Summary: Test is broken due to incorrect rebase of D74890801.
Reviewed By: hanidamlaj, rnandan08
Differential Revision: D76434508
fbshipit-source-id: f6f1d687e91e52e1a990bb834453a37bae041923
Summary:
Until now we used a buffer to represent `ECHConfigContentDraft` and parsed it as needed given the content refers to a supported ECH config version. This leads to multiple calls to parsing logic throughout the ECH flow e.g.; during client initialization, during ECH chlo preparation...).
- This diff aims to replace the `Buf` usage with actual `ECHConfigContent` type to avoid unnecessary buffer decoding logic.
- `ECHConfig` still holds a `Buf` object for `ech_config_content`; but parsed content object (`ParsedECHConfig` an alias of `ECHConfigContentDraft`) is used during ECH handling.
- `ParsedECHConfig` is encoded and wrapped with `ECHConfig` as needed given current supported version is `Draft15`.
Reviewed By: mingtaoy
Differential Revision: D68733557
fbshipit-source-id: af8b415e11f1c602574c78783892d5947ff272df
Summary: This primarily involved making the constructors private and changing the callers of the factory functions. The crashing factory is only expected to be used by tests.
Reviewed By: kvtsoy
Differential Revision: D74347638
fbshipit-source-id: 4c0dd7fabaa233c8a3460c359462a22642d26f5b
Summary:
This is an API break, but it should mostly be a manageable one. We want to be able to compile mvfst internally without exceptions, and folly::Optional is one dependency that makes this challenging. Additionally, we already have an imported secondary optional type for performance/struct size reasons, tiny-optional.
This second optional interface is mostly compatible in an API sense (including the use of std::nullopt) with std::optional. Thus our approach is to remove the dependency on folly::Optional, and offer a quic::Optional instead.
The next diff will properly vendor tiny-optional so that quic::Optional is an independent version of it.
Reviewed By: sharmafb, kvtsoy
Differential Revision: D74133131
fbshipit-source-id: 715f8bb5043ba3bb876cacfe54236887e0686b30
Summary:
Previously,
* `RawBuf` was a typealias for `std::unique_ptr<folly::IOBuf>`
* `Buf` was a typealias for `folly::IOBuf`
In this diff,
* `Buf` is a typealias for `folly::IOBuf`
* `BufPtr` is a typealias for `std::unique_ptr<folly::IOBuf>`
Reviewed By: hanidamlaj
Differential Revision: D73206576
fbshipit-source-id: 454bf6ccfce3d6571e5e931889263ed98cc24af3
Summary: Continuing the theme. This removes it from client and server handshakes.
Reviewed By: kvtsoy
Differential Revision: D73335422
fbshipit-source-id: 262bad17c1ebd2bcef623b1185e38e6a63ec714b
Summary:
Remove headers flagged by facebook-unused-include-check over fbcode.quic.
+ format and autodeps
This is a codemod. It was automatically generated and will be landed once it is approved and tests are passing in sandcastle.
You have been added as a reviewer by Sentinel or Butterfly.
Autodiff project: uiq
Autodiff partition: fbcode.quic
Autodiff bookmark: ad.uiq.fbcode.quic
Reviewed By: hanidamlaj
Differential Revision: D69864370
fbshipit-source-id: fb8f85599e1e12429f00dc2817dfc5ecf55bc482
Summary:
Concatenate adjacent namespaces + format
This is a codemod. It was automatically generated and will be landed once it is approved and tests are passing in sandcastle.
You have been added as a reviewer by Sentinel or Butterfly.
Autodiff project: nc
Autodiff partition: fbcode.quic
Autodiff bookmark: ad.nc.fbcode.quic
Reviewed By: hanidamlaj
Differential Revision: D65365244
fbshipit-source-id: 0bbaa7684d03caf8fc8eff3439a0865940398220
Summary:
D61632080 removes the OpenSSL usage from DHKEM internally, but it still left
the exported backend/OpenSSL header.
This diff removes the exported OpenSSL dependency from the target, and updates
callsites that were depending on this.
Reviewed By: zalecodez
Differential Revision: D62411511
fbshipit-source-id: fa41f2ceb42dd09999863ea3319160a0fbe3e57f
Summary:
The Fizz HPKE library should not take hard dependencies to any specific
backend implementation. `hpke::makeCipher` was creating a hard dependency
on OpenSSL.
Reviewed By: zalecodez
Differential Revision: D62785755
fbshipit-source-id: 4debee7c0faf358df30f76522bd8e3d0a871c8bc
Summary:
HPKE is built on top of cryptographic primitives. The `fizz::Factory` is
responsible for constructing these primitives. HPKE has no business in deciding
*which* backend to use. Since the Fizz TLS implementation supports ECH, which
uses HPKE, this means that without this diff the Fizz TLS implementation would
always depend on OpenSSL regardless of what is configured in the Factory.
This diff:
* Adds a `factory` parameter to all of the HPKE utility functions that construct
a cryptographic primitive and delegates to the supplied factory
* Plumbs this change through ECH
Reviewed By: zalecodez
Differential Revision: D61632080
fbshipit-source-id: 11ed92adddeedc5aba71e42d0af7520a19fedb06
Summary:
The idea here is to make it so we can swap out the type we are using for optionality. In the near term we are going to try swapping towards one that more aggressively tries to save size.
For now there is no functional change and this is just a big aliasing diff.
Reviewed By: sharmafb
Differential Revision: D57633896
fbshipit-source-id: 6eae5953d47395b390016e59cf9d639f3b6c8cfe
Summary:
OpenSSLECKeyExchange doesn't need to be a template class. It only uses T::curveNid and t::keyShareLength from the type. So we can pass this in to the constructor.
