[release/2.1] make chacha optional on Linux (#3492)

* make chacha optional on Linux (#3423)

* another attempt to fix quic loading when chacha is missing (#3447)

* Update src/platform/crypt_openssl.c

* CxPlatCryptInitialize

* CxPlatCryptUninitialize

---------

Co-authored-by: Nick Banks <nibanks@microsoft.com>

CMakeLists.txt

@@ -639,6 +639,10 @@ if(QUIC_TLS STREQUAL "openssl")
     )
 endif()
 
+if (QUIC_USE_SYSTEM_LIBCRYPTO)
+    list(APPEND QUIC_COMMON_DEFINES CXPLAT_SYSTEM_CRYPTO)
+endif()
+
 if(QUIC_CODE_CHECK)
     find_program(CLANGTIDY NAMES clang-tidy)
     if(CLANGTIDY)

src/generated/linux/tls_openssl.c.clog.h

@@ -549,10 +549,10 @@ tracepoint(CLOG_TLS_OPENSSL_C, TlsErrorStatus , arg2, arg3, arg4);\
 // Decoder Ring for LibraryErrorStatus
 // [ lib] ERROR, %u, %s.
 // QuicTraceEvent(
-            LibraryErrorStatus,
-            "[ lib] ERROR, %u, %s.",
-            CredConfig->AllowedCipherSuites,
-            "No valid cipher suites presented");
+                LibraryErrorStatus,
+                "[ lib] ERROR, %u, %s.",
+                CredConfig->AllowedCipherSuites,
+                "No valid cipher suites presented");
 // arg2 = arg2 = CredConfig->AllowedCipherSuites = arg2
 // arg3 = arg3 = "No valid cipher suites presented" = arg3
 ----------------------------------------------------------*/

src/generated/linux/tls_openssl.c.clog.h.lttng.h

@@ -587,10 +587,10 @@ TRACEPOINT_EVENT(CLOG_TLS_OPENSSL_C, TlsErrorStatus,
 // Decoder Ring for LibraryErrorStatus
 // [ lib] ERROR, %u, %s.
 // QuicTraceEvent(
-            LibraryErrorStatus,
-            "[ lib] ERROR, %u, %s.",
-            CredConfig->AllowedCipherSuites,
-            "No valid cipher suites presented");
+                LibraryErrorStatus,
+                "[ lib] ERROR, %u, %s.",
+                CredConfig->AllowedCipherSuites,
+                "No valid cipher suites presented");
 // arg2 = arg2 = CredConfig->AllowedCipherSuites = arg2
 // arg3 = arg3 = "No valid cipher suites presented" = arg3
 ----------------------------------------------------------*/

src/inc/quic_crypt.h

@@ -372,6 +372,11 @@ CxPlatHashCompute(
         uint8_t* const Output
     );
 
+BOOLEAN
+CxPlatCryptSupports(
+    CXPLAT_AEAD_TYPE AeadType
+    );
+
 #if defined(__cplusplus)
 }
 #endif

src/platform/crypt_bcrypt.c

@@ -281,6 +281,23 @@ CxPlatCryptInitialize(
 #endif
 }
 
+BOOLEAN
+CxPlatCryptSupports(
+    CXPLAT_AEAD_TYPE AeadType
+    )
+{
+    switch (AeadType) {
+    case CXPLAT_AEAD_AES_128_GCM:
+        return TRUE;
+    case CXPLAT_AEAD_AES_256_GCM:
+        return TRUE;
+    case CXPLAT_AEAD_CHACHA20_POLY1305:
+        return  CXPLAT_CHACHA20_POLY1305_ALG_HANDLE != NULL;
+    default:
+        return FALSE;
+    }
+}
+
 void
 CxPlatCryptUninitialize(
     void

src/platform/crypt_openssl.c

@@ -19,6 +19,8 @@
 #ifdef _WIN32
 #pragma warning(push)
 #pragma warning(disable:4100) // Unreferenced parameter errcode in inline function
+#else
+#include <dlfcn.h>
 #endif
 #include "openssl/bio.h"
 #ifdef IS_OPENSSL_3
@@ -41,11 +43,25 @@
 #include "crypt_openssl.c.clog.h"
 #endif
 
+EVP_CIPHER *CXPLAT_CHACHA20_ALG_HANDLE;
+EVP_CIPHER *CXPLAT_CHACHA20_POLY1305_ALG_HANDLE;
+
 typedef struct CXPLAT_HP_KEY {
     EVP_CIPHER_CTX* CipherCtx;
     CXPLAT_AEAD_TYPE Aead;
 } CXPLAT_HP_KEY;
 
