Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLSv1.3: add optional integrity-only ciphers [RFC 9150] #22903

Closed
wants to merge 7 commits into from
Closed

TLSv1.3: add optional integrity-only ciphers [RFC 9150] #22903

wants to merge 7 commits into from

Conversation

rajeev-0
Copy link
Contributor

@rajeev-0 rajeev-0 commented Dec 1, 2023
edited by DDvO

This implements the integrity-only ciphers for TLS v1.3 defined in RFC 9150 as requested in #18343.

Tests for the new cipher suites are implicitly added by evp_libctx_test.c.

Fixes #18343

Checklist
  • documentation is added or updated
  • tests are added or updated

@github-actions github-actions bot added the severity: fips change The pull request changes FIPS provider sources label Dec 1, 2023
@t8m t8m added branch: master Merge to master branch triaged: feature The issue/pr requests/adds a feature labels Dec 1, 2023
@slontis
Copy link
Member

slontis commented Dec 4, 2023

Just wondering, was this written from scratch, or is it a copy of someones else's work?

@rajeev-0
Copy link
Contributor Author

rajeev-0 commented Dec 4, 2023
edited by DDvO

As mentioned in #18343, Some work was done for openssl 1.1.1.
But it was not as described in RFC 9150 and was too much effort to adopt it. So I have to start from scratch. But if you know some work which is already done for openssl 3.0 and is as per RFC 9150, I will be happy to check it.

@slontis
Copy link
Member

slontis commented Dec 4, 2023

No I dont.. Just checking that we didnt need to get permission from another author, if it was derived from somewhere..

@rajeev-0
Copy link
Contributor Author

rajeev-0 commented Dec 4, 2023

Need help #22902

slontis
slontis reviewed Dec 5, 2023
View reviewed changes
ssl/tls13_enc.c Outdated Show resolved Hide resolved
@github-actions github-actions bot added the severity: ABI change This pull request contains ABI changes label Dec 6, 2023
slontis
slontis reviewed Dec 6, 2023
View reviewed changes
test/evp_libctx_test.c Outdated Show resolved Hide resolved
@rajeev-0 rajeev-0 force-pushed the add_IntegrityOnlyCipher_TLS13 branch 2 times, most recently from 58e3fff to 3c87345 Compare December 11, 2023 10:05
@rajeev-0 rajeev-0 marked this pull request as ready for review December 11, 2023 10:34
@rajeev-0 rajeev-0 marked this pull request as draft December 12, 2023 16:17
@rajeev-0 rajeev-0 force-pushed the add_IntegrityOnlyCipher_TLS13 branch from baebdaa to aa201ba Compare December 13, 2023 22:47
@rajeev-0 rajeev-0 marked this pull request as ready for review December 13, 2023 23:32
DDvO
DDvO requested changes Jan 8, 2024
View reviewed changes
Copy link
Contributor

@DDvO DDvO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One bug, a few memory leaks on error, several questions,
and various suggestions for small style, name, and text improvements

CHANGES.md Outdated Show resolved Hide resolved
doc/man1/openssl-ciphers.pod.in Outdated Show resolved Hide resolved
doc/man1/openssl-ciphers.pod.in Outdated Show resolved Hide resolved
include/openssl/evp.h Outdated Show resolved Hide resolved
Configure Outdated Show resolved Hide resolved
test/quicapitest.c Outdated Show resolved Hide resolved
test/sslapitest.c Outdated Show resolved Hide resolved
test/sslapitest.c Outdated Show resolved Hide resolved
test/sslapitest.c Outdated Show resolved Hide resolved
test/sslapitest.c Outdated Show resolved Hide resolved
@rajeev-0 rajeev-0 requested a review from DDvO January 16, 2024 09:18
@rajeev-0
Copy link
Contributor Author

@DDvO- Thankyou for the review. I did the required changes.

@DDvO
Copy link
Contributor

DDvO commented Jan 16, 2024

@DDvO- Thank you for the review. I did the required changes.

Fine. Just a few follow-up points - see above the the comments that I did not mark as resolved.

@DDvO
Copy link
Contributor

DDvO commented Jan 16, 2024

A general question, maybe to the OpenSSL team:

Do the tests that are referenced here include the test case that a TLS record is rejected in case its integrity gets violated in transit?

