)]}'
{"/PATCHSET_LEVEL":[{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"75c1c258dac39b864977eb43f57ef620f15278a3","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"b35e2942_be26c87a","updated":"2024-11-20 19:56:59.000000000","message":"Thanks for the review.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"4e09c14977bb69df482262d57813d7a0412f4652","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"bc5a5906_99c26d15","updated":"2024-11-20 16:48:24.000000000","message":"The implementation of HKDF-Expand is correct, but the implementation of HKDF-Expand-Label is slightly wrong in a way that causes different (label, context) pairs to produce identical keys (in a predictable way).\n\nAnother thing: Are there any plans to actually use the context argument?","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"2dd1959e042036651ac7e7630255dd3157874a58","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":4,"id":"6129e45a_b4c195ca","in_reply_to":"ac2af949_465e96ef","updated":"2024-11-24 12:47:54.000000000","message":"Fixed","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"47a3204c6aeab41f8b33796076a0701b6d94fa85","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":4,"id":"ac2af949_465e96ef","in_reply_to":"bc5a5906_99c26d15","updated":"2024-11-20 16:53:08.000000000","message":"By \"predictable\" I mean non-random. Of course there are always (label, context) pairs that randomly produce the same output. But with this implementation, it\u0027s easy to find such pairs.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"9c0818170654bbcd878b4faceb360545fa6aeb08","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":5,"id":"ec515f15_396ecb1e","updated":"2024-11-23 00:00:15.000000000","message":"The ovpn_expand_label() function looks good to me now. I have some nitpicks but it should work correctly. Also, I really like that you added a test to see that it produces the same result as OpenSSL!","commit_id":"ea7c9e1414bbba30d5fbff08f387bd5f9b9de09f"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"2dd1959e042036651ac7e7630255dd3157874a58","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"af6b44bb_b33c39cb","updated":"2024-11-24 12:47:54.000000000","message":"Looks good to me!","commit_id":"6d49c9ddaf2a602d7ef4565774b6bc9bd5588edf"},{"author":{"_account_id":1000001,"name":"flichtenheld","display_name":"Frank Lichtenheld","email":"frank@lichtenheld.com","username":"flichtenheld","status":"OpenVPN Inc."},"change_message_id":"f84e342e7458431f5de888b2238f1583e4edcc3c","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":6,"id":"2aba2ca6_a42dd123","updated":"2024-11-28 10:10:05.000000000","message":"Note that this needs an uncrustify fix","commit_id":"6d49c9ddaf2a602d7ef4565774b6bc9bd5588edf"},{"author":{"_account_id":1000002,"name":"cron2","display_name":"Gert Doering","email":"gert@greenie.muc.de","username":"cron2"},"change_message_id":"58eb9ae4c4e1e556695ab25872cf42afb9db2b37","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":9,"id":"2f681b12_93170fb0","updated":"2024-12-21 22:23:42.000000000","message":"I\u0027ll take the +2 from MaxF on v7, uncrustify got fixed in v8, and the \"expectation\" comment will be fixed on the fly.","commit_id":"5c9155649a89f9dbb4a46e1d40244af55e8186c3"}],"src/openvpn/crypto_epoch.c":[{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"4e09c14977bb69df482262d57813d7a0412f4652","unresolved":true,"context_lines":[{"line_number":64,"context_line":""},{"line_number":65,"context_line":"        memcpy(out + out_offset, t_prev, copylen);"},{"line_number":66,"context_line":"    }"},{"line_number":67,"context_line":"    hmac_ctx_cleanup(hmac_ctx);"},{"line_number":68,"context_line":"    hmac_ctx_free(hmac_ctx);"},{"line_number":69,"context_line":"}"},{"line_number":70,"context_line":""},{"line_number":71,"context_line":"bool"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"006aedfa_6f857acd","line":68,"range":{"start_line":67,"start_character":0,"end_line":68,"end_character":28},"updated":"2024-11-20 16:48:24.000000000","message":"Not exactly about this commit itself, but looking at these