Bug 1763120 - Add ECH Grease Support to tstclnt r=nss-reviewers,jschanck

Differential Revision: https://phabricator.services.mozilla.com/D142942

2 files changed, 27 insertions, 2 deletions

diff --git a/cmd/tstclnt/tstclnt.c b/cmd/tstclnt/tstclnt.c
index 8b9efa007..6d3359c03 100644
--- a/cmd/tstclnt/tstclnt.c
+++ b/cmd/tstclnt/tstclnt.c
@@ -233,6 +233,7 @@ PrintUsageHeader()
             "  [-I groups] [-J signatureschemes]\n"
             "  [-A requestfile] [-L totalconnections] [-P {client,server}]\n"
             "  [-N echConfigs] [-Q] [-z externalPsk]\n"
+            "  [-i echGreaseSize]\n"
             "\n",
             progName);
 }
@@ -317,6 +318,7 @@ PrintParameterUsage()
     fprintf(stderr, "%-20s Use DTLS\n", "-P {client, server}");
     fprintf(stderr, "%-20s Exit after handshake\n", "-Q");
     fprintf(stderr, "%-20s Use Encrypted Client Hello with the given Base64-encoded ECHConfigs\n", "-N");
+    fprintf(stderr, "%-20s Enable Encrypted Client Hello GREASEing with the given padding size (0-255) \n", "-i");
     fprintf(stderr, "%-20s Enable post-handshake authentication\n"
                     "%-20s for TLS 1.3; need to specify -n\n",
             "-E", "");
@@ -1013,6 +1015,7 @@ PRBool requestToExit = PR_FALSE;
 char *versionString = NULL;
 PRBool handshakeComplete = PR_FALSE;
 char *echConfigs = NULL;
+PRUint16 echGreaseSize = 0;
 PRBool enablePostHandshakeAuth = PR_FALSE;
 PRBool enableDelegatedCredentials = PR_FALSE;
 const secuExporter *enabledExporters = NULL;
@@ -1571,6 +1574,21 @@ run()
         }
     }
 
+    if (echGreaseSize) {
+        rv = SSL_EnableTls13GreaseEch(s, PR_TRUE);
+        if (rv != SECSuccess) {
+            SECU_PrintError(progName, "SSL_EnableTls13GreaseEch failed");
+            error = 1;
+            goto done;
+        }
+        rv = SSL_SetTls13GreaseEchSize(s, echGreaseSize);
+        if (rv != SECSuccess) {
+            SECU_PrintError(progName, "SSL_SetTls13GreaseEchSize failed");
+            error = 1;
+            goto done;
+        }
+    }
+
     if (psk.data) {
         rv = importPsk(s);
         if (rv != SECSuccess) {
@@ -1838,7 +1856,7 @@ main(int argc, char **argv)
     }
 
     optstate = PL_CreateOptState(argc, argv,
-                                 "46A:BCDEFGHI:J:KL:M:N:OP:QR:STUV:W:X:YZa:bc:d:efgh:m:n:op:qr:st:uvw:x:z:");
+                                 "46A:BCDEFGHI:J:KL:M:N:OP:QR:STUV:W:X:YZa:bc:d:efgh:i:m:n:op:qr:st:uvw:x:z:");
     while ((optstatus = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
         switch (optstate->option) {
             case '?':
@@ -1927,6 +1945,14 @@ main(int argc, char **argv)
                 echConfigs = PORT_Strdup(optstate->value);
                 break;
 
+            case 'i':
+                echGreaseSize = PORT_Atoi(optstate->value);
+                if (!echGreaseSize || echGreaseSize > 255) {
+                    fprintf(stderr, "ECH Grease size must be within 1..255 (inclusive).\n");
+                    exit(-1);
+                }
+                break;
+
             case 'P':
                 useDTLS = PR_TRUE;
                 if (!strcmp(optstate->value, "server")) {
diff --git a/lib/ssl/sslsock.c b/lib/ssl/sslsock.c
index 6fc70500d..f8afb7627 100644
--- a/lib/ssl/sslsock.c
+++ b/lib/ssl/sslsock.c
@@ -4413,7 +4413,6 @@ SSLExp_SetTls13GreaseEchSize(PRFileDesc *fd, PRUint8 size)
 {
     sslSocket *ss = ssl_FindSocket(fd);
     if (!ss || size == 0) {
-        exit(-1);
         return SECFailure;
     }
     ssl_Get1stHandshakeLock(ss);