Mercurial > hg > nginx
annotate src/event/ngx_event_quic_protection.c @ 8285:f85749b60e58 quic
Removed memory allocations from encryption code.
+ ngx_quic_encrypt():
- no longer accepts pool as argument
- pkt is 1st arg
- payload is passed as pkt->payload
- performs encryption to the specified static buffer
+ ngx_quic_create_long/short_packet() functions:
- single buffer for everything, allocated by caller
- buffer layout is: [ ad | payload | TAG ]
the result is in the beginning of buffer with proper length
- nonce is calculated on stack
- log is passed explicitly, pkt is 1st arg
- no more allocations inside
+ ngx_quic_create_long_header():
- args changed: no need to pass str_t
+ added ngx_quic_create_short_header()
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Thu, 26 Mar 2020 12:11:50 +0300 |
| parents | d45325e90221 |
| children | ccb9cc95ad5e |
| rev | line source |
|---|---|
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
1 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
2 /* |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Nginx, Inc. |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
4 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
5 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
6 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_event.h> |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
10 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
11 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
12 #define NGX_QUIC_IV_LEN 12 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
13 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
14 #define NGX_AES_128_GCM_SHA256 0x1301 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
15 #define NGX_AES_256_GCM_SHA384 0x1302 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
16 #define NGX_CHACHA20_POLY1305_SHA256 0x1303 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
17 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
18 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
19 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
20 #define ngx_quic_cipher_t EVP_AEAD |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
21 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
22 #define ngx_quic_cipher_t EVP_CIPHER |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
23 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
24 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
25 typedef struct { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
26 const ngx_quic_cipher_t *c; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
27 const EVP_CIPHER *hp; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
28 const EVP_MD *d; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
29 } ngx_quic_ciphers_t; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
30 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
31 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
32 static ngx_int_t ngx_hkdf_expand(u_char *out_key, size_t out_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
33 const EVP_MD *digest, const u_char *prk, size_t prk_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
34 const u_char *info, size_t info_len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
35 static ngx_int_t ngx_hkdf_extract(u_char *out_key, size_t *out_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
36 const EVP_MD *digest, const u_char *secret, size_t secret_len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
37 const u_char *salt, size_t salt_len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
38 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
39 static uint64_t ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
40 static ngx_int_t ngx_quic_ciphers(ngx_ssl_conn_t *ssl_conn, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
41 ngx_quic_ciphers_t *ciphers, enum ssl_encryption_level_t level); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
42 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
43 static ngx_int_t ngx_quic_tls_open(ngx_pool_t *pool, const ngx_quic_cipher_t *cipher, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
44 ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
45 ngx_str_t *ad); |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
46 static ngx_int_t ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
47 ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
48 ngx_str_t *ad, ngx_log_t *log); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
49 static ngx_int_t ngx_quic_tls_hp(ngx_log_t *log, const EVP_CIPHER *cipher, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
50 ngx_quic_secret_t *s, u_char *out, u_char *in); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
51 static ngx_int_t ngx_quic_hkdf_expand(ngx_pool_t *pool, const EVP_MD *digest, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
52 ngx_str_t *out, ngx_str_t *label, const uint8_t *prk, size_t prk_len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
53 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
54 static ssize_t ngx_quic_create_long_packet(ngx_quic_header_t *pkt, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
55 ngx_ssl_conn_t *ssl_conn, ngx_str_t *res); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
56 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
57 static ssize_t ngx_quic_create_short_packet(ngx_quic_header_t *pkt, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
58 ngx_ssl_conn_t *ssl_conn, ngx_str_t *res); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
59 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
60 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
61 static ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
62 ngx_quic_ciphers(ngx_ssl_conn_t *ssl_conn, ngx_quic_ciphers_t *ciphers, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
63 enum ssl_encryption_level_t level) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
64 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
65 ngx_int_t id, len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
66 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
67 if (level == ssl_encryption_initial) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
68 id = NGX_AES_128_GCM_SHA256; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
69 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
70 } else { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
71 id = SSL_CIPHER_get_id(SSL_get_current_cipher(ssl_conn)) & 0xffff; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
72 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
73 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
74 switch (id) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
75 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
76 case NGX_AES_128_GCM_SHA256: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
77 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
78 ciphers->c = EVP_aead_aes_128_gcm(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
79 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
80 ciphers->c = EVP_aes_128_gcm(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
81 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
82 ciphers->hp = EVP_aes_128_ctr(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
83 ciphers->d = EVP_sha256(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
84 len = 16; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
85 break; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
86 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
87 case NGX_AES_256_GCM_SHA384: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
88 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
89 ciphers->c = EVP_aead_aes_256_gcm(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
90 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
91 ciphers->c = EVP_aes_256_gcm(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
92 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
93 ciphers->hp = EVP_aes_256_ctr(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
94 ciphers->d = EVP_sha384(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
95 len = 32; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
96 break; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
97 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
98 case NGX_CHACHA20_POLY1305_SHA256: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
99 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
100 ciphers->c = EVP_aead_chacha20_poly1305(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
101 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
102 ciphers->c = EVP_chacha20_poly1305(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
103 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
104 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
105 ciphers->hp = (const EVP_CIPHER *) EVP_aead_chacha20_poly1305(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
106 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
107 ciphers->hp = EVP_chacha20(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
108 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
109 ciphers->d = EVP_sha256(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
110 len = 32; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
111 break; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
112 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
113 default: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
114 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
115 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
116 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
117 return len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
118 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
119 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
120 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
121 ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
122 ngx_quic_set_initial_secret(ngx_pool_t *pool, ngx_quic_secrets_t *qsec, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
