From 67df17d31d61f013d537abc7744f707435351125 Mon Sep 17 00:00:00 2001 From: Jack Lloyd Date: Mon, 20 May 2019 14:44:08 -0400 Subject: Fix various issues in TLS found using BoGo - BoGo sends unparseable OCSP responses, so we have to accomodate for this by delaying decoding until verification and simply ignoring OCSP responses that we can't parse. - Check that there is no trailing garbage at the end of various messages. - Don't send empty SNI - Check the TLS record header versions (previously ignored) - For CBC 1/n-1 splitting split every record instead of just first. I think this is not a problem but it is what BoGo expects. - New Channel::application_protocol virtual (previously was implemented on both Client and Server but not shared). - Changes to resumption version handling. - Fix server version selection when newer versions are disabled. New policy hooks added in service of BoGo: - maximum_certificate_chain_size gives the maximum cert chain in bytes that we'll accept. - allow_resumption_for_renegotiation specifies if a renegotiation attempt can be simply (re-)resumed instead. - abort_handshake_on_undesired_renegotiation - previously we just ignored it with a warning alert. Now behavior is configurable. - request_client_certificate_authentication - require_client_certificate_authentication --- src/lib/tls/msg_cert_status.cpp | 19 ++++++++----------- 1 file changed, 8 insertions(+), 11 deletions(-) (limited to 'src/lib/tls/msg_cert_status.cpp') diff --git a/src/lib/tls/msg_cert_status.cpp b/src/lib/tls/msg_cert_status.cpp index 8ad37336b..c0cd82a28 100644 --- a/src/lib/tls/msg_cert_status.cpp +++ b/src/lib/tls/msg_cert_status.cpp @@ -22,8 +22,8 @@ Certificate_Status::Certificate_Status(const std::vector& buf) if(buf.size() < 5) throw Decoding_Error("Invalid Certificate_Status message: too small"); - if(buf[0] != 1) - throw Decoding_Error("Unexpected Certificate_Status message: unexpected message type"); + if(buf[0] != 1) // not OCSP + throw Decoding_Error("Unexpected Certificate_Status message: unexpected response type"); size_t len = make_uint32(0, buf[1], buf[2], buf[3]); @@ -31,33 +31,30 @@ Certificate_Status::Certificate_Status(const std::vector& buf) if(buf.size() != len + 4) throw Decoding_Error("Invalid Certificate_Status: invalid length field"); - m_response = std::make_shared(buf.data() + 4, buf.size() - 4); + m_response.assign(buf.begin() + 4, buf.end()); } Certificate_Status::Certificate_Status(Handshake_IO& io, Handshake_Hash& hash, std::shared_ptr ocsp) : - m_response(ocsp) + m_response(ocsp->raw_bits()) { hash.update(io.send(*this)); } std::vector Certificate_Status::serialize() const { - BOTAN_ASSERT_NONNULL(m_response); - const std::vector& m_resp_bits = m_response->raw_bits(); - - if(m_resp_bits.size() > 0xFFFFFF) // unlikely + if(m_response.size() > 0xFFFFFF) // unlikely throw Encoding_Error("OCSP response too long to encode in TLS"); - const uint32_t m_resp_bits_len = static_cast(m_resp_bits.size()); + const uint32_t m_response_len = static_cast(m_response.size()); std::vector buf; buf.push_back(1); // type OCSP for(size_t i = 1; i < 4; ++i) - buf[i] = get_byte(i, m_resp_bits_len); + buf[i] = get_byte(i, m_response_len); - buf += m_resp_bits; + buf += m_response; return buf; } -- cgit v1.2.3