Merge pull request #1782 from nghttp2/embed-km-id-in-token
nghttpx: Embed km_id in a regular token
This commit is contained in:
commit
c3fa77158a
|
@ -479,7 +479,7 @@ int Http3Upstream::handshake_completed() {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
std::array<uint8_t, NGTCP2_CRYPTO_MAX_REGULAR_TOKENLEN> token;
|
std::array<uint8_t, NGTCP2_CRYPTO_MAX_REGULAR_TOKENLEN + 1> token;
|
||||||
size_t tokenlen;
|
size_t tokenlen;
|
||||||
|
|
||||||
auto path = ngtcp2_conn_get_path(conn_);
|
auto path = ngtcp2_conn_get_path(conn_);
|
||||||
|
@ -494,6 +494,10 @@ int Http3Upstream::handshake_completed() {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
assert(tokenlen == NGTCP2_CRYPTO_MAX_REGULAR_TOKENLEN);
|
||||||
|
|
||||||
|
token[tokenlen++] = qkm.id;
|
||||||
|
|
||||||
auto rv = ngtcp2_conn_submit_new_token(conn_, token.data(), tokenlen);
|
auto rv = ngtcp2_conn_submit_new_token(conn_, token.data(), tokenlen);
|
||||||
if (rv != 0) {
|
if (rv != 0) {
|
||||||
ULOG(ERROR, this) << "ngtcp2_conn_submit_new_token: "
|
ULOG(ERROR, this) << "ngtcp2_conn_submit_new_token: "
|
||||||
|
|
|
@ -358,10 +358,9 @@ int generate_quic_connection_id_encryption_key(uint8_t *key, size_t keylen,
|
||||||
}
|
}
|
||||||
|
|
||||||
const QUICKeyingMaterial *
|
const QUICKeyingMaterial *
|
||||||
select_quic_keying_material(const QUICKeyingMaterials &qkms,
|
select_quic_keying_material(const QUICKeyingMaterials &qkms, uint8_t km_id) {
|
||||||
const uint8_t *cid) {
|
|
||||||
for (auto &qkm : qkms.keying_materials) {
|
for (auto &qkm : qkms.keying_materials) {
|
||||||
if (((*cid) & 0xc0) == qkm.id) {
|
if (km_id == qkm.id) {
|
||||||
return &qkm;
|
return &qkm;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -76,6 +76,7 @@ constexpr size_t SHRPX_QUIC_STATELESS_RESET_BURST = 100;
|
||||||
constexpr size_t SHRPX_QUIC_SECRET_RESERVEDLEN = 4;
|
constexpr size_t SHRPX_QUIC_SECRET_RESERVEDLEN = 4;
|
||||||
constexpr size_t SHRPX_QUIC_SECRETLEN = 32;
|
constexpr size_t SHRPX_QUIC_SECRETLEN = 32;
|
||||||
constexpr size_t SHRPX_QUIC_SALTLEN = 32;
|
constexpr size_t SHRPX_QUIC_SALTLEN = 32;
|
||||||
|
constexpr uint8_t SHRPX_QUIC_DCID_KM_ID_MASK = 0xc0;
|
||||||
|
|
||||||
ngtcp2_tstamp quic_timestamp();
|
ngtcp2_tstamp quic_timestamp();
|
||||||
|
|
||||||
|
@ -130,8 +131,7 @@ int generate_quic_connection_id_encryption_key(uint8_t *key, size_t keylen,
|
||||||
size_t saltlen);
|
size_t saltlen);
|
||||||
|
|
||||||
const QUICKeyingMaterial *
|
const QUICKeyingMaterial *
|
||||||
select_quic_keying_material(const QUICKeyingMaterials &qkms,
|
select_quic_keying_material(const QUICKeyingMaterials &qkms, uint8_t km_id);
|
||||||
const uint8_t *cid);
|
|
||||||
|
|
||||||
} // namespace shrpx
|
} // namespace shrpx
|
||||||
|
|
||||||
|
|
|
@ -128,7 +128,8 @@ int QUICConnectionHandler::handle_packet(const UpstreamAddr *faddr,
|
||||||
const QUICKeyingMaterial *qkm = nullptr;
|
const QUICKeyingMaterial *qkm = nullptr;
|
||||||
|
|
||||||
if (vc.dcidlen == SHRPX_QUIC_SCIDLEN) {
|
if (vc.dcidlen == SHRPX_QUIC_SCIDLEN) {
|
||||||
qkm = select_quic_keying_material(*qkms.get(), vc.dcid);
|
qkm = select_quic_keying_material(
|
||||||
|
*qkms.get(), vc.dcid[0] & SHRPX_QUIC_DCID_KM_ID_MASK);
|
||||||
|
|
||||||
if (decrypt_quic_connection_id(decrypted_dcid.data(),
|
if (decrypt_quic_connection_id(decrypted_dcid.data(),
|
||||||
vc.dcid + SHRPX_QUIC_CID_PREFIX_OFFSET,
|
vc.dcid + SHRPX_QUIC_CID_PREFIX_OFFSET,
|
||||||
|
@ -221,7 +222,8 @@ int QUICConnectionHandler::handle_packet(const UpstreamAddr *faddr,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
auto qkm = select_quic_keying_material(*qkms.get(), vc.dcid);
|
auto qkm = select_quic_keying_material(
|
||||||
|
*qkms.get(), vc.dcid[0] & SHRPX_QUIC_DCID_KM_ID_MASK);
|
||||||
|
|
||||||
if (verify_retry_token(odcid, hd.token.base, hd.token.len, hd.version,
|
if (verify_retry_token(odcid, hd.token.base, hd.token.len, hd.version,
|
||||||
hd.dcid, &remote_addr.su.sa, remote_addr.len,
|
hd.dcid, &remote_addr.su.sa, remote_addr.len,
|
||||||
|
@ -257,12 +259,26 @@ int QUICConnectionHandler::handle_packet(const UpstreamAddr *faddr,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Regarding the QUIC secret that encrypted this token, DCID
|
if (hd.token.len != NGTCP2_CRYPTO_MAX_REGULAR_TOKENLEN + 1) {
|
||||||
// is a client chosen one, and we have no information embedded
|
if (LOG_ENABLED(INFO)) {
|
||||||
// in a token. Just use the first QUIC secret.
|
LOG(INFO) << "Failed to validate token from remote="
|
||||||
auto qkm = &qkms->keying_materials.front();
|
<< util::to_numeric_addr(&remote_addr);
|
||||||
|
}
|
||||||
|
|
||||||
if (verify_token(hd.token.base, hd.token.len, &remote_addr.su.sa,
|
if (quicconf.upstream.require_token) {
|
||||||
|
send_retry(faddr, vc.version, vc.dcid, vc.dcidlen, vc.scid,
|
||||||
|
vc.scidlen, remote_addr, local_addr, datalen * 3);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
auto qkm = select_quic_keying_material(
|
||||||
|
*qkms.get(), hd.token.base[NGTCP2_CRYPTO_MAX_REGULAR_TOKENLEN]);
|
||||||
|
|
||||||
|
if (verify_token(hd.token.base, hd.token.len - 1, &remote_addr.su.sa,
|
||||||
remote_addr.len, qkm->secret.data(),
|
remote_addr.len, qkm->secret.data(),
|
||||||
qkm->secret.size()) != 0) {
|
qkm->secret.size()) != 0) {
|
||||||
if (LOG_ENABLED(INFO)) {
|
if (LOG_ENABLED(INFO)) {
|
||||||
|
|
Loading…
Reference in New Issue