+
+#if defined CXPLAT_SYSTEM_CRYPTO && !defined _WIN32
+// This is to fulfill link dependency in ssl_init.
+// If system OpenSSL has chacha support, we will redirect it to loaded handle.
+//
+const EVP_CIPHER *EVP_chacha20_poly1305(void)
+{
+    return CXPLAT_CHACHA20_POLY1305_ALG_HANDLE;
+}
+#endif
+
 QUIC_STATUS
 CxPlatCryptInitialize(
     void
@@ -65,14 +81,52 @@ CxPlatCryptInitialize(
     //
 
     ERR_clear_error();
+#if defined _WIN32 || !defined CXPLAT_SYSTEM_CRYPTO
+    CXPLAT_CHACHA20_ALG_HANDLE = (EVP_CIPHER *)EVP_chacha20();
+    CXPLAT_CHACHA20_POLY1305_ALG_HANDLE = (EVP_CIPHER *)EVP_chacha20_poly1305();
+#else
+    CXPLAT_CHACHA20_ALG_HANDLE = NULL;
+    CXPLAT_CHACHA20_POLY1305_ALG_HANDLE = NULL;
 
     //
-    // LINUX_TODO:Add Check for openssl library QUIC support.
+    // Try to load ChaCha20 ciphers dynamically. They may or may not exist when using system crypto.
     //
-
+    void* handle = dlopen("libcrypto.so.1.1", RTLD_LAZY | RTLD_GLOBAL);
+    EVP_CIPHER* (*func)(void) = NULL;
+    if (handle != NULL) {
+        func = dlsym(handle, "EVP_chacha20");
+        if (func != NULL) {
+            CXPLAT_CHACHA20_ALG_HANDLE = (*func)();
+
+            func = dlsym(handle, "EVP_chacha20_poly1305");
+            if (func != NULL) {
+                CXPLAT_CHACHA20_POLY1305_ALG_HANDLE = (*func)();
+                EVP_add_cipher(CXPLAT_CHACHA20_POLY1305_ALG_HANDLE);
+            }
+        } else {
+            dlclose(handle);
+        }
+    }
+#endif
     return QUIC_STATUS_SUCCESS;
 }
 
+BOOLEAN
+CxPlatCryptSupports(
+    CXPLAT_AEAD_TYPE AeadType
+    )
+{
+    switch (AeadType) {
+    case CXPLAT_AEAD_AES_128_GCM:
+    case CXPLAT_AEAD_AES_256_GCM:
+        return TRUE;
+    case CXPLAT_AEAD_CHACHA20_POLY1305:
+        return CXPLAT_CHACHA20_ALG_HANDLE != NULL;
+    default:
+        return FALSE;
+    }
+}
+
 void
 CxPlatCryptUninitialize(
     void
@@ -112,7 +166,11 @@ CxPlatKeyCreate(
         Aead = EVP_aes_256_gcm();
         break;
     case CXPLAT_AEAD_CHACHA20_POLY1305:
-        Aead = EVP_chacha20_poly1305();
+        if (CXPLAT_CHACHA20_POLY1305_ALG_HANDLE == NULL) {
+            Status = QUIC_STATUS_NOT_SUPPORTED;
+            goto Exit;
+        }
+        Aead = CXPLAT_CHACHA20_POLY1305_ALG_HANDLE;
         break;
     default:
         Status = QUIC_STATUS_NOT_SUPPORTED;
@@ -338,7 +396,11 @@ CxPlatHpKeyCreate(
         Aead = EVP_aes_256_ecb();
         break;
     case CXPLAT_AEAD_CHACHA20_POLY1305:
-        Aead = EVP_chacha20();
+        if (CXPLAT_CHACHA20_ALG_HANDLE == NULL) {
+            Status = QUIC_STATUS_NOT_SUPPORTED;
+            goto Exit;
+        }
+        Aead = CXPLAT_CHACHA20_ALG_HANDLE;
         break;
     default:
         Status = QUIC_STATUS_NOT_SUPPORTED;

src/platform/platform_posix.c

@@ -205,7 +205,16 @@ CxPlatInitialize(
         goto Exit;
     }
 
+    Status = CxPlatCryptInitialize();
+    if (QUIC_FAILED(Status)) {
+        if (RandomFd != -1) {
+            close(RandomFd);
+        }
+        return Status;
+    }
+
     if (!CxPlatWorkersInit()) {
+        CxPlatCryptUninitialize();
         Status = QUIC_STATUS_OUT_OF_MEMORY;
         goto Exit;
     }
@@ -236,6 +245,7 @@ CxPlatUninitialize(
     )
 {
     CxPlatWorkersUninit();
+    CxPlatCryptUninitialize();
     close(RandomFd);
     QuicTraceLogInfo(
         PosixUninitialized,

src/platform/tls_openssl.c

@@ -1030,17 +1030,27 @@ CxPlatTlsSecConfigCreate(
         return QUIC_STATUS_NOT_SUPPORTED;
     }
 
