2
0

Message.pm 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761
  1. # Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.
  2. #
  3. # Licensed under the Apache License 2.0 (the "License"). You may not use
  4. # this file except in compliance with the License. You can obtain a copy
  5. # in the file LICENSE in the source distribution or at
  6. # https://www.openssl.org/source/license.html
  7. use strict;
  8. package TLSProxy::Message;
  9. use TLSProxy::Alert;
  10. use constant DTLS_MESSAGE_HEADER_LENGTH => 12;
  11. use constant TLS_MESSAGE_HEADER_LENGTH => 4;
  12. #Message types
  13. use constant {
  14. MT_HELLO_REQUEST => 0,
  15. MT_CLIENT_HELLO => 1,
  16. MT_SERVER_HELLO => 2,
  17. MT_HELLO_VERIFY_REQUEST => 3,
  18. MT_NEW_SESSION_TICKET => 4,
  19. MT_ENCRYPTED_EXTENSIONS => 8,
  20. MT_CERTIFICATE => 11,
  21. MT_SERVER_KEY_EXCHANGE => 12,
  22. MT_CERTIFICATE_REQUEST => 13,
  23. MT_SERVER_HELLO_DONE => 14,
  24. MT_CERTIFICATE_VERIFY => 15,
  25. MT_CLIENT_KEY_EXCHANGE => 16,
  26. MT_FINISHED => 20,
  27. MT_CERTIFICATE_STATUS => 22,
  28. MT_COMPRESSED_CERTIFICATE => 25,
  29. MT_NEXT_PROTO => 67
  30. };
  31. #Alert levels
  32. use constant {
  33. AL_LEVEL_WARN => 1,
  34. AL_LEVEL_FATAL => 2
  35. };
  36. #Alert descriptions
  37. use constant {
  38. AL_DESC_CLOSE_NOTIFY => 0,
  39. AL_DESC_UNEXPECTED_MESSAGE => 10,
  40. AL_DESC_BAD_RECORD_MAC => 20,
  41. AL_DESC_ILLEGAL_PARAMETER => 47,
  42. AL_DESC_PROTOCOL_VERSION => 70,
  43. AL_DESC_NO_RENEGOTIATION => 100
  44. };
  45. my %message_type = (
  46. MT_HELLO_REQUEST, "HelloRequest",
  47. MT_CLIENT_HELLO, "ClientHello",
  48. MT_SERVER_HELLO, "ServerHello",
  49. MT_HELLO_VERIFY_REQUEST, "HelloVerifyRequest",
  50. MT_NEW_SESSION_TICKET, "NewSessionTicket",
  51. MT_ENCRYPTED_EXTENSIONS, "EncryptedExtensions",
  52. MT_CERTIFICATE, "Certificate",
  53. MT_SERVER_KEY_EXCHANGE, "ServerKeyExchange",
  54. MT_CERTIFICATE_REQUEST, "CertificateRequest",
  55. MT_SERVER_HELLO_DONE, "ServerHelloDone",
  56. MT_CERTIFICATE_VERIFY, "CertificateVerify",
  57. MT_CLIENT_KEY_EXCHANGE, "ClientKeyExchange",
  58. MT_FINISHED, "Finished",
  59. MT_CERTIFICATE_STATUS, "CertificateStatus",
  60. MT_COMPRESSED_CERTIFICATE, "CompressedCertificate",
  61. MT_NEXT_PROTO, "NextProto"
  62. );
  63. use constant {
  64. EXT_SERVER_NAME => 0,
  65. EXT_MAX_FRAGMENT_LENGTH => 1,
  66. EXT_STATUS_REQUEST => 5,
  67. EXT_SUPPORTED_GROUPS => 10,
  68. EXT_EC_POINT_FORMATS => 11,
  69. EXT_SRP => 12,
  70. EXT_SIG_ALGS => 13,
  71. EXT_USE_SRTP => 14,
  72. EXT_ALPN => 16,
  73. EXT_SCT => 18,
  74. EXT_CLIENT_CERT_TYPE => 19,
  75. EXT_SERVER_CERT_TYPE => 20,
  76. EXT_PADDING => 21,
  77. EXT_ENCRYPT_THEN_MAC => 22,
  78. EXT_EXTENDED_MASTER_SECRET => 23,
  79. EXT_COMPRESS_CERTIFICATE => 27,
  80. EXT_SESSION_TICKET => 35,
  81. EXT_KEY_SHARE => 51,
  82. EXT_PSK => 41,
  83. EXT_SUPPORTED_VERSIONS => 43,