123 ngx_str_t *secret) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
124 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
125 size_t is_len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
126 uint8_t is[SHA256_DIGEST_LENGTH]; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
127 ngx_uint_t i; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
128 const EVP_MD *digest; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
129 const EVP_CIPHER *cipher; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
130 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
131 static const uint8_t salt[20] = |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
132 "\xc3\xee\xf7\x12\xc7\x2e\xbb\x5a\x11\xa7" |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
133 "\xd2\x43\x2b\xb4\x63\x65\xbe\xf9\xf5\x02"; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
134 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
135 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
136 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
137 cipher = EVP_aes_128_gcm(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
138 digest = EVP_sha256(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
139 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
140 if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
141 salt, sizeof(salt)) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
142 != NGX_OK) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
143 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
144 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
145 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
146 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
147 ngx_str_t iss = { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
148 .data = is, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
149 .len = is_len |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
150 }; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
151 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
152 ngx_quic_hexdump0(pool->log, "salt", salt, sizeof(salt)); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
153 ngx_quic_hexdump0(pool->log, "initial secret", is, is_len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
154 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
155 /* draft-ietf-quic-tls-23#section-5.2 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
156 qsec->client.in.secret.len = SHA256_DIGEST_LENGTH; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
157 qsec->server.in.secret.len = SHA256_DIGEST_LENGTH; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
158 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
159 qsec->client.in.key.len = EVP_CIPHER_key_length(cipher); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
160 qsec->server.in.key.len = EVP_CIPHER_key_length(cipher); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
161 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
162 qsec->client.in.hp.len = EVP_CIPHER_key_length(cipher); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
163 qsec->server.in.hp.len = EVP_CIPHER_key_length(cipher); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
164 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
165 qsec->client.in.iv.len = EVP_CIPHER_iv_length(cipher); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
166 qsec->server.in.iv.len = EVP_CIPHER_iv_length(cipher); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
167 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
168 struct { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
169 ngx_str_t label; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
170 ngx_str_t *key; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
171 ngx_str_t *prk; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
172 } seq[] = { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
173 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
174 /* draft-ietf-quic-tls-23#section-5.2 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
175 { ngx_string("tls13 client in"), &qsec->client.in.secret, &iss }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
176 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
177 ngx_string("tls13 quic key"), |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
178 &qsec->client.in.key, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
179 &qsec->client.in.secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
180 }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
181 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
182 ngx_string("tls13 quic iv"), |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
183 &qsec->client.in.iv, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
184 &qsec->client.in.secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
185 }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
186 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
187 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
188 ngx_string("tls13 quic hp"), |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
189 &qsec->client.in.hp, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
190 &qsec->client.in.secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
191 }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
192 { ngx_string("tls13 server in"), &qsec->server.in.secret, &iss }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
193 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
194 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
195 ngx_string("tls13 quic key"), |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
196 &qsec->server.in.key, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
197 &qsec->server.in.secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
198 }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
199 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
200 ngx_string("tls13 quic iv"), |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
201 &qsec->server.in.iv, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
202 &qsec->server.in.secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
203 }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
204 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
205 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
206 ngx_string("tls13 quic hp"), |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
207 &qsec->server.in.hp, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
208 &qsec->server.in.secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
209 }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
210 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
211 }; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
212 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
213 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
214 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
215 if (ngx_quic_hkdf_expand(pool, digest, seq[i].key, &seq[i].label, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
216 seq[i].prk->data, seq[i].prk->len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
217 != NGX_OK) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
218 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
219 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
220 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
221 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
222 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
223 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
224 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
225 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
226 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
227 static ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
228 ngx_quic_hkdf_expand(ngx_pool_t *pool, const EVP_MD *digest, ngx_str_t *out, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
229 ngx_str_t *label, const uint8_t *prk, size_t prk_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
230 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
231 size_t info_len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
232 uint8_t *p; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
233 uint8_t info[20]; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
234 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
235 out->data = ngx_pnalloc(pool, out->len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
236 if (out->data == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
237 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
238 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
239 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
240 info_len = 2 + 1 + label->len + 1; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
241 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
242 info[0] = 0; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
243 info[1] = out->len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
244 info[2] = label->len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
245 p = ngx_cpymem(&info[3], label->data, label->len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
246 *p = '\0'; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
247 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
248 if (ngx_hkdf_expand(out->data, out->len, digest, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
249 prk, prk_len, info, info_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
250 != NGX_OK) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
251 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
252 ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
253 "ngx_hkdf_expand(%V) failed", label); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
254 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
255 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
256 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
257 ngx_quic_hexdump(pool->log, "%V info", info, info_len, label); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
258 ngx_quic_hexdump(pool->log, "%V key", out->data, out->len, label); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
