From 6ea83a9d368435f04212028ac5fffc60f129362f Mon Sep 17 00:00:00 2001 From: jsing Date: Sun, 24 Jul 2022 14:16:29 +0000 Subject: [PATCH] Provide QUIC encryption levels. QUIC wants to know what "encryption level" handshake messages should be sent at. Provide an ssl_encryption_level_t enum (via BoringSSL) that defines these (of course quictls decided to make this an OSSL_ENCRYPTION_LEVEL typedef, so provide that as well). Wire these through to tls13_record_layer_set_{read,write}_traffic_key() so that they can be used in upcoming commits. ok tb@ --- lib/libssl/ssl.h | 13 ++++++++++++- lib/libssl/tls13_client.c | 10 +++++----- lib/libssl/tls13_internal.h | 6 +++--- lib/libssl/tls13_lib.c | 8 +++++--- lib/libssl/tls13_record_layer.c | 6 +++--- lib/libssl/tls13_server.c | 10 +++++----- 6 files changed, 33 insertions(+), 20 deletions(-) diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h index 03e30441e0d..14fb094e712 100644 --- a/lib/libssl/ssl.h +++ b/lib/libssl/ssl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.h,v 1.221 2022/07/17 14:49:01 jsing Exp $ */ +/* $OpenBSD: ssl.h,v 1.222 2022/07/24 14:16:29 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1577,6 +1577,17 @@ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level); int SSL_CTX_get_security_level(const SSL_CTX *ctx); #if defined(LIBRESSL_HAS_QUIC) || defined(LIBRESSL_INTERNAL) +/* + * ssl_encryption_level_t specifies the QUIC encryption level used to transmit + * handshake messages. + */ +typedef enum ssl_encryption_level_t { + ssl_encryption_initial = 0, + ssl_encryption_early_data, + ssl_encryption_handshake, + ssl_encryption_application, +} OSSL_ENCRYPTION_LEVEL; + int SSL_is_quic(const SSL *ssl); /* diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c index cc01329e515..b1efafdfdde 100644 --- a/lib/libssl/tls13_client.c +++ b/lib/libssl/tls13_client.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_client.c,v 1.96 2022/07/22 14:53:07 tb Exp $ */ +/* $OpenBSD: tls13_client.c,v 1.97 2022/07/24 14:16:29 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -382,10 +382,10 @@ tls13_client_engage_record_protection(struct tls13_ctx *ctx) tls13_record_layer_set_hash(ctx->rl, ctx->hash); if (!tls13_record_layer_set_read_traffic_key(ctx->rl, - &secrets->server_handshake_traffic)) + &secrets->server_handshake_traffic, ssl_encryption_handshake)) goto err; if (!tls13_record_layer_set_write_traffic_key(ctx->rl, - &secrets->client_handshake_traffic)) + &secrets->client_handshake_traffic, ssl_encryption_handshake)) goto err; ret = 1; @@ -801,7 +801,7 @@ tls13_server_finished_recv(struct tls13_ctx *ctx, CBS *cbs) * using the server application traffic keys. */ if (!tls13_record_layer_set_read_traffic_key(ctx->rl, - &secrets->server_application_traffic)) + &secrets->server_application_traffic, ssl_encryption_application)) goto err; tls13_record_layer_allow_ccs(ctx->rl, 0); @@ -1080,5 +1080,5 @@ tls13_client_finished_sent(struct tls13_ctx *ctx) * using the client application traffic keys. */ return tls13_record_layer_set_write_traffic_key(ctx->rl, - &secrets->client_application_traffic); + &secrets->client_application_traffic, ssl_encryption_application); } diff --git a/lib/libssl/tls13_internal.h b/lib/libssl/tls13_internal.h index 599eb200cbc..6382f8b0483 100644 --- a/lib/libssl/tls13_internal.h +++ b/lib/libssl/tls13_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_internal.h,v 1.99 2022/07/20 06:32:24 jsing Exp $ */ +/* $OpenBSD: tls13_internal.h,v 1.100 2022/07/24 14:16:29 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck * Copyright (c) 2018 Theo Buehler @@ -199,9 +199,9 @@ void tls13_record_layer_set_legacy_version(struct tls13_record_layer *rl, void tls13_record_layer_set_retry_after_phh(struct tls13_record_layer *rl, int retry); void tls13_record_layer_handshake_completed(struct tls13_record_layer *rl); int tls13_record_layer_set_read_traffic_key(struct tls13_record_layer *rl, - struct tls13_secret *read_key); + struct tls13_secret *read_key, enum