Implement RFC 9653 and add fuzz tests

Author: philipch07

README.md

@@ -22,6 +22,7 @@
 - [RFC 5061](https://www.rfc-editor.org/rfc/rfc5061.html) — Stream Control Transmission Protocol (SCTP) Dynamic Address Reconfiguration
 - [RFC 4895](https://www.rfc-editor.org/rfc/rfc4895.html) — Authenticated Chunks for the Stream Control Transmission Protocol (SCTP)
 - [RFC 1982](https://www.rfc-editor.org/rfc/rfc1982.html) — Serial Number Arithmetic
+- [RFC 9653](https://www.rfc-editor.org/rfc/rfc9653.html) — Zero Checksum for the Stream Control Transmission Protocol
 
 ### Partial implementations
 Pion only implements the subset of RFC 4960 that is required for WebRTC.

association.go

@@ -269,10 +269,11 @@ type Config struct {
 	NetConn              net.Conn
 	MaxReceiveBufferSize uint32
 	MaxMessageSize       uint32
-	EnableZeroChecksum   bool
-	LoggerFactory        logging.LoggerFactory
-	BlockWrite           bool
-	MTU                  uint32
+	// EnableZeroChecksum enables RFC 9653 and should only be used when SCTP is carried over DTLS.
+	EnableZeroChecksum bool
+	LoggerFactory      logging.LoggerFactory
+	BlockWrite         bool
+	MTU                uint32
 
 	// congestion control configuration
 	// RTOMax is the maximum retransmission timeout in milliseconds
@@ -724,24 +725,16 @@ func (a *Association) unregisterStream(s *Stream, err error) {
 	s.readNotifier.Broadcast()
 }
 
-func chunkMandatoryChecksum(cc []chunk) bool {
-	for _, c := range cc {
-		switch c.(type) {
-		case *chunkInit, *chunkCookieEcho:
-			return true
-		}
-	}
-
-	return false
-}
-
 func (a *Association) marshalPacket(p *packet) ([]byte, error) {
-	return p.marshal(!a.sendZeroChecksum || chunkMandatoryChecksum(p.chunks))
+	// RFC 9653: pass whether zero checksum is allowed on this path.
+	// packet.marshal() will still force a correct CRC for INIT/COOKIE ECHO.
+	return p.marshal(a.sendZeroChecksum)
 }
 
 func (a *Association) unmarshalPacket(raw []byte) (*packet, error) {
 	p := &packet{}
-	if err := p.unmarshal(!a.recvZeroChecksum, raw); err != nil {
+	// Unmarshal with ZCA mode: if a.recvZeroChecksum == true, accept zero checksums per RFC 9653.
+	if err := p.unmarshal(a.recvZeroChecksum, raw); err != nil {
 		return nil, err
 	}
 
@@ -1279,7 +1272,8 @@ func (a *Association) handleInit(pkt *packet, initChunk *chunkInit) ([]*packet,
 				}
 			}
 		case *paramZeroChecksumAcceptable:
-			a.sendZeroChecksum = v.edmid == dtlsErrorDetectionMethod
+			// Only send zero if we allow ZCA and the peer accepts it.
+			a.sendZeroChecksum = a.recvZeroChecksum && (v.edmid == dtlsErrorDetectionMethod)
 		}
 	}
 
@@ -1365,18 +1359,19 @@ func (a *Association) handleInitAck(pkt *packet, initChunkAck *chunkInitAck) err
 
 	var cookieParam *paramStateCookie
 	for _, param := range initChunkAck.params {
-		switch v := param.(type) {
+		switch paramType := param.(type) {
 		case *paramStateCookie:
-			cookieParam = v
+			cookieParam = paramType
 		case *paramSupportedExtensions:
-			for _, t := range v.ChunkTypes {
+			for _, t := range paramType.ChunkTypes {
 				if t == ctForwardTSN {
 					a.log.Debugf("[%s] use ForwardTSN (on initAck)", a.name)
 					a.useForwardTSN = true
 				}
 			}
 		case *paramZeroChecksumAcceptable:
-			a.sendZeroChecksum = v.edmid == dtlsErrorDetectionMethod
+			// Only send zero if we allow ZCA and the peer accepts it.
+			a.sendZeroChecksum = a.recvZeroChecksum && (paramType.edmid == dtlsErrorDetectionMethod)
 		}
 	}
 

