ktls.c@ 106165

最後變更在這個檔案從106165是 104078,由 vboxsync 提交於 8 月前
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
檔案大小: 8.4 KB

行
1	/*
2	* Copyright 2018-2022 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include "ssl_local.h"
11	#include "internal/ktls.h"
12
13	#if defined(__FreeBSD__)
14	# include "crypto/cryptodev.h"
15
16	/*-
17	* Check if a given cipher is supported by the KTLS interface.
18	* The kernel might still fail the setsockopt() if no suitable
19	* provider is found, but this checks if the socket option
20	* supports the cipher suite used at all.
21	*/
22	int ktls_check_supported_cipher(const SSL s, const EVP_CIPHER c,
23	const EVP_CIPHER_CTX *dd)
24	{
25
26	switch (s->version) {
27	case TLS1_VERSION:
28	case TLS1_1_VERSION:
29	case TLS1_2_VERSION:
30	case TLS1_3_VERSION:
31	break;
32	default:
33	return 0;
34	}
35
36	switch (s->s3.tmp.new_cipher->algorithm_enc) {
37	case SSL_AES128GCM:
38	case SSL_AES256GCM:
39	return 1;
40	case SSL_AES128:
41	case SSL_AES256:
42	if (s->ext.use_etm)
43	return 0;
44	switch (s->s3.tmp.new_cipher->algorithm_mac) {
45	case SSL_SHA1:
46	case SSL_SHA256:
47	case SSL_SHA384:
48	return 1;
49	default:
50	return 0;
51	}
52	default:
53	return 0;
54	}
55	}
56
57	/* Function to configure kernel TLS structure */
58	int ktls_configure_crypto(const SSL s, const EVP_CIPHER c, EVP_CIPHER_CTX *dd,
59	void rl_sequence, ktls_crypto_info_t crypto_info,
60	unsigned char *rec_seq, unsigned char iv,
61	unsigned char key, unsigned char mac_key,
62	size_t mac_secret_size)
63	{
64	memset(crypto_info, 0, sizeof(*crypto_info));
65	switch (s->s3.tmp.new_cipher->algorithm_enc) {
66	case SSL_AES128GCM:
67	case SSL_AES256GCM:
68	crypto_info->cipher_algorithm = CRYPTO_AES_NIST_GCM_16;
69	if (s->version == TLS1_3_VERSION) {
70	crypto_info->iv_len = EVP_CIPHER_CTX_get_iv_length(dd);
71	if (crypto_info->iv_len < 0)
72	return 0;
73	}
74	else
75	crypto_info->iv_len = EVP_GCM_TLS_FIXED_IV_LEN;
76	break;
77	case SSL_AES128:
78	case SSL_AES256:
79	switch (s->s3.tmp.new_cipher->algorithm_mac) {
80	case SSL_SHA1:
81	crypto_info->auth_algorithm = CRYPTO_SHA1_HMAC;
82	break;
83	case SSL_SHA256:
84	crypto_info->auth_algorithm = CRYPTO_SHA2_256_HMAC;
85	break;
86	case SSL_SHA384:
87	crypto_info->auth_algorithm = CRYPTO_SHA2_384_HMAC;
88	break;
89	default:
90	return 0;
91	}
92	crypto_info->cipher_algorithm = CRYPTO_AES_CBC;
93	crypto_info->iv_len = EVP_CIPHER_get_iv_length(c);
94	crypto_info->auth_key = mac_key;
95	crypto_info->auth_key_len = mac_secret_size;
96	break;
97	default:
98	return 0;
99	}
100	crypto_info->cipher_key = key;
101	crypto_info->cipher_key_len = EVP_CIPHER_get_key_length(c);
102	crypto_info->iv = iv;
103	crypto_info->tls_vmajor = (s->version >> 8) & 0x000000ff;
104	crypto_info->tls_vminor = (s->version & 0x000000ff);
105	# ifdef TCP_RXTLS_ENABLE
106	memcpy(crypto_info->rec_seq, rl_sequence, sizeof(crypto_info->rec_seq));
107	if (rec_seq != NULL)
108	*rec_seq = crypto_info->rec_seq;
109	# else
110	if (rec_seq != NULL)
111	*rec_seq = NULL;
112	# endif
113	return 1;
114	};
115
116	#endif /* __FreeBSD__ */
117
118	#if defined(OPENSSL_SYS_LINUX)
119
120	/* Function to check supported ciphers in Linux */
121	int ktls_check_supported_cipher(const SSL s, const EVP_CIPHER c,
122	const EVP_CIPHER_CTX *dd)
123	{
124	switch (s->version) {
125	case TLS1_2_VERSION:
126	case TLS1_3_VERSION:
127	break;
128	default:
129	return 0;
130	}
131
132	/* check that cipher is AES_GCM_128, AES_GCM_256, AES_CCM_128
133	* or Chacha20-Poly1305
134	*/
135	# ifdef OPENSSL_KTLS_AES_CCM_128
136	if (EVP_CIPHER_is_a(c, "AES-128-CCM")) {
137	if (s->version == TLS_1_3_VERSION /* broken on 5.x kernels */
138	\|\| EVP_CIPHER_CTX_get_tag_length(dd) != EVP_CCM_TLS_TAG_LEN)
139	return 0;
140	return 1;
141	} else
142	# endif
143	if (0
144	# ifdef OPENSSL_KTLS_AES_GCM_128
145	\|\| EVP_CIPHER_is_a(c, "AES-128-GCM")
146	# endif
147	# ifdef OPENSSL_KTLS_AES_GCM_256
