Mercurial > hg > nginx

view src/event/ngx_event_quic_protection.h @ 8324:7cca3624f9c4 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added check for SSL_get_current_cipher() results. The function may return NULL and result need to be checked before use.
author Vladimir Homutov <vl@nginx.com>
date Sat, 04 Apr 2020 22:25:41 +0300
parents 29354c6fc5f2
children aba84d9ab256
line wrap: on
line source


/*
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_
#define _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_


#define NGX_QUIC_ENCRYPTION_LAST  ((ssl_encryption_application) + 1)


typedef struct ngx_quic_secret_s {
    ngx_str_t                 secret;
    ngx_str_t                 key;
    ngx_str_t                 iv;
    ngx_str_t                 hp;
} ngx_quic_secret_t;


typedef struct {
    ngx_quic_secret_t         client;
    ngx_quic_secret_t         server;
} ngx_quic_secrets_t;


ngx_int_t ngx_quic_set_initial_secret(ngx_pool_t *pool,
    ngx_quic_secret_t *client, ngx_quic_secret_t *server,
    ngx_str_t *secret);

int ngx_quic_set_encryption_secret(ngx_pool_t *pool, ngx_ssl_conn_t *ssl_conn,
    enum ssl_encryption_level_t level, const uint8_t *secret, size_t secret_len,
    ngx_quic_secret_t *peer_secret);

ngx_int_t ngx_quic_key_update(ngx_connection_t *c,
    ngx_quic_secrets_t *current, ngx_quic_secrets_t *next);

ssize_t ngx_quic_encrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn,
     ngx_str_t *res);

ngx_int_t ngx_quic_decrypt(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn);


#endif /* _NGX_EVENT_QUIC_PROTECTION_H_INCLUDED_ */