summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbeck <>2022-06-29 17:39:21 +0000
committerbeck <>2022-06-29 17:39:21 +0000
commitfc8a9f3799769566fe4b424c43a81a1a71f91328 (patch)
tree3406a8350556d9a6c42a2677a30e2dabf013942c
parent6f4618c6c03ccd1d0f1b55dd8ff05af4a05abe78 (diff)
downloadopenbsd-fc8a9f3799769566fe4b424c43a81a1a71f91328.tar.gz
openbsd-fc8a9f3799769566fe4b424c43a81a1a71f91328.tar.bz2
openbsd-fc8a9f3799769566fe4b424c43a81a1a71f91328.zip
Add support for sending QUIC transport parameters
This is the start of adding the boringssl API for QUIC support, and the TLS extensions necessary to send and receive QUIC transport data. Inspired by boringssl's https://boringssl-review.googlesource.com/24464 ok jsing@ tb@
Diffstat
-rw-r--r--src/lib/libssl/s3_lib.c10
-rw-r--r--src/lib/libssl/ssl.h26
-rw-r--r--src/lib/libssl/ssl_lib.c30
-rw-r--r--src/lib/libssl/ssl_locl.h10
-rw-r--r--src/lib/libssl/ssl_tlsext.c122
-rw-r--r--src/lib/libssl/ssl_tlsext.h13
-rw-r--r--src/lib/libssl/tls1.h5
-rw-r--r--src/regress/lib/libssl/tlsext/tlsexttest.c258
8 files changed, 466 insertions, 8 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 66d0eba9a0..12eb9f4af4 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: s3_lib.c,v 1.230 2022/06/29 08:37:18 tb Exp $ */ 1/* $OpenBSD: s3_lib.c,v 1.231 2022/06/29 17:39:20 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1575,6 +1575,9 @@ ssl3_free(SSL *s)
1575 1575
1576 free(s->s3->alpn_selected); 1576 free(s->s3->alpn_selected);
1577 1577
1578 freezero(s->s3->peer_quic_transport_params,
1579 s->s3->peer_quic_transport_params_len);
1580
1578 freezero(s->s3, sizeof(*s->s3)); 1581 freezero(s->s3, sizeof(*s->s3));
1579 1582
1580 s->s3 = NULL; 1583 s->s3 = NULL;
@@ -1619,6 +1622,11 @@ ssl3_clear(SSL *s)
1619 s->s3->alpn_selected = NULL; 1622 s->s3->alpn_selected = NULL;
1620 s->s3->alpn_selected_len = 0; 1623 s->s3->alpn_selected_len = 0;
1621 1624
1625 freezero(s->s3->peer_quic_transport_params,
1626 s->s3->peer_quic_transport_params_len);
1627 s->s3->peer_quic_transport_params = NULL;
1628 s->s3->peer_quic_transport_params_len = 0;
1629
1622 memset(s->s3, 0, sizeof(*s->s3)); 1630 memset(s->s3, 0, sizeof(*s->s3));
1623 1631
1624 s->s3->rbuf.buf = rp; 1632 s->s3->rbuf.buf = rp;
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index aed3fea1d0..c733992848 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl.h,v 1.217 2022/06/28 20:57:33 tb Exp $ */ 1/* $OpenBSD: ssl.h,v 1.218 2022/06/29 17:39:20 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1578,6 +1578,30 @@ void SSL_CTX_set_security_level(SSL_CTX *ctx, int level);
1578int SSL_CTX_get_security_level(const SSL_CTX *ctx); 1578int SSL_CTX_get_security_level(const SSL_CTX *ctx);
1579#endif /* LIBRESSL_INTERNAL */ 1579#endif /* LIBRESSL_INTERNAL */
1580 1580
1581#ifdef LIBRESSL_INTERNAL
1582/*
1583 * SSL_set_quic_transport_params configures |ssl| to send |params| (of length
1584 * |params_len|) in the quic_transport_parameters extension in either the
1585 * ClientHello or EncryptedExtensions handshake message. This extension will
1586 * only be sent if the TLS version is at least 1.3, and for a server, only if
1587 * the client sent the extension. The buffer pointed to by |params| only need be
1588 * valid for the duration of the call to this function. This function returns 1
1589 *on success and 0 on failure.
