return EVP_aes_128_gcm();
case TLS1_3_CK_AES_256_GCM_SHA384:
return EVP_aes_256_gcm();
-#ifndef OPENSSL_IS_BORINGSSL
- /* XXX TO DO XXX */
- /* Note that for chacha20_poly1305, there exists EVP_AEAD_chacha20_poly135() function
- * which returns a pointer to const EVP_AEAD.
- */
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
return EVP_chacha20_poly1305();
case TLS1_3_CK_AES_128_CCM_SHA256:
return EVP_aes_128_ccm();
-#endif
default:
return NULL;
}
{
switch (SSL_CIPHER_get_id(cipher)) {
case TLS1_3_CK_AES_128_GCM_SHA256:
-#ifndef OPENSSL_IS_BORINGSSL
- /* XXX TO DO XXX */
- /* Note that for chacha20_poly1305, there exists EVP_AEAD_chacha20_poly135() function
- * which returns a pointer to const EVP_AEAD.
- */
case TLS1_3_CK_AES_128_CCM_SHA256:
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
-#endif
return EVP_sha256();
case TLS1_3_CK_AES_256_GCM_SHA384:
return EVP_sha384();
static inline const EVP_CIPHER *tls_hp(const SSL_CIPHER *cipher)
{
switch (SSL_CIPHER_get_id(cipher)) {
-#ifndef OPENSSL_IS_BORINGSSL
- /* XXX TO DO XXX */
- /* Note that for chacha20_poly1305, there exists EVP_AEAD_chacha20_poly135() function
- * which returns a pointer to const EVP_AEAD.
- */
case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
return EVP_chacha20();
case TLS1_3_CK_AES_128_CCM_SHA256:
-#endif
case TLS1_3_CK_AES_128_GCM_SHA256:
return EVP_aes_128_ctr();
case TLS1_3_CK_AES_256_GCM_SHA384:
return "WANT_CONNECT";
case SSL_ERROR_WANT_ACCEPT:
return "WANT_ACCEPT";
-#ifndef OPENSSL_IS_BORINGSSL
case SSL_ERROR_WANT_ASYNC:
return "WANT_ASYNC";
case SSL_ERROR_WANT_ASYNC_JOB:
return "WANT_ASYNC_JOB";
case SSL_ERROR_WANT_CLIENT_HELLO_CB:
return "WANT_CLIENT_HELLO_CB";
-#endif
default:
return "UNKNOWN";
}
#include <openssl/ssl.h>
-#if defined(OPENSSL_IS_BORINGSSL)
-#include <openssl/hkdf.h>
-#else
#include <openssl/evp.h>
#include <openssl/kdf.h>
-#endif
#include <haproxy/buf.h>
#include <haproxy/chunk.h>
-//#include <haproxy/quic_tls-t.h>
#include <haproxy/xprt_quic.h>
chunk_appendf(buf, "%02x", secret[i]);
}
-#if defined(OPENSSL_IS_BORINGSSL)
-int quic_hkdf_extract(const EVP_MD *md,
- unsigned char *buf, size_t *buflen,
- const unsigned char *key, size_t keylen,
- const unsigned char *salt, size_t saltlen)
-{
- return HKDF_extract(buf, buflen, md, key, keylen, salt, saltlen);
-}
-
-int quic_hkdf_expand(const EVP_MD *md,
- unsigned char *buf, size_t buflen,
- const unsigned char *key, size_t keylen,
- const unsigned char *label, size_t labellen)
-{
- return HKDF_expand(buf, buflen, md, key, keylen, label, labellen);
-}
-#else
int quic_hkdf_extract(const EVP_MD *md,
unsigned char *buf, size_t buflen,
const unsigned char *key, size_t keylen,
return 0;
}
-#endif
-
/* https://quicwg.org/base-drafts/draft-ietf-quic-tls.html#protection-keys
* refers to:
*
qc->ku.nxt_tx.key = curr_key;
}
-#ifndef OPENSSL_IS_BORINGSSL
int ha_quic_set_encryption_secrets(SSL *ssl, enum ssl_encryption_level_t level,
const uint8_t *read_secret,
const uint8_t *write_secret, size_t secret_len)
TRACE_DEVEL("leaving in error", QUIC_EV_CONN_RWSEC, qc);
return 0;
}
-#else
-/* ->set_read_secret callback to derive the RX secrets at <level> encryption
- * level.
- * Returns 1 if succeeded, 0 if not.