259 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
260 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
261 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
262 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
263 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
264 static ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
265 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
266 const uint8_t *prk, size_t prk_len, const u_char *info, size_t info_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
267 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
268 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
269 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
270 == 0) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
271 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
272 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
273 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
274 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
275 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
276 EVP_PKEY_CTX *pctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
277 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
278 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
279 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
280 if (EVP_PKEY_derive_init(pctx) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
281 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
282 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
283 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
284 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
285 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
286 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
287 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
288 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
289 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
290 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
291 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
292 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
293 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
294 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
295 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
296 if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
297 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
298 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
299 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
300 if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
301 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
302 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
303 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
304 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
305 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
306 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
307 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
308 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
309 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
310 static ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
311 ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
312 const u_char *secret, size_t secret_len, const u_char *salt, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
313 size_t salt_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
314 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
315 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
316 if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
317 salt_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
318 == 0) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
319 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
320 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
321 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
322 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
323 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
324 EVP_PKEY_CTX *pctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
325 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
326 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
327 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
328 if (EVP_PKEY_derive_init(pctx) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
329 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
330 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
331 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
332 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
333 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
334 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
335 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
336 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
337 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
338 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
339 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
340 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
341 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
342 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
343 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
344 if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
345 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
346 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
347 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
348 if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
349 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
350 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
351 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
352 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
353 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
354 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
355 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
356 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
357 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
358 static ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
359 ngx_quic_tls_open(ngx_pool_t *pool, const ngx_quic_cipher_t *cipher, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
360 ngx_quic_secret_t *s, ngx_str_t *out, u_char *nonce, ngx_str_t *in, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
361 ngx_str_t *ad) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
362 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
363 ngx_log_t *log; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
364 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
365 log = pool->log; // TODO: pass log ? |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
366 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
367 out->len = in->len - EVP_GCM_TLS_TAG_LEN; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
368 out->data = ngx_pnalloc(pool, out->len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
369 if (out->data == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
370 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
371 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
372 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
373 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
374 EVP_AEAD_CTX *ctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
375 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
376 ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
377 EVP_AEAD_DEFAULT_TAG_LENGTH); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
378 if (ctx == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
379 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
380 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
381 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
382 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
383 if (EVP_AEAD_CTX_open(ctx, out->data, &out->len, out->len, nonce, s->iv.len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
384 in->data, in->len, ad->data, ad->len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
385 != 1) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
386 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
387 EVP_AEAD_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
388 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_open() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
389 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
390 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
391 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
392 EVP_AEAD_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
393 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
394 int len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
395 u_char *tag; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
396 EVP_CIPHER_CTX *ctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
397 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
398 ctx = EVP_CIPHER_CTX_new(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
399 if (ctx == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
400 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CIPHER_CTX_new() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
401 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
402 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
403 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
404 if (EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
405 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
406 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptInit_ex() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
407 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
408 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
409 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
410 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
411 == 0) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
412 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
413 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
414 ngx_ssl_error(NGX_LOG_INFO, log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