1590 */
1591int SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
1592 size_t params_len);
1593
1594/*
1595 * SSL_get_peer_quic_transport_params provides the caller with the value of the
1596 * quic_transport_parameters extension sent by the peer. A pointer to the buffer
1597 * containing the TransportParameters will be put in |*out_params|, and its
1598 * length in |*params_len|. This buffer will be valid for the lifetime of the
1599 * |SSL|. If no params were received from the peer, |*out_params_len| will be 0.
1600 */
1601void SSL_get_peer_quic_transport_params(const SSL *ssl,
1602 const uint8_t **out_params, size_t *out_params_len);
1603#endif
1604
1581/* BEGIN ERROR CODES */ 1605/* BEGIN ERROR CODES */
1582/* The following lines are auto generated by the script mkerr.pl. Any changes 1606/* The following lines are auto generated by the script mkerr.pl. Any changes
1583 * made after this point may be overwritten when the script is next run. 1607 * made after this point may be overwritten when the script is next run.
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index be01f771e0..b959d3428f 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_lib.c,v 1.292 2022/06/29 08:39:08 tb Exp $ */ 1/* $OpenBSD: ssl_lib.c,v 1.293 2022/06/29 17:39:20 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -573,6 +573,8 @@ SSL_free(SSL *s)
573 573
574 free(s->internal->alpn_client_proto_list); 574 free(s->internal->alpn_client_proto_list);
575 575
576 free(s->internal->quic_transport_params);
577
576#ifndef OPENSSL_NO_SRTP 578#ifndef OPENSSL_NO_SRTP
577 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles); 579 sk_SRTP_PROTECTION_PROFILE_free(s->internal->srtp_profiles);
578#endif 580#endif
@@ -3312,3 +3314,29 @@ OBJ_bsearch_ssl_cipher_id(SSL_CIPHER *key, SSL_CIPHER const *base, int num)
3312 return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER), 3314 return (SSL_CIPHER *)OBJ_bsearch_(key, base, num, sizeof(SSL_CIPHER),
3313 ssl_cipher_id_cmp_BSEARCH_CMP_FN); 3315 ssl_cipher_id_cmp_BSEARCH_CMP_FN);
3314} 3316}
3317
3318int
3319SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params,
3320 size_t params_len)
3321{
3322 freezero(ssl->internal->quic_transport_params,
3323 ssl->internal->quic_transport_params_len);
3324 ssl->internal->quic_transport_params = NULL;
3325 ssl->internal->quic_transport_params_len = 0;
3326
3327 if ((ssl->internal->quic_transport_params = malloc(params_len)) == NULL)
3328 return 0;
3329
3330 memcpy(ssl->internal->quic_transport_params, params, params_len);
3331 ssl->internal->quic_transport_params_len = params_len;
3332
3333 return 1;
3334}
3335
3336void
3337SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params,
3338 size_t *out_params_len)
3339{
3340 *out_params = ssl->s3->peer_quic_transport_params;
3341 *out_params_len = ssl->s3->peer_quic_transport_params_len;
3342}
diff --git a/src/lib/libssl/ssl_locl.h b/src/lib/libssl/ssl_locl.h
index da21758815..102f7deaf5 100644
--- a/src/lib/libssl/ssl_locl.h
+++ b/src/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_locl.h,v 1.401 2022/06/29 12:03:38 tb Exp $ */ 1/* $OpenBSD: ssl_locl.h,v 1.402 2022/06/29 17:39:20 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -932,6 +932,10 @@ typedef struct ssl_internal_st {
932 unsigned char *alpn_client_proto_list; 932 unsigned char *alpn_client_proto_list;
933 unsigned int alpn_client_proto_list_len; 933 unsigned int alpn_client_proto_list_len;
