Closed Bug 1809872 Opened 3 years ago Closed 2 years ago

DTLS1.3 RFC types mismatch

Categories

(NSS :: Libraries, defect, P4)

Product:
NSS
Component:
Libraries
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: anna.weine, Assigned: anna.weine)

References

(Blocks 1 open bug)

Details

Attachments

(2 files)

Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64
48 bytes, text/x-phabricator-request
Details | Review
Bug 1809872 - DTLS test TlsAgentDgramTestClient.AckWithNonEvenLengthwas failing due to not establishing the correct error code
48 bytes, text/x-phabricator-request
Details | Review

We observed that the types used in the DTLS1.3:

Assignee: nobody → nkulatova
Status: NEW → ASSIGNED

Found during the interoperability testing with WolfSSL: https://bugzilla.mozilla.org/show_bug.cgi?id=1809196#c3 and https://bugzilla.mozilla.org/show_bug.cgi?id=1809196#c4.

The comment https://bugzilla.mozilla.org/show_bug.cgi?id=1809196#c4 suggest not to modify the existing structures, but to adapt the ACK message.

Blocks: 1809196
No longer blocks: dtls1.3-support

Copy paste from the interoperability bug:

Related problem. The dtls13_HandleAck function processes incorrectly the acknowledgements. Instead of seeing them as (epoch, seq), it parses it as (seq). That's why the acknowledgement of the messages does not work.

Quick fix:

rv = ssl3_ConsumeHandshakeNumber64(ss, &epoch, 8, &b, &l);
rv = ssl3_ConsumeHandshakeNumber64(ss, &seq, 8, &b, &l);
seq = dtls_CombineSequenceNumber(epoch, seq);
Attachment #9319187 - Attachment description: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64 → WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64

This patch also requires the same modification in the testing facilities (CheckAcks function). I needed to update the expected size of the ACK messages.

https://phabricator.services.mozilla.com/D170598#change-35FPTx1FSoxv

Attachment #9319187 - Attachment description: WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64 → WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64
Attachment #9319187 - Attachment description: WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64 → WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64
Attachment #9319187 - Attachment description: WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64 → Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64

There is an r+ patch which didn't land and no activity in this bug for 2 weeks.
:nkulatova, could you have a look please?
If you still have some work to do, you can add an action "Plan Changes" in Phabricator.
For more information, please visit BugBot documentation.

Flags: needinfo?(nkulatova)
Flags: needinfo?(djackson)
Attachment #9319187 - Attachment description: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64 → WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64
Attachment #9319187 - Attachment description: WIP: Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64 → Bug 1809872 - Modification the DTLS1.3 Message: Sending epoch and seqNum separately as two uint64
Attachment #9367720 - Attachment description: WIP: Bug 1809872 - DTLS test TlsAgentDgramTestClient.AckWithNonEvenLengthwas failing due to not establishing the correct error code → Bug 1809872 - DTLS test TlsAgentDgramTestClient.AckWithNonEvenLengthwas failing due to not establishing the correct error code

https://hg.mozilla.org/projects/nss/rev/38073deff026832986213d9e58b04f4a898759fc

Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Flags: needinfo?(nkulatova)
Flags: needinfo?(djackson)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: