From: Matt Caswell Date: Mon, 14 Nov 2022 14:19:53 +0000 (+0000) Subject: Extend the new_record_layer function X-Git-Tag: openssl-3.2.0-alpha1~1393 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3f9175c7a46b13a3528d9b5776030a78eb1f9454;p=thirdparty%2Fopenssl.git Extend the new_record_layer function Add the ability to pass the main secret and length, as well as the digest used for the KDF. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/19748) --- diff --git a/include/internal/recordmethod.h b/include/internal/recordmethod.h index d6d432413a7..fda3549590c 100644 --- a/include/internal/recordmethod.h +++ b/include/internal/recordmethod.h @@ -124,6 +124,8 @@ struct ossl_record_method_st { int role, int direction, int level, uint16_t epoch, + unsigned char *secret, + size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, @@ -135,6 +137,7 @@ struct ossl_record_method_st { int mactype, const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, BIO *next, diff --git a/ssl/d1_lib.c b/ssl/d1_lib.c index 83ef67275eb..3e644b3098d 100644 --- a/ssl/d1_lib.c +++ b/ssl/d1_lib.c @@ -820,9 +820,9 @@ int DTLSv1_listen(SSL *ssl, BIO_ADDR *client) if (!ssl_set_new_record_layer(s, DTLS_ANY_VERSION, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL)) { + NID_undef, NULL, NULL, NULL)) { /* SSLfatal already called */ ret = -1; goto end; diff --git a/ssl/record/methods/dtls_meth.c b/ssl/record/methods/dtls_meth.c index 55e49188cd1..2dae86b44cc 100644 --- a/ssl/record/methods/dtls_meth.c +++ b/ssl/record/methods/dtls_meth.c @@ -624,12 +624,14 @@ static int dtls_free(OSSL_RECORD_LAYER *rl) static int dtls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, int role, int direction, int level, uint16_t epoch, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, - const EVP_MD *md, COMP_METHOD *comp, BIO *prev, - BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, + const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, + BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) diff --git a/ssl/record/methods/ktls_meth.c b/ssl/record/methods/ktls_meth.c index 21f7c41b448..5cd833d070d 100644 --- a/ssl/record/methods/ktls_meth.c +++ b/ssl/record/methods/ktls_meth.c @@ -402,12 +402,14 @@ static int ktls_post_process_record(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec) static int ktls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, int role, int direction, int level, uint16_t epoch, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, - const EVP_MD *md, COMP_METHOD *comp, BIO *prev, - BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, + const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, + BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) diff --git a/ssl/record/methods/tls_common.c b/ssl/record/methods/tls_common.c index 9fca10c50e7..91d15450856 100644 --- a/ssl/record/methods/tls_common.c +++ b/ssl/record/methods/tls_common.c @@ -1324,12 +1324,14 @@ tls_int_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, static int tls_new_record_layer(OSSL_LIB_CTX *libctx, const char *propq, int vers, int role, int direction, int level, uint16_t epoch, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, - const EVP_MD *md, COMP_METHOD *comp, BIO *prev, - BIO *transport, BIO *next, BIO_ADDR *local, BIO_ADDR *peer, + const EVP_MD *md, COMP_METHOD *comp, + const EVP_MD *kdfdigest, BIO *prev, BIO *transport, + BIO *next, BIO_ADDR *local, BIO_ADDR *peer, const OSSL_PARAM *settings, const OSSL_PARAM *options, const OSSL_DISPATCH *fns, void *cbarg, void *rlarg, OSSL_RECORD_LAYER **retrl) diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 7fa22bb02b3..fadac90e527 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -1155,12 +1155,13 @@ static int