934 934
935 /* QUIC transport params we will send */
936 uint8_t *quic_transport_params;
937 size_t quic_transport_params_len;
938
935 /* XXX Callbacks */ 939 /* XXX Callbacks */
936 940
937 /* true when we are actually in SSL_accept() or SSL_connect() */ 941 /* true when we are actually in SSL_accept() or SSL_connect() */
@@ -1218,6 +1222,10 @@ typedef struct ssl3_state_st {
1218 */ 1222 */
1219 unsigned char *alpn_selected; 1223 unsigned char *alpn_selected;
1220 size_t alpn_selected_len; 1224 size_t alpn_selected_len;
1225
1226 /* Contains the QUIC transport params received from our peer. */
1227 uint8_t *peer_quic_transport_params;
1228 size_t peer_quic_transport_params_len;
1221} SSL3_STATE; 1229} SSL3_STATE;
1222 1230
1223/* 1231/*
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index 8faf90fde0..fc6c11daa6 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.c,v 1.114 2022/06/29 07:53:58 tb Exp $ */ 1/* $OpenBSD: ssl_tlsext.c,v 1.115 2022/06/29 17:39:20 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017, 2019 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1943,6 +1943,112 @@ tlsext_psk_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert)
1943 return CBS_skip(cbs, CBS_len(cbs)); 1943 return CBS_skip(cbs, CBS_len(cbs));
1944} 1944}
1945 1945
1946/*
1947 * QUIC transport parameters extension.
1948 */
1949
1950int
1951tlsext_quic_transport_parameters_client_needs(SSL *s, uint16_t msg_type)
1952{
1953 return (s->internal->quic_transport_params_len > 0 &&
1954 s->s3->hs.our_max_tls_version >= TLS1_3_VERSION);
1955}
1956
1957int
1958tlsext_quic_transport_parameters_client_build(SSL *s, uint16_t msg_type,
1959 CBB *cbb)
1960{
1961 CBB contents;
1962
1963 if (!CBB_add_u16_length_prefixed(cbb, &contents))
1964 return 0;
1965
1966 if (!CBB_add_bytes(&contents, s->internal->quic_transport_params,
1967 s->internal->quic_transport_params_len))
1968 return 0;
1969
1970 if (!CBB_flush(cbb))
1971 return 0;
1972
1973 return 1;
1974}
1975
1976int
1977tlsext_quic_transport_parameters_client_parse(SSL *s, uint16_t msg_type,
1978 CBS *cbs, int *alert)
1979{
1980 CBS transport_data;
1981
1982 /* QUIC requires TLS 1.3. */
1983 if (ssl_effective_tls_version(s) < TLS1_3_VERSION) {
1984 *alert = SSL_AD_UNSUPPORTED_EXTENSION;
1985 return 0;
1986 }
1987
1988 if (!CBS_get_u16_length_prefixed(cbs, &transport_data))
1989 return 0;
1990
1991 if (!CBS_stow(&transport_data, &s->s3->peer_quic_transport_params,
1992 &s->s3->peer_quic_transport_params_len))
1993 return 0;
1994
1995 return 1;
1996}
1997
1998int
1999tlsext_quic_transport_parameters_server_needs(SSL *s, uint16_t msg_type)
2000{
2001 return s->internal->quic_transport_params_len > 0;
2002}
2003
2004int
2005tlsext_quic_transport_parameters_server_build(SSL *s, uint16_t msg_type,
2006 CBB *cbb)
2007{
2008 CBB contents;
2009
2010 if (!CBB_add_u16_length_prefixed(cbb, &contents))
2011 return 0;
2012
2013 if (!CBB_add_bytes(&contents, s->internal->quic_transport_params,
2014 s->internal->quic_transport_params_len))
2015 return 0;
2016
2017 if (!CBB_flush(cbb))
2018 return 0;
2019
2020 return 1;
2021}
2022
2023int
2024tlsext_quic_transport_parameters_server_parse(SSL *s, uint16_t msg_type,
2025 CBS *cbs, int *alert)
2026{
2027 CBS transport_data;
2028
2029 /*
2030 * Ignore this extension if we don't have configured quic transport data
2031 * or if we are not TLS 1.3.
