From 0671a4d009ae89870b645d1a8f3078d9943d5010 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Thu, 9 Jan 2025 22:28:03 +0100 Subject: [PATCH] Rename aead-tag-at-end to aead-epoch Since we introduce aead at the end and epoch data keys together and only allow the aead tag at the end if epoch data keys are used, we can use just one flag for both of them Change-Id: I9e9433b56dcbaa538d9bed30e50cf74948c647cc Signed-off-by: Arne Schwabe Acked-by: MaxF Message-Id: <20250109212803.11505-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg30395.html Signed-off-by: Gert Doering --- doc/man-sections/client-options.rst | 1 + src/openvpn/crypto.c | 6 +++--- src/openvpn/crypto.h | 8 +++++--- src/openvpn/init.c | 4 ++-- src/openvpn/options.c | 4 ++-- src/openvpn/push.c | 4 ++-- src/openvpn/ssl.h | 3 +++ tests/unit_tests/openvpn/test_ssl.c | 2 +- 8 files changed, 19 insertions(+), 13 deletions(-) diff --git a/doc/man-sections/client-options.rst b/doc/man-sections/client-options.rst index 5ca85e0ff38..0aee9e24954 100644 --- a/doc/man-sections/client-options.rst +++ b/doc/man-sections/client-options.rst @@ -367,6 +367,7 @@ configuration. - bit 7: The client is capable of sending exit notification via control channel using ``EXIT`` message. Also, the client is accepting the protocol-flags pushed option for the EKM capability - bit 8: The client is capable of accepting ``AUTH_FAILED,TEMP`` messages - bit 9: The client is capable of dynamic tls-crypt + - bit 10: The client is capable of data epoch keys :code:`IV_NCP=2` Negotiable ciphers, client supports ``--cipher`` pushed by diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index b107f88f5c1..84ec436b233 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -127,7 +127,7 @@ openvpn_encrypt_aead(struct buffer *buf, struct buffer work, dmsg(D_PACKET_CONTENT, "ENCRYPT AD: %s", format_hex(BPTR(&work), BLEN(&work), 0, &gc)); - if (!(opt->flags & CO_AEAD_TAG_AT_THE_END)) + if (!(opt->flags & CO_EPOCH_DATA_KEY_FORMAT)) { /* Reserve space for authentication tag */ mac_out = buf_write_alloc(&work, mac_len); @@ -148,7 +148,7 @@ openvpn_encrypt_aead(struct buffer *buf, struct buffer work, ASSERT(buf_inc_len(&work, outlen)); /* if the tag is at end the end, allocate it now */ - if (opt->flags & CO_AEAD_TAG_AT_THE_END) + if (opt->flags & CO_EPOCH_DATA_KEY_FORMAT) { /* Reserve space for authentication tag */ mac_out = buf_write_alloc(&work, mac_len); @@ -479,7 +479,7 @@ openvpn_decrypt_aead(struct buffer *buf, struct buffer work, uint8_t *tag_ptr = NULL; int data_len = 0; - if (opt->flags & CO_AEAD_TAG_AT_THE_END) + if (opt->flags & CO_EPOCH_DATA_KEY_FORMAT) { data_len = BLEN(buf) - tag_size; tag_ptr = BPTR(buf) + data_len; diff --git a/src/openvpn/crypto.h b/src/openvpn/crypto.h index a98dca0346b..5ceb523feee 100644 --- a/src/openvpn/crypto.h +++ b/src/openvpn/crypto.h @@ -373,9 +373,11 @@ struct crypto_options /**< Bit-flag indicating that renegotiations are using tls-crypt * with a TLS-EKM derived key. */ -#define CO_AEAD_TAG_AT_THE_END (1<<8) - /**< Bit-flag indicating that the AEAD tag is at the end of the - * packet. +#define CO_EPOCH_DATA_KEY_FORMAT (1<<8) + /**< Bit-flag indicating the epoch the data format. This format + * has the AEAD tag at the end of the packet and is using a longer + * 64-bit packet id that is split into a 16 bit epoch and 48 bit + * epoch counter */ unsigned int flags; /**< Bit-flags determining behavior of diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 2bd5518992d..9d1048c6dc6 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2407,9 +2407,9 @@ tls_print_deferred_options_results(struct context *c) { buf_printf(&out, " dyn-tls-crypt"); } - if (o->imported_protocol_flags & CO_AEAD_TAG_AT_THE_END) + if (o->imported_protocol_flags & CO_EPOCH_DATA_KEY_FORMAT) { - buf_printf(&out, " aead-tag-end"); + buf_printf(&out, " aead-epoch"); } } diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 1c35d676c1e..eb0d9b5b75e 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -8659,9 +8659,9 @@ add_option(struct options *options, options->imported_protocol_flags |= CO_USE_DYNAMIC_TLS_CRYPT; } #endif - else if (streq(p[j], "aead-tag-end")) + else if (streq(p[j], "aead-epoch")) { - options->imported_protocol_flags |= CO_AEAD_TAG_AT_THE_END; + options->imported_protocol_flags |= CO_EPOCH_DATA_KEY_FORMAT; } else { diff --git a/src/openvpn/push.c b/src/openvpn/push.c index de44eb25036..a7cd3bf69b8 100644 --- a/src/openvpn/push.c +++ b/src/openvpn/push.c @@ -689,9 +689,9 @@ prepare_push_reply(struct context *c, struct gc_arena *gc, buf_printf(&proto_flags, " dyn-tls-crypt"); } - if (o->imported_protocol_flags & CO_AEAD_TAG_AT_THE_END) + if (o->imported_protocol_flags & CO_EPOCH_DATA_KEY_FORMAT) { - buf_printf(&proto_flags, " aead-tag-end"); + buf_printf(&proto_flags, " aead-epoch"); } if (buf_len(&proto_flags) > 0) diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h index 3561c413019..c32cb6cf9d0 100644 --- a/src/openvpn/ssl.h +++ b/src/openvpn/ssl.h @@ -108,6 +108,9 @@ /** Support to dynamic tls-crypt (renegotiation with TLS-EKM derived tls-crypt key) */ #define IV_PROTO_DYN_TLS_CRYPT (1<<9) +/** Support the extended packet id and epoch format for data channel packets */ +#define IV_PROTO_DATA_EPOCH (1<<10) + /** Supports the --dns option after all the incompatible changes */ #define IV_PROTO_DNS_OPTION_V2 (1<<11) diff --git a/tests/unit_tests/openvpn/test_ssl.c b/tests/unit_tests/openvpn/test_ssl.c index caacd9ec0a7..845ca56b4f8 100644 --- a/tests/unit_tests/openvpn/test_ssl.c +++ b/tests/unit_tests/openvpn/test_ssl.c @@ -404,7 +404,7 @@ static void run_data_channel_with_cipher_end(const char *cipher) { struct crypto_options co = init_crypto_options(cipher, "none"); - co.flags |= CO_AEAD_TAG_AT_THE_END; + co.flags |= CO_EPOCH_DATA_KEY_FORMAT; do_data_channel_round_trip(&co); uninit_crypto_options(&co); }