Skip to content

Commit e9b72d4

Browse files
authored
Merge pull request #13 from h2o/master
Move to draft 26..28
2 parents 4f09b7b + ec940a5 commit e9b72d4

File tree

2 files changed

+59
-16
lines changed

2 files changed

+59
-16
lines changed

lib/openssl.c

+6-4
Original file line numberDiff line numberDiff line change
@@ -42,13 +42,15 @@
4242
#include "picotls.h"
4343
#include "picotls/openssl.h"
4444

45-
#if (OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER))
46-
#define OPENSSL_1_0_API 1
45+
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
46+
#define OPENSSL_1_1_API 1
47+
#elif defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER >= 0x2070000fL
48+
#define OPENSSL_1_1_API 1
4749
#else
48-
#define OPENSSL_1_0_API 0
50+
#define OPENSSL_1_1_API 0
4951
#endif
5052

51-
#if OPENSSL_1_0_API
53+
#if !OPENSSL_1_1_API
5254

5355
#define EVP_PKEY_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_EVP_PKEY)
5456
#define X509_STORE_up_ref(p) CRYPTO_add(&(p)->references, 1, CRYPTO_LOCK_X509_STORE)

lib/picotls.c

+53-12
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,9 @@
7474
#define PTLS_EXTENSION_TYPE_PSK_KEY_EXCHANGE_MODES 45
7575
#define PTLS_EXTENSION_TYPE_KEY_SHARE 51
7676

77-
#define PTLS_PROTOCOL_VERSION_DRAFT23 0x7f17
77+
#define PTLS_PROTOCOL_VERSION_DRAFT26 0x7f1a
78+
#define PTLS_PROTOCOL_VERSION_DRAFT27 0x7f1b
79+
#define PTLS_PROTOCOL_VERSION_DRAFT28 0x7f1c
7880

7981
#define PTLS_SERVER_NAME_TYPE_HOSTNAME 0
8082

@@ -95,6 +97,12 @@
9597
#define PTLS_MEMORY_DEBUG 0
9698
#endif
9799

100+
/**
101+
* list of supported versions in the preferred order
102+
*/
103+
static const uint16_t supported_versions[] = {PTLS_PROTOCOL_VERSION_DRAFT28, PTLS_PROTOCOL_VERSION_DRAFT27,
104+
PTLS_PROTOCOL_VERSION_DRAFT26};
105+
98106
static const uint8_t hello_retry_random[PTLS_HELLO_RANDOM_SIZE] = {0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C,
99107
0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB,
100108
0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C};
@@ -301,6 +309,15 @@ struct st_ptls_extension_bitmap_t {
301309

302310
static uint8_t zeroes_of_max_digest_size[PTLS_MAX_DIGEST_SIZE] = {0};
303311

312+
static int is_supported_version(uint16_t v)
313+
{
314+
size_t i;
315+
for (i = 0; i != sizeof(supported_versions) / sizeof(supported_versions[0]); ++i)
316+
if (supported_versions[i] == v)
317+
return 1;
318+
return 0;
319+
}
320+
304321
static inline int extension_bitmap_is_set(struct st_ptls_extension_bitmap_t *bitmap, uint16_t id)
305322
{
306323
if (id < sizeof(bitmap->bits) * 8)
@@ -475,12 +492,23 @@ int ptls_buffer_push_asn1_ubigint(ptls_buffer_t *buf, const void *bignum, size_t
475492
return ret;
476493
}
477494

495+
static void build_aad(uint8_t aad[5], size_t reclen)
496+
{
497+
aad[0] = PTLS_CONTENT_TYPE_APPDATA;
498+
aad[1] = PTLS_RECORD_VERSION_MAJOR;
499+
aad[2] = PTLS_RECORD_VERSION_MINOR;
500+
aad[3] = (uint8_t)(reclen >> 8);
501+
aad[4] = (uint8_t)reclen;
502+
}
503+
478504
static size_t aead_encrypt(struct st_ptls_traffic_protection_t *ctx, void *output, const void *input, size_t inlen,
479505
uint8_t content_type)
480506
{
507+
uint8_t aad[5];
481508
size_t off = 0;
482509

483-
ptls_aead_encrypt_init(ctx->aead, ctx->seq++, NULL, 0);
510+
build_aad(aad, inlen + 1 + ctx->aead->algo->tag_size);
511+
ptls_aead_encrypt_init(ctx->aead, ctx->seq++, aad, sizeof(aad));
484512
off += ptls_aead_encrypt_update(ctx->aead, ((uint8_t *)output) + off, input, inlen);
485513
off += ptls_aead_encrypt_update(ctx->aead, ((uint8_t *)output) + off, &content_type, 1);
486514
off += ptls_aead_encrypt_final(ctx->aead, ((uint8_t *)output) + off);
@@ -490,7 +518,10 @@ static size_t aead_encrypt(struct st_ptls_traffic_protection_t *ctx, void *outpu
490518