Created `openssl::makeKeyExchange<T>` which constructs an `OpenSSLECKeyExchange`, giving it the necessary params.
Reviewed By: mingtaoy
Differential Revision: D55947121
fbshipit-source-id: 944a5a92eb1e8d504020a5e7e084b8c739b011e6
Summary:
If early data is rejected and the tls parameters that we used from the 0-rtt ticket do not match the ones in the current handshake, the connection cannot continue.
Previously, the connection would fail but the psk still stayed in the client cache. This meant that subsequent retries could still attempt zero rtt and hit the same error repeatedly.
This change moves the decision to close the connection to the QuicClientTransport instead of the FizzClientHandshake so it can remove the "bad" psk from the pskCache.
Reviewed By: kvtsoy
Differential Revision: D57398519
fbshipit-source-id: b1c076794b9b16954ec23474bffc5a0be7e11090
Summary: The current requirement is openssl >= v1.1.0, which automatically initializes itself. Given this requirement, the folly routines to initialize openssl are now no-ops and legacy. Cut calls to them.
Reviewed By: kvtsoy
Differential Revision: D55195171
fbshipit-source-id: 914641dbcd818f0911b8fbc894f1d571d305f851
Summary:
Currently getExportedKeyingMaterial is declared on ClientHandshake. The EKM is useful on the server side too.
Lets move getExportedKeyingMaterial to the HandshakeLayer interface to provide a common API on the client and server side.
Reviewed By: lhuang04
Differential Revision: D54370646
fbshipit-source-id: e8673cdaf891de59c05b895012a531a4cfb165ed
Summary: Adds plumbing on the FizzClientHandshake to access the exported keying material during the quic TLS handshake.
Reviewed By: knekritz
Differential Revision: D54370533
fbshipit-source-id: 32b254f73cae6c2fab8cd757ba152087fd893813
Summary: - as title, integrity is fixed length (16 bytes) and does not need to be an IOBuf
Reviewed By: knekritz, mjoras
Differential Revision: D54392008
fbshipit-source-id: dde1ac87d1355c389b805060e2080eae1d77ab87
Summary: This is in preparation for enforcing ALPN requirement in the QUIC layer.
Reviewed By: mjoras
Differential Revision: D51285567
fbshipit-source-id: 3cc3c2fbde169ec9603b3309d0abda74aa698602
Summary: Update flow control settings names to reflect that these are indeed flow control
Reviewed By: jbeshay
Differential Revision: D48137685
fbshipit-source-id: a48372e21cdd529480e25785a9bd5de456427ef3
Summary: As it says on tin. Allows for callers to opt in to in-place decryption always.
Reviewed By: mingtaoy
Differential Revision: D28270936
fbshipit-source-id: 389d9f9f4f7283af33c8eee5125f74bf7c034cd7
Summary: Adds piping from AsyncFizzClient/Server down to the AEAD to support indicating what the desired behavior is. Doesn't modify the current behavior.
Reviewed By: knekritz
Differential Revision: D28037478
fbshipit-source-id: ac2d3d24828ced6ec435cd060c2d28a5700bf6bf
Summary:
Original commit changeset: a77b4ddb8bd5
- The diff broke AdFinder by causing 10x critical exceptions to be thrown
- We also suspect this diff causes data corruption that leads to adid = 0 issue that has further impact in the system(to be verified in canary)
Reviewed By: wylqc
Differential Revision: D27898082
fbshipit-source-id: 4d4a2458b218714abe810b7f3e3ef1bfe62675a0
Summary: Adds piping from AsyncFizzClient/Server down to the AEAD to support indicating what the desired behavior is
Reviewed By: mingtaoy
Differential Revision: D27274332
fbshipit-source-id: a77b4ddb8bd52c8fb2bd38c89d3e489d07c7781a
Summary: This switches the client to use the FizzRetryIntegrityTagGenerator and the PseudoRetryPacketBuilder, to avoid duplication of a lot of the work.
Reviewed By: mjoras
Differential Revision: D21489881
fbshipit-source-id: 8aa3af26f1090eeb9f2f04eb4defd785ad555df1
Summary:
This implements the connection ID validation via transport parameters. Note we don't do anything with the retry transport parameter yet.
This will probably require further surgery to tests when we want the MVFST version to do this, but for now I'm punting on that test plumbing.
This retains support for h3-27.
Reviewed By: yangchi
Differential Revision: D22045631
fbshipit-source-id: e93841e734c0683655c751d808fd90b3b391eb3e
Summary:
Now we won't have a zero PTO and we will properly clear out the outstanding packets.
Note that this cipher dropping is not what the draft prescribes, instead dropping both the initial and handshake ciphers when we know 1-rtt communication is functioning.
Reviewed By: yangchi
Differential Revision: D20388737
fbshipit-source-id: 0b89eb80c8faa796ab09eda3eaa10a00dcf7bae9
Summary:
This is a safer default than allowing limited on the source address not matching.
While here, also change the attemptEarlyData setting to false, since 0-rtt should be opt-in.
Reviewed By: yangchi, JunqiWang
Differential Revision: D21383402
fbshipit-source-id: b60fbbbe9438861eea894cb11ccb8bae2243a174
Summary: This adds the ability to verify the integrity token present in a retry packet, as per section 5.8 of the QUIC-TLS draft (https://fburl.com/kw9l8dvu). This doesn't change any existing functionality.
Reviewed By: mjoras
Differential Revision: D19631864
fbshipit-source-id: 2ff8288986b3e27c85fe885b132ab6753fed3be8
