1 // Copyright Joyent, Inc. and other Node contributors.
3 // Permission is hereby granted, free of charge, to any person obtaining a
4 // copy of this software and associated documentation files (the
5 // "Software"), to deal in the Software without restriction, including
6 // without limitation the rights to use, copy, modify, merge, publish,
7 // distribute, sublicense, and/or sell copies of the Software, and to permit
8 // persons to whom the Software is furnished to do so, subject to the
9 // following conditions:
11 // The above copyright notice and this permission notice shall be included
12 // in all copies or substantial portions of the Software.
14 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
15 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
17 // NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
18 // DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
19 // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
20 // USE OR OTHER DEALINGS IN THE SOFTWARE.
22 #include "node_crypto_clienthello.h"
23 #include "node_crypto_clienthello-inl.h"
24 #include "node_buffer.h" // Buffer
28 void ClientHelloParser::Parse(const uint8_t* data, size_t avail) {
31 if (!ParseRecordHeader(data, avail))
36 ParseHeader(data, avail);
41 // Already ended, just ignore it
49 bool ClientHelloParser::ParseRecordHeader(const uint8_t* data, size_t avail) {
50 // >= 5 bytes for header parsing
54 if (data[0] == kChangeCipherSpec ||
56 data[0] == kHandshake ||
57 data[0] == kApplicationData) {
58 frame_len_ = (data[3] << 8) + data[4];
62 #ifdef OPENSSL_NO_SSL2
63 frame_len_ = ((data[0] << 8) & kSSL2HeaderMask) + data[1];
65 if (data[0] & kSSL2TwoByteHeaderBit) {
66 // header without padding
69 // header with padding
75 #endif // OPENSSL_NO_SSL2
78 // Sanity check (too big frame, or too small)
79 // Let OpenSSL handle it
80 if (frame_len_ >= kMaxTLSFrameLen) {
89 void ClientHelloParser::ParseHeader(const uint8_t* data, size_t avail) {
90 // >= 5 + frame size bytes for frame parsing
91 if (body_offset_ + frame_len_ > avail)
94 // Skip unsupported frames and gather some data from frame
96 // TODO(indutny): Check hello protocol version
97 if (data[body_offset_] == kClientHello) {
98 if (state_ == kTLSHeader) {
99 if (!ParseTLSClientHello(data, avail))
101 } else if (state_ == kSSL2Header) {
102 #ifdef OPENSSL_NO_SSL2
103 if (!ParseSSL2ClientHello(data, avail))
106 abort(); // Unreachable
107 #endif // OPENSSL_NO_SSL2
109 // We couldn't get here, but whatever
113 // Check if we overflowed (do not reply with any private data)
114 if (session_id_ == NULL ||
115 session_size_ > 32 ||
116 session_id_ + session_size_ > data + avail) {
123 hello.session_id_ = session_id_;
124 hello.session_size_ = session_size_;
125 hello.has_ticket_ = tls_ticket_ != NULL && tls_ticket_size_ != 0;
126 hello.servername_ = servername_;
127 hello.servername_size_ = servername_size_;
128 onhello_cb_(cb_arg_, hello);
132 void ClientHelloParser::ParseExtension(ClientHelloParser::ExtensionType type,
135 // NOTE: In case of anything we're just returning back, ignoring the problem.
136 // That's because we're heavily relying on OpenSSL to solve any problem with
143 uint32_t server_names_len = (data[0] << 8) + data[1];
144 if (server_names_len + 2 > len)
146 for (size_t offset = 2; offset < 2 + server_names_len; ) {
147 if (offset + 3 > len)
149 uint8_t name_type = data[offset];
150 if (name_type != kServernameHostname)
152 uint16_t name_len = (data[offset + 1] << 8) + data[offset + 2];
154 if (offset + name_len > len)
156 servername_ = data + offset;
157 servername_size_ = name_len;
162 case kTLSSessionTicket:
163 tls_ticket_size_ = len;
164 tls_ticket_ = data + len;
173 bool ClientHelloParser::ParseTLSClientHello(const uint8_t* data, size_t avail) {
176 // Skip frame header, hello header, protocol version and random data
177 size_t session_offset = body_offset_ + 4 + 2 + 32;
179 if (session_offset + 1 >= avail)
182 body = data + session_offset;
183 session_size_ = *body;
184 session_id_ = body + 1;
186 size_t cipher_offset = session_offset + 1 + session_size_;
188 // Session OOB failure
189 if (cipher_offset + 1 >= avail)
192 uint16_t cipher_len =
193 (data[cipher_offset] << 8) + data[cipher_offset + 1];
194 size_t comp_offset = cipher_offset + 2 + cipher_len;
196 // Cipher OOB failure
197 if (comp_offset >= avail)
200 uint8_t comp_len = data[comp_offset];
201 size_t extension_offset = comp_offset + 1 + comp_len;
203 // Compression OOB failure
204 if (extension_offset > avail)
207 // No extensions present
208 if (extension_offset == avail)
211 size_t ext_off = extension_offset + 2;
213 // Parse known extensions
214 while (ext_off < avail) {
216 if (ext_off + 4 > avail)
219 uint16_t ext_type = (data[ext_off] << 8) + data[ext_off + 1];
220 uint16_t ext_len = (data[ext_off + 2] << 8) + data[ext_off + 3];
224 if (ext_off + ext_len > avail)
227 ParseExtension(static_cast<ExtensionType>(ext_type),
234 // Extensions OOB failure
242 #ifdef OPENSSL_NO_SSL2
243 bool ClientHelloParser::ParseSSL2ClientHello(const uint8_t* data,
247 // Skip header, version
248 size_t session_offset = body_offset_ + 3;
250 if (session_offset + 4 < avail) {
251 body = data + session_offset;
253 uint16_t ciphers_size = (body[0] << 8) + body[1];
255 if (body + 4 + ciphers_size < data + avail) {
256 session_size_ = (body[2] << 8) + body[3];
257 session_id_ = body + 4 + ciphers_size;
263 #endif // OPENSSL_NO_SSL2