148	\|\| EVP_CIPHER_is_a(c, "AES-256-GCM")
149	# endif
150	# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
151	\|\| EVP_CIPHER_is_a(c, "ChaCha20-Poly1305")
152	# endif
153	) {
154	return 1;
155	}
156	return 0;
157	}
158
159	/* Function to configure kernel TLS structure */
160	int ktls_configure_crypto(const SSL s, const EVP_CIPHER c, EVP_CIPHER_CTX *dd,
161	void rl_sequence, ktls_crypto_info_t crypto_info,
162	unsigned char *rec_seq, unsigned char iv,
163	unsigned char key, unsigned char mac_key,
164	size_t mac_secret_size)
165	{
166	unsigned char geniv[12];
167	unsigned char *iiv = iv;
168
169	if (s->version == TLS1_2_VERSION &&
170	EVP_CIPHER_get_mode(c) == EVP_CIPH_GCM_MODE) {
171	if (!EVP_CIPHER_CTX_get_updated_iv(dd, geniv,
172	EVP_GCM_TLS_FIXED_IV_LEN
173	+ EVP_GCM_TLS_EXPLICIT_IV_LEN))
174	return 0;
175	iiv = geniv;
176	}
177
178	memset(crypto_info, 0, sizeof(*crypto_info));
179	switch (EVP_CIPHER_get_nid(c))
180	{
181	# ifdef OPENSSL_KTLS_AES_GCM_128
182	case NID_aes_128_gcm:
183	crypto_info->gcm128.info.cipher_type = TLS_CIPHER_AES_GCM_128;
184	crypto_info->gcm128.info.version = s->version;
185	crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm128);
186	memcpy(crypto_info->gcm128.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
187	TLS_CIPHER_AES_GCM_128_IV_SIZE);
188	memcpy(crypto_info->gcm128.salt, iiv, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
189	memcpy(crypto_info->gcm128.key, key, EVP_CIPHER_get_key_length(c));
190	memcpy(crypto_info->gcm128.rec_seq, rl_sequence,
191	TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
192	if (rec_seq != NULL)
193	*rec_seq = crypto_info->gcm128.rec_seq;
194	return 1;
195	# endif
196	# ifdef OPENSSL_KTLS_AES_GCM_256
197	case NID_aes_256_gcm:
198	crypto_info->gcm256.info.cipher_type = TLS_CIPHER_AES_GCM_256;
199	crypto_info->gcm256.info.version = s->version;
200	crypto_info->tls_crypto_info_len = sizeof(crypto_info->gcm256);
201	memcpy(crypto_info->gcm256.iv, iiv + EVP_GCM_TLS_FIXED_IV_LEN,
202	TLS_CIPHER_AES_GCM_256_IV_SIZE);
203	memcpy(crypto_info->gcm256.salt, iiv, TLS_CIPHER_AES_GCM_256_SALT_SIZE);
204	memcpy(crypto_info->gcm256.key, key, EVP_CIPHER_get_key_length(c));
205	memcpy(crypto_info->gcm256.rec_seq, rl_sequence,
206	TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE);
207	if (rec_seq != NULL)
208	*rec_seq = crypto_info->gcm256.rec_seq;
209	return 1;
210	# endif
211	# ifdef OPENSSL_KTLS_AES_CCM_128
212	case NID_aes_128_ccm:
213	crypto_info->ccm128.info.cipher_type = TLS_CIPHER_AES_CCM_128;
214	crypto_info->ccm128.info.version = s->version;
215	crypto_info->tls_crypto_info_len = sizeof(crypto_info->ccm128);
216	memcpy(crypto_info->ccm128.iv, iiv + EVP_CCM_TLS_FIXED_IV_LEN,
217	TLS_CIPHER_AES_CCM_128_IV_SIZE);
218	memcpy(crypto_info->ccm128.salt, iiv, TLS_CIPHER_AES_CCM_128_SALT_SIZE);
219	memcpy(crypto_info->ccm128.key, key, EVP_CIPHER_get_key_length(c));
220	memcpy(crypto_info->ccm128.rec_seq, rl_sequence,
221	TLS_CIPHER_AES_CCM_128_REC_SEQ_SIZE);
222	if (rec_seq != NULL)
223	*rec_seq = crypto_info->ccm128.rec_seq;
224	return 1;
225	# endif
226	# ifdef OPENSSL_KTLS_CHACHA20_POLY1305
227	case NID_chacha20_poly1305:
228	crypto_info->chacha20poly1305.info.cipher_type = TLS_CIPHER_CHACHA20_POLY1305;
229	crypto_info->chacha20poly1305.info.version = s->version;
230	crypto_info->tls_crypto_info_len = sizeof(crypto_info->chacha20poly1305);
231	memcpy(crypto_info->chacha20poly1305.iv, iiv,
232	TLS_CIPHER_CHACHA20_POLY1305_IV_SIZE);
233	memcpy(crypto_info->chacha20poly1305.key, key,
234	EVP_CIPHER_get_key_length(c));
235	memcpy(crypto_info->chacha20poly1305.rec_seq, rl_sequence,
236	TLS_CIPHER_CHACHA20_POLY1305_REC_SEQ_SIZE);
237	if (rec_seq != NULL)
238	*rec_seq = crypto_info->chacha20poly1305.rec_seq;
239	return 1;
240	# endif
241	default:
242	return 0;
243	}
244
245	}
246
247	#endif /* OPENSSL_SYS_LINUX */

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.1.7/ssl/ktls.c@ 106165

以其他格式下載: