QUIC RX: Do not handle auto-discard of Initial EL inside the QRX

While the QUIC RFCs state that the Initial EL should be auto-discarded when successfully processing a packet at a higher EL, doing this inside the QRX was not a good idea as this should be handled by the CSM. We remove this functionality and adapt tests accordingly. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19703)
2024-12-15 06:01:37 +08:00 · 2022-10-31 14:47:29 +00:00 · 2022-10-31 14:47:29 +00:00 · 203b0d00e0
commit 203b0d00e0
parent 043a41ddee
2 changed files with 10 additions and 22 deletions
--- a/ssl/quic/quic_record_rx.c
+++ b/ssl/quic/quic_record_rx.c
@ -859,13 +859,6 @@ static int qrx_process_pkt(OSSL_QRX *qrx, QUIC_URXE *urxe,
                              rxe->hdr.key_phase))
        goto malformed;

-    /*
-     * We automatically discard INITIAL keys when successfully decrypting a
-     * HANDSHAKE packet.
-     */
-    if (enc_level == QUIC_ENC_LEVEL_HANDSHAKE)
-        ossl_qrl_enc_level_set_discard(&qrx->el_set, QUIC_ENC_LEVEL_INITIAL);
-
    /*
     * At this point, we have successfully authenticated the AEAD tag and no
     * longer need to worry about exposing the Key Phase bit in timing channels.
--- a/test/quic_record_test.c
+++ b/test/quic_record_test.c
@ -616,12 +616,10 @@ static const struct rx_test_op rx_script_5[] = {
    RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
    RX_OP_CHECK_NO_PKT()

-    /* Try injecting the packet again */
+    /* Discard Initial EL and try injecting the packet again */
+    RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
    RX_OP_INJECT_N(5)
-    /*
-     * Initial packet is not output due to receiving a Handshake packet causing
-     * auto-discard of Initial keys
-     */
+    /* Initial packet is not output because we have discarded Initial keys */
    RX_OP_CHECK_PKT_FRAMES_OK_N(5b)
    RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
    RX_OP_CHECK_NO_PKT()
@ -656,6 +654,7 @@ static const struct rx_test_op rx_script_5[] = {
    RX_OP_CHECK_PKT_FRAMES_OK_N(5c)
    RX_OP_CHECK_NO_PKT()

+    RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
    RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_HANDSHAKE)
    RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_1RTT)
    RX_OP_INJECT_N(5)
@ -979,12 +978,10 @@ static const struct rx_test_op rx_script_6[] = {
    RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
    RX_OP_CHECK_NO_PKT()

-    /* Try injecting the packet again */
+    /* Discard Initial EL and try injecting the packet again */
+    RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
    RX_OP_INJECT_N(6)
-    /*
-     * Initial packet is not output due to receiving a Handshake packet causing
-     * auto-discard of Initial keys
-     */
+    /* Initial packet is not output because we have discarded Initial keys */
    RX_OP_CHECK_PKT_FRAMES_OK_N(6b)
    RX_OP_CHECK_PKT_FRAMES_OK_N(6c)
    RX_OP_CHECK_NO_PKT()
@ -1337,12 +1334,10 @@ static const struct rx_test_op rx_script_7[] = {
    RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
    RX_OP_CHECK_NO_PKT()

-    /* Try injecting the packet again */
+    /* Discard Initial EL and try injecting the packet again */
+    RX_OP_DISCARD_EL(QUIC_ENC_LEVEL_INITIAL)
    RX_OP_INJECT_N(7)
-    /*
-     * Initial packet is not output due to receiving a Handshake packet causing
-     * auto-discard of Initial keys
-     */
+    /* Initial packet is not output because we have discarded Initial keys */
    RX_OP_CHECK_PKT_FRAMES_OK_N(7b)
    RX_OP_CHECK_PKT_FRAMES_OK_N(7c)
    RX_OP_CHECK_NO_PKT()