491519
static int aead_decrypt(struct st_ptls_traffic_protection_t *ctx, void *output, size_t *outlen, const void *input, size_t inlen)
492520
{
493-
if ((*outlen = ptls_aead_decrypt(ctx->aead, output, input, inlen, ctx->seq, NULL, 0)) == SIZE_MAX)
521+
uint8_t aad[5];
522+
523+
build_aad(aad, inlen);
524+
if ((*outlen = ptls_aead_decrypt(ctx->aead, output, input, inlen, ctx->seq, aad, sizeof(aad))) == SIZE_MAX)
494525
return PTLS_ALERT_BAD_RECORD_MAC;
495526
++ctx->seq;
496527
return 0;
@@ -1341,7 +1372,11 @@ static int send_client_hello(ptls_t *tls, ptls_buffer_t *sendbuf, ptls_handshake
13411372
});
13421373
}
13431374
buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS, {
1344-
ptls_buffer_push_block(sendbuf, 1, { ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT23); });
1375+
ptls_buffer_push_block(sendbuf, 1, {
1376+
size_t i;
1377+
for (i = 0; i != sizeof(supported_versions) / sizeof(supported_versions[0]); ++i)
1378+
ptls_buffer_push16(sendbuf, supported_versions[i]);
1379+
});
13451380
});
13461381
buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SIGNATURE_ALGORITHMS, {
13471382
ptls_buffer_push_block(sendbuf, 2, {
@@ -1567,7 +1602,7 @@ static int decode_server_hello(ptls_t *tls, struct st_ptls_server_hello_t *sh, c
15671602
}
15681603
});
15691604

1570-
if (found_version != PTLS_PROTOCOL_VERSION_DRAFT23) {
1605+
if (!is_supported_version(found_version)) {
15711606
ret = PTLS_ALERT_ILLEGAL_PARAMETER;
15721607
goto Exit;
15731608
}
@@ -2154,13 +2189,21 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c
21542189
break;
21552190
case PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS:
21562191
ptls_decode_block(src, end, 1, {
2192+
size_t selected_index = sizeof(supported_versions) / sizeof(supported_versions[0]);
21572193
do {
2194+
size_t i;
21582195
uint16_t v;
21592196
if ((ret = ptls_decode16(&v, &src, end)) != 0)
21602197
goto Exit;
2161-
if (ch->selected_version == 0 && v == PTLS_PROTOCOL_VERSION_DRAFT23)
2162-
ch->selected_version = v;
2198+
for (i = 0; i != selected_index; ++i) {
2199+
if (supported_versions[i] == v) {
2200+
selected_index = i;
2201+
break;
2202+
}
2203+
}
21632204
} while (src != end);
2205+
if (selected_index != sizeof(supported_versions) / sizeof(supported_versions[0]))
2206+
ch->selected_version = supported_versions[selected_index];
21642207
});
21652208
break;
21662209
case PTLS_EXTENSION_TYPE_COOKIE:
@@ -2258,8 +2301,7 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c
22582301
});
22592302

22602303
/* check if client hello make sense */
2261-
switch (ch->selected_version) {
2262-
case PTLS_PROTOCOL_VERSION_DRAFT23:
2304+
if (is_supported_version(ch->selected_version)) {
22632305
if (!(ch->compression_methods.count == 1 && ch->compression_methods.ids[0] == 0)) {
22642306
ret = PTLS_ALERT_ILLEGAL_PARAMETER;
22652307
goto Exit;
@@ -2277,8 +2319,7 @@ static int decode_client_hello(ptls_t *tls, struct st_ptls_client_hello_t *ch, c
22772319
goto Exit;
22782320
}
22792321
}
2280-
break;
2281-
default:
2322+
} else {
22822323
ret = PTLS_ALERT_PROTOCOL_VERSION;
22832324
goto Exit;
22842325
}
@@ -2447,7 +2488,7 @@ static int server_handle_hello(ptls_t *tls, ptls_buffer_t *sendbuf, ptls_iovec_t
24472488
ptls_buffer_push(sendbuf, 0); \
24482489
ptls_buffer_push_block(sendbuf, 2, { \
24492490
buffer_push_extension(sendbuf, PTLS_EXTENSION_TYPE_SUPPORTED_VERSIONS, \
2450-
{ ptls_buffer_push16(sendbuf, PTLS_PROTOCOL_VERSION_DRAFT23); }); \
2491+
{ ptls_buffer_push16(sendbuf, ch.selected_version); }); \
24512492
do { \
24522493
extensions \
24532494
} while (0); \

0 commit comments

Comments
 (0)