min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test(boring): fix ech test (#77)

This commit is contained in:
0x676e67 2025-06-17 22:26:23 +08:00 committed by GitHub
parent f4419dc416
commit f08c7cf8b7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

157
boring-sys/patches/boringssl-44b3df6f03d85c901767250329c571db405122d5.patch
View File

@ -4983,7 +4983,7 @@ index 6e5cc2da1..b1b31f3a7 100644
ticket_age_skew < std::numeric_limits<int32_t>::min()) { ticket_age_skew < std::numeric_limits<int32_t>::min()) {
return false; return false;
diff --git a/src/ssl/handshake_client.cc b/src/ssl/handshake_client.cc diff --git a/src/ssl/handshake_client.cc b/src/ssl/handshake_client.cc
index 971ebd0b1..348fb93dc 100644 index 971ebd0b1..27a8abfae 100644
--- a/src/ssl/handshake_client.cc --- a/src/ssl/handshake_client.cc
+++ b/src/ssl/handshake_client.cc +++ b/src/ssl/handshake_client.cc
@@ -158,6 +158,8 @@ @@ -158,6 +158,8 @@
@ -4995,79 +4995,7 @@ index 971ebd0b1..348fb93dc 100644
#include <openssl/ec_key.h> #include <openssl/ec_key.h>
#include <openssl/ecdsa.h> #include <openssl/ecdsa.h>
#include <openssl/err.h> #include <openssl/err.h>
@@ -215,13 +217,15 @@ static void ssl_get_client_disabled(const SSL_HANDSHAKE *hs, @@ -1119,7 +1121,26 @@ static enum ssl_hs_wait_t do_read_server_key_exchange(SSL_HANDSHAKE *hs) {
}
}
-static bool ssl_add_tls13_cipher(CBB *cbb, uint16_t cipher_id,
- ssl_compliance_policy_t policy) {
- if (ssl_tls13_cipher_meets_policy(cipher_id, policy)) {
- return CBB_add_u16(cbb, cipher_id);
- }
- return true;
-}
+// Comment this part of the code to cancel the device AES encryption cipher sequence priority, which may affect performance.
+// Compatible with some Firefox cipher sequence order
+// static bool ssl_add_tls13_cipher(CBB *cbb, uint16_t cipher_id,
+// ssl_compliance_policy_t policy) {
+// if (ssl_tls13_cipher_meets_policy(cipher_id, policy)) {
+// return CBB_add_u16(cbb, cipher_id);
+// }
+// return true;
+// }
static bool ssl_write_client_cipher_list(const SSL_HANDSHAKE *hs, CBB *out,
ssl_client_hello_type_t type) {
@@ -242,26 +246,28 @@ static bool ssl_write_client_cipher_list(const SSL_HANDSHAKE *hs, CBB *out,
// Add TLS 1.3 ciphers. Order ChaCha20-Poly1305 relative to AES-GCM based on
// hardware support.
- if (hs->max_version >= TLS1_3_VERSION) {
- const bool has_aes_hw = ssl->config->aes_hw_override
- ? ssl->config->aes_hw_override_value
- : EVP_has_aes_hardware();
-
- if ((!has_aes_hw && //
- !ssl_add_tls13_cipher(&child,
- TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
- ssl->config->tls13_cipher_policy)) ||
- !ssl_add_tls13_cipher(&child, TLS1_3_CK_AES_128_GCM_SHA256 & 0xffff,
- ssl->config->tls13_cipher_policy) ||
- !ssl_add_tls13_cipher(&child, TLS1_3_CK_AES_256_GCM_SHA384 & 0xffff,
- ssl->config->tls13_cipher_policy) ||
- (has_aes_hw && //
- !ssl_add_tls13_cipher(&child,
- TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
- ssl->config->tls13_cipher_policy))) {
- return false;
- }
- }
+ // Comment this part of the code to cancel the device AES encryption cipher sequence priority, which may affect performance.
+ // Compatible with some Firefox cipher sequence order
+ // if (hs->max_version >= TLS1_3_VERSION) {
+ // const bool has_aes_hw = ssl->config->aes_hw_override
+ // ? ssl->config->aes_hw_override_value
+ // : EVP_has_aes_hardware();
+
+ // if ((!has_aes_hw && //
+ // !ssl_add_tls13_cipher(&child,
+ // TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
+ // ssl->config->tls13_cipher_policy)) ||
+ // !ssl_add_tls13_cipher(&child, TLS1_3_CK_AES_128_GCM_SHA256 & 0xffff,
+ // ssl->config->tls13_cipher_policy) ||
+ // !ssl_add_tls13_cipher(&child, TLS1_3_CK_AES_256_GCM_SHA384 & 0xffff,
+ // ssl->config->tls13_cipher_policy) ||
+ // (has_aes_hw && //
+ // !ssl_add_tls13_cipher(&child,
+ // TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
+ // ssl->config->tls13_cipher_policy))) {
+ // return false;
+ // }
+ // }