functions, it\u0027s not clear to me why we need both. The doc comments for both say \"free the HMAC context\".","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"75c1c258dac39b864977eb43f57ef620f15278a3","unresolved":true,"context_lines":[{"line_number":64,"context_line":""},{"line_number":65,"context_line":"        memcpy(out + out_offset, t_prev, copylen);"},{"line_number":66,"context_line":"    }"},{"line_number":67,"context_line":"    hmac_ctx_cleanup(hmac_ctx);"},{"line_number":68,"context_line":"    hmac_ctx_free(hmac_ctx);"},{"line_number":69,"context_line":"}"},{"line_number":70,"context_line":""},{"line_number":71,"context_line":"bool"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"496fe9e5_57694e82","line":68,"range":{"start_line":67,"start_character":0,"end_line":68,"end_character":28},"in_reply_to":"006aedfa_6f857acd","updated":"2024-11-20 19:56:59.000000000","message":"mbed TLS needs both:\n\nvoid\nmd_ctx_cleanup(mbedtls_md_context_t *ctx)\n{\n    mbedtls_md_free(ctx);\n}\n\n\nvoid\nhmac_ctx_free(mbedtls_md_context_t *ctx)\n{\n    free(ctx);\n}\n\n\nThey do different things and you need both otherwise you leave memory behind.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"9c0818170654bbcd878b4faceb360545fa6aeb08","unresolved":false,"context_lines":[{"line_number":64,"context_line":""},{"line_number":65,"context_line":"        memcpy(out + out_offset, t_prev, copylen);"},{"line_number":66,"context_line":"    }"},{"line_number":67,"context_line":"    hmac_ctx_cleanup(hmac_ctx);"},{"line_number":68,"context_line":"    hmac_ctx_free(hmac_ctx);"},{"line_number":69,"context_line":"}"},{"line_number":70,"context_line":""},{"line_number":71,"context_line":"bool"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"4f1de082_54f44df5","line":68,"range":{"start_line":67,"start_character":0,"end_line":68,"end_character":28},"in_reply_to":"496fe9e5_57694e82","updated":"2024-11-23 00:00:15.000000000","message":"Makes sense!","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"4e09c14977bb69df482262d57813d7a0412f4652","unresolved":true,"context_lines":[{"line_number":80,"context_line":"         * and assume that the secret size matches the size of the"},{"line_number":81,"context_line":"         * hash (SHA256) key */"},{"line_number":82,"context_line":"        return false;"},{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"ea9a9a5f_e4e2916c","line":83,"updated":"2024-11-20 16:48:24.000000000","message":"We could check label_len and context_len too:\n* label_len \u003c\u003d 250 (because the total length including prefix must be \u003c\u003d 255)\n* context_len \u003c\u003d 255","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"75c1c258dac39b864977eb43f57ef620f15278a3","unresolved":false,"context_lines":[{"line_number":80,"context_line":"         * and assume that the secret size matches the size of the"},{"line_number":81,"context_line":"         * hash (SHA256) key */"},{"line_number":82,"context_line":"        return false;"},{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"38a2fb96_8e7628d3","line":83,"in_reply_to":"ea9a9a5f_e4e2916c","updated":"2024-11-20 19:56:59.000000000","message":"Acknowledged","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"4e09c14977bb69df482262d57813d7a0412f4652","unresolved":true,"context_lines":[{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"},{"line_number":87,"context_line":"    int hkdf_label_len \u003d 2 + 5 + label_len + context_len;"},{"line_number":88,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":89,"context_line":""},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":92,"context_line":"    buf_write(\u0026hkdf_label, \"ovpn \", 5);"},{"line_number":93,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":94,"context_line":"    if (context_len \u003e 0)"},{"line_number":95,"context_line":"    {"},{"line_number":96,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":97,"context_line":"    }"},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":100,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":4,"id":"b32d3125_e4ee1228","line":97,"range":{"start_line":86,"start_character":0,"end_line":97,"end_character":5},"updated":"2024-11-20 16:48:24.000000000","message":"That\u0027s not exactly how this works. When an RFC specifies a variable-length array, it has to be prefixed with a fixed-size length field. In this case, the maximum length for label and context is 255 each, so the length fields are 1 byte. See RFC 1832.