1 /* $OpenBSD: ssl_asn1.c,v 1.40 2014/12/14 15:30:50 jsing Exp $ */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 #include <stdlib.h> 61 62 #include "ssl_locl.h" 63 64 #include <openssl/objects.h> 65 #include <openssl/x509.h> 66 67 /* XXX - these are here to avoid including asn1_mac.h */ 68 int asn1_GetSequence(ASN1_const_CTX *c, long *length); 69 void asn1_add_error(const unsigned char *address, int offset); 70 71 typedef struct ssl_session_asn1_st { 72 ASN1_INTEGER version; 73 ASN1_INTEGER ssl_version; 74 ASN1_OCTET_STRING cipher; 75 ASN1_OCTET_STRING master_key; 76 ASN1_OCTET_STRING session_id; 77 ASN1_OCTET_STRING session_id_context; 78 ASN1_INTEGER time; 79 ASN1_INTEGER timeout; 80 ASN1_INTEGER verify_result; 81 ASN1_OCTET_STRING tlsext_hostname; 82 ASN1_INTEGER tlsext_tick_lifetime; 83 ASN1_OCTET_STRING tlsext_tick; 84 } SSL_SESSION_ASN1; 85 86 int 87 i2d_SSL_SESSION(SSL_SESSION *in, unsigned char **pp) 88 { 89 #define LSIZE2 (sizeof(long)*2) 90 int v1 = 0, v2 = 0, v3 = 0, v4 = 0, v5 = 0, v6 = 0, v9 = 0, v10 = 0; 91 unsigned char buf[4], ibuf1[LSIZE2], ibuf2[LSIZE2]; 92 unsigned char ibuf3[LSIZE2], ibuf4[LSIZE2], ibuf5[LSIZE2]; 93 unsigned char ibuf6[LSIZE2]; 94 SSL_SESSION_ASN1 a; 95 unsigned char *p; 96 int len = 0, ret; 97 long l; 98 99 if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0))) 100 return (0); 101 102 /* 103 * Note that I cheat in the following 2 assignments. 104 * I know that if the ASN1_INTEGER passed to ASN1_INTEGER_set 105 * is > sizeof(long)+1, the buffer will not be re-malloc()ed. 106 * This is a bit evil but makes things simple, no dynamic allocation 107 * to clean up :-) 108 */ 109 a.version.length = LSIZE2; 110 a.version.type = V_ASN1_INTEGER; 111 a.version.data = ibuf1; 112 ASN1_INTEGER_set(&(a.version), SSL_SESSION_ASN1_VERSION); 113 len += i2d_ASN1_INTEGER(&(a.version), NULL); 114 115 a.ssl_version.length = LSIZE2; 116 a.ssl_version.type = V_ASN1_INTEGER; 117 a.ssl_version.data = ibuf2; 118 ASN1_INTEGER_set(&(a.ssl_version), in->ssl_version); 119 len += i2d_ASN1_INTEGER(&(a.ssl_version), NULL); 120 121 a.cipher.length = 2; 122 a.cipher.type = V_ASN1_OCTET_STRING; 123 l = (in->cipher == NULL) ? in->cipher_id : in->cipher->id; 124 buf[0] = ((unsigned char)(l >> 8L)) & 0xff; 125 buf[1] = ((unsigned char)(l)) & 0xff; 126 a.cipher.data = buf; 127 len += i2d_ASN1_OCTET_STRING(&(a.cipher), NULL); 128 129 a.master_key.length = in->master_key_length; 130 a.master_key.type = V_ASN1_OCTET_STRING; 131 a.master_key.data = in->master_key; 132 len += i2d_ASN1_OCTET_STRING(&(a.master_key), NULL); 133 134 a.session_id.length = in->session_id_length; 135 a.session_id.type = V_ASN1_OCTET_STRING; 136 a.session_id.data = in->session_id; 137 len += i2d_ASN1_OCTET_STRING(&(a.session_id), NULL); 138 139 if (in->time != 0L) { 140 a.time.length = LSIZE2; 141 a.time.type = V_ASN1_INTEGER; 142 a.time.data = ibuf3; 143 ASN1_INTEGER_set(&(a.time), in->time); /* XXX 2038 */ 144 v1 = i2d_ASN1_INTEGER(&(a.time), NULL); 145 len += ASN1_object_size(1, v1, 1); 146 } 147 148 if (in->timeout != 0L) { 149 a.timeout.length = LSIZE2; 150 a.timeout.type = V_ASN1_INTEGER; 151 a.timeout.data = ibuf4; 152 ASN1_INTEGER_set(&(a.timeout), in->timeout); 153 v2 = i2d_ASN1_INTEGER(&(a.timeout), NULL); 154 len += ASN1_object_size(1, v2, 2); 155 } 156 157 if (in->peer != NULL) { 158 v3 = i2d_X509(in->peer, NULL); 159 len += ASN1_object_size(1, v3, 3); 160 } 161 162 a.session_id_context.length = in->sid_ctx_length; 163 a.session_id_context.type = V_ASN1_OCTET_STRING; 164 a.session_id_context.data = in->sid_ctx; 165 v4 = i2d_ASN1_OCTET_STRING(&(a.session_id_context), NULL); 166 len += ASN1_object_size(1, v4, 4); 167 168 if (in->verify_result != X509_V_OK) { 169 a.verify_result.length = LSIZE2; 170 a.verify_result.type = V_ASN1_INTEGER; 171 a.verify_result.data = ibuf5; 172 ASN1_INTEGER_set(&a.verify_result, in->verify_result); 173 v5 = i2d_ASN1_INTEGER(&(a.verify_result), NULL); 174 len += ASN1_object_size(1, v5, 5); 175 } 176 177 if (in->tlsext_hostname) { 178 a.tlsext_hostname.length = strlen(in->tlsext_hostname); 179 a.tlsext_hostname.type = V_ASN1_OCTET_STRING; 180 a.tlsext_hostname.data = (unsigned char *)in->tlsext_hostname; 181 v6 = i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), NULL); 182 len += ASN1_object_size(1, v6, 6); 183 } 184 185 /* 7 - PSK identity hint. */ 186 /* 8 - PSK identity. */ 187 188 if (in->tlsext_tick_lifetime_hint > 0) { 189 a.tlsext_tick_lifetime.length = LSIZE2; 190 a.tlsext_tick_lifetime.type = V_ASN1_INTEGER; 191 a.tlsext_tick_lifetime.data = ibuf6; 192 ASN1_INTEGER_set(&a.tlsext_tick_lifetime, 193 in->tlsext_tick_lifetime_hint); 194 v9 = i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), NULL); 195 len += ASN1_object_size(1, v9, 9); 196 } 197 198 if (in->tlsext_tick) { 199 a.tlsext_tick.length = in->tlsext_ticklen; 200 a.tlsext_tick.type = V_ASN1_OCTET_STRING; 201 a.tlsext_tick.data = (unsigned char *)in->tlsext_tick; 202 v10 = i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), NULL); 203 len += ASN1_object_size(1, v10, 10); 204 } 205 206 /* 11 - Compression method. */ 207 /* 12 - SRP username. */ 208 209 /* If given a NULL pointer, return the length only. */ 210 ret = (ASN1_object_size(1, len, V_ASN1_SEQUENCE)); 211 if (pp == NULL) 212 return (ret); 213 214 /* Burp out the ASN1. */ 215 p = *pp; 216 ASN1_put_object(&p, 1, len, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); 217 i2d_ASN1_INTEGER(&(a.version), &p); 218 i2d_ASN1_INTEGER(&(a.ssl_version), &p); 219 i2d_ASN1_OCTET_STRING(&(a.cipher), &p); 220 i2d_ASN1_OCTET_STRING(&(a.session_id), &p); 221 i2d_ASN1_OCTET_STRING(&(a.master_key), &p); 222 if (in->time != 0L) { 223 ASN1_put_object(&p, 1, v1, 1, V_ASN1_CONTEXT_SPECIFIC); 224 i2d_ASN1_INTEGER(&(a.time), &p); 225 } 226 if (in->timeout != 0L) { 227 ASN1_put_object(&p, 1, v2, 2, V_ASN1_CONTEXT_SPECIFIC); 228 i2d_ASN1_INTEGER(&(a.timeout), &p); 229 } 230 if (in->peer != NULL) { 231 ASN1_put_object(&p, 1, v3, 3, V_ASN1_CONTEXT_SPECIFIC); 232 i2d_X509(in->peer, &p); 233 } 234 ASN1_put_object(&p, 1, v4, 4, V_ASN1_CONTEXT_SPECIFIC); 235 i2d_ASN1_OCTET_STRING(&(a.session_id_context), &p); 236 if (in->verify_result != X509_V_OK) { 237 ASN1_put_object(&p, 1, v5, 5, V_ASN1_CONTEXT_SPECIFIC); 238 i2d_ASN1_INTEGER(&(a.verify_result), &p); 