  84. EXT_COOKIE => 44,
  85. EXT_PSK_KEX_MODES => 45,
  86. EXT_POST_HANDSHAKE_AUTH => 49,
  87. EXT_SIG_ALGS_CERT => 50,
  88. EXT_RENEGOTIATE => 65281,
  89. EXT_NPN => 13172,
  90. EXT_CRYPTOPRO_BUG_EXTENSION => 0xfde8,
  91. EXT_UNKNOWN => 0xfffe,
  92. #Unknown extension that should appear last
  93. EXT_FORCE_LAST => 0xffff
  94. };
  95. # SignatureScheme of TLS 1.3 from:
  96. # https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-signaturescheme
  97. # We have to manually grab the SHA224 equivalents from the old registry
  98. use constant {
  99. SIG_ALG_RSA_PKCS1_SHA256 => 0x0401,
  100. SIG_ALG_RSA_PKCS1_SHA384 => 0x0501,
  101. SIG_ALG_RSA_PKCS1_SHA512 => 0x0601,
  102. SIG_ALG_ECDSA_SECP256R1_SHA256 => 0x0403,
  103. SIG_ALG_ECDSA_SECP384R1_SHA384 => 0x0503,
  104. SIG_ALG_ECDSA_SECP521R1_SHA512 => 0x0603,
  105. SIG_ALG_RSA_PSS_RSAE_SHA256 => 0x0804,
  106. SIG_ALG_RSA_PSS_RSAE_SHA384 => 0x0805,
  107. SIG_ALG_RSA_PSS_RSAE_SHA512 => 0x0806,
  108. SIG_ALG_ED25519 => 0x0807,
  109. SIG_ALG_ED448 => 0x0808,
  110. SIG_ALG_RSA_PSS_PSS_SHA256 => 0x0809,
  111. SIG_ALG_RSA_PSS_PSS_SHA384 => 0x080a,
  112. SIG_ALG_RSA_PSS_PSS_SHA512 => 0x080b,
  113. SIG_ALG_RSA_PKCS1_SHA1 => 0x0201,
  114. SIG_ALG_ECDSA_SHA1 => 0x0203,
  115. SIG_ALG_DSA_SHA1 => 0x0202,
  116. SIG_ALG_DSA_SHA256 => 0x0402,
  117. SIG_ALG_DSA_SHA384 => 0x0502,
  118. SIG_ALG_DSA_SHA512 => 0x0602,
  119. OSSL_SIG_ALG_RSA_PKCS1_SHA224 => 0x0301,
  120. OSSL_SIG_ALG_DSA_SHA224 => 0x0302,
  121. OSSL_SIG_ALG_ECDSA_SHA224 => 0x0303
  122. };
  123. use constant {
  124. CIPHER_RSA_WITH_AES_128_CBC_SHA => 0x002f,
  125. CIPHER_DHE_RSA_AES_128_SHA => 0x0033,
  126. CIPHER_ADH_AES_128_SHA => 0x0034,
  127. CIPHER_TLS13_AES_128_GCM_SHA256 => 0x1301,
  128. CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302
  129. };
  130. use constant {
  131. CLIENT => 0,
  132. SERVER => 1
  133. };
  134. my $payload = "";
  135. my $messlen = -1;
  136. my $mt;
  137. my $startoffset = -1;
  138. my $server = 0;
  139. my $success = 0;
  140. my $end = 0;
  141. my @message_rec_list = ();
  142. my @message_frag_lens = ();
  143. my $ciphersuite = 0;
  144. my $successondata = 0;
  145. my $alert;
  146. sub clear
  147. {
  148. $payload = "";
  149. $messlen = -1;
  150. $startoffset = -1;
  151. $server = 0;
  152. $success = 0;
  153. $end = 0;
  154. $successondata = 0;
  155. @message_rec_list = ();
  156. @message_frag_lens = ();
  157. $alert = undef;
  158. }
  159. #Class method to extract messages from a record
  160. sub get_messages
  161. {
  162. my $class = shift;
  163. my $serverin = shift;
  164. my $record = shift;
  165. my $isdtls = shift;
  166. my @messages = ();
  167. my $message;
  168. @message_frag_lens = ();
  169. if ($serverin != $server && length($payload) != 0) {
  170. die "Changed peer, but we still have fragment data\n";
  171. }
  172. $server = $serverin;
