Loading...
Searching...
No Matches
Functions
crypto.c File Reference

QUIC cryptographic utilities. More...

#include "internal/quic.h"
#include "internal/crypto.h"
#include "internal/utils.h"
#include "internal/version.h"
#include "imquic/debug.h"
Include dependency graph for crypto.c:

Functions

const char * imquic_encryption_level_str (enum ssl_encryption_level_t level)
 Helper function to serialize to string the name of an SSL encryption level.
 
int imquic_tls_init (const char *secrets_log)
 Initialize the TLS stack at startup.
 
void imquic_tls_deinit (void)
 Uninitialize the TLS stack.
 
imquic_tlsimquic_tls_create (gboolean is_server, const char *server_pem, const char *server_key, const char *password)
 Helper to create a new TLS context.
 
SSL * imquic_tls_new_ssl (imquic_tls *tls)
 Get a new SSL instance from an existing TLS context.
 
void imquic_tls_destroy (imquic_tls *tls)
 Destroy an existing imquic_tls context.
 
int imquic_tls_enable_early_data (imquic_tls *tls, const char *ticket_file)
 Enable early data on an existing TLS context.
 
int imquic_build_hkdf_label (const char *label, uint8_t *hkdf_label, size_t buflen, size_t outlen)
 Helper to build an HKDF label, to use with HKDF_expand.
 
int imquic_hkdf_extract (const EVP_MD *digest, uint8_t *key, size_t keylen, uint8_t *out, size_t *outlen)
 Helper to perform an HKDF extract.
 
int imquic_hkdf_expand_label (const EVP_MD *digest, uint8_t *key, size_t keylen, const char *label, uint8_t *out, size_t outlen)
 Helper to expand an HKDF label.
 
int imquic_derive_initial_secret (imquic_protection *p, uint8_t *dcid, size_t dcid_len, gboolean is_server)
 Helper to derive the initial secrets from a known connection ID.
 
int imquic_expand_secret (const char *name, imquic_encryption *e, gboolean expand_hp, gboolean phase)
 Helper to expand a secret, taking into account the key phase.
 
int imquic_update_keys (imquic_protection *p, gboolean phase)
 Update the key phase for an existing context.
 
int imquic_unprotect_header (uint8_t *bytes, size_t blen, size_t pn_offset, uint8_t *hp, size_t hp_len)
 Unprotect a received QUIC message (and unobfuscate the header)
 
int imquic_protect_header (uint8_t *bytes, size_t blen, size_t pn_offset, uint8_t *hp, size_t hp_len)
 Protect a QUIC message to send (and obfuscate the header)
 
int imquic_decrypt_payload (uint8_t *bytes, size_t blen, uint8_t *to, size_t tlen, uint8_t *header, size_t hlen, uint64_t pn, uint8_t *key, size_t key_len, uint8_t *iv, size_t iv_len)
 Decrypt a received QUIC payload.
 
int imquic_encrypt_payload (uint8_t *bytes, size_t blen, uint8_t *to, size_t tlen, uint8_t *header, size_t hlen, uint64_t pn, uint8_t *key, size_t key_len, uint8_t *iv, size_t iv_len)
 Encrypt a QUIC payload to send.
 
int imquic_verify_retry (uint8_t *bytes, size_t blen, uint8_t *dcid, size_t dcid_len)
 Verify the integrity of a Retry packet.
 

Detailed Description

QUIC cryptographic utilities.

Author
Lorenzo Miniero loren.nosp@m.zo@m.nosp@m.eetec.nosp@m.ho.c.nosp@m.om

Cryptographic utilities for QUIC. This is where contexts for taking care of header protection and encryption at different levels are provided, with helper functions exposed to the internal QUIC stack.

Function Documentation

◆ imquic_build_hkdf_label()

int imquic_build_hkdf_label ( const char * label,
uint8_t * hkdf_label,
size_t buflen,
size_t outlen )

Helper to build an HKDF label, to use with HKDF_expand.