239 } 240 if (in->tlsext_hostname) { 241 ASN1_put_object(&p, 1, v6, 6, V_ASN1_CONTEXT_SPECIFIC); 242 i2d_ASN1_OCTET_STRING(&(a.tlsext_hostname), &p); 243 } 244 /* 7 - PSK identity hint. */ 245 /* 8 - PSK identity. */ 246 if (in->tlsext_tick_lifetime_hint > 0) { 247 ASN1_put_object(&p, 1, v9, 9, V_ASN1_CONTEXT_SPECIFIC); 248 i2d_ASN1_INTEGER(&(a.tlsext_tick_lifetime), &p); 249 } 250 if (in->tlsext_tick) { 251 ASN1_put_object(&p, 1, v10, 10, V_ASN1_CONTEXT_SPECIFIC); 252 i2d_ASN1_OCTET_STRING(&(a.tlsext_tick), &p); 253 } 254 /* 11 - Compression method. */ 255 /* 12 - SRP username. */ 256 257 *pp = p; 258 return (ret); 259 } 260 261 SSL_SESSION * 262 d2i_SSL_SESSION(SSL_SESSION **a, const unsigned char **pp, long length) 263 { 264 SSL_SESSION *ret = NULL; 265 ASN1_const_CTX c; 266 ASN1_INTEGER ai, *aip; 267 ASN1_OCTET_STRING os, *osp; 268 int ssl_version = 0, i; 269 int Tinf, Ttag, Tclass; 270 long Tlen; 271 long id; 272 273 c.pp = pp; 274 c.p = *pp; 275 c.q = *pp; 276 c.max = (length == 0) ? 0 : (c.p + length); 277 c.slen = length; 278 279 if (a == NULL || *a == NULL) { 280 if ((ret = SSL_SESSION_new()) == NULL) { 281 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 282 goto err; 283 } 284 } else 285 ret = *a; 286 287 aip = &ai; 288 osp = &os; 289 290 if (!asn1_GetSequence(&c, &length)) { 291 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 292 goto err; 293 } 294 295 ai.data = NULL; 296 ai.length = 0; 297 c.q = c.p; 298 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 299 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 300 goto err; 301 } 302 c.slen -= (c.p - c.q); 303 304 if (ai.data != NULL) { 305 free(ai.data); 306 ai.data = NULL; 307 ai.length = 0; 308 } 309 310 /* we don't care about the version right now :-) */ 311 c.q = c.p; 312 if (d2i_ASN1_INTEGER(&aip, &c.p, c.slen) == NULL) { 313 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 314 goto err; 315 } 316 c.slen -= (c.p - c.q); 317 ssl_version = (int)ASN1_INTEGER_get(aip); 318 ret->ssl_version = ssl_version; 319 if (ai.data != NULL) { 320 free(ai.data); 321 ai.data = NULL; 322 ai.length = 0; 323 } 324 325 os.data = NULL; 326 os.length = 0; 327 c.q = c.p; 328 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 329 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 330 goto err; 331 } 332 c.slen -= (c.p - c.q); 333 if ((ssl_version >> 8) >= SSL3_VERSION_MAJOR) { 334 if (os.length != 2) { 335 SSLerr(SSL_F_D2I_SSL_SESSION, 336 SSL_R_CIPHER_CODE_WRONG_LENGTH); 337 goto err; 338 } 339 id = 0x03000000L | ((unsigned long)os.data[0]<<8L) | 340 (unsigned long)os.data[1]; 341 } else { 342 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_UNKNOWN_SSL_VERSION); 343 goto err; 344 } 345 346 ret->cipher = NULL; 347 ret->cipher_id = id; 348 349 c.q = c.p; 350 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 351 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 352 goto err; 353 } 354 c.slen -= (c.p - c.q); 355 356 i = SSL3_MAX_SSL_SESSION_ID_LENGTH; 357 if (os.length > i) 358 os.length = i; 359 if (os.length > (int)sizeof(ret->session_id)) /* can't happen */ 360 os.length = sizeof(ret->session_id); 