Mercurial > hg > nginx
view src/event/quic/ngx_event_quic_openssl_compat.c @ 9175:f7c9cd726298
QUIC: cleaned up now unused ngx_quic_ciphers() calls.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Fri, 20 Oct 2023 18:05:07 +0400 |
| parents | 4ccb0d973206 |
| children | 8dacf87e4007 |
line wrap: on
line source
/* * Copyright (C) Nginx, Inc. */ #include <ngx_config.h> #include <ngx_core.h> #include <ngx_event.h> #include <ngx_event_quic_connection.h> #if (NGX_QUIC_OPENSSL_COMPAT) #define NGX_QUIC_COMPAT_RECORD_SIZE 1024 #define NGX_QUIC_COMPAT_SSL_TP_EXT 0x39 #define NGX_QUIC_COMPAT_CLIENT_HANDSHAKE "CLIENT_HANDSHAKE_TRAFFIC_SECRET" #define NGX_QUIC_COMPAT_SERVER_HANDSHAKE "SERVER_HANDSHAKE_TRAFFIC_SECRET" #define NGX_QUIC_COMPAT_CLIENT_APPLICATION "CLIENT_TRAFFIC_SECRET_0" #define NGX_QUIC_COMPAT_SERVER_APPLICATION "SERVER_TRAFFIC_SECRET_0" typedef struct { ngx_quic_secret_t secret; ngx_uint_t cipher; } ngx_quic_compat_keys_t; typedef struct { ngx_log_t *log; u_char type; ngx_str_t payload; uint64_t number; ngx_quic_compat_keys_t *keys; enum ssl_encryption_level_t level; } ngx_quic_compat_record_t; struct ngx_quic_compat_s { const SSL_QUIC_METHOD *method; enum ssl_encryption_level_t write_level; uint64_t read_record; ngx_quic_compat_keys_t keys; ngx_str_t tp; ngx_str_t ctp; }; static void ngx_quic_compat_keylog_callback(const SSL *ssl, const char *line); static ngx_int_t ngx_quic_compat_set_encryption_secret(ngx_connection_t *c, ngx_quic_compat_keys_t *keys, enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len); static void ngx_quic_compat_cleanup_encryption_secret(void *data); static int ngx_quic_compat_add_transport_params_callback(SSL *ssl, unsigned int ext_type, unsigned int context, const unsigned char **out, size_t *outlen, X509 *x, size_t chainidx, int *al, void *add_arg); static int ngx_quic_compat_parse_transport_params_callback(SSL *ssl, unsigned int ext_type, unsigned int context, const unsigned char *in, size_t inlen, X509 *x, size_t chainidx, int *al, void *parse_arg); static void ngx_quic_compat_message_callback(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); static size_t ngx_quic_compat_create_header(ngx_quic_compat_record_t *rec, u_char *out, ngx_uint_t plain); static ngx_int_t ngx_quic_compat_create_record(ngx_quic_compat_record_t *rec, ngx_str_t *res); ngx_int_t ngx_quic_compat_init(ngx_conf_t *cf, SSL_CTX *ctx) { SSL_CTX_set_keylog_callback(ctx, ngx_quic_compat_keylog_callback); if (SSL_CTX_has_client_custom_ext(ctx, NGX_QUIC_COMPAT_SSL_TP_EXT)) { return NGX_OK; } if (SSL_CTX_add_custom_ext(ctx, NGX_QUIC_COMPAT_SSL_TP_EXT, SSL_EXT_CLIENT_HELLO |SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS, ngx_quic_compat_add_transport_params_callback, NULL, NULL, ngx_quic_compat_parse_transport_params_callback, NULL) == 0) { ngx_log_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_add_custom_ext() failed"); return NGX_ERROR; } return NGX_OK; } static void ngx_quic_compat_keylog_callback(const SSL *ssl, const char *line) { u_char ch, *p, *start, value; size_t n; ngx_uint_t write; const SSL_CIPHER *cipher; ngx_quic_compat_t *com; ngx_connection_t *c; ngx_quic_connection_t *qc; enum ssl_encryption_level_t level; u_char secret[EVP_MAX_MD_SIZE]; c = ngx_ssl_get_connection(ssl); if (c->type != SOCK_DGRAM) { return; } p = (u_char *) line; for (start = p; *p && *p != ' '; p++); n = p - start; ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat secret %*s", n, start); if (n == sizeof(NGX_QUIC_COMPAT_CLIENT_HANDSHAKE) - 1 && ngx_strncmp(start, NGX_QUIC_COMPAT_CLIENT_HANDSHAKE, n) == 0) { level = ssl_encryption_handshake; write = 0; } else if (n == sizeof(NGX_QUIC_COMPAT_SERVER_HANDSHAKE) - 1 && ngx_strncmp(start, NGX_QUIC_COMPAT_SERVER_HANDSHAKE, n) == 0) { level = ssl_encryption_handshake; write = 1; } else if (n == sizeof(NGX_QUIC_COMPAT_CLIENT_APPLICATION) - 1 && ngx_strncmp(start, NGX_QUIC_COMPAT_CLIENT_APPLICATION, n) == 0) { level = ssl_encryption_application; write = 0; } else if (n == sizeof(NGX_QUIC_COMPAT_SERVER_APPLICATION) - 1 && ngx_strncmp(start, NGX_QUIC_COMPAT_SERVER_APPLICATION, n) == 0) { level = ssl_encryption_application; write = 1; } else { return; } if (*p++ == '\0') { return; } for ( /* void */ ; *p && *p != ' '; p++); if (*p++ == '\0') { return; } for (n = 0, start = p; *p; p++) { ch = *p; if (ch >= '0' && ch <= '9') { value = ch - '0'; goto next; } ch = (u_char) (ch | 0x20); if (ch >= 'a' && ch <= 'f') { value = ch - 'a' + 10; goto next; } ngx_log_error(NGX_LOG_EMERG, c->log, 0, "invalid OpenSSL QUIC secret format"); return; next: if ((p - start) % 2) { secret[n++] += value; } else { if (n >= EVP_MAX_MD_SIZE) { ngx_log_error(NGX_LOG_EMERG, c->log, 0, "too big OpenSSL QUIC secret"); return; } secret[n] = (value << 4); } } qc = ngx_quic_get_connection(c); com = qc->compat; cipher = SSL_get_current_cipher(ssl); if (write) { com->method->set_write_secret((SSL *) ssl, level, cipher, secret, n); com->write_level = level; } else { com->method->set_read_secret((SSL *) ssl, level, cipher, secret, n); com->read_record = 0; (void) ngx_quic_compat_set_encryption_secret(c, &com->keys, level, cipher, secret, n); } } static ngx_int_t ngx_quic_compat_set_encryption_secret(ngx_connection_t *c, ngx_quic_compat_keys_t *keys, enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, const uint8_t *secret, size_t secret_len) { ngx_int_t key_len; ngx_str_t secret_str; ngx_uint_t i; ngx_quic_hkdf_t seq[2]; ngx_quic_secret_t *peer_secret; ngx_quic_ciphers_t ciphers; ngx_pool_cleanup_t *cln; peer_secret = &keys->secret; keys->cipher = SSL_CIPHER_get_id(cipher); key_len = ngx_quic_ciphers(keys->cipher, &ciphers, level); if (key_len == NGX_ERROR) { ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "unexpected cipher"); return NGX_ERROR; } if (sizeof(peer_secret->secret.data) < secret_len) { ngx_log_error(NGX_LOG_ALERT, c->log, 0, "unexpected secret len: %uz", secret_len); return NGX_ERROR; } peer_secret->secret.len = secret_len; ngx_memcpy(peer_secret->secret.data, secret, secret_len); peer_secret->key.len = key_len; peer_secret->iv.len = NGX_QUIC_IV_LEN; secret_str.len = secret_len; secret_str.data = (u_char *) secret; ngx_quic_hkdf_set(&seq[0], "tls13 key", &peer_secret->key, &secret_str); ngx_quic_hkdf_set(&seq[1], "tls13 iv", &peer_secret->iv, &secret_str); for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, c->log) != NGX_OK) { return NGX_ERROR; } } /* register cleanup handler once */ if (peer_secret->ctx) { ngx_quic_crypto_cleanup(peer_secret); } else { cln = ngx_pool_cleanup_add(c->pool, 0); if (cln == NULL) { return