diff options
| author | René Meusel <[email protected]> | 2021-10-29 11:44:58 +0530 |
|---|---|---|
| committer | René Meusel <[email protected]> | 2021-10-29 11:44:58 +0530 |
| commit | bdd1fc92b9abecdad972921e2424db5b51ccbc5b (patch) | |
| tree | deb1cca9f4bbf068d2d4934867c2c1e475f259f5 | |
| parent | 084cabc9760dfe4ea79cc28f5289669fd20b5a57 (diff) | |
detect unknown ciphers when parsing TLS session
| -rw-r--r-- | src/lib/tls/tls_session.cpp | 10 | ||||
| -rw-r--r-- | src/tests/test_tls.cpp | 27 |
2 files changed, 33 insertions, 4 deletions
diff --git a/src/lib/tls/tls_session.cpp b/src/lib/tls/tls_session.cpp index 28ee8e9ab..8eb03712b 100644 --- a/src/lib/tls/tls_session.cpp +++ b/src/lib/tls/tls_session.cpp @@ -69,6 +69,7 @@ Session::Session(const uint8_t ber[], size_t ber_len) size_t srtp_profile = 0; size_t fragment_size = 0; size_t compression_method = 0; + uint16_t ciphersuite_code = 0; BER_Decoder(ber, ber_len) .start_sequence() @@ -79,7 +80,7 @@ Session::Session(const uint8_t ber[], size_t ber_len) .decode_integer_type(minor_version) .decode(m_identifier, ASN1_Type::OctetString) .decode(m_session_ticket, ASN1_Type::OctetString) - .decode_integer_type(m_ciphersuite) + .decode_integer_type(ciphersuite_code) .decode_integer_type(compression_method) .decode_integer_type(side_code) .decode_integer_type(fragment_size) @@ -113,6 +114,13 @@ Session::Session(const uint8_t ber[], size_t ber_len) " no longer supported"); } + if(!Ciphersuite::by_id(ciphersuite_code)) + { + throw Decoding_Error("Serialized TLS session contains unknown cipher suite " + "(" + std::to_string(ciphersuite_code) + ")"); + } + + m_ciphersuite = ciphersuite_code; m_version = Protocol_Version(major_version, minor_version); m_start_time = std::chrono::system_clock::from_time_t(start_time); m_connection_side = static_cast<Connection_Side>(side_code); diff --git a/src/tests/test_tls.cpp b/src/tests/test_tls.cpp index 83caca7ba..c6be40325 100644 --- a/src/tests/test_tls.cpp +++ b/src/tests/test_tls.cpp @@ -37,13 +37,13 @@ class TLS_Session_Tests final : public Test Botan::secure_vector<uint8_t> default_der = default_session.DER_encode(); result.test_gte("Encoded default session has size", default_der.size(), 0); - - Botan::TLS::Session decoded_default(default_der.data(), default_der.size()); + result.test_throws("Encoded default session cannot be read", + [&] { Botan::TLS::Session{default_der.data(), default_der.size()}; }); Botan::TLS::Session session(std::vector<uint8_t>{0xAA, 0xBB}, Botan::secure_vector<uint8_t>{0xCC, 0xDD}, Botan::TLS::Protocol_Version::TLS_V12, - 0xFE0F, + 0xC02F, Botan::TLS::CLIENT, true, false, @@ -56,6 +56,10 @@ class TLS_Session_Tests final : public Test Botan::TLS::Session session_from_pem(pem); result.test_eq("Roundtrip from pem", session.DER_encode(), session_from_pem.DER_encode()); + const auto der = session.DER_encode(); + Botan::TLS::Session session_from_der(der.data(), der.size()); + result.test_eq("Roundtrip from der", session.DER_encode(), session_from_der.DER_encode()); + const Botan::SymmetricKey key("ABCDEF"); const std::vector<uint8_t> ctext1 = session.encrypt(key, Test::rng()); const std::vector<uint8_t> ctext2 = session.encrypt(key, Test::rng()); @@ -80,6 +84,23 @@ class TLS_Session_Tests final : public Test result.test_eq("Only randomness comes from RNG", ctextf1, ctextf2); + Botan::TLS::Session session2(std::vector<uint8_t>{0xAA, 0xCC}, + Botan::secure_vector<uint8_t>{0xCC, 0xEE}, + Botan::TLS::Protocol_Version::TLS_V12, + 0xBAAD, // cipher suite does not exist + Botan::TLS::CLIENT, + true, + false, + std::vector<Botan::X509_Certificate>(), + std::vector<uint8_t>(), + Botan::TLS::Server_Information("server"), + 0x0000); + const std::string pem_with_unknown_ciphersuite = session2.PEM_encode(); + + result.test_throws("unknown ciphersuite during session parsing", + "Serialized TLS session contains unknown cipher suite (47789)", + [&] { Botan::TLS::Session{pem_with_unknown_ciphersuite}; }); + return {result}; } }; |