  173. if ($record->content_type == TLSProxy::Record::RT_CCS) {
  174. if ($payload ne "") {
  175. #We can't handle this yet
  176. die "CCS received before message data complete\n";
  177. }
  178. if (!TLSProxy::Proxy->is_tls13()) {
  179. if ($server) {
  180. TLSProxy::Record->server_encrypting(1);
  181. } else {
  182. TLSProxy::Record->client_encrypting(1);
  183. }
  184. }
  185. } elsif ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) {
  186. if ($record->len == 0 || $record->len_real == 0) {
  187. print " Message truncated\n";
  188. } else {
  189. my $recoffset = 0;
  190. if (length $payload > 0) {
  191. #We are continuing processing a message started in a previous
  192. #record. Add this record to the list associated with this
  193. #message
  194. push @message_rec_list, $record;
  195. if ($messlen <= length($payload)) {
  196. #Shouldn't happen
  197. die "Internal error: invalid messlen: ".$messlen
  198. ." payload length:".length($payload)."\n";
  199. }
  200. if (length($payload) + $record->decrypt_len >= $messlen) {
  201. #We can complete the message with this record
  202. $recoffset = $messlen - length($payload);
  203. $payload .= substr($record->decrypt_data, 0, $recoffset);
  204. push @message_frag_lens, $recoffset;
  205. if ($isdtls) {
  206. # We must set $msgseq, $msgfrag, $msgfragoffs
  207. die "Internal error: cannot handle partial dtls messages\n"
  208. }
  209. $message = create_message($server, $mt,
  210. #$msgseq, $msgfrag, $msgfragoffs,
  211. 0, 0, 0,
  212. $payload, $startoffset, $isdtls);
  213. push @messages, $message;
  214. $payload = "";
  215. } else {
  216. #This is just part of the total message
  217. $payload .= $record->decrypt_data;
  218. $recoffset = $record->decrypt_len;
  219. push @message_frag_lens, $record->decrypt_len;
  220. }
  221. print " Partial message data read: ".$recoffset." bytes\n";
  222. }
  223. while ($record->decrypt_len > $recoffset) {
  224. #We are at the start of a new message
  225. my $msgheaderlen = $isdtls ? DTLS_MESSAGE_HEADER_LENGTH
  226. : TLS_MESSAGE_HEADER_LENGTH;
  227. if ($record->decrypt_len - $recoffset < $msgheaderlen) {
  228. #Whilst technically probably valid we can't cope with this
  229. die "End of record in the middle of a message header\n";
  230. }
  231. @message_rec_list = ($record);
  232. my $lenhi;
  233. my $lenlo;
  234. my $msgseq;
  235. my $msgfrag;
  236. my $msgfragoffs;
  237. if ($isdtls) {
  238. my $msgfraghi;
  239. my $msgfraglo;
  240. my $msgfragoffshi;
  241. my $msgfragoffslo;
  242. ($mt, $lenhi, $lenlo, $msgseq, $msgfraghi, $msgfraglo, $msgfragoffshi, $msgfragoffslo) =
  243. unpack('CnCnnCnC', substr($record->decrypt_data, $recoffset));
  244. $msgfrag = ($msgfraghi << 8) | $msgfraglo;
  245. $msgfragoffs = ($msgfragoffshi << 8) | $msgfragoffslo;
  246. } else {
  247. ($mt, $lenhi, $lenlo) =
  248. unpack('CnC', substr($record->decrypt_data, $recoffset));
