Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_tokens.h @ 9132:77c1418916f7
QUIC: use AEAD to encrypt address validation tokens.
Previously used AES256-CBC is now substituted with AES256-GCM. Although there
seem to be no tangible consequences of token integrity loss.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Thu, 08 Jun 2023 14:58:01 +0400 |
parents | 3550b00d9dc8 |
children |
comparison
equal
deleted
inserted
replaced
9131:f73dfa6c0696 | 9132:77c1418916f7 |
---|---|
13 | 13 |
14 | 14 |
15 #define NGX_QUIC_MAX_TOKEN_SIZE 64 | 15 #define NGX_QUIC_MAX_TOKEN_SIZE 64 |
16 /* SHA-1(addr)=20 + sizeof(time_t) + retry(1) + odcid.len(1) + odcid */ | 16 /* SHA-1(addr)=20 + sizeof(time_t) + retry(1) + odcid.len(1) + odcid */ |
17 | 17 |
18 /* RFC 3602, 2.1 and 2.4 for AES-CBC block size and IV length */ | 18 #define NGX_QUIC_AES_256_GCM_IV_LEN 12 |
19 #define NGX_QUIC_AES_256_CBC_IV_LEN 16 | 19 #define NGX_QUIC_AES_256_GCM_TAG_LEN 16 |
20 #define NGX_QUIC_AES_256_CBC_BLOCK_SIZE 16 | |
21 | 20 |
22 #define NGX_QUIC_TOKEN_BUF_SIZE (NGX_QUIC_AES_256_CBC_IV_LEN \ | 21 #define NGX_QUIC_TOKEN_BUF_SIZE (NGX_QUIC_AES_256_GCM_IV_LEN \ |
23 + NGX_QUIC_MAX_TOKEN_SIZE \ | 22 + NGX_QUIC_MAX_TOKEN_SIZE \ |
24 + NGX_QUIC_AES_256_CBC_BLOCK_SIZE) | 23 + NGX_QUIC_AES_256_GCM_TAG_LEN) |
25 | 24 |
26 | 25 |
27 ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, | 26 ngx_int_t ngx_quic_new_sr_token(ngx_connection_t *c, ngx_str_t *cid, |
28 u_char *secret, u_char *token); | 27 u_char *secret, u_char *token); |
29 ngx_int_t ngx_quic_new_token(ngx_log_t *log, struct sockaddr *sockaddr, | 28 ngx_int_t ngx_quic_new_token(ngx_log_t *log, struct sockaddr *sockaddr, |