Mercurial > hg > nginx

comparison src/event/ngx_event_quic_protection.c @ 8306:058a5af7ddfc quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Refactored QUIC secrets storage. The quic->keys[4] array now contains secrets related to the corresponding encryption level. All protection-level functions get proper keys and do not need to switch manually between levels.
author Vladimir Homutov <vl@nginx.com>
date Wed, 01 Apr 2020 14:25:25 +0300
parents 2ac03e80d013
children dc7ac778aafe
comparison
equal deleted inserted replaced
8305:e35f824f644d 8306:058a5af7ddfc
116 return len; 116 return len;
117 } 117 }
118 118
119 119
120 ngx_int_t 120 ngx_int_t
121 ngx_quic_set_initial_secret(ngx_pool_t *pool, ngx_quic_secrets_t *qsec, 121 ngx_quic_set_initial_secret(ngx_pool_t *pool, ngx_quic_secret_t *client,
122 ngx_str_t *secret) 122 ngx_quic_secret_t *server, ngx_str_t *secret)
123 { 123 {
124 size_t is_len; 124 size_t is_len;
125 uint8_t is[SHA256_DIGEST_LENGTH]; 125 uint8_t is[SHA256_DIGEST_LENGTH];
126 ngx_uint_t i; 126 ngx_uint_t i;
127 const EVP_MD *digest; 127 const EVP_MD *digest;
150 150
151 ngx_quic_hexdump0(pool->log, "salt", salt, sizeof(salt)); 151 ngx_quic_hexdump0(pool->log, "salt", salt, sizeof(salt));
152 ngx_quic_hexdump0(pool->log, "initial secret", is, is_len); 152 ngx_quic_hexdump0(pool->log, "initial secret", is, is_len);
153 153
154 /* draft-ietf-quic-tls-23#section-5.2 */ 154 /* draft-ietf-quic-tls-23#section-5.2 */
155 qsec->client.in.secret.len = SHA256_DIGEST_LENGTH; 155 client->secret.len = SHA256_DIGEST_LENGTH;
156 qsec->server.in.secret.len = SHA256_DIGEST_LENGTH; 156 server->secret.len = SHA256_DIGEST_LENGTH;
157 157
158 qsec->client.in.key.len = EVP_CIPHER_key_length(cipher); 158 client->key.len = EVP_CIPHER_key_length(cipher);
159 qsec->server.in.key.len = EVP_CIPHER_key_length(cipher); 159 server->key.len = EVP_CIPHER_key_length(cipher);
160 160
161 qsec->client.in.hp.len = EVP_CIPHER_key_length(cipher); 161 client->hp.len = EVP_CIPHER_key_length(cipher);
162 qsec->server.in.hp.len = EVP_CIPHER_key_length(cipher); 162 server->hp.len = EVP_CIPHER_key_length(cipher);
163 163
164 qsec->client.in.iv.len = EVP_CIPHER_iv_length(cipher); 164 client->iv.len = EVP_CIPHER_iv_length(cipher);
165 qsec->server.in.iv.len = EVP_CIPHER_iv_length(cipher); 165 server->iv.len = EVP_CIPHER_iv_length(cipher);
166 166
167 struct { 167 struct {
168 ngx_str_t label; 168 ngx_str_t label;
169 ngx_str_t *key; 169 ngx_str_t *key;
170 ngx_str_t *prk; 170 ngx_str_t *prk;
171 } seq[] = { 171 } seq[] = {
172 172
173 /* draft-ietf-quic-tls-23#section-5.2 */ 173 /* draft-ietf-quic-tls-23#section-5.2 */
174 { ngx_string("tls13 client in"), &qsec->client.in.secret, &iss }, 174 { ngx_string("tls13 client in"), &client->secret, &iss },
175 { 175 {
176 ngx_string("tls13 quic key"), 176 ngx_string("tls13 quic key"),
177 &qsec->client.in.key, 177 &client->key,
178 &qsec->client.in.secret, 178 &client->secret,
179 }, 179 },
180 { 180 {
181 ngx_string("tls13 quic iv"), 181 ngx_string("tls13 quic iv"),
182 &qsec->client.in.iv, 182 &client->iv,
183 &qsec->client.in.secret, 183 &client->secret,
184 }, 184 },
185 { 185 {
186 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ 186 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */
187 ngx_string("tls13 quic hp"), 187 ngx_string("tls13 quic hp"),
188 &qsec->client.in.hp, 188 &client->hp,
189 &qsec->client.in.secret, 189 &client->secret,
190 }, 190 },
191 { ngx_string("tls13 server in"), &qsec->server.in.secret, &iss }, 191 { ngx_string("tls13 server in"), &server->secret, &iss },
192 { 192 {
193 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ 193 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */
194 ngx_string("tls13 quic key"), 194 ngx_string("tls13 quic key"),
195 &qsec->server.in.key, 195 &server->key,
196 &qsec->server.in.secret, 196 &server->secret,
197 }, 197 },
198 { 198 {
199 ngx_string("tls13 quic iv"), 199 ngx_string("tls13 quic iv"),
200 &qsec->server.in.iv, 200 &server->iv,
201 &qsec->server.in.secret, 201 &server->secret,
202 }, 202 },
203 { 203 {
204 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ 204 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */
205 ngx_string("tls13 quic hp"), 205 ngx_string("tls13 quic hp"),
206 &qsec->server.in.hp, 206 &server->hp,
207 &qsec->server.in.secret, 207 &server->secret,
208 }, 208 },
209 209
210 }; 210 };
211 211
212 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) { 212 for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
602 602
603 603
604 int 604 int
605 ngx_quic_set_encryption_secret(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn, 605 ngx_quic_set_encryption_secret(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn,
606 enum ssl_encryption_level_t level, const uint8_t *secret, 606 enum ssl_encryption_level_t level, const uint8_t *secret,
607 size_t secret_len, ngx_quic_peer_secrets_t *qsec) 607 size_t secret_len, ngx_quic_secret_t *peer_secret)
608 { 608 {
609 ngx_int_t key_len; 609 ngx_int_t key_len;
610 ngx_uint_t i; 610 ngx_uint_t i;
611 ngx_quic_secret_t *peer_secret; 611 ngx_quic_ciphers_t ciphers;
612 ngx_quic_ciphers_t ciphers;
613 612
614 key_len = ngx_quic_ciphers(ssl_conn, &ciphers, level); 613 key_len = ngx_quic_ciphers(ssl_conn, &ciphers, level);
615 614
616 if (key_len == NGX_ERROR) { 615 if (key_len == NGX_ERROR) {
617 ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher"); 616 ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, "unexpected cipher");
618 return 0; 617 return 0;
619 } 618 }
620 619
621 switch (level) { 620 if (level == ssl_encryption_initial) {
622
623 case ssl_encryption_early_data:
624 peer_secret = &qsec->ed;
625 break;
626
627 case ssl_encryption_handshake:
628 peer_secret = &qsec->hs;
629 break;
630
631 case ssl_encryption_application:
632 peer_secret = &qsec->ad;
633 break;
634
635 default:
636 return 0; 621 return 0;
637 } 622 }
638 623
639 peer_secret->key.len = key_len; 624 peer_secret->key.len = key_len;
640 peer_secret->iv.len = NGX_QUIC_IV_LEN; 625 peer_secret->iv.len = NGX_QUIC_IV_LEN;