Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ssl: Remove compression handling #7447

Merged
merged 1 commit into from
Jul 10, 2023
Merged

ssl: Remove compression handling #7447

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 17 additions & 23 deletions lib/ssl/src/dtls_handshake.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,23 +91,21 @@ client_hello(_Host, _Port, Cookie, ConnectionStates,
cipher_suites =
ssl_handshake:cipher_suites(CipherSuites,
Renegotiation, Fallback),
compression_methods = ssl_record:compressions(),
random = SecParams#security_parameters.client_random,
cookie = Cookie,
extensions = Extensions
}.

hello(#server_hello{server_version = Version, random = Random,
cipher_suite = CipherSuite,
compression_method = Compression,
session_id = SessionId, extensions = HelloExt},
#{versions := SupportedVersions} = SslOpt,
ConnectionStates0, Renegotiation, OldId) ->
IsNew = ssl_session:is_new(OldId, SessionId),
case dtls_record:is_acceptable_version(Version, SupportedVersions) of
true ->
handle_server_hello_extensions(Version, SessionId, Random, CipherSuite,
Compression, HelloExt, SslOpt,
HelloExt, SslOpt,
ConnectionStates0, Renegotiation, IsNew);
false ->
throw(?ALERT_REC(?FATAL, ?PROTOCOL_VERSION))
Expand All @@ -121,12 +119,11 @@ hello(#client_hello{client_version = ClientVersion} = Hello,
cookie(Key, Address, Port, #client_hello{client_version = Version,
random = Random,
session_id = SessionId,
cipher_suites = CipherSuites,
compression_methods = CompressionMethods}) ->
cipher_suites = CipherSuites}) ->
{Major, Minor} = Version,
CookieData = [address_to_bin(Address, Port),
<<?BYTE(Major), ?BYTE(Minor)>>,
Random, SessionId, CipherSuites, CompressionMethods],
Random, SessionId, CipherSuites, [?NO_COMPRESSION]],
crypto:mac(hmac, sha, Key, CookieData).
%%--------------------------------------------------------------------
-spec hello_verify_request(binary(), ssl_record:ssl_version()) -> #hello_verify_request{}.
Expand Down Expand Up @@ -174,7 +171,6 @@ get_dtls_handshake(Version, Fragment, ProtocolBuffers, Options) ->
handle_client_hello(Version,
#client_hello{session_id = SugesstedId,
cipher_suites = CipherSuites,
compression_methods = Compressions,
random = Random,
extensions = HelloExt},
#{versions := Versions,
Expand All @@ -193,10 +189,10 @@ handle_client_hello(Version,
ECCCurve = ssl_handshake:select_curve(Curves, SupportedECCs, ECCOrder),
{Type, #session{cipher_suite = CipherSuite,
own_certificates = [OwnCert |_]} = Session1}
= ssl_handshake:select_session(SugesstedId, CipherSuites,
AvailableHashSigns, Compressions,
SessIdTracker, Session0#session{ecc = ECCCurve}, TLSVersion,
SslOpts, CertKeyPairs),
= ssl_handshake:select_session(SugesstedId, CipherSuites,
AvailableHashSigns,
SessIdTracker, Session0#session{ecc = ECCCurve},
TLSVersion, SslOpts, CertKeyPairs),
case CipherSuite of
no_suite ->
throw(?ALERT_REC(?FATAL, ?INSUFFICIENT_SECURITY));
Expand Down Expand Up @@ -228,19 +224,19 @@ handle_client_hello_extensions(Version, Type, Random, CipherSuites,
{Version, {Type, Session}, ConnectionStates, Protocol, ServerHelloExt, HashSign}.

handle_server_hello_extensions(Version, SessionId, Random, CipherSuite,
Compression, HelloExt, SslOpt, ConnectionStates0,
HelloExt, SslOpt, ConnectionStates0,
Renegotiation, IsNew) ->
{ConnectionStates, ProtoExt, Protocol, OcspState} =
ssl_handshake:handle_server_hello_extensions(
dtls_record, Random, CipherSuite, Compression, HelloExt,
dtls_record, Random, CipherSuite, HelloExt,
dtls_v1:corresponding_tls_version(Version), SslOpt, ConnectionStates0,
Renegotiation, IsNew),
{Version, SessionId, ConnectionStates, ProtoExt, Protocol, OcspState}.

