Merge pull request #10 from h2o/master

Merge recent fixes
h2o · Mar 8, 2018 · 1ebd33a · 1ebd33a
2 parents d843e9d + 124e322
commit 1ebd33a
Show file tree

Hide file tree

Showing 8 changed files with 208 additions and 97 deletions.
diff --git a/deps/picotest b/deps/picotest
diff --git a/include/picotls.h b/include/picotls.h
@@ -740,6 +740,10 @@ int ptls_handshake_is_complete(ptls_t *tls);
  * returns if a PSK (or PSK-DHE) handshake was performed
  */
 int ptls_is_psk_handshake(ptls_t *tls);
+/**
+ * returns a pointer to user data pointer (client is reponsible for freeing the associated data prior to calling ptls_free)
+ */
+void **ptls_get_data_ptr(ptls_t *tls);
 /**
  * proceeds with the handshake, optionally taking some input from peer. The function returns zero in case the handshake completed
  * successfully. PTLS_ERROR_IN_PROGRESS is returned in case the handshake is incomplete. Otherwise, an error value is returned. The

diff --git a/lib/cifra.c b/lib/cifra.c
@@ -526,5 +526,5 @@ ptls_cipher_suite_t ptls_minicrypto_aes256gcmsha384 = {PTLS_CIPHER_SUITE_AES_256
                                                        &ptls_minicrypto_sha384};
 ptls_cipher_suite_t ptls_minicrypto_chacha20poly1305sha256 = {PTLS_CIPHER_SUITE_CHACHA20_POLY1305_SHA256,
                                                               &ptls_minicrypto_chacha20poly1305, &ptls_minicrypto_sha256};
-ptls_cipher_suite_t *ptls_minicrypto_cipher_suites[] = {&ptls_minicrypto_aes128gcmsha256, &ptls_minicrypto_chacha20poly1305sha256,
-                                                        NULL};
+ptls_cipher_suite_t *ptls_minicrypto_cipher_suites[] = {&ptls_minicrypto_aes256gcmsha384, &ptls_minicrypto_aes128gcmsha256,
+                                                        &ptls_minicrypto_chacha20poly1305sha256, NULL};
diff --git a/lib/openssl.c b/lib/openssl.c
@@ -1057,7 +1057,7 @@ ptls_aead_algorithm_t ptls_openssl_chacha20poly1305 = {"CHACHA20-POLY1305",
 ptls_cipher_suite_t ptls_openssl_chacha20poly1305sha256 = {PTLS_CIPHER_SUITE_CHACHA20_POLY1305_SHA256,
                                                            &ptls_openssl_chacha20poly1305, &ptls_openssl_sha256};
 #endif
-ptls_cipher_suite_t *ptls_openssl_cipher_suites[] = {&ptls_openssl_aes128gcmsha256,
+ptls_cipher_suite_t *ptls_openssl_cipher_suites[] = {&ptls_openssl_aes256gcmsha384, &ptls_openssl_aes128gcmsha256,
 #if defined(PTLS_OPENSSL_HAVE_CHACHA20_POLY1305)
                                                      &ptls_openssl_chacha20poly1305sha256,
 #endif

diff --git a/lib/picotls.c b/lib/picotls.c
diff --git a/lib/uecc.c b/lib/uecc.c
@@ -216,7 +216,7 @@ size_t ptls_minicrypto_asn1_decode_private_key(ptls_asn1_pkcs8_private_key_t *pk
     byte_index = ptls_asn1_get_expected_type_and_length(bytes, bytes_max, byte_index, 0x30, &seq0_length, NULL, &last_byte0,
                                                         decode_error, log_ctx);
 
-    if (decode_error == 0 && bytes_max != last_byte0) {
+    if (*decode_error == 0 && bytes_max != last_byte0) {
         byte_index = ptls_asn1_error_message("Length larger than message", bytes_max, byte_index, 0, log_ctx);
         *decode_error = PTLS_ERROR_BER_EXCESSIVE_LENGTH;
     }

diff --git a/t/openssl.c b/t/openssl.c
@@ -180,13 +180,29 @@ int main(int argc, char **argv)
                                   NULL,
                                   &openssl_sign_certificate.super,
                                   &openssl_verify_certificate.super};
+    assert(openssl_ctx.cipher_suites[0]->hash->digest_size == 48); /* sha384 */
+    ptls_context_t openssl_ctx_sha256only = openssl_ctx;
+    ++openssl_ctx_sha256only.cipher_suites;
+    assert(openssl_ctx_sha256only.cipher_suites[0]->hash->digest_size == 32); /* sha256 */
+
     ctx = ctx_peer = &openssl_ctx;
 
     subtest("ecdh-key-exchange", test_ecdh_key_exchange);
     subtest("rsa-sign", test_rsa_sign);
     subtest("ecdsa-sign", test_ecdsa_sign);
     subtest("picotls", test_picotls);
 
+    ctx = ctx_peer = &openssl_ctx_sha256only;
+    subtest("picotls", test_picotls);
+
+    ctx = &openssl_ctx_sha256only;
+    ctx_peer = &openssl_ctx;
+    subtest("picotls", test_picotls);
+
+    ctx = &openssl_ctx;
+    ctx_peer = &openssl_ctx_sha256only;
+    subtest("picotls", test_picotls);
+
     ptls_minicrypto_secp256r1sha256_sign_certificate_t minicrypto_sign_certificate;
     ptls_iovec_t minicrypto_certificate = ptls_iovec_init(SECP256R1_CERTIFICATE, sizeof(SECP256R1_CERTIFICATE) - 1);
     ptls_minicrypto_init_secp256r1sha256_sign_certificate(
@@ -199,6 +215,7 @@ int main(int argc, char **argv)
                                      NULL,
                                      NULL,
                                      &minicrypto_sign_certificate.super};
+    ctx = &openssl_ctx;
     ctx_peer = &minicrypto_ctx;
     subtest("vs. minicrypto", test_picotls);
 

diff --git a/t/picotls.c b/t/picotls.c
@@ -57,7 +57,9 @@ static void test_sha256(void)
 
 static void test_sha384(void)
 {
-    test_hash(find_cipher(ctx, PTLS_CIPHER_SUITE_AES_256_GCM_SHA384)->hash);
+    ptls_cipher_suite_t *cs = find_cipher(ctx, PTLS_CIPHER_SUITE_AES_256_GCM_SHA384);
+    if (cs != NULL)
+        test_hash(cs->hash);
 }
 
 static void test_hmac_sha256(void)
@@ -222,8 +224,10 @@ static void test_aes256gcm(void)
     ptls_cipher_suite_t *cs = find_cipher(ctx, PTLS_CIPHER_SUITE_AES_256_GCM_SHA384),
                         *cs_peer = find_cipher(ctx, PTLS_CIPHER_SUITE_AES_256_GCM_SHA384);
 
-    test_ciphersuite(cs, cs_peer);
-    test_aad_ciphersuite(cs, cs_peer);
+    if (cs != NULL && cs_peer != NULL) {
+        test_ciphersuite(cs, cs_peer);
+        test_aad_ciphersuite(cs, cs_peer);
+    }
 }
 
 static void test_chacha20poly1305(void)