415 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
416 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
417 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
418 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
419 if (EVP_DecryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
420 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
421 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptInit_ex() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
422 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
423 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
424 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
425 if (EVP_DecryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
426 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
427 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
428 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
429 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
430 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
431 if (EVP_DecryptUpdate(ctx, out->data, &len, in->data, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
432 in->len - EVP_GCM_TLS_TAG_LEN) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
433 != 1) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
434 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
435 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
436 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptUpdate() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
437 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
438 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
439 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
440 out->len = len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
441 tag = in->data + in->len - EVP_GCM_TLS_TAG_LEN; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
442 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
443 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, EVP_GCM_TLS_TAG_LEN, tag) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
444 == 0) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
445 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
446 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
447 ngx_ssl_error(NGX_LOG_INFO, log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
448 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_TAG) failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
449 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
450 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
451 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
452 if (EVP_DecryptFinal_ex(ctx, out->data + len, &len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
453 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
454 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_DecryptFinal_ex failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
455 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
456 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
457 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
458 out->len += len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
459 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
460 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
461 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
462 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
463 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
464 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
465 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
466 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
467 static ngx_int_t |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
468 ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
469 ngx_str_t *out, u_char *nonce, ngx_str_t *in, ngx_str_t *ad, ngx_log_t *log) |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
470 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
471 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
472 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
473 EVP_AEAD_CTX *ctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
474 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
475 ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
476 EVP_AEAD_DEFAULT_TAG_LENGTH); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
477 if (ctx == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
478 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
479 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
480 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
481 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
482 if (EVP_AEAD_CTX_seal(ctx, out->data, &out->len, out->len, nonce, s->iv.len, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
483 in->data, in->len, ad->data, ad->len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
484 != 1) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
485 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
486 EVP_AEAD_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
487 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_seal() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
488 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
489 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
490 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
491 EVP_AEAD_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
492 #else |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
493 int len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
494 EVP_CIPHER_CTX *ctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
495 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
496 ctx = EVP_CIPHER_CTX_new(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
497 if (ctx == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
498 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CIPHER_CTX_new() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
499 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
500 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
501 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
502 if (EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
503 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
504 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
505 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
506 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
507 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
508 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
509 == 0) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
510 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
511 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
512 ngx_ssl_error(NGX_LOG_INFO, log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
513 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
514 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
515 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
516 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
517 if (EVP_EncryptInit_ex(ctx, NULL, NULL, s->key.data, nonce) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
518 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
519 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
520 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
521 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
522 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
523 if (EVP_EncryptUpdate(ctx, NULL, &len, ad->data, ad->len) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
524 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
525 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
526 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
527 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
528 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
529 if (EVP_EncryptUpdate(ctx, out->data, &len, in->data, in->len) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
530 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
531 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
532 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
533 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
534 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
535 out->len = len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
536 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
537 if (EVP_EncryptFinal_ex(ctx, out->data + out->len, &len) <= 0) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
538 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
539 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptFinal_ex failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
540 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
541 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
542 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
543 out->len += len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
544 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
545 if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, EVP_GCM_TLS_TAG_LEN, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
546 out->data + in->len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
547 == 0) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
548 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
549 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
550 ngx_ssl_error(NGX_LOG_INFO, log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
551 "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_GET_TAG) failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
552 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
553 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
554 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
555 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
556 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
557 out->len += EVP_GCM_TLS_TAG_LEN; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
558 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
559 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
560 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
