Line | Source | Count |
1 | | - |
2 | | - |
3 | | - |
4 | | - |
5 | | - |
6 | | - |
7 | | - |
8 | | - |
9 | | - |
10 | #include "../ssl_locl.h" | - |
11 | #include "internal/constant_time_locl.h" | - |
12 | #include <openssl/rand.h> | - |
13 | #include "record_locl.h" | - |
14 | #include "internal/cryptlib.h" | - |
15 | | - |
16 | static const unsigned char ssl3_pad_1[48] = { | - |
17 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, | - |
18 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, | - |
19 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, | - |
20 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, | - |
21 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, | - |
22 | 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36 | - |
23 | }; | - |
24 | | - |
25 | static const unsigned char ssl3_pad_2[48] = { | - |
26 | 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, | - |
27 | 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, | - |
28 | 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, | - |
29 | 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, | - |
30 | 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, | - |
31 | 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c | - |
32 | }; | - |
33 | | - |
34 | | - |
35 | | - |
36 | | - |
37 | void SSL3_RECORD_clear(SSL3_RECORD *r, size_t num_recs) | - |
38 | { | - |
39 | unsigned char *comp; | - |
40 | size_t i; | - |
41 | | - |
42 | for (i = 0; i < num_recs; i++) {TRUE | evaluated 784736 times by 2 testsEvaluated by:- libssl.so.1.1
- tls13encryptiontest
| FALSE | evaluated 24523 times by 2 testsEvaluated by:- libssl.so.1.1
- tls13encryptiontest
|
| 24523-784736 |
43 | comp = r[i].comp; | - |
44 | | - |
45 | memset(&r[i], 0, sizeof(*r)); | - |
46 | r[i].comp = comp; | - |
47 | }executed 784736 times by 2 tests: end of block Executed by:- libssl.so.1.1
- tls13encryptiontest
| 784736 |
48 | }executed 24523 times by 2 tests: end of block Executed by:- libssl.so.1.1
- tls13encryptiontest
| 24523 |
49 | | - |
50 | void SSL3_RECORD_release(SSL3_RECORD *r, size_t num_recs) | - |
51 | { | - |
52 | size_t i; | - |
53 | | - |
54 | for (i = 0; i < num_recs; i++) {TRUE | evaluated 265472 times by 2 testsEvaluated by:- libssl.so.1.1
- tls13encryptiontest
| FALSE | evaluated 8296 times by 2 testsEvaluated by:- libssl.so.1.1
- tls13encryptiontest
|
| 8296-265472 |
55 | OPENSSL_free(r[i].comp); | - |
56 | r[i].comp = NULL; | - |
57 | }executed 265472 times by 2 tests: end of block Executed by:- libssl.so.1.1
- tls13encryptiontest
| 265472 |
58 | }executed 8296 times by 2 tests: end of block Executed by:- libssl.so.1.1
- tls13encryptiontest
| 8296 |
59 | | - |
60 | void SSL3_RECORD_set_seq_num(SSL3_RECORD *r, const unsigned char *seq_num) | - |
61 | { | - |
62 | memcpy(r->seq_num, seq_num, SEQ_NUM_SIZE); | - |
63 | }executed 3418 times by 1 test: end of block | 3418 |
64 | | - |
65 | | - |
66 | | - |
67 | | - |
68 | | - |
69 | static int ssl3_record_app_data_waiting(SSL *s) | - |
70 | { | - |
71 | SSL3_BUFFER *rbuf; | - |
72 | size_t left, len; | - |
73 | unsigned char *p; | - |
74 | | - |
75 | rbuf = RECORD_LAYER_get_rbuf(&s->rlayer); | - |
76 | | - |
77 | p = SSL3_BUFFER_get_buf(rbuf); | - |
78 | if (p == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
79 | return 0; never executed: return 0; | 0 |
80 | | - |
81 | left = SSL3_BUFFER_get_left(rbuf); | - |
82 | | - |
83 | if (left < SSL3_RT_HEADER_LENGTH)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
84 | return 0; never executed: return 0; | 0 |
85 | | - |
86 | p += SSL3_BUFFER_get_offset(rbuf); | - |
87 | | - |
88 | | - |
89 | | - |
90 | | - |
91 | | - |
92 | if (*p != SSL3_RT_APPLICATION_DATA)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
93 | return 0; never executed: return 0; | 0 |
94 | | - |
95 | p += 3; | - |
96 | n2s(p, len); | - |
97 | | - |
98 | if (left < SSL3_RT_HEADER_LENGTH + len)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
99 | return 0; never executed: return 0; | 0 |
100 | | - |
101 | return 1; never executed: return 1; | 0 |
102 | } | - |
103 | | - |
104 | int early_data_count_ok(SSL *s, size_t length, size_t overhead, int send) | - |
105 | { | - |
106 | uint32_t max_early_data; | - |
107 | SSL_SESSION *sess = s->session; | - |
108 | | - |
109 | | - |
110 | | - |
111 | | - |
112 | | - |
113 | | - |
114 | if (!s->server && sess->ext.max_early_data == 0) {TRUE | evaluated 53 times by 1 test | FALSE | evaluated 10812 times by 1 test |
TRUE | evaluated 12 times by 1 test | FALSE | evaluated 41 times by 1 test |
| 12-10812 |
115 | if (!ossl_assert(s->psksession != NULLTRUE | never evaluated | FALSE | evaluated 12 times by 1 test |
TRUE | evaluated 12 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 12 times by 1 test | FALSE | never evaluated |
| 0-12 |
116 | && s->psksession->ext.max_early_data > 0)) { | - |
117 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_EARLY_DATA_COUNT_OK, | - |
118 | ERR_R_INTERNAL_ERROR); | - |
119 | return 0; never executed: return 0; | 0 |
120 | } | - |
121 | sess = s->psksession; | - |
122 | }executed 12 times by 1 test: end of block | 12 |
123 | | - |
124 | if (!s->server)TRUE | evaluated 53 times by 1 test | FALSE | evaluated 10812 times by 1 test |
| 53-10812 |
125 | max_early_data = sess->ext.max_early_data;executed 53 times by 1 test: max_early_data = sess->ext.max_early_data; | 53 |
126 | else if (s->ext.early_data != SSL_EARLY_DATA_ACCEPTED)TRUE | evaluated 10791 times by 1 test | FALSE | evaluated 21 times by 1 test |
| 21-10791 |
127 | max_early_data = s->recv_max_early_data;executed 10791 times by 1 test: max_early_data = s->recv_max_early_data; | 10791 |
128 | else | - |
129 | max_early_data = s->recv_max_early_data < sess->ext.max_early_dataexecuted 21 times by 1 test: max_early_data = s->recv_max_early_data < sess->ext.max_early_data ? s->recv_max_early_data : sess->ext.max_early_data; TRUE | never evaluated | FALSE | evaluated 21 times by 1 test |
| 0-21 |
130 | ? s->recv_max_early_data : sess->ext.max_early_data;executed 21 times by 1 test: max_early_data = s->recv_max_early_data < sess->ext.max_early_data ? s->recv_max_early_data : sess->ext.max_early_data; | 21 |
131 | | - |
132 | if (max_early_data == 0) {TRUE | evaluated 3 times by 1 test | FALSE | evaluated 10862 times by 1 test |
| 3-10862 |
133 | SSLfatal(s, send ? SSL_AD_INTERNAL_ERROR : SSL_AD_UNEXPECTED_MESSAGE, | - |
134 | SSL_F_EARLY_DATA_COUNT_OK, SSL_R_TOO_MUCH_EARLY_DATA); | - |
135 | return 0;executed 3 times by 1 test: return 0; | 3 |
136 | } | - |
137 | | - |
138 | | - |
139 | max_early_data += overhead; | - |
140 | | - |
141 | if (s->early_data_count + length > max_early_data) {TRUE | evaluated 2 times by 1 test | FALSE | evaluated 10860 times by 1 test |
| 2-10860 |
142 | SSLfatal(s, send ? SSL_AD_INTERNAL_ERROR : SSL_AD_UNEXPECTED_MESSAGE, | - |
143 | SSL_F_EARLY_DATA_COUNT_OK, SSL_R_TOO_MUCH_EARLY_DATA); | - |
144 | return 0;executed 2 times by 1 test: return 0; | 2 |
145 | } | - |
146 | s->early_data_count += length; | - |
147 | | - |
148 | return 1;executed 10860 times by 1 test: return 1; | 10860 |
149 | } | - |
150 | | - |
151 | | - |
152 | | - |
153 | | - |
154 | | - |
155 | | - |
156 | | - |
157 | #define MAX_EMPTY_RECORDS 32 | - |
158 | | - |
159 | #define SSL2_RT_HEADER_LENGTH 2 | - |
160 | | - |
161 | | - |
162 | | - |
163 | | - |
164 | | - |
165 | | - |
166 | | - |
167 | | - |
168 | | - |
169 | | - |
170 | | - |
171 | | - |
172 | | - |
173 | int ssl3_get_record(SSL *s) | - |
174 | { | - |
175 | int enc_err, rret; | - |
176 | int i; | - |
177 | size_t more, n; | - |
178 | SSL3_RECORD *rr, *thisrr; | - |
179 | SSL3_BUFFER *rbuf; | - |
180 | SSL_SESSION *sess; | - |
181 | unsigned char *p; | - |
182 | unsigned char md[EVP_MAX_MD_SIZE]; | - |
183 | unsigned int version; | - |
184 | size_t mac_size; | - |
185 | int imac_size; | - |
186 | size_t num_recs = 0, max_recs, j; | - |
187 | PACKET pkt, sslv2pkt; | - |
188 | size_t first_rec_len; | - |
189 | | - |
190 | rr = RECORD_LAYER_get_rrec(&s->rlayer); | - |
191 | rbuf = RECORD_LAYER_get_rbuf(&s->rlayer); | - |
192 | max_recs = s->max_pipelines; | - |
193 | if (max_recs == 0)TRUE | evaluated 80271 times by 1 test | FALSE | never evaluated |
| 0-80271 |
194 | max_recs = 1;executed 80271 times by 1 test: max_recs = 1; | 80271 |
195 | sess = s->session; | - |
196 | | - |
197 | do { | - |
198 | thisrr = &rr[num_recs]; | - |
199 | | - |
200 | | - |
201 | if ((RECORD_LAYER_get_rstate(&s->rlayer) != SSL_ST_READ_BODY) ||TRUE | evaluated 74994 times by 1 test | FALSE | evaluated 5277 times by 1 test |
| 5277-74994 |
202 | (RECORD_LAYER_get_packet_length(&s->rlayer)TRUE | never evaluated | FALSE | evaluated 5277 times by 1 test |
| 0-5277 |
203 | < SSL3_RT_HEADER_LENGTH)) {TRUE | never evaluated | FALSE | evaluated 5277 times by 1 test |
| 0-5277 |
204 | size_t sslv2len; | - |
205 | unsigned int type; | - |
206 | | - |
207 | rret = ssl3_read_n(s, SSL3_RT_HEADER_LENGTH, | - |
208 | SSL3_BUFFER_get_len(rbuf), 0, | - |
209 | num_recs == 0 ? 1 : 0, &n); | - |
210 | if (rret <= 0)TRUE | evaluated 23243 times by 1 test | FALSE | evaluated 51751 times by 1 test |
| 23243-51751 |
211 | return rret; executed 23243 times by 1 test: return rret; | 23243 |
212 | RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_BODY); | - |
213 | | - |
214 | p = RECORD_LAYER_get_packet(&s->rlayer); | - |
215 | if (!PACKET_buf_init(&pkt, RECORD_LAYER_get_packet(&s->rlayer),TRUE | never evaluated | FALSE | evaluated 51751 times by 1 test |
| 0-51751 |
216 | RECORD_LAYER_get_packet_length(&s->rlayer))) {TRUE | never evaluated | FALSE | evaluated 51751 times by 1 test |
| 0-51751 |
217 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GET_RECORD, | - |
218 | ERR_R_INTERNAL_ERROR); | - |
219 | return -1; never executed: return -1; | 0 |
220 | } | - |
221 | sslv2pkt = pkt; | - |
222 | if (!PACKET_get_net_2_len(&sslv2pkt, &sslv2len)TRUE | never evaluated | FALSE | evaluated 51751 times by 1 test |
| 0-51751 |
223 | || !PACKET_get_1(&sslv2pkt, &type)) {TRUE | never evaluated | FALSE | evaluated 51751 times by 1 test |
| 0-51751 |
224 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD, | - |
225 | ERR_R_INTERNAL_ERROR); | - |
226 | return -1; never executed: return -1; | 0 |
227 | } | - |
228 | | - |
229 | | - |
230 | | - |
231 | if (s->server && RECORD_LAYER_is_first_record(&s->rlayer)TRUE | evaluated 28754 times by 1 test | FALSE | evaluated 22997 times by 1 test |
TRUE | evaluated 3452 times by 1 test | FALSE | evaluated 25302 times by 1 test |
| 3452-28754 |
232 | && (sslv2len & 0x8000) != 0TRUE | evaluated 190 times by 1 test | FALSE | evaluated 3262 times by 1 test |
| 190-3262 |
233 | && (type == SSL2_MT_CLIENT_HELLO)) {TRUE | evaluated 189 times by 1 test | FALSE | evaluated 1 time by 1 test |
| 1-189 |
234 | | - |
235 | | - |
236 | | - |
237 | | - |
238 | | - |
239 | | - |
240 | | - |
241 | | - |
242 | | - |
243 | thisrr->type = SSL3_RT_HANDSHAKE; | - |
244 | thisrr->rec_version = SSL2_VERSION; | - |
245 | | - |
246 | thisrr->length = sslv2len & 0x7fff; | - |
247 | | - |
248 | if (thisrr->length > SSL3_BUFFER_get_len(rbuf)TRUE | evaluated 1 time by 1 test | FALSE | evaluated 188 times by 1 test |
| 1-188 |
249 | - SSL2_RT_HEADER_LENGTH) {TRUE | evaluated 1 time by 1 test | FALSE | evaluated 188 times by 1 test |
| 1-188 |
250 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
251 | SSL_R_PACKET_LENGTH_TOO_LONG); | - |
252 | return -1;executed 1 time by 1 test: return -1; | 1 |
253 | } | - |
254 | | - |
255 | if (thisrr->length < MIN_SSL2_RECORD_LEN) {TRUE | evaluated 1 time by 1 test | FALSE | evaluated 187 times by 1 test |
| 1-187 |
256 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD, | - |
257 | SSL_R_LENGTH_TOO_SHORT); | - |
258 | return -1;executed 1 time by 1 test: return -1; | 1 |
259 | } | - |
260 | } else {executed 187 times by 1 test: end of block | 187 |
261 | | - |
262 | if (s->msg_callback)TRUE | never evaluated | FALSE | evaluated 51562 times by 1 test |
| 0-51562 |
263 | s->msg_callback(0, 0, SSL3_RT_HEADER, p, 5, s, never executed: s->msg_callback(0, 0, 0x100, p, 5, s, s->msg_callback_arg); | 0 |
264 | s->msg_callback_arg); never executed: s->msg_callback(0, 0, 0x100, p, 5, s, s->msg_callback_arg); | 0 |
265 | | - |
266 | | - |
267 | if (!PACKET_get_1(&pkt, &type)TRUE | never evaluated | FALSE | evaluated 51562 times by 1 test |
| 0-51562 |
268 | || !PACKET_get_net_2(&pkt, &version)TRUE | never evaluated | FALSE | evaluated 51562 times by 1 test |
| 0-51562 |
269 | || !PACKET_get_net_2_len(&pkt, &thisrr->length)) {TRUE | never evaluated | FALSE | evaluated 51562 times by 1 test |
