mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2025-12-06 14:23:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

std.crypto.Tls: parse encrypted extensions

Browse Source
This commit is contained in:
Andrew Kelley 2022-12-16 13:57:56 -07:00
parent 462b3ed69c
commit 02c33d02e0
1 changed files with 21 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
lib/std/crypto/Tls.zig
View File

@ -592,9 +592,7 @@ pub fn init(stream: net.Stream, host: []const u8) !Tls {
const end_hdr = i + 5; const end_hdr = i + 5;
if (end_hdr > handshake_buf.len) return error.TlsRecordOverflow; if (end_hdr > handshake_buf.len) return error.TlsRecordOverflow;
if (end_hdr > len) { if (end_hdr > len) {
std.debug.print("read len={d} atleast={d}\n", .{ len, end_hdr - len });
len += try stream.readAtLeast(handshake_buf[len..], end_hdr - len); len += try stream.readAtLeast(handshake_buf[len..], end_hdr - len);
std.debug.print("new len: {d} bytes\n", .{len});
if (end_hdr > len) return error.EndOfStream; if (end_hdr > len) return error.EndOfStream;
} }
const ct = @intToEnum(ContentType, handshake_buf[i]); const ct = @intToEnum(ContentType, handshake_buf[i]);
@ -605,12 +603,9 @@ pub fn init(stream: net.Stream, host: []const u8) !Tls {
const record_size = mem.readIntBig(u16, handshake_buf[i..][0..2]); const record_size = mem.readIntBig(u16, handshake_buf[i..][0..2]);
i += 2; i += 2;
const end = i + record_size; const end = i + record_size;
std.debug.print("ct={any} record_size={d} end={d}\n", .{ ct, record_size, end });
if (end > handshake_buf.len) return error.TlsRecordOverflow; if (end > handshake_buf.len) return error.TlsRecordOverflow;
if (end > len) { if (end > len) {
std.debug.print("read len={d} atleast={d}\n", .{ len, end - len });
len += try stream.readAtLeast(handshake_buf[len..], end - len); len += try stream.readAtLeast(handshake_buf[len..], end - len);
std.debug.print("new len: {d} bytes\n", .{len});
if (end > len) return error.EndOfStream; if (end > len) return error.EndOfStream;
} }
switch (ct) { switch (ct) {
@ -665,11 +660,25 @@ pub fn init(stream: net.Stream, host: []const u8) !Tls {
return error.TlsBadLength; return error.TlsBadLength;
switch (handshake_type) { switch (handshake_type) {
@enumToInt(HandshakeType.encrypted_extensions) => { @enumToInt(HandshakeType.encrypted_extensions) => {
const ext_size = mem.readIntBig(u16, cleartext[ct_i..][0..2]); const total_ext_size = mem.readIntBig(u16, cleartext[ct_i..][0..2]);
ct_i += 2; ct_i += 2;
std.debug.print("{d} bytes of encrypted extensions\n", .{ const end_ext_i = ct_i + total_ext_size;
ext_size, while (ct_i < end_ext_i) {
}); const et = mem.readIntBig(u16, cleartext[ct_i..][0..2]);
ct_i += 2;
const ext_size = mem.readIntBig(u16, cleartext[ct_i..][0..2]);
ct_i += 2;
const next_ext_i = ct_i + ext_size;
switch (et) {
@enumToInt(ExtensionType.server_name) => {},
else => {
std.debug.print("encrypted extension: {any}\n", .{
et,
});
},
}
ct_i = next_ext_i;
}
}, },
@enumToInt(HandshakeType.certificate) => { @enumToInt(HandshakeType.certificate) => {
std.debug.print("cool certificate bro\n", .{}); std.debug.print("cool certificate bro\n", .{});
@ -887,19 +896,18 @@ pub fn read(tls: *Tls, stream: net.Stream, buffer: []u8) !usize {
// Capacity of output buffer, in records, rounded up. // Capacity of output buffer, in records, rounded up.
const buf_cap = (buffer.len +| (max_ciphertext_len - 1)) / max_ciphertext_len; const buf_cap = (buffer.len +| (max_ciphertext_len - 1)) / max_ciphertext_len;
const wanted_read_len = buf_cap * (max_ciphertext_len + ciphertext_record_header_len); const wanted_read_len = buf_cap * (max_ciphertext_len + ciphertext_record_header_len);
const actual_read_len = try stream.read(in_buf[prev_len..@min(wanted_read_len, in_buf.len)]); const ask_slice = in_buf[prev_len..@min(wanted_read_len, in_buf.len)];
const actual_read_len = try stream.read(ask_slice);
const frag = in_buf[0 .. prev_len + actual_read_len]; const frag = in_buf[0 .. prev_len + actual_read_len];
if (frag.len == 0) { if (frag.len == 0) {
tls.eof = true; tls.eof = true;
return 0; return 0;
} }
std.debug.print("actual_read_len={d} frag.len={d}\n", .{ actual_read_len, frag.len });
var in: usize = 0; var in: usize = 0;
var out: usize = 0; var out: usize = 0;
while (true) { while (true) {
if (in + ciphertext_record_header_len > frag.len) { if (in + ciphertext_record_header_len > frag.len) {
std.debug.print("in={d} frag.len={d}\n", .{ in, frag.len });
return finishRead(tls, frag, in, out); return finishRead(tls, frag, in, out);
} }
const ct = @intToEnum(ContentType, frag[in]); const ct = @intToEnum(ContentType, frag[in]);
@ -912,7 +920,6 @@ pub fn read(tls: *Tls, stream: net.Stream, buffer: []u8) !usize {
const end = in + record_size; const end = in + record_size;
if (end > frag.len) { if (end > frag.len) {
if (record_size > max_ciphertext_len) return error.TlsRecordOverflow; if (record_size > max_ciphertext_len) return error.TlsRecordOverflow;
std.debug.print("end={d} frag.len={d}\n", .{ end, frag.len });
return finishRead(tls, frag, in, out); return finishRead(tls, frag, in, out);
} }
switch (ct) { switch (ct) {
@ -980,6 +987,7 @@ pub fn read(tls: *Tls, stream: net.Stream, buffer: []u8) !usize {
} }
}, },
else => { else => {
std.debug.print("unexpected ct: {any}\n", .{ct});
return error.TlsUnexpectedMessage; return error.TlsUnexpectedMessage;
}, },
} }