561 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
562 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
563 static ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
564 ngx_quic_tls_hp(ngx_log_t *log, const EVP_CIPHER *cipher, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
565 ngx_quic_secret_t *s, u_char *out, u_char *in) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
566 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
567 int outlen; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
568 EVP_CIPHER_CTX *ctx; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
569 u_char zero[5] = {0}; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
570 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
571 #ifdef OPENSSL_IS_BORINGSSL |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
572 uint32_t counter; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
573 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
574 ngx_memcpy(&counter, in, sizeof(uint32_t)); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
575 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
576 if (cipher == (const EVP_CIPHER *) EVP_aead_chacha20_poly1305()) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
577 CRYPTO_chacha_20(out, zero, 5, s->hp.data, &in[4], counter); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
578 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
579 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
580 #endif |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
581 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
582 ctx = EVP_CIPHER_CTX_new(); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
583 if (ctx == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
584 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
585 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
586 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
587 if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, in) != 1) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
588 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
589 goto failed; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
590 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
591 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
592 if (!EVP_EncryptUpdate(ctx, out, &outlen, zero, 5)) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
593 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptUpdate() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
594 goto failed; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
595 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
596 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
597 if (!EVP_EncryptFinal_ex(ctx, out + 5, &outlen)) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
598 ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptFinal_Ex() failed"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
599 goto failed; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
600 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
601 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
602 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
603 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
604 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
605 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
606 failed: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
607 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
608 EVP_CIPHER_CTX_free(ctx); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
609 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
610 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
611 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
612 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
613 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
614 int |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
615 ngx_quic_set_encryption_secret(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
616 enum ssl_encryption_level_t level, const uint8_t *secret, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
617 size_t secret_len, ngx_quic_peer_secrets_t *qsec) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
618 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
619 ngx_int_t key_len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
620 ngx_uint_t i; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
621 ngx_quic_secret_t *peer_secret; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
622 ngx_quic_ciphers_t ciphers; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
623 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
624 key_len = ngx_quic_ciphers(ssl_conn, &ciphers, level); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
625 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
626 if (key_len == NGX_ERROR) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
627 ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher"); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
628 return 0; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
629 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
630 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
631 switch (level) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
632 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
633 case ssl_encryption_handshake: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
634 peer_secret= &qsec->hs; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
635 break; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
636 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
637 case ssl_encryption_application: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
638 peer_secret = &qsec->ad; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
639 break; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
640 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
641 default: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
642 return 0; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
643 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
644 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
645 peer_secret->key.len = key_len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
646 peer_secret->iv.len = NGX_QUIC_IV_LEN; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
647 peer_secret->hp.len = key_len; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
648 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
649 struct { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
650 ngx_str_t label; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
651 ngx_str_t *key; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
652 const uint8_t *secret; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
653 } seq[] = { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
654 { ngx_string("tls13 quic key"), &peer_secret->key, secret }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
655 { ngx_string("tls13 quic iv"), &peer_secret->iv, secret }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
656 { ngx_string("tls13 quic hp"), &peer_secret->hp, secret }, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
657 }; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
658 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
659 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
660 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
661 if (ngx_quic_hkdf_expand(pool, ciphers.d, seq[i].key, &seq[i].label, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
662 seq[i].secret, secret_len) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
663 != NGX_OK) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
664 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
665 return 0; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
666 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
667 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
668 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
669 return 1; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
670 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
671 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
672 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
673 static ssize_t |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
674 ngx_quic_create_long_packet(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
675 ngx_str_t *res) |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
676 { |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
677 u_char *pnp, *sample; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
678 uint64_t pn; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
679 ngx_str_t ad, out; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
680 ngx_quic_ciphers_t ciphers; |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
681 u_char nonce[12], mask[16]; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
682 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
683 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
684 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
685 ad.data = res->data; |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
686 ad.len = ngx_quic_create_long_header(pkt, ad.data, out.len, &pnp); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
687 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
688 out.data = res->data + ad.len; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
689 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
690 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
691 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
692 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
693 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
694 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
695 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
696 ngx_memcpy(nonce, pkt->secret->iv.data, pkt->secret->iv.len); |
|
8224
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8221
diff
changeset
|
697 pn = *pkt->number; |
|
ae35ccba7aa6
Extracted transport part of the code into separate file.
