From: Frederic Lecaille Date: Fri, 30 Aug 2024 12:14:24 +0000 (+0200) Subject: MINOR: quic: Implement quic_tls_derive_token_secret(). X-Git-Tag: v3.1-dev7~30 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=74caa0eece1cc3a8b35f1d34674ea5f357819314;p=thirdparty%2Fhaproxy.git MINOR: quic: Implement quic_tls_derive_token_secret(). This is function is similar to quic_tls_derive_retry_token_secret(). Its aim is to derive the secret used to cipher the token to be used for future connections. This patch renames quic_tls_derive_retry_token_secret() to a more and reuses its code to produce a more generic one: quic_do_tls_derive_token_secret(). Two arguments are added to this latter to produce both quic_tls_derive_retry_token_secret() and quic_tls_derive_token_secret() new function which calls quic_do_tls_derive_token_secret(). --- diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h index 757b78fb46..d8bdf7134c 100644 --- a/include/haproxy/quic_tls.h +++ b/include/haproxy/quic_tls.h @@ -90,6 +90,12 @@ int quic_tls_derive_retry_token_secret(const EVP_MD *md, const unsigned char *salt, size_t saltlen, const unsigned char *secret, size_t secretlen); +int quic_tls_derive_token_secret(const EVP_MD *md, + unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen, + const unsigned char *salt, size_t saltlen, + const unsigned char *secret, size_t secretlen); + int quic_hkdf_expand(const EVP_MD *md, unsigned char *buf, size_t buflen, const unsigned char *key, size_t keylen, diff --git a/src/quic_tls.c b/src/quic_tls.c index e1f5f21755..af087dc76a 100644 --- a/src/quic_tls.c +++ b/src/quic_tls.c @@ -950,27 +950,56 @@ int quic_tls_decrypt2(unsigned char *out, * with which is not pseudo-random. * Return 1 if succeeded, 0 if not. */ -int quic_tls_derive_retry_token_secret(const EVP_MD *md, - unsigned char *key, size_t keylen, - unsigned char *iv, size_t ivlen, - const unsigned char *salt, size_t saltlen, - const unsigned char *secret, size_t secretlen) +static inline int quic_do_tls_derive_token_secret(const EVP_MD *md, unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen, + const unsigned char *salt, size_t saltlen, + const unsigned char *secret, size_t secretlen, + const unsigned char *klabel, size_t klabellen, + const unsigned char *ivlabel, size_t ivlabellen) { unsigned char tmpkey[QUIC_TLS_KEY_LEN]; - const unsigned char key_label[] = "retry token key"; - const unsigned char iv_label[] = "retry token iv"; if (!quic_hkdf_extract(md, tmpkey, sizeof tmpkey, secret, secretlen, salt, saltlen) || !quic_hkdf_expand(md, key, keylen, tmpkey, sizeof tmpkey, - key_label, sizeof key_label - 1) || + klabel, klabellen) || !quic_hkdf_expand(md, iv, ivlen, tmpkey, sizeof tmpkey, - iv_label, sizeof iv_label - 1)) + ivlabel, ivlabellen)) return 0; return 1; } +int quic_tls_derive_retry_token_secret(const EVP_MD *md, + unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen, + const unsigned char *salt, size_t saltlen, + const unsigned char *secret, size_t secretlen) +{ + const unsigned char key_label[] = "retry token key"; + const unsigned char iv_label[] = "retry token iv"; + + return quic_do_tls_derive_token_secret(md, key, keylen, iv, ivlen, + salt, saltlen, secret, secretlen, + key_label, sizeof(key_label) - 1, + iv_label, sizeof(iv_label) -1); +} + +int quic_tls_derive_token_secret(const EVP_MD *md, + unsigned char *key, size_t keylen, + unsigned char *iv, size_t ivlen, + const unsigned char *salt, size_t saltlen, + const unsigned char *secret, size_t secretlen) +{ + const unsigned char key_label[] = "token key"; + const unsigned char iv_label[] = "token iv"; + + return quic_do_tls_derive_token_secret(md, key, keylen, iv, ivlen, + salt, saltlen, secret, secretlen, + key_label, sizeof(key_label) - 1, + iv_label, sizeof(iv_label) -1); +} + /* Generate the AEAD tag for the Retry packet of bytes and * write it to . The tag is written just after the area. It should * be at least 16 bytes longs. is the CID of the Initial packet