From 3ace48eeb8a81198d07d61f8c58eb55c79927dcf Mon Sep 17 00:00:00 2001 From: AIZAWA Hina Date: Fri, 23 Mar 2018 22:25:37 +0900 Subject: [PATCH 1/5] Add support for LibreSSL 2.7 Signed-off-by: AIZAWA Hina --- lib/openssl.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/openssl.c b/lib/openssl.c index 4194455ec..2c9ee7002 100644 --- a/lib/openssl.c +++ b/lib/openssl.c @@ -42,13 +42,15 @@ #include "picotls.h" #include "picotls/openssl.h" -#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)) -#define OPENSSL_1_0_API 1 +#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L +#define OPENSSL_1_1_API 1 +#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL +#define OPENSSL_1_1_API 1 #else -#define OPENSSL_1_0_API 0 +#define OPENSSL_1_1_API 0 #endif -#if OPENSSL_1_0_API +#if !OPENSSL_1_1_API #define EVP_PKEY_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_EVP_PKEY) #define X509_STORE_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_X509_STORE) From 12df7b68761124fe321ce588702d998dc9a007a1 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Fri, 30 Mar 2018 16:21:10 +0900 Subject: [PATCH 2/5] add the header to additional data (draft-25) --- lib/picotls.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/lib/picotls.c b/lib/picotls.c index 117031bfa..7f6bbaf88 100644 --- a/lib/picotls.c +++ b/lib/picotls.c @@ -475,12 +475,23 @@ int ptls_buffer_push_asn1_ubigint(ptls_buffer_t *buf, const void *bignum, size_t return ret; } +static void build_aad(uint8_t aad[5], size_t reclen) +{ + aad[0] = PTLS_CONTENT_TYPE_APPDATA; + aad[1] = 0x03; + aad[2] = 0x03; + aad[3] = (uint8_t)(reclen >> 8); + aad[4] = (uint8_t)reclen; +} + static size_t aead_encrypt(struct st_ptls_traffic_protection_t *ctx, void *output, const void *input, size_t inlen, uint8_t content_type) { + uint8_t aad[5]; size_t off = 0; - ptls_aead_encrypt_init(ctx->aead, ctx->seq++, NULL, 0); + build_aad(aad, inlen + 1 + ctx->aead->algo->tag_size); + ptls_aead_encrypt_init(ctx->aead, ctx->seq++, aad, sizeof(aad)); off += ptls_aead_encrypt_update(ctx->aead, ((uint8_t *)output) + off, input, inlen); off += ptls_aead_encrypt_update(ctx->aead, ((uint8_t *)output) + off, &content_type, 1); off += ptls_aead_encrypt_final(ctx->aead, ((uint8_t *)output) + off); @@ -490,7 +501,10 @@ static size_t aead_encrypt(struct st_ptls_traffic_protection_t *ctx, void *outpu static int aead_decrypt(struct st_ptls_traffic_protection_t *ctx, void *output, size_t *outlen, const void *input, size_t inlen) { - if ((*outlen = ptls_aead_decrypt(ctx->aead, output, input, inlen, ctx->seq, NULL, 0)) == SIZE_MAX) + uint8_t aad[5]; + + build_aad(aad, inlen); + if ((*outlen = ptls_aead_decrypt(ctx->aead, output, input, inlen, ctx->seq, aad, sizeof(aad))) == SIZE_MAX) return PTLS_ALERT_BAD_RECORD_MAC; ++ctx->seq; return 0; From a6a3f12a60ba7c0d1cb8dcf671f7790a1dcead91 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Fri, 30 Mar 2018 23:04:50 +0900 Subject: [PATCH 3/5] update version to -26 --- lib/picotls.