Note
This automatically prefixes the provided label with "tls13 "
Parameters
[in]labelThe label to build (without the "tls13 " prefix)
[out]hkdf_labelThe buffer where to store the HKDF label
buflenSize of the buffer where to store the HKDF label
outlenTo how many bytes we want to expand
Returns
the size of the label in case of success, a negative integer otherwise

◆ imquic_decrypt_payload()

int imquic_decrypt_payload ( uint8_t * bytes,
size_t blen,
uint8_t * to,
size_t tlen,
uint8_t * header,
size_t hlen,
uint64_t pn,
uint8_t * key,
size_t key_len,
uint8_t * iv,
size_t iv_len )

Decrypt a received QUIC payload.

Parameters
[in]bytesThe buffer containing the encrypted payload
[in]blenThe size of the buffer containing the encrypted payload
[out]toThe buffer where to copy the decrypted payload
[in]tlenThe size of the buffer for the decrypted payload
[in]headerThe buffer containing the QUIC message header (as AAD for authentication)
[in]hlenThe size of the header
[in]pnThe packet number (to use for the nonce)
[in]keyThe remote key
[in]key_lenSize of the remote key
[in]ivThe remote IV (to use for the nonce)
[in]iv_lenSize of the remote IV
Returns
The size of the decrypted payload, if successful, or a negative integer otherwise

◆ imquic_derive_initial_secret()

int imquic_derive_initial_secret ( imquic_protection * p,
uint8_t * dcid,
size_t dcid_len,
gboolean is_server )

Helper to derive the initial secrets from a known connection ID.

Note
Depending on whether we're calling this from a server or a remote endpoint, we update the local and remote properties of imquic_protection accordingly.
Parameters
pThe imquic_protection instance to derive the initial secret for
dcidBuffer containing the connection ID to derive the initial secret from
dcid_lenSize of the connection ID buffer
is_serverWhether the endpoint is a server or a client
Returns
0 in case of success, a negative integer otherwise

◆ imquic_encrypt_payload()

int imquic_encrypt_payload ( uint8_t * bytes,
size_t blen,
uint8_t * to,
size_t tlen,
uint8_t * header,
size_t hlen,
uint64_t pn,
uint8_t * key,
size_t key_len,
uint8_t * iv,
size_t iv_len )

Encrypt a QUIC payload to send.

Parameters
[in]bytesThe buffer containing the unencrypted payload
[in]blenThe size of the buffer containing the unencrypted payload
[out]toThe buffer where to copy the encrypted payload
[in]tlenThe size of the buffer for the encrypted payload
[in]headerThe buffer containing the QUIC message header (as AAD for authentication)
[in]hlenThe size of the header
[in]pnThe packet number (to use for the nonce)
[in]keyThe local key
[in]key_lenSize of the local key
[in]ivThe local IV (to use for the nonce)
[in]iv_lenSize of the local IV
Returns
The size of the encrypted payload, if successful, or a negative integer otherwise

◆ imquic_encryption_level_str()

const char * imquic_encryption_level_str ( enum ssl_encryption_level_t level)

Helper function to serialize to string the name of an SSL encryption level.

Parameters
levelThe SSL encryption level
Returns
The encryption level name as a string, if valid, or NULL otherwise

◆ imquic_expand_secret()

int imquic_expand_secret ( const char * name,
imquic_encryption * e,
gboolean expand_hp,
gboolean phase )

Helper to expand a secret, taking into account the key phase.

Parameters
nameShort string description of what we're updating
eThe imquic_encryption we're updating
expand_hpWhether we should expand the header protection info as well (will be FALSE when just updating keys because of the key phase)
phaseThe value of the key phase bit
Returns
0 in case of success, a negative integer otherwise

◆ imquic_hkdf_expand_label()

int imquic_hkdf_expand_label ( const EVP_MD * digest,
uint8_t * key,
size_t keylen,
const char * label,
uint8_t * out,
size_t outlen )

Helper to expand an HKDF label.

Parameters
[in]digestThe digest to use for the expansion
[in]keyThe key to use for the expansion
[in]keylenSize of the key
[in]labelThe label to use for the expansion (without the "tls13 " prefix)
[out]outThe output buffer where to store the result of the operation
[out]outlenSize of the output buffer
Returns
0 in case of success, a negative integer otherwise

◆ imquic_hkdf_extract()

int imquic_hkdf_extract ( const EVP_MD * digest,
uint8_t * key,
size_t keylen,
uint8_t * out,
size_t * outlen )

Helper to perform an HKDF extract.

Parameters
[in]digestThe digest to use for the extraction
[in]keyThe key to use for the extraction
[in]keylenSize of the key
[out]outThe output buffer where to store the result of the operation
[out]outlenSize of the output buffer
Returns
0 in case of success, a negative integer otherwise

◆ imquic_protect_header()

int imquic_protect_header ( uint8_t * bytes,
size_t blen,
size_t pn_offset,
uint8_t * hp,
size_t hp_len )

Protect a QUIC message to send (and obfuscate the header)

Note
The buffer is updated inline
Parameters
[in]bytesThe buffer containing the unprotected message
[in]blenThe size of the buffer containing the unprotected message
[in]pn_offsetOffset in the buffer where the packet number can be found
[in]hpThe local header protection key
[in]hp_lenSize of the local header protection key
Returns
0 in case of success, a negative integer otherwise

◆ imquic_tls_create()

imquic_tls * imquic_tls_create ( gboolean is_server,
const char * server_pem,
const char * server_key,
const char * password )

Helper to create a new TLS context.

Parameters
is_serverWhether this is for a server or a client
server_pemPath to the certificate file
server_keyPath to the certificate key
passwordCertificate password, if any
Returns
A pointer to a new imquic_tls instance, if successful, or NULL otherwise

◆ imquic_tls_deinit()

void imquic_tls_deinit ( void )

Uninitialize the TLS stack.

◆ imquic_tls_destroy()

void imquic_tls_destroy ( imquic_tls * tls)

Destroy an existing imquic_tls context.

Parameters
tlsThe imquic_tls context to destroy

◆ imquic_tls_enable_early_data()

int imquic_tls_enable_early_data ( imquic_tls * tls,
const char * ticket_file )

Enable early data on an existing TLS context.

Parameters
tlsThe imquic_tls context to enable early data on
ticket_fileThe file to write/read the ticket to/from
Returns
0 in case of success, a negative integer otherwise

◆ imquic_tls_init()

int imquic_tls_init ( const char * secrets_log)

Initialize the TLS stack at startup.

Parameters
secrets_logFile to use to store QUIC secret, e.g., for Wireshark debugging (see SSLKEYLOGFILE)
Returns
0 in case of success, a negative integer otherwise

◆ imquic_tls_new_ssl()

SSL * imquic_tls_new_ssl ( imquic_tls * tls)

Get a new SSL instance from an existing TLS context.

Parameters
tlsThe imquic_tls context to create the new SSL instance from
Returns
A pointer to a new SSL instance, if successful, or NULL otherwise

◆ imquic_unprotect_header()

int imquic_unprotect_header ( uint8_t * bytes,
size_t blen,
size_t pn_offset,
uint8_t * hp,
size_t hp_len )

Unprotect a received QUIC message (and unobfuscate the header)

Note
The buffer is updated inline
Parameters
[in]bytesThe buffer containing the protected message
[in]blenThe size of the buffer containing the protected message
[in]pn_offsetOffset in the buffer where the packet number can be found
[in]hpThe remote header protection key
[in]hp_lenSize of the remote header protection key
Returns
0 in case of success, a negative integer otherwise

◆ imquic_update_keys()

int imquic_update_keys ( imquic_protection * p,
gboolean phase )

Update the key phase for an existing context.

Parameters
pThe imquic_protection instance to update
phaseThe new key phase bit value
Returns
0 in case of success, a negative integer otherwise

◆ imquic_verify_retry()

int imquic_verify_retry ( uint8_t * bytes,
size_t blen,
uint8_t * dcid,
size_t dcid_len )

Verify the integrity of a Retry packet.

Parameters
[in]bytesThe buffer containing the payload of the Retry message
[in]blenThe size of the buffer containing the payload
[in]dcidOriginal Destination Connection ID
[in]dcid_lenThe size of the original Destination Connection ID
Returns
0 if the packet is verified, or a negative integer otherwise