mirror
/
go
mirror of https://github.com/golang/go.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto/tls: if received an invalid ECHClientHello.type, server send a illegal_parameter 

The spec indicates that if a client sends an invalid ECHClientHello.type in
ClientHelloOuter, the server will abort the handshake with a decode_error
alert. Defined errInvalidECHExt for invalid ECHClientHello.type. If
parseECHExt returns an errInvalidECHExt error, Conn now sends an
illegal_parameter alert.

Fixes #71061
This commit is contained in:
thekuwayama 2024-12-30 07:10:49 +09:00
parent 2b794ed86c
commit 3d6c233ccd
1 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/crypto/tls/ech.go
View File

@ -378,7 +378,7 @@ func decodeInnerClientHello(outer *clientHelloMsg, encoded []byte) (*clientHello
}
if !bytes.Equal(inner.encryptedClientHello, []byte{uint8(innerECHExt)}) {
return nil, errors.New("tls: client sent invalid encrypted_client_hello extension")
return nil, errInvalidECHExt
}
if len(inner.supportedVersions) != 1 || (len(inner.supportedVersions) >= 1 && inner.supportedVersions[0] != VersionTLS13) {
@ -481,6 +481,7 @@ func (e *ECHRejectionError) Error() string {
}
var errMalformedECHExt = errors.New("tls: malformed encrypted_client_hello extension")
var errInvalidECHExt = errors.New("tls: client sent invalid encrypted_client_hello extension")
type echExtType uint8
@ -507,7 +508,7 @@ func parseECHExt(ext []byte) (echType echExtType, cs echCipher, configID uint8,
return echType, cs, 0, nil, nil, nil
}
if echType != outerECHExt {
err = errMalformedECHExt
err = errInvalidECHExt
return
}
if !s.ReadUint16(&cs.KDFID) {
@ -549,8 +550,13 @@ func marshalEncryptedClientHelloConfigList(configs []EncryptedClientHelloKey) ([
func (c *Conn) processECHClientHello(outer *clientHelloMsg) (*clientHelloMsg, *echServerContext, error) {
echType, echCiphersuite, configID, encap, payload, err := parseECHExt(outer.encryptedClientHello)
if err != nil {
c.sendAlert(alertDecodeError)
return nil, nil, errors.New("tls: client sent invalid encrypted_client_hello extension")
if errors.Is(err, errInvalidECHExt) {
c.sendAlert(alertIllegalParameter)
} else {
c.sendAlert(alertDecodeError)
}
return nil, nil, errInvalidECHExt
}
if echType == innerECHExt {
@ -597,7 +603,7 @@ func (c *Conn) processECHClientHello(outer *clientHelloMsg) (*clientHelloMsg, *e
echInner, err := decodeInnerClientHello(outer, encodedInner)
if err != nil {
c.sendAlert(alertIllegalParameter)
return nil, nil, errors.New("tls: client sent invalid encrypted_client_hello extension")
return nil, nil, errInvalidECHExt
}
c.echAccepted = true