| 0-51562 |
270 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD, | - |
271 | ERR_R_INTERNAL_ERROR); | - |
272 | return -1; never executed: return -1; | 0 |
273 | } | - |
274 | thisrr->type = type; | - |
275 | thisrr->rec_version = version; | - |
276 | | - |
277 | | - |
278 | | - |
279 | | - |
280 | | - |
281 | | - |
282 | | - |
283 | | - |
284 | if (!s->first_packet && !SSL_IS_TLS13(s)TRUE | evaluated 39582 times by 1 test | FALSE | evaluated 11980 times by 1 test |
TRUE | evaluated 39582 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 23471 times by 1 test | FALSE | evaluated 16111 times by 1 test |
TRUE | evaluated 23209 times by 1 test | FALSE | evaluated 262 times by 1 test |
| 0-39582 |
285 | && s->hello_retry_request != SSL_HRR_PENDINGTRUE | evaluated 16111 times by 1 test | FALSE | evaluated 262 times by 1 test |
| 262-16111 |
286 | && version != (unsigned int)s->version) {TRUE | evaluated 60 times by 1 test | FALSE | evaluated 16051 times by 1 test |
| 60-16051 |
287 | if ((s->version & 0xFF00) == (version & 0xFF00)TRUE | evaluated 27 times by 1 test | FALSE | evaluated 33 times by 1 test |
| 27-33 |
288 | && !s->enc_write_ctx && !s->write_hash) {TRUE | evaluated 24 times by 1 test | FALSE | evaluated 3 times by 1 test |
TRUE | evaluated 24 times by 1 test | FALSE | never evaluated |
| 0-24 |
289 | if (thisrr->type == SSL3_RT_ALERT) {TRUE | evaluated 20 times by 1 test | FALSE | evaluated 4 times by 1 test |
| 4-20 |
290 | | - |
291 | | - |
292 | | - |
293 | | - |
294 | | - |
295 | | - |
296 | | - |
297 | | - |
298 | SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD, | - |
299 | SSL_R_WRONG_VERSION_NUMBER); | - |
300 | return -1;executed 20 times by 1 test: return -1; | 20 |
301 | } | - |
302 | | - |
303 | | - |
304 | | - |
305 | s->version = (unsigned short)version; | - |
306 | }executed 4 times by 1 test: end of block | 4 |
307 | SSLfatal(s, SSL_AD_PROTOCOL_VERSION, SSL_F_SSL3_GET_RECORD, | - |
308 | SSL_R_WRONG_VERSION_NUMBER); | - |
309 | return -1;executed 40 times by 1 test: return -1; | 40 |
310 | } | - |
311 | | - |
312 | if ((version >> 8) != SSL3_VERSION_MAJOR) {TRUE | evaluated 94 times by 1 test | FALSE | evaluated 51408 times by 1 test |
| 94-51408 |
313 | if (RECORD_LAYER_is_first_record(&s->rlayer)) {TRUE | evaluated 13 times by 1 test | FALSE | evaluated 81 times by 1 test |
| 13-81 |
314 | | - |
315 | | - |
316 | p = RECORD_LAYER_get_packet(&s->rlayer); | - |
317 | if (strncmp((char *)p, "GET ", 4) == 0 || never executed: __result = (((const unsigned char *) (const char *) ( (char *)p ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "GET " ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 2 times by 1 test | FALSE | evaluated 11 times by 1 test |
TRUE | evaluated 13 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 13 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 13 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-13 |
318 | strncmp((char *)p, "POST ", 5) == 0 || never executed: __result = (((const unsigned char *) (const char *) ( (char *)p ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "POST " ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 2 times by 1 test | FALSE | evaluated 9 times by 1 test |
TRUE | evaluated 11 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 11 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 11 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 11 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-11 |
319 | strncmp((char *)p, "HEAD ", 5) == 0 || never executed: __result = (((const unsigned char *) (const char *) ( (char *)p ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "HEAD " ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 2 times by 1 test | FALSE | evaluated 7 times by 1 test |
TRUE | evaluated 9 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 9 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 9 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 9 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-9 |
320 | strncmp((char *)p, "PUT ", 4) == 0) { never executed: __result = (((const unsigned char *) (const char *) ( (char *)p ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "PUT " ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 2 times by 1 test | FALSE | evaluated 5 times by 1 test |
TRUE | evaluated 7 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 7 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 7 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-7 |
321 | SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD, | - |
322 | SSL_R_HTTP_REQUEST); | - |
323 | return -1;executed 8 times by 1 test: return -1; | 8 |
324 | } else if (strncmp((char *)p, "CONNE", 5) == 0) { never executed: __result = (((const unsigned char *) (const char *) ( (char *)p ))[3] - __s2[3]); never executed: end of block never executed: end of block never executed: __result = (((const unsigned char *) (const char *) ( "CONNE" ))[3] - __s2[3]); never executed: end of block never executed: end of block TRUE | evaluated 2 times by 1 test | FALSE | evaluated 3 times by 1 test |
TRUE | evaluated 5 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | evaluated 5 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | evaluated 5 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-5 |
325 | SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD, | - |
326 | SSL_R_HTTPS_PROXY_REQUEST); | - |
327 | return -1;executed 2 times by 1 test: return -1; | 2 |
328 | } | - |
329 | | - |
330 | | - |
331 | SSLfatal(s, SSL_AD_NO_ALERT, SSL_F_SSL3_GET_RECORD, | - |
332 | SSL_R_WRONG_VERSION_NUMBER); | - |
333 | return -1;executed 3 times by 1 test: return -1; | 3 |
334 | } else { | - |
335 | SSLfatal(s, SSL_AD_PROTOCOL_VERSION, | - |
336 | SSL_F_SSL3_GET_RECORD, | - |
337 | SSL_R_WRONG_VERSION_NUMBER); | - |
338 | return -1;executed 81 times by 1 test: return -1; | 81 |
339 | } | - |
340 | } | - |
341 | | - |
342 | if (SSL_IS_TLS13(s) && s->enc_read_ctx != NULL) {TRUE | evaluated 51408 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 35357 times by 1 test | FALSE | evaluated 16051 times by 1 test |
TRUE | evaluated 23135 times by 1 test | FALSE | evaluated 12222 times by 1 test |
TRUE | evaluated 22537 times by 1 test | FALSE | evaluated 598 times by 1 test |
| 0-51408 |
343 | if (thisrr->type != SSL3_RT_APPLICATION_DATATRUE | evaluated 1157 times by 1 test | FALSE | evaluated 21380 times by 1 test |
| 1157-21380 |
344 | && (thisrr->type != SSL3_RT_CHANGE_CIPHER_SPECTRUE | evaluated 31 times by 1 test | FALSE | evaluated 1126 times by 1 test |
| 31-1126 |
345 | || !SSL_IS_FIRST_HANDSHAKE(s))TRUE | evaluated 572 times by 1 test | FALSE | evaluated 554 times by 1 test |
TRUE | evaluated 554 times by 1 test | FALSE | never evaluated |
| 0-572 |
346 | && (thisrr->type != SSL3_RT_ALERTTRUE | evaluated 6 times by 1 test | FALSE | evaluated 25 times by 1 test |
| 6-25 |
347 | || s->statem.enc_read_stateTRUE | evaluated 1 time by 1 test | FALSE | evaluated 24 times by 1 test |
| 1-24 |
348 | != ENC_READ_STATE_ALLOW_PLAIN_ALERTS)) {TRUE | evaluated 1 time by 1 test | FALSE | evaluated 24 times by 1 test |
| 1-24 |
349 | SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, | - |
350 | SSL_F_SSL3_GET_RECORD, SSL_R_BAD_RECORD_TYPE); | - |
351 | return -1;executed 7 times by 1 test: return -1; | 7 |
352 | } | - |
353 | if (thisrr->rec_version != TLS1_2_VERSION) {TRUE | evaluated 7 times by 1 test | FALSE | evaluated 22523 times by 1 test |
| 7-22523 |
354 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD, | - |
355 | SSL_R_WRONG_VERSION_NUMBER); | - |
356 | return -1;executed 7 times by 1 test: return -1; | 7 |
357 | } | - |
358 | }executed 22523 times by 1 test: end of block | 22523 |
359 | | - |
360 | if (thisrr->length >TRUE | evaluated 2 times by 1 test | FALSE | evaluated 51392 times by 1 test |
| 2-51392 |
361 | SSL3_BUFFER_get_len(rbuf) - SSL3_RT_HEADER_LENGTH) {TRUE | evaluated 2 times by 1 test | FALSE | evaluated 51392 times by 1 test |
| 2-51392 |
362 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
363 | SSL_R_PACKET_LENGTH_TOO_LONG); | - |
364 | return -1;executed 2 times by 1 test: return -1; | 2 |
365 | } | - |
366 | }executed 51392 times by 1 test: end of block | 51392 |
367 | | - |
368 | | - |
369 | } | - |
370 | | - |
371 | if (SSL_IS_TLS13(s)) {TRUE | evaluated 56856 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 39895 times by 1 test | FALSE | evaluated 16961 times by 1 test |
TRUE | evaluated 26463 times by 1 test | FALSE | evaluated 13432 times by 1 test |
| 0-56856 |
372 | if (thisrr->length > SSL3_RT_MAX_TLS13_ENCRYPTED_LENGTH) {TRUE | evaluated 3 times by 1 test | FALSE | evaluated 26460 times by 1 test |
| 3-26460 |
373 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
374 | SSL_R_ENCRYPTED_LENGTH_TOO_LONG); | - |
375 | return -1;executed 3 times by 1 test: return -1; | 3 |
376 | } | - |
377 | } else {executed 26460 times by 1 test: end of block | 26460 |
378 | size_t len = SSL3_RT_MAX_ENCRYPTED_LENGTH; | - |
379 | | - |
380 | #ifndef OPENSSL_NO_COMP | - |
381 | | - |
382 | | - |
383 | | - |
384 | | - |
385 | if (s->expand == NULL)TRUE | evaluated 30393 times by 1 test | FALSE | never evaluated |
| 0-30393 |
386 | len -= SSL3_RT_MAX_COMPRESSED_OVERHEAD;executed 30393 times by 1 test: len -= 1024; | 30393 |
387 | #endif | - |
388 | | - |
389 | if (thisrr->length > len) {TRUE | evaluated 3 times by 1 test | FALSE | evaluated 30390 times by 1 test |
| 3-30390 |
390 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
391 | SSL_R_ENCRYPTED_LENGTH_TOO_LONG); | - |
392 | return -1;executed 3 times by 1 test: return -1; | 3 |
393 | } | - |
394 | }executed 30390 times by 1 test: end of block | 30390 |
395 | | - |
396 | | - |
397 | | - |
398 | | - |
399 | | - |
400 | | - |
401 | if (thisrr->rec_version == SSL2_VERSION) {TRUE | evaluated 188 times by 1 test | FALSE | evaluated 56662 times by 1 test |
| 188-56662 |
402 | more = thisrr->length + SSL2_RT_HEADER_LENGTH | - |
403 | - SSL3_RT_HEADER_LENGTH; | - |
404 | } else {executed 188 times by 1 test: end of block | 188 |
405 | more = thisrr->length; | - |
406 | }executed 56662 times by 1 test: end of block | 56662 |
407 | if (more > 0) {TRUE | evaluated 55254 times by 1 test | FALSE | evaluated 1596 times by 1 test |
| 1596-55254 |
408 | | - |
409 | | - |
410 | rret = ssl3_read_n(s, more, more, 1, 0, &n); | - |
411 | if (rret <= 0)TRUE | evaluated 5306 times by 1 test | FALSE | evaluated 49948 times by 1 test |
| 5306-49948 |
412 | return rret; executed 5306 times by 1 test: return rret; | 5306 |
413 | }executed 49948 times by 1 test: end of block | 49948 |
414 | | - |
415 | | - |
416 | RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_HEADER); | - |
417 | | - |
418 | | - |
419 | | - |
420 | | - |
421 | | - |
422 | | - |
423 | if (thisrr->rec_version == SSL2_VERSION) {TRUE | evaluated 186 times by 1 test | FALSE | evaluated 51358 times by 1 test |
| 186-51358 |
424 | thisrr->input = | - |
425 | &(RECORD_LAYER_get_packet(&s->rlayer)[SSL2_RT_HEADER_LENGTH]); | - |
426 | } else {executed 186 times by 1 test: end of block | 186 |
427 | thisrr->input = | - |
428 | &(RECORD_LAYER_get_packet(&s->rlayer)[SSL3_RT_HEADER_LENGTH]); | - |
429 | }executed 51358 times by 1 test: end of block | 51358 |
430 | | - |
431 | | - |
432 | | - |
433 | | - |
434 | | - |
435 | | - |
436 | | - |
437 | | - |
438 | | - |
439 | | - |
440 | | - |
441 | | - |
442 | | - |
443 | | - |
444 | | - |
445 | thisrr->data = thisrr->input; | - |
446 | thisrr->orig_len = thisrr->length; | - |
447 | | - |
448 | | - |
449 | thisrr->read = 0; | - |
450 | | - |
451 | num_recs++; | - |
452 | | - |
453 | | - |
454 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
455 | RECORD_LAYER_clear_first_record(&s->rlayer); | - |
456 | } while (num_recs < max_recsexecuted 51544 times by 1 test: end of block TRUE | never evaluated | FALSE | evaluated 51544 times by 1 test |
| 0-51544 |
457 | && thisrr->type == SSL3_RT_APPLICATION_DATATRUE | never evaluated | FALSE | never evaluated |
| 0 |
458 | && SSL_USE_EXPLICIT_IV(s)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
459 | && s->enc_read_ctx != NULLTRUE | never evaluated | FALSE | never evaluated |
| 0 |
460 | && (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_read_ctx))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
461 | & EVP_CIPH_FLAG_PIPELINE)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
462 | && ssl3_record_app_data_waiting(s));TRUE | never evaluated | FALSE | never evaluated |
| 0 |
463 | | - |
