diff options
| author | Daiki Ueno <dueno@redhat.com> | 2020-02-21 16:38:29 +0100 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2020-02-22 08:19:08 +0100 |
| commit | 8da3a71b358aa4a3199d1ee72c4e0d25a4588131 (patch) | |
| tree | d5b4d45bbdf4543e88ef4e0bcd58cad5789efa49 /lib | |
| parent | 0f48ce3d377e4975324216543d9a2d352ec825c3 (diff) | |
| download | gnutls-tmp-keylog-func.tar.gz | |
keylogfile: simplify the callback mechanismtmp-keylog-func
This partially reverts commit 97117556 with a simpler interface. The
original intention of having the callback mechanism was to reuse it
for monitoring QUIC encryption changes. However, it turned out to be
insufficient because such changes must be emitted after a new epoch is
ready.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/constate.c | 22 | ||||
| -rw-r--r-- | lib/ext/pre_shared_key.c | 4 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 2 | ||||
| -rw-r--r-- | lib/handshake-tls13.c | 2 | ||||
| -rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 53 | ||||
| -rw-r--r-- | lib/kx.c | 56 | ||||
| -rw-r--r-- | lib/kx.h | 10 | ||||
| -rw-r--r-- | lib/libgnutls.map | 2 | ||||
| -rw-r--r-- | lib/state.c | 5 |
9 files changed, 40 insertions, 116 deletions
diff --git a/lib/constate.c b/lib/constate.c index a11577d7ba..eb05fdd04c 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -197,7 +197,6 @@ _tls13_update_keys(gnutls_session_t session, hs_stage_t stage, char buf[65]; record_state_st *upd_state; record_parameters_st *prev = NULL; - gnutls_handshake_secret_type_t secret_type; int ret; /* generate new keys for direction needed and copy old from previous epoch */ @@ -275,7 +274,6 @@ _tls13_update_keys(gnutls_session_t session, hs_stage_t stage, ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.tls13.ap_ckey, iv_size, iv_block); if (ret < 0) return gnutls_assert_val(ret); - secret_type = GNUTLS_SECRET_CLIENT_TRAFFIC_SECRET; } else { ret = _tls13_expand_secret(session, APPLICATION_TRAFFIC_UPDATE, sizeof(APPLICATION_TRAFFIC_UPDATE)-1, @@ -293,14 +291,8 @@ _tls13_update_keys(gnutls_session_t session, hs_stage_t stage, ret = _tls13_expand_secret(session, "iv", 2, NULL, 0, session->key.proto.tls13.ap_skey, iv_size, iv_block); if (ret < 0) return gnutls_assert_val(ret); - secret_type = GNUTLS_SECRET_SERVER_TRAFFIC_SECRET; } - ret = _gnutls_call_secret_func(session, secret_type, - key_block, key_size); - if (ret < 0) - return gnutls_assert_val(ret); - upd_state->mac_key_size = 0; assert(key_size <= sizeof(upd_state->key)); @@ -396,7 +388,7 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, record_state_st *client_write, *server_write; const char *label; unsigned label_size, hsk_len; - gnutls_handshake_secret_type_t secret_type; + const char *keylog_label; void *ckey, *skey; int ret; @@ -412,13 +404,13 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, label = HANDSHAKE_CLIENT_TRAFFIC_LABEL; label_size = sizeof(HANDSHAKE_CLIENT_TRAFFIC_LABEL)-1; hsk_len = session->internals.handshake_hash_buffer.length; - secret_type = GNUTLS_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET; + keylog_label = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; ckey = session->key.proto.tls13.hs_ckey; } else { label = APPLICATION_CLIENT_TRAFFIC_LABEL; label_size = sizeof(APPLICATION_CLIENT_TRAFFIC_LABEL)-1; hsk_len = session->internals.handshake_hash_buffer_server_finished_len; - secret_type = GNUTLS_SECRET_CLIENT_TRAFFIC_SECRET; + keylog_label = "CLIENT_TRAFFIC_SECRET_0"; ckey = session->key.proto.tls13.ap_ckey; } @@ -430,7 +422,7 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_call_secret_func(session, secret_type, + ret = _gnutls_call_keylog_func(session, keylog_label, ckey, session->security_parameters.prf->output_size); if (ret < 0) @@ -449,12 +441,12 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, if (stage == STAGE_HS) { label = HANDSHAKE_SERVER_TRAFFIC_LABEL; label_size = sizeof(HANDSHAKE_SERVER_TRAFFIC_LABEL)-1; - secret_type = GNUTLS_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET; + keylog_label = "SERVER_HANDSHAKE_TRAFFIC_SECRET"; skey = session->key.proto.tls13.hs_skey; } else { label = APPLICATION_SERVER_TRAFFIC_LABEL; label_size = sizeof(APPLICATION_SERVER_TRAFFIC_LABEL)-1; - secret_type = GNUTLS_SECRET_SERVER_TRAFFIC_SECRET; + keylog_label = "SERVER_TRAFFIC_SECRET_0"; skey = session->key.proto.tls13.ap_skey; } @@ -467,7 +459,7 @@ _tls13_set_keys(gnutls_session_t session, hs_stage_t stage, if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_call_secret_func(session, secret_type, + ret = _gnutls_call_keylog_func(session, keylog_label, skey, session->security_parameters.prf->output_size); if (ret < 0) diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c index eef84814d6..8a39cda153 100644 --- a/lib/ext/pre_shared_key.c +++ b/lib/ext/pre_shared_key.c @@ -203,7 +203,7 @@ generate_early_secrets(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_call_secret_func(session, GNUTLS_SECRET_CLIENT_EARLY_TRAFFIC_SECRET, + ret = _gnutls_call_keylog_func(session, "CLIENT_EARLY_TRAFFIC_SECRET", session->key.proto.tls13.e_ckey, prf->output_size); if (ret < 0) @@ -217,7 +217,7 @@ generate_early_secrets(gnutls_session_t session, if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_call_secret_func(session, GNUTLS_SECRET_EARLY_EXPORTER_SECRET, + ret = _gnutls_call_keylog_func(session, "EARLY_EXPORTER_SECRET", session->key.proto.tls13.ap_expkey, prf->output_size); if (ret < 0) diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index cd2adc103d..d9d851be62 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -1243,7 +1243,7 @@ typedef struct { unsigned int h_type; /* the hooked type */ int16_t h_post; /* whether post-generation/receive */ - gnutls_handshake_secret_func secret_func; + gnutls_keylog_func keylog_func; /* holds the selected certificate and key. * use _gnutls_selected_certs_deinit() and _gnutls_selected_certs_set() diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index 39d002bd04..24f5af65c6 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -292,7 +292,7 @@ static int generate_ap_traffic_keys(gnutls_session_t session) if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_call_secret_func(session, GNUTLS_SECRET_EXPORTER_SECRET, + ret = _gnutls_call_keylog_func(session, "EXPORTER_SECRET", session->key.proto.tls13.ap_expkey, session->security_parameters.prf->output_size); if (ret < 0) diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 13b6c35659..cfc1f35e92 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -2292,58 +2292,23 @@ void gnutls_global_set_log_function(gnutls_log_func log_func); void gnutls_global_set_audit_log_function(gnutls_audit_log_func log_func); void gnutls_global_set_log_level(int level); -/** - * gnutls_handshake_secret_type_t: - * @GNUTLS_SECRET_CLIENT_RANDOM: 48 bytes for the master secret (for SSL 3.0, - * TLS 1.0, 1.1 and 1.2) - * @GNUTLS_SECRET_CLIENT_EARLY_TRAFFIC_SECRET: the