Cherry-Pick: New Session Ticket Encryption Key API (#1213)

.azure/azure-pipelines.qns.yml

@@ -58,7 +58,7 @@ jobs:
         ${{ if eq(variables['Build.Reason'], 'BatchedCI') }}:
           tags: |
             latest
-            v1.1.1.$(Build.BuildId)
+            v1.1.2.$(Build.BuildId)
         ${{ if ne(variables['Build.Reason'], 'BatchedCI') }}:
           tags: custom-$(Build.BuildId)
 - template: .\templates\run-qns.yml

.azure/templates/create-package.yml

@@ -43,5 +43,5 @@ jobs:
       owner: [email protected]
       majorVer: 1
       minorVer: 1
-      patchVer: 1
+      patchVer: 2
       prereleaseVer: $(Build.BuildId)

CMakeLists.txt

@@ -253,14 +253,22 @@ if(WIN32)
         list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_RESUMPTION)
     endif()
 
+    if(QUIC_TLS STREQUAL "schannel")
+        # User mode schannel doesn't support this yet.
+        message(STATUS "Disabling resumption rejection")
+        list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_RESUMPTION_REJECTION_TESTS)
+    endif()
+
     if(QUIC_TLS STREQUAL "openssl" OR QUIC_TLS STREQUAL "schannel")
         # OpenSSL and SChannel don't support 0-RTT yet.
         message(STATUS "Disabling 0-RTT support")
         list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_0RTT_TESTS)
+        list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_RESUMPTION_REJECTION_TESTS)
     endif()
 
     if(QUIC_TLS STREQUAL "stub")
         list(APPEND QUIC_COMMON_DEFINES QUIC_TLS_STUB)
+        list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_RESUMPTION_REJECTION_TESTS)
     endif()
 
     if(QUIC_ENABLE_SANITIZERS)
@@ -348,6 +356,7 @@ else()
         # OpenSSL doesn't support 0-RTT yet.
         message(STATUS "Disabling 0-RTT support")
         list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_0RTT_TESTS)
+        list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_RESUMPTION_REJECTION_TESTS)
     endif()
 
     if(QUIC_ENABLE_SANITIZERS)
@@ -360,6 +369,7 @@ else()
 
     if(QUIC_TLS STREQUAL "stub")
         list(APPEND QUIC_COMMON_DEFINES QUIC_TLS_STUB)
+        list(APPEND QUIC_COMMON_DEFINES QUIC_DISABLE_RESUMPTION_REJECTION_TESTS)
     endif()
 
     set(QUIC_C_FLAGS ${QUIC_COMMON_FLAGS})

src/core/configuration.c

@@ -442,9 +442,11 @@ QuicConfigurationParamSet(
         const void* Buffer
     )
 {
-    if (Param == QUIC_PARAM_CONFIGURATION_SETTINGS) {
+    switch (Param) {
+    case QUIC_PARAM_CONFIGURATION_SETTINGS:
 
-        if (BufferLength != sizeof(QUIC_SETTINGS)) {
+        if (Buffer == NULL ||
+            BufferLength != sizeof(QUIC_SETTINGS)) {
             return QUIC_STATUS_INVALID_PARAMETER; // TODO - Support partial
         }
 
@@ -465,6 +467,26 @@ QuicConfigurationParamSet(
         QuicSettingsDumpNew(BufferLength, (QUIC_SETTINGS*)Buffer);
 
         return QUIC_STATUS_SUCCESS;
+
+    case QUIC_PARAM_CONFIGURATION_TICKET_KEYS:
+
+        if (Buffer == NULL ||
+            BufferLength < sizeof(QUIC_TICKET_KEY_CONFIG)) {
+            return QUIC_STATUS_INVALID_PARAMETER;
+        }
+
+        if (Configuration->SecurityConfig == NULL) {
+            return QUIC_STATUS_INVALID_STATE;
+        }
+
+        return
+            CxPlatTlsSecConfigSetTicketKeys(
+                Configuration->SecurityConfig,
+                (QUIC_TICKET_KEY_CONFIG*)Buffer,
+                (uint8_t)(BufferLength / sizeof(QUIC_TICKET_KEY_CONFIG)));
+
+    default:
+        break;
     }
 
     return QUIC_STATUS_INVALID_PARAMETER;

src/inc/msquic.h

@@ -243,10 +243,24 @@ typedef struct QUIC_CREDENTIAL_CONFIG {
         QUIC_CERTIFICATE_FILE* CertificateFile;
     };
     const char* Principal;
-    void* TicketKey; // Optional, 44 byte array
+    void* Reserved; // Currently unused
     QUIC_CREDENTIAL_LOAD_COMPLETE_HANDLER AsyncHandler; // Optional
 } QUIC_CREDENTIAL_CONFIG;
 