361 362 ret->session_id_length = os.length; 363 OPENSSL_assert(os.length <= (int)sizeof(ret->session_id)); 364 memcpy(ret->session_id, os.data, os.length); 365 366 c.q = c.p; 367 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, c.slen) == NULL) { 368 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 369 goto err; 370 } 371 c.slen -= (c.p - c.q); 372 if (os.length > SSL_MAX_MASTER_KEY_LENGTH) 373 ret->master_key_length = SSL_MAX_MASTER_KEY_LENGTH; 374 else 375 ret->master_key_length = os.length; 376 memcpy(ret->master_key, os.data, ret->master_key_length); 377 378 os.length = 0; 379 380 /* 1 - Time (INTEGER). */ 381 /* XXX 2038 */ 382 ai.length = 0; 383 if (c.slen != 0L && 384 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 1)) { 385 c.q = c.p; 386 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 387 if (Tinf & 0x80) { 388 SSLerr(SSL_F_D2I_SSL_SESSION, 389 ERR_R_BAD_ASN1_OBJECT_HEADER); 390 goto err; 391 } 392 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 393 Tlen = c.slen - (c.p - c.q) - 2; 394 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 395 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 396 goto err; 397 } 398 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 399 Tlen = c.slen - (c.p - c.q); 400 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 401 SSLerr(SSL_F_D2I_SSL_SESSION, 402 ERR_R_MISSING_ASN1_EOS); 403 goto err; 404 } 405 } 406 c.slen -= (c.p - c.q); 407 } 408 if (ai.data != NULL) { 409 ret->time = ASN1_INTEGER_get(aip); 410 free(ai.data); 411 ai.data = NULL; 412 ai.length = 0; 413 } else 414 ret->time = time(NULL); 415 416 /* 2 - Timeout (INTEGER). */ 417 ai.length = 0; 418 if (c.slen != 0L && 419 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 2)) { 420 c.q = c.p; 421 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 422 if (Tinf & 0x80) { 423 SSLerr(SSL_F_D2I_SSL_SESSION, 424 ERR_R_BAD_ASN1_OBJECT_HEADER); 425 goto err; 426 } 427 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 428 Tlen = c.slen - (c.p - c.q) - 2; 429 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 430 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 431 goto err; 432 } 433 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 434 Tlen = c.slen - (c.p - c.q); 435 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 436 SSLerr(SSL_F_D2I_SSL_SESSION, 437 ERR_R_MISSING_ASN1_EOS); 438 goto err; 439 } 440 } 441 c.slen -= (c.p - c.q); 442 } 443 if (ai.data != NULL) { 444 ret->timeout = ASN1_INTEGER_get(aip); 445 free(ai.data); 446 ai.data = NULL; 447 ai.length = 0; 448 } else 449 ret->timeout = 3; 450 451 /* 3 - Peer (X509). */ 452 X509_free(ret->peer); 453 ret->peer = NULL; 454 455 if (c.slen != 0L && 456 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 3)) { 457 c.q = c.p; 458 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 459 if (Tinf & 0x80) { 460 SSLerr(SSL_F_D2I_SSL_SESSION, 461 ERR_R_BAD_ASN1_OBJECT_HEADER); 462 goto err; 463 } 464 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 465 Tlen = c.slen - (c.p - c.q) - 2; 466 if (d2i_X509(&ret->peer, &c.p, Tlen) == NULL) { 467 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 