)]}' { "commit": "18b6836b2f6340187a7981c82be9be9d092d36d6", "tree": "9794caad72b730867e8fb0415cc0cecb22f9cace", "parents": [ "37a3c70c0eba2cecb61b943bb12624871cc2d822" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Fri Jun 18 23:13:46 2021 -0400" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Wed Sep 01 22:12:30 2021 +0000" }, "message": "Update to draft-ietf-tls-esni-13.\n\nLater CLs will clean up the ClientHello construction a bit (draft-12\navoids computing ClientHelloOuter twice). I suspect the transcript\nhandling on the client can also be simpler, but I\u0027ll see what\u0027s\nconvenient after I\u0027ve changed how ClientHelloOuter is constructed.\n\nChanges of note between draft-10 and draft-13:\n\n- There is now an ECH confirmation signal in both HRR and SH. We don\u0027t\n actually make much use of this in our client right now, but it\n resolves a bunch of weird issues around HRR, including edge cases if\n HRR applies to one ClientHello but not the other.\n\n- The confirmation signal no longer depends on key_share and PSK, so we\n don\u0027t have to work around a weird ordering issue.\n\n- ech_is_inner is now folded into the main encrypted_client_hello code\n point. This works better with some stuff around HRR.\n\n- Padding is moved from the padding extension, computed with\n ClientHelloInner, to something we fill in afterwards. This makes it\n easier to pad up the whole thing to a multiple of 32. I\u0027ve accordingly\n updated to the latest recommended padding construction, and updated\n the GREASE logic to match.\n\n- ech_outer_extensions is much easier to process because the order is\n required to be consistent. We were doing that anyway, and now a simple\n linear scan works.\n\n- ClientHelloOuterAAD now uses an all zero placeholder payload of the\n same length. This lets us simplify the server code, but, for now, I\u0027ve\n kept the client code the same. I\u0027ll follow this up with a CL to avoid\n computing ClientHelloOuter twice.\n\n- ClientHelloOuterAAD is allowed to contain a placeholder PSK. I haven\u0027t\n filled that in and will do it in a follow-up CL.\n\nBug: 275\nChange-Id: I7464345125c53968b2fe692f9268e392120fc2eb\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48912\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "2f854109576f9e7f01fd1143ca27b0f3ea43bd92", "old_mode": 33188, "old_path": "crypto/err/ssl.errordata", "new_id": "68791344666244cb438cc7a1042fc842dc65f85f", "new_mode": 33188, "new_path": "crypto/err/ssl.errordata" }, { "type": "modify", "old_id": "996a0f94c8ba18b9a19fe5806e911a8df5712fef", "old_mode": 33188, "old_path": "include/openssl/ssl.h", "new_id": "eae3c4b474c5e77d57f66ac27deca6e15e95e1da", "new_mode": 33188, "new_path": "include/openssl/ssl.h" }, { "type": "modify", "old_id": "9f38c8178c5ded1f0fd9b50427e7b205264b103a", "old_mode": 33188, "old_path": "include/openssl/tls1.h", "new_id": "a3136c0d35f9b5a35bb9a1fc55a115df5f4caad4", "new_mode": 33188, "new_path": "include/openssl/tls1.h" }, { "type": "modify", "old_id": "4b837ffc2acdc081dd65b664be1f4c798a5b3473", "old_mode": 33188, "old_path": "ssl/encrypted_client_hello.cc", "new_id": "5192cc6dbc2775bd4d6da80bb9d029927bc5b7cb", "new_mode": 33188, "new_path": "ssl/encrypted_client_hello.cc" }, { "type": "modify", "old_id": "6fec4458447b47a388bde7fb4ffcfbac4d55d37f", "old_mode": 33188, "old_path": "ssl/extensions.cc", "new_id": "ba55c930f5c0be33984b34014d93beac479c608d", "new_mode": 33188, "new_path": "ssl/extensions.cc" }, { "type": "modify", "old_id": "3608888fb2c4cf70e5aa6d33cebcee8b162ccf44", "old_mode": 