Record.pm 9.2 KB
Newer Older
M
Matt Caswell 已提交
1
# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
M
Matt Caswell 已提交
2
#
3 4 5 6
# Licensed under the OpenSSL license (the "License").  You may not use
# this file except in compliance with the License.  You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html
M
Matt Caswell 已提交
7 8 9 10 11 12 13

use strict;

use TLSProxy::Proxy;

package TLSProxy::Record;

14 15
my $server_encrypting = 0;
my $client_encrypting = 0;
M
Matt Caswell 已提交
16 17 18 19 20 21 22 23 24
my $etm = 0;

use constant TLS_RECORD_HEADER_LENGTH => 5;

#Record types
use constant {
    RT_APPLICATION_DATA => 23,
    RT_HANDSHAKE => 22,
    RT_ALERT => 21,
25 26
    RT_CCS => 20,
    RT_UNKNOWN => 100
M
Matt Caswell 已提交
27 28 29 30 31 32
};

my %record_type = (
    RT_APPLICATION_DATA, "APPLICATION DATA",
    RT_HANDSHAKE, "HANDSHAKE",
    RT_ALERT, "ALERT",
33 34
    RT_CCS, "CCS",
    RT_UNKNOWN, "UNKNOWN"
M
Matt Caswell 已提交
35 36 37
);

use constant {
38
    VERS_TLS_1_4 => 0x0305,
39
    VERS_TLS_1_3_DRAFT => 0x7f17,
40 41 42 43 44 45
    VERS_TLS_1_3 => 0x0304,
    VERS_TLS_1_2 => 0x0303,
    VERS_TLS_1_1 => 0x0302,
    VERS_TLS_1_0 => 0x0301,
    VERS_SSL_3_0 => 0x0300,
    VERS_SSL_LT_3_0 => 0x02ff
M
Matt Caswell 已提交
46 47 48 49 50 51 52
};

my %tls_version = (
    VERS_TLS_1_3, "TLS1.3",
    VERS_TLS_1_2, "TLS1.2",
    VERS_TLS_1_1, "TLS1.1",
    VERS_TLS_1_0, "TLS1.0",
53 54
    VERS_SSL_3_0, "SSL3",
    VERS_SSL_LT_3_0, "SSL<3"
M
Matt Caswell 已提交
55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104
);

#Class method to extract records from a packet of data
sub get_records
{
    my $class = shift;
    my $server = shift;
    my $flight = shift;
    my $packet = shift;
    my @record_list = ();
    my @message_list = ();
    my $data;
    my $content_type;
    my $version;
    my $len;
    my $len_real;
    my $decrypt_len;

    my $recnum = 1;
    while (length ($packet) > 0) {
        print " Record $recnum";
        if ($server) {
            print " (server -> client)\n";
        } else {
            print " (client -> server)\n";
        }
        #Get the record header
        if (length($packet) < TLS_RECORD_HEADER_LENGTH) {
            print "Partial data : ".length($packet)." bytes\n";
            $packet = "";
        } else {
            ($content_type, $version, $len) = unpack('CnnC*', $packet);
            $data = substr($packet, 5, $len);

            print "  Content type: ".$record_type{$content_type}."\n";
            print "  Version: $tls_version{$version}\n";
            print "  Length: $len";
            if ($len == length($data)) {
                print "\n";
                $decrypt_len = $len_real = $len;
            } else {
                print " (expected), ".length($data)." (actual)\n";
                $decrypt_len = $len_real = length($data);
            }

            my $record = TLSProxy::Record->new(
                $flight,
                $content_type,
                $version,
                $len,
M
Matt Caswell 已提交
105
                0,
M
Matt Caswell 已提交
106 107 108 109 110 111
                $len_real,
                $decrypt_len,
                substr($packet, TLS_RECORD_HEADER_LENGTH, $len_real),
                substr($packet, TLS_RECORD_HEADER_LENGTH, $len_real)
            );

112
            if ($content_type != RT_CCS) {
113 114 115 116 117 118 119 120
                if (($server && $server_encrypting)
                         || (!$server && $client_encrypting)) {
                    if (!TLSProxy::Proxy->is_tls13() && $etm) {
                        $record->decryptETM();
                    } else {
                        $record->decrypt();
                    }
                    $record->encrypted(1);
121