Vladimir Homutov <vl@nginx.com>
parents:
8221
diff
changeset
|
698 nonce[11] ^= pn; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
699 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
700 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
701 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
702 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
703 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
704 nonce, &pkt->payload, &ad, pkt->log) |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
705 != NGX_OK) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
706 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
707 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
708 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
709 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
710 sample = &out.data[3]; // pnl=0 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
711 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
712 != NGX_OK) |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
713 { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
714 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
715 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
716 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
717 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
718 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
719 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
720 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
721 // header protection, pnl = 0 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
722 ad.data[0] ^= mask[0] & 0x0f; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
723 *pnp ^= mask[1]; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
724 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
725 res->len = ad.len + out.len; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
726 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
727 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
728 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
729 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
730 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
731 static ssize_t |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
732 ngx_quic_create_short_packet(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
733 ngx_str_t *res) |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
734 { |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
735 u_char *pnp, *sample; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
736 ngx_str_t ad, out; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
737 ngx_quic_ciphers_t ciphers; |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
738 u_char nonce[12], mask[16]; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
739 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
740 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
741 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
742 ad.data = res->data; |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
743 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
744 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
745 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
746 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
747 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
748 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
749 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
750 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
751 ngx_memcpy(nonce, pkt->secret->iv.data, pkt->secret->iv.len); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
752 if (pkt->level == ssl_encryption_handshake |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
753 || pkt->level == ssl_encryption_application) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
754 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
755 nonce[11] ^= *pkt->number; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
756 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
757 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
758 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
759 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
760 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
761 out.data = res->data + ad.len; |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
762 |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
763 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, nonce, &pkt->payload, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
764 &ad, pkt->log) |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
765 != NGX_OK) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
766 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
767 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
768 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
769 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
770 ngx_quic_hexdump0(pkt->log, "out", out.data, out.len); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
771 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
772 sample = &out.data[3]; // pnl=0 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
773 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
774 != NGX_OK) |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
775 { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
776 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
777 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
778 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
779 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
780 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
781 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
782 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
783 // header protection, pnl = 0 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
784 ad.data[0] ^= mask[0] & 0x1f; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
785 *pnp ^= mask[1]; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
786 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
787 res->len = ad.len + out.len; |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
788 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
789 ngx_quic_hexdump0(pkt->log, "packet", res->data, res->len); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
790 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
791 return NGX_OK; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
792 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
793 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
794 |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
795 static uint64_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
796 ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
797 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
798 u_char *p; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
799 uint64_t value; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
800 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
801 p = *pos; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
802 value = *p++ ^ *mask++; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
803 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
804 while (--len) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
805 value = (value << 8) + (*p++ ^ *mask++); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
806 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
807 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
808 *pos = p; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
809 return value; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
810 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
811 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
812 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
813 ssize_t |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
814 ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
|
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
815 ngx_str_t *res) |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
816 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
817 if (pkt->level == ssl_encryption_application) { |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
818 return ngx_quic_create_short_packet(pkt, ssl_conn, res); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
819 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
820 |
|
8285
f85749b60e58
Removed memory allocations from encryption code.
