diff options
| author | Hugo Landau <hlandau@openssl.org> | 2023-06-06 16:25:10 +0100 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2023-07-17 08:17:57 +1000 |
| commit | dfe5e7fa987c0e79c165a677d6572a04105528e3 (patch) | |
| tree | d216264228eb2b0a1047fa1e0939f5b5d3b9b3fc /include | |
| parent | 85bbef270c1d15ec34e152c13f41ec0c298f5459 (diff) | |
QUIC CONFORMANCE: RFC 9000 s. 12.3: PN duplicate suppression
Make sure PN duplicate suppression is side-channel safe by doing
the duplicate test after AEAD verification.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21135)
Diffstat (limited to 'include')
| -rw-r--r-- | include/internal/quic_record_rx.h | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/include/internal/quic_record_rx.h b/include/internal/quic_record_rx.h index 29755e2df1..f9a69c6c53 100644 --- a/include/internal/quic_record_rx.h +++ b/include/internal/quic_record_rx.h @@ -309,29 +309,28 @@ int ossl_qrx_unprocessed_read_pending(OSSL_QRX *qrx); uint64_t ossl_qrx_get_bytes_received(OSSL_QRX *qrx, int clear); /* - * Sets a callback which is called when a packet is received and being - * validated before being queued in the read queue. This is called before packet - * body decryption. pn_space is a QUIC_PN_SPACE_* value denoting which PN space - * the PN belongs to. + * Sets a callback which is called when a packet is received and being validated + * before being queued in the read queue. This is called after packet body + * decryption and authentication to prevent exposing side channels. pn_space is + * a QUIC_PN_SPACE_* value denoting which PN space the PN belongs to. * * If this callback returns 1, processing continues normally. * If this callback returns 0, the packet is discarded. * * Other packets in the same datagram will still be processed where possible. * - * The intended use for this function is to allow early validation of whether - * a PN is a potential duplicate before spending CPU time decrypting the - * packet payload. + * The intended use for this function is to allow validation of whether a PN is + * a potential duplicate before spending CPU time decrypting the packet payload. * * The callback is optional and can be unset by passing NULL for cb. * cb_arg is an opaque value passed to cb. */ -typedef int (ossl_qrx_early_validation_cb)(QUIC_PN pn, int pn_space, - void *arg); +typedef int (ossl_qrx_late_validation_cb)(QUIC_PN pn, int pn_space, + void *arg); -int ossl_qrx_set_early_validation_cb(OSSL_QRX *qrx, - ossl_qrx_early_validation_cb *cb, - void *cb_arg); +int ossl_qrx_set_late_validation_cb(OSSL_QRX *qrx, + ossl_qrx_late_validation_cb *cb, + void *cb_arg); /* * Forcibly injects a URXE which has been issued by the DEMUX into the QRX for |