if (hs->min_version < TLS1_3_VERSION && type != ssl_client_hello_inner) {
bool any_enabled = false;
@@ -1119,7 +1125,26 @@ static enum ssl_hs_wait_t do_read_server_key_exchange(SSL_HANDSHAKE *hs) {
hs->peer_psk_identity_hint.reset(raw); hs->peer_psk_identity_hint.reset(raw);
} }
@ -5095,7 +5023,7 @@ index 971ebd0b1..348fb93dc 100644
// Parse the server parameters. // Parse the server parameters.
uint8_t group_type; uint8_t group_type;
uint16_t group_id; uint16_t group_id;
@@ -1477,6 +1502,58 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) { @@ -1477,6 +1498,58 @@ static enum ssl_hs_wait_t do_send_client_key_exchange(SSL_HANDSHAKE *hs) {
!CBB_flush(&body)) { !CBB_flush(&body)) {
return ssl_hs_error; return ssl_hs_error;
} }
@ -5311,7 +5239,7 @@ index 1e6da2153..2a342d768 100644
~ssl_ctx_st(); ~ssl_ctx_st();
friend OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *); friend OPENSSL_EXPORT void SSL_CTX_free(SSL_CTX *);
diff --git a/src/ssl/ssl_cipher.cc b/src/ssl/ssl_cipher.cc diff --git a/src/ssl/ssl_cipher.cc b/src/ssl/ssl_cipher.cc
index ebb075351..44febcb50 100644 index ebb075351..e272c4fed 100644
--- a/src/ssl/ssl_cipher.cc --- a/src/ssl/ssl_cipher.cc
+++ b/src/ssl/ssl_cipher.cc +++ b/src/ssl/ssl_cipher.cc
@@ -175,26 +175,106 @@ static constexpr SSL_CIPHER kCiphers[] = { @@ -175,26 +175,106 @@ static constexpr SSL_CIPHER kCiphers[] = {
@ -5567,34 +5495,7 @@ index ebb075351..44febcb50 100644
// GCM based TLS v1.2 ciphersuites from RFC 5289 // GCM based TLS v1.2 ciphersuites from RFC 5289
// Cipher C02B // Cipher C02B
@@ -467,15 +647,17 @@ Span<const SSL_CIPHER> AllCiphers() { @@ -550,6 +730,10 @@ static const CIPHER_ALIAS kCipherAliases[] = {
return MakeConstSpan(kCiphers, OPENSSL_ARRAY_SIZE(kCiphers));
}
-static constexpr size_t NumTLS13Ciphers() {
- size_t num = 0;
- for (const auto &cipher : kCiphers) {
- if (cipher.algorithm_mkey == SSL_kGENERIC) {
- num++;
- }
- }
- return num;
-}
+// Comment this part of the code to cancel the device AES encryption cipher sequence priority, which may affect performance.
+// Compatible with some Firefox cipher sequence order
+// static constexpr size_t NumTLS13Ciphers() {
+// size_t num = 0;
+// for (const auto &cipher : kCiphers) {
+// if (cipher.algorithm_mkey == SSL_kGENERIC) {
+// num++;
+// }
+// }
+// return num;
+// }
#define CIPHER_ADD 1
#define CIPHER_KILL 2
@@ -550,6 +732,10 @@ static const CIPHER_ALIAS kCipherAliases[] = {
// MAC aliases // MAC aliases
{"SHA1", ~0u, ~0u, ~0u, SSL_SHA1, 0}, {"SHA1", ~0u, ~0u, ~0u, SSL_SHA1, 0},
{"SHA", ~0u, ~0u, ~0u, SSL_SHA1, 0}, {"SHA", ~0u, ~0u, ~0u, SSL_SHA1, 0},
@ -5605,7 +5506,7 @@ index ebb075351..44febcb50 100644
// Legacy protocol minimum version aliases. "TLSv1" is intentionally the // Legacy protocol minimum version aliases. "TLSv1" is intentionally the
// same as "SSLv3". // same as "SSLv3".
@@ -641,11 +827,19 @@ bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead, @@ -641,11 +825,19 @@ bool ssl_cipher_get_evp_aead(const EVP_AEAD **out_aead,
} else if (cipher->algorithm_mac == SSL_SHA256) { } else if (cipher->algorithm_mac == SSL_SHA256) {
if (cipher->algorithm_enc == SSL_AES128) { if (cipher->algorithm_enc == SSL_AES128) {
*out_aead = EVP_aead_aes_128_cbc_sha256_tls(); *out_aead = EVP_aead_aes_128_cbc_sha256_tls();
@ -5625,7 +5526,7 @@ index ebb075351..44febcb50 100644
} else { } else {
return false; return false;
} }
@@ -1152,13 +1346,20 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list, @@ -1152,13 +1344,20 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 & 0xffff, TLS1_CK_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 & 0xffff,
}; };
static const uint16_t kLegacyCiphers[] = { static const uint16_t kLegacyCiphers[] = {
@ -5646,7 +5547,7 @@ index ebb075351..44febcb50 100644
TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 & 0xffff, TLS1_CK_RSA_WITH_AES_128_GCM_SHA256 & 0xffff,
TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 & 0xffff, TLS1_CK_RSA_WITH_AES_256_GCM_SHA384 & 0xffff,
TLS1_CK_RSA_WITH_AES_128_SHA & 0xffff, TLS1_CK_RSA_WITH_AES_128_SHA & 0xffff,
@@ -1166,12 +1367,28 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list, @@ -1166,6 +1365,12 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
TLS1_CK_RSA_WITH_AES_256_SHA & 0xffff, TLS1_CK_RSA_WITH_AES_256_SHA & 0xffff,
TLS1_CK_PSK_WITH_AES_256_CBC_SHA & 0xffff, TLS1_CK_PSK_WITH_AES_256_CBC_SHA & 0xffff,
SSL3_CK_RSA_DES_192_CBC3_SHA & 0xffff, SSL3_CK_RSA_DES_192_CBC3_SHA & 0xffff,
@ -5656,48 +5557,10 @@ index ebb075351..44febcb50 100644
+ TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 & 0xffff, + TLS1_CK_DHE_RSA_WITH_AES_256_SHA256 & 0xffff,
+ TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 & 0xffff, + TLS1_CK_DHE_RSA_WITH_AES_128_GCM_SHA256 & 0xffff,
+ TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 & 0xffff, + TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384 & 0xffff,
+ };
+ // Comment this part of the code to cancel the device AES encryption cipher sequence priority, which may affect performance.
+ // Compatible with some Firefox cipher sequence order
+ static const uint16_t kTLS13Ciphers[] = {
+ TLS1_3_CK_AES_128_GCM_SHA256 & 0xffff,
+ TLS1_3_CK_AES_256_GCM_SHA384 & 0xffff,
+ TLS1_3_CK_CHACHA20_POLY1305_SHA256 & 0xffff,
}; };
// Set up a linked list of ciphers. // Set up a linked list of ciphers.
- CIPHER_ORDER co_list[OPENSSL_ARRAY_SIZE(kAESCiphers) + @@ -1403,6 +1608,8 @@ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *cipher) {
- OPENSSL_ARRAY_SIZE(kChaChaCiphers) +
- OPENSSL_ARRAY_SIZE(kLegacyCiphers)];
+ // Comment this part of the code to cancel the device AES encryption cipher sequence priority, which may affect performance.
+ // Compatible with some Firefox cipher sequence order
+ // CIPHER_ORDER co_list[OPENSSL_ARRAY_SIZE(kAESCiphers) +
+ // OPENSSL_ARRAY_SIZE(kChaChaCiphers) +
+ // OPENSSL_ARRAY_SIZE(kLegacyCiphers)];
+ CIPHER_ORDER co_list[OPENSSL_ARRAY_SIZE(kCiphers)];
for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(co_list); i++) {
co_list[i].next =
i + 1 < OPENSSL_ARRAY_SIZE(co_list) ? &co_list[i + 1] : nullptr;
@@ -1207,8 +1424,17 @@ bool ssl_create_cipher_list(UniquePtr<SSLCipherPreferenceList> *out_cipher_list,
co_list[num++].cipher = SSL_get_cipher_by_value(id);
assert(co_list[num - 1].cipher != nullptr);
}
+ for (uint16_t id: kTLS13Ciphers) {
+ co_list[num++].cipher = SSL_get_cipher_by_value(id);
+ assert(co_list[num - 1].cipher != nullptr);
+ }
assert(num == OPENSSL_ARRAY_SIZE(co_list));
- static_assert(OPENSSL_ARRAY_SIZE(co_list) + NumTLS13Ciphers() ==
+ // Comment this part of the code to cancel the device AES encryption cipher sequence priority, which may affect performance.
+ // Compatible with some Firefox cipher sequence order
+ // static_assert(OPENSSL_ARRAY_SIZE(co_list) + NumTLS13Ciphers() ==
+ // OPENSSL_ARRAY_SIZE(kCiphers),
+ // "Not all ciphers are included in the cipher order");
+ static_assert(OPENSSL_ARRAY_SIZE(co_list) ==
OPENSSL_ARRAY_SIZE(kCiphers),
"Not all ciphers are included in the cipher order");
@@ -1403,6 +1629,8 @@ int SSL_CIPHER_get_digest_nid(const SSL_CIPHER *cipher) {
return NID_sha1; return NID_sha1;
case SSL_SHA256: case SSL_SHA256:
return NID_sha256; return NID_sha256;
@ -5706,7 +5569,7 @@ index ebb075351..44febcb50 100644
} }
assert(0); assert(0);
return NID_undef; return NID_undef;
@@ -1655,6 +1883,10 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, @@ -1655,6 +1862,10 @@ const char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf,
mac = "SHA256"; mac = "SHA256";
break; break;

1
boring/src/ssl/test/ech.rs
View File

@ -36,7 +36,6 @@ fn bootstrap_ech(config: &[u8], key: &[u8], list: &[u8]) -> (Server, ClientSslBu
} }
#[test] #[test]
#[ignore]
fn ech() { fn ech() {
let (_server, client) = bootstrap_ech(ECH_CONFIG, ECH_KEY, ECH_CONFIG_LIST); let (_server, client) = bootstrap_ech(ECH_CONFIG, ECH_KEY, ECH_CONFIG_LIST);