  249. }
  250. $messlen = ($lenhi << 8) | $lenlo;
  251. print " Message type: $message_type{$mt}($mt)\n";
  252. print " Message Length: $messlen\n";
  253. $startoffset = $recoffset;
  254. $recoffset += $msgheaderlen;
  255. $payload = "";
  256. if ($recoffset <= $record->decrypt_len) {
  257. #Some payload data is present in this record
  258. if ($record->decrypt_len - $recoffset >= $messlen) {
  259. #We can complete the message with this record
  260. $payload .= substr($record->decrypt_data, $recoffset,
  261. $messlen);
  262. $recoffset += $messlen;
  263. push @message_frag_lens, $messlen;
  264. $message = create_message($server, $mt, $msgseq,
  265. $msgfrag, $msgfragoffs,
  266. $payload, $startoffset, $isdtls);
  267. push @messages, $message;
  268. $payload = "";
  269. } else {
  270. #This is just part of the total message
  271. $payload .= substr($record->decrypt_data, $recoffset,
  272. $record->decrypt_len - $recoffset);
  273. $recoffset = $record->decrypt_len;
  274. push @message_frag_lens, $recoffset;
  275. }
  276. }
  277. }
  278. }
  279. } elsif ($record->content_type == TLSProxy::Record::RT_APPLICATION_DATA) {
  280. print " [ENCRYPTED APPLICATION DATA]\n";
  281. print " [".$record->decrypt_data."]\n";
  282. if ($successondata) {
  283. $success = 1;
  284. $end = 1;
  285. }
  286. } elsif ($record->content_type == TLSProxy::Record::RT_ALERT) {
  287. my ($alertlev, $alertdesc) = unpack('CC', $record->decrypt_data);
  288. print " [$alertlev, $alertdesc]\n";
  289. #A CloseNotify from the client indicates we have finished successfully
  290. #(we assume)
  291. if (!$end && !$server && $alertlev == AL_LEVEL_WARN
  292. && $alertdesc == AL_DESC_CLOSE_NOTIFY) {
  293. $success = 1;
  294. }
  295. #Fatal or close notify alerts end the test
  296. if ($alertlev == AL_LEVEL_FATAL || $alertdesc == AL_DESC_CLOSE_NOTIFY) {
  297. $end = 1;
  298. }
  299. $alert = TLSProxy::Alert->new(
  300. $server,
  301. $record->encrypted,
  302. $alertlev,
  303. $alertdesc);
  304. }
  305. return @messages;
  306. }
  307. #Function to work out which sub-class we need to create and then
  308. #construct it
  309. sub create_message
  310. {
  311. my ($server, $mt, $msgseq, $msgfrag, $msgfragoffs, $data, $startoffset, $isdtls) = @_;
  312. my $message;
  313. if ($mt == MT_CLIENT_HELLO) {
  314. $message = TLSProxy::ClientHello->new(
  315. $isdtls,
  316. $server,
  317. $msgseq,
  318. $msgfrag,
  319. $msgfragoffs,
  320. $data,
  321. [@message_rec_list],
  322. $startoffset,
  323. [@message_frag_lens]
  324. );
  325. $message->parse();
  326. } elsif ($mt == MT_SERVER_HELLO) {
  327. $message = TLSProxy::ServerHello->new(
  328. $isdtls,
  329. $server,
  330. $msgseq,
  331. $msgfrag,
  332. $msgfragoffs,
  333. $data,
  334. [@message_rec_list],
  335. $startoffset,
  336. [@message_frag_lens]
  337. );
  338. $message->parse();
