Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic.c @ 7663:75a2817808bf quic
Initial packets are protected with AEAD_AES_128_GCM.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 05 Mar 2020 19:49:49 +0300 |
| parents | d447168ed13f |
| children | ff14b0fe9731 |
comparison
equal
deleted
inserted
replaced
| 7662:d447168ed13f | 7663:75a2817808bf |
|---|---|
| 632 | 632 |
| 633 ad.len = p - ad.data; | 633 ad.len = p - ad.data; |
| 634 | 634 |
| 635 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len); | 635 ngx_quic_hexdump0(c->log, "ad", ad.data, ad.len); |
| 636 | 636 |
| 637 switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl_conn)) & 0xffff) { | 637 if (pkt->level != ssl_encryption_initial) { |
| 638 | 638 switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl_conn)) & 0xffff) { |
| 639 case NGX_AES_128_GCM_SHA256: | 639 |
| 640 case NGX_AES_128_GCM_SHA256: | |
| 641 cipher = EVP_aes_128_gcm(); | |
| 642 break; | |
| 643 | |
| 644 case NGX_AES_256_GCM_SHA384: | |
| 645 cipher = EVP_aes_256_gcm(); | |
| 646 break; | |
| 647 | |
| 648 default: | |
| 649 return NGX_ERROR; | |
| 650 } | |
| 651 | |
| 652 } else { | |
| 640 cipher = EVP_aes_128_gcm(); | 653 cipher = EVP_aes_128_gcm(); |
| 641 break; | |
| 642 | |
| 643 case NGX_AES_256_GCM_SHA384: | |
| 644 cipher = EVP_aes_256_gcm(); | |
| 645 break; | |
| 646 | |
| 647 default: | |
| 648 return NGX_ERROR; | |
| 649 } | 654 } |
| 650 | 655 |
| 651 nonce = ngx_pstrdup(c->pool, &pkt->secret->iv); | 656 nonce = ngx_pstrdup(c->pool, &pkt->secret->iv); |
| 652 if (pkt->level == ssl_encryption_handshake) { | 657 if (pkt->level == ssl_encryption_handshake) { |
| 653 nonce[11] ^= (*pkt->number - 1); | 658 nonce[11] ^= (*pkt->number - 1); |