33188, "old_path": "ssl/handshake.cc", "new_id": "fc85e21d0f3eba3cc57498535c001e70205224d6", "new_mode": 33188, "new_path": "ssl/handshake.cc" }, { "type": "modify", "old_id": "ee9045e6ac8837181c3e9f3d86053ff1de9e46e6", "old_mode": 33188, "old_path": "ssl/handshake_client.cc", "new_id": "17b41e0cd74f90a9997f0955aac9fd1bd78d78f4", "new_mode": 33188, "new_path": "ssl/handshake_client.cc" }, { "type": "modify", "old_id": "29fc3a44896ed81b641b2f4f64b446f8dd549d30", "old_mode": 33188, "old_path": "ssl/handshake_server.cc", "new_id": "fdf951137ac5e16a087ba8fdac3f64fc0c493b40", "new_mode": 33188, "new_path": "ssl/handshake_server.cc" }, { "type": "modify", "old_id": "6b7528ce4e27bf2553e60300f6e6ba545c8ba556", "old_mode": 33188, "old_path": "ssl/internal.h", "new_id": "ab23d29b87abf8ee1ac10f62cd0ffd774fbb79be", "new_mode": 33188, "new_path": "ssl/internal.h" }, { "type": "modify", "old_id": "76f88c7a9629e15b0743982b9a18fcc646f76bad", "old_mode": 33188, "old_path": "ssl/ssl_test.cc", "new_id": "60d820bdca8a500fc900711738c851b9df69ec18", "new_mode": 33188, "new_path": "ssl/ssl_test.cc" }, { "type": "modify", "old_id": "d43e7d1b3a8923a5eebce7539e4eb24c1a23ffd7", "old_mode": 33188, "old_path": "ssl/test/runner/common.go", "new_id": "bf6a3d170e5d3afce9399e13110b0945f23e0992", "new_mode": 33188, "new_path": "ssl/test/runner/common.go" }, { "type": "modify", "old_id": "424b2067105240b972b29bdf4768d1501ecc83c6", "old_mode": 33188, "old_path": "ssl/test/runner/handshake_client.go", "new_id": "5d04994ad23ef8917b6d5ca69ac41ef44a5681eb", "new_mode": 33188, "new_path": "ssl/test/runner/handshake_client.go" }, { "type": "modify", "old_id": "d666a8795ad2af29c09262dece3eb8720fd09ff3", "old_mode": 33188, "old_path": "ssl/test/runner/handshake_messages.go", "new_id": "f2ef2fc89ae1eb380ddfc5149bc5ba548e23256e", "new_mode": 33188, "new_path": "ssl/test/runner/handshake_messages.go" }, { "type": "modify", "old_id": "1464944f2d37b2887f426a5749df0e80264378d2", "old_mode": 33188, "old_path": "ssl/test/runner/handshake_server.go", "new_id": "4f411844a239cfe693a217826eee9cc3df29a1d6", "new_mode": 33188, "new_path": "ssl/test/runner/handshake_server.go" }, { "type": "modify", "old_id": "a08538bed37748a5bbd74c0447376f41ff325ed6", "old_mode": 33188, "old_path": "ssl/test/runner/hpke/hpke.go", "new_id": "36dc63795cfd8f6bd4b4b9724ae7409e01ca0859", "new_mode": 33188, "new_path": "ssl/test/runner/hpke/hpke.go" }, { "type": "modify", "old_id": "66c427f79f1ae6ddb0ab174661105fb7b3619f37", "old_mode": 33188, "old_path": "ssl/test/runner/prf.go", "new_id": "f5290c38b6611a1525f8fadb30b798d4cf1d0b1e", "new_mode": 33188, "new_path": "ssl/test/runner/prf.go" }, { "type": "modify", "old_id": "1953b885b58190a0ab325f3cf638ee4e753e0060", "old_mode": 33188, "old_path": "ssl/test/runner/runner.go", "new_id": "cfff7147dc91dc375152957347d58d3c7547aa23", "new_mode": 33188, "new_path": "ssl/test/runner/runner.go" }, { "type": "modify", "old_id": "bd7e63f04ddaeabe82014dd8ffad6621e1ccf9d8", "old_mode": 33188, "old_path": "ssl/tls13_client.cc", "new_id": "af2120c387b320a026e6468879361e5dab3dc85d", "new_mode": 33188, "new_path": "ssl/tls13_client.cc" }, { "type": "modify", "old_id": "9c54a4df9f6536e1234a87063f38b75b8928c3f5", "old_mode": 33188, "old_path": "ssl/tls13_enc.cc", "new_id": "69428875b740f5f35121036c6cd28fc78e388b4a", "new_mode": 33188, "new_path": "ssl/tls13_enc.cc" }, { "type": "modify", "old_id": "79968bc5fe26f251580559c65182fe6a588902da", "old_mode": 33188, "old_path": "ssl/tls13_server.cc", "new_id": "2f000e55b37c7f42cf8e11b6a16c3bb80e1a9ad8", "new_mode": 33188, "new_path": "ssl/tls13_server.cc" } ] }