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/picotls.c b/lib/picotls.c index 7f6bbaf88..8d83d5613 100644 --- a/lib/picotls.c +++ b/lib/picotls.c @@ -74,7 +74,7 @@ #define PTLS_EXTENSION_TYPE_PSK_KEY_EXCHANGE_MODES 45 #define PTLS_EXTENSION_TYPE_KEY_SHARE 51 -#define PTLS_PROTOCOL_VERSION_DRAFT23 0x7f17 +#define PTLS_PROTOCOL_VERSION_DRAFT26 0x7f1a #define PTLS_SERVER_NAME_TYPE_HOSTNAME 0 @@ -1355,7 +1355,7 @@ static int send_client_hello(ptls_t *tls, ptls_buffer_t *sendbuf, ptls_handshake }); } buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS, { - ptls_buffer_push_block(sendbuf, 1, { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT23); }); + ptls_buffer_push_block(sendbuf, 1, { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT26); }); }); buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SIGNATURE_ALGORITHMS, { ptls_buffer_push_block(sendbuf, 2, { @@ -1581,7 +1581,7 @@ static int decode_server_hello(ptls_t *tls, struct st_ptls_server_hello_t *sh, c } }); - if (found_version != PTLS_PROTOCOL_VERSION_DRAFT23) { + if (found_version != PTLS_PROTOCOL_VERSION_DRAFT26) { ret = PTLS_ALERT_ILLEGAL_PARAMETER; goto Exit; } @@ -2172,7 +2172,7 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c uint16_t v; if ((ret = ptls_decode16(&v, &src, end)) != 0) goto Exit; - if (ch->selected_version == 0 && v == PTLS_PROTOCOL_VERSION_DRAFT23) + if (ch->selected_version == 0 && v == PTLS_PROTOCOL_VERSION_DRAFT26) ch->selected_version = v; } while (src != end); }); @@ -2273,7 +2273,7 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c /* check if client hello make sense */ switch (ch->selected_version) { - case PTLS_PROTOCOL_VERSION_DRAFT23: + case PTLS_PROTOCOL_VERSION_DRAFT26: if (!(ch->compression_methods.count == 1 && ch->compression_methods.ids[0] == 0)) { ret = PTLS_ALERT_ILLEGAL_PARAMETER; goto Exit; @@ -2461,7 +2461,7 @@ static int server_handle_hello(ptls_t *tls, ptls_buffer_t *sendbuf, ptls_iovec_t ptls_buffer_push(sendbuf, 0); \ ptls_buffer_push_block(sendbuf, 2, { \ buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS, \ - { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT23); }); \ + { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT26); }); \ do { \ extensions \ } while (0); \ From 34868e65e7cf6a6b8ec57d2e31c22526ac599f71 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Mon, 2 Apr 2018 12:37:44 +0900 Subject: [PATCH 4/5] no magic numbers --- lib/picotls.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/picotls.c b/lib/picotls.c index 8d83d5613..513ea36ef 100644 --- a/lib/picotls.c +++ b/lib/picotls.c @@ -478,8 +478,8 @@ int ptls_buffer_push_asn1_ubigint(ptls_buffer_t *buf, const void *bignum, size_t static void build_aad(uint8_t aad[5], size_t reclen) { aad[0] = PTLS_CONTENT_TYPE_APPDATA; - aad[1] = 0x03; - aad[2] = 0x03; + aad[1] = PTLS_RECORD_VERSION_MAJOR; + aad[2] = PTLS_RECORD_VERSION_MINOR; aad[3] = (uint8_t)(reclen >> 8); aad[4] = (uint8_t)reclen; } From c01aca2c329d104afceadc86e336211422327646 Mon Sep 17 00:00:00 2001 From: Kazuho Oku Date: Tue, 3 Apr 2018 13:20:06 +0900 Subject: [PATCH 5/5] support draft26-28 --- lib/picotls.c | 45 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 36 insertions(+), 9 deletions(-) diff --git a/lib/picotls.c b/lib/picotls.c index 513ea36ef..1b1ee84ed 100644 --- a/lib/picotls.c +++ b/lib/picotls.c @@ -75,6 +75,8 @@ #define PTLS_EXTENSION_TYPE_KEY_SHARE 51 #define PTLS_PROTOCOL_VERSION_DRAFT26 0x7f1a +#define PTLS_PROTOCOL_VERSION_DRAFT27 0x7f1b +#define PTLS_PROTOCOL_VERSION_DRAFT28 0x7f1c #define PTLS_SERVER_NAME_TYPE_HOSTNAME 0 @@ -95,6 +97,12 @@ #define PTLS_MEMORY_DEBUG 0 #endif +/** + * list of supported