%%--------------------------------------------------------------------

enc_handshake(#hello_verify_request{protocol_version = Version,
cookie = Cookie}, _Version) ->
cookie = Cookie}, _Version) ->
CookieLength = byte_size(Cookie),
{Major,Minor} = Version,
{?HELLO_VERIFY_REQUEST, <<?BYTE(Major), ?BYTE(Minor),
Expand All @@ -249,15 +245,14 @@ enc_handshake(#hello_verify_request{protocol_version = Version,
enc_handshake(#hello_request{}, _Version) ->
{?HELLO_REQUEST, <<>>};
enc_handshake(#client_hello{client_version = ClientVersion,
random = Random,
session_id = SessionID,
cookie = Cookie,
cipher_suites = CipherSuites,
compression_methods = CompMethods,
extensions = HelloExtensions}, _Version) ->
random = Random,
session_id = SessionID,
cookie = Cookie,
cipher_suites = CipherSuites,
extensions = HelloExtensions}, _Version) ->
SIDLength = byte_size(SessionID),
CookieLength = byte_size(Cookie),
BinCompMethods = list_to_binary(CompMethods),
BinCompMethods = list_to_binary([?NO_COMPRESSION]),
CmLength = byte_size(BinCompMethods),
BinCipherSuites = list_to_binary(CipherSuites),
CsLength = byte_size(BinCipherSuites),
Expand Down Expand Up @@ -345,7 +340,7 @@ decode_handshake(Version, ?CLIENT_HELLO, <<?UINT24(_), ?UINT16(_),
?BYTE(SID_length), Session_ID:SID_length/binary,
?BYTE(CookieLength), Cookie:CookieLength/binary,
?UINT16(Cs_length), CipherSuites:Cs_length/binary,
?BYTE(Cm_length), Comp_methods:Cm_length/binary,
?BYTE(Cm_length), _CompMethods:Cm_length/binary,
Extensions/binary>>) ->
TLSVersion = dtls_v1:corresponding_tls_version(Version),
LegacyVersion = dtls_v1:corresponding_tls_version({Major, Minor}),
Expand All @@ -358,7 +353,6 @@ decode_handshake(Version, ?CLIENT_HELLO, <<?UINT24(_), ?UINT16(_),
cookie = Cookie,
session_id = Session_ID,
cipher_suites = ssl_handshake:decode_suites('2_bytes', CipherSuites),
compression_methods = Comp_methods,
extensions = DecodedExtensions
};
decode_handshake(_Version, ?HELLO_VERIFY_REQUEST, <<?UINT24(_), ?UINT16(_),
Expand Down
69 changes: 24 additions & 45 deletions lib/ssl/src/dtls_record.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ current_connection_state_epoch(#{current_write := #{epoch := Epoch}},
ssl_options()) -> {[binary()], binary()} | #alert{}.
%%
%% Description: Given old buffer and new data from UDP/SCTP, packs up a records
%% and returns it as a list of tls_compressed binaries also returns leftover
%% and returns it as a list of binaries also returns leftover
%% data
%%--------------------------------------------------------------------
get_dtls_records(Data, Vinfo, Buffer, #{log_level := LogLevel}) ->
Expand Down Expand Up @@ -412,7 +412,6 @@ initial_connection_state(ConnectionEnd, BeastMitigation) ->
sequence_number => 0,
replay_window => init_replay_window(),
beast_mitigation => BeastMitigation,
compression_state => undefined,
cipher_state => undefined,
mac_secret => undefined,
secure_renegotiation => undefined,
Expand Down Expand Up @@ -537,93 +536,73 @@ encode_dtls_cipher_text(Type, Version, Fragment,
?UINT48(Seq), ?UINT16(Length)>>, Fragment],
WriteState#{sequence_number => Seq + 1}}.

