diff options
| author | David Benjamin <davidben@google.com> | 2021-06-06 13:32:29 -0400 |
|---|---|---|
| committer | Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2021-06-11 18:04:06 +0000 |
| commit | c890ae519582d988d93d333dca9a39ee44f413ee (patch) | |
| tree | adf266c4cea69f00dc2881a8aeacb3a9fccabb3e /fuzz | |
| parent | c3b373bf4f4b2e2fba2578d1d5b5fe04e410f7cb (diff) | |
| download | boringssl-c890ae519582d988d93d333dca9a39ee44f413ee.zip boringssl-c890ae519582d988d93d333dca9a39ee44f413ee.tar.gz boringssl-c890ae519582d988d93d333dca9a39ee44f413ee.tar.bz2 | |
Make ECH server APIs take EVP_HPKE_KEY.
Previously we would extract the KEM ID from the ECHConfig and then parse
the private key using the corresponding KEM type. This CL makes it take
a pre-pared EVP_HPKE_KEY and checks it matches. This does require the
caller pass the key type through externally, which is probably prudent?
(On the other hand we are still inferring config from the rest of the
ECHConfig... maybe we can add an API to extract the EVP_HPKE_KEM from a
serialized ECHConfig if it becomes a problem. I could see runner or tool
wanting that out of convenience.)
The immediate motivation is to add APIs to programmatically construct
ECHConfigs. I'm thinking we can pass a const EVP_HPKE_KEY * to specify
the key, at which point it's weird for SSL_ECH_KEYS_add to look
different.
Bug: 275
Change-Id: I2d424323885103d3fe0a99a9012c160baa8653bd
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48002
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'fuzz')
| -rw-r--r-- | fuzz/ssl_ctx_api.cc | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/fuzz/ssl_ctx_api.cc b/fuzz/ssl_ctx_api.cc index 3739e87..da0a2d3 100644 --- a/fuzz/ssl_ctx_api.cc +++ b/fuzz/ssl_ctx_api.cc @@ -22,6 +22,7 @@ #include <openssl/bytestring.h> #include <openssl/err.h> #include <openssl/evp.h> +#include <openssl/hpke.h> #include <openssl/rsa.h> #include <openssl/ssl.h> #include <openssl/stack.h> @@ -503,10 +504,15 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t *buf, size_t len) { !CBS_get_u16_length_prefixed(cbs, &private_key)) { return; } - SSL_ECH_KEYS_add(keys.get(), is_retry_config, CBS_data(&ech_config), - CBS_len(&ech_config), CBS_data(&private_key), - CBS_len(&private_key)); - SSL_CTX_set1_ech_keys(ctx, keys.get()); + bssl::ScopedEVP_HPKE_KEY key; + if (!EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), + CBS_data(&private_key), CBS_len(&private_key)) || + !SSL_ECH_KEYS_add(keys.get(), is_retry_config, + CBS_data(&ech_config), CBS_len(&ech_config), + key.get()) || + !SSL_CTX_set1_ech_keys(ctx, keys.get())) { + return; + } }, }; |