ssl_post_record_layer_select(SSL_CONNECTION *s, int direction) int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction, int level, + unsigned char *secret, size_t secretlen, unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, const EVP_MD *md, - const SSL_COMP *comp) + const SSL_COMP *comp, const EVP_MD *kdfdigest) { OSSL_PARAM options[5], *opts = options; OSSL_PARAM settings[6], *set = settings; @@ -1330,11 +1331,12 @@ int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, rlret = meth->new_record_layer(sctx->libctx, sctx->propq, version, s->server, direction, level, epoch, - key, keylen, iv, ivlen, mackey, - mackeylen, ciph, taglen, mactype, md, - compm, prev, thisbio, next, NULL, NULL, - settings, options, rlayer_dispatch_tmp, - s, s->rlayer.rlarg, &newrl); + secret, secretlen, key, keylen, iv, + ivlen, mackey, mackeylen, ciph, taglen, + mactype, md, compm, kdfdigest, prev, + thisbio, next, NULL, NULL, settings, + options, rlayer_dispatch_tmp, s, + s->rlayer.rlarg, &newrl); BIO_free(prev); switch (rlret) { case OSSL_RECORD_RETURN_FATAL: diff --git a/ssl/record/record.h b/ssl/record/record.h index e2fdd05f0c9..cd2b78698db 100644 --- a/ssl/record/record.h +++ b/ssl/record/record.h @@ -173,13 +173,15 @@ void ssl_release_record(SSL_CONNECTION *s, TLS_RECORD *rr); int ossl_tls_handle_rlayer_return(SSL_CONNECTION *s, int writing, int ret, char *file, int line); -int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction, - int level, unsigned char *key, size_t keylen, +int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, + int direction, int level, + unsigned char *secret, size_t secretlen, + unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, const EVP_MD *md, - const SSL_COMP *comp); + const SSL_COMP *comp, const EVP_MD *kdfdigest); int ssl_set_record_protocol_version(SSL_CONNECTION *s, int vers); # define OSSL_FUNC_RLAYER_SKIP_EARLY_DATA 1 diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 67123c73721..d13a28697e6 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -146,8 +146,8 @@ int ssl3_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, SSL3_VERSION, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, key_len, iv, iv_len, mac_secret, - md_len, ciph, 0, NID_undef, md, comp)) { + NULL, 0, key, key_len, iv, iv_len, mac_secret, + md_len, ciph, 0, NID_undef, md, comp, NULL)) { /* SSLfatal already called */ goto err; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 1a5bc6d3e40..ffae69bc38b 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -553,17 +553,18 @@ static int clear_record_layer(SSL_CONNECTION *s) SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION : TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL); + NID_undef, NULL, NULL, NULL); ret &= ssl_set_new_record_layer(s, SSL_CONNECTION_IS_DTLS(s) ? DTLS_ANY_VERSION : TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, - OSSL_RECORD_PROTECTION_LEVEL_NONE, + OSSL_RECORD_PROTECTION_LEVEL_NONE, NULL, 0, NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL); + NID_undef, NULL, NULL, NULL); + /* SSLfatal already called in the event of failure */ return ret; } diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a1b7954a669..f1ed43abd38 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -720,8 +720,9 @@ WORK_STATE ossl_statem_client_pre_work(SSL_CONNECTION *s, WORK_STATE wst) TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, OSSL_RECORD_PROTECTION_LEVEL_NONE, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL)) { + NULL, 0, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, NID_undef, NULL, NULL, + NULL)) { /* SSLfatal already called */ return WORK_ERROR; } @@ -1793,8 +1794,8 @@ static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL_CONNECTION *s, TLS_ANY_VERSION, OSSL_RECORD_DIRECTION_WRITE, OSSL_RECORD_PROTECTION_LEVEL_NONE, - NULL, 0, NULL, 0, NULL, 0, NULL, 0, - NID_undef, NULL, NULL)) { + NULL, 0, NULL, 0, NULL, 0, NULL, 0, + NULL, 0, NID_undef, NULL, NULL, NULL)) { /* SSLfatal already called */ goto err; } diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 02652105249..712a784a0d7 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -268,9 +268,9 @@ int tls1_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, s->version, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, cl, iv, (size_t)k, mac_secret, + NULL, 0, key, cl, iv, (size_t)k, mac_secret, mac_secret_size, c, taglen, mac_type, - m, comp)) { + m, comp, NULL)) { /* SSLfatal already called */ goto err; } diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c index 6d2f46441af..30ef3a8410c 100644 --- a/ssl/tls13_enc.c +++ b/ssl/tls13_enc.c @@ -678,8 +678,9 @@ int tls13_change_cipher_state(SSL_CONNECTION *s, int which) if (!ssl_set_new_record_layer(s, s->version, direction, - level, key, keylen, iv, ivlen, NULL, 0, - cipher, taglen, NID_undef, NULL, NULL)) { + level, insecret, hashlen, key, keylen, iv, + ivlen, NULL, 0, cipher, taglen, NID_undef, + NULL, NULL, md)) { /* SSLfatal already called */ goto err; } @@ -736,9 +737,9 @@ int tls13_update_key(SSL_CONNECTION *s, int sending) if (!ssl_set_new_record_layer(s, s->version, direction, OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, - key, keylen, iv, ivlen, NULL, 0, + insecret, hashlen, key, keylen, iv, ivlen, NULL, 0, s->s3.tmp.new_sym_enc, taglen, NID_undef, NULL, - NULL)) { + NULL, md)) { /* SSLfatal already called */ goto err; } diff --git a/test/tls13encryptiontest.c b/test/tls13encryptiontest.c index 1529e1b1ba4..cecbb4296be 100644 --- a/test/tls13encryptiontest.c +++ b/test/tls13encryptiontest.c @@ -335,10 +335,11 @@ static int test_tls13_encryption(void) if (!TEST_true(ossl_tls_record_method.new_record_layer( NULL, NULL, TLS1_3_VERSION, OSSL_RECORD_ROLE_SERVER, OSSL_RECORD_DIRECTION_WRITE, - OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, key, 16, - iv, ivlen, NULL, 0, EVP_aes_128_gcm(), + OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, NULL, 0, + key, 16, iv, ivlen, NULL, 0, EVP_aes_128_gcm(), EVP_GCM_TLS_TAG_LEN, 0, NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, &wrl))) + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + &wrl))) goto err; memcpy(wrl->sequence, seqbuf, sizeof(seqbuf)); @@ -357,10 +358,11 @@ static int test_tls13_encryption(void) if (!TEST_true(ossl_tls_record_method.new_record_layer( NULL, NULL, TLS1_3_VERSION, OSSL_RECORD_ROLE_SERVER, OSSL_RECORD_DIRECTION_READ, - OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, key, 16, - iv, ivlen, NULL, 0, EVP_aes_128_gcm(), + OSSL_RECORD_PROTECTION_LEVEL_APPLICATION, 0, NULL, 0, + key, 16, iv, ivlen, NULL, 0, EVP_aes_128_gcm(), EVP_GCM_TLS_TAG_LEN, 0, NULL, NULL, NULL, NULL, NULL, - NULL, NULL, NULL, NULL, NULL, NULL, NULL, &rrl))) + NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, + &rrl))) goto err; memcpy(rrl->sequence, seqbuf, sizeof(seqbuf)); diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c index 923e713c008..f51dd9e9db8 100644 --- a/test/tls13secretstest.c +++ b/test/tls13secretstest.c @@ -218,12 +218,13 @@ void ssl_evp_md_free(const EVP_MD *md) } int ssl_set_new_record_layer(SSL_CONNECTION *s, int version, int direction, - int level, unsigned char *key, size_t keylen, + int level, unsigned char *secret, size_t secretlen, + unsigned char *key, size_t keylen, unsigned char *iv, size_t ivlen, unsigned char *mackey, size_t mackeylen, const EVP_CIPHER *ciph, size_t taglen, int mactype, const EVP_MD *md, - const SSL_COMP *comp) + const SSL_COMP *comp, const EVP_MD *kdfdigest) { return 0; }