464 | if (num_recs == 1TRUE | evaluated 51544 times by 1 test | FALSE | never evaluated |
| 0-51544 |
465 | && thisrr->type == SSL3_RT_CHANGE_CIPHER_SPECTRUE | evaluated 3903 times by 1 test | FALSE | evaluated 47641 times by 1 test |
| 3903-47641 |
466 | && (SSL_IS_TLS13(s) || s->hello_retry_request != SSL_HRR_NONE)TRUE | evaluated 3903 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 1674 times by 1 test | FALSE | evaluated 2229 times by 1 test |
TRUE | evaluated 1221 times by 1 test | FALSE | evaluated 453 times by 1 test |
TRUE | evaluated 66 times by 1 test | FALSE | evaluated 2616 times by 1 test |
| 0-3903 |
467 | && SSL_IS_FIRST_HANDSHAKE(s)) {TRUE | evaluated 734 times by 1 test | FALSE | evaluated 553 times by 1 test |
TRUE | evaluated 553 times by 1 test | FALSE | never evaluated |
| 0-734 |
468 | | - |
469 | | - |
470 | | - |
471 | if (thisrr->length != 1 || thisrr->data[0] != 0x01) {TRUE | evaluated 4 times by 1 test | FALSE | evaluated 1283 times by 1 test |
TRUE | evaluated 3 times by 1 test | FALSE | evaluated 1280 times by 1 test |
| 3-1283 |
472 | SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_SSL3_GET_RECORD, | - |
473 | SSL_R_INVALID_CCS_MESSAGE); | - |
474 | return -1;executed 7 times by 1 test: return -1; | 7 |
475 | } | - |
476 | | - |
477 | | - |
478 | | - |
479 | | - |
480 | thisrr->type = SSL3_RT_HANDSHAKE; | - |
481 | RECORD_LAYER_inc_empty_record_count(&s->rlayer); | - |
482 | if (RECORD_LAYER_get_empty_record_count(&s->rlayer)TRUE | evaluated 1 time by 1 test | FALSE | evaluated 1279 times by 1 test |
| 1-1279 |
483 | > MAX_EMPTY_RECORDS) {TRUE | evaluated 1 time by 1 test | FALSE | evaluated 1279 times by 1 test |
| 1-1279 |
484 | SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_GET_RECORD, | - |
485 | SSL_R_UNEXPECTED_CCS_MESSAGE); | - |
486 | return -1;executed 1 time by 1 test: return -1; | 1 |
487 | } | - |
488 | thisrr->read = 1; | - |
489 | RECORD_LAYER_set_numrpipes(&s->rlayer, 1); | - |
490 | | - |
491 | return 1;executed 1279 times by 1 test: return 1; | 1279 |
492 | } | - |
493 | | - |
494 | | - |
495 | | - |
496 | | - |
497 | | - |
498 | if (SSL_READ_ETM(s) && s->read_hash) {TRUE | evaluated 4686 times by 1 test | FALSE | evaluated 45571 times by 1 test |
TRUE | evaluated 4686 times by 1 test | FALSE | never evaluated |
| 0-45571 |
499 | unsigned char *mac; | - |
500 | | - |
501 | imac_size = EVP_MD_CTX_size(s->read_hash); | - |
502 | if (!ossl_assert(imac_size >= 0 && imac_size <= EVP_MAX_MD_SIZE)) {TRUE | never evaluated | FALSE | evaluated 4686 times by 1 test |
TRUE | evaluated 4686 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 4686 times by 1 test | FALSE | never evaluated |
| 0-4686 |
503 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GET_RECORD, | - |
504 | ERR_LIB_EVP); | - |
505 | return -1; never executed: return -1; | 0 |
506 | } | - |
507 | mac_size = (size_t)imac_size; | - |
508 | for (j = 0; j < num_recs; j++) {TRUE | evaluated 4686 times by 1 test | FALSE | evaluated 4647 times by 1 test |
| 4647-4686 |
509 | thisrr = &rr[j]; | - |
510 | | - |
511 | if (thisrr->length < mac_size) {TRUE | evaluated 2 times by 1 test | FALSE | evaluated 4684 times by 1 test |
| 2-4684 |
512 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD, | - |
513 | SSL_R_LENGTH_TOO_SHORT); | - |
514 | return -1;executed 2 times by 1 test: return -1; | 2 |
515 | } | - |
516 | thisrr->length -= mac_size; | - |
517 | mac = thisrr->data + thisrr->length; | - |
518 | i = s->method->ssl3_enc->mac(s, thisrr, md, 0 ); | - |
519 | if (i == 0 || CRYPTO_memcmp(md, mac, mac_size) != 0) {TRUE | never evaluated | FALSE | evaluated 4684 times by 1 test |
TRUE | evaluated 37 times by 1 test | FALSE | evaluated 4647 times by 1 test |
| 0-4684 |
520 | SSLfatal(s, SSL_AD_BAD_RECORD_MAC, SSL_F_SSL3_GET_RECORD, | - |
521 | SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); | - |
522 | return -1;executed 37 times by 1 test: return -1; | 37 |
523 | } | - |
524 | }executed 4647 times by 1 test: end of block | 4647 |
525 | }executed 4647 times by 1 test: end of block | 4647 |
526 | | - |
527 | first_rec_len = rr[0].length; | - |
528 | | - |
529 | enc_err = s->method->ssl3_enc->enc(s, rr, num_recs, 0); | - |
530 | | - |
531 | | - |
532 | | - |
533 | | - |
534 | | - |
535 | | - |
536 | | - |
537 | if (enc_err == 0) {TRUE | evaluated 43 times by 1 test | FALSE | evaluated 50175 times by 1 test |
| 43-50175 |
538 | if (ossl_statem_in_error(s)) {TRUE | never evaluated | FALSE | evaluated 43 times by 1 test |
| 0-43 |
539 | | - |
540 | return -1; never executed: return -1; | 0 |
541 | } | - |
542 | if (num_recs == 1 && ossl_statem_skip_early_data(s)) {TRUE | evaluated 43 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 2 times by 1 test | FALSE | evaluated 41 times by 1 test |
| 0-43 |
543 | | - |
544 | | - |
545 | | - |
546 | | - |
547 | | - |
548 | thisrr = &rr[0]; | - |
549 | | - |
550 | if (!early_data_count_ok(s, thisrr->length,TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
551 | EARLY_DATA_CIPHERTEXT_OVERHEAD, 0)) {TRUE | never evaluated | FALSE | evaluated 2 times by 1 test |
| 0-2 |
552 | | - |
553 | return -1; never executed: return -1; | 0 |
554 | } | - |
555 | | - |
556 | thisrr->length = 0; | - |
557 | thisrr->read = 1; | - |
558 | RECORD_LAYER_set_numrpipes(&s->rlayer, 1); | - |
559 | RECORD_LAYER_reset_read_sequence(&s->rlayer); | - |
560 | return 1;executed 2 times by 1 test: return 1; | 2 |
561 | } | - |
562 | SSLfatal(s, SSL_AD_DECRYPTION_FAILED, SSL_F_SSL3_GET_RECORD, | - |
563 | SSL_R_BLOCK_CIPHER_PAD_IS_WRONG); | - |
564 | return -1;executed 41 times by 1 test: return -1; | 41 |
565 | } | - |
566 | #ifdef SSL_DEBUG | - |
567 | printf("dec %lu\n", (unsigned long)rr[0].length); | - |
568 | { | - |
569 | size_t z; | - |
570 | for (z = 0; z < rr[0].length; z++) | - |
571 | printf("%02X%c", rr[0].data[z], ((z + 1) % 16) ? ' ' : '\n'); | - |
572 | } | - |
573 | printf("\n"); | - |
574 | #endif | - |
575 | | - |
576 | | - |
577 | if ((sess != NULL) &&TRUE | evaluated 43189 times by 1 test | FALSE | evaluated 6986 times by 1 test |
| 6986-43189 |
578 | (s->enc_read_ctx != NULL) &&TRUE | evaluated 28442 times by 1 test | FALSE | evaluated 14747 times by 1 test |
| 14747-28442 |
579 | (!SSL_READ_ETM(s) && EVP_MD_CTX_md(s->read_hash) != NULL)) {TRUE | evaluated 23795 times by 1 test | FALSE | evaluated 4647 times by 1 test |
TRUE | evaluated 195 times by 1 test | FALSE | evaluated 23600 times by 1 test |
| 195-23795 |
580 | | - |
581 | unsigned char *mac = NULL; | - |
582 | unsigned char mac_tmp[EVP_MAX_MD_SIZE]; | - |
583 | | - |
584 | mac_size = EVP_MD_CTX_size(s->read_hash); | - |
585 | if (!ossl_assert(mac_size <= EVP_MAX_MD_SIZE)) {TRUE | never evaluated | FALSE | evaluated 195 times by 1 test |
| 0-195 |
586 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GET_RECORD, | - |
587 | ERR_R_INTERNAL_ERROR); | - |
588 | return -1; never executed: return -1; | 0 |
589 | } | - |
590 | | - |
591 | for (j = 0; j < num_recs; j++) {TRUE | evaluated 195 times by 1 test | FALSE | evaluated 195 times by 1 test |
| 195 |
592 | thisrr = &rr[j]; | - |
593 | | - |
594 | | - |
595 | | - |
596 | | - |
597 | | - |
598 | | - |
599 | if (thisrr->orig_len < mac_size ||TRUE | never evaluated | FALSE | evaluated 195 times by 1 test |
| 0-195 |
600 | | - |
601 | (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&TRUE | evaluated 180 times by 1 test | FALSE | evaluated 15 times by 1 test |
| 15-180 |
602 | thisrr->orig_len < mac_size + 1)) {TRUE | never evaluated | FALSE | evaluated 180 times by 1 test |
| 0-180 |
603 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_SSL3_GET_RECORD, | - |
604 | SSL_R_LENGTH_TOO_SHORT); | - |
605 | return -1; never executed: return -1; | 0 |
606 | } | - |
607 | | - |
608 | if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {TRUE | evaluated 180 times by 1 test | FALSE | evaluated 15 times by 1 test |
| 15-180 |
609 | | - |
610 | | - |
611 | | - |
612 | | - |
613 | | - |
614 | | - |
615 | mac = mac_tmp; | - |
616 | if (!ssl3_cbc_copy_mac(mac_tmp, thisrr, mac_size)) {TRUE | never evaluated | FALSE | evaluated 180 times by 1 test |
| 0-180 |
617 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_GET_RECORD, | - |
618 | ERR_R_INTERNAL_ERROR); | - |
619 | return -1; never executed: return -1; | 0 |
620 | } | - |
621 | thisrr->length -= mac_size; | - |
622 | } else {executed 180 times by 1 test: end of block | 180 |
623 | | - |
624 | | - |
625 | | - |
626 | | - |
627 | | - |
628 | thisrr->length -= mac_size; | - |
629 | mac = &thisrr->data[thisrr->length]; | - |
630 | }executed 15 times by 1 test: end of block | 15 |
631 | | - |
632 | i = s->method->ssl3_enc->mac(s, thisrr, md, 0 ); | - |
633 | if (i == 0 || mac == NULLTRUE | never evaluated | FALSE | evaluated 195 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 195 times by 1 test |
| 0-195 |
634 | || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0)TRUE | evaluated 125 times by 1 test | FALSE | evaluated 70 times by 1 test |
| 70-125 |
635 | enc_err = -1;executed 125 times by 1 test: enc_err = -1; | 125 |
636 | if (thisrr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)TRUE | never evaluated | FALSE | evaluated 195 times by 1 test |
| 0-195 |
637 | enc_err = -1; never executed: enc_err = -1; | 0 |
638 | }executed 195 times by 1 test: end of block | 195 |
639 | }executed 195 times by 1 test: end of block | 195 |
640 | | - |
641 | if (enc_err < 0) {TRUE | evaluated 10883 times by 1 test | FALSE | evaluated 39292 times by 1 test |
| 10883-39292 |
642 | if (ossl_statem_in_error(s)) {TRUE | evaluated 13 times by 1 test | FALSE | evaluated 10870 times by 1 test |
| 13-10870 |
643 | | - |
644 | return -1;executed 13 times by 1 test: return -1; | 13 |
645 | } | - |
646 | if (num_recs == 1 && ossl_statem_skip_early_data(s)) {TRUE | evaluated 10870 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 10573 times by 1 test | FALSE | evaluated 297 times by 1 test |
| 0-10870 |
647 | | - |
648 | | - |
649 | | - |
650 | | - |
651 | | - |
652 | | - |
653 | | - |
654 | | - |
655 | | - |
656 | if (!early_data_count_ok(s, first_rec_len,TRUE | evaluated 4 times by 1 test | FALSE | evaluated 10569 times by 1 test |
| 4-10569 |
657 | EARLY_DATA_CIPHERTEXT_OVERHEAD, 0)) {TRUE | evaluated 4 times by 1 test | FALSE | evaluated 10569 times by 1 test |
| 4-10569 |
658 | | - |
659 | return -1;executed 4 times by 1 test: return -1; | 4 |
660 | } | - |
661 | | - |
662 | thisrr = &rr[0]; | - |
663 | thisrr->length = 0; | - |
664 | thisrr->read = 1; | - |
665 | RECORD_LAYER_set_numrpipes(&s->rlayer, 1); | - |
666 | RECORD_LAYER_reset_read_sequence(&s->rlayer); | - |
667 | return 1;executed 10569 times by 1 test: return 1; | 10569 |
668 | } | - |
669 | | - |
670 | | - |
671 | | - |
672 | | - |
673 | | - |
674 | | - |
675 | | - |
676 | SSLfatal(s, SSL_AD_BAD_RECORD_MAC, SSL_F_SSL3_GET_RECORD, | - |
677 | SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); | - |
678 | return -1;executed 297 times by 1 test: return -1; | 297 |
679 | } | - |
680 | | - |
681 | for (j = 0; j < num_recs; j++) {TRUE | evaluated 39292 times by 1 test | FALSE | evaluated 39283 times by 1 test |
| 39283-39292 |
682 | thisrr = &rr[j]; | - |
683 | | - |
684 | | - |
685 | if (s->expand != NULL) {TRUE | never evaluated | FALSE | evaluated 39292 times by 1 test |
| 0-39292 |
686 | if (thisrr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
687 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
688 | SSL_R_COMPRESSED_LENGTH_TOO_LONG); | - |
689 | return -1; never executed: return -1; | 0 |
690 | } | - |
691 | if (!ssl3_do_uncompress(s, thisrr)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
692 | SSLfatal(s, SSL_AD_DECOMPRESSION_FAILURE, SSL_F_SSL3_GET_RECORD, | - |
693 | SSL_R_BAD_DECOMPRESSION); | - |
694 | return -1; never executed: return -1; | 0 |
695 | } | - |
696 | } never executed: end of block | 0 |
697 | | - |
698 | if (SSL_IS_TLS13(s)TRUE | evaluated 39292 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 23612 times by 1 test | FALSE | evaluated 15680 times by 1 test |
TRUE | evaluated 11280 times by 1 test | FALSE | evaluated 12332 times by 1 test |
| 0-39292 |
699 | && s->enc_read_ctx != NULLTRUE | evaluated 10779 times by 1 test | FALSE | evaluated 501 times by 1 test |
| 501-10779 |
700 | && thisrr->type != SSL3_RT_ALERT) {TRUE | evaluated 10756 times by 1 test | FALSE | evaluated 23 times by 1 test |
| 23-10756 |
701 | size_t end; | - |
702 | | - |
703 | if (thisrr->length == 0TRUE | never evaluated | FALSE | evaluated 10756 times by 1 test |
| 0-10756 |