122 123 124 125
                    if (TLSProxy::Proxy->is_tls13()) {
                        print "  Inner content type: "
                              .$record_type{$record->content_type()}."\n";
                    }
126
                }
M
Matt Caswell 已提交
127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144
            }

            push @record_list, $record;

            #Now figure out what messages are contained within this record
            my @messages = TLSProxy::Message->get_messages($server, $record);
            push @message_list, @messages;

            $packet = substr($packet, TLS_RECORD_HEADER_LENGTH + $len_real);
            $recnum++;
        }
    }

    return (\@record_list, \@message_list);
}

sub clear
{
145 146
    $server_encrypting = 0;
    $client_encrypting = 0;
M
Matt Caswell 已提交
147 148 149
}

#Class level accessors
150
sub server_encrypting
M
Matt Caswell 已提交
151 152 153
{
    my $class = shift;
    if (@_) {
154
      $server_encrypting = shift;
M
Matt Caswell 已提交
155
    }
156
    return $server_encrypting;
M
Matt Caswell 已提交
157
}
158
sub client_encrypting
M
Matt Caswell 已提交
159 160 161
{
    my $class = shift;
    if (@_) {
162
      $client_encrypting= shift;
M
Matt Caswell 已提交
163
    }
164
    return $client_encrypting;
M
Matt Caswell 已提交
165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182
}
#Enable/Disable Encrypt-then-MAC
sub etm
{
    my $class = shift;
    if (@_) {
      $etm = shift;
    }
    return $etm;
}

sub new
{
    my $class = shift;
    my ($flight,
        $content_type,
        $version,
        $len,
M
Matt Caswell 已提交
183
        $sslv2,
M
Matt Caswell 已提交
184 185 186 187 188 189 190 191 192 193
        $len_real,
        $decrypt_len,
        $data,
        $decrypt_data) = @_;
    
    my $self = {
        flight => $flight,
        content_type => $content_type,
        version => $version,
        len => $len,
M
Matt Caswell 已提交
194
        sslv2 => $sslv2,
M
Matt Caswell 已提交
195 196 197 198
        len_real => $len_real,
        decrypt_len => $decrypt_len,
        data => $data,
        decrypt_data => $decrypt_data,
199
        orig_decrypt_data => $decrypt_data,
M
Matt Caswell 已提交
200 201
        encrypted => 0,
        outer_content_type => RT_APPLICATION_DATA
M
Matt Caswell 已提交
202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
    };

    return bless $self, $class;
}

#Decrypt using encrypt-then-MAC
sub decryptETM
{
    my ($self) = shift;

    my $data = $self->data;

    if($self->version >= VERS_TLS_1_1()) {
        #TLS1.1+ has an explicit IV. Throw it away
        $data = substr($data, 16);
    }

    #Throw away the MAC (assumes MAC is 20 bytes for now. FIXME)
    $data = substr($data, 0, length($data) - 20);

    #Find out what the padding byte is
    my $padval = unpack("C", substr($data, length($data) - 1));

    #Throw away the padding
    $data = substr($data, 0, length($data) - ($padval + 1));

    $self->decrypt_data($data);
    $self->decrypt_len(length($data));

    return $data;
}

#Standard decrypt
sub decrypt()
{
    my ($self) = shift;
M
Matt Caswell 已提交
238
    my $mactaglen = 20;
M
Matt Caswell 已提交
239 240
    my $data = $self->data;

M
Matt Caswell 已提交
241
    #Throw away any IVs
M
Matt Caswell 已提交
242 243 244 245 246 247 248 249 250 251
    if (TLSProxy::Proxy->is_tls13()) {
        #A TLS1.3 client, when processing the server's initial flight, could
        #respond with either an encrypted or an unencrypted alert.
        if ($self->content_type() == RT_ALERT) {
            #TODO(TLS1.3): Eventually it is sufficient just to check the record
            #content type. If an alert is encrypted it will have a record
            #content type of application data. However we haven't done the
            #record layer changes yet, so it's a bit more complicated. For now
            #we will additionally check if the data length is 2 (1 byte for
            #alert level, 1 byte for alert description). If it is, then this is
F
FdaSilvaYY 已提交
252
            #an unencrypted alert, so don't try to decrypt
M
Matt Caswell 已提交
253 254
            return $data if (length($data) == 2);
        }
M
Matt Caswell 已提交
255 256 257
        $mactaglen = 16;
    } elsif ($self->version >= VERS_TLS_1_1()) {
        #16 bytes for a standard IV
M
Matt Caswell 已提交
258 259
        $data = substr($data, 16);

