Mercurial > hg > nginx

comparison src/event/ngx_event_quic_protection.c @ 8318:1bb5e8538d0c quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Removed excessive debugging in QUIC packet creation. While here, eliminated further difference in between.
author Sergey Kandaurov <pluknet@nginx.com>
date Sat, 04 Apr 2020 17:34:39 +0300
parents 435fed8e2489
children 29354c6fc5f2
comparison
equal deleted inserted replaced
8317:435fed8e2489 8318:1bb5e8538d0c
696 { 696 {
697 return NGX_ERROR; 697 return NGX_ERROR;
698 } 698 }
699 699
700 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); 700 ngx_quic_hexdump0(pkt->log, "sample", sample, 16);
701 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); 701 ngx_quic_hexdump0(pkt->log, "mask", mask, 5);
702 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16);
703 702
704 /* quic-tls: 5.4.1. Header Protection Application */ 703 /* quic-tls: 5.4.1. Header Protection Application */
705 ad.data[0] ^= mask[0] & 0x0f; 704 ad.data[0] ^= mask[0] & 0x0f;
706 705
707 for (i = 0; i < pkt->num_len; i++) { 706 for (i = 0; i < pkt->num_len; i++) {
727 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; 726 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN;
728 727
729 ad.data = res->data; 728 ad.data = res->data;
730 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp); 729 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp);
731 730
731 out.data = res->data + ad.len;
732
732 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); 733 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len);
733 734
734 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { 735 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) {
735 return NGX_ERROR; 736 return NGX_ERROR;
736 } 737 }
743 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); 744 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number);
744 745
745 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); 746 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12);
746 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); 747 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12);
747 748
748 out.data = res->data + ad.len; 749 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out,
749 750 nonce, &pkt->payload, &ad, pkt->log)
750 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, nonce, &pkt->payload,
751 &ad, pkt->log)
752 != NGX_OK) 751 != NGX_OK)
753 { 752 {
754 return NGX_ERROR; 753 return NGX_ERROR;
755 } 754 }
756
757 ngx_quic_hexdump0(pkt->log, "out", out.data, out.len);
758 755
759 sample = &out.data[4 - pkt->num_len]; 756 sample = &out.data[4 - pkt->num_len];
760 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) 757 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample)
761 != NGX_OK) 758 != NGX_OK)
762 { 759 {
763 return NGX_ERROR; 760 return NGX_ERROR;
764 } 761 }
765 762
766 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); 763 ngx_quic_hexdump0(pkt->log, "sample", sample, 16);
767 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); 764 ngx_quic_hexdump0(pkt->log, "mask", mask, 5);
768 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16);
769 765
770 /* quic-tls: 5.4.1. Header Protection Application */ 766 /* quic-tls: 5.4.1. Header Protection Application */
771 ad.data[0] ^= mask[0] & 0x1f; 767 ad.data[0] ^= mask[0] & 0x1f;
772 768
773 for (i = 0; i < pkt->num_len; i++) { 769 for (i = 0; i < pkt->num_len; i++) {
774 pnp[i] ^= mask[i + 1]; 770 pnp[i] ^= mask[i + 1];
775 } 771 }
776 772
777 res->len = ad.len + out.len; 773 res->len = ad.len + out.len;
778
779 ngx_quic_hexdump0(pkt->log, "packet", res->data, res->len);
780 774
781 return NGX_OK; 775 return NGX_OK;
782 } 776 }
783 777
784 778