versions in the preferred order + */ +static const uint16_t supported_versions[] = {PTLS_PROTOCOL_VERSION_DRAFT28, PTLS_PROTOCOL_VERSION_DRAFT27, + PTLS_PROTOCOL_VERSION_DRAFT26}; + static const uint8_t hello_retry_random[PTLS_HELLO_RANDOM_SIZE] = {0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C}; @@ -301,6 +309,15 @@ struct st_ptls_extension_bitmap_t { static uint8_t zeroes_of_max_digest_size[PTLS_MAX_DIGEST_SIZE] = {0}; +static int is_supported_version(uint16_t v) +{ + size_t i; + for (i = 0; i != sizeof(supported_versions) / sizeof(supported_versions[0]); ++i) + if (supported_versions[i] == v) + return 1; + return 0; +} + static inline int extension_bitmap_is_set(struct st_ptls_extension_bitmap_t *bitmap, uint16_t id) { if (id < sizeof(bitmap->bits) * 8) @@ -1355,7 +1372,11 @@ static int send_client_hello(ptls_t *tls, ptls_buffer_t *sendbuf, ptls_handshake }); } buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS, { - ptls_buffer_push_block(sendbuf, 1, { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT26); }); + ptls_buffer_push_block(sendbuf, 1, { + size_t i; + for (i = 0; i != sizeof(supported_versions) / sizeof(supported_versions[0]); ++i) + ptls_buffer_push16(sendbuf, supported_versions[i]); + }); }); buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SIGNATURE_ALGORITHMS, { ptls_buffer_push_block(sendbuf, 2, { @@ -1581,7 +1602,7 @@ static int decode_server_hello(ptls_t *tls, struct st_ptls_server_hello_t *sh, c } }); - if (found_version != PTLS_PROTOCOL_VERSION_DRAFT26) { + if (!is_supported_version(found_version)) { ret = PTLS_ALERT_ILLEGAL_PARAMETER; goto Exit; } @@ -2168,13 +2189,21 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c break; case PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS: ptls_decode_block(src, end, 1, { + size_t selected_index = sizeof(supported_versions) / sizeof(supported_versions[0]); do { + size_t i; uint16_t v; if ((ret = ptls_decode16(&v, &src, end)) != 0) goto Exit; - if (ch->selected_version == 0 && v == PTLS_PROTOCOL_VERSION_DRAFT26) - ch->selected_version = v; + for (i = 0; i != selected_index; ++i) { + if (supported_versions[i] == v) { + selected_index = i; + break; + } + } } while (src != end); + if (selected_index != sizeof(supported_versions) / sizeof(supported_versions[0])) + ch->selected_version = supported_versions[selected_index]; }); break; case PTLS_EXTENSION_TYPE_COOKIE: @@ -2272,8 +2301,7 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c }); /* check if client hello make sense */ - switch (ch->selected_version) { - case PTLS_PROTOCOL_VERSION_DRAFT26: + if (is_supported_version(ch->selected_version)) { if (!(ch->compression_methods.count == 1 && ch->compression_methods.ids[0] == 0)) { ret = PTLS_ALERT_ILLEGAL_PARAMETER; goto Exit; @@ -2291,8 +2319,7 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c goto Exit; } } - break; - default: + } else { ret = PTLS_ALERT_PROTOCOL_VERSION; goto Exit; } @@ -2461,7 +2488,7 @@ static int server_handle_hello(ptls_t *tls, ptls_buffer_t *sendbuf, ptls_iovec_t ptls_buffer_push(sendbuf, 0); \ ptls_buffer_push_block(sendbuf, 2, { \ buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS, \ - { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT26); }); \ + { ptls_buffer_push16(sendbuf, ch.selected_version); }); \ do { \ extensions \ } while (0); \