From 9082b43dd06fcd8888eebd95857ef2fb8177d475 Mon Sep 17 00:00:00 2001 From: Mathias Raoul Date: Fri, 12 Jul 2019 19:11:49 +0200 Subject: [PATCH] quic: integrate vpp crypto api for quic packets encryption Type: feature Change-Id: I740f15a5ef959d31e94e59d652aa9f691db1f289 Signed-off-by: Mathias Raoul --- ...function-ptr-in-ptls-ctx-for-aead_encrypt.patch | 33 ++ src/plugins/quic/CMakeLists.txt | 1 + src/plugins/quic/quic.c | 35 +++ src/plugins/quic/quic_crypto.c | 336 +++++++++++++++++++++ src/plugins/quic/quic_crypto.h | 31 ++ 5 files changed, 436 insertions(+) create mode 100644 build/external/patches/quicly_0.0.2-vpp/0001-Add-function-ptr-in-ptls-ctx-for-aead_encrypt.patch create mode 100644 src/plugins/quic/quic_crypto.c create mode 100644 src/plugins/quic/quic_crypto.h diff --git a/build/external/patches/quicly_0.0.2-vpp/0001-Add-function-ptr-in-ptls-ctx-for-aead_encrypt.patch b/build/external/patches/quicly_0.0.2-vpp/0001-Add-function-ptr-in-ptls-ctx-for-aead_encrypt.patch new file mode 100644 index 00000000000..80f3bcb684f --- /dev/null +++ b/build/external/patches/quicly_0.0.2-vpp/0001-Add-function-ptr-in-ptls-ctx-for-aead_encrypt.patch @@ -0,0 +1,33 @@ +diff --git a/deps/picotls/include/picotls.h b/deps/picotls/include/picotls.h +index 06d62f9..de33b86 100644 +--- a/deps/picotls/include/picotls.h ++++ b/deps/picotls/include/picotls.h +@@ -276,6 +276,8 @@ typedef struct st_ptls_aead_context_t { + size_t (*do_encrypt_final)(struct st_ptls_aead_context_t *ctx, void *output); + size_t (*do_decrypt)(struct st_ptls_aead_context_t *ctx, void *output, const void *input, size_t inlen, const void *iv, + const void *aad, size_t aadlen); ++ size_t (*do_encrypt)(struct st_ptls_aead_context_t *ctx, void *output, const void *input, size_t inlen, uint64_t seq, ++ const void *iv, const void *aad, size_t aadlen); + } ptls_aead_context_t; + + /** +diff --git a/deps/picotls/lib/picotls.c b/deps/picotls/lib/picotls.c +index 70d2fef..f98f7b4 100644 +--- a/deps/picotls/lib/picotls.c ++++ b/deps/picotls/lib/picotls.c +@@ -4890,6 +4890,13 @@ size_t ptls_aead_encrypt(ptls_aead_context_t *ctx, void *output, const void *inp + { + size_t off = 0; + ++ if(ctx->do_encrypt) ++ { ++ uint8_t iv[PTLS_MAX_IV_SIZE]; ++ ptls_aead__build_iv(ctx, iv, seq); ++ return ctx->do_encrypt(ctx, output, input, inlen, seq, iv, aad, aadlen); ++ } ++ + ptls_aead_encrypt_init(ctx, seq, aad, aadlen); + off += ptls_aead_encrypt_update(ctx, ((uint8_t *)output) + off, input, inlen); + off += ptls_aead_encrypt_final(ctx, ((uint8_t *)output) + off); + + diff --git a/src/plugins/quic/CMakeLists.txt b/src/plugins/quic/CMakeLists.txt index ccd49682e8c..70a1243b3b3 100644 --- a/src/plugins/quic/CMakeLists.txt +++ b/src/plugins/quic/CMakeLists.txt @@ -31,6 +31,7 @@ if(QUICLY_INCLUDE_DIR AND QUIC_LINK_LIBRARIES) add_vpp_plugin(quic SOURCES quic.c + quic_crypto.c INSTALL_HEADERS quic.h diff --git a/src/plugins/quic/quic.c b/src/plugins/quic/quic.c index b46cdb3f018..6c1a3c37bd5 100644 --- a/src/plugins/quic/quic.c +++ b/src/plugins/quic/quic.c @@ -30,6 +30,8 @@ #include #include +#include + static quic_main_t