\n\nThat means hkdf_label_len \u003d 2 + 1 + 5 + label_len + 1 + context_len.\n\nThe label needs to be prefixed with label_len + 5 (the prefix is counted), the context is prefixed with context_len.\n\nOtherwise, the inputs would be ambiguous: label \u003d \"abcdef\", context \u003d \"\" and label \u003d \"abc\", context \u003d \"def\" would give the same result.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"0a1ec4991ef92c812b75b2e4de699265939232e7","unresolved":true,"context_lines":[{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"},{"line_number":87,"context_line":"    int hkdf_label_len \u003d 2 + 5 + label_len + context_len;"},{"line_number":88,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":89,"context_line":""},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":92,"context_line":"    buf_write(\u0026hkdf_label, \"ovpn \", 5);"},{"line_number":93,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":94,"context_line":"    if (context_len \u003e 0)"},{"line_number":95,"context_line":"    {"},{"line_number":96,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":97,"context_line":"    }"},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":100,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":4,"id":"66b3a85e_5d30ac1a","line":97,"range":{"start_line":86,"start_character":0,"end_line":97,"end_character":5},"in_reply_to":"5ded05ce_c4d2d7a5","updated":"2024-11-20 21:28:48.000000000","message":"TLS 1.3 does use length fields here, it\u0027s implied by the \"opaque label\u003c7..255\u003e\" notation.\n\nYou can look at the implementations in OpenSSL or mbed TLS. For example, see ssl_tls13_hkdf_encode_label() in https://github.com/Mbed-TLS/mbedtls/blob/development/library/ssl_tls13_keys.c\n\nRemoving the context argument and otherwise leaving the function as-is is fine.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"74819a4df37ac3576d26dfa0a74ef39c01332e73","unresolved":true,"context_lines":[{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"},{"line_number":87,"context_line":"    int hkdf_label_len \u003d 2 + 5 + label_len + context_len;"},{"line_number":88,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":89,"context_line":""},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":92,"context_line":"    buf_write(\u0026hkdf_label, \"ovpn \", 5);"},{"line_number":93,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":94,"context_line":"    if (context_len \u003e 0)"},{"line_number":95,"context_line":"    {"},{"line_number":96,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":97,"context_line":"    }"},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":100,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":4,"id":"a9e383fb_853c2f64","line":97,"range":{"start_line":86,"start_character":0,"end_line":97,"end_character":5},"in_reply_to":"66b3a85e_5d30ac1a","updated":"2024-11-21 13:07:14.000000000","message":"Yeah, you are right. I think I still want to modify it to be the same as in the TLS standard as that is propabably better in the long run, especially for DCO implementation as they then may reuse something written for TLS in kernel etc.\n\nI just now have to figure out why OpenSSL ends up having 0x00 0x54 between opvn and unit test in the expanded label and if that is on purpose or if I messed up using the OpenSSL API.