association_test.go

@@ -3188,7 +3188,7 @@ func TestAssociationFastRtxWnd(t *testing.T) {
 	for i := 11; i < 14; i++ {
 		ack.gapAckBlocks[0].end = uint16(i) //nolint:gosec // G115
 		pkt := a1.createPacket([]chunk{&ack})
-		pktBuf, err1 := pkt.marshal(true)
+		pktBuf, err1 := pkt.marshal(false)
 		require.NoError(t, err1)
 		dbConn1.inboundHandler(pktBuf)
 	}
@@ -3219,7 +3219,7 @@ func TestAssociationFastRtxWnd(t *testing.T) {
 	//nolint:gosec // G115
 	ack.gapAckBlocks = append(ack.gapAckBlocks, gapAckBlock{start: uint16(end), end: uint16(end)})
 	pkt := a1.createPacket([]chunk{&ack})
-	pktBuf, err := pkt.marshal(true)
+	pktBuf, err := pkt.marshal(false)
 	require.NoError(t, err)
 	dbConn1.inboundHandler(pktBuf)
 	require.Eventually(t, func() bool {
@@ -3258,7 +3258,7 @@ func TestAssociationMaxTSNOffset(t *testing.T) {
 		chunk.tsn = tsn
 		pp := a1.bundleDataChunksIntoPackets(chunks)
 		for _, p := range pp {
-			raw, err := p.marshal(true)
+			raw, err := p.marshal(false)
 			assert.NoError(t, err)
 
 			_, err = a1.netConn.Write(raw)

chunk_cookie_echo.go

@@ -38,13 +38,17 @@ func (c *chunkCookieEcho) unmarshal(raw []byte) error {
 	if c.typ != ctCookieEcho {
 		return fmt.Errorf("%w: actually is %s", ErrChunkTypeNotCookieEcho, c.typ.String())
 	}
+
+	// RFC 9260: flags are reserved; sender sets 0, receiver ignores.
+	// Do not fail if flags != 0.
 	c.cookie = c.raw
 
 	return nil
 }
 
 func (c *chunkCookieEcho) marshal() ([]byte, error) {
 	c.chunkHeader.typ = ctCookieEcho
+	c.chunkHeader.flags = 0 // sender sets 0 (reserved)
 	c.chunkHeader.raw = c.cookie
 
 	return c.chunkHeader.marshal()

chunk_cookie_echo_test.go

@@ -0,0 +1,36 @@
+// SPDX-FileCopyrightText: 2023 The Pion community <https://pion.ly>
+// SPDX-License-Identifier: MIT
+
+package sctp
+
+import (
+	"encoding/binary"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestRFC9653_SenderRule_CookieEchoForcesCRC(t *testing.T) {
+	p := &packet{
+		sourcePort:      7000,
+		destinationPort: 7001,
+		verificationTag: 0x01020304,
+		chunks: []chunk{
+			&chunkCookieEcho{cookie: []byte{0xDE, 0xAD, 0xBE, 0xEF}},
+		},
+	}
+
+	// ZCA enabled: even so, COOKIE ECHO requires a correct CRC32c (non-zero).
+	raw, err := p.marshal(true)
+	assert.NoError(t, err)
+
+	got := binary.LittleEndian.Uint32(raw[8:])
+	assert.NotZero(t, got, "checksum must not be zero when COOKIE ECHO present")
+
+	// Verify correctness of the CRC
+	cp := make([]byte, len(raw))
+	copy(cp, raw)
+	binary.LittleEndian.PutUint32(cp[8:], 0)
+	want := generatePacketChecksum(cp)
+	assert.Equal(t, want, got, "checksum must be the correct CRC32c")
+}

chunk_init.go

@@ -4,6 +4,7 @@
 package sctp // nolint:dupl
 
 import (
+	"encoding/binary"
 	"errors"
 	"fmt"
 )
@@ -21,10 +22,14 @@ See chunkInitCommon for the fixed headers
 	Reserved for ECN Capable (Note 2)   Optional    32768 (0x8000)
 	Host Name IP (Note 3)          		Optional    11
 	Supported IP Types (Note 4)    		Optional    12
+	Zero Checksum Acceptable (RFC 9653) Optional    32769 (0x8001)
 */
 type chunkInit struct {
 	chunkHeader
 	chunkInitCommon
+	// RFC 9653 Zero Checksum Acceptable negotiation
+	zcaPresent bool
+	zcaEDMID   uint32
 }
 
 // Init chunk errors.
@@ -63,6 +68,13 @@ func (i *chunkInit) unmarshal(raw []byte) error {
 		return fmt.Errorf("%w: %v", ErrChunkTypeInitUnmarshalFailed, err) //nolint:errorlint
 	}
 
+	// Parse RFC 9653 ZCA TLV (optional, at most once). Parameters start
+	// immediately after the fixed INIT common body.
+	if len(i.raw) >= initChunkMinLength {
+		present, edmid := scanZCAParamBytes(i.raw)
+		i.zcaPresent, i.zcaEDMID = present, edmid
+	}
+
 	return nil
 }
 
@@ -72,6 +84,13 @@ func (i *chunkInit) marshal() ([]byte, error) {
 		return nil, fmt.Errorf("%w: %v", ErrChunkTypeInitMarshalFailed, err) //nolint:errorlint
 	}
 
+	// Optionally append ZCA (avoid duplicates if chunkInitCommon already added one).
+	if i.zcaPresent {
+		if ok, _ := scanZCAParamBytes(initShared); !ok {
+			initShared = appendZCAParam(initShared, i.zcaEDMID)
+		}
+	}
+
 	i.chunkHeader.typ = ctInit
 	i.chunkHeader.raw = initShared
 