quic_main; static void quic_update_timer (quic_ctx_t * ctx); @@ -2539,7 +2541,40 @@ quic_init (vlib_main_t * vm) VLIB_INIT_FUNCTION (quic_init); +static clib_error_t * +quic_plugin_crypto_command_fn (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd) +{ + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "vpp")) + { + quic_tlsctx.cipher_suites = vpp_crypto_cipher_suites; + return 0; + } + else if (unformat (input, "picotls")) + { + quic_tlsctx.cipher_suites = ptls_openssl_cipher_suites; + return 0; + } + else + return clib_error_return (0, "unknown input '%U'", + format_unformat_error, input); + } + + return clib_error_return (0, "unknown input '%U'", + format_unformat_error, input); +} + /* *INDENT-OFF* */ +VLIB_CLI_COMMAND(quic_plugin_crypto_command, static)= +{ + .path = "quic set crypto api", + .short_help = "quic set crypto api [picotls, vpp]", + .function = quic_plugin_crypto_command_fn, +}; + VLIB_PLUGIN_REGISTER () = { .version = VPP_BUILD_VER, diff --git a/src/plugins/quic/quic_crypto.c b/src/plugins/quic/quic_crypto.c new file mode 100644 index 00000000000..6c198960c24 --- /dev/null +++ b/src/plugins/quic/quic_crypto.c @@ -0,0 +1,336 @@ +/* + * Copyright (c) 2019 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include + +#include + +#include +#include + +typedef void (*quicly_do_transform_fn) (ptls_cipher_context_t *, void *, + const void *, size_t); + +struct cipher_context_t +{ + ptls_cipher_context_t super; + vnet_crypto_op_t op; + u32 key_index; +}; + +struct aead_crypto_context_t +{ + ptls_aead_context_t super; + vnet_crypto_op_t op; + u32 key_index; +}; + +vnet_crypto_main_t *cm = &crypto_main; + +static void +vpp_crypto_cipher_do_init (ptls_cipher_context_t * _ctx, const void *iv) +{ + struct cipher_context_t *ctx = (struct cipher_context_t *) _ctx; + + vnet_crypto_op_id_t id; + if (!strcmp (ctx->super.algo->name, "AES128-CTR")) + { + id = VNET_CRYPTO_OP_AES_128_CTR_ENC; + } + else if (!strcmp (ctx->super.algo->name, "AES256-CTR")) + { + id = VNET_CRYPTO_OP_AES_256_CTR_ENC; + } + else + { + QUIC_DBG (1, "%s, Invalid crypto cipher : ", __FUNCTION__, + _ctx->algo->name); + assert (0); + } + + vnet_crypto_op_init (&ctx->op, id); + ctx->op.iv = (u8 *) iv; + ctx->op.key_index = ctx->key_index; +} + +static void +vpp_crypto_cipher_dispose (ptls_cipher_context_t * _ctx) +{ + /* Do nothing */ +} + +static void +vpp_crypto_cipher_encrypt (ptls_cipher_context_t * _ctx, void *output, + const void *input, size_t _len) +{ + vlib_main_t *vm = vlib_get_main (); + struct cipher_context_t *ctx = (struct cipher_context_t *) _ctx; + + ctx->op.src = (u8 *) input; + ctx->op.dst = output; + ctx->op.len = _len; + + vnet_crypto_process_ops (vm, &ctx->op, 1); +} + +static int +vpp_crypto_cipher_setup_crypto (ptls_cipher_context_t * _ctx, int is_enc, + const void *key, const EVP_CIPHER * cipher, + quicly_do_transform_fn do_transform) +{ + struct cipher_context_t *ctx = (struct cipher_context_t *) _ctx; + + ctx->super.do_dispose = vpp_crypto_cipher_dispose; + ctx->super.do_init = vpp_crypto_cipher_do_init; + ctx->super.do_transform = do_transform; + + vlib_main_t *vm = vlib_get_main (); + vnet_crypto_alg_t algo; + if (!strcmp (ctx->super.algo->name, "AES128-CTR")) + { + algo = VNET_CRYPTO_ALG_AES_128_CTR; + } + else if (!strcmp (ctx->super.algo->name, "AES256-CTR")) + { + algo = VNET_CRYPTO_ALG_AES_256_CTR; + } + else + { + QUIC_DBG (1, "%s, Invalid crypto cipher : ", __FUNCTION__, + _ctx->algo->name); + assert (0); + } + + ctx->key_index = vnet_crypto_key_add (vm, algo, + (u8 *) key, _ctx->algo->key_size); + + return 0; +} + +static int +aes128ctr_setup_crypto (ptls_cipher_context_t * ctx, int is_enc, + const void *key) +{ + return vpp_crypto_cipher_setup_crypto (ctx, 1, key, EVP_aes_128_ctr (), + vpp_crypto_cipher_encrypt); +} + +static int +aes256ctr_setup_crypto (ptls_cipher_context_t * ctx, int is_enc, + const void *key) +{ + return vpp_crypto_cipher_setup_crypto (ctx, 1, key, EVP_aes_256_ctr (), + vpp_crypto_cipher_encrypt); +} + +size_t +vpp_crypto_aead_encrypt (ptls_aead_context_t * _ctx, void *output, + const void *input, size_t inlen, uint64_t seq, + const void *iv, const void *aad, size_t aadlen) +{ + QUIC_DBG (1, "[quic] %s", __FUNCTION__); + + vlib_main_t *vm = vlib_get_main (); + struct aead_crypto_context_t *ctx = (struct aead_crypto_context_t *) _ctx; + + vnet_crypto_op_id_t id; + if (!strcmp (ctx->super.algo->name, "AES128-GCM")) + { + id = VNET_CRYPTO_OP_AES_128_GCM_ENC; + } + else if (!strcmp (ctx->super.algo->name, "AES256-GCM")) + { + id = VNET_CRYPTO_OP_AES_256_GCM_ENC; + } + else + { + assert (0); + } + + vnet_crypto_op_init (&ctx->op, id); + ctx->op.aad = (u8 *) aad; + ctx->op.aad_len = aadlen; + ctx->op.iv = (u8 *) iv; + + ctx->op.src = (u8 *) input; + ctx->op.dst = output; + ctx->op.key_index = ctx->key_index; + ctx->op.len = inlen; + + ctx->op.tag_len = ctx->super.algo->tag_size; + ctx->op.tag = ctx->op.src + inlen; + + vnet_crypto_process_ops (vm, &ctx->op, 1); + + return ctx->op.len + ctx->op.tag_len; +} + +size_t +vpp_crypto_aead_decrypt (ptls_aead_context_t * _ctx, void *_output, + const void *input, size_t inlen, const void *iv, + const void *aad, size_t aadlen) +{ + QUIC_DBG (1, "[quic] %s", __FUNCTION__); + + vlib_main_t *vm = vlib_get_main (); + struct aead_crypto_context_t *ctx = (struct aead_crypto_context_t *) _ctx; + + vnet_crypto_op_id_t id; + if (!strcmp (ctx->super.algo->name, "AES128-GCM")) + { + id = VNET_CRYPTO_OP_AES_128_GCM_DEC; + } + else if (!strcmp (ctx->super.algo->name, "AES256-GCM")) + { + id = VNET_CRYPTO_OP_AES_256_GCM_DEC; + } + else + { + assert (0); + } + + vnet_crypto_op_init (&ctx->op, id); + ctx->op.aad = (u8 *) aad; + ctx->op.aad_len = aadlen; + ctx->op.iv = (u8 *) iv; + + ctx->op.src = (u8 *) input; + ctx->op.dst = _output; + ctx->op.key_index = ctx->key_index; + ctx->op.len = inlen - ctx->super.algo->tag_size; + + ctx->op.tag_len = ctx->super.algo->tag_size; + ctx->op.tag = ctx->op.src + ctx->op.len; + + vnet_crypto_process_ops (vm, &ctx->op, 1); + + return ctx->op.len; +} + +static void +vpp_crypto_aead_dispose_crypto (ptls_aead_context_t * _ctx) +{ + QUIC_DBG (1, "[quic] %s", __FUNCTION__); +} + +static int +vpp_crypto_aead_setup_crypto (ptls_aead_context_t * _ctx, int is_enc, + const void *key, const EVP_CIPHER * cipher) +{ + QUIC_DBG (1, "%s, algo : ", __FUNCTION__, _ctx->algo->name); + + vlib_main_t *vm = vlib_get_main (); + struct aead_crypto_context_t *ctx = (struct aead_crypto_context_t *) _ctx; + + vnet_crypto_alg_t algo; + if (!strcmp (ctx->super.algo->name, "AES128-GCM")) + { + algo = VNET_CRYPTO_ALG_AES_128_GCM; + } + else if (!strcmp (ctx->super.algo->name, "AES256-GCM")) + { + algo = VNET_CRYPTO_ALG_AES_256_GCM; + } + else + { + QUIC_DBG (1, "%s, algo : ", __FUNCTION__, _ctx->algo->name); + assert (0); + } + + ctx->super.do_decrypt = vpp_crypto_aead_decrypt; + ctx->super.do_encrypt = vpp_crypto_aead_encrypt; + ctx->super.dispose_crypto = vpp_crypto_aead_dispose_crypto; + + ctx->key_index = vnet_crypto_key_add (vm, algo, + (u8 *) key, _ctx->algo->key_size); + + return 0; +} + +static int +vpp_crypto_aead_aes128gcm_setup_crypto (ptls_aead_context_t * ctx, int is_enc, + const void *key) +{ + return vpp_crypto_aead_setup_crypto (ctx, is_enc, key, EVP_aes_128_gcm ()); +} + +static int +vpp_crypto_aead_aes256gcm_setup_crypto (ptls_aead_context_t * ctx, int is_enc, + const void *key) +{ + return vpp_crypto_aead_setup_crypto (ctx, is_enc, key, EVP_aes_256_gcm ()); +} + +ptls_cipher_algorithm_t vpp_crypto_aes128ctr = { "AES128-CTR", + PTLS_AES128_KEY_SIZE, + 1, PTLS_AES_IV_SIZE, + sizeof (struct cipher_context_t), + aes128ctr_setup_crypto +}; + +ptls_cipher_algorithm_t vpp_crypto_aes256ctr = { "AES256-CTR", + PTLS_AES256_KEY_SIZE, + 1 /* block size */ , + PTLS_AES_IV_SIZE, + sizeof (struct cipher_context_t), + aes256ctr_setup_crypto +}; + +ptls_aead_algorithm_t vpp_crypto_aes128gcm = { "AES128-GCM", + &vpp_crypto_aes128ctr, + NULL, + PTLS_AES128_KEY_SIZE, + PTLS_AESGCM_IV_SIZE, + PTLS_AESGCM_TAG_SIZE, + sizeof (struct aead_crypto_context_t), + vpp_crypto_aead_aes128gcm_setup_crypto +}; + +ptls_aead_algorithm_t vpp_crypto_aes256gcm = { "AES256-GCM", + &vpp_crypto_aes256ctr, + NULL, + PTLS_AES256_KEY_SIZE, + PTLS_AESGCM_IV_SIZE, + PTLS_AESGCM_TAG_SIZE, + sizeof (struct aead_crypto_context_t), + vpp_crypto_aead_aes256gcm_setup_crypto +}; + +ptls_cipher_suite_t vpp_crypto_aes128gcmsha256 = + { PTLS_CIPHER_SUITE_AES_128_GCM_SHA256, + &vpp_crypto_aes128gcm, + &ptls_openssl_sha256 +}; + +ptls_cipher_suite_t vpp_crypto_aes256gcmsha384 = + { PTLS_CIPHER_SUITE_AES_256_GCM_SHA384, + &vpp_crypto_aes256gcm, + &ptls_openssl_sha384 +}; + +ptls_cipher_suite_t *vpp_crypto_cipher_suites[] = + { &vpp_crypto_aes256gcmsha384, + &vpp_crypto_aes128gcmsha256, + NULL +}; + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/plugins/quic/quic_crypto.h b/src/plugins/quic/quic_crypto.h new file mode 100644 index 00000000000..8e4bbf92834 --- /dev/null +++ b/src/plugins/quic/quic_crypto.h @@ -0,0 +1,31 @@ +/* + * Copyright (c) 2019 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __included_vpp_quic_crypto_h__ +#define __included_vpp_quic_crypto_h__ + +#include + +extern ptls_cipher_suite_t *vpp_crypto_cipher_suites[]; + +#endif /* __included_vpp_quic_crypto_h__ */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ -- 2.16.6