2032 */
2033 if (s->internal->quic_transport_params_len == 0 ||
2034 ssl_effective_tls_version(s) < TLS1_3_VERSION) {
2035 if (!CBS_skip(cbs, CBS_len(cbs))) {
2036 *alert = SSL_AD_INTERNAL_ERROR;
2037 return 0;
2038 }
2039 return 1;
2040 }
2041
2042 if (!CBS_get_u16_length_prefixed(cbs, &transport_data))
2043 return 0;
2044
2045 if (!CBS_stow(&transport_data, &s->s3->peer_quic_transport_params,
2046 &s->s3->peer_quic_transport_params_len))
2047 return 0;
2048
2049 return 1;
2050}
2051
1946struct tls_extension_funcs { 2052struct tls_extension_funcs {
1947 int (*needs)(SSL *s, uint16_t msg_type); 2053 int (*needs)(SSL *s, uint16_t msg_type);
1948 int (*build)(SSL *s, uint16_t msg_type, CBB *cbb); 2054 int (*build)(SSL *s, uint16_t msg_type, CBB *cbb);
@@ -2132,6 +2238,20 @@ static const struct tls_extension tls_extensions[] = {
2132 }, 2238 },
2133#endif /* OPENSSL_NO_SRTP */ 2239#endif /* OPENSSL_NO_SRTP */
2134 { 2240 {
2241 .type = TLSEXT_TYPE_quic_transport_parameters,
2242 .messages = SSL_TLSEXT_MSG_CH | SSL_TLSEXT_MSG_SH,
2243 .client = {
2244 .needs = tlsext_quic_transport_parameters_client_needs,
2245 .build = tlsext_quic_transport_parameters_client_build,
2246 .parse = tlsext_quic_transport_parameters_client_parse,
2247 },
2248 .server = {
2249 .needs = tlsext_quic_transport_parameters_server_needs,
2250 .build = tlsext_quic_transport_parameters_server_build,
2251 .parse = tlsext_quic_transport_parameters_server_parse,
2252 },
2253 },
2254 {
2135 .type = TLSEXT_TYPE_psk_key_exchange_modes, 2255 .type = TLSEXT_TYPE_psk_key_exchange_modes,
2136 .messages = SSL_TLSEXT_MSG_CH, 2256 .messages = SSL_TLSEXT_MSG_CH,
2137 .client = { 2257 .client = {
diff --git a/src/lib/libssl/ssl_tlsext.h b/src/lib/libssl/ssl_tlsext.h
index 3439255fd6..268b274948 100644
--- a/src/lib/libssl/ssl_tlsext.h
+++ b/src/lib/libssl/ssl_tlsext.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_tlsext.h,v 1.29 2022/06/03 13:31:49 tb Exp $ */ 1/* $OpenBSD: ssl_tlsext.h,v 1.30 2022/06/29 17:39:20 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -144,6 +144,17 @@ int tlsext_srtp_server_build(SSL *s, uint16_t msg_type, CBB *cbb);
144int tlsext_srtp_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert); 144int tlsext_srtp_server_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert);
145#endif 145#endif
146 146
147int tlsext_quic_transport_parameters_client_needs(SSL *s, uint16_t msg_type);
148int tlsext_quic_transport_parameters_client_build(SSL *s, uint16_t msg_type,
149 CBB *cbb);
150int tlsext_quic_transport_parameters_client_parse(SSL *s, uint16_t msg_type,
151 CBS *cbs, int *alert);
152int tlsext_quic_transport_parameters_server_needs(SSL *s, uint16_t msg_type);
153int tlsext_quic_transport_parameters_server_build(SSL *s, uint16_t msg_type,
154 CBB *cbb);
155int tlsext_quic_transport_parameters_server_parse(SSL *s, uint16_t msg_type,
156 CBS *cbs, int *alert);
157
147int tlsext_client_build(SSL *s, uint16_t msg_type, CBB *cbb); 158int tlsext_client_build(SSL *s, uint16_t msg_type, CBB *cbb);