@rajeev-0 rajeev-0 force-pushed the add_IntegrityOnlyCipher_TLS13 branch from 9af3d51 to 7e33e58 Compare January 16, 2024 22:47
DDvO
DDvO requested changes Jan 17, 2024
View reviewed changes
Copy link
Contributor

@DDvO DDvO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests appear incomplete.

providers/implementations/ciphers/cipher_enull_hmac_hw.c Outdated Show resolved Hide resolved
@DDvO DDvO changed the title Add integrity only cipher tls13 TLSv1.3: add optional integrity-only ciphers [RFC 9150] Jan 17, 2024
@rajeev-0 rajeev-0 force-pushed the add_IntegrityOnlyCipher_TLS13 branch from b16f2e8 to 6825013 Compare January 19, 2024 14:49
@rajeev-0
Copy link
Contributor Author

@DDvO Thankyou for the review and pointing out incomplete test case.
I hope this time I covered all the test cases.

@rajeev-0 rajeev-0 requested a review from DDvO January 19, 2024 15:26
DDvO
DDvO approved these changes May 10, 2024
View reviewed changes
Copy link
Contributor

@DDvO DDvO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@DDvO DDvO added approval: otc review pending This pull request needs review by an OTC member and removed approval: review pending This pull request needs review by a committer labels May 10, 2024
@DDvO
Copy link
Contributor

DDvO commented May 10, 2024

@mattcaswell could you please re-approve.

@t8m t8m requested a review from mattcaswell May 10, 2024 13:02
t8m
t8m requested changes May 10, 2024
View reviewed changes
Copy link
Member

@t8m t8m left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the new empty test/recipes/30-test_evp_data/evpciph_null_hmac.txt

CHANGES.md Outdated Show resolved Hide resolved
Configure Outdated Show resolved Hide resolved
doc/man1/openssl-ciphers.pod.in Outdated Show resolved Hide resolved
doc/man1/openssl-ciphers.pod.in Outdated Show resolved Hide resolved
doc/man3/SSL_CTX_set_cipher_list.pod Outdated Show resolved Hide resolved
providers/implementations/ciphers/cipher_null.c Show resolved Hide resolved
ssl/record/methods/tls13_meth.c Outdated Show resolved Hide resolved
ssl/record/methods/tls13_meth.c Outdated Show resolved Hide resolved
@rajeev-0 rajeev-0 force-pushed the add_IntegrityOnlyCipher_TLS13 branch 2 times, most recently from 9f020b0 to a5241b0 Compare May 12, 2024 23:20
@rajeev-0 rajeev-0 requested a review from t8m May 13, 2024 08:31
@rajeev-0 rajeev-0 force-pushed the add_IntegrityOnlyCipher_TLS13 branch from a5241b0 to efa76a8 Compare May 13, 2024 10:21
@rajeev-0
Copy link
Contributor Author

Why the new empty test/recipes/30-test_evp_data/evpciph_null_hmac.txt

I removed the file. It was leftover from previous implementation.

@rajeev-0 rajeev-0 requested a review from mattcaswell May 13, 2024 11:18
@t8m t8m requested a review from DDvO May 13, 2024 11:27
@t8m t8m added approval: done This pull request has the required number of approvals and removed approval: otc review pending This pull request needs review by an OTC member labels May 13, 2024
DDvO
DDvO approved these changes May 13, 2024
View reviewed changes
Copy link
Contributor

@DDvO DDvO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reconfirmed

@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels May 14, 2024
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

@t8m
Copy link
Member

t8m commented May 14, 2024

Merged to the master branch with slightly reworded commit message. Thank you for your contribution.

Good work @rajeev-0!

@t8m t8m closed this May 14, 2024
openssl-machine pushed a commit that referenced this pull request May 14, 2024
@rajeev-0 @t8m
cipher_null.c: add NULL check
61f3239 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #22903)
openssl-machine pushed a commit that referenced this pull request May 14, 2024
@rajeev-0 @t8m
Add support for integrity-only cipher suites for TLS v1.3
b6a5e80 
- add test vectors for tls1_3 integrity-only ciphers
- recmethod_local.h: add new member for MAC
- tls13_meth.c: add MAC only to tls 1.3
- tls13_enc.c: extend function to add MAC only
- ssl_local.h: add ssl_cipher_get_evp_md_mac()
- s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS
- ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it
- tls13secretstest.c: add dummy test function
- Configure: add integrity-only-ciphers option
- document the new ciphers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #22903)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slontis slontis slontis left review comments

@DDvO DDvO DDvO approved these changes

@t8m t8m t8m approved these changes

@mattcaswell mattcaswell mattcaswell approved these changes

Assignees
No one assigned
Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch severity: ABI change This pull request contains ABI changes tests: present The PR has suitable tests present triaged: feature The issue/pr requests/adds a feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

TLS 1.3: add 'integrity-only' cipher suites
6 participants
@rajeev-0 @slontis @DDvO @t8m @mattcaswell @openssl-machine