  339. } elsif ($mt == MT_HELLO_VERIFY_REQUEST) {
  340. $message = TLSProxy::HelloVerifyRequest->new(
  341. $isdtls,
  342. $server,
  343. $msgseq,
  344. $msgfrag,
  345. $msgfragoffs,
  346. $data,
  347. [@message_rec_list],
  348. $startoffset,
  349. [@message_frag_lens]
  350. );
  351. $message->parse();
  352. } elsif ($mt == MT_ENCRYPTED_EXTENSIONS) {
  353. $message = TLSProxy::EncryptedExtensions->new(
  354. $isdtls,
  355. $server,
  356. $msgseq,
  357. $msgfrag,
  358. $msgfragoffs,
  359. $data,
  360. [@message_rec_list],
  361. $startoffset,
  362. [@message_frag_lens]
  363. );
  364. $message->parse();
  365. } elsif ($mt == MT_CERTIFICATE) {
  366. $message = TLSProxy::Certificate->new(
  367. $isdtls,
  368. $server,
  369. $msgseq,
  370. $msgfrag,
  371. $msgfragoffs,
  372. $data,
  373. [@message_rec_list],
  374. $startoffset,
  375. [@message_frag_lens]
  376. );
  377. $message->parse();
  378. } elsif ($mt == MT_CERTIFICATE_REQUEST) {
  379. $message = TLSProxy::CertificateRequest->new(
  380. $isdtls,
  381. $server,
  382. $msgseq,
  383. $msgfrag,
  384. $msgfragoffs,
  385. $data,
  386. [@message_rec_list],
  387. $startoffset,
  388. [@message_frag_lens]
  389. );
  390. $message->parse();
  391. } elsif ($mt == MT_CERTIFICATE_VERIFY) {
  392. $message = TLSProxy::CertificateVerify->new(
  393. $isdtls,
  394. $server,
  395. $msgseq,
  396. $msgfrag,
  397. $msgfragoffs,
  398. $data,
  399. [@message_rec_list],
  400. $startoffset,
  401. [@message_frag_lens]
  402. );
  403. $message->parse();
  404. } elsif ($mt == MT_SERVER_KEY_EXCHANGE) {
  405. $message = TLSProxy::ServerKeyExchange->new(
  406. $isdtls,
  407. $server,
  408. $msgseq,
  409. $msgfrag,
  410. $msgfragoffs,
  411. $data,
  412. [@message_rec_list],
  413. $startoffset,
  414. [@message_frag_lens]
  415. );
  416. $message->parse();
  417. } elsif ($mt == MT_NEW_SESSION_TICKET) {
  418. if ($isdtls) {
  419. $message = TLSProxy::NewSessionTicket->new_dtls(
  420. $server,
  421. $msgseq,
  422. $msgfrag,
  423. $msgfragoffs,
  424. $data,
  425. [@message_rec_list],
  426. $startoffset,
  427. [@message_frag_lens]
  428. );
  429. } else {
  430. $message = TLSProxy::NewSessionTicket->new(
  431. $server,
  432. $data,
  433. [@message_rec_list],
  434. $startoffset,
  435. [@message_frag_lens]
  436. );
  437. }
  438. $message->parse();
  439. } else {
  440. #Unknown message type
  441. $message = TLSProxy::Message->new(
  442. $isdtls,
  443. $server,
  444. $mt,
  445. $msgseq,
  446. $msgfrag,
  447. $msgfragoffs,
  448. $data,
  449. [@message_rec_list],
  450. $startoffset,
  451. [@message_frag_lens]
  452. );
  453. }
  454. return $message;
  455. }
  456. sub end
  457. {
  458. my $class = shift;
  459. return $end;
  460. }
  461. sub success
  462. {
  463. my $class = shift;
  464. return $success;
  465. }
  466. sub fail
  467. {