M
Matt Caswell 已提交
260 261
        #Find out what the padding byte is
        my $padval = unpack("C", substr($data, length($data) - 1));
M
Matt Caswell 已提交
262

M
Matt Caswell 已提交
263 264 265
        #Throw away the padding
        $data = substr($data, 0, length($data) - ($padval + 1));
    }
M
Matt Caswell 已提交
266

M
Matt Caswell 已提交
267 268
    #Throw away the MAC or TAG
    $data = substr($data, 0, length($data) - $mactaglen);
M
Matt Caswell 已提交
269

270 271 272 273 274 275 276
    if (TLSProxy::Proxy->is_tls13()) {
        #Get the content type
        my $content_type = unpack("C", substr($data, length($data) - 1));
        $self->content_type($content_type);
        $data = substr($data, 0, length($data) - 1);
    }

M
Matt Caswell 已提交
277 278 279 280 281 282 283 284 285 286
    $self->decrypt_data($data);
    $self->decrypt_len(length($data));

    return $data;
}

#Reconstruct the on-the-wire record representation
sub reconstruct_record
{
    my $self = shift;
287
    my $server = shift;
M
Matt Caswell 已提交
288 289
    my $data;

M
Matt Caswell 已提交
290 291 292
    if ($self->sslv2) {
        $data = pack('n', $self->len | 0x8000);
    } else {
293
        if (TLSProxy::Proxy->is_tls13() && $self->encrypted) {
M
Matt Caswell 已提交
294
            $data = pack('Cnn', $self->outer_content_type, $self->version,
295
                         $self->len);
296 297 298 299 300
        } else {
            $data = pack('Cnn', $self->content_type, $self->version,
                         $self->len);
        }

M
Matt Caswell 已提交
301
    }
M
Matt Caswell 已提交
302 303 304 305 306 307 308 309 310 311 312
    $data .= $self->data;

    return $data;
}

#Read only accessors
sub flight
{
    my $self = shift;
    return $self->{flight};
}
M
Matt Caswell 已提交
313 314 315 316 317
sub sslv2
{
    my $self = shift;
    return $self->{sslv2};
}
M
Matt Caswell 已提交
318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361
sub len_real
{
    my $self = shift;
    return $self->{len_real};
}
sub orig_decrypt_data
{
    my $self = shift;
    return $self->{orig_decrypt_data};
}

#Read/write accessors
sub decrypt_len
{
    my $self = shift;
    if (@_) {
      $self->{decrypt_len} = shift;
    }
    return $self->{decrypt_len};
}
sub data
{
    my $self = shift;
    if (@_) {
      $self->{data} = shift;
    }
    return $self->{data};
}
sub decrypt_data
{
    my $self = shift;
    if (@_) {
      $self->{decrypt_data} = shift;
    }
    return $self->{decrypt_data};
}
sub len
{
    my $self = shift;
    if (@_) {
      $self->{len} = shift;
    }
    return $self->{len};
}
362 363 364 365 366 367 368 369
sub version
{
    my $self = shift;
    if (@_) {
      $self->{version} = shift;
    }
    return $self->{version};
}
370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385
sub content_type
{
    my $self = shift;
    if (@_) {
      $self->{content_type} = shift;
    }
    return $self->{content_type};
}
sub encrypted
{
    my $self = shift;
    if (@_) {
      $self->{encrypted} = shift;
    }
    return $self->{encrypted};
}
M
Matt Caswell 已提交
386 387 388 389 390 391 392 393
sub outer_content_type
{
    my $self = shift;
    if (@_) {
      $self->{outer_content_type} = shift;
    }
    return $self->{outer_content_type};
}
M
Matt Caswell 已提交
394
1;