-    if (CredConfigFlags & QUIC_CREDENTIAL_FLAG_SET_ALLOWED_CIPHER_SUITES &&
-        ((CredConfig->AllowedCipherSuites &
+    if (CredConfigFlags & QUIC_CREDENTIAL_FLAG_SET_ALLOWED_CIPHER_SUITES) {
+        if ((CredConfig->AllowedCipherSuites &
             (QUIC_ALLOWED_CIPHER_SUITE_AES_128_GCM_SHA256 |
             QUIC_ALLOWED_CIPHER_SUITE_AES_256_GCM_SHA384 |
-            QUIC_ALLOWED_CIPHER_SUITE_CHACHA20_POLY1305_SHA256)) == 0)) {
-        QuicTraceEvent(
-            LibraryErrorStatus,
-            "[ lib] ERROR, %u, %s.",
-            CredConfig->AllowedCipherSuites,
-            "No valid cipher suites presented");
-        return QUIC_STATUS_INVALID_PARAMETER;
+            QUIC_ALLOWED_CIPHER_SUITE_CHACHA20_POLY1305_SHA256)) == 0) {
+            QuicTraceEvent(
+                LibraryErrorStatus,
+                "[ lib] ERROR, %u, %s.",
+                CredConfig->AllowedCipherSuites,
+                "No valid cipher suites presented");
+            return QUIC_STATUS_INVALID_PARAMETER;
+        }
+        if (CredConfig->AllowedCipherSuites == QUIC_ALLOWED_CIPHER_SUITE_CHACHA20_POLY1305_SHA256 &&
+            !CxPlatCryptSupports(CXPLAT_AEAD_CHACHA20_POLY1305)) {
+            QuicTraceEvent(
+                LibraryErrorStatus,
+                "[ lib] ERROR, %u, %s.",
+                CredConfig->AllowedCipherSuites,
+                "Only CHACHA requested but not available");
+            return QUIC_STATUS_NOT_SUPPORTED;
+        }
     }
 
     QUIC_STATUS Status = QUIC_STATUS_SUCCESS;
@@ -1127,6 +1137,10 @@ CxPlatTlsSecConfigCreate(
             AllowedCipherSuitesCount++;
         }
         if (CredConfig->AllowedCipherSuites & QUIC_ALLOWED_CIPHER_SUITE_CHACHA20_POLY1305_SHA256) {
+            if (AllowedCipherSuitesCount == 0 && !CxPlatCryptSupports(CXPLAT_AEAD_CHACHA20_POLY1305)) {
+                Status = QUIC_STATUS_NOT_SUPPORTED;
+                goto Exit;
+            }
             CipherSuiteStringLength += (uint8_t)sizeof(CXPLAT_TLS_CHACHA20_POLY1305_SHA256);
             AllowedCipherSuitesCount++;
         }
@@ -1630,6 +1644,10 @@ CxPlatTlsInitialize(
     UNREFERENCED_PARAMETER(State);
 
     CXPLAT_DBG_ASSERT(Config->HkdfLabels);
+    if (Config->SecConfig == NULL) {
+        Status = QUIC_STATUS_INVALID_PARAMETER;
+        goto Exit;
+    }
 
     TlsContext = CXPLAT_ALLOC_NONPAGED(sizeof(CXPLAT_TLS), QUIC_POOL_TLS_CTX);
     if (TlsContext == NULL) {

src/platform/unittest/TlsTest.cpp

@@ -964,9 +964,11 @@ TEST_F(TlsTest, HandshakeParamInfoChaCha20)
     CxPlatServerSecConfig ServerConfig(
         QUIC_CREDENTIAL_FLAG_SET_ALLOWED_CIPHER_SUITES,
         QUIC_ALLOWED_CIPHER_SUITE_CHACHA20_POLY1305_SHA256);
+
     TlsContext ServerContext, ClientContext;
     ClientContext.InitializeClient(ClientConfig);
     ServerContext.InitializeServer(ServerConfig);
+    ASSERT_NE(ServerConfig.SecConfig, nullptr);
     DoHandshake(ServerContext, ClientContext);
 
     QUIC_HANDSHAKE_INFO HandshakeInfo;