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"9c0818170654bbcd878b4faceb360545fa6aeb08","unresolved":false,"context_lines":[{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"},{"line_number":87,"context_line":"    int hkdf_label_len \u003d 2 + 5 + label_len + context_len;"},{"line_number":88,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":89,"context_line":""},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":92,"context_line":"    buf_write(\u0026hkdf_label, \"ovpn \", 5);"},{"line_number":93,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":94,"context_line":"    if (context_len \u003e 0)"},{"line_number":95,"context_line":"    {"},{"line_number":96,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":97,"context_line":"    }"},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":100,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":4,"id":"a592ddf7_ad5c9cd2","line":97,"range":{"start_line":86,"start_character":0,"end_line":97,"end_character":5},"in_reply_to":"a9e383fb_853c2f64","updated":"2024-11-23 00:00:15.000000000","message":"I agree, it\u0027s a good idea to keep it close to the TLS standard. Also makes it easier if someone else is going to review it in the future.\n\nThe current implementation looks good to me!","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"75c1c258dac39b864977eb43f57ef620f15278a3","unresolved":true,"context_lines":[{"line_number":83,"context_line":"    }"},{"line_number":84,"context_line":""},{"line_number":85,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":86,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \" */"},{"line_number":87,"context_line":"    int hkdf_label_len \u003d 2 + 5 + label_len + context_len;"},{"line_number":88,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":89,"context_line":""},{"line_number":90,"context_line":""},{"line_number":91,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":92,"context_line":"    buf_write(\u0026hkdf_label, \"ovpn \", 5);"},{"line_number":93,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":94,"context_line":"    if (context_len \u003e 0)"},{"line_number":95,"context_line":"    {"},{"line_number":96,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":97,"context_line":"    }"},{"line_number":98,"context_line":""},{"line_number":99,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":100,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":4,"id":"5ded05ce_c4d2d7a5","line":97,"range":{"start_line":86,"start_character":0,"end_line":97,"end_character":5},"in_reply_to":"b32d3125_e4ee1228","updated":"2024-11-20 19:56:59.000000000","message":"Hm, I know what you are saying, at the same time, TLS 1.3 also doesn\u0027t add that extra byte for the context length:\n\nhttps://datatracker.ietf.org/doc/html/rfc8446#section-7.1\n\nI think the label and context is rather theorectical since we a) always have the same label and b) don\u0027t use context at all.\n\nSo I can just remove the possibility to use context from this function if that function if that makes things better. This was intended to do the same as TLS 1.3 just with \"ovpn \" instead of \"tls13 \"\n\nI think what TLS RFC fails to mention and I also fail to mention is that you this label construction is a bit brittle in the sense that you have described, ie. you need to ensure that all the labels you are using this function with are not prefixes of each other.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"9c0818170654bbcd878b4faceb360545fa6aeb08","unresolved":true,"context_lines":[{"line_number":86,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":87,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \","},{"line_number":88,"context_line":"     * 1 byte for context len byte and 1 byte for label len byte */"},{"line_number":89,"context_line":"    int hkdf_label_len \u003d 2 + 5 + 1 + label_len + 1 + context_len;"},{"line_number":90,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":91,"context_line":""},{"line_number":92,"context_line":"    const uint8_t *label_prefix \u003d (const uint8_t *) (\"ovpn \");"},{"line_number":93,"context_line":"    int prefix_len \u003d 5;"},{"line_number":94,"context_line":""},{"line_number":95,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":96,"context_line":"    buf_write_u8(\u0026hkdf_label, prefix_len + label_len);"}],"source_content_type":"text/x-csrc","patch_set":5,"id":"2574664f_9fe72c38","line":93,"range":{"start_line":89,"start_character":0,"end_line":93,"end_character":23},"updated":"2024-11-23 