From f8e01e3d0c38a7844c54ff339bd5f3ccdf4a1e9e Mon Sep 17 00:00:00 2001 From: 0x676e67 Date: Fri, 20 Dec 2024 14:18:16 +0800 Subject: [PATCH] feat: Expose extended sorting from indices (#29) --- ...df6f03d85c901767250329c571db405122d5.patch | 4 +- boring/src/ssl/mod.rs | 100 +++++++++++++----- 2 files changed, 73 insertions(+), 31 deletions(-) diff --git a/boring-sys/patches/boringssl-44b3df6f03d85c901767250329c571db405122d5.patch b/boring-sys/patches/boringssl-44b3df6f03d85c901767250329c571db405122d5.patch index 1c9d83c2..9a63b2e9 100644 --- a/boring-sys/patches/boringssl-44b3df6f03d85c901767250329c571db405122d5.patch +++ b/boring-sys/patches/boringssl-44b3df6f03d85c901767250329c571db405122d5.patch @@ -4874,7 +4874,7 @@ index ebb075351..17fcaa13c 100644 "Not all ciphers are included in the cipher order"); diff --git a/src/ssl/ssl_key_share.cc b/src/ssl/ssl_key_share.cc -index 09a9ad380..a972e8dd1 100644 +index 09a9ad380..9c583b5ec 100644 --- a/src/ssl/ssl_key_share.cc +++ b/src/ssl/ssl_key_share.cc @@ -26,6 +26,7 @@ @@ -5463,7 +5463,7 @@ index 09a9ad380..a972e8dd1 100644 + {NID_X25519MLKEM768, SSL_CURVE_X25519_MLKEM768, + "X25519MLKEM768", "X25519MLKEM768"}, + -+ //unspport group but add them ++ // This is fake group id + {NID_ffdhe2048, SSL_CURVE_DHE2048, "dhe2048", "ffdhe2048"}, + {NID_ffdhe3072, SSL_CURVE_DHE3072, "dhe3072", "ffdhe3072"}, }; diff --git a/boring/src/ssl/mod.rs b/boring/src/ssl/mod.rs index 60e50da8..19450657 100644 --- a/boring/src/ssl/mod.rs +++ b/boring/src/ssl/mod.rs @@ -568,6 +568,49 @@ impl ExtensionType { pub const NEXT_PROTO_NEG: Self = Self(ffi::TLSEXT_TYPE_next_proto_neg as u16); pub const CHANNEL_ID: Self = Self(ffi::TLSEXT_TYPE_channel_id as u16); pub const RECORD_SIZE_LIMIT: Self = Self(ffi::TLSEXT_TYPE_record_size_limit as u16); + + /// The permutation of extension types used by BoringSSL. + pub const BORING_SSLEXTENSION_PERMUTATION: [ExtensionType; 25] = [ + ExtensionType::SERVER_NAME, + ExtensionType::ENCRYPTED_CLIENT_HELLO, + ExtensionType::EXTENDED_MASTER_SECRET, + ExtensionType::RENEGOTIATE, + ExtensionType::SUPPORTED_GROUPS, + ExtensionType::EC_POINT_FORMATS, + ExtensionType::SESSION_TICKET, + ExtensionType::APPLICATION_LAYER_PROTOCOL_NEGOTIATION, + ExtensionType::STATUS_REQUEST, + ExtensionType::SIGNATURE_ALGORITHMS, + ExtensionType::NEXT_PROTO_NEG, + ExtensionType::CERTIFICATE_TIMESTAMP, + ExtensionType::CHANNEL_ID, + ExtensionType::SRTP, + ExtensionType::KEY_SHARE, + ExtensionType::PSK_KEY_EXCHANGE_MODES, + ExtensionType::EARLY_DATA, + ExtensionType::SUPPORTED_VERSIONS, + ExtensionType::COOKIE, + ExtensionType::QUIC_TRANSPORT_PARAMETERS_STANDARD, + ExtensionType::QUIC_TRANSPORT_PARAMETERS_LEGACY, + ExtensionType::CERT_COMPRESSION, + ExtensionType::DELEGATED_CREDENTIAL, + ExtensionType::APPLICATION_SETTINGS, + ExtensionType::RECORD_SIZE_LIMIT, + ]; + + fn