Add set_ticket_key_callback (SSL_CTX_set_tlsext_ticket_key_cb)#330
Add set_ticket_key_callback (SSL_CTX_set_tlsext_ticket_key_cb)#330kornelski merged 11 commits intocloudflare:masterfrom
Conversation
toidiu
force-pushed
the
toidiu/ticket_key_callback
branch
from
5a54a4d to
28f7678
Compare
toidiu
force-pushed
the
toidiu/ticket_key_callback
branch
from
28f7678 to
9a6e166
Compare
kornelski
left a comment
kornelski
left a comment
There was a problem hiding this comment.
key_name is uninitialized, so it can't be &mut [u8; 16]
Add a wrapper for the `SSL_CTX_set_tlsext_ticket_key_cb`, which allows consumers to configure the EVP_CIPHER_CTX and HMAC_CTX used for encrypting/decrypting session tickets. See https://docs.openssl.org/1.0.2/man3/SSL_CTX_set_tlsext_ticket_key_cb/ for more details.
toidiu
force-pushed
the
toidiu/ticket_key_callback
branch
from
d5ecffd to
91c95bb
Compare
|
I've changed the code to use |
| assert!(!ptr.is_null()); | ||
| unsafe { &mut *ptr.cast::<MaybeUninit<T>>() } | ||
| } |
There was a problem hiding this comment.
Confirming my understanding: panic on assert seems appropriate because otherwise we have UB.
There was a problem hiding this comment.
References must never be null, so they can't be made from a null pointer.
This assert isn't strictly necessary as long as the function is always given non-null pointers.
I thought it's better to be extra careful about this, I don't feel strongly about this choice. It could have been a Result (assuming null is a real possibility), or downgraded to debug_assert if we trust that we'll never get a null pointer in these functions.
kornelski
force-pushed
the
toidiu/ticket_key_callback
branch
from
6d711ac to
e395c52
Compare
toidiu
force-pushed
the
toidiu/ticket_key_callback
branch
from
fbf9dff to
8c3bca2
Compare
boring/src/hmac.rs
Outdated
| /// | ||
| /// # Safety | ||
| /// | ||
| /// The caller must ensure HMAC_CTX has been initalized. |
There was a problem hiding this comment.
I don't understand this safety requirement. It's not clear what "initialized" here refers to, since this is an init function doing initialization.
There was a problem hiding this comment.
I was conflating documentation between this and session resumption. Removed and removed the unsafe.
boring/src/symm.rs
Outdated
| /// | ||
| /// # Safety | ||
| /// | ||
| /// The caller must ensure EVP_CIPHER_CTX has been initalized. |
There was a problem hiding this comment.
again not clear what "initialized" is
There was a problem hiding this comment.
I was conflating documentation between this and session resumption. Removed and removed the unsafe.
boring/src/symm.rs
Outdated
| /// | ||
| /// The caller must ensure EVP_CIPHER_CTX has been initalized. | ||
| /// | ||
| /// The caller is responsible for ensuring the length of `key` and `iv` are appropriate for the |
There was a problem hiding this comment.
Only length of the key needs to be checked, right? The iv is an array of max len.
Is there a cheap way to check key length against the Cipher to make it a safe function?
In raw_ticket_key the key is assumed to be 16 bytes long. Why is one place fixed, and another is flexible?
There was a problem hiding this comment.
Addressed in 2d5be20
Only length of the key needs to be checked, right? The iv is an array of max len.
Is there a cheap way to check key length against the Cipher to make it a safe function?
Yea good point. We can do a key.len() != cipher.key_len() and return early. But not sure if ErrorStack::get() is correct error to return here.
In raw_ticket_key the key is assumed to be 16 bytes long. Why is one place fixed, and another is flexible?
raw_ticket_key is dealing with key_name, which is guaranteed to be 16 bytes (docs).
Here, the application is calling EVP_EncryptInit_ex with the correct key and iv, the sizes of which depend on the chosen cipher.
I also expanded the tests to use the iv and key_name values from the callback.
kornelski
force-pushed
the
toidiu/ticket_key_callback
branch
from
b4c73ab to
93270a6
Compare
|
It's nicer with safe wrapper types. I've changed to use Generally looks good. |
Yea, much nicer not to use the ffi functions, I was sold when I got rid of the
Sweet. I actually had to debug a panic in tests before adding the ManuallyDrop so this seems like the correct choice. |
toidiu
force-pushed
the
toidiu/ticket_key_callback
branch
from
2d5be20 to
20f91cb
Compare
|
ErrorStack::get() is for cases when FFI reports an error. I'll fix it in a separate PR. |
3 participants
Add a wrapper for the
SSL_CTX_set_tlsext_ticket_key_cb, which allows consumers to configure the EVP_CIPHER_CTX and HMAC_CTX used for encrypting/decrypting session tickets.See https://docs.openssl.org/1.0.2/man3/SSL_CTX_set_tlsext_ticket_key_cb/ for more details.