00:00:15.000000000","message":"You could move the prefix_len declaration up and replace the \"5\" in hkdf_label_len with it.","commit_id":"ea7c9e1414bbba30d5fbff08f387bd5f9b9de09f"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"2d40e3d74531cb410220e679cfbd529cf6f9674a","unresolved":false,"context_lines":[{"line_number":86,"context_line":"    struct gc_arena gc \u003d gc_new();"},{"line_number":87,"context_line":"    /* 2 byte for the outlen encoded as uint16, 5 bytes for \"ovpn \","},{"line_number":88,"context_line":"     * 1 byte for context len byte and 1 byte for label len byte */"},{"line_number":89,"context_line":"    int hkdf_label_len \u003d 2 + 5 + 1 + label_len + 1 + context_len;"},{"line_number":90,"context_line":"    struct buffer hkdf_label \u003d alloc_buf_gc(hkdf_label_len, \u0026gc);"},{"line_number":91,"context_line":""},{"line_number":92,"context_line":"    const uint8_t *label_prefix \u003d (const uint8_t *) (\"ovpn \");"},{"line_number":93,"context_line":"    int prefix_len \u003d 5;"},{"line_number":94,"context_line":""},{"line_number":95,"context_line":"    buf_write_u16(\u0026hkdf_label, out_len);"},{"line_number":96,"context_line":"    buf_write_u8(\u0026hkdf_label, prefix_len + label_len);"}],"source_content_type":"text/x-csrc","patch_set":5,"id":"3d0b791f_15e4f6e5","line":93,"range":{"start_line":89,"start_character":0,"end_line":93,"end_character":23},"in_reply_to":"2574664f_9fe72c38","updated":"2024-11-23 21:04:00.000000000","message":"Done","commit_id":"ea7c9e1414bbba30d5fbff08f387bd5f9b9de09f"},{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"9c0818170654bbcd878b4faceb360545fa6aeb08","unresolved":true,"context_lines":[{"line_number":98,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":99,"context_line":""},{"line_number":100,"context_line":"    buf_write_u8(\u0026hkdf_label, context_len);"},{"line_number":101,"context_line":"    if (context_len \u003e 0)"},{"line_number":102,"context_line":"    {"},{"line_number":103,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":104,"context_line":"    }"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":107,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":5,"id":"effb4ac6_eb381832","line":104,"range":{"start_line":101,"start_character":0,"end_line":104,"end_character":5},"updated":"2024-11-23 00:00:15.000000000","message":"Why do we need this check? buf_write() doesn\u0027t do anything if context_len is 0 right?\n\n(And if it\u0027s needed, why is it not needed for label?)","commit_id":"ea7c9e1414bbba30d5fbff08f387bd5f9b9de09f"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"2d40e3d74531cb410220e679cfbd529cf6f9674a","unresolved":false,"context_lines":[{"line_number":98,"context_line":"    buf_write(\u0026hkdf_label, label, label_len);"},{"line_number":99,"context_line":""},{"line_number":100,"context_line":"    buf_write_u8(\u0026hkdf_label, context_len);"},{"line_number":101,"context_line":"    if (context_len \u003e 0)"},{"line_number":102,"context_line":"    {"},{"line_number":103,"context_line":"        buf_write(\u0026hkdf_label, context, context_len);"},{"line_number":104,"context_line":"    }"},{"line_number":105,"context_line":""},{"line_number":106,"context_line":"    ASSERT(buf_len(\u0026hkdf_label) \u003d\u003d hkdf_label_len);"},{"line_number":107,"context_line":""}],"source_content_type":"text/x-csrc","patch_set":5,"id":"0f194e22_472a8009","line":104,"range":{"start_line":101,"start_character":0,"end_line":104,"end_character":5},"in_reply_to":"effb4ac6_eb381832","updated":"2024-11-23 21:04:00.000000000","message":"label is supposed to always at least 1 character. I added a check for that.