Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Bug 1494901 - Implement ESNI. r=mt
  • Loading branch information
ekr committed Sep 28, 2018
1 parent d3a99b2 commit cfd5fcb
Show file tree
Hide file tree
Showing 33 changed files with 2,156 additions and 176 deletions.
2 changes: 1 addition & 1 deletion cmd/tstclnt/Makefile
@@ -1,5 +1,5 @@
#! gmake
#
#
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
Expand Down
33 changes: 31 additions & 2 deletions cmd/tstclnt/tstclnt.c
Expand Up @@ -28,6 +28,7 @@
#include "prio.h"
#include "prnetdb.h"
#include "nss.h"
#include "nssb64.h"
#include "ocsp.h"
#include "ssl.h"
#include "sslproto.h"
Expand Down Expand Up @@ -224,7 +225,8 @@ PrintUsageHeader()
" [-V [min-version]:[max-version]] [-K] [-T] [-U]\n"
" [-r N] [-w passwd] [-W pwfile] [-q [-t seconds]]\n"
" [-I groups] [-J signatureschemes]\n"
" [-A requestfile] [-L totalconnections] [-P {client,server}] [-Q]\n"
" [-A requestfile] [-L totalconnections] [-P {client,server}]\n"
" [-N encryptedSniKeys] [-Q]\n"
"\n",
progName);
}
Expand Down Expand Up @@ -308,6 +310,7 @@ PrintParameterUsage()
fprintf(stderr, "%-20s Enable alternative TLS 1.3 handshake\n", "-X alt-server-hello");
fprintf(stderr, "%-20s Use DTLS\n", "-P {client, server}");
fprintf(stderr, "%-20s Exit after handshake\n", "-Q");
fprintf(stderr, "%-20s Encrypted SNI Keys\n", "-N");
}

static void
Expand Down Expand Up @@ -985,6 +988,7 @@ PRBool stopAfterHandshake = PR_FALSE;
PRBool requestToExit = PR_FALSE;
char *versionString = NULL;
PRBool handshakeComplete = PR_FALSE;
char *encryptedSNIKeys = NULL;

static int
writeBytesToServer(PRFileDesc *s, const PRUint8 *buf, int nb)
Expand Down Expand Up @@ -1424,6 +1428,26 @@ run()
}
}

if (encryptedSNIKeys) {
SECItem esniKeysBin = { siBuffer, NULL, 0 };

if (!NSSBase64_DecodeBuffer(NULL, &esniKeysBin, encryptedSNIKeys,
strlen(encryptedSNIKeys))) {
SECU_PrintError(progName, "ESNIKeys record is invalid base64");
error = 1;
goto done;
}

rv = SSL_EnableESNI(s, esniKeysBin.data, esniKeysBin.len,
"dummy.invalid");
SECITEM_FreeItem(&esniKeysBin, PR_FALSE);
if (rv < 0) {
SECU_PrintError(progName, "SSL_EnableESNI failed");
error = 1;
goto done;
}
}

serverCertAuth.dbHandle = CERT_GetDefaultCertDB();

SSL_AuthCertificateHook(s, ownAuthCertificate, &serverCertAuth);
Expand Down Expand Up @@ -1683,7 +1707,7 @@ main(int argc, char **argv)
* Please leave some time before reusing these.
*/
optstate = PL_CreateOptState(argc, argv,
"46A:CDFGHI:J:KL:M:OP:QR:STUV:W:X:YZa:bc:d:fgh:m:n:op:qr:st:uvw:");
"46A:CDFGHI:J:KL:M:N:OP:QR:STUV:W:X:YZa:bc:d:fgh:m:n:op:qr:st:uvw:");
while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
switch (optstate->option) {
case '?':
Expand Down Expand Up @@ -1760,6 +1784,10 @@ main(int argc, char **argv)
};
break;

case 'N':
encryptedSNIKeys = PORT_Strdup(optstate->value);
break;

case 'P':
useDTLS = PR_TRUE;
if (!strcmp(optstate->value, "server")) {
Expand Down Expand Up @@ -2108,6 +2136,7 @@ main(int argc, char **argv)
PORT_Free(pwdata.data);
PORT_Free(host);
PORT_Free(zeroRttData);
PORT_Free(encryptedSNIKeys);

if (enabledGroups) {
PORT_Free(enabledGroups);
Expand Down
1 change: 1 addition & 0 deletions gtests/ssl_gtest/manifest.mn
Expand Up @@ -52,6 +52,7 @@ CPPSRCS = \
tls_hkdf_unittest.cc \
tls_filter.cc \
tls_protect.cc \
tls_esni_unittest.cc \
$(NULL)

INCLUDES += -I$(CORE_DEPTH)/gtests/google_test/gtest/include \
Expand Down
2 changes: 1 addition & 1 deletion gtests/ssl_gtest/rsa8193.h
Expand Up @@ -206,4 +206,4 @@ static const uint8_t rsa8193[] = {
0x13, 0x34, 0x9d, 0x34, 0xb8, 0xef, 0x13, 0x3a, 0x20, 0xf5, 0x74, 0x02,
0x70, 0x3b, 0x41, 0x60, 0x1f, 0x5e, 0x76, 0x0a, 0xb1, 0x17, 0xd5, 0xcf,
0x79, 0xef, 0xf7, 0xab, 0xe7, 0xd6, 0x0f, 0xad, 0x85, 0x2c, 0x52, 0x67,
0xb5, 0xa0, 0x4a, 0xfd, 0xaf};
0xb5, 0xa0, 0x4a, 0xfd, 0xaf};
27 changes: 2 additions & 25 deletions gtests/ssl_gtest/ssl_extension_unittest.cc
Expand Up @@ -44,28 +44,6 @@ class TlsExtensionTruncator : public TlsExtensionFilter {
size_t length_;
};

class TlsExtensionDamager : public TlsExtensionFilter {
public:
TlsExtensionDamager(const std::shared_ptr<TlsAgent>& a, uint16_t extension,
size_t index)
: TlsExtensionFilter(a), extension_(extension), index_(index) {}
virtual PacketFilter::Action FilterExtension(uint16_t extension_type,
const DataBuffer& input,
DataBuffer* output) {
if (extension_type != extension_) {
return KEEP;
}

*output = input;
output->data()[index_] += 73; // Increment selected for maximum damage
return CHANGE;
}

private:
uint16_t extension_;
size_t index_;
};

class TlsExtensionAppender : public TlsHandshakeFilter {
public:
TlsExtensionAppender(const std::shared_ptr<TlsAgent>& a,
Expand Down Expand Up @@ -611,7 +589,6 @@ TEST_F(TlsExtensionTest13Stream, WrongServerKeyShare) {
EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
}

// TODO(ekr@rtfm.com): This is the wrong error code. See bug 1307269.
TEST_F(TlsExtensionTest13Stream, UnknownServerKeyShare) {
const uint16_t wrong_group = 0xffff;

Expand All @@ -625,10 +602,10 @@ TEST_F(TlsExtensionTest13Stream, UnknownServerKeyShare) {
DataBuffer buf(key_share, sizeof(key_share));
EnsureTlsSetup();
MakeTlsFilter<TlsExtensionReplacer>(server_, ssl_tls13_key_share_xtn, buf);
client_->ExpectSendAlert(kTlsAlertMissingExtension);
client_->ExpectSendAlert(kTlsAlertIllegalParameter);
server_->ExpectSendAlert(kTlsAlertBadRecordMac);
ConnectExpectFail();
EXPECT_EQ(SSL_ERROR_MISSING_KEY_SHARE, client_->error_code());
EXPECT_EQ(SSL_ERROR_RX_MALFORMED_KEY_SHARE, client_->error_code());
EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, server_->error_code());
}

Expand Down
1 change: 1 addition & 0 deletions gtests/ssl_gtest/ssl_gtest.gyp
Expand Up @@ -51,6 +51,7 @@
'tls_connect.cc',
'tls_filter.cc',
'tls_hkdf_unittest.cc',
'tls_esni_unittest.cc',
'tls_protect.cc'
],
'dependencies': [
Expand Down

0 comments on commit cfd5fcb

Please sign in to comment.