Mercurial > hg > nginx

diff src/event/ngx_event_quic.c @ 8171:4daf03d2bd0a quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
OpenSSL compatibility.
author Sergey Kandaurov <pluknet@nginx.com>
date Fri, 28 Feb 2020 13:09:51 +0300
parents
children 76e29ff31cd3
line wrap: on
line diff
new file mode 100644
--- /dev/null
+++ b/src/event/ngx_event_quic.c
@@ -0,0 +1,165 @@
+#include <ngx_config.h>
+#include <ngx_core.h>
+#include <ngx_event.h>
+
+
+uint64_t
+ngx_quic_parse_int(u_char **pos)
+{
+    u_char      *p;
+    uint64_t     value;
+    ngx_uint_t   len;
+
+    p = *pos;
+    len = 1 << ((*p & 0xc0) >> 6);
+    value = *p++ & 0x3f;
+
+    while (--len) {
+        value = (value << 8) + *p++;
+    }
+
+    *pos = p;
+    return value;
+}
+
+
+void
+ngx_quic_build_int(u_char **pos, uint64_t value)
+{
+    u_char      *p;
+    ngx_uint_t   len;//, len2;
+
+    p = *pos;
+    len = 0;
+
+    while (value >> ((1 << len) * 8 - 2)) {
+        len++;
+    }
+
+    *p = len << 6;
+
+//    len2 =
+    len = (1 << len);
+    len--;
+    *p |= value >> (len * 8);
+    p++;
+
+    while (len) {
+        *p++ = value >> ((len-- - 1) * 8);
+    }
+
+    *pos = p;
+//    return len2;
+}
+
+
+uint64_t
+ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask)
+{
+    u_char      *p;
+    uint64_t     value;
+
+    p = *pos;
+    value = *p++ ^ *mask++;
+
+    while (--len) {
+        value = (value << 8) + (*p++ ^ *mask++);
+    }
+
+    *pos = p;
+    return value;
+}
+
+
+ngx_int_t
+ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest,
+    const u_char *secret, size_t secret_len, const u_char *salt,
+    size_t salt_len)
+{
+#ifdef OPENSSL_IS_BORINGSSL
+    if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt,
+                     salt_len)
+        == 0)
+    {
+        return NGX_ERROR;
+    }
+#else
+
+    EVP_PKEY_CTX  *pctx;
+
+    pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+    if (EVP_PKEY_derive_init(pctx) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) {
+        return NGX_ERROR;
+    }
+
+#endif
+
+    return NGX_OK;
+}
+
+
+ngx_int_t
+ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest,
+    const u_char *prk, size_t prk_len, const u_char *info, size_t info_len)
+{
+#ifdef OPENSSL_IS_BORINGSSL
+    if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len)
+        == 0)
+    {
+        return NGX_ERROR;
+    }
+#else
+
+    EVP_PKEY_CTX  *pctx;
+
+    pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+
+    if (EVP_PKEY_derive_init(pctx) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) {
+        return NGX_ERROR;
+    }
+
+    if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) {
+        return NGX_ERROR;
+    }
+
+#endif
+
+    return NGX_OK;
+}