diff options
author | Matt Caswell <matt@openssl.org> | 2022-11-14 14:19:53 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2023-01-24 17:16:29 +0000 |
commit | 3f9175c7a46b13a3528d9b5776030a78eb1f9454 (patch) | |
tree | d114752dce6626fe749c8bec4b8721424c701461 | |
parent | bea8d70498c9ad0e2cca3652c748d327be7b841e (diff) |
Extend the new_record_layer function
Add the ability to pass the main secret and length, as well as the
digest used for the KDF.
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19748)
-rw-r--r-- | include/internal/recordmethod.h | 3 | ||||
-rw-r--r-- | ssl/d1_lib.c | 4 | ||||
-rw-r--r-- | ssl/record/methods/dtls_meth.c | 6 | ||||
-rw-r--r-- | ssl/record/methods/ktls_meth.c | 6 | ||||
-rw-r--r-- | ssl/record/methods/tls_common.c | 6 | ||||
-rw-r--r-- | ssl/record/rec_layer_s3.c | 14 | ||||
-rw-r--r-- | ssl/record/record.h | 8 | ||||
-rw-r--r-- | ssl/s3_enc.c | 4 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 9 | ||||
-rw-r--r-- | ssl/statem/statem_clnt.c | 9 | ||||
-rw-r--r-- | ssl/t1_enc.c | 4 | ||||
-rw-r--r-- | ssl/tls13_enc.c | 9 | ||||
-rw-r--r-- | test/tls13encryptiontest.c | 14 | ||||
-rw-r--r-- | test/tls13secretstest.c | 5 |
14 files changed, 60 insertions, 41 deletions
diff --git a/include/internal/recordmethod.h b/include/internal/recordmethod.h index d6d432413a..fda3549590 100644 --- a/include/internal/recordmethod.h +++ b/include/internal/recordmethod.h @@ -124,6 +124,8 @@ struct ossl_record_method_st { int role, int direction, int level, uint16_t epoch, + unsigned char *secret, + size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, @@ -135,6 +137,7 @@ struct ossl_record_method_st { int mactype, const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, BIO *next, diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 83ef67275e..3e644b3098 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -820,9 +820,9 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client) if (!ssl_set_new_record_layer(s, DTLS_ANY_VERSION, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL)) { + NID_undef, NULL, NULL, NULL)) { /* SSLfatal already called */ ret = -1; goto end; diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index 55e49188cd..2dae86b44c 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -624,12 +624,14 @@ static int dtls_free(OSSL_RECORD_LAYER *rl) static int dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, int role, int direction, int level, uint16_t epoch, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, - const EVP_MD *md, COMP_METHOD *comp, BIO *prev, - BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, + const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, + BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) diff --git a/ssl/record/methods/ktls_meth.c b/ssl/record/methods/ktls_meth.c index 21f7c41b44..5cd833d070 100644 --- a/ssl/record/methods/ktls_meth.c +++ b/ssl/record/methods/ktls_meth.c @@ -402,12 +402,14 @@ static int ktls_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec) static int ktls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, int role, int direction, int level, uint16_t epoch, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, - const EVP_MD *md, COMP_METHOD *comp, BIO *prev, - BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, + const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, + BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 9fca10c50e..91d1545085 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1324,12 +1324,14 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, static int tls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, int role, int direction, int level, uint16_t epoch, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, - const EVP_MD *md, COMP_METHOD *comp, BIO *prev, - BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, + const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, + BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 7fa22bb02b..fadac90e52 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1155,12 +1155,13 @@ static int ssl_post_record_layer_select(SSL_CONNECTION *s, int direction) int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction, int level, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, const EVP_MD *md, - const SSL_COMP *comp) + const SSL_COMP *comp, const EVP_MD *kdfdigest) { OSSL_PARAM options[5], *opts = options; OSSL_PARAM settings[6], *set = settings; @@ -1330,11 +1331,12 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, rlret = meth->new_record_layer(sctx->libctx, sctx->propq, version, s->server, direction, level, epoch, - key, keylen, iv, ivlen, mackey, - mackeylen, ciph, taglen, mactype, md, - compm, prev, thisbio, next, NULL, NULL, - settings, options, rlayer_dispatch_tmp, - s, s->rlayer.rlarg, &newrl); + secret, secretlen, key, keylen, iv, + ivlen, mackey, mackeylen, ciph, taglen, + mactype, md, compm, kdfdigest, prev, + thisbio, next, NULL, NULL, settings, + options, rlayer_dispatch_tmp, s, + s->rlayer.rlarg, &newrl); BIO_free(prev); switch (rlret) { case OSSL_RECORD_RETURN_FATAL: diff --git a/ssl/record/record.h b/ssl/record/record.h index e2fdd05f0c..cd2b78698d 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -173,13 +173,15 @@ void ssl_release_record(SSL_CONNECTION *s, TLS_RECORD *rr); int ossl_tls_handle_rlayer_return(SSL_CONNECTION *s, int writing, int ret, char *file, int line); -int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction, - int level, unsigned char *key, size_t keylen, +int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, + int direction, int level, + unsigned char *secret, size_t secretlen, + unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, const EVP_MD *md, - const SSL_COMP *comp); + const SSL_COMP *comp, const EVP_MD *kdfdigest); int ssl_set_record_protocol_version(SSL_CONNECTION *s, int vers); # define OSSL_FUNC_RLAYER_SKIP_EARLY_DATA 1 diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 67123c7372..d13a28697e 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -146,8 +146,8 @@ int ssl3_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, SSL3_VERSION, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, key_len, iv, iv_len, mac_secret, - md_len, ciph, 0, NID_undef, md, comp)) { + NULL, 0, key, key_len, iv, iv_len, mac_secret, + md_len, ciph, 0, NID_undef, md, comp, NULL)) { /* SSLfatal already called */ goto err; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1a5bc6d3e4..ffae69bc38 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -553,17 +553,18 @@ static int clear_record_layer(SSL_CONNECTION *s) SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION : TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL); + NID_undef, NULL, NULL, NULL); ret &= ssl_set_new_record_layer(s, SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION : TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL); + NID_undef, NULL, NULL, NULL); + /* SSLfatal already called in the event of failure */ return ret; } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a1b7954a66..f1ed43abd3 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -720,8 +720,9 @@ WORK_STATE ossl_statem_client_pre_work(SSL_CONNECTION *s, WORK_STATE wst) TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, OSSL_RECORD_PROTECTION_LEVEL_NONE, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL)) { + NULL, 0, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, NID_undef, NULL, NULL, + NULL)) { /* SSLfatal already called */ return WORK_ERROR; } @@ -1793,8 +1794,8 @@ static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL_CONNECTION *s, TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, OSSL_RECORD_PROTECTION_LEVEL_NONE, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL)) { + NULL, 0, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, NID_undef, NULL, NULL, NULL)) { /* SSLfatal already called */ goto err; } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 0265210524..712a784a0d 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -268,9 +268,9 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, s->version, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, cl, iv, (size_t)k, mac_secret, + NULL, 0, key, cl, iv, (size_t)k, mac_secret, mac_secret_size, c, taglen, mac_type, - m, comp)) { + m, comp, NULL)) { /* SSLfatal already called */ goto err; } diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 6d2f46441a..30ef3a8410 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -678,8 +678,9 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, s->version, direction, - level, key, keylen, iv, ivlen, NULL, 0, - cipher, taglen, NID_undef, NULL, NULL)) { + level, insecret, hashlen, key, keylen, iv, + ivlen, NULL, 0, cipher, taglen, NID_undef, + NULL, NULL, md)) { /* SSLfatal already called */ goto err; } @@ -736,9 +737,9 @@ int tls13_update_key(SSL_CONNECTION *s, int sending) if (!ssl_set_new_record_layer(s, s->version, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, keylen, iv, ivlen, NULL, 0, + insecret, hashlen, key, keylen, iv, ivlen, NULL, 0, s->s3.tmp.new_sym_enc, taglen, NID_undef, NULL, - NULL)) { + NULL, md)) { /* SSLfatal already called */ goto err; } diff --git a/test/tls13encryptiontest.c b/test/tls13encryptiontest.c index 1529e1b1ba..cecbb4296b 100644 --- a/test/tls13encryptiontest.c +++ b/test/tls13encryptiontest.c @@ -335,10 +335,11 @@ static int test_tls13_encryption(void) if (!TEST_true(ossl_tls_record_method.new_record_layer( NULL, NULL, TLS1_3_VERSION, OSSL_RECORD_ROLE_SERVER, OSSL_RECORD_DIRECTION_WRITE, - OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, key, 16, - iv, ivlen, NULL, 0, EVP_aes_128_gcm(), + OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, NULL, 0, + key, 16, iv, ivlen, NULL, 0, EVP_aes_128_gcm(), EVP_GCM_TLS_TAG_LEN, 0, NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, &wrl))) + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + &wrl))) goto err; memcpy(wrl->sequence, seqbuf, sizeof(seqbuf)); @@ -357,10 +358,11 @@ static int test_tls13_encryption(void) if (!TEST_true(ossl_tls_record_method.new_record_layer( NULL, NULL, TLS1_3_VERSION, OSSL_RECORD_ROLE_SERVER, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, key, 16, - iv, ivlen, NULL, 0, EVP_aes_128_gcm(), + OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, NULL, 0, + key, 16, iv, ivlen, NULL, 0, EVP_aes_128_gcm(), EVP_GCM_TLS_TAG_LEN, 0, NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, &rrl))) + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + &rrl))) goto err; memcpy(rrl->sequence, seqbuf, sizeof(seqbuf)); diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c index 923e713c00..f51dd9e9db 100644 --- a/test/tls13secretstest.c +++ b/test/tls13secretstest.c @@ -218,12 +218,13 @@ void ssl_evp_md_free(const EVP_MD *md) } int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction, - int level, unsigned char *key, size_t keylen, + int level, unsigned char *secret, size_t secretlen, + unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, const EVP_MD *md, - const SSL_COMP *comp) + const SSL_COMP *comp, const EVP_MD *kdfdigest) { return 0; } |