous. This also fixes a bug where the existing SKE processing was
checking against the wrong anon ciphersuite value. This has a knock on
impact on the sslskewith0p test. The bug meant the test was working...but
entirely by accident!

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
parent adb403de

test/recipes/70-test_sslskewith0p.t

+1 −0
Original line number Diff line number Diff line
@@ -41,6 +41,7 @@ my $proxy = TLSProxy::Proxy->new( 
$proxy->cipherc('ADH-AES128-SHA:@SECLEVEL=0');

$proxy->ciphers('ADH-AES128-SHA:@SECLEVEL=0');



$proxy->clientflags("-no_tls1_3");

$proxy->start() or plan skip_all => "Unable to start up Proxy for tests";

plan tests => 1;

ok(TLSProxy::Message->fail, "ServerKeyExchange with 0 p");

util/TLSProxy/Message.pm

+2 −1
Original line number Diff line number Diff line
@@ -84,7 +84,8 @@ use constant { 
};



use constant {

    CIPHER_ADH_AES_128_SHA => 0x03000034

    CIPHER_DHE_RSA_AES_128_SHA => 0x0033,

    CIPHER_ADH_AES_128_SHA => 0x0034

};



my $payload = "";

util/TLSProxy/ServerKeyExchange.pm

+35 −12
Original line number Diff line number Diff line
@@ -33,6 +33,7 @@ sub new 
    $self->{p} = "";

    $self->{g} = "";

    $self->{pub_key} = "";

    $self->{sigalg} = -1;

    $self->{sig} = "";



    return $self;
@@ -41,10 +42,13 @@ sub new 
sub parse

{

    my $self = shift;

    my $sigalg = -1;



    #Minimal SKE parsing. Only supports one known DHE ciphersuite at the moment

    return if (TLSProxy::Proxy->ciphersuite()

               != TLSProxy::Message::CIPHER_ADH_AES_128_SHA);

    return if TLSProxy::Proxy->ciphersuite()

                 != TLSProxy::Message::CIPHER_ADH_AES_128_SHA

              && TLSProxy::Proxy->ciphersuite()

                 != TLSProxy::Message::CIPHER_DHE_RSA_AES_128_SHA;



    my $p_len = unpack('n', $self->data);

    my $ptr = 2;
@@ -62,18 +66,28 @@ sub parse 
    $ptr += $pub_key_len;



    #We assume its signed

    my $sig_len = unpack('n', substr($self->data, $ptr));

    my $record = ${$self->records}[0];



    if (TLSProxy::Proxy->is_tls13()

            || $record->version() == TLSProxy::Record::VERS_TLS_1_2) {

        $sigalg = unpack('n', substr($self->data, $ptr));

        $ptr += 2;

    }

    my $sig = "";

    if (defined $sigalg) {

        my $sig_len = unpack('n', substr($self->data, $ptr));

        if (defined $sig_len) {

            $ptr += 2;

            $sig = substr($self->data, $ptr, $sig_len);

            $ptr += $sig_len;

        }

    }



    $self->p($p);

    $self->g($g);

    $self->pub_key($pub_key);

    $self->sig($sig);

    $self->sigalg($sigalg) if defined $sigalg;

    $self->signature($sig);

}
@@ -89,9 +103,10 @@ sub set_message_contents 
    $data .= $self->g;

    $data .= pack('n', length($self->pub_key));

    $data .= $self->pub_key;

    if (length($self->sig) > 0) {

        $data .= pack('n', length($self->sig));

        $data .= $self->sig;

    $data .= pack('n', $self->sigalg) if ($self->sigalg != -1);

    if (length($self->signature) > 0) {

        $data .= pack('n', length($self->signature));

        $data .= $self->signature;

    }



    $self->data($data);
@@ -123,7 +138,15 @@ sub pub_key 
    }

    return $self->{pub_key};

}

sub sig

sub sigalg

{

    my $self = shift;

    if (@_) {

      $self->{sigalg} = shift;

    }

    return $self->{sigalg};

}

sub signature

{

    my $self = shift;

    if (@_) {