704 | || thisrr->type != SSL3_RT_APPLICATION_DATA) {TRUE | never evaluated | FALSE | evaluated 10756 times by 1 test |
| 0-10756 |
705 | SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_GET_RECORD, | - |
706 | SSL_R_BAD_RECORD_TYPE); | - |
707 | return -1; never executed: return -1; | 0 |
708 | } | - |
709 | | - |
710 | | - |
711 | for (end = thisrr->length - 1; end > 0 && thisrr->data[end] == 0;TRUE | evaluated 11105 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 349 times by 1 test | FALSE | evaluated 10756 times by 1 test |
| 0-11105 |
712 | end--) | - |
713 | continue;executed 349 times by 1 test: continue; | 349 |
714 | | - |
715 | thisrr->length = end; | - |
716 | thisrr->type = thisrr->data[end]; | - |
717 | if (thisrr->type != SSL3_RT_APPLICATION_DATATRUE | evaluated 4720 times by 1 test | FALSE | evaluated 6036 times by 1 test |
| 4720-6036 |
718 | && thisrr->type != SSL3_RT_ALERTTRUE | evaluated 4118 times by 1 test | FALSE | evaluated 602 times by 1 test |
| 602-4118 |
719 | && thisrr->type != SSL3_RT_HANDSHAKE) {TRUE | never evaluated | FALSE | evaluated 4118 times by 1 test |
| 0-4118 |
720 | SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_GET_RECORD, | - |
721 | SSL_R_BAD_RECORD_TYPE); | - |
722 | return -1; never executed: return -1; | 0 |
723 | } | - |
724 | if (s->msg_callback)TRUE | never evaluated | FALSE | evaluated 10756 times by 1 test |
| 0-10756 |
725 | s->msg_callback(0, s->version, SSL3_RT_INNER_CONTENT_TYPE, never executed: s->msg_callback(0, s->version, 0x101, &thisrr->data[end], 1, s, s->msg_callback_arg); | 0 |
726 | &thisrr->data[end], 1, s, s->msg_callback_arg); never executed: s->msg_callback(0, s->version, 0x101, &thisrr->data[end], 1, s, s->msg_callback_arg); | 0 |
727 | }executed 10756 times by 1 test: end of block | 10756 |
728 | | - |
729 | | - |
730 | | - |
731 | | - |
732 | | - |
733 | if (SSL_IS_TLS13(s)TRUE | evaluated 39292 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 23612 times by 1 test | FALSE | evaluated 15680 times by 1 test |
TRUE | evaluated 11280 times by 1 test | FALSE | evaluated 12332 times by 1 test |
| 0-39292 |
734 | && (thisrr->type == SSL3_RT_HANDSHAKETRUE | evaluated 4395 times by 1 test | FALSE | evaluated 6885 times by 1 test |
| 4395-6885 |
735 | || thisrr->type == SSL3_RT_ALERT)TRUE | evaluated 633 times by 1 test | FALSE | evaluated 6252 times by 1 test |
| 633-6252 |
736 | && thisrr->length == 0) {TRUE | evaluated 2 times by 1 test | FALSE | evaluated 5026 times by 1 test |
| 2-5026 |
737 | SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_GET_RECORD, | - |
738 | SSL_R_BAD_LENGTH); | - |
739 | return -1;executed 2 times by 1 test: return -1; | 2 |
740 | } | - |
741 | | - |
742 | if (thisrr->length > SSL3_RT_MAX_PLAIN_LENGTH) {TRUE | evaluated 3 times by 1 test | FALSE | evaluated 39287 times by 1 test |
| 3-39287 |
743 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
744 | SSL_R_DATA_LENGTH_TOO_LONG); | - |
745 | return -1;executed 3 times by 1 test: return -1; | 3 |
746 | } | - |
747 | | - |
748 | | - |
749 | if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session)TRUE | evaluated 32305 times by 1 test | FALSE | evaluated 6982 times by 1 test |
TRUE | evaluated 152 times by 1 test | FALSE | evaluated 32153 times by 1 test |
TRUE | evaluated 152 times by 1 test | FALSE | never evaluated |
| 0-32305 |
750 | && thisrr->length > GET_MAX_FRAGMENT_LENGTH(s->session)) {TRUE | evaluated 1 time by 1 test | FALSE | evaluated 151 times by 1 test |
| 1-151 |
751 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_SSL3_GET_RECORD, | - |
752 | SSL_R_DATA_LENGTH_TOO_LONG); | - |
753 | return -1;executed 1 time by 1 test: return -1; | 1 |
754 | } | - |
755 | | - |
756 | thisrr->off = 0; | - |
757 | | - |
758 | | - |
759 | | - |
760 | | - |
761 | | - |
762 | | - |
763 | | - |
764 | | - |
765 | | - |
766 | if (thisrr->length == 0) {TRUE | evaluated 1929 times by 1 test | FALSE | evaluated 37357 times by 1 test |
| 1929-37357 |
767 | RECORD_LAYER_inc_empty_record_count(&s->rlayer); | - |
768 | if (RECORD_LAYER_get_empty_record_count(&s->rlayer)TRUE | evaluated 3 times by 1 test | FALSE | evaluated 1926 times by 1 test |
| 3-1926 |
769 | > MAX_EMPTY_RECORDS) {TRUE | evaluated 3 times by 1 test | FALSE | evaluated 1926 times by 1 test |
| 3-1926 |
770 | SSLfatal(s, SSL_AD_UNEXPECTED_MESSAGE, SSL_F_SSL3_GET_RECORD, | - |
771 | SSL_R_RECORD_TOO_SMALL); | - |
772 | return -1;executed 3 times by 1 test: return -1; | 3 |
773 | } | - |
774 | } else {executed 1926 times by 1 test: end of block | 1926 |
775 | RECORD_LAYER_reset_empty_record_count(&s->rlayer); | - |
776 | }executed 37357 times by 1 test: end of block | 37357 |
777 | } | - |
778 | | - |
779 | if (s->early_data_state == SSL_EARLY_DATA_READING) {TRUE | evaluated 31 times by 1 test | FALSE | evaluated 39252 times by 1 test |
| 31-39252 |
780 | thisrr = &rr[0]; | - |
781 | if (thisrr->type == SSL3_RT_APPLICATION_DATATRUE | evaluated 21 times by 1 test | FALSE | evaluated 10 times by 1 test |
| 10-21 |
782 | && !early_data_count_ok(s, thisrr->length, 0, 0)) {TRUE | never evaluated | FALSE | evaluated 21 times by 1 test |
| 0-21 |
783 | | - |
784 | return -1; never executed: return -1; | 0 |
785 | } | - |
786 | }executed 31 times by 1 test: end of block | 31 |
787 | | - |
788 | RECORD_LAYER_set_numrpipes(&s->rlayer, num_recs); | - |
789 | return 1;executed 39283 times by 1 test: return 1; | 39283 |
790 | } | - |
791 | | - |
792 | int ssl3_do_uncompress(SSL *ssl, SSL3_RECORD *rr) | - |
793 | { | - |
794 | #ifndef OPENSSL_NO_COMP | - |
795 | int i; | - |
796 | | - |
797 | if (rr->comp == NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
798 | rr->comp = (unsigned char *) | - |
799 | OPENSSL_malloc(SSL3_RT_MAX_ENCRYPTED_LENGTH); | - |
800 | } never executed: end of block | 0 |
801 | if (rr->comp == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
802 | return 0; never executed: return 0; | 0 |
803 | | - |
804 | | - |
805 | i = COMP_expand_block(ssl->expand, rr->comp, | - |
806 | SSL3_RT_MAX_PLAIN_LENGTH, rr->data, (int)rr->length); | - |
807 | if (i < 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
808 | return 0; never executed: return 0; | 0 |
809 | else | - |
810 | rr->length = i; never executed: rr->length = i; | 0 |
811 | rr->data = rr->comp; | - |
812 | #endif | - |
813 | return 1; never executed: return 1; | 0 |
814 | } | - |
815 | | - |
816 | int ssl3_do_compress(SSL *ssl, SSL3_RECORD *wr) | - |
817 | { | - |
818 | #ifndef OPENSSL_NO_COMP | - |
819 | int i; | - |
820 | | - |
821 | | - |
822 | i = COMP_compress_block(ssl->compress, wr->data, | - |
823 | (int)(wr->length + SSL3_RT_MAX_COMPRESSED_OVERHEAD), | - |
824 | wr->input, (int)wr->length); | - |
825 | if (i < 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
826 | return 0; never executed: return 0; | 0 |
827 | else | - |
828 | wr->length = i; never executed: wr->length = i; | 0 |
829 | | - |
830 | wr->input = wr->data; | - |
831 | #endif | - |
832 | return 1; never executed: return 1; | 0 |
833 | } | - |
834 | | - |
835 | | - |
836 | | - |
837 | | - |
838 | | - |
839 | | - |
840 | | - |
841 | | - |
842 | | - |
843 | | - |
844 | | - |
845 | | - |
846 | int ssl3_enc(SSL *s, SSL3_RECORD *inrecs, size_t n_recs, int sending) | - |
847 | { | - |
848 | SSL3_RECORD *rec; | - |
849 | EVP_CIPHER_CTX *ds; | - |
850 | size_t l, i; | - |
851 | size_t bs, mac_size = 0; | - |
852 | int imac_size; | - |
853 | const EVP_CIPHER *enc; | - |
854 | | - |
855 | rec = inrecs; | - |
856 | | - |
857 | | - |
858 | | - |
859 | if (n_recs != 1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
860 | return 0; never executed: return 0; | 0 |
861 | if (sending) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
862 | ds = s->enc_write_ctx; | - |
863 | if (s->enc_write_ctx == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
864 | enc = NULL; never executed: enc = ((void *)0) ; | 0 |
865 | else | - |
866 | enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx); never executed: enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx); | 0 |
867 | } else { | - |
868 | ds = s->enc_read_ctx; | - |
869 | if (s->enc_read_ctx == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
870 | enc = NULL; never executed: enc = ((void *)0) ; | 0 |
871 | else | - |
872 | enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); never executed: enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); | 0 |
873 | } | - |
874 | | - |
875 | if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
876 | memmove(rec->data, rec->input, rec->length); | - |
877 | rec->input = rec->data; | - |
878 | } else { never executed: end of block | 0 |
879 | l = rec->length; | - |
880 | | - |
881 | bs = EVP_CIPHER_CTX_block_size(ds); | - |
882 | | - |
883 | | - |
884 | | - |
885 | if ((bs != 1) && sending) {TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
886 | i = bs - (l % bs); | - |
887 | | - |
888 | | - |
889 | l += i; | - |
890 | | - |
891 | | - |
892 | | - |
893 | | - |
894 | memset(&rec->input[rec->length], 0, i); | - |
895 | rec->length += i; | - |
896 | rec->input[l - 1] = (unsigned char)(i - 1); | - |
897 | } never executed: end of block | 0 |
898 | | - |
899 | if (!sending) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
900 | if (l == 0 || l % bs != 0)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
901 | return 0; never executed: return 0; | 0 |
902 | | - |
903 | } never executed: end of block | 0 |
904 | | - |
905 | | - |
906 | if (EVP_Cipher(ds, rec->data, rec->input, (unsigned int)l) < 1)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
907 | return -1; never executed: return -1; | 0 |
908 | | - |
909 | if (EVP_MD_CTX_md(s->read_hash) != NULL) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
910 | | - |
911 | imac_size = EVP_MD_CTX_size(s->read_hash); | - |
912 | if (imac_size < 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
913 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL3_ENC, | - |
914 | ERR_R_INTERNAL_ERROR); | - |
915 | return -1; never executed: return -1; | 0 |
916 | } | - |
917 | mac_size = (size_t)imac_size; | - |
918 | } never executed: end of block | 0 |
919 | if ((bs != 1) && !sending)TRUE | never evaluated | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0 |
920 | return ssl3_cbc_remove_padding(rec, bs, mac_size); never executed: return ssl3_cbc_remove_padding(rec, bs, mac_size); | 0 |
921 | } never executed: end of block | 0 |
922 | return 1; never executed: return 1; | 0 |
923 | } | - |
924 | | - |
925 | #define MAX_PADDING 256 | - |
926 | | - |
927 | | - |
928 | | - |
929 | | - |
930 | | - |
931 | | - |
932 | | - |
933 | | - |
934 | | - |
935 | | - |
936 | | - |
937 | int tls1_enc(SSL *s, SSL3_RECORD *recs, size_t n_recs, int sending) | - |
938 | { | - |
939 | EVP_CIPHER_CTX *ds; | - |
940 | size_t reclen[SSL_MAX_PIPELINES]; | - |
941 | unsigned char buf[SSL_MAX_PIPELINES][EVP_AEAD_TLS1_AAD_LEN]; | - |
942 | int i, pad = 0, ret, tmpr; | - |
943 | size_t bs, mac_size = 0, ctr, padnum, loop; | - |
944 | unsigned char padval; | - |
945 | int imac_size; | - |
946 | const EVP_CIPHER *enc; | - |
947 | | - |
948 | if (n_recs == 0) {TRUE | never evaluated | FALSE | evaluated 62064 times by 1 test |
| 0-62064 |
949 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
950 | ERR_R_INTERNAL_ERROR); | - |
951 | return 0; never executed: return 0; | 0 |
952 | } | - |
953 | | - |
954 | if (sending) {TRUE | evaluated 30320 times by 1 test | FALSE | evaluated 31744 times by 1 test |
| 30320-31744 |
955 | if (EVP_MD_CTX_md(s->write_hash)) {TRUE | evaluated 6387 times by 1 test | FALSE | evaluated 23933 times by 1 test |
| 6387-23933 |
956 | int n = EVP_MD_CTX_size(s->write_hash); | - |
957 | if (!ossl_assert(n >= 0)) {TRUE | never evaluated | FALSE | evaluated 6387 times by 1 test |
| 0-6387 |
958 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
959 | ERR_R_INTERNAL_ERROR); | - |
960 | return -1; never executed: return -1; | 0 |
961 | } | - |
962 | }executed 6387 times by 1 test: end of block | 6387 |
963 | ds = s->enc_write_ctx; | - |
964 | if (s->enc_write_ctx == NULL)TRUE | evaluated 20672 times by 1 test | FALSE | evaluated 9648 times by 1 test |
| 9648-20672 |
965 | enc = NULL;executed 20672 times by 1 test: enc = ((void *)0) ; | 20672 |
966 | else { | - |
967 | int ivlen; | - |
968 | enc = EVP_CIPHER_CTX_cipher(s->enc_write_ctx); | - |
969 | | - |
970 | if (SSL_USE_EXPLICIT_IV(s)TRUE | evaluated 8097 times by 1 test | FALSE | evaluated 1551 times by 1 test |
| 1551-8097 |
971 | && EVP_CIPHER_mode(enc) == EVP_CIPH_CBC_MODE)TRUE | evaluated 4611 times by 1 test | FALSE | evaluated 3486 times by 1 test |
| 3486-4611 |
972 | ivlen = EVP_CIPHER_iv_length(enc);executed 4611 times by 1 test: ivlen = EVP_CIPHER_iv_length(enc); | 4611 |
973 | else | - |
974 | ivlen = 0;executed 5037 times by 1 test: ivlen = 0; | 5037 |
975 | if (ivlen > 1) {TRUE | evaluated 4611 times by 1 test | FALSE | evaluated 5037 times by 1 test |
| 4611-5037 |
976 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 4611 times by 1 test | FALSE | evaluated 4611 times by 1 test |
| 4611 |
977 | if (recs[ctr].data != recs[ctr].input) {TRUE | never evaluated | FALSE | evaluated 4611 times by 1 test |
| 0-4611 |
978 | | - |
979 | | - |
980 | | - |
981 | | - |
982 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
983 | ERR_R_INTERNAL_ERROR); | - |
984 | return -1; never executed: return -1; | 0 |
985 | } else if (RAND_bytes(recs[ctr].input, ivlen) <= 0) {TRUE | never evaluated | FALSE | evaluated 4611 times by 1 test |
| 0-4611 |
986 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
987 | ERR_R_INTERNAL_ERROR); | - |
988 | return -1; never executed: return -1; | 0 |
989 | } | - |
990 | }executed 4611 times by 1 test: end of block | 4611 |
991 | }executed 4611 times by 1 test: end of block | 4611 |
992 | }executed 9648 times by 1 test: end of block | 9648 |
993 | } else { | - |
994 | if (EVP_MD_CTX_md(s->read_hash)) {TRUE | evaluated 5233 times by 1 test | FALSE | evaluated 26511 times by 1 test |
| 5233-26511 |
995 | int n = EVP_MD_CTX_size(s->read_hash); | - |
996 | if (!ossl_assert(n >= 0)) {TRUE | never evaluated | FALSE | evaluated 5233 times by 1 test |
| 0-5233 |
997 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
998 | ERR_R_INTERNAL_ERROR); | - |
999 | return -1; never executed: return -1; | 0 |
1000 | } | - |
1001 | }executed 5233 times by 1 test: end of block | 5233 |
1002 | ds = s->enc_read_ctx; | - |
1003 | if (s->enc_read_ctx == NULL)TRUE | evaluated 23670 times by 1 test | FALSE | evaluated 8074 times by 1 test |
| 8074-23670 |
1004 | enc = NULL;executed 23670 times by 1 test: enc = ((void *)0) ; | 23670 |
1005 | else | - |
1006 | enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx);executed 8074 times by 1 test: enc = EVP_CIPHER_CTX_cipher(s->enc_read_ctx); | 8074 |
1007 | } | - |
1008 | | - |
1009 | if ((s->session == NULL) || (ds == NULL) || (enc == NULL)) {TRUE | evaluated 7365 times by 1 test | FALSE | evaluated 54699 times by 1 test |
TRUE | evaluated 36977 times by 1 test | FALSE | evaluated 17722 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 17722 times by 1 test |
| 0-54699 |
1010 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 44342 times by 1 test | FALSE | evaluated 44342 times by 1 test |
| 44342 |
1011 | memmove(recs[ctr].data, recs[ctr].input, recs[ctr].length); | - |
1012 | recs[ctr].input = recs[ctr].data; | - |
1013 | }executed 44342 times by 1 test: end of block | 44342 |
1014 | ret = 1; | - |
1015 | } else {executed 44342 times by 1 test: end of block | 44342 |
1016 | bs = EVP_CIPHER_block_size(EVP_CIPHER_CTX_cipher(ds)); | - |
1017 | | - |
1018 | if (n_recs > 1) {TRUE | never evaluated | FALSE | evaluated 17722 times by 1 test |
| 0-17722 |
1019 | if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds))TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1020 | & EVP_CIPH_FLAG_PIPELINE)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1021 | | - |
1022 | | - |
1023 | | - |
1024 | | - |
1025 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
1026 | SSL_R_PIPELINE_FAILURE); | - |
1027 | return -1; never executed: return -1; | 0 |
1028 | } | - |
1029 | } never executed: end of block | 0 |
1030 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 17722 times by 1 test | FALSE | evaluated 17705 times by 1 test |
| 17705-17722 |
1031 | reclen[ctr] = recs[ctr].length; | - |
1032 | | - |
1033 | if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds))TRUE | evaluated 6102 times by 1 test | FALSE | evaluated 11620 times by 1 test |
| 6102-11620 |
1034 | & EVP_CIPH_FLAG_AEAD_CIPHER) {TRUE | evaluated 6102 times by 1 test | FALSE | evaluated 11620 times by 1 test |
| 6102-11620 |
1035 | unsigned char *seq; | - |
1036 | | - |
1037 | seq = sending ? RECORD_LAYER_get_write_sequence(&s->rlayer)TRUE | evaluated 3261 times by 1 test | FALSE | evaluated 2841 times by 1 test |
| 2841-3261 |
1038 | : RECORD_LAYER_get_read_sequence(&s->rlayer); | - |
1039 | | - |
1040 | if (SSL_IS_DTLS(s)) {TRUE | evaluated 1532 times by 1 test | FALSE | evaluated 4570 times by 1 test |
| 1532-4570 |
1041 | | - |
1042 | unsigned char dtlsseq[9], *p = dtlsseq; | - |
1043 | | - |
1044 | s2n(sending ? DTLS_RECORD_LAYER_get_w_epoch(&s->rlayer) : | - |
1045 | DTLS_RECORD_LAYER_get_r_epoch(&s->rlayer), p); | - |
1046 | memcpy(p, &seq[2], 6); | - |
1047 | memcpy(buf[ctr], dtlsseq, 8); | - |
1048 | } else {executed 1532 times by 1 test: end of block | 1532 |
1049 | memcpy(buf[ctr], seq, 8); | - |
1050 | for (i = 7; i >= 0; i--) { TRUE | evaluated 4570 times by 1 test | FALSE | never evaluated |
| 0-4570 |
1051 | ++seq[i]; | - |
1052 | if (seq[i] != 0)TRUE | evaluated 4570 times by 1 test | FALSE | never evaluated |
| 0-4570 |
1053 | break;executed 4570 times by 1 test: break; | 4570 |
1054 | } never executed: end of block | 0 |
1055 | }executed 4570 times by 1 test: end of block | 4570 |
1056 | | - |
1057 | buf[ctr][8] = recs[ctr].type; | - |
1058 | buf[ctr][9] = (unsigned char)(s->version >> 8); | - |
1059 | buf[ctr][10] = (unsigned char)(s->version); | - |
1060 | buf[ctr][11] = (unsigned char)(recs[ctr].length >> 8); | - |
1061 | buf[ctr][12] = (unsigned char)(recs[ctr].length & 0xff); | - |
1062 | pad = EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_AEAD_TLS1_AAD, | - |
1063 | EVP_AEAD_TLS1_AAD_LEN, buf[ctr]); | - |
1064 | if (pad <= 0) {TRUE | evaluated 13 times by 1 test | FALSE | evaluated 6089 times by 1 test |
| 13-6089 |
1065 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
1066 | ERR_R_INTERNAL_ERROR); | - |
1067 | return -1;executed 13 times by 1 test: return -1; | 13 |
1068 | } | - |
1069 | | - |
1070 | if (sending) {TRUE | evaluated 3261 times by 1 test | FALSE | evaluated 2828 times by 1 test |
| 2828-3261 |
1071 | reclen[ctr] += pad; | - |
1072 | recs[ctr].length += pad; | - |
1073 | }executed 3261 times by 1 test: end of block | 3261 |
1074 | | - |
1075 | } else if ((bs != 1) && sending) {executed 6089 times by 1 test: end of block TRUE | evaluated 11345 times by 1 test | FALSE | evaluated 275 times by 1 test |
TRUE | evaluated 6146 times by 1 test | FALSE | evaluated 5199 times by 1 test |
| 275-11345 |
1076 | padnum = bs - (reclen[ctr] % bs); | - |
1077 | | - |
1078 | | - |
1079 | | - |
1080 | if (padnum > MAX_PADDING) {TRUE | never evaluated | FALSE | evaluated 6146 times by 1 test |
| 0-6146 |
1081 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
1082 | ERR_R_INTERNAL_ERROR); | - |
1083 | return -1; never executed: return -1; | 0 |
1084 | } | - |
1085 | | - |
1086 | padval = (unsigned char)(padnum - 1); | - |
1087 | for (loop = reclen[ctr]; loop < reclen[ctr] + padnum; loop++)TRUE | evaluated 81489 times by 1 test | FALSE | evaluated 6146 times by 1 test |
| 6146-81489 |
1088 | recs[ctr].input[loop] = padval;executed 81489 times by 1 test: recs[ctr].input[loop] = padval; | 81489 |
1089 | reclen[ctr] += padnum; | - |
1090 | recs[ctr].length += padnum; | - |
1091 | }executed 6146 times by 1 test: end of block | 6146 |
1092 | | - |
1093 | if (!sending) {TRUE | evaluated 8061 times by 1 test | FALSE | evaluated 9648 times by 1 test |
| 8061-9648 |
1094 | if (reclen[ctr] == 0 || reclen[ctr] % bs != 0)TRUE | evaluated 1 time by 1 test | FALSE | evaluated 8060 times by 1 test |
TRUE | evaluated 3 times by 1 test | FALSE | evaluated 8057 times by 1 test |
| 1-8060 |
1095 | return 0;executed 4 times by 1 test: return 0; | 4 |
1096 | }executed 8057 times by 1 test: end of block | 8057 |
1097 | }executed 17705 times by 1 test: end of block | 17705 |
1098 | if (n_recs > 1) {TRUE | never evaluated | FALSE | evaluated 17705 times by 1 test |
| 0-17705 |
1099 | unsigned char *data[SSL_MAX_PIPELINES]; | - |
1100 | | - |
1101 | | - |
1102 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1103 | data[ctr] = recs[ctr].data; | - |
1104 | } never executed: end of block | 0 |
1105 | if (EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_SET_PIPELINE_OUTPUT_BUFS,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1106 | (int)n_recs, data) <= 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1107 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
1108 | SSL_R_PIPELINE_FAILURE); | - |
1109 | return -1; never executed: return -1; | 0 |
1110 | } | - |
1111 | | - |
1112 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1113 | data[ctr] = recs[ctr].input; | - |
1114 | } never executed: end of block | 0 |
1115 | if (EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_SET_PIPELINE_INPUT_BUFS,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1116 | (int)n_recs, data) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1117 | || EVP_CIPHER_CTX_ctrl(ds, EVP_CTRL_SET_PIPELINE_INPUT_LENS,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1118 | (int)n_recs, reclen) <= 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1119 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
1120 | SSL_R_PIPELINE_FAILURE); | - |
1121 | return -1; never executed: return -1; | 0 |
1122 | } | - |
1123 | } never executed: end of block | 0 |
1124 | | - |
1125 | | - |
1126 | tmpr = EVP_Cipher(ds, recs[0].data, recs[0].input, | - |
1127 | (unsigned int)reclen[0]); | - |
1128 | if ((EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ds))TRUE | evaluated 147 times by 1 test | FALSE | evaluated 17558 times by 1 test |
TRUE | evaluated 6089 times by 1 test | FALSE | evaluated 11616 times by 1 test |
| 147-17558 |
1129 | & EVP_CIPH_FLAG_CUSTOM_CIPHER)TRUE | evaluated 147 times by 1 test | FALSE | evaluated 17558 times by 1 test |
TRUE | evaluated 6089 times by 1 test | FALSE | evaluated 11616 times by 1 test |
| 147-17558 |
1130 | ? (tmpr < 0)TRUE | evaluated 147 times by 1 test | FALSE | evaluated 17558 times by 1 test |
| 147-17558 |
1131 | : (tmpr == 0))TRUE | evaluated 147 times by 1 test | FALSE | evaluated 17558 times by 1 test |
| 147-17558 |
1132 | return -1; executed 147 times by 1 test: return -1; | 147 |
1133 | | - |
1134 | if (sending == 0) {TRUE | evaluated 7910 times by 1 test | FALSE | evaluated 9648 times by 1 test |
| 7910-9648 |
1135 | if (EVP_CIPHER_mode(enc) == EVP_CIPH_GCM_MODE) {TRUE | evaluated 2596 times by 1 test | FALSE | evaluated 5314 times by 1 test |
| 2596-5314 |
1136 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 2596 times by 1 test | FALSE | evaluated 2596 times by 1 test |
| 2596 |
1137 | recs[ctr].data += EVP_GCM_TLS_EXPLICIT_IV_LEN; | - |
1138 | recs[ctr].input += EVP_GCM_TLS_EXPLICIT_IV_LEN; | - |
1139 | recs[ctr].length -= EVP_GCM_TLS_EXPLICIT_IV_LEN; | - |
1140 | }executed 2596 times by 1 test: end of block | 2596 |
1141 | } else if (EVP_CIPHER_mode(enc) == EVP_CIPH_CCM_MODE) {executed 2596 times by 1 test: end of block TRUE | evaluated 60 times by 1 test | FALSE | evaluated 5254 times by 1 test |
| 60-5254 |
1142 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 60 times by 1 test | FALSE | evaluated 60 times by 1 test |
| 60 |
1143 | recs[ctr].data += EVP_CCM_TLS_EXPLICIT_IV_LEN; | - |
1144 | recs[ctr].input += EVP_CCM_TLS_EXPLICIT_IV_LEN; | - |
1145 | recs[ctr].length -= EVP_CCM_TLS_EXPLICIT_IV_LEN; | - |
1146 | }executed 60 times by 1 test: end of block | 60 |
1147 | }executed 60 times by 1 test: end of block | 60 |
1148 | }executed 7910 times by 1 test: end of block | 7910 |
1149 | | - |
1150 | ret = 1; | - |
1151 | if (!SSL_READ_ETM(s) && EVP_MD_CTX_md(s->read_hash) != NULL) {TRUE | evaluated 7595 times by 1 test | FALSE | evaluated 9963 times by 1 test |
TRUE | evaluated 748 times by 1 test | FALSE | evaluated 6847 times by 1 test |
| 748-9963 |
1152 | imac_size = EVP_MD_CTX_size(s->read_hash); | - |
1153 | if (imac_size < 0) {TRUE | never evaluated | FALSE | evaluated 748 times by 1 test |
| 0-748 |
1154 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_ENC, | - |
1155 | ERR_R_INTERNAL_ERROR); | - |
1156 | return -1; never executed: return -1; | 0 |
1157 | } | - |
1158 | mac_size = (size_t)imac_size; | - |
1159 | }executed 748 times by 1 test: end of block | 748 |
1160 | if ((bs != 1) && !sending) {TRUE | evaluated 11341 times by 1 test | FALSE | evaluated 6217 times by 1 test |
TRUE | evaluated 5195 times by 1 test | FALSE | evaluated 6146 times by 1 test |
| 5195-11341 |
1161 | int tmpret; | - |
1162 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 5195 times by 1 test | FALSE | evaluated 5163 times by 1 test |
| 5163-5195 |
1163 | tmpret = tls1_cbc_remove_padding(s, &recs[ctr], bs, mac_size); | - |
1164 | | - |
1165 | | - |
1166 | | - |
1167 | | - |
1168 | | - |
1169 | if (tmpret == 0)TRUE | evaluated 32 times by 1 test | FALSE | evaluated 5163 times by 1 test |
| 32-5163 |
1170 | return 0;executed 32 times by 1 test: return 0; | 32 |
1171 | ret = constant_time_select_int(constant_time_eq_int(tmpret, 1), | - |
1172 | ret, -1); | - |
1173 | }executed 5163 times by 1 test: end of block | 5163 |
1174 | }executed 5163 times by 1 test: end of block | 5163 |
1175 | if (pad && !sending) {TRUE | evaluated 5942 times by 1 test | FALSE | evaluated 11584 times by 1 test |
TRUE | evaluated 2681 times by 1 test | FALSE | evaluated 3261 times by 1 test |
| 2681-11584 |
1176 | for (ctr = 0; ctr < n_recs; ctr++) {TRUE | evaluated 2681 times by 1 test | FALSE | evaluated 2681 times by 1 test |
| 2681 |
1177 | recs[ctr].length -= pad; | - |
1178 | }executed 2681 times by 1 test: end of block | 2681 |
1179 | }executed 2681 times by 1 test: end of block | 2681 |
1180 | }executed 17526 times by 1 test: end of block | 17526 |
1181 | return ret;executed 61868 times by 1 test: return ret; | 61868 |
1182 | } | - |
1183 | | - |
1184 | int n_ssl3_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) | - |
1185 | { | - |
1186 | unsigned char *mac_sec, *seq; | - |
1187 | const EVP_MD_CTX *hash; | - |
1188 | unsigned char *p, rec_char; | - |
1189 | size_t md_size; | - |
1190 | size_t npad; | - |
1191 | int t; | - |
1192 | | - |
1193 | if (sending) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1194 | mac_sec = &(ssl->s3->write_mac_secret[0]); | - |
1195 | seq = RECORD_LAYER_get_write_sequence(&ssl->rlayer); | - |
1196 | hash = ssl->write_hash; | - |
1197 | } else { never executed: end of block | 0 |
1198 | mac_sec = &(ssl->s3->read_mac_secret[0]); | - |
1199 | seq = RECORD_LAYER_get_read_sequence(&ssl->rlayer); | - |
1200 | hash = ssl->read_hash; | - |
1201 | } never executed: end of block | 0 |
1202 | | - |
1203 | t = EVP_MD_CTX_size(hash); | - |
1204 | if (t < 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1205 | return 0; never executed: return 0; | 0 |
1206 | md_size = t; | - |
1207 | npad = (48 / md_size) * md_size; | - |
1208 | | - |
1209 | if (!sending &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1210 | EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1211 | ssl3_cbc_record_digest_supported(hash)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1212 | | - |
1213 | | - |
1214 | | - |
1215 | | - |
1216 | | - |
1217 | | - |
1218 | | - |
1219 | | - |
1220 | | - |
1221 | | - |
1222 | | - |
1223 | | - |
1224 | | - |
1225 | | - |
1226 | unsigned char header[75]; | - |
1227 | size_t j = 0; | - |
1228 | memcpy(header + j, mac_sec, md_size); | - |
1229 | j += md_size; | - |
1230 | memcpy(header + j, ssl3_pad_1, npad); | - |
1231 | j += npad; | - |
1232 | memcpy(header + j, seq, 8); | - |
1233 | j += 8; | - |
1234 | header[j++] = rec->type; | - |
1235 | header[j++] = (unsigned char)(rec->length >> 8); | - |
1236 | header[j++] = (unsigned char)(rec->length & 0xff); | - |
1237 | | - |
1238 | | - |
1239 | if (ssl3_cbc_digest_record(hash,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1240 | md, &md_size,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1241 | header, rec->input,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1242 | rec->length + md_size, rec->orig_len,TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1243 | mac_sec, md_size, 1) <= 0)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1244 | return 0; never executed: return 0; | 0 |
1245 | } else { never executed: end of block | 0 |
1246 | unsigned int md_size_u; | - |
1247 | | - |
1248 | EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); | - |
1249 | | - |
1250 | if (md_ctx == NULL)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1251 | return 0; never executed: return 0; | 0 |
1252 | | - |
1253 | rec_char = rec->type; | - |
1254 | p = md; | - |
1255 | s2n(rec->length, p); | - |
1256 | if (EVP_MD_CTX_copy_ex(md_ctx, hash) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1257 | || EVP_DigestUpdate(md_ctx, mac_sec, md_size) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1258 | || EVP_DigestUpdate(md_ctx, ssl3_pad_1, npad) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1259 | || EVP_DigestUpdate(md_ctx, seq, 8) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1260 | || EVP_DigestUpdate(md_ctx, &rec_char, 1) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1261 | || EVP_DigestUpdate(md_ctx, md, 2) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1262 | || EVP_DigestUpdate(md_ctx, rec->input, rec->length) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1263 | || EVP_DigestFinal_ex(md_ctx, md, NULL) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1264 | || EVP_MD_CTX_copy_ex(md_ctx, hash) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1265 | || EVP_DigestUpdate(md_ctx, mac_sec, md_size) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1266 | || EVP_DigestUpdate(md_ctx, ssl3_pad_2, npad) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1267 | || EVP_DigestUpdate(md_ctx, md, md_size) <= 0TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1268 | || EVP_DigestFinal_ex(md_ctx, md, &md_size_u) <= 0) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1269 | EVP_MD_CTX_free(md_ctx); | - |
1270 | return 0; never executed: return 0; | 0 |
1271 | } | - |
1272 | | - |
1273 | EVP_MD_CTX_free(md_ctx); | - |
1274 | } never executed: end of block | 0 |
1275 | | - |
1276 | ssl3_record_sequence_update(seq); | - |
1277 | return 1; never executed: return 1; | 0 |
1278 | } | - |
1279 | | - |
1280 | int tls1_mac(SSL *ssl, SSL3_RECORD *rec, unsigned char *md, int sending) | - |
1281 | { | - |
1282 | unsigned char *seq; | - |
1283 | EVP_MD_CTX *hash; | - |
1284 | size_t md_size; | - |
1285 | int i; | - |
1286 | EVP_MD_CTX *hmac = NULL, *mac_ctx; | - |
1287 | unsigned char header[13]; | - |
1288 | int stream_mac = (sending ? (ssl->mac_flags & SSL_MAC_FLAG_WRITE_MAC_STREAM)TRUE | evaluated 6387 times by 1 test | FALSE | evaluated 5234 times by 1 test |
| 5234-6387 |
1289 | : (ssl->mac_flags & SSL_MAC_FLAG_READ_MAC_STREAM)); | - |
1290 | int t; | - |
1291 | | - |
1292 | if (sending) {TRUE | evaluated 6387 times by 1 test | FALSE | evaluated 5234 times by 1 test |
| 5234-6387 |
1293 | seq = RECORD_LAYER_get_write_sequence(&ssl->rlayer); | - |
1294 | hash = ssl->write_hash; | - |
1295 | } else {executed 6387 times by 1 test: end of block | 6387 |
1296 | seq = RECORD_LAYER_get_read_sequence(&ssl->rlayer); | - |
1297 | hash = ssl->read_hash; | - |
1298 | }executed 5234 times by 1 test: end of block | 5234 |
1299 | | - |
1300 | t = EVP_MD_CTX_size(hash); | - |
1301 | if (!ossl_assert(t >= 0))TRUE | never evaluated | FALSE | evaluated 11621 times by 1 test |
| 0-11621 |
1302 | return 0; never executed: return 0; | 0 |
1303 | md_size = t; | - |
1304 | | - |
1305 | | - |
1306 | if (stream_mac) {TRUE | never evaluated | FALSE | evaluated 11621 times by 1 test |
| 0-11621 |
1307 | mac_ctx = hash; | - |
1308 | } else { never executed: end of block | 0 |
1309 | hmac = EVP_MD_CTX_new(); | - |
1310 | if (hmac == NULL || !EVP_MD_CTX_copy(hmac, hash)) {TRUE | never evaluated | FALSE | evaluated 11621 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 11621 times by 1 test |
| 0-11621 |
1311 | EVP_MD_CTX_free(hmac); | - |
1312 | return 0; never executed: return 0; | 0 |
1313 | } | - |
1314 | mac_ctx = hmac; | - |
1315 | }executed 11621 times by 1 test: end of block | 11621 |
1316 | | - |
1317 | if (SSL_IS_DTLS(ssl)) {TRUE | evaluated 1260 times by 1 test | FALSE | evaluated 10361 times by 1 test |
| 1260-10361 |
1318 | unsigned char dtlsseq[8], *p = dtlsseq; | - |
1319 | | - |
1320 | s2n(sending ? DTLS_RECORD_LAYER_get_w_epoch(&ssl->rlayer) : | - |
1321 | DTLS_RECORD_LAYER_get_r_epoch(&ssl->rlayer), p); | - |
1322 | memcpy(p, &seq[2], 6); | - |
1323 | | - |
1324 | memcpy(header, dtlsseq, 8); | - |
1325 | } elseexecuted 1260 times by 1 test: end of block | 1260 |
1326 | memcpy(header, seq, 8);executed 10361 times by 1 test: memcpy(header, seq, 8); | 10361 |
1327 | | - |
1328 | header[8] = rec->type; | - |
1329 | header[9] = (unsigned char)(ssl->version >> 8); | - |
1330 | header[10] = (unsigned char)(ssl->version); | - |
1331 | header[11] = (unsigned char)(rec->length >> 8); | - |
1332 | header[12] = (unsigned char)(rec->length & 0xff); | - |
1333 | | - |
1334 | if (!sending && !SSL_READ_ETM(ssl) &&TRUE | evaluated 5234 times by 1 test | FALSE | evaluated 6387 times by 1 test |
TRUE | evaluated 242 times by 1 test | FALSE | evaluated 4992 times by 1 test |
| 242-6387 |
1335 | EVP_CIPHER_CTX_mode(ssl->enc_read_ctx) == EVP_CIPH_CBC_MODE &&TRUE | evaluated 221 times by 1 test | FALSE | evaluated 21 times by 1 test |
| 21-221 |
1336 | ssl3_cbc_record_digest_supported(mac_ctx)) {TRUE | evaluated 221 times by 1 test | FALSE | never evaluated |
| 0-221 |
1337 | | - |
1338 | | - |
1339 | | - |
1340 | | - |
1341 | | - |
1342 | | - |
1343 | if (ssl3_cbc_digest_record(mac_ctx,TRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
| 0-221 |
1344 | md, &md_size,TRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
| 0-221 |
1345 | header, rec->input,TRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
| 0-221 |
1346 | rec->length + md_size, rec->orig_len,TRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
| 0-221 |
1347 | ssl->s3->read_mac_secret,TRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
| 0-221 |
1348 | ssl->s3->read_mac_secret_size, 0) <= 0) {TRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
| 0-221 |
1349 | EVP_MD_CTX_free(hmac); | - |
1350 | return 0; never executed: return 0; | 0 |
1351 | } | - |
1352 | } else {executed 221 times by 1 test: end of block | 221 |
1353 | | - |
1354 | if (EVP_DigestSignUpdate(mac_ctx, header, sizeof(header)) <= 0TRUE | never evaluated | FALSE | evaluated 11400 times by 1 test |
| 0-11400 |
1355 | || EVP_DigestSignUpdate(mac_ctx, rec->input, rec->length) <= 0TRUE | never evaluated | FALSE | evaluated 11400 times by 1 test |
| 0-11400 |
1356 | || EVP_DigestSignFinal(mac_ctx, md, &md_size) <= 0) {TRUE | never evaluated | FALSE | evaluated 11400 times by 1 test |
| 0-11400 |
1357 | EVP_MD_CTX_free(hmac); | - |
1358 | return 0; never executed: return 0; | 0 |
1359 | } | - |
1360 | }executed 11400 times by 1 test: end of block | 11400 |
1361 | | - |
1362 | EVP_MD_CTX_free(hmac); | - |
1363 | | - |
1364 | #ifdef SSL_DEBUG | - |
1365 | fprintf(stderr, "seq="); | - |
1366 | { | - |
1367 | int z; | - |
1368 | for (z = 0; z < 8; z++) | - |
1369 | fprintf(stderr, "%02X ", seq[z]); | - |
1370 | fprintf(stderr, "\n"); | - |
1371 | } | - |
1372 | fprintf(stderr, "rec="); | - |
1373 | { | - |
1374 | size_t z; | - |
1375 | for (z = 0; z < rec->length; z++) | - |
1376 | fprintf(stderr, "%02X ", rec->data[z]); | - |
1377 | fprintf(stderr, "\n"); | - |
1378 | } | - |
1379 | #endif | - |
1380 | | - |
1381 | if (!SSL_IS_DTLS(ssl)) {TRUE | evaluated 10361 times by 1 test | FALSE | evaluated 1260 times by 1 test |
| 1260-10361 |
1382 | for (i = 7; i >= 0; i--) {TRUE | evaluated 10369 times by 1 test | FALSE | never evaluated |
| 0-10369 |
1383 | ++seq[i]; | - |
1384 | if (seq[i] != 0)TRUE | evaluated 10361 times by 1 test | FALSE | evaluated 8 times by 1 test |
| 8-10361 |
1385 | break;executed 10361 times by 1 test: break; | 10361 |
1386 | }executed 8 times by 1 test: end of block | 8 |
1387 | }executed 10361 times by 1 test: end of block | 10361 |
1388 | #ifdef SSL_DEBUG | - |
1389 | { | - |
1390 | unsigned int z; | - |
1391 | for (z = 0; z < md_size; z++) | - |
1392 | fprintf(stderr, "%02X ", md[z]); | - |
1393 | fprintf(stderr, "\n"); | - |
1394 | } | - |
1395 | #endif | - |
1396 | return 1;executed 11621 times by 1 test: return 1; | 11621 |
1397 | } | - |
1398 | | - |
1399 | | - |
1400 | | - |
1401 | | - |
1402 | | - |
1403 | | - |
1404 | | - |
1405 | | - |
1406 | | - |
1407 | | - |
1408 | | - |
1409 | int ssl3_cbc_remove_padding(SSL3_RECORD *rec, | - |
1410 | size_t block_size, size_t mac_size) | - |
1411 | { | - |
1412 | size_t padding_length; | - |
1413 | size_t good; | - |
1414 | const size_t overhead = 1 + mac_size; | - |
1415 | | - |
1416 | | - |
1417 | | - |
1418 | | - |
1419 | if (overhead > rec->length)TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1420 | return 0; never executed: return 0; | 0 |
1421 | | - |
1422 | padding_length = rec->data[rec->length - 1]; | - |
