Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_protection.c @ 8716:1c48629cfa74 quic
QUIC: added error handling to ngx_hkdf_extract()/ngx_hkdf_expand().
The OpenSSL variant of functions lacked proper error processing.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Thu, 11 Mar 2021 14:43:01 +0300 |
| parents | 44b4c6180106 |
| children | 0f8565e0fc76 |
comparison
equal
deleted
inserted
replaced
| 8715:6bb924b00e30 | 8716:1c48629cfa74 |
|---|---|
| 303 static ngx_int_t | 303 static ngx_int_t |
| 304 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, | 304 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, |
| 305 const uint8_t *prk, size_t prk_len, const u_char *info, size_t info_len) | 305 const uint8_t *prk, size_t prk_len, const u_char *info, size_t info_len) |
| 306 { | 306 { |
| 307 #ifdef OPENSSL_IS_BORINGSSL | 307 #ifdef OPENSSL_IS_BORINGSSL |
| 308 | |
| 308 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) | 309 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) |
| 309 == 0) | 310 == 0) |
| 310 { | 311 { |
| 311 return NGX_ERROR; | 312 return NGX_ERROR; |
| 312 } | 313 } |
| 314 | |
| 315 return NGX_OK; | |
| 316 | |
| 313 #else | 317 #else |
| 314 | 318 |
| 315 EVP_PKEY_CTX *pctx; | 319 EVP_PKEY_CTX *pctx; |
| 316 | 320 |
| 317 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); | 321 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); |
| 322 if (pctx == NULL) { | |
| 323 return NGX_ERROR; | |
| 324 } | |
| 318 | 325 |
| 319 if (EVP_PKEY_derive_init(pctx) <= 0) { | 326 if (EVP_PKEY_derive_init(pctx) <= 0) { |
| 320 return NGX_ERROR; | 327 goto failed; |
| 321 } | 328 } |
| 322 | 329 |
| 323 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { | 330 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { |
| 324 return NGX_ERROR; | 331 goto failed; |
| 325 } | 332 } |
| 326 | 333 |
| 327 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { | 334 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { |
| 328 return NGX_ERROR; | 335 goto failed; |
| 329 } | 336 } |
| 330 | 337 |
| 331 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { | 338 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { |
| 332 return NGX_ERROR; | 339 goto failed; |
| 333 } | 340 } |
| 334 | 341 |
| 335 if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { | 342 if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { |
| 336 return NGX_ERROR; | 343 goto failed; |
| 337 } | 344 } |
| 338 | 345 |
| 339 if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { | 346 if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { |
| 340 return NGX_ERROR; | 347 goto failed; |
| 341 } | 348 } |
| 342 | 349 |
| 343 #endif | 350 return NGX_OK; |
| 344 | 351 |
| 345 return NGX_OK; | 352 failed: |
| 353 | |
| 354 EVP_PKEY_CTX_free(pctx); | |
| 355 | |
| 356 return NGX_ERROR; | |
| 357 | |
| 358 #endif | |
| 346 } | 359 } |
| 347 | 360 |
| 348 | 361 |
| 349 static ngx_int_t | 362 static ngx_int_t |
| 350 ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, | 363 ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, |
| 351 const u_char *secret, size_t secret_len, const u_char *salt, | 364 const u_char *secret, size_t secret_len, const u_char *salt, |
| 352 size_t salt_len) | 365 size_t salt_len) |
| 353 { | 366 { |
| 354 #ifdef OPENSSL_IS_BORINGSSL | 367 #ifdef OPENSSL_IS_BORINGSSL |
| 368 | |
| 355 if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, | 369 if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, |
| 356 salt_len) | 370 salt_len) |
| 357 == 0) | 371 == 0) |
| 358 { | 372 { |
| 359 return NGX_ERROR; | 373 return NGX_ERROR; |
| 360 } | 374 } |
| 375 | |
| 376 return NGX_OK; | |
| 377 | |
| 361 #else | 378 #else |
| 362 | 379 |
| 363 EVP_PKEY_CTX *pctx; | 380 EVP_PKEY_CTX *pctx; |
| 364 | 381 |
| 365 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); | 382 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); |
| 383 if (pctx == NULL) { | |
| 384 return NGX_ERROR; | |
| 385 } | |
| 366 | 386 |
| 367 if (EVP_PKEY_derive_init(pctx) <= 0) { | 387 if (EVP_PKEY_derive_init(pctx) <= 0) { |
| 368 return NGX_ERROR; | 388 goto failed; |
| 369 } | 389 } |
| 370 | 390 |
| 371 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { | 391 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { |
| 372 return NGX_ERROR; | 392 goto failed; |
| 373 } | 393 } |
| 374 | 394 |
| 375 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { | 395 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { |
| 376 return NGX_ERROR; | 396 goto failed; |
| 377 } | 397 } |
| 378 | 398 |
| 379 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { | 399 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { |
| 380 return NGX_ERROR; | 400 goto failed; |
| 381 } | 401 } |
| 382 | 402 |
| 383 if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { | 403 if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { |
| 384 return NGX_ERROR; | 404 goto failed; |
| 385 } | 405 } |
| 386 | 406 |
| 387 if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { | 407 if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { |
| 388 return NGX_ERROR; | 408 goto failed; |
| 389 } | 409 } |
| 390 | 410 |
| 391 #endif | 411 return NGX_OK; |
| 392 | 412 |
| 393 return NGX_OK; | 413 failed: |
| 414 | |
| 415 EVP_PKEY_CTX_free(pctx); | |
| 416 | |
| 417 return NGX_ERROR; | |
| 418 | |
| 419 #endif | |
| 394 } | 420 } |
| 395 | 421 |
| 396 | 422 |
| 397 static ngx_int_t | 423 static ngx_int_t |
| 398 ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, | 424 ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s, |