+//
+// The maximum number of QUIC_TICKET_KEY_CONFIG that can be used at one time.
+//
+#define QUIC_MAX_TICKET_KEY_COUNT 16
+
+//
+// TLS New Session Ticket encryption key configuration.
+//
+typedef struct QUIC_TICKET_KEY_CONFIG {
+    uint8_t Id[16];
+    uint8_t Material[64];
+    uint8_t MaterialLength;
+} QUIC_TICKET_KEY_CONFIG;
+
 //
 // A single contiguous buffer.
 //
@@ -502,6 +516,7 @@ typedef enum QUIC_PARAM_LEVEL {
 // Parameters for QUIC_PARAM_LEVEL_CONFIGURATION.
 //
 #define QUIC_PARAM_CONFIGURATION_SETTINGS               0   // QUIC_SETTINGS
+#define QUIC_PARAM_CONFIGURATION_TICKET_KEYS            1   // QUIC_TICKET_KEY_CONFIG[]
 
 //
 // Parameters for QUIC_PARAM_LEVEL_LISTENER.

src/inc/msquic.hpp

@@ -398,6 +398,28 @@ class MsQuicConfiguration {
     LoadCredential(_In_ const QUIC_CREDENTIAL_CONFIG* CredConfig) noexcept {
         return MsQuic->ConfigurationLoadCredential(Handle, CredConfig);
     }
+    QUIC_STATUS
+    SetTicketKey(_In_ const QUIC_TICKET_KEY_CONFIG* KeyConfig) noexcept {
+        return
+            MsQuic->SetParam(
+                Handle,
+                QUIC_PARAM_LEVEL_CONFIGURATION,
+                QUIC_PARAM_CONFIGURATION_TICKET_KEYS,
+                sizeof(QUIC_TICKET_KEY_CONFIG),
+                KeyConfig);
+    }
+    QUIC_STATUS
+    SetTicketKeys(
+        _In_reads_(KeyCount) const QUIC_TICKET_KEY_CONFIG* KeyConfig,
+        uint8_t KeyCount) noexcept {
+        return
+            MsQuic->SetParam(
+                Handle,
+                QUIC_PARAM_LEVEL_CONFIGURATION,
+                QUIC_PARAM_CONFIGURATION_TICKET_KEYS,
+                KeyCount * sizeof(QUIC_TICKET_KEY_CONFIG),
+                KeyConfig);
+    }
 };
 
 struct MsQuicListener {

src/inc/msquic.ver

@@ -20,10 +20,10 @@
 #define VER_LEGALCOPYRIGHT_STR      "\251 Microsoft Corporation."
 #define VER_PRODUCTNAME_STR         "Microsoft\256 QUIC"
 
-#define VER_FILEVERSION             1,1.1.0
-#define VER_FILEVERSION_STR         "1.1.1.0\0"
+#define VER_FILEVERSION             1,1.2.0
+#define VER_FILEVERSION_STR         "1.1.2.0\0"
 
-#define VER_PRODUCTVERSION_STR      "1.1.1." STR(VER_BUILD_ID) STR(VER_SUFFIX) "\0"
+#define VER_PRODUCTVERSION_STR      "1.1.2." STR(VER_BUILD_ID) STR(VER_SUFFIX) "\0"
 
 VS_VERSION_INFO                     VERSIONINFO
 FILEVERSION                         VER_FILEVERSION

src/inc/quic_tls.h

@@ -344,6 +344,17 @@ CxPlatTlsSecConfigDelete(
         CXPLAT_SEC_CONFIG* SecurityConfig
     );
 
+//
+// Sets a NST ticket key for a security configuration.
+//
+_IRQL_requires_max_(PASSIVE_LEVEL)
+QUIC_STATUS
+CxPlatTlsSecConfigSetTicketKeys(
+    _In_ CXPLAT_SEC_CONFIG* SecurityConfig,
+    _In_reads_(KeyCount) QUIC_TICKET_KEY_CONFIG* KeyConfig,
+    _In_ uint8_t KeyCount
+    );
+
 //
 // Initializes a TLS context.
 //

src/platform/CMakeLists.txt

@@ -79,4 +79,6 @@ if(QUIC_TLS STREQUAL "openssl")
     target_link_libraries(platform PUBLIC OpenSSL)
 elseif(QUIC_TLS STREQUAL "mitls")
     target_link_libraries(platform PUBLIC kremlib evercrypt mitls quiccrypto)
+elseif(QUIC_TLS STREQUAL "schannel")
+    target_link_libraries(platform PUBLIC secur32)
 endif()

src/platform/tls_mitls.c

@@ -430,29 +430,7 @@ CxPlatTlsSecConfigCreate(
 
     QUIC_STATUS Status = QUIC_STATUS_SUCCESS;
 