1423 | good = constant_time_ge_s(rec->length, padding_length + overhead); | - |
1424 | | - |
1425 | good &= constant_time_ge_s(block_size, padding_length + 1); | - |
1426 | rec->length -= good & (padding_length + 1); | - |
1427 | return constant_time_select_int_s(good, 1, -1); never executed: return constant_time_select_int_s(good, 1, -1); | 0 |
1428 | } | - |
1429 | | - |
1430 | | - |
1431 | | - |
1432 | | - |
1433 | | - |
1434 | | - |
1435 | | - |
1436 | | - |
1437 | | - |
1438 | | - |
1439 | | - |
1440 | | - |
1441 | | - |
1442 | | - |
1443 | int tls1_cbc_remove_padding(const SSL *s, | - |
1444 | SSL3_RECORD *rec, | - |
1445 | size_t block_size, size_t mac_size) | - |
1446 | { | - |
1447 | size_t good; | - |
1448 | size_t padding_length, to_check, i; | - |
1449 | const size_t overhead = 1 + mac_size; | - |
1450 | | - |
1451 | if (SSL_USE_EXPLICIT_IV(s)) {TRUE | evaluated 3872 times by 1 test | FALSE | evaluated 1323 times by 1 test |
| 1323-3872 |
1452 | | - |
1453 | | - |
1454 | | - |
1455 | | - |
1456 | if (overhead + block_size > rec->length)TRUE | evaluated 19 times by 1 test | FALSE | evaluated 3853 times by 1 test |
| 19-3853 |
1457 | return 0;executed 19 times by 1 test: return 0; | 19 |
1458 | | - |
1459 | rec->data += block_size; | - |
1460 | rec->input += block_size; | - |
1461 | rec->length -= block_size; | - |
1462 | rec->orig_len -= block_size; | - |
1463 | } else if (overhead > rec->length)executed 3853 times by 1 test: end of block TRUE | evaluated 13 times by 1 test | FALSE | evaluated 1310 times by 1 test |
| 13-3853 |
1464 | return 0;executed 13 times by 1 test: return 0; | 13 |
1465 | | - |
1466 | padding_length = rec->data[rec->length - 1]; | - |
1467 | | - |
1468 | if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(s->enc_read_ctx)) &TRUE | never evaluated | FALSE | evaluated 5163 times by 1 test |
| 0-5163 |
1469 | EVP_CIPH_FLAG_AEAD_CIPHER) {TRUE | never evaluated | FALSE | evaluated 5163 times by 1 test |
| 0-5163 |
1470 | | - |
1471 | rec->length -= padding_length + 1; | - |
1472 | return 1; never executed: return 1; | 0 |
1473 | } | - |
1474 | | - |
1475 | good = constant_time_ge_s(rec->length, overhead + padding_length); | - |
1476 | | - |
1477 | | - |
1478 | | - |
1479 | | - |
1480 | | - |
1481 | | - |
1482 | | - |
1483 | | - |
1484 | | - |
1485 | to_check = 256; | - |
1486 | if (to_check > rec->length)TRUE | evaluated 2380 times by 1 test | FALSE | evaluated 2783 times by 1 test |
| 2380-2783 |
1487 | to_check = rec->length;executed 2380 times by 1 test: to_check = rec->length; | 2380 |
1488 | | - |
1489 | for (i = 0; i < to_check; i++) {TRUE | evaluated 781112 times by 1 test | FALSE | evaluated 5163 times by 1 test |
| 5163-781112 |
1490 | unsigned char mask = constant_time_ge_8_s(padding_length, i); | - |
1491 | unsigned char b = rec->data[rec->length - 1 - i]; | - |
1492 | | - |
1493 | | - |
1494 | | - |
1495 | | - |
1496 | good &= ~(mask & (padding_length ^ b)); | - |
1497 | }executed 781112 times by 1 test: end of block | 781112 |
1498 | | - |
1499 | | - |
1500 | | - |
1501 | | - |
1502 | | - |
1503 | good = constant_time_eq_s(0xff, good & 0xff); | - |
1504 | rec->length -= good & (padding_length + 1); | - |
1505 | | - |
1506 | return constant_time_select_int_s(good, 1, -1);executed 5163 times by 1 test: return constant_time_select_int_s(good, 1, -1); | 5163 |
1507 | } | - |
1508 | | - |
1509 | | - |
1510 | | - |
1511 | | - |
1512 | | - |
1513 | | - |
1514 | | - |
1515 | | - |
1516 | | - |
1517 | | - |
1518 | | - |
1519 | | - |
1520 | | - |
1521 | | - |
1522 | | - |
1523 | | - |
1524 | | - |
1525 | | - |
1526 | | - |
1527 | #define CBC_MAC_ROTATE_IN_PLACE | - |
1528 | | - |
1529 | int ssl3_cbc_copy_mac(unsigned char *out, | - |
1530 | const SSL3_RECORD *rec, size_t md_size) | - |
1531 | { | - |
1532 | #if defined(CBC_MAC_ROTATE_IN_PLACE) | - |
1533 | unsigned char rotated_mac_buf[64 + EVP_MAX_MD_SIZE]; | - |
1534 | unsigned char *rotated_mac; | - |
1535 | #else | - |
1536 | unsigned char rotated_mac[EVP_MAX_MD_SIZE]; | - |
1537 | #endif | - |
1538 | | - |
1539 | | - |
1540 | | - |
1541 | | - |
1542 | size_t mac_end = rec->length; | - |
1543 | size_t mac_start = mac_end - md_size; | - |
1544 | size_t in_mac; | - |
1545 | | - |
1546 | | - |
1547 | | - |
1548 | | - |
1549 | size_t scan_start = 0; | - |
1550 | size_t i, j; | - |
1551 | size_t rotate_offset; | - |
1552 | | - |
1553 | if (!ossl_assert(rec->orig_len >= md_sizeTRUE | never evaluated | FALSE | evaluated 221 times by 1 test |
TRUE | evaluated 221 times by 1 test | FALSE | never evaluated |
TRUE | evaluated 221 times by 1 test | FALSE | never evaluated |
| 0-221 |
1554 | && md_size <= EVP_MAX_MD_SIZE)) | - |
1555 | return 0; never executed: return 0; | 0 |
1556 | | - |
1557 | #if defined(CBC_MAC_ROTATE_IN_PLACE) | - |
1558 | rotated_mac = rotated_mac_buf + ((0 - (size_t)rotated_mac_buf) & 63); | - |
1559 | #endif | - |
1560 | | - |
1561 | | - |
1562 | if (rec->orig_len > md_size + 255 + 1)TRUE | evaluated 58 times by 1 test | FALSE | evaluated 163 times by 1 test |
| 58-163 |
1563 | scan_start = rec->orig_len - (md_size + 255 + 1);executed 58 times by 1 test: scan_start = rec->orig_len - (md_size + 255 + 1); | 58 |
1564 | | - |
1565 | in_mac = 0; | - |
1566 | rotate_offset = 0; | - |
1567 | memset(rotated_mac, 0, md_size); | - |
1568 | for (i = scan_start, j = 0; i < rec->orig_len; i++) {TRUE | evaluated 30844 times by 1 test | FALSE | evaluated 221 times by 1 test |
| 221-30844 |
1569 | size_t mac_started = constant_time_eq_s(i, mac_start); | - |
1570 | size_t mac_ended = constant_time_lt_s(i, mac_end); | - |
1571 | unsigned char b = rec->data[i]; | - |
1572 | | - |
1573 | in_mac |= mac_started; | - |
1574 | in_mac &= mac_ended; | - |
1575 | rotate_offset |= j & mac_started; | - |
1576 | rotated_mac[j++] |= b & in_mac; | - |
1577 | j &= constant_time_lt_s(j, md_size); | - |
1578 | }executed 30844 times by 1 test: end of block | 30844 |
1579 | | - |
1580 | | - |
1581 | #if defined(CBC_MAC_ROTATE_IN_PLACE) | - |
1582 | j = 0; | - |
1583 | for (i = 0; i < md_size; i++) {TRUE | evaluated 5464 times by 1 test | FALSE | evaluated 221 times by 1 test |
| 221-5464 |
1584 | | - |
1585 | ((volatile unsigned char *)rotated_mac)[rotate_offset ^ 32]; | - |
1586 | out[j++] = rotated_mac[rotate_offset++]; | - |
1587 | rotate_offset &= constant_time_lt_s(rotate_offset, md_size); | - |
1588 | }executed 5464 times by 1 test: end of block | 5464 |
1589 | #else | - |
1590 | memset(out, 0, md_size); | - |
1591 | rotate_offset = md_size - rotate_offset; | - |
1592 | rotate_offset &= constant_time_lt_s(rotate_offset, md_size); | - |
1593 | for (i = 0; i < md_size; i++) { | - |
1594 | for (j = 0; j < md_size; j++) | - |
1595 | out[j] |= rotated_mac[i] & constant_time_eq_8_s(j, rotate_offset); | - |
1596 | rotate_offset++; | - |
1597 | rotate_offset &= constant_time_lt_s(rotate_offset, md_size); | - |
1598 | } | - |
1599 | #endif | - |
1600 | | - |
1601 | return 1;executed 221 times by 1 test: return 1; | 221 |
1602 | } | - |
1603 | | - |
1604 | int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap) | - |
1605 | { | - |
1606 | int i; | - |
1607 | int enc_err; | - |
1608 | SSL_SESSION *sess; | - |
1609 | SSL3_RECORD *rr; | - |
1610 | int imac_size; | - |
1611 | size_t mac_size; | - |
1612 | unsigned char md[EVP_MAX_MD_SIZE]; | - |
1613 | | - |
1614 | rr = RECORD_LAYER_get_rrec(&s->rlayer); | - |
1615 | sess = s->session; | - |
1616 | | - |
1617 | | - |
1618 | | - |
1619 | | - |
1620 | | - |
1621 | rr->input = &(RECORD_LAYER_get_packet(&s->rlayer)[DTLS1_RT_HEADER_LENGTH]); | - |
1622 | | - |
1623 | | - |
1624 | | - |
1625 | | - |
1626 | | - |
1627 | | - |
1628 | | - |
1629 | | - |
1630 | | - |
1631 | | - |
1632 | | - |
1633 | | - |
1634 | | - |
1635 | | - |
1636 | if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {TRUE | never evaluated | FALSE | evaluated 3409 times by 1 test |
| 0-3409 |
1637 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_DTLS1_PROCESS_RECORD, | - |
1638 | SSL_R_ENCRYPTED_LENGTH_TOO_LONG); | - |
1639 | return 0; never executed: return 0; | 0 |
1640 | } | - |
1641 | | - |
1642 | | - |
1643 | rr->data = rr->input; | - |
1644 | rr->orig_len = rr->length; | - |
1645 | | - |
1646 | if (SSL_READ_ETM(s) && s->read_hash) {TRUE | evaluated 308 times by 1 test | FALSE | evaluated 3101 times by 1 test |
TRUE | evaluated 308 times by 1 test | FALSE | never evaluated |
| 0-3101 |
1647 | unsigned char *mac; | - |
1648 | mac_size = EVP_MD_CTX_size(s->read_hash); | - |
1649 | if (!ossl_assert(mac_size <= EVP_MAX_MD_SIZE)) {TRUE | never evaluated | FALSE | evaluated 308 times by 1 test |
| 0-308 |
1650 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_PROCESS_RECORD, | - |
1651 | ERR_R_INTERNAL_ERROR); | - |
1652 | return 0; never executed: return 0; | 0 |
1653 | } | - |
1654 | if (rr->orig_len < mac_size) {TRUE | never evaluated | FALSE | evaluated 308 times by 1 test |
| 0-308 |
1655 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_DTLS1_PROCESS_RECORD, | - |
1656 | SSL_R_LENGTH_TOO_SHORT); | - |
1657 | return 0; never executed: return 0; | 0 |
1658 | } | - |
1659 | rr->length -= mac_size; | - |
1660 | mac = rr->data + rr->length; | - |
1661 | i = s->method->ssl3_enc->mac(s, rr, md, 0 ); | - |
1662 | if (i == 0 || CRYPTO_memcmp(md, mac, (size_t)mac_size) != 0) {TRUE | never evaluated | FALSE | evaluated 308 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 308 times by 1 test |
| 0-308 |
1663 | SSLfatal(s, SSL_AD_BAD_RECORD_MAC, SSL_F_DTLS1_PROCESS_RECORD, | - |
1664 | SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC); | - |
1665 | return 0; never executed: return 0; | 0 |
1666 | } | - |
1667 | }executed 308 times by 1 test: end of block | 308 |
1668 | | - |
1669 | enc_err = s->method->ssl3_enc->enc(s, rr, 1, 0); | - |
1670 | | - |
1671 | | - |
1672 | | - |
1673 | | - |
1674 | | - |
1675 | | - |
1676 | if (enc_err == 0) {TRUE | never evaluated | FALSE | evaluated 3409 times by 1 test |
| 0-3409 |
1677 | if (ossl_statem_in_error(s)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1678 | | - |
1679 | return 0; never executed: return 0; | 0 |
1680 | } | - |
1681 | | - |
1682 | rr->length = 0; | - |
1683 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1684 | return 0; never executed: return 0; | 0 |
1685 | } | - |
1686 | #ifdef SSL_DEBUG | - |
1687 | printf("dec %ld\n", rr->length); | - |
1688 | { | - |
1689 | size_t z; | - |
1690 | for (z = 0; z < rr->length; z++) | - |
1691 | printf("%02X%c", rr->data[z], ((z + 1) % 16) ? ' ' : '\n'); | - |
1692 | } | - |
1693 | printf("\n"); | - |
1694 | #endif | - |
1695 | | - |
1696 | | - |
1697 | if ((sess != NULL) && !SSL_READ_ETM(s) &&TRUE | evaluated 3213 times by 1 test | FALSE | evaluated 196 times by 1 test |
TRUE | evaluated 2905 times by 1 test | FALSE | evaluated 308 times by 1 test |
| 196-3213 |
1698 | (s->enc_read_ctx != NULL) && (EVP_MD_CTX_md(s->read_hash) != NULL)) {TRUE | evaluated 663 times by 1 test | FALSE | evaluated 2242 times by 1 test |
TRUE | evaluated 47 times by 1 test | FALSE | evaluated 616 times by 1 test |
| 47-2242 |
1699 | | - |
1700 | unsigned char *mac = NULL; | - |
1701 | unsigned char mac_tmp[EVP_MAX_MD_SIZE]; | - |
1702 | | - |
1703 | | - |
1704 | imac_size = EVP_MD_CTX_size(s->read_hash); | - |
1705 | if (imac_size < 0) {TRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
| 0-47 |
1706 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_PROCESS_RECORD, | - |
1707 | ERR_LIB_EVP); | - |
1708 | return 0; never executed: return 0; | 0 |
1709 | } | - |
1710 | mac_size = (size_t)imac_size; | - |
1711 | if (!ossl_assert(mac_size <= EVP_MAX_MD_SIZE)) {TRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
| 0-47 |
1712 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_PROCESS_RECORD, | - |
1713 | ERR_R_INTERNAL_ERROR); | - |
1714 | return 0; never executed: return 0; | 0 |
1715 | } | - |
1716 | | - |
1717 | | - |
1718 | | - |
1719 | | - |
1720 | | - |
1721 | | - |
1722 | | - |
1723 | if (rr->orig_len < mac_size ||TRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
| 0-47 |
1724 | | - |
1725 | (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE &&TRUE | evaluated 41 times by 1 test | FALSE | evaluated 6 times by 1 test |
| 6-41 |
1726 | rr->orig_len < mac_size + 1)) {TRUE | never evaluated | FALSE | evaluated 41 times by 1 test |
| 0-41 |
1727 | SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_DTLS1_PROCESS_RECORD, | - |
1728 | SSL_R_LENGTH_TOO_SHORT); | - |
1729 | return 0; never executed: return 0; | 0 |
1730 | } | - |
1731 | | - |