has_duplicates(indices: &[u8]) -> bool { + if indices.len() > ExtensionType::BORING_SSLEXTENSION_PERMUTATION.len() { + return true; + } + for i in 0..indices.len() { + for j in i + 1..indices.len() { + if indices[i] == indices[j] { + return true; + } + } + } + false + } } impl From for ExtensionType { @@ -1888,43 +1931,18 @@ impl SslContextBuilder { unsafe { ffi::SSL_CTX_set_key_shares_limit(self.as_ptr(), limit as _) } } + /// Sets the indices of the extensions to be permuted. + /// + /// The indices must be in the range [0, 25). #[corresponds(SSL_CTX_set_extension_permutation)] #[cfg(not(feature = "fips-compat"))] pub fn set_extension_permutation( &mut self, shuffled: &[ExtensionType], ) -> Result<(), ErrorStack> { - const BORING_SSLEXTENSION_PERMUTATION: [ExtensionType; 25] = [ - ExtensionType::SERVER_NAME, - ExtensionType::ENCRYPTED_CLIENT_HELLO, - ExtensionType::EXTENDED_MASTER_SECRET, - ExtensionType::RENEGOTIATE, - ExtensionType::SUPPORTED_GROUPS, - ExtensionType::EC_POINT_FORMATS, - ExtensionType::SESSION_TICKET, - ExtensionType::APPLICATION_LAYER_PROTOCOL_NEGOTIATION, - ExtensionType::STATUS_REQUEST, - ExtensionType::SIGNATURE_ALGORITHMS, - ExtensionType::NEXT_PROTO_NEG, - ExtensionType::CERTIFICATE_TIMESTAMP, - ExtensionType::CHANNEL_ID, - ExtensionType::SRTP, - ExtensionType::KEY_SHARE, - ExtensionType::PSK_KEY_EXCHANGE_MODES, - ExtensionType::EARLY_DATA, - ExtensionType::SUPPORTED_VERSIONS, - ExtensionType::COOKIE, - ExtensionType::QUIC_TRANSPORT_PARAMETERS_STANDARD, - ExtensionType::QUIC_TRANSPORT_PARAMETERS_LEGACY, - ExtensionType::CERT_COMPRESSION, - ExtensionType::DELEGATED_CREDENTIAL, - ExtensionType::APPLICATION_SETTINGS, - ExtensionType::RECORD_SIZE_LIMIT, - ]; - let mut indices = Vec::with_capacity(shuffled.len()); for &ext in shuffled { - if let Some(index) = BORING_SSLEXTENSION_PERMUTATION + if let Some(index) = ExtensionType::BORING_SSLEXTENSION_PERMUTATION .iter() .position(|&e| e == ext) { @@ -1932,6 +1950,30 @@ impl SslContextBuilder { } } + if ExtensionType::has_duplicates(&indices) { + return Ok(()); + } + + unsafe { + cvt(ffi::SSL_CTX_set_extension_permutation( + self.as_ptr(), + indices.as_ptr() as *const _, + indices.len() as _, + )) + .map(|_| ()) + } + } + + /// Sets the indices of the extensions to be permuted. + /// + /// The indices must be in the range [0, 25). + #[corresponds(SSL_CTX_set_extension_permutation)] + #[cfg(not(feature = "fips-compat"))] + pub fn set_extension_permutation_indices(&mut self, indices: &[u8]) -> Result<(), ErrorStack> { + if ExtensionType::has_duplicates(&indices) { + return Ok(()); + } + unsafe { cvt(ffi::SSL_CTX_set_extension_permutation( self.as_ptr(),