QUIC: TLS_AES_128_CCM_SHA256 cipher suite support.

author: Roman Arutyunyan <arut@nginx.com> 2023-06-20 16:10:49 +0400
committer: Roman Arutyunyan <arut@nginx.com> 2023-06-20 16:10:49 +0400
commit: 69826dd4f766e5e7748f8dbdd14e6c3073250d5a (patch)
tree: 333135f6b82ac29981c756ba10fc4eff3b672c7d /src
parent: 3ee1051912c5e3df89d270fd5c533a4af4d0c2ee (diff)
download: nginx-69826dd4f766e5e7748f8dbdd14e6c3073250d5a.tar.gz
nginx-69826dd4f766e5e7748f8dbdd14e6c3073250d5a.zip
2 files changed, 49 insertions, 11 deletions
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
index 052dff97a..e4b21fe4d 100644
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -94,6 +94,15 @@ ngx_quic_ciphers(ngx_uint_t id, ngx_quic_ciphers_t *ciphers,
         len = 32;
         break;
 
+#ifndef OPENSSL_IS_BORINGSSL
+    case TLS1_3_CK_AES_128_CCM_SHA256:
+        ciphers->c = EVP_aes_128_ccm();
+        ciphers->hp = EVP_aes_128_ctr();
+        ciphers->d = EVP_sha256();
+        len = 16;
+        break;
+#endif
+
     default:
         return NGX_ERROR;
     }
@@ -384,6 +393,17 @@ ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
         return NGX_ERROR;
     }
 
+    tag = in->data + in->len - NGX_QUIC_TAG_LEN;
+
+    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, NGX_QUIC_TAG_LEN, tag)
+        == 0)
+    {
+        EVP_CIPHER_CTX_free(ctx);
+        ngx_ssl_error(NGX_LOG_INFO, log, 0,
+                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_SET_TAG) failed");
+        return NGX_ERROR;
+    }
+
     if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, s->iv.len, NULL)
         == 0)
     {
@@ -399,6 +419,15 @@ ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
         return NGX_ERROR;
     }
 
+    if (EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE
+        && EVP_DecryptUpdate(ctx, NULL, &len, NULL, in->len - NGX_QUIC_TAG_LEN)
+           != 1)
+    {
+        EVP_CIPHER_CTX_free(ctx);
+        ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed");
+        return NGX_ERROR;
+    }
+
     if (EVP_DecryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) {
         EVP_CIPHER_CTX_free(ctx);
         ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed");
@@ -415,16 +444,6 @@ ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
     }
 
     out->len = len;
-    tag = in->data + in->len - NGX_QUIC_TAG_LEN;
-
-    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, NGX_QUIC_TAG_LEN, tag)
-        == 0)
-    {
-        EVP_CIPHER_CTX_free(ctx);
-        ngx_ssl_error(NGX_LOG_INFO, log, 0,
-                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_SET_TAG) failed");
-        return NGX_ERROR;
-    }
 
     if (EVP_DecryptFinal_ex(ctx, out->data + len, &len) <= 0) {
         EVP_CIPHER_CTX_free(ctx);
@@ -482,6 +501,17 @@ ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
         return NGX_ERROR;
     }
 
+    if (EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE
+        && EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, NGX_QUIC_TAG_LEN,
+                               NULL)
+           == 0)
+    {
+        EVP_CIPHER_CTX_free(ctx);
+        ngx_ssl_error(NGX_LOG_INFO, log, 0,
+                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_SET_TAG) failed");
+        return NGX_ERROR;
+    }
+
     if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, s->iv.len, NULL)
         == 0)
     {
@@ -497,6 +527,14 @@ ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
         return NGX_ERROR;
     }
 
+    if (EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE
+        && EVP_EncryptUpdate(ctx, NULL, &len, NULL, in->len) != 1)
+    {
+        EVP_CIPHER_CTX_free(ctx);
+        ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed");
+        return NGX_ERROR;
+    }
+
     if (EVP_EncryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) {
         EVP_CIPHER_CTX_free(ctx);
         ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed");
diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
index 0cec1d81a..4e56ea9d1 100644
--- a/src/event/quic/ngx_event_quic_protection.h
+++ b/src/event/quic/ngx_event_quic_protection.h
@@ -16,7 +16,7 @@
 
 #define NGX_QUIC_ENCRYPTION_LAST  ((ssl_encryption_application) + 1)
 
-/* RFC 5116, 5.1 and RFC 8439, 2.3/2.5 for all supported ciphers */
+/* RFC 5116, 5.1/5.3 and RFC 8439, 2.3/2.5 for all supported ciphers */
 #define NGX_QUIC_IV_LEN               12
 #define NGX_QUIC_TAG_LEN              16
author	Roman Arutyunyan <arut@nginx.com>	2023-06-20 16:10:49 +0400
committer	Roman Arutyunyan <arut@nginx.com>	2023-06-20 16:10:49 +0400
commit	69826dd4f766e5e7748f8dbdd14e6c3073250d5a (patch)
tree	333135f6b82ac29981c756ba10fc4eff3b672c7d /src
parent	3ee1051912c5e3df89d270fd5c533a4af4d0c2ee (diff)
download	nginx-69826dd4f766e5e7748f8dbdd14e6c3073250d5a.tar.gz nginx-69826dd4f766e5e7748f8dbdd14e6c3073250d5a.zip