Page MenuHomeFreeBSD
Files F152886726

D21801.id62590.diff
No OneTemporary
Actions

D21801.id62590.diff
View Options

Index: sys/kern/uipc_ktls.c
===================================================================
--- sys/kern/uipc_ktls.c
+++ sys/kern/uipc_ktls.c
@@ -389,14 +389,14 @@
if (en->tls_vmajor != TLS_MAJOR_VER_ONE)
return (EINVAL);
if (en->tls_vminor < TLS_MINOR_VER_ZERO ||
- en->tls_vminor > TLS_MINOR_VER_TWO)
+ en->tls_vminor > TLS_MINOR_VER_THREE)
return (EINVAL);
if (en->auth_key_len < 0 || en->auth_key_len > TLS_MAX_PARAM_SIZE)
return (EINVAL);
if (en->cipher_key_len < 0 || en->cipher_key_len > TLS_MAX_PARAM_SIZE)
return (EINVAL);
- if (en->iv_len < 0 || en->iv_len > TLS_MAX_PARAM_SIZE)
+ if (en->iv_len < 0 || en->iv_len > sizeof(tls->params.iv))
return (EINVAL);
/* All supported algorithms require a cipher key. */
@@ -425,7 +425,8 @@
}
if (en->auth_key_len != 0)
return (EINVAL);
- if (en->iv_len != TLS_AEAD_GCM_LEN)
+ if (en->tls_vminor == TLS_MINOR_VER_TWO &&
+ en->iv_len != TLS_AEAD_GCM_LEN)
return (EINVAL);
break;
case CRYPTO_AES_CBC:
@@ -477,8 +478,22 @@
tls->params.tls_hlen = sizeof(struct tls_record_layer);
switch (en->cipher_algorithm) {
case CRYPTO_AES_NIST_GCM_16:
- tls->params.tls_hlen += 8;
+ /*
+ * TLS 1.2 includes the sequence number in plain
+ * text, but TLS 1.3 XORs it into the IV.
+ */
+ if (en->tls_vminor < TLS_MINOR_VER_THREE)
+ tls->params.tls_hlen += sizeof (uint64_t);
tls->params.tls_tlen = AES_GMAC_HASH_LEN;
+
+ /*
+ * TLS 1.3 includes optional padding which we
+ * do not support, and also puts the "real" record
+ * type at the end of the encrypted data.
+ */
+ if (en->tls_vminor == TLS_MINOR_VER_THREE)
+ tls->params.tls_tlen += sizeof (uint8_t);
+
tls->params.tls_bs = 1;
break;
case CRYPTO_AES_CBC:
@@ -539,7 +554,6 @@
* of the IV are generated in ktls_frame() and ktls_seq().
*/
if (en->iv_len != 0) {
- MPASS(en->iv_len <= sizeof(tls->params.iv));
tls->params.iv_len = en->iv_len;
error = copyin(en->iv, tls->params.iv, en->iv_len);
if (error)
@@ -1188,8 +1202,21 @@
/* Populate the TLS header. */
tlshdr = (void *)pgs->hdr;
tlshdr->tls_vmajor = tls->params.tls_vmajor;
- tlshdr->tls_vminor = tls->params.tls_vminor;
- tlshdr->tls_type = record_type;
+
+ /*
+ * TLS 1.3 masquarades as TLS 1.2 with a record type
+ * of TLS_RLTYPE_APP.
+ */
+ if (tls->params.tls_vminor == TLS_MINOR_VER_THREE &&
+ tls->params.tls_vmajor == TLS_MAJOR_VER_ONE) {
+ tlshdr->tls_vminor = TLS_MINOR_VER_TWO;
+ tlshdr->tls_type = TLS_RLTYPE_APP;
+ /* save the real record type for later */
+ pgs->record_type = record_type;
+ } else {
+ tlshdr->tls_vminor = tls->params.tls_vminor;
+ tlshdr->tls_type = record_type;
+ }
tlshdr->tls_length = htons(m->m_len - sizeof(*tlshdr));
/*
@@ -1365,7 +1392,8 @@
error = (*tls->sw_encrypt)(tls,
(const struct tls_record_layer *)pgs->hdr,
- pgs->trail, src_iov, dst_iov, i, pgs->seqno);
+ pgs->trail, src_iov, dst_iov, i, pgs->seqno,
+ pgs->record_type);
if (error) {
counter_u64_add(ktls_offload_failed_crypto, 1);
break;
Index: sys/opencrypto/ktls_ocf.c
===================================================================
--- sys/opencrypto/ktls_ocf.c
+++ sys/opencrypto/ktls_ocf.c
@@ -86,7 +86,7 @@
static int
ktls_ocf_encrypt(struct ktls_session *tls, const struct tls_record_layer *hdr,
uint8_t *trailer, struct iovec *iniov, struct iovec *outiov, int iovcnt,
- uint64_t seqno)
+ uint64_t seqno, uint8_t record_type __unused)
{
struct uio uio;
struct tls_aead_data ad;
Index: sys/sys/ktls.h
===================================================================
--- sys/sys/ktls.h
+++ sys/sys/ktls.h
@@ -85,6 +85,7 @@
#define TLS_MINOR_VER_ZERO 1 /* 3, 1 */
#define TLS_MINOR_VER_ONE 2 /* 3, 2 */
#define TLS_MINOR_VER_TWO 3 /* 3, 3 */
+#define TLS_MINOR_VER_THREE 4 /* 3, 4 */
/* For TCP_TXTLS_ENABLE */
struct tls_enable {
@@ -121,7 +122,7 @@
#ifdef _KERNEL
-#define KTLS_API_VERSION 5
+#define KTLS_API_VERSION 6
struct iovec;
struct ktls_session;
@@ -144,7 +145,7 @@
int (*sw_encrypt)(struct ktls_session *tls,
const struct tls_record_layer *hdr, uint8_t *trailer,
struct iovec *src, struct iovec *dst, int iovcnt,
- uint64_t seqno);
+ uint64_t seqno, uint8_t record_type);
union {
void *cipher;
struct m_snd_tag *snd_tag;
Index: sys/sys/mbuf.h
===================================================================
--- sys/sys/mbuf.h
+++ sys/sys/mbuf.h
@@ -359,6 +359,7 @@
union {
char trail[MBUF_PEXT_TRAIL_LEN]; /* TLS trailer */
struct {
+ uint8_t record_type;
struct socket *so;
struct mbuf *mbuf;
uint64_t seqno;

File Metadata

Mime Type
text/plain
Expires
Sat, Apr 18, 7:04 PM (13 h, 45 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31730026
Default Alt Text
D21801.id62590.diff (4 KB)

Event Timeline