ssl_encryption_level_t read_level); int tls13_record_layer_set_write_traffic_key(struct tls13_record_layer *rl, - struct tls13_secret *write_key); + struct tls13_secret *write_key, enum ssl_encryption_level_t write_level); ssize_t tls13_record_layer_send_pending(struct tls13_record_layer *rl); ssize_t tls13_record_layer_phh(struct tls13_record_layer *rl, CBS *cbs); ssize_t tls13_record_layer_flush(struct tls13_record_layer *rl); diff --git a/lib/libssl/tls13_lib.c b/lib/libssl/tls13_lib.c index 8d0e030b5a2..9d62479f150 100644 --- a/lib/libssl/tls13_lib.c +++ b/lib/libssl/tls13_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_lib.c,v 1.67 2022/07/20 06:32:24 jsing Exp $ */ +/* $OpenBSD: tls13_lib.c,v 1.68 2022/07/24 14:16:29 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * Copyright (c) 2019 Bob Beck @@ -230,7 +230,8 @@ tls13_phh_update_read_traffic_secret(struct tls13_ctx *ctx) return 0; } - return tls13_record_layer_set_read_traffic_key(ctx->rl, secret); + return tls13_record_layer_set_read_traffic_key(ctx->rl, + secret, ssl_encryption_application); } static int @@ -249,7 +250,8 @@ tls13_phh_update_write_traffic_secret(struct tls13_ctx *ctx) return 0; } - return tls13_record_layer_set_write_traffic_key(ctx->rl, secret); + return tls13_record_layer_set_write_traffic_key(ctx->rl, + secret, ssl_encryption_application); } /* diff --git a/lib/libssl/tls13_record_layer.c b/lib/libssl/tls13_record_layer.c index 2b7052c30e9..c92fd8d193d 100644 --- a/lib/libssl/tls13_record_layer.c +++ b/lib/libssl/tls13_record_layer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_record_layer.c,v 1.68 2022/07/20 06:32:24 jsing Exp $ */ +/* $OpenBSD: tls13_record_layer.c,v 1.69 2022/07/24 14:16:29 jsing Exp $ */ /* * Copyright (c) 2018, 2019 Joel Sing * @@ -487,7 +487,7 @@ tls13_record_layer_set_traffic_key(const EVP_AEAD *aead, const EVP_MD *hash, int tls13_record_layer_set_read_traffic_key(struct tls13_record_layer *rl, - struct tls13_secret *read_key) + struct tls13_secret *read_key, enum ssl_encryption_level_t read_level) { return tls13_record_layer_set_traffic_key(rl->aead, rl->hash, rl->read, read_key); @@ -495,7 +495,7 @@ tls13_record_layer_set_read_traffic_key(struct tls13_record_layer *rl, int tls13_record_layer_set_write_traffic_key(struct tls13_record_layer *rl, - struct tls13_secret *write_key) + struct tls13_secret *write_key, enum ssl_encryption_level_t write_level) { return tls13_record_layer_set_traffic_key(rl->aead, rl->hash, rl->write, write_key); diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index c5c86ab95f5..5aee5f1a939 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.99 2022/07/02 16:00:12 tb Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.100 2022/07/24 14:16:29 jsing Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing * Copyright (c) 2020 Bob Beck @@ -403,10 +403,10 @@ tls13_server_engage_record_protection(struct tls13_ctx *ctx) tls13_record_layer_set_hash(ctx->rl, ctx->hash); if (!tls13_record_layer_set_read_traffic_key(ctx->rl, - &secrets->client_handshake_traffic)) + &secrets->client_handshake_traffic, ssl_encryption_handshake)) goto err; if (!tls13_record_layer_set_write_traffic_key(ctx->rl, - &secrets->server_handshake_traffic)) + &secrets->server_handshake_traffic, ssl_encryption_handshake)) goto err; ctx->handshake_stage.hs_type |= NEGOTIATED; @@ -850,7 +850,7 @@ tls13_server_finished_sent(struct tls13_ctx *ctx) * using the server application traffic keys. */ return tls13_record_layer_set_write_traffic_key(ctx->rl, - &secrets->server_application_traffic); + &secrets->server_application_traffic, ssl_encryption_application); } int @@ -1094,7 +1094,7 @@ tls13_client_finished_recv(struct tls13_ctx *ctx, CBS *cbs) * using the client application traffic keys. */ if (!tls13_record_layer_set_read_traffic_key(ctx->rl, - &secrets->client_application_traffic)) + &secrets->client_application_traffic, ssl_encryption_application)) goto err; tls13_record_layer_allow_ccs(ctx->rl, 0); -- 2.20.1