-    if (CredConfig->Flags & QUIC_CREDENTIAL_FLAG_CLIENT) {
-
-        if (CredConfig->TicketKey != NULL &&
-            !FFI_mitls_set_sealing_key("AES256-GCM", (uint8_t*)CredConfig->TicketKey, 44)) {
-            QuicTraceEvent(
-                LibraryError,
-                "[ lib] ERROR, %s.",
-                "FFI_mitls_set_sealing_key failed");
-            Status = QUIC_STATUS_INVALID_STATE;
-            goto Error;
-        }
-
-    } else {
-
-        if (CredConfig->TicketKey != NULL &&
-            !FFI_mitls_set_ticket_key("AES256-GCM", (uint8_t*)CredConfig->TicketKey, 44)) {
-            QuicTraceEvent(
-                LibraryError,
-                "[ lib] ERROR, %s.",
-                "FFI_mitls_set_ticket_key failed");
-            Status = QUIC_STATUS_INVALID_STATE;
-            goto Error;
-        }
+    if (!(CredConfig->Flags & QUIC_CREDENTIAL_FLAG_CLIENT)) {
 
         Status = CxPlatCertCreate(CredConfig, &SecurityConfig->Certificate);
         if (QUIC_FAILED(Status)) {
@@ -512,6 +490,45 @@ CxPlatTlsSecConfigDelete(
     CXPLAT_FREE(SecurityConfig, QUIC_POOL_TLS_SECCONF);
 }
 
+const uint8_t miTlsTicketKeyLength = 44;
+
+_IRQL_requires_max_(PASSIVE_LEVEL)
+QUIC_STATUS
+CxPlatTlsSecConfigSetTicketKeys(
+    _In_ CXPLAT_SEC_CONFIG* SecurityConfig,
+    _In_reads_(KeyCount) QUIC_TICKET_KEY_CONFIG* KeyConfig,
+    _In_ uint8_t KeyCount
+    )
+{
+    CXPLAT_DBG_ASSERT(KeyCount >= 1);
+    UNREFERENCED_PARAMETER(KeyCount);
+
+    if (KeyConfig->MaterialLength < miTlsTicketKeyLength) {
+        return QUIC_STATUS_INVALID_PARAMETER;
+    }
+
+    if (SecurityConfig->Flags & QUIC_CREDENTIAL_FLAG_CLIENT) {
+        if (!FFI_mitls_set_sealing_key("AES256-GCM", KeyConfig->Material, miTlsTicketKeyLength)) {
+            QuicTraceEvent(
+                LibraryError,
+                "[ lib] ERROR, %s.",
+                "FFI_mitls_set_sealing_key failed");
+            return QUIC_STATUS_INVALID_STATE;
+        }
+
+    } else {
+        if (!FFI_mitls_set_ticket_key("AES256-GCM", KeyConfig->Material, miTlsTicketKeyLength)) {
+            QuicTraceEvent(
+                LibraryError,
+                "[ lib] ERROR, %s.",
+                "FFI_mitls_set_ticket_key failed");
+            return QUIC_STATUS_INVALID_STATE;
+        }
+    }
+
+    return QUIC_STATUS_SUCCESS;
+}
+
 _IRQL_requires_max_(PASSIVE_LEVEL)
 QUIC_STATUS
 CxPlatTlsInitialize(

src/platform/tls_openssl.c

@@ -566,8 +566,8 @@ CxPlatTlsSecConfigCreate(
         return QUIC_STATUS_NOT_SUPPORTED; // Not supported by this TLS implementation
     }
 
-    if (CredConfig->TicketKey != NULL) {
-        return QUIC_STATUS_NOT_SUPPORTED; // Not currently supported
+    if (CredConfig->Reserved != NULL) {
+        return QUIC_STATUS_INVALID_PARAMETER; // Not currently used and should be NULL.
     }
 
     if (CredConfig->Flags & QUIC_CREDENTIAL_FLAG_CLIENT) {
@@ -863,6 +863,20 @@ CxPlatTlsSecConfigDelete(
     CXPLAT_FREE(SecurityConfig, QUIC_POOL_TLS_SECCONF);
 }
 
+_IRQL_requires_max_(PASSIVE_LEVEL)
+QUIC_STATUS
+CxPlatTlsSecConfigSetTicketKeys(
+    _In_ CXPLAT_SEC_CONFIG* SecurityConfig,
+    _In_reads_(KeyCount) QUIC_TICKET_KEY_CONFIG* KeyConfig,
+    _In_ uint8_t KeyCount
+    )
+{
+    UNREFERENCED_PARAMETER(SecurityConfig);
+    UNREFERENCED_PARAMETER(KeyConfig);
+    UNREFERENCED_PARAMETER(KeyCount);
+    return QUIC_STATUS_NOT_SUPPORTED;
+}
+
 QUIC_STATUS
 CxPlatTlsInitialize(
     _In_ const CXPLAT_TLS_CONFIG* Config,