NGX_ERROR; } cln->handler = ngx_quic_compat_cleanup_encryption_secret; cln->data = peer_secret; } if (ngx_quic_crypto_init(ciphers.c, peer_secret, 1, c->log) == NGX_ERROR) { return NGX_ERROR; } return NGX_OK; } static void ngx_quic_compat_cleanup_encryption_secret(void *data) { ngx_quic_secret_t *secret = data; ngx_quic_crypto_cleanup(secret); } static int ngx_quic_compat_add_transport_params_callback(SSL *ssl, unsigned int ext_type, unsigned int context, const unsigned char **out, size_t *outlen, X509 *x, size_t chainidx, int *al, void *add_arg) { ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; c = ngx_ssl_get_connection(ssl); if (c->type != SOCK_DGRAM) { return 0; } ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat add transport params"); qc = ngx_quic_get_connection(c); com = qc->compat; *out = com->tp.data; *outlen = com->tp.len; return 1; } static int ngx_quic_compat_parse_transport_params_callback(SSL *ssl, unsigned int ext_type, unsigned int context, const unsigned char *in, size_t inlen, X509 *x, size_t chainidx, int *al, void *parse_arg) { u_char *p; ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; c = ngx_ssl_get_connection(ssl); if (c->type != SOCK_DGRAM) { return 0; } ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat parse transport params"); qc = ngx_quic_get_connection(c); com = qc->compat; p = ngx_pnalloc(c->pool, inlen); if (p == NULL) { return 0; } ngx_memcpy(p, in, inlen); com->ctp.data = p; com->ctp.len = inlen; return 1; } int SSL_set_quic_method(SSL *ssl, const SSL_QUIC_METHOD *quic_method) { BIO *rbio, *wbio; ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; c = ngx_ssl_get_connection(ssl); ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat set method"); qc = ngx_quic_get_connection(c); qc->compat = ngx_pcalloc(c->pool, sizeof(ngx_quic_compat_t)); if (qc->compat == NULL) { return 0; } com = qc->compat; com->method = quic_method; rbio = BIO_new(BIO_s_mem()); if (rbio == NULL) { return 0; } wbio = BIO_new(BIO_s_null()); if (wbio == NULL) { return 0; } SSL_set_bio(ssl, rbio, wbio); SSL_set_msg_callback(ssl, ngx_quic_compat_message_callback); /* early data is not supported */ SSL_set_max_early_data(ssl, 0); return 1; } static void ngx_quic_compat_message_callback(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg) { ngx_uint_t alert; ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; enum ssl_encryption_level_t level; if (!write_p) { return; } c = ngx_ssl_get_connection(ssl); qc = ngx_quic_get_connection(c); if (qc == NULL) { /* closing */ return; } com = qc->compat; level = com->write_level; switch (content_type) { case SSL3_RT_HANDSHAKE: ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat tx %s len:%uz ", ngx_quic_level_name(level), len); if (com->method->add_handshake_data(ssl, level, buf, len) != 1) { goto failed; } break; case SSL3_RT_ALERT: if (len >= 2) { alert = ((u_char *) buf)[1]; ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat %s alert:%ui len:%uz ", ngx_quic_level_name(level), alert, len); if (com->method->send_alert(ssl, level, alert) != 1) { goto failed; } } break; } return; failed: ngx_post_event(&qc->close, &ngx_posted_events); } int SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level, const uint8_t *data, size_t len) { BIO *rbio; size_t n; u_char *p; ngx_str_t res; ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; ngx_quic_compat_record_t rec; u_char in[NGX_QUIC_COMPAT_RECORD_SIZE + 1]; u_char out[NGX_QUIC_COMPAT_RECORD_SIZE + 1 + SSL3_RT_HEADER_LENGTH + NGX_QUIC_TAG_LEN]; c = ngx_ssl_get_connection(ssl); ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat rx %s len:%uz", ngx_quic_level_name(level), len); qc = ngx_quic_get_connection(c); com = qc->compat; rbio = SSL_get_rbio(ssl); while (len) { ngx_memzero(&rec, sizeof(ngx_quic_compat_record_t)); rec.type = SSL3_RT_HANDSHAKE; rec.log = c->log; rec.number = com->read_record++; rec.keys = &com->keys; rec.level = level; if (level == ssl_encryption_initial) { n = ngx_min(len, 65535); rec.payload.len = n; rec.payload.data = (u_char *) data; ngx_quic_compat_create_header(&rec, out, 1); BIO_write(rbio, out, SSL3_RT_HEADER_LENGTH); BIO_write(rbio, data, n); #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat record len:%uz %*xs%*xs", n + SSL3_RT_HEADER_LENGTH, (size_t) SSL3_RT_HEADER_LENGTH, out, n, data); #endif } else { n = ngx_min(len, NGX_QUIC_COMPAT_RECORD_SIZE); p = ngx_cpymem(in, data, n); *p++ = SSL3_RT_HANDSHAKE; rec.payload.len = p - in; rec.payload.data = in; res.data = out; if (ngx_quic_compat_create_record(&rec, &res) != NGX_OK) { return 0; } #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS) ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, "quic compat record len:%uz %xV", res.len, &res); #endif BIO_write(rbio, res.data, res.len); } data += n; len -= n; } return 1; } static size_t ngx_quic_compat_create_header(ngx_quic_compat_record_t *rec, u_char *out, ngx_uint_t plain) { u_char type; size_t len; len = rec->payload.len; if (plain) { type = rec->type; } else { type = SSL3_RT_APPLICATION_DATA; len += NGX_QUIC_TAG_LEN; } out[0] = type; out[1] = 0x03; out[2] = 0x03; out[3] = (len >> 8); out[4] = len; return 5; } static ngx_int_t ngx_quic_compat_create_record(ngx_quic_compat_record_t *rec, ngx_str_t *res) { ngx_str_t ad, out; ngx_quic_secret_t *secret; u_char nonce[NGX_QUIC_IV_LEN]; ad.data = res->data; ad.len = ngx_quic_compat_create_header(rec, ad.data, 0); out.len = rec->payload.len + NGX_QUIC_TAG_LEN; out.data = res->data + ad.len; #ifdef NGX_QUIC_DEBUG_CRYPTO ngx_log_debug2(NGX_LOG_DEBUG_EVENT, rec->log, 0, "quic compat ad len:%uz %xV", ad.len, &ad); #endif secret = &rec->keys->secret; ngx_memcpy(nonce, secret->iv.data, secret->iv.len); ngx_quic_compute_nonce(nonce, sizeof(nonce), rec->number); if (ngx_quic_crypto_seal(secret, &out, nonce, &rec->payload, &ad, rec->log) != NGX_OK) { return NGX_ERROR; } res->len = ad.len + out.len; return NGX_OK; } int SSL_set_quic_transport_params(SSL *ssl, const uint8_t *params, size_t params_len) { ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; c = ngx_ssl_get_connection(ssl); qc = ngx_quic_get_connection(c); com = qc->compat; com->tp.len = params_len; com->tp.data = (u_char *) params; return 1; } void SSL_get_peer_quic_transport_params(const SSL *ssl, const uint8_t **out_params, size_t *out_params_len) { ngx_connection_t *c; ngx_quic_compat_t *com; ngx_quic_connection_t *qc; c = ngx_ssl_get_connection(ssl); qc = ngx_quic_get_connection(c); com = qc->compat; *out_params = com->ctp.data; *out_params_len = com->ctp.len; } #endif /* NGX_QUIC_OPENSSL_COMPAT */