- */
-int ha_set_rsec(SSL *ssl, enum ssl_encryption_level_t level,
- const SSL_CIPHER *cipher,
- const uint8_t *secret, size_t secret_len)
-{
- struct quic_conn *qc = SSL_get_ex_data(ssl, ssl_qc_app_data_index);
- struct quic_tls_ctx *tls_ctx =
- &qc->els[ssl_to_quic_enc_level(level)].tls_ctx;
-
- TRACE_ENTER(QUIC_EV_CONN_RSEC, qc);
- if (qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE) {
- TRACE_PROTO("CC required", QUIC_EV_CONN_RSEC, qc);
- goto out;
- }
-
- tls_ctx->rx.aead = tls_aead(cipher);
- tls_ctx->rx.md = tls_md(cipher);
- tls_ctx->rx.hp = tls_hp(cipher);
-
- if (!(ctx->rx.key = pool_alloc(pool_head_quic_tls_key)))
- goto err;
-
- if (!quic_tls_derive_keys(tls_ctx->rx.aead, tls_ctx->rx.hp, tls_ctx->rx.md,
- tls_ctx->rx.key, tls_ctx->rx.keylen,
- tls_ctx->rx.iv, tls_ctx->rx.ivlen,
- tls_ctx->rx.hp_key, sizeof tls_ctx->rx.hp_key,
- secret, secret_len)) {
- TRACE_DEVEL("RX key derivation failed", QUIC_EV_CONN_RSEC, qc);
- goto err;
- }
-
- if (!qc_is_listener(qc) && level == ssl_encryption_application) {
- const unsigned char *buf;
- size_t buflen;
-
- SSL_get_peer_quic_transport_params(ssl, &buf, &buflen);
- if (!buflen)
- goto err;
-
- if (!quic_transport_params_store(qc, 1, buf, buf + buflen))
- goto err;
- }
-
- tls_ctx->rx.flags |= QUIC_FL_TLS_SECRETS_SET;
- out:
- TRACE_LEAVE(QUIC_EV_CONN_RSEC, qc, &level, secret, &secret_len);
-
- return 1;
-
- err:
- TRACE_DEVEL("leaving in error", QUIC_EV_CONN_RSEC, qc);
- return 0;
-}
-
-/* ->set_write_secret callback to derive the TX secrets at <level>
- * encryption level.
- * Returns 1 if succeeded, 0 if not.
- */
-int ha_set_wsec(SSL *ssl, enum ssl_encryption_level_t level,
- const SSL_CIPHER *cipher,
- const uint8_t *secret, size_t secret_len)
-{
- struct quic_conn *qc = SSL_get_ex_data(ssl, ssl_qc_app_data_index);
- struct quic_tls_ctx *tls_ctx = &qc->els[ssl_to_quic_enc_level(level)].tls_ctx;
-
- TRACE_ENTER(QUIC_EV_CONN_WSEC, qc);
- if (qc->flags & QUIC_FL_CONN_IMMEDIATE_CLOSE) {
- TRACE_PROTO("CC required", QUIC_EV_CONN_WSEC, qc);
- goto out;
- }
-
- if (!(ctx->tx.key = pool_alloc(pool_head_quic_tls_key)))
- goto err;
-
- tls_ctx->tx.aead = tls_aead(cipher);
- tls_ctx->tx.md = tls_md(cipher);
- tls_ctx->tx.hp = tls_hp(cipher);
-
- if (!quic_tls_derive_keys(tls_ctx->tx.aead, tls_ctx->tx.hp, tls_ctx->tx.md,
- tls_ctx->tx.key, tls_ctx->tx.keylen,
- tls_ctx->tx.iv, tls_ctx->tx.ivlen,
- tls_ctx->tx.hp_key, sizeof tls_ctx->tx.hp_key,
- secret, secret_len)) {
- TRACE_DEVEL("TX key derivation failed", QUIC_EV_CONN_WSEC, qc);
- goto err;
- }
-
- tls_ctx->tx.flags |= QUIC_FL_TLS_SECRETS_SET;
- TRACE_LEAVE(QUIC_EV_CONN_WSEC, qc, &level, secret, &secret_len);
- out:
- return 1;
-
- err:
- TRACE_DEVEL("leaving in error", QUIC_EV_CONN_WSEC, qc);
- return 0;
-}
-#endif
/* This function copies the CRYPTO data provided by the TLS stack found at <data>
* with <len> as size in CRYPTO buffers dedicated to store the information about
/* QUIC TLS methods */
static SSL_QUIC_METHOD ha_quic_method = {
-#ifdef OPENSSL_IS_BORINGSSL
- .set_read_secret = ha_set_rsec,
- .set_write_secret = ha_set_wsec,
-#else
.set_encryption_secrets = ha_quic_set_encryption_secrets,
-#endif
.add_handshake_data = ha_quic_add_handshake_data,
.flush_flight = ha_quic_flush_flight,
.send_alert = ha_quic_send_alert,
SSL_CTX_set_max_proto_version(ctx, TLS1_3_VERSION);
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
-#ifdef OPENSSL_IS_BORINGSSL
- SSL_CTX_set_select_certificate_cb(ctx, ssl_sock_switchctx_cbk);
- SSL_CTX_set_tlsext_servername_callback(ctx, ssl_sock_switchctx_err_cbk);
-#elif (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
+#if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L)
if (bind_conf->ssl_conf.early_data) {
SSL_CTX_set_options(ctx, SSL_OP_NO_ANTI_REPLAY);
SSL_CTX_set_max_early_data(ctx, 0xffffffff);
projects / thirdparty / haproxy.git / commitdiff