468 goto err; 469 } 470 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 471 Tlen = c.slen - (c.p - c.q); 472 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 473 SSLerr(SSL_F_D2I_SSL_SESSION, 474 ERR_R_MISSING_ASN1_EOS); 475 goto err; 476 } 477 } 478 c.slen -= (c.p - c.q); 479 } 480 481 /* 4 - Session ID (OCTET STRING). */ 482 os.length = 0; 483 free(os.data); 484 os.data = NULL; 485 if (c.slen != 0L && 486 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 4)) { 487 c.q = c.p; 488 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 489 if (Tinf & 0x80) { 490 SSLerr(SSL_F_D2I_SSL_SESSION, 491 ERR_R_BAD_ASN1_OBJECT_HEADER); 492 goto err; 493 } 494 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 495 Tlen = c.slen - (c.p - c.q) - 2; 496 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 497 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 498 goto err; 499 } 500 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 501 Tlen = c.slen - (c.p - c.q); 502 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 503 SSLerr(SSL_F_D2I_SSL_SESSION, 504 ERR_R_MISSING_ASN1_EOS); 505 goto err; 506 } 507 } 508 c.slen -= (c.p - c.q); 509 } 510 if (os.data != NULL) { 511 if (os.length > SSL_MAX_SID_CTX_LENGTH) { 512 SSLerr(SSL_F_D2I_SSL_SESSION, SSL_R_BAD_LENGTH); 513 goto err; 514 } else { 515 ret->sid_ctx_length = os.length; 516 memcpy(ret->sid_ctx, os.data, os.length); 517 } 518 free(os.data); 519 os.data = NULL; 520 os.length = 0; 521 } else 522 ret->sid_ctx_length = 0; 523 524 /* 5 - Verify_result. */ 525 ai.length = 0; 526 if (c.slen != 0L && 527 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 5)) { 528 c.q = c.p; 529 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 530 if (Tinf & 0x80) { 531 SSLerr(SSL_F_D2I_SSL_SESSION, 532 ERR_R_BAD_ASN1_OBJECT_HEADER); 533 goto err; 534 } 535 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 536 Tlen = c.slen - (c.p - c.q) - 2; 537 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 538 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 539 goto err; 540 } 541 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 542 Tlen = c.slen - (c.p - c.q); 543 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 544 SSLerr(SSL_F_D2I_SSL_SESSION, 545 ERR_R_MISSING_ASN1_EOS); 546 goto err; 547 } 548 } 549 c.slen -= (c.p - c.q); 550 } 551 if (ai.data != NULL) { 552 ret->verify_result = ASN1_INTEGER_get(aip); 553 free(ai.data); 554 ai.data = NULL; 555 ai.length = 0; 556 } else 557 ret->verify_result = X509_V_OK; 558 559 /* 6 - HostName (OCTET STRING). */ 560 os.length = 0; 561 os.data = NULL; 562 if (c.slen != 0L && 563 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 6)) { 564 c.q = c.p; 565 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 566 if (Tinf & 0x80) { 567 SSLerr(SSL_F_D2I_SSL_SESSION, 568 ERR_R_BAD_ASN1_OBJECT_HEADER); 569 goto err; 570 } 571 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 572 Tlen = c.slen - (c.p - c.q) - 2; 573 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 574 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 575 goto err; 576 } 577 