148int tlsext_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert); 159int tlsext_client_parse(SSL *s, uint16_t msg_type, CBS *cbs, int *alert);
149 160
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index aa05f37cc8..2f6e2e3bd0 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls1.h,v 1.52 2022/06/28 20:36:55 tb Exp $ */ 1/* $OpenBSD: tls1.h,v 1.53 2022/06/29 17:39:20 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -259,6 +259,9 @@ extern "C" {
259/* ExtensionType value from RFC 7685. */ 259/* ExtensionType value from RFC 7685. */
260#define TLSEXT_TYPE_padding 21 260#define TLSEXT_TYPE_padding 21
261 261
262/* ExtensionType value from draft-ietf-quic-tls */
263#define TLSEXT_TYPE_quic_transport_parameters 26
264
262/* ExtensionType value from RFC 4507. */ 265/* ExtensionType value from RFC 4507. */
263#define TLSEXT_TYPE_session_ticket 35 266#define TLSEXT_TYPE_session_ticket 35
264 267
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c
index 297aff2441..8166b883b8 100644
--- a/src/regress/lib/libssl/tlsext/tlsexttest.c
+++ b/src/regress/lib/libssl/tlsext/tlsexttest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tlsexttest.c,v 1.63 2022/06/06 06:11:04 tb Exp $ */ 1/* $OpenBSD: tlsexttest.c,v 1.64 2022/06/29 17:39:21 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> 4 * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -1896,6 +1896,259 @@ test_tlsext_sni_server(void)
1896 return (failure); 1896 return (failure);
1897} 1897}
1898 1898
1899
1900/*
1901 * QUIC transport parameters extenstion - RFC 90210 :)
1902 */
1903
1904#define TEST_QUIC_TRANSPORT_DATA "0123456789abcdef"
1905
1906static unsigned char tlsext_quic_transport_data[] = {
1907 0x00, 0x10, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35,
1908 0x36, 0x37, 0x38, 0x39, 0x61, 0x62, 0x63, 0x64,
1909 0x65, 0x66,
1910};
1911
1912static int
1913test_tlsext_quic_transport_parameters_client(void)
1914{
1915 unsigned char *data = NULL;
1916 SSL_CTX *ssl_ctx = NULL;
1917 SSL *ssl = NULL;
1918 int failure;
1919 size_t dlen;
1920 CBB cbb;
1921 CBS cbs;
1922 int alert;
1923 const uint8_t *out_bytes;
1924 size_t out_bytes_len;
1925
1926 failure = 1;
1927
1928 if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL)
1929 errx(1, "failed to create SSL_CTX");
1930 if ((ssl = SSL_new(ssl_ctx)) == NULL)
1931 errx(1, "failed to create SSL");
1932
1933 CBB_init(&cbb, 0);
1934
1935 if (tlsext_quic_transport_parameters_client_needs(ssl,
1936 SSL_TLSEXT_MSG_CH)) {
1937 FAIL("client should not need QUIC\n");
1938 goto err;
1939 }
1940
1941 if (!SSL_set_quic_transport_params(ssl,
1942 TEST_QUIC_TRANSPORT_DATA, strlen(TEST_QUIC_TRANSPORT_DATA))) {
1943 FAIL("client failed to set QUIC parametes\n");
1944 goto err;
1945 }
1946
1947 if (tlsext_quic_transport_parameters_client_needs(ssl,
1948 SSL_TLSEXT_MSG_CH)) {
1949 FAIL("client should not need QUIC\n");
1950 goto err;
1951 }
1952
1953 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
1954 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