encode_plain_text(Type, Version, Data, #{compression_state := CompS0,
cipher_state := CipherS0,
encode_plain_text(Type, Version, Data, #{cipher_state := CipherS0,
epoch := Epoch,
sequence_number := Seq,
security_parameters :=
#security_parameters{
cipher_type = ?AEAD,
bulk_cipher_algorithm = BCAlg,
compression_algorithm = CompAlg}
bulk_cipher_algorithm = BCAlg}
} = WriteState0) ->
{Comp, CompS1} = ssl_record:compress(CompAlg, Data, CompS0),
AAD = start_additional_data(Type, Version, Epoch, Seq),
CipherS = ssl_record:nonce_seed(BCAlg, <<?UINT16(Epoch), ?UINT48(Seq)>>, CipherS0),
WriteState = WriteState0#{compression_state => CompS1,
cipher_state => CipherS},
WriteState = WriteState0#{cipher_state => CipherS},
TLSVersion = dtls_v1:corresponding_tls_version(Version),
ssl_record:cipher_aead(TLSVersion, Comp, WriteState, AAD);
encode_plain_text(Type, Version, Fragment, #{compression_state := CompS0,
epoch := Epoch,
sequence_number := Seq,
cipher_state := CipherS0,
security_parameters :=
#security_parameters{compression_algorithm = CompAlg,
bulk_cipher_algorithm =
BulkCipherAlgo}
}= WriteState0) ->
{Comp, CompS1} = ssl_record:compress(CompAlg, Fragment, CompS0),
WriteState1 = WriteState0#{compression_state => CompS1},
MAC = calc_mac_hash(Type, Version, WriteState1, Epoch, Seq, Comp),
ssl_record:cipher_aead(TLSVersion, Data, WriteState, AAD);
encode_plain_text(Type, Version, Fragment, #{epoch := Epoch,
sequence_number := Seq,
cipher_state := CipherS0,
security_parameters :=
#security_parameters{bulk_cipher_algorithm =
BulkCipherAlgo}
}= WriteState) ->
MAC = calc_mac_hash(Type, Version, WriteState, Epoch, Seq, Fragment),
TLSVersion = dtls_v1:corresponding_tls_version(Version),
{CipherFragment, CipherS1} =
ssl_cipher:cipher(BulkCipherAlgo, CipherS0, MAC, Fragment, TLSVersion),
{CipherFragment, WriteState0#{cipher_state => CipherS1}}.
{CipherFrag, CipherS1} = ssl_cipher:cipher(BulkCipherAlgo, CipherS0, MAC, Fragment, TLSVersion),
{CipherFrag, WriteState#{cipher_state => CipherS1}}.

%%--------------------------------------------------------------------
decode_cipher_text(#ssl_tls{type = Type, version = Version,
epoch = Epoch,
sequence_number = Seq,
fragment = CipherFragment} = CipherText,
#{compression_state := CompressionS0,
cipher_state := CipherS0,
#{cipher_state := CipherS0,
security_parameters :=
#security_parameters{
cipher_type = ?AEAD,
bulk_cipher_algorithm =
BulkCipherAlgo,
compression_algorithm = CompAlg}} = ReadState0,
bulk_cipher_algorithm = BulkCipherAlgo
}} = ReadState0,
ConnnectionStates0) ->
AAD = start_additional_data(Type, Version, Epoch, Seq),
CipherS = ssl_record:nonce_seed(BulkCipherAlgo, <<?UINT16(Epoch), ?UINT48(Seq)>>, CipherS0),
TLSVersion = dtls_v1:corresponding_tls_version(Version),
case ssl_record:decipher_aead(BulkCipherAlgo, CipherS, AAD, CipherFragment, TLSVersion) of
PlainFragment when is_binary(PlainFragment) ->
{Plain, CompressionS} = ssl_record:uncompress(CompAlg,
PlainFragment, CompressionS0),
ReadState1 = ReadState0#{compression_state := CompressionS,
cipher_state := CipherS},
ReadState1 = ReadState0#{cipher_state := CipherS},
ReadState = update_replay_window(Seq, ReadState1),
ConnnectionStates = set_connection_state_by_epoch(ReadState, Epoch, ConnnectionStates0, read),
{CipherText#ssl_tls{fragment = Plain}, ConnnectionStates};
{CipherText#ssl_tls{fragment = PlainFragment}, ConnnectionStates};
#alert{} = Alert ->
Alert
end;
decode_cipher_text(#ssl_tls{type = Type, version = Version,
epoch = Epoch,
sequence_number = Seq,
fragment = CipherFragment} = CipherText,
#{compression_state := CompressionS0,
security_parameters :=
#security_parameters{
compression_algorithm = CompAlg}} = ReadState0,
ReadState0,
ConnnectionStates0) ->
{PlainFragment, Mac, ReadState1} = ssl_record:decipher(dtls_v1:corresponding_tls_version(Version),
CipherFragment, ReadState0, true),
MacHash = calc_mac_hash(Type, Version, ReadState1, Epoch, Seq, PlainFragment),
case ssl_record:is_correct_mac(Mac, MacHash) of
true ->
{Plain, CompressionS1} = ssl_record:uncompress(CompAlg,
PlainFragment, CompressionS0),

ReadState2 = ReadState1#{compression_state => CompressionS1},
ReadState = update_replay_window(Seq, ReadState2),
ReadState = update_replay_window(Seq, ReadState1),
ConnnectionStates = set_connection_state_by_epoch(ReadState, Epoch, ConnnectionStates0, read),
{CipherText#ssl_tls{fragment = Plain}, ConnnectionStates};
{CipherText#ssl_tls{fragment = PlainFragment}, ConnnectionStates};
false ->
?ALERT_REC(?FATAL, ?BAD_RECORD_MAC)
end.