  468. my $class = shift;
  469. return !$success && $end;
  470. }
  471. sub alert
  472. {
  473. return $alert;
  474. }
  475. sub new
  476. {
  477. my $class = shift;
  478. my ($isdtls,
  479. $server,
  480. $mt,
  481. $msgseq,
  482. $msgfrag,
  483. $msgfragoffs,
  484. $data,
  485. $records,
  486. $startoffset,
  487. $message_frag_lens) = @_;
  488. my $self = {
  489. isdtls => $isdtls,
  490. server => $server,
  491. data => $data,
  492. records => $records,
  493. mt => $mt,
  494. msgseq => $msgseq,
  495. msgfrag => $msgfrag,
  496. msgfragoffs => $msgfragoffs,
  497. startoffset => $startoffset,
  498. message_frag_lens => $message_frag_lens,
  499. dupext => -1
  500. };
  501. return bless $self, $class;
  502. }
  503. sub ciphersuite
  504. {
  505. my $class = shift;
  506. if (@_) {
  507. $ciphersuite = shift;
  508. }
  509. return $ciphersuite;
  510. }
  511. #Update all the underlying records with the modified data from this message
  512. #Note: Only supports TLSv1.3 and ETM encryption
  513. sub repack
  514. {
  515. my $self = shift;
  516. my $msgdata;
  517. my $numrecs = $#{$self->records};
  518. $self->set_message_contents();
  519. my $lenlo = length($self->data) & 0xff;
  520. my $lenhi = length($self->data) >> 8;
  521. if ($self->{isdtls}) {
  522. my $msgfraghi = $self->msgfrag >> 8;
  523. my $msgfraglo = $self->msgfrag & 0xff;
  524. my $msgfragoffshi = $self->msgfragoffs >> 8;
  525. my $msgfragoffslo = $self->msgfragoffs & 0xff;
  526. $msgdata = pack('CnCnnCnC', $self->mt, $lenhi, $lenlo, $self->msgseq,
  527. $msgfraghi, $msgfraglo,
  528. $msgfragoffshi, $msgfragoffslo).$self->data;
  529. } else {
  530. $msgdata = pack('CnC', $self->mt, $lenhi, $lenlo).$self->data;
  531. }
  532. if ($numrecs == 0) {
  533. #The message is fully contained within one record
  534. my ($rec) = @{$self->records};
  535. my $recdata = $rec->decrypt_data;
  536. my $old_length;
  537. my $msg_header_len = $self->{isdtls} ? DTLS_MESSAGE_HEADER_LENGTH
  538. : TLS_MESSAGE_HEADER_LENGTH;
  539. # We use empty message_frag_lens to indicates that pre-repacking,
  540. # the message wasn't present. The first fragment length doesn't include
  541. # the TLS header, so we need to check and compute the right length.
  542. if (@{$self->message_frag_lens}) {
  543. $old_length = ${$self->message_frag_lens}[0] + $msg_header_len;
  544. } else {
  545. $old_length = 0;
  546. }
  547. my $prefix = substr($recdata, 0, $self->startoffset);
  548. my $suffix = substr($recdata, $self->startoffset + $old_length);
  549. $rec->decrypt_data($prefix.($msgdata).($suffix));
  550. # TODO(openssl-team): don't keep explicit lengths.
  551. # (If a length override is ever needed to construct invalid packets,
  552. # use an explicit override field instead.)
  553. $rec->decrypt_len(length($rec->decrypt_data));
  554. # Only support re-encryption for TLSv1.3 and ETM.
