Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Process GOST ClientKeyExchange message in SSL_trace #9995

Closed
wants to merge 1 commit into from
Closed

Process GOST ClientKeyExchange message in SSL_trace #9995

wants to merge 1 commit into from

Conversation

dahek
Copy link

@dahek dahek commented Sep 24, 2019

Use ssl_print_hex to print message in case of GOST key exchange algorithm.

Process GOST ClientKeyExchange message in SSL_trace
675345e 
Use ssl_print_hex to print message in case of GOST key exchange algorithm.

CLA: trivial
@beldmit
Copy link
Member

beldmit commented Sep 24, 2019

In my repo I used the ssl_print_hexbuf function.

https://github.com/beldmit/openssl/blob/GOST_TLS_12_2018/ssl/t1_trce.c#L1120-L1123

@dahek
Copy link
Author

dahek commented Sep 24, 2019
edited

In my repo I used the ssl_print_hexbuf function.

We should call ssl_print_hex because msg contains ASN1 structure in case of GOST and first bytes are not the length of buffer.

@dahek
Copy link
Author

dahek commented Sep 25, 2019

  1. In tls_construct_cke_gost WPACKET_put_bytes_u8 is used to put V_ANS1_SEQUENCE | V_ASN1_CONSTRUCTED byte. For example, in tls_construct_cke_ecdhe WPACKET_sub_memcpy_u8 is used to put length of the buffer before buffer. So we can't use ssl_print_hexbuf which is used in case of ECDHE.
  2. Tc26 document "Использование наборов алгоритмов шифрования на основе ГОСТ 28147-89 для протокола безопасности транспортного уровня (TLS)" in paragraph 5.6 says that Client Key Exchange Message contains TLSGostKeyTransportBlob ASN.1 structure.

@beldmit
Copy link
Member

beldmit commented Sep 25, 2019

Agreed.

@beldmit beldmit added the approval: review pending This pull request needs review by a committer label Oct 4, 2019
@mspncp mspncp added approval: otc review pending This pull request needs review by an OTC member and removed approval: review pending This pull request needs review by a committer labels Oct 25, 2019
@paulidale paulidale added approval: done This pull request has the required number of approvals branch: master Merge to master branch and removed approval: otc review pending This pull request needs review by an OTC member labels Nov 19, 2019
@beldmit
Copy link
Member

beldmit commented Nov 20, 2019

Will merge on Sunday.

openssl-machine pushed a commit that referenced this pull request Nov 23, 2019
@beldmit
Process GOST ClientKeyExchange message in SSL_trace
6834df1 
Use ssl_print_hex to print message in case of GOST key exchange algorithm.

CLA: trivial

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from #9995)
@beldmit
Copy link
Member

beldmit commented Nov 23, 2019

Merged. Many thanks!

@beldmit beldmit closed this Nov 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@beldmit beldmit beldmit approved these changes

@paulidale paulidale paulidale approved these changes

Assignees
No one assigned
Labels
approval: done This pull request has the required number of approvals branch: master Merge to master branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@dahek @beldmit @paulidale @mspncp