]> git.ipfire.org Git - thirdparty/haproxy.git/commitdiff
projects / thirdparty / haproxy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65f18d6)
BUG/MEDIUM: quic: token IV was not computed using a strong secret
authorEmeric Brun <ebrun@haproxy.com>
Mon, 3 Jul 2023 10:14:41 +0000 (12:14 +0200)
committerAmaury Denoyelle <adenoyelle@haproxy.com>
Wed, 12 Jul 2023 12:30:07 +0000 (14:30 +0200)
Computing the token key and IV, a stronger derived key was used
to compute the key but the weak secret was still used to compute
the IV. This could be used to found the secret.

This patch fix this using the same derived key than the one used
to compute the token key.

This should backport until v2.6

src/quic_tls.c patch | blob | blame | history

diff --git a/src/quic_tls.c b/src/quic_tls.c
index f80e486e6ace1583ee1d8e5e719de31dc8e1d656..5e4366368d2ed18e587c3567c22b0860dac61f58 100644 (file)
--- a/src/quic_tls.c
+++ b/src/quic_tls.c
@@ -775,7 +775,7 @@ int quic_tls_derive_retry_token_secret(const EVP_MD *md,
                                          tmpkey_label, sizeof tmpkey_label - 1) ||
            !quic_hkdf_expand(md, key, keylen, tmpkey, sizeof tmpkey,
                              key_label, sizeof key_label - 1) ||
-           !quic_hkdf_expand(md, iv, ivlen, secret, secretlen,
+           !quic_hkdf_expand(md, iv, ivlen, tmpkey, sizeof tmpkey,
                              iv_label, sizeof iv_label - 1))
                return 0;
 
Mirror of https://github.com/haproxy/haproxy.git