1732 | if (EVP_CIPHER_CTX_mode(s->enc_read_ctx) == EVP_CIPH_CBC_MODE) {TRUE | evaluated 41 times by 1 test | FALSE | evaluated 6 times by 1 test |
| 6-41 |
1733 | | - |
1734 | | - |
1735 | | - |
1736 | | - |
1737 | | - |
1738 | | - |
1739 | mac = mac_tmp; | - |
1740 | if (!ssl3_cbc_copy_mac(mac_tmp, rr, mac_size)) {TRUE | never evaluated | FALSE | evaluated 41 times by 1 test |
| 0-41 |
1741 | SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_DTLS1_PROCESS_RECORD, | - |
1742 | ERR_R_INTERNAL_ERROR); | - |
1743 | return 0; never executed: return 0; | 0 |
1744 | } | - |
1745 | rr->length -= mac_size; | - |
1746 | } else {executed 41 times by 1 test: end of block | 41 |
1747 | | - |
1748 | | - |
1749 | | - |
1750 | | - |
1751 | | - |
1752 | rr->length -= mac_size; | - |
1753 | mac = &rr->data[rr->length]; | - |
1754 | }executed 6 times by 1 test: end of block | 6 |
1755 | | - |
1756 | i = s->method->ssl3_enc->mac(s, rr, md, 0 ); | - |
1757 | if (i == 0 || mac == NULLTRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
| 0-47 |
1758 | || CRYPTO_memcmp(md, mac, mac_size) != 0)TRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
| 0-47 |
1759 | enc_err = -1; never executed: enc_err = -1; | 0 |
1760 | if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH + mac_size)TRUE | never evaluated | FALSE | evaluated 47 times by 1 test |
| 0-47 |
1761 | enc_err = -1; never executed: enc_err = -1; | 0 |
1762 | }executed 47 times by 1 test: end of block | 47 |
1763 | | - |
1764 | if (enc_err < 0) {TRUE | never evaluated | FALSE | evaluated 3409 times by 1 test |
| 0-3409 |
1765 | | - |
1766 | rr->length = 0; | - |
1767 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1768 | return 0; never executed: return 0; | 0 |
1769 | } | - |
1770 | | - |
1771 | | - |
1772 | if (s->expand != NULL) {TRUE | never evaluated | FALSE | evaluated 3409 times by 1 test |
| 0-3409 |
1773 | if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1774 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_DTLS1_PROCESS_RECORD, | - |
1775 | SSL_R_COMPRESSED_LENGTH_TOO_LONG); | - |
1776 | return 0; never executed: return 0; | 0 |
1777 | } | - |
1778 | if (!ssl3_do_uncompress(s, rr)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1779 | SSLfatal(s, SSL_AD_DECOMPRESSION_FAILURE, | - |
1780 | SSL_F_DTLS1_PROCESS_RECORD, SSL_R_BAD_DECOMPRESSION); | - |
1781 | return 0; never executed: return 0; | 0 |
1782 | } | - |
1783 | } never executed: end of block | 0 |
1784 | | - |
1785 | if (rr->length > SSL3_RT_MAX_PLAIN_LENGTH) {TRUE | never evaluated | FALSE | evaluated 3409 times by 1 test |
| 0-3409 |
1786 | SSLfatal(s, SSL_AD_RECORD_OVERFLOW, SSL_F_DTLS1_PROCESS_RECORD, | - |
1787 | SSL_R_DATA_LENGTH_TOO_LONG); | - |
1788 | return 0; never executed: return 0; | 0 |
1789 | } | - |
1790 | | - |
1791 | rr->off = 0; | - |
1792 | | - |
1793 | | - |
1794 | | - |
1795 | | - |
1796 | | - |
1797 | | - |
1798 | | - |
1799 | | - |
1800 | | - |
1801 | | - |
1802 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1803 | | - |
1804 | | - |
1805 | dtls1_record_bitmap_update(s, bitmap); | - |
1806 | | - |
1807 | return 1;executed 3409 times by 1 test: return 1; | 3409 |
1808 | } | - |
1809 | | - |
1810 | | - |
1811 | | - |
1812 | | - |
1813 | #define dtls1_get_processed_record(s) \ | - |
1814 | dtls1_retrieve_buffered_record((s), \ | - |
1815 | &(DTLS_RECORD_LAYER_get_processed_rcds(&s->rlayer))) | - |
1816 | | - |
1817 | | - |
1818 | | - |
1819 | | - |
1820 | | - |
1821 | | - |
1822 | | - |
1823 | | - |
1824 | | - |
1825 | | - |
1826 | | - |
1827 | int dtls1_get_record(SSL *s) | - |
1828 | { | - |
1829 | int ssl_major, ssl_minor; | - |
1830 | int rret; | - |
1831 | size_t more, n; | - |
1832 | SSL3_RECORD *rr; | - |
1833 | unsigned char *p = NULL; | - |
1834 | unsigned short version; | - |
1835 | DTLS1_BITMAP *bitmap; | - |
1836 | unsigned int is_next_epoch; | - |
1837 | | - |
1838 | rr = RECORD_LAYER_get_rrec(&s->rlayer); | - |
1839 | | - |
1840 | again:code before this statement executed 4613 times by 1 test: again: | 4613 |
1841 | | - |
1842 | | - |
1843 | | - |
1844 | | - |
1845 | if (!dtls1_process_buffered_records(s)) {TRUE | never evaluated | FALSE | evaluated 4705 times by 1 test |
| 0-4705 |
1846 | | - |
1847 | return -1; never executed: return -1; | 0 |
1848 | } | - |
1849 | | - |
1850 | | - |
1851 | if (dtls1_get_processed_record(s))TRUE | evaluated 7 times by 1 test | FALSE | evaluated 4698 times by 1 test |
| 7-4698 |
1852 | return 1;executed 7 times by 1 test: return 1; | 7 |
1853 | | - |
1854 | | - |
1855 | | - |
1856 | | - |
1857 | if ((RECORD_LAYER_get_rstate(&s->rlayer) != SSL_ST_READ_BODY) ||TRUE | evaluated 4630 times by 1 test | FALSE | evaluated 68 times by 1 test |
| 68-4630 |
1858 | (RECORD_LAYER_get_packet_length(&s->rlayer) < DTLS1_RT_HEADER_LENGTH)) {TRUE | evaluated 68 times by 1 test | FALSE | never evaluated |
| 0-68 |
1859 | rret = ssl3_read_n(s, DTLS1_RT_HEADER_LENGTH, | - |
1860 | SSL3_BUFFER_get_len(&s->rlayer.rbuf), 0, 1, &n); | - |
1861 | | - |
1862 | if (rret <= 0) {TRUE | evaluated 1204 times by 1 test | FALSE | evaluated 3494 times by 1 test |
| 1204-3494 |
1863 | | - |
1864 | return rret; executed 1204 times by 1 test: return rret; | 1204 |
1865 | } | - |
1866 | | - |
1867 | | - |
1868 | if (RECORD_LAYER_get_packet_length(&s->rlayer) !=TRUE | evaluated 4 times by 1 test | FALSE | evaluated 3490 times by 1 test |
| 4-3490 |
1869 | DTLS1_RT_HEADER_LENGTH) {TRUE | evaluated 4 times by 1 test | FALSE | evaluated 3490 times by 1 test |
| 4-3490 |
1870 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1871 | goto again;executed 4 times by 1 test: goto again; | 4 |
1872 | } | - |
1873 | | - |
1874 | RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_BODY); | - |
1875 | | - |
1876 | p = RECORD_LAYER_get_packet(&s->rlayer); | - |
1877 | | - |
1878 | if (s->msg_callback)TRUE | never evaluated | FALSE | evaluated 3490 times by 1 test |
| 0-3490 |
1879 | s->msg_callback(0, 0, SSL3_RT_HEADER, p, DTLS1_RT_HEADER_LENGTH, never executed: s->msg_callback(0, 0, 0x100, p, 13, s, s->msg_callback_arg); | 0 |
1880 | s, s->msg_callback_arg); never executed: s->msg_callback(0, 0, 0x100, p, 13, s, s->msg_callback_arg); | 0 |
1881 | | - |
1882 | | - |
1883 | rr->type = *(p++); | - |
1884 | ssl_major = *(p++); | - |
1885 | ssl_minor = *(p++); | - |
1886 | version = (ssl_major << 8) | ssl_minor; | - |
1887 | | - |
1888 | | - |
1889 | n2s(p, rr->epoch); | - |
1890 | | - |
1891 | memcpy(&(RECORD_LAYER_get_read_sequence(&s->rlayer)[2]), p, 6); | - |
1892 | p += 6; | - |
1893 | | - |
1894 | n2s(p, rr->length); | - |
1895 | rr->read = 0; | - |
1896 | | - |
1897 | | - |
1898 | | - |
1899 | | - |
1900 | | - |
1901 | if (!s->first_packet && rr->type != SSL3_RT_ALERT) {TRUE | evaluated 3091 times by 1 test | FALSE | evaluated 399 times by 1 test |
TRUE | evaluated 2870 times by 1 test | FALSE | evaluated 221 times by 1 test |
| 221-3091 |
1902 | if (version != s->version) {TRUE | evaluated 61 times by 1 test | FALSE | evaluated 2809 times by 1 test |
| 61-2809 |
1903 | | - |
1904 | rr->length = 0; | - |
1905 | rr->read = 1; | - |
1906 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1907 | goto again;executed 61 times by 1 test: goto again; | 61 |
1908 | } | - |
1909 | }executed 2809 times by 1 test: end of block | 2809 |
1910 | | - |
1911 | if ((version & 0xff00) != (s->version & 0xff00)) {TRUE | never evaluated | FALSE | evaluated 3429 times by 1 test |
| 0-3429 |
1912 | | - |
1913 | rr->length = 0; | - |
1914 | rr->read = 1; | - |
1915 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1916 | goto again; never executed: goto again; | 0 |
1917 | } | - |
1918 | | - |
1919 | if (rr->length > SSL3_RT_MAX_ENCRYPTED_LENGTH) {TRUE | never evaluated | FALSE | evaluated 3429 times by 1 test |
| 0-3429 |
1920 | | - |
1921 | rr->length = 0; | - |
1922 | rr->read = 1; | - |
1923 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1924 | goto again; never executed: goto again; | 0 |
1925 | } | - |
1926 | | - |
1927 | | - |
1928 | if (s->session != NULL && USE_MAX_FRAGMENT_LENGTH_EXT(s->session)TRUE | evaluated 3233 times by 1 test | FALSE | evaluated 196 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 3233 times by 1 test |
TRUE | never evaluated | FALSE | never evaluated |
| 0-3233 |
1929 | && rr->length > GET_MAX_FRAGMENT_LENGTH(s->session)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1930 | | - |
1931 | rr->length = 0; | - |
1932 | rr->read = 1; | - |
1933 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1934 | goto again; never executed: goto again; | 0 |
1935 | } | - |
1936 | | - |
1937 | | - |
1938 | }executed 3429 times by 1 test: end of block | 3429 |
1939 | | - |
1940 | | - |
1941 | | - |
1942 | if (rr->length >TRUE | evaluated 3429 times by 1 test | FALSE | never evaluated |
| 0-3429 |
1943 | RECORD_LAYER_get_packet_length(&s->rlayer) - DTLS1_RT_HEADER_LENGTH) {TRUE | evaluated 3429 times by 1 test | FALSE | never evaluated |
| 0-3429 |
1944 | | - |
1945 | more = rr->length; | - |
1946 | rret = ssl3_read_n(s, more, more, 1, 1, &n); | - |
1947 | | - |
1948 | if (rret <= 0 || n != more) {TRUE | never evaluated | FALSE | evaluated 3429 times by 1 test |
TRUE | never evaluated | FALSE | evaluated 3429 times by 1 test |
| 0-3429 |
1949 | if (ossl_statem_in_error(s)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
1950 | | - |
1951 | return -1; never executed: return -1; | 0 |
1952 | } | - |
1953 | rr->length = 0; | - |
1954 | rr->read = 1; | - |
1955 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1956 | goto again; never executed: goto again; | 0 |
1957 | } | - |
1958 | | - |
1959 | | - |
1960 | | - |
1961 | | - |
1962 | | - |
1963 | }executed 3429 times by 1 test: end of block | 3429 |
1964 | | - |
1965 | RECORD_LAYER_set_rstate(&s->rlayer, SSL_ST_READ_HEADER); | - |
1966 | | - |
1967 | | - |
1968 | bitmap = dtls1_get_bitmap(s, rr, &is_next_epoch); | - |
1969 | if (bitmap == NULL) {TRUE | evaluated 11 times by 1 test | FALSE | evaluated 3418 times by 1 test |
| 11-3418 |
1970 | rr->length = 0; | - |
1971 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1972 | goto again; executed 11 times by 1 test: goto again; | 11 |
1973 | } | - |
1974 | #ifndef OPENSSL_NO_SCTP | - |
1975 | | - |
1976 | if (!BIO_dgram_is_sctp(SSL_get_rbio(s))) { | - |
1977 | #endif | - |
1978 | | - |
1979 | | - |
1980 | | - |
1981 | | - |
1982 | | - |
1983 | if (!dtls1_record_replay_check(s, bitmap)) {TRUE | evaluated 7 times by 1 test | FALSE | evaluated 3411 times by 1 test |
| 7-3411 |
1984 | rr->length = 0; | - |
1985 | rr->read = 1; | - |
1986 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
1987 | goto again; executed 7 times by 1 test: goto again; | 7 |
1988 | } | - |
1989 | #ifndef OPENSSL_NO_SCTP | - |
1990 | } | - |
1991 | #endif | - |
1992 | | - |
1993 | | - |
1994 | if (rr->length == 0) {TRUE | never evaluated | FALSE | evaluated 3411 times by 1 test |
| 0-3411 |
1995 | rr->read = 1; | - |
1996 | goto again; never executed: goto again; | 0 |
1997 | } | - |
1998 | | - |
1999 | | - |
2000 | | - |
2001 | | - |
2002 | | - |
2003 | | - |
2004 | if (is_next_epoch) {TRUE | evaluated 9 times by 1 test | FALSE | evaluated 3402 times by 1 test |
| 9-3402 |
2005 | if ((SSL_in_init(s) || ossl_statem_get_in_handshake(s))) {TRUE | evaluated 9 times by 1 test | FALSE | never evaluated |
TRUE | never evaluated | FALSE | never evaluated |
| 0-9 |
2006 | if (dtls1_buffer_record (s,TRUE | never evaluated | FALSE | evaluated 9 times by 1 test |
| 0-9 |
2007 | &(DTLS_RECORD_LAYER_get_unprocessed_rcds(&s->rlayer)),TRUE | never evaluated | FALSE | evaluated 9 times by 1 test |
| 0-9 |
2008 | rr->seq_num) < 0) {TRUE | never evaluated | FALSE | evaluated 9 times by 1 test |
| 0-9 |
2009 | | - |
2010 | return -1; never executed: return -1; | 0 |
2011 | } | - |
2012 | }executed 9 times by 1 test: end of block | 9 |
2013 | rr->length = 0; | - |
2014 | rr->read = 1; | - |
2015 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
2016 | goto again;executed 9 times by 1 test: goto again; | 9 |
2017 | } | - |
2018 | | - |
2019 | if (!dtls1_process_record(s, bitmap)) {TRUE | never evaluated | FALSE | evaluated 3402 times by 1 test |
| 0-3402 |
2020 | if (ossl_statem_in_error(s)) {TRUE | never evaluated | FALSE | never evaluated |
| 0 |
2021 | | - |
2022 | return -1; never executed: return -1; | 0 |
2023 | } | - |
2024 | rr->length = 0; | - |
2025 | rr->read = 1; | - |
2026 | RECORD_LAYER_reset_packet_length(&s->rlayer); | - |
2027 | goto again; never executed: goto again; | 0 |
2028 | } | - |
2029 | | - |
2030 | return 1;executed 3402 times by 1 test: return 1; | 3402 |
2031 | | - |
2032 | } | - |
| | |