2 * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/quic_record_util.h"
11 #include "internal/quic_wire_pkt.h"
12 #include <openssl/kdf.h>
13 #include <openssl/core_names.h>
16 * QUIC Key Derivation Utilities
17 * =============================
19 int ossl_quic_hkdf_extract(OSSL_LIB_CTX
*libctx
,
22 const unsigned char *salt
, size_t salt_len
,
23 const unsigned char *ikm
, size_t ikm_len
,
24 unsigned char *out
, size_t out_len
)
28 EVP_KDF_CTX
*kctx
= NULL
;
29 OSSL_PARAM params
[7], *p
= params
;
30 int mode
= EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY
;
33 if ((md_name
= EVP_MD_get0_name(md
)) == NULL
34 || (kdf
= EVP_KDF_fetch(libctx
, OSSL_KDF_NAME_HKDF
, propq
)) == NULL
35 || (kctx
= EVP_KDF_CTX_new(kdf
)) == NULL
)
38 *p
++ = OSSL_PARAM_construct_int(OSSL_KDF_PARAM_MODE
, &mode
);
39 *p
++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST
,
41 *p
++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT
,
42 (unsigned char *)salt
, salt_len
);
43 *p
++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY
,
44 (unsigned char *)ikm
, ikm_len
);
45 *p
++ = OSSL_PARAM_construct_end();
47 ret
= EVP_KDF_derive(kctx
, out
, out_len
, params
);
50 EVP_KDF_CTX_free(kctx
);
56 * QUIC Record Layer Ciphersuite Info
57 * ==================================
61 const char *cipher_name
, *md_name
;
62 uint32_t secret_len
, cipher_key_len
, cipher_iv_len
, cipher_tag_len
;
63 uint32_t hdr_prot_key_len
, hdr_prot_cipher_id
;
66 static const struct suite_info suite_aes128gcm
= {
67 "AES-128-GCM", "SHA256", 32, 16, 12, 16, 16,
68 QUIC_HDR_PROT_CIPHER_AES_128
71 static const struct suite_info suite_aes256gcm
= {
72 "AES-256-GCM", "SHA384", 48, 32, 12, 16, 32,
73 QUIC_HDR_PROT_CIPHER_AES_256
76 static const struct suite_info suite_chacha20poly1305
= {
77 "ChaCha20-Poly1305", "SHA256", 32, 32, 12, 16, 32,
78 QUIC_HDR_PROT_CIPHER_CHACHA
81 static const struct suite_info
*get_suite(uint32_t suite_id
)
84 case QRL_SUITE_AES128GCM
:
85 return &suite_aes128gcm
;
86 case QRL_SUITE_AES256GCM
:
87 return &suite_aes256gcm
;
88 case QRL_SUITE_CHACHA20POLY1305
:
89 return &suite_chacha20poly1305
;
95 const char *ossl_qrl_get_suite_cipher_name(uint32_t suite_id
)
97 const struct suite_info
*c
= get_suite(suite_id
);
98 return c
!= NULL
? c
->cipher_name
: NULL
;
101 const char *ossl_qrl_get_suite_md_name(uint32_t suite_id
)
103 const struct suite_info
*c
= get_suite(suite_id
);
104 return c
!= NULL
? c
->md_name
: NULL
;
107 uint32_t ossl_qrl_get_suite_secret_len(uint32_t suite_id
)
109 const struct suite_info
*c
= get_suite(suite_id
);
110 return c
!= NULL
? c
->secret_len
: 0;
113 uint32_t ossl_qrl_get_suite_cipher_key_len(uint32_t suite_id
)
115 const struct suite_info
*c
= get_suite(suite_id
);
116 return c
!= NULL
? c
->cipher_key_len
: 0;
119 uint32_t ossl_qrl_get_suite_cipher_iv_len(uint32_t suite_id
)
121 const struct suite_info
*c
= get_suite(suite_id
);
122 return c
!= NULL
? c
->cipher_iv_len
: 0;
125 uint32_t ossl_qrl_get_suite_cipher_tag_len(uint32_t suite_id
)
127 const struct suite_info
*c
= get_suite(suite_id
);
128 return c
!= NULL
? c
->cipher_tag_len
: 0;
131 uint32_t ossl_qrl_get_suite_hdr_prot_cipher_id(uint32_t suite_id
)
133 const struct suite_info
*c
= get_suite(suite_id
);
134 return c
!= NULL
? c
->hdr_prot_cipher_id
: 0;
137 uint32_t ossl_qrl_get_suite_hdr_prot_key_len(uint32_t suite_id
)
139 const struct suite_info
*c
= get_suite(suite_id
);
140 return c
!= NULL
? c
->hdr_prot_key_len
: 0;