  555. if ($rec->encrypted()) {
  556. if (TLSProxy::Proxy->is_tls13()) {
  557. #Add content type (1 byte) and 16 tag bytes
  558. $rec->data($rec->decrypt_data
  559. .pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16));
  560. } elsif ($rec->etm()) {
  561. my $data = $rec->decrypt_data;
  562. #Add padding
  563. my $padval = length($data) % 16;
  564. $padval = 15 - $padval;
  565. for (0..$padval) {
  566. $data .= pack("C", $padval);
  567. }
  568. #Add MAC. Assumed to be 20 bytes
  569. foreach my $macval (0..19) {
  570. $data .= pack("C", $macval);
  571. }
  572. if ($rec->version() >= TLSProxy::Record::VERS_TLS_1_1) {
  573. #Explicit IV
  574. $data = ("\0"x16).$data;
  575. }
  576. $rec->data($data);
  577. } else {
  578. die "Unsupported encryption: No ETM";
  579. }
  580. } else {
  581. $rec->data($rec->decrypt_data);
  582. }
  583. $rec->len(length($rec->data));
  584. #Update the fragment len in case we changed it above
  585. ${$self->message_frag_lens}[0] = length($msgdata) - $msg_header_len;
  586. return;
  587. }
  588. #Note we don't currently support changing a fragmented message length
  589. my $recctr = 0;
  590. my $datadone = 0;
  591. foreach my $rec (@{$self->records}) {
  592. my $recdata = $rec->decrypt_data;
  593. if ($recctr == 0) {
  594. #This is the first record
  595. my $remainlen = length($recdata) - $self->startoffset;
  596. $rec->data(substr($recdata, 0, $self->startoffset)
  597. .substr(($msgdata), 0, $remainlen));
  598. $datadone += $remainlen;
  599. } elsif ($recctr + 1 == $numrecs) {
  600. #This is the last record
  601. $rec->data(substr($msgdata, $datadone));
  602. } else {
  603. #This is a middle record
  604. $rec->data(substr($msgdata, $datadone, length($rec->data)));
  605. $datadone += length($rec->data);
  606. }
  607. $recctr++;
  608. }
  609. }
  610. #To be overridden by sub-classes
  611. sub set_message_contents
  612. {
  613. }
  614. #Read only accessors
  615. sub server
  616. {
  617. my $self = shift;
  618. return $self->{server};
  619. }
  620. #Read/write accessors
  621. sub mt
  622. {
  623. my $self = shift;
  624. if (@_) {
  625. $self->{mt} = shift;
  626. }
  627. return $self->{mt};
  628. }
  629. sub msgseq
  630. {
  631. my $self = shift;
  632. if (@_) {
  633. $self->{msgseq} = shift;
  634. }
  635. return $self->{msgseq};
  636. }
  637. sub msgfrag
  638. {
  639. my $self = shift;
  640. if (@_) {
  641. $self->{msgfrag} = shift;
  642. }
  643. return $self->{msgfrag};
  644. }
  645. sub msgfragoffs
  646. {
  647. my $self = shift;
  648. if (@_) {
  649. $self->{msgfragoffs} = shift;
  650. }
  651. return $self->{msgfragoffs};
  652. }
  653. sub data
  654. {
  655. my $self = shift;
  656. if (@_) {
  657. $self->{data} = shift;
  658. }
  659. return $self->{data};
  660. }
  661. sub records
  662. {
  663. my $self = shift;
  664. if (@_) {
  665. $self->{records} = shift;
  666. }
  667. return $self->{records};
  668. }
  669. sub startoffset
  670. {
  671. my $self = shift;
  672. if (@_) {
  673. $self->{startoffset} = shift;
  674. }
  675. return $self->{startoffset};
  676. }
  677. sub message_frag_lens
  678. {
  679. my $self = shift;
  680. if (@_) {
  681. $self->{message_frag_lens} = shift;
  682. }
  683. return $self->{message_frag_lens};
  684. }
  685. sub encoded_length
  686. {
  687. my $self = shift;
  688. my $msg_header_len = $self->{isdtls} ? DTLS_MESSAGE_HEADER_LENGTH
  689. : TLS_MESSAGE_HEADER_LENGTH;
  690. return $msg_header_len + length($self->data);
  691. }
  692. sub dupext
  693. {
  694. my $self = shift;
  695. if (@_) {
  696. $self->{dupext} = shift;
  697. }
  698. return $self->{dupext};
  699. }
  700. sub successondata
  701. {
  702. my $class = shift;
  703. if (@_) {
  704. $successondata = shift;
  705. }
  706. return $successondata;
  707. }
  708. 1;