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 578 Tlen = c.slen - (c.p - c.q); 579 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 580 SSLerr(SSL_F_D2I_SSL_SESSION, 581 ERR_R_MISSING_ASN1_EOS); 582 goto err; 583 } 584 } 585 c.slen -= (c.p - c.q); 586 } 587 if (os.data) { 588 ret->tlsext_hostname = strndup((char *)os.data, os.length); 589 free(os.data); 590 os.data = NULL; 591 os.length = 0; 592 } else 593 ret->tlsext_hostname = NULL; 594 595 /* 7 - PSK identity hint (OCTET STRING). */ 596 /* 8 - PSK identity (OCTET STRING). */ 597 598 /* 9 - Ticket lifetime. */ 599 ai.length = 0; 600 if (c.slen != 0L && 601 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 9)) { 602 c.q = c.p; 603 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 604 if (Tinf & 0x80) { 605 SSLerr(SSL_F_D2I_SSL_SESSION, 606 ERR_R_BAD_ASN1_OBJECT_HEADER); 607 goto err; 608 } 609 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 610 Tlen = c.slen - (c.p - c.q) - 2; 611 if (d2i_ASN1_INTEGER(&aip, &c.p, Tlen) == NULL) { 612 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 613 goto err; 614 } 615 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 616 Tlen = c.slen - (c.p - c.q); 617 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 618 SSLerr(SSL_F_D2I_SSL_SESSION, 619 ERR_R_MISSING_ASN1_EOS); 620 goto err; 621 } 622 } 623 c.slen -= (c.p - c.q); 624 } 625 if (ai.data != NULL) { 626 ret->tlsext_tick_lifetime_hint = ASN1_INTEGER_get(aip); 627 free(ai.data); 628 ai.data = NULL; 629 ai.length = 0; 630 } else if (ret->tlsext_ticklen && ret->session_id_length) 631 ret->tlsext_tick_lifetime_hint = -1; 632 else 633 ret->tlsext_tick_lifetime_hint = 0; 634 os.length = 0; 635 os.data = NULL; 636 637 /* 10 - Ticket (OCTET STRING). */ 638 if (c.slen != 0L && 639 *c.p == (V_ASN1_CONSTRUCTED | V_ASN1_CONTEXT_SPECIFIC | 10)) { 640 c.q = c.p; 641 Tinf = ASN1_get_object(&c.p, &Tlen, &Ttag, &Tclass, c.slen); 642 if (Tinf & 0x80) { 643 SSLerr(SSL_F_D2I_SSL_SESSION, 644 ERR_R_BAD_ASN1_OBJECT_HEADER); 645 goto err; 646 } 647 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) 648 Tlen = c.slen - (c.p - c.q) - 2; 649 if (d2i_ASN1_OCTET_STRING(&osp, &c.p, Tlen) == NULL) { 650 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 651 goto err; 652 } 653 if (Tinf == (V_ASN1_CONSTRUCTED + 1)) { 654 Tlen = c.slen - (c.p - c.q); 655 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) { 656 SSLerr(SSL_F_D2I_SSL_SESSION, 657 ERR_R_MISSING_ASN1_EOS); 658 goto err; 659 } 660 } 661 c.slen -= (c.p - c.q); 662 } 663 if (os.data) { 664 ret->tlsext_tick = os.data; 665 ret->tlsext_ticklen = os.length; 666 os.data = NULL; 667 os.length = 0; 668 } else 669 ret->tlsext_tick = NULL; 670 671 /* 11 - Compression method (OCTET STRING). */ 672 /* 12 - SRP username (OCTET STRING). */ 673 674 if (!asn1_const_Finish(&c)) { 675 SSLerr(SSL_F_D2I_SSL_SESSION, ERR_R_NESTED_ASN1_ERROR); 676 goto err; 677 } 678 679 *pp = c.p; 680 if (a != NULL) 681 *a = ret; 682 683 return (ret); 684 685 err: 686 ERR_asprintf_error_data("offset=%d", (int)(c.q - *pp)); 687 if (ret != NULL && (a == NULL || *a != ret)) 688 SSL_SESSION_free(ret); 689 690 return (NULL); 691 } 692