1955
1956 if (!tlsext_quic_transport_parameters_client_needs(ssl,
1957 SSL_TLSEXT_MSG_CH)) {
1958 FAIL("client should not need QUIC\n");
1959 goto err;
1960 }
1961
1962 if (!tlsext_quic_transport_parameters_client_build(ssl,
1963 SSL_TLSEXT_MSG_CH, &cbb)) {
1964 FAIL("client failed to build QUIC\n");
1965 goto err;
1966 }
1967
1968 if (!CBB_finish(&cbb, &data, &dlen)) {
1969 FAIL("failed to finish CBB");
1970 goto err;
1971 }
1972
1973 if (dlen != sizeof(tlsext_quic_transport_data)) {
1974 FAIL("got client QUIC with length %zu, "
1975 "want length %zu\n", dlen,
1976 sizeof(tlsext_quic_transport_data));
1977 goto err;
1978 }
1979
1980 if (memcmp(data, tlsext_quic_transport_data, dlen) != 0) {
1981 FAIL("client QUIC differs:\n");
1982 fprintf(stderr, "received:\n");
1983 hexdump(data, dlen);
1984 fprintf(stderr, "test data:\n");
1985 hexdump(tlsext_quic_transport_data,
1986 sizeof(tlsext_quic_transport_data));
1987 goto err;
1988 }
1989
1990 CBS_init(&cbs, tlsext_quic_transport_data,
1991 sizeof(tlsext_quic_transport_data));
1992
1993 if (!tlsext_quic_transport_parameters_server_parse(ssl,
1994 SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
1995 FAIL("server_parse of QUIC from server failed\n");
1996 goto err;
1997 }
1998 if (CBS_len(&cbs) != 0) {
1999 FAIL("extension data remaining\n");
2000 goto err;
2001 }
2002
2003 SSL_get_peer_quic_transport_params(ssl, &out_bytes, &out_bytes_len);
2004
2005 if (out_bytes_len != strlen(TEST_QUIC_TRANSPORT_DATA)) {
2006 FAIL("server_parse QUIC length differs, got %zu want %zu\n",
2007 out_bytes_len,
2008 sizeof(tlsext_quic_transport_data));
2009 goto err;
2010 }
2011
2012 if (memcmp(out_bytes, TEST_QUIC_TRANSPORT_DATA,
2013 out_bytes_len) != 0) {
2014 FAIL("server_parse QUIC differs from sent:\n");
2015 fprintf(stderr, "received:\n");
2016 hexdump(data, dlen);
2017 fprintf(stderr, "test data:\n");
2018 hexdump(tlsext_quic_transport_data,
2019 sizeof(tlsext_quic_transport_data));
2020 goto err;
2021 }
2022
2023 failure = 0;
2024
2025 err:
2026 CBB_cleanup(&cbb);
2027 SSL_CTX_free(ssl_ctx);
2028 SSL_free(ssl);
2029 free(data);
2030
2031 return (failure);
2032}
2033
2034static int
2035test_tlsext_quic_transport_parameters_server(void)
2036{
2037 unsigned char *data = NULL;
2038 SSL_CTX *ssl_ctx = NULL;
2039 SSL *ssl = NULL;
2040 int failure;
2041 size_t dlen;
2042 int alert;
2043 CBB cbb;
2044 CBS cbs;
2045 const uint8_t *out_bytes;
2046 size_t out_bytes_len;
2047
2048 failure = 1;
2049
2050 CBB_init(&cbb, 0);
2051
2052 if ((ssl_ctx = SSL_CTX_new(TLS_server_method())) == NULL)
2053 errx(1, "failed to create SSL_CTX");
2054 if ((ssl = SSL_new(ssl_ctx)) == NULL)
2055 errx(1, "failed to create SSL");
2056
2057 if (tlsext_quic_transport_parameters_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
2058 FAIL("server should not need QUIC\n");
2059 goto err;
2060 }
2061
2062 if (!SSL_set_quic_transport_params(ssl,
2063 TEST_QUIC_TRANSPORT_DATA, strlen(TEST_QUIC_TRANSPORT_DATA))) {
2064 FAIL("server failed to set QUIC parametes\n");