early traffic secret for the - * client side (for TLS 1.3) - * @GNUTLS_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET: the handshake traffic secret - * for the client side (for TLS 1.3) - * @GNUTLS_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET: the handshake traffic secret - * for the server side (for TLS 1.3) - * @GNUTLS_SECRET_CLIENT_TRAFFIC_SECRET: the application traffic secret for the - * client side (for TLS 1.3) - * @GNUTLS_SECRET_SERVER_TRAFFIC_SECRET: the application traffic secret for the - * server side (for TLS 1.3) - * @GNUTLS_SECRET_EARLY_EXPORTER_SECRET: the early exporter secret (for TLS 1.3, - * used for 0-RTT keys). - * @GNUTLS_SECRET_EXPORTER_SECRET: the exporter secret (for TLS 1.3, used for - * 1-RTT keys) - * - * Enumeration of different types of secrets derived during handshake. - * This is used by gnutls_handshake_set_secret_function(). - * - * Since: 3.6.13 - */ -typedef enum { - GNUTLS_SECRET_CLIENT_RANDOM, - GNUTLS_SECRET_CLIENT_EARLY_TRAFFIC_SECRET, - GNUTLS_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET, - GNUTLS_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET, - GNUTLS_SECRET_CLIENT_TRAFFIC_SECRET, - GNUTLS_SECRET_SERVER_TRAFFIC_SECRET, - GNUTLS_SECRET_EARLY_EXPORTER_SECRET, - GNUTLS_SECRET_EXPORTER_SECRET -} gnutls_handshake_secret_type_t; - /** - * gnutls_handshake_secret_function: + * gnutls_keylog_func: * @session: the current session - * @type: #gnutls_handshake_secret_type_t + * @label: the keylog label * @secret: the (const) data of the derived secret. * - * Function prototype for secret derivation hooks. It is set using - * gnutls_handshake_set_secret_function(). + * Function prototype for keylog hooks. It is set using + * gnutls_session_set_keylog_function(). * * Returns: Non zero on error. * Since: 3.6.13 */ -typedef int (*gnutls_handshake_secret_func) (gnutls_session_t session, - gnutls_handshake_secret_type_t type, - const gnutls_datum_t *secret); -void gnutls_handshake_set_secret_function(gnutls_session_t session, - gnutls_handshake_secret_func func); +typedef int (*gnutls_keylog_func) (gnutls_session_t session, + const char *label, + const gnutls_datum_t *secret); +void gnutls_session_set_keylog_function(gnutls_session_t session, + gnutls_keylog_func func); /* Diffie-Hellman parameter handling. */ @@ -71,7 +71,7 @@ int _gnutls_generate_master(gnutls_session_t session, int keep_premaster) } /** - * gnutls_handshake_set_secret_function: + * gnutls_session_set_keylog_function: * @session: is #gnutls_session_t type * @func: is the function to be called * @@ -81,68 +81,36 @@ int _gnutls_generate_master(gnutls_session_t session, int keep_premaster) * Since: 3.6.13 */ void -gnutls_handshake_set_secret_function(gnutls_session_t session, - gnutls_handshake_secret_func func) +gnutls_session_set_keylog_function(gnutls_session_t session, + gnutls_keylog_func func) { - session->internals.secret_func = func; + session->internals.keylog_func = func; } int -_gnutls_call_secret_func(gnutls_session_t session, - gnutls_handshake_secret_type_t type, +_gnutls_call_keylog_func(gnutls_session_t session, + const char *label, const uint8_t *data, unsigned size) { - if (session->internals.secret_func) { + if (session->internals.keylog_func) { gnutls_datum_t secret = {(void*)data, size}; - return session->internals.secret_func(session, type, &secret); + return session->internals.keylog_func(session, label, &secret); } return 0; } -static const char * -secret_type_to_nss_keylog_label(gnutls_handshake_secret_type_t type) -{ - switch (type) { - case GNUTLS_SECRET_CLIENT_RANDOM: - return "CLIENT_RANDOM"; - case GNUTLS_SECRET_CLIENT_EARLY_TRAFFIC_SECRET: - return "CLIENT_EARLY_TRAFFIC_SECRET"; - case GNUTLS_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET: - return "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; - case GNUTLS_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET: - return "SERVER_HANDSHAKE_TRAFFIC_SECRET"; - case GNUTLS_SECRET_CLIENT_TRAFFIC_SECRET: - return "CLIENT_TRAFFIC_SECRET_0"; - case GNUTLS_SECRET_SERVER_TRAFFIC_SECRET: - return "SERVER_TRAFFIC_SECRET_0"; - case GNUTLS_SECRET_EARLY_EXPORTER_SECRET: - return "EARLY_EXPORTER_SECRET"; - case GNUTLS_SECRET_EXPORTER_SECRET: - return "EXPORTER_SECRET"; - default: - gnutls_assert(); - return NULL; - } -} - int -_gnutls_nss_keylog_secret_func(gnutls_session_t session, - gnutls_handshake_secret_type_t type, - const gnutls_datum_t *secret) +_gnutls_nss_keylog_func(gnutls_session_t session, + const char *label, + const gnutls_datum_t *secret) { - const char *label; - /* ignore subsequent traffic secrets that are calculated from * the previous traffic secret */ if (!session->internals.handshake_in_progress) return 0; - label = secret_type_to_nss_keylog_label(type); - if (unlikely(label == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - _gnutls_nss_keylog_write(session, label, secret->data, secret->size); return 0; } @@ -265,7 +233,7 @@ generate_normal_master(gnutls_session_t session, if (ret < 0) return ret; - ret = _gnutls_call_secret_func(session, GNUTLS_SECRET_CLIENT_RANDOM, + ret = _gnutls_call_keylog_func(session, "CLIENT_RANDOM", session->security_parameters.master_secret, GNUTLS_MASTER_SIZE); if (ret < 0) @@ -38,15 +38,15 @@ int _gnutls_recv_server_crt_request(gnutls_session_t session); int _gnutls_send_server_crt_request(gnutls_session_t session, int again); int _gnutls_recv_client_certificate_verify_message(gnutls_session_t session); -int _gnutls_call_secret_func(gnutls_session_t session, - gnutls_handshake_secret_type_t type, +int _gnutls_call_keylog_func(gnutls_session_t session, + const char *label, const uint8_t *data, unsigned size); void _gnutls_nss_keylog_write(gnutls_session_t session, const char *label, const uint8_t *secret, size_t secret_size); -int _gnutls_nss_keylog_secret_func(gnutls_session_t session, - gnutls_handshake_secret_type_t type, - const gnutls_datum_t *secret); +int _gnutls_nss_keylog_func(gnutls_session_t session, + const char *label, + const gnutls_datum_t *secret); #endif /* GNUTLS_LIB_KX_H */ diff --git a/lib/libgnutls.map b/lib/libgnutls.map index c1aace905e..234d43e755 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -1315,7 +1315,7 @@ GNUTLS_3_6_13 gnutls_hkdf_extract; gnutls_hkdf_expand; gnutls_pbkdf2; - gnutls_handshake_set_secret_function; + gnutls_session_set_keylog_function; } GNUTLS_3_6_12; GNUTLS_FIPS140_3_4 { diff --git a/lib/state.c b/lib/state.c index f33cd5a8bc..35ebb2a230 100644 --- a/lib/state.c +++ b/lib/state.c @@ -588,9 +588,8 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags) if (_gnutls_disable_tls13 != 0) (*session)->internals.flags |= INT_FLAG_NO_TLS13; - /* Install the default secret function */ - gnutls_handshake_set_secret_function(*session, - _gnutls_nss_keylog_secret_func); + /* Install the default keylog function */ + gnutls_session_set_keylog_function(*session, _gnutls_nss_keylog_func); return 0; } |