\n\nbuf_write will still call memcpy with a 0 and at least according to C standard the pointer must still be valid so I wanted to be safe.","commit_id":"ea7c9e1414bbba30d5fbff08f387bd5f9b9de09f"}],"src/openvpn/crypto_epoch.h":[{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"4e09c14977bb69df482262d57813d7a0412f4652","unresolved":true,"context_lines":[{"line_number":29,"context_line":"/**"},{"line_number":30,"context_line":" * Implementation of the RFC5869 HKDF-Expand function with the following"},{"line_number":31,"context_line":" * restrictions"},{"line_number":32,"context_line":" *  - salt is always assumed to be zero length (ie not supported)"},{"line_number":33,"context_line":" *  - IKM (secret) is assumed to be always 32 bytes"},{"line_number":34,"context_line":" *  - HASH is always SHA256"},{"line_number":35,"context_line":" *"},{"line_number":36,"context_line":" *  @param secret   the input keying material (HMAC key)"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"152f282d_bc633665","line":33,"range":{"start_line":32,"start_character":0,"end_line":33,"end_character":51},"updated":"2024-11-20 16:48:24.000000000","message":"salt and IKM are arguments for HKDF-Extract, not HKDF-Expand.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"75c1c258dac39b864977eb43f57ef620f15278a3","unresolved":true,"context_lines":[{"line_number":29,"context_line":"/**"},{"line_number":30,"context_line":" * Implementation of the RFC5869 HKDF-Expand function with the following"},{"line_number":31,"context_line":" * restrictions"},{"line_number":32,"context_line":" *  - salt is always assumed to be zero length (ie not supported)"},{"line_number":33,"context_line":" *  - IKM (secret) is assumed to be always 32 bytes"},{"line_number":34,"context_line":" *  - HASH is always SHA256"},{"line_number":35,"context_line":" *"},{"line_number":36,"context_line":" *  @param secret   the input keying material (HMAC key)"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"d8777d7c_f373c906","line":33,"range":{"start_line":32,"start_character":0,"end_line":33,"end_character":51},"in_reply_to":"152f282d_bc633665","updated":"2024-11-20 19:56:59.000000000","message":"You are right. I will remove those as they are not even parameters and we don\u0027t use HDKF-Extract at all.","commit_id":"7c77d3b2075561d74536286689081265a171837e"},{"author":{"_account_id":1000003,"name":"plaisthos","display_name":"Arne Schwabe","email":"arne-openvpn@rfc2549.org","username":"plaisthos"},"change_message_id":"2d40e3d74531cb410220e679cfbd529cf6f9674a","unresolved":false,"context_lines":[{"line_number":29,"context_line":"/**"},{"line_number":30,"context_line":" * Implementation of the RFC5869 HKDF-Expand function with the following"},{"line_number":31,"context_line":" * restrictions"},{"line_number":32,"context_line":" *  - salt is always assumed to be zero length (ie not supported)"},{"line_number":33,"context_line":" *  - IKM (secret) is assumed to be always 32 bytes"},{"line_number":34,"context_line":" *  - HASH is always SHA256"},{"line_number":35,"context_line":" *"},{"line_number":36,"context_line":" *  @param secret   the input keying material (HMAC key)"}],"source_content_type":"text/x-csrc","patch_set":4,"id":"4094583d_be1b5fbb","line":33,"range":{"start_line":32,"start_character":0,"end_line":33,"end_character":51},"in_reply_to":"d8777d7c_f373c906","updated":"2024-11-23 21:04:00.000000000","message":"Done","commit_id":"7c77d3b2075561d74536286689081265a171837e"}],"tests/unit_tests/openvpn/test_crypto.c":[{"author":{"_account_id":1000030,"name":"MaxF","email":"max@max-fillinger.net","username":"MaxF"},"change_message_id":"63a4db8cfce7bc0c3b5bb7caa3c933f53c2c658f","unresolved":true,"context_lines":[{"line_number":466,"context_line":""},{"line_number":467,"context_line":"    assert_int_equal(aeslimit, (1ull \u003c\u003c 36) - 1);"},{"line_number":468,"context_line":""},{"line_number":469,"context_line":"    /* Check if this matches our exception for 1600 size packets assuming"},{"line_number":470,"context_line":"     * AEAD_LIMIT_BLOCKSIZE (128 bits/ 16 bytes). Gives us 100 blocks"},{"line_number":471,"context_line":"     * + 1 for the packet */"},{"line_number":472,"context_line":"    int64_t L \u003d 101;"}],"source_content_type":"text/x-csrc","patch_set":8,"id":"a60b60d0_ab588901","line":469,"range":{"start_line":469,"start_character":33,"end_line":469,"end_character":42},"updated":"2024-12-02 10:31:59.000000000","message":"Do you mean expectation?","commit_id":"1d55d95a5c8d17459354d904872afbc40c48e5fd"}]}