Vladimir Homutov <vl@nginx.com>
parents:
8265
diff
changeset
|
821 return ngx_quic_create_long_packet(pkt, ssl_conn, res); |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
822 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
823 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
824 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
825 ngx_int_t |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
826 ngx_quic_decrypt(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
827 ngx_quic_header_t *pkt) |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
828 { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
829 u_char clearflags, *p, *sample; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
830 uint8_t *nonce; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
831 uint64_t pn; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
832 ngx_log_t *log; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
833 ngx_int_t pnl, rc; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
834 ngx_str_t in, ad; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
835 ngx_quic_ciphers_t ciphers; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
836 uint8_t mask[16]; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
837 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
838 log = pool->log; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
839 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
840 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
841 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
842 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
843 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
844 p = pkt->raw->pos; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
845 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
846 /* draft-ietf-quic-tls-23#section-5.4.2: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
847 * the Packet Number field is assumed to be 4 bytes long |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
848 * draft-ietf-quic-tls-23#section-5.4.[34]: |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
849 * AES-Based and ChaCha20-Based header protections sample 16 bytes |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
850 */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
851 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
852 sample = p + 4; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
853 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
854 ngx_quic_hexdump0(log, "sample", sample, 16); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
855 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
856 /* header protection */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
857 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
858 if (ngx_quic_tls_hp(log, ciphers.hp, pkt->secret, mask, sample) != NGX_OK) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
859 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
860 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
861 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8224
diff
changeset
|
862 if (ngx_quic_long_pkt(pkt->flags)) { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
863 clearflags = pkt->flags ^ (mask[0] & 0x0f); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
864 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
865 } else { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
866 clearflags = pkt->flags ^ (mask[0] & 0x1f); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
867 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
868 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
869 pnl = (clearflags & 0x03) + 1; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
870 pn = ngx_quic_parse_pn(&p, pnl, &mask[1]); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
871 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
872 pkt->pn = pn; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
873 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
874 ngx_quic_hexdump0(log, "mask", mask, 5); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
875 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
876 "quic clear flags: %xi", clearflags); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
877 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, log, 0, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
878 "quic packet number: %uL, len: %xi", pn, pnl); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
879 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
880 /* packet protection */ |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
881 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
882 in.data = p; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
883 |
|
8251
c217a907ce42
Added checks for permitted frame types.
Vladimir Homutov <vl@nginx.com>
parents:
8224
diff
changeset
|
884 if (ngx_quic_long_pkt(pkt->flags)) { |
|
8221
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
885 in.len = pkt->len - pnl; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
886 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
887 } else { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
888 in.len = pkt->data + pkt->len - p; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
889 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
890 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
891 ad.len = p - pkt->data; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
892 ad.data = ngx_pnalloc(pool, ad.len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
893 if (ad.data == NULL) { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
894 return NGX_ERROR; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
895 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
896 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
897 ngx_memcpy(ad.data, pkt->data, ad.len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
898 ad.data[0] = clearflags; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
899 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
900 do { |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
901 ad.data[ad.len - pnl] = pn >> (8 * (pnl - 1)) % 256; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
902 } while (--pnl); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
903 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
904 nonce = ngx_pstrdup(pool, &pkt->secret->iv); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
905 nonce[11] ^= pn; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
906 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
907 ngx_quic_hexdump0(log, "nonce", nonce, 12); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
908 ngx_quic_hexdump0(log, "ad", ad.data, ad.len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
909 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
910 rc = ngx_quic_tls_open(pool, ciphers.c, pkt->secret, &pkt->payload, |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
911 nonce, &in, &ad); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
912 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
913 ngx_quic_hexdump0(log, "packet payload", |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
914 pkt->payload.data, pkt->payload.len); |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
915 |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
916 return rc; |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
917 } |
|
69345a26ba69
Split transport and crypto parts into separate files.
Vladimir Homutov <vl@nginx.com>
parents:
diff
changeset
|
918 |