@@ -141,3 +160,56 @@ func (i *chunkInit) check() (abort bool, err error) {
 func (i *chunkInit) String() string {
 	return fmt.Sprintf("%s\n%s", i.chunkHeader, i.chunkInitCommon)
 }
+
+// ZeroChecksumEDMID returns (EDMID, present) negotiated via RFC 9653 ZCA.
+func (i *chunkInit) ZeroChecksumEDMID() (uint32, bool) {
+	return i.zcaEDMID, i.zcaPresent
+}
+
+// scanZCAParamBytes scans a parameter list (in the INIT/INIT-ACK value bytes)
+// for a single ZCA TLV and returns (isPresent, edmid, isDup).
+func scanZCAParamBytes(b []byte) (bool, uint32) {
+	const typZCA = uint16(zeroChecksumAcceptable)
+
+	off := initFixedValueLen
+	for {
+		if off+4 > len(b) { // not enough for a param header
+			return false, 0
+		}
+
+		typ := binary.BigEndian.Uint16(b[off : off+2])
+		length := int(binary.BigEndian.Uint16(b[off+2 : off+4]))
+
+		if length < 4 || off+length > len(b) { // malformed/truncated
+			return false, 0
+		}
+
+		if typ == typZCA && length == 8 {
+			edmid := binary.BigEndian.Uint32(b[off+4 : off+8])
+
+			return true, edmid
+		}
+
+		nxt := off + length
+
+		if rem := length & 3; rem != 0 { // 4-byte padding
+			nxt += 4 - rem
+		}
+
+		if nxt <= off || nxt > len(b) {
+			return false, 0
+		}
+
+		off = nxt
+	}
+}
+
+// appendZCAParam appends a single ZCA TLV.
+func appendZCAParam(dst []byte, edmid uint32) []byte {
+	var tlv [8]byte
+	binary.BigEndian.PutUint16(tlv[0:2], uint16(zeroChecksumAcceptable))
+	binary.BigEndian.PutUint16(tlv[2:4], 8)
+	binary.BigEndian.PutUint32(tlv[4:8], edmid)
+
+	return append(dst, tlv[:]...)
+}

chunk_init_ack.go

@@ -20,11 +20,15 @@ See chunkInitCommon for the fixed headers
 	IPv6 IP (Note 1)               		Optional    6
 	Unrecognized Parameter              Optional    8
 	Reserved for ECN Capable (Note 2)   Optional    32768 (0x8000)
-	Host Name IP (Note 3)          		Optional    11<Paste>
+	Host Name IP (Note 3)          		Optional    11
+	Zero Checksum Acceptable (RFC 9653) Optional    32769 (0x8001)
 */
 type chunkInitAck struct {
 	chunkHeader
 	chunkInitCommon
+	// RFC 9653 Zero Checksum Acceptable negotiation
+	zcaPresent bool
+	zcaEDMID   uint32
 }
 
 // Init ack chunk errors.
@@ -62,6 +66,13 @@ func (i *chunkInitAck) unmarshal(raw []byte) error {
 		return fmt.Errorf("%w: %v", ErrInitAckUnmarshalFailed, err) //nolint:errorlint
 	}
 
+	// Parse RFC 9653 ZCA TLV (optional, at most once). Parameters start
+	// immediately after the fixed INIT-ACK common body.
+	if len(i.raw) >= initChunkMinLength {
+		present, edmid := scanZCAParamBytes(i.raw)
+		i.zcaPresent, i.zcaEDMID = present, edmid
+	}
+
 	return nil
 }
 
@@ -71,6 +82,13 @@ func (i *chunkInitAck) marshal() ([]byte, error) {
 		return nil, fmt.Errorf("%w: %v", ErrInitCommonDataMarshalFailed, err) //nolint:errorlint
 	}
 
+	// Optionally append ZCA (avoid duplicates).
+	if i.zcaPresent {
+		if ok, _ := scanZCAParamBytes(initShared); !ok {
+			initShared = appendZCAParam(initShared, i.zcaEDMID)
+		}
+	}
+
 	i.chunkHeader.typ = ctInitAck
 	i.chunkHeader.raw = initShared
 
@@ -143,3 +161,7 @@ func (i *chunkInitAck) check() (abort bool, err error) {
 func (i *chunkInitAck) String() string {
 	return fmt.Sprintf("%s\n%s", i.chunkHeader, i.chunkInitCommon)
 }
+
+func (i *chunkInitAck) ZeroChecksumEDMID() (uint32, bool) {
+	return i.zcaEDMID, i.zcaPresent
+}

chunk_init_common.go

@@ -55,6 +55,9 @@ type chunkInitCommon struct {
 const (
 	initChunkMinLength          = 16
 	initOptionalVarHeaderLength = 4
+
+	// RFC 9260 section 3.3.2 & section 3.3.3: INIT/INIT-ACK have a 16-byte fixed value before params.
+	initFixedValueLen = 16
 )
 
 // Init chunk errors.