Mercurial > hg > nginx
diff src/event/ngx_event_quic.c @ 8178:a9ff4392ecde quic
QUIC header protection routines, introduced ngx_quic_tls_hp().
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Fri, 28 Feb 2020 13:09:52 +0300 |
| parents | 76e29ff31cd3 |
| children | 7ee1ada04c8a |
line wrap: on
line diff
--- a/src/event/ngx_event_quic.c +++ b/src/event/ngx_event_quic.c @@ -371,3 +371,37 @@ ngx_quic_tls_seal(ngx_connection_t *c, c return NGX_OK; } + + +ngx_int_t +ngx_quic_tls_hp(ngx_connection_t *c, const EVP_CIPHER *cipher, + ngx_quic_secret_t *s, u_char *out, u_char *in) +{ + int outlen; + EVP_CIPHER_CTX *ctx; + + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) { + return NGX_ERROR; + } + + if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, NULL) != 1) { + ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptInit_ex() failed"); + goto failed; + } + + if (!EVP_EncryptUpdate(ctx, out, &outlen, in, 16)) { + ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptUpdate() failed"); + goto failed; + } + + EVP_CIPHER_CTX_free(ctx); + + return NGX_OK; + +failed: + + EVP_CIPHER_CTX_free(ctx); + + return NGX_ERROR; +}