%%--------------------------------------------------------------------

calc_mac_hash(Type, Version, #{mac_secret := MacSecret,
Expand Down
4 changes: 0 additions & 4 deletions lib/ssl/src/ssl_alert.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,8 +155,6 @@ description_txt(?DECRYPTION_FAILED_RESERVED) ->
"Decryption Failed Reserved";
description_txt(?RECORD_OVERFLOW) ->
"Record Overflow";
description_txt(?DECOMPRESSION_FAILURE) ->
"Decompression Failure";
description_txt(?HANDSHAKE_FAILURE) ->
"Handshake Failure";
description_txt(?NO_CERTIFICATE_RESERVED) ->
Expand Down Expand Up @@ -226,8 +224,6 @@ description_atom(?DECRYPTION_FAILED_RESERVED) ->
decryption_failed_reserved;
description_atom(?RECORD_OVERFLOW) ->
record_overflow;
description_atom(?DECOMPRESSION_FAILURE) ->
decompression_failure;
description_atom(?HANDSHAKE_FAILURE) ->
handshake_failure;
description_atom(?NO_CERTIFICATE_RESERVED) ->
Expand Down
2 changes: 1 addition & 1 deletion lib/ssl/src/ssl_alert.hrl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@
-define(BAD_RECORD_MAC, 20).
-define(DECRYPTION_FAILED_RESERVED, 21).
-define(RECORD_OVERFLOW, 22).
-define(DECOMPRESSION_FAILURE, 30).
%%-define(DECOMPRESSION_FAILURE, 30). NOT USED
-define(HANDSHAKE_FAILURE, 40).
-define(NO_CERTIFICATE_RESERVED, 41).
-define(BAD_CERTIFICATE, 42).
Expand Down
14 changes: 7 additions & 7 deletions lib/ssl/src/ssl_cipher.erl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -925,9 +925,9 @@ generic_block_cipher_from_bin(?TLS_1_0, T, IV, HashSize)->
PadLength0 >= Sz1 -> 0;
true -> PadLength0
end,
CompressedLength = byte_size(T) - PadLength - 1 - HashSize,
<<Content:CompressedLength/binary, Mac:HashSize/binary,
Padding:PadLength/binary, ?BYTE(PadLength0)>> = T,
Length = byte_size(T) - PadLength - 1 - HashSize,
<<Content:Length/binary, Mac:HashSize/binary,
Padding:PadLength/binary, ?BYTE(PadLength0)>> = T,
#generic_block_cipher{content=Content, mac=Mac,
padding=Padding, padding_length=PadLength0,
next_iv = IV};
Expand All @@ -937,17 +937,17 @@ generic_block_cipher_from_bin(Version, T, IV, HashSize)
Sz1 = byte_size(T) - 1,
<<_:Sz1/binary, ?BYTE(PadLength)>> = T,
IVLength = byte_size(IV),
CompressedLength = byte_size(T) - IVLength - PadLength - 1 - HashSize,
<<NextIV:IVLength/binary, Content:CompressedLength/binary, Mac:HashSize/binary,
Length = byte_size(T) - IVLength - PadLength - 1 - HashSize,
<<NextIV:IVLength/binary, Content:Length/binary, Mac:HashSize/binary,
Padding:PadLength/binary, ?BYTE(PadLength)>> = T,
#generic_block_cipher{content=Content, mac=Mac,
padding=Padding, padding_length=PadLength,
next_iv = NextIV}.

generic_stream_cipher_from_bin(T, HashSz) ->
Sz = byte_size(T),
CompressedLength = Sz - HashSz,
<<Content:CompressedLength/binary, Mac:HashSz/binary>> = T,
Length = Sz - HashSz,
<<Content:Length/binary, Mac:HashSz/binary>> = T,
#generic_stream_cipher{content=Content,
mac=Mac}.

Expand Down
2 changes: 0 additions & 2 deletions lib/ssl/src/ssl_connection.hrl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,6 @@
%%
%% connection_state :: map()
%%
%% compression_state - not used
%% mac_secret - not used
%% sequence_number - not used
%% secure_renegotiation - not used, no renegotiation_info in TLS 1.3
Expand All @@ -190,7 +189,6 @@
%% mac_algorithm - not used
%% prf_algorithm - not used
%% hash_size - not used
%% compression_algorithm - not used
%% master_secret - used for multiple secret types in TLS 1.3
%% client_random - not used
%% server_random - not used
Expand Down
Loading