2065 goto err;
2066 }
2067
2068 if (!tlsext_quic_transport_parameters_server_needs(ssl, SSL_TLSEXT_MSG_SH)) {
2069 FAIL("server should need QUIC\n");
2070 goto err;
2071 }
2072
2073 if (!tlsext_quic_transport_parameters_server_build(ssl,
2074 SSL_TLSEXT_MSG_SH, &cbb)) {
2075 FAIL("server failed to build QUIC\n");
2076 goto err;
2077 }
2078
2079 if (!CBB_finish(&cbb, &data, &dlen))
2080 errx(1, "failed to finish CBB");
2081
2082 if (dlen != sizeof(tlsext_quic_transport_data)) {
2083 FAIL("got server QUIC with length %zu, "
2084 "want length %zu\n", dlen,
2085 sizeof(tlsext_quic_transport_data));
2086 goto err;
2087 }
2088
2089 if (memcmp(data, tlsext_quic_transport_data, dlen) != 0) {
2090 FAIL("saved server QUIC differs:\n");
2091 fprintf(stderr, "received:\n");
2092 hexdump(data, dlen);
2093 fprintf(stderr, "test data:\n");
2094 hexdump(tlsext_quic_transport_data,
2095 sizeof(tlsext_quic_transport_data));
2096 goto err;
2097 }
2098
2099 CBS_init(&cbs, tlsext_quic_transport_data,
2100 sizeof(tlsext_quic_transport_data));
2101
2102 if (tlsext_quic_transport_parameters_client_parse(ssl,
2103 SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2104 FAIL("QUIC parse should have failed!\n");
2105 goto err;
2106 }
2107
2108 ssl->s3->hs.our_max_tls_version = TLS1_3_VERSION;
2109 ssl->s3->hs.negotiated_tls_version = TLS1_3_VERSION;
2110
2111 if (!tlsext_quic_transport_parameters_client_parse(ssl,
2112 SSL_TLSEXT_MSG_SH, &cbs, &alert)) {
2113 FAIL("client_parse of QUIC from server failed\n");
2114 goto err;
2115 }
2116 if (CBS_len(&cbs) != 0) {
2117 FAIL("extension data remaining\n");
2118 goto err;
2119 }
2120
2121 SSL_get_peer_quic_transport_params(ssl, &out_bytes, &out_bytes_len);
2122
2123 if (out_bytes_len != strlen(TEST_QUIC_TRANSPORT_DATA)) {
2124 FAIL("client QUIC length differs, got %zu want %zu\n",
2125 out_bytes_len,
2126 sizeof(tlsext_quic_transport_data));
2127 goto err;
2128 }
2129
2130 if (memcmp(out_bytes, TEST_QUIC_TRANSPORT_DATA,
2131 out_bytes_len) != 0) {
2132 FAIL("client QUIC differs from sent:\n");
2133 fprintf(stderr, "received:\n");
2134 hexdump(data, dlen);
2135 fprintf(stderr, "test data:\n");
2136 hexdump(tlsext_quic_transport_data,
2137 sizeof(tlsext_quic_transport_data));
2138 goto err;
2139 }
2140
2141 failure = 0;
2142
2143 err:
2144 CBB_cleanup(&cbb);
2145 SSL_CTX_free(ssl_ctx);
2146 SSL_free(ssl);
2147 free(data);
2148
2149 return (failure);
2150}
2151
1899static unsigned char tls_ocsp_client_default[] = { 2152static unsigned char tls_ocsp_client_default[] = {
1900 0x01, 0x00, 0x00, 0x00, 0x00 2153 0x01, 0x00, 0x00, 0x00, 0x00
1901}; 2154};
@@ -3991,5 +4244,8 @@ main(int argc, char **argv)
3991 4244
3992 failed |= test_tlsext_valid_hostnames(); 4245 failed |= test_tlsext_valid_hostnames();
3993 4246
4247 failed |= test_tlsext_quic_transport_parameters_client();
4248 failed |= test_tlsext_quic_transport_parameters_server();
4249
3994 return (failed); 4250 return (failed);
3995} 4251}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-17 20:49:13 +0000