1 /***************************************************************************
2 * Copyright (c) 2024 Microsoft Corporation
3 *
4 * This program and the accompanying materials are made available under the
5 * terms of the MIT License which is available at
6 * https://opensource.org/licenses/MIT.
7 *
8 * SPDX-License-Identifier: MIT
9 **************************************************************************/
10
11
12 /**************************************************************************/
13 /**************************************************************************/
14 /** */
15 /** NetX Secure Component */
16 /** */
17 /** Transport Layer Security (TLS) */
18 /** */
19 /**************************************************************************/
20 /**************************************************************************/
21
22 #define NX_SECURE_SOURCE_CODE
23
24 #include "nx_secure_tls.h"
25
26 /**************************************************************************/
27 /* */
28 /* FUNCTION RELEASE */
29 /* */
30 /* _nx_secure_tls_verify_mac PORTABLE C */
31 /* 6.2.0 */
32 /* AUTHOR */
33 /* */
34 /* Timothy Stapko, Microsoft Corporation */
35 /* */
36 /* DESCRIPTION */
37 /* */
38 /* This function verifies the Message Authentication Code (MAC) that */
39 /* is included in encrypted TLS records. It hashes the incoming */
40 /* message data and then compares it to the MAC in the received */
41 /* record. If there is a mismatch, then the record has been corrupted */
42 /* in transit and represents a possible security breach. */
43 /* */
44 /* INPUT */
45 /* */
46 /* tls_session TLS control block */
47 /* header_data TLS record header data */
48 /* header_length Length of header data */
49 /* packet_ptr TLS record packet */
50 /* offset Offset to TLS record in packet*/
51 /* length Length of payload data */
52 /* */
53 /* OUTPUT */
54 /* */
55 /* status Completion status */
56 /* */
57 /* CALLS */
58 /* */
59 /* [nx_secure_verify_mac] Verify record MAC checksum */
60 /* */
61 /* CALLED BY */
62 /* */
63 /* _nx_secure_tls_process_record Process TLS record data */
64 /* */
65 /* RELEASE HISTORY */
66 /* */
67 /* DATE NAME DESCRIPTION */
68 /* */
69 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
70 /* 09-30-2020 Timothy Stapko Modified comment(s), fixed */
71 /* AES-CBC padding oracle, */
72 /* verified memcpy use cases, */
73 /* supported chained packet, */
74 /* resulting in version 6.1 */
75 /* 04-25-2022 Yuxin Zhou Modified comment(s), and */
76 /* reorganized internal logic, */
77 /* resulting in version 6.1.11 */
78 /* 07-29-2022 Yuxin Zhou Modified comment(s), and */
79 /* checked seq number overflow,*/
80 /* resulting in version 6.1.12 */
81 /* 10-31-2022 Yanwu Cai Modified comment(s), added */
82 /* custom secret generation, */
83 /* resulting in version 6.2.0 */
84 /* */
85 /**************************************************************************/
_nx_secure_tls_verify_mac(NX_SECURE_TLS_SESSION * tls_session,UCHAR * header_data,USHORT header_length,NX_PACKET * packet_ptr,ULONG offset,UINT * length)86 UINT _nx_secure_tls_verify_mac(NX_SECURE_TLS_SESSION *tls_session, UCHAR *header_data,
87 USHORT header_length, NX_PACKET *packet_ptr, ULONG offset, UINT *length)
88 {
89 UCHAR *mac_secret;
90 UINT status;
91
92 if (tls_session -> nx_secure_tls_session_ciphersuite == NX_NULL)
93 {
94
95 /* Likely internal error since at this point ciphersuite negotiation was theoretically completed. */
96 return(NX_SECURE_TLS_UNKNOWN_CIPHERSUITE);
97 }
98
99 /* Select our proper MAC secret for hashing. */
100 if (tls_session -> nx_secure_tls_socket_type == NX_SECURE_TLS_SESSION_TYPE_SERVER)
101 {
102 /* If we are a server, we need to use the client's MAC secret. */
103 mac_secret = tls_session -> nx_secure_tls_key_material.nx_secure_tls_client_write_mac_secret;
104 }
105 else
106 {
107 /* We are a client, so use the server's MAC secret. */
108 mac_secret = tls_session -> nx_secure_tls_key_material.nx_secure_tls_server_write_mac_secret;
109 }
110
111 status = tls_session -> nx_secure_verify_mac(tls_session -> nx_secure_tls_session_ciphersuite, mac_secret, tls_session -> nx_secure_tls_remote_sequence_number,
112 header_data, header_length, packet_ptr, offset, length,
113 tls_session -> nx_secure_hash_mac_metadata_area, tls_session -> nx_secure_hash_mac_metadata_size);
114 return(status);
115 }
116
117
