Mercurial > hg > nginx

changeset 8203:ec0c44aa2881 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Chacha20 header protection support with BoringSSL. BoringSSL lacks EVP for Chacha20. Here we use CRYPTO_chacha_20() instead.
author Sergey Kandaurov <pluknet@nginx.com>
date Tue, 10 Mar 2020 19:15:12 +0300
parents a4ed2305ad2c
children 9e0c30e1f7fb
files src/event/ngx_event_openssl.h src/event/ngx_event_quic.c
diffstat 2 files changed, 15 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -25,6 +25,7 @@
 #include <openssl/evp.h>
 #ifdef OPENSSL_IS_BORINGSSL
 #include <openssl/hkdf.h>
+#include <openssl/chacha.h>
 #else
 #include <openssl/kdf.h>
 #endif
--- a/src/event/ngx_event_quic.c
+++ b/src/event/ngx_event_quic.c
@@ -2053,6 +2053,17 @@ ngx_quic_tls_hp(ngx_connection_t *c, con
     EVP_CIPHER_CTX  *ctx;
     u_char           zero[5] = {0};
 
+#ifdef OPENSSL_IS_BORINGSSL
+    uint32_t counter;
+
+    ngx_memcpy(&counter, in, sizeof(uint32_t));
+
+    if (cipher == (const EVP_CIPHER *) EVP_aead_chacha20_poly1305()) {
+        CRYPTO_chacha_20(out, zero, 5, s->hp.data, &in[4], counter);
+        return NGX_OK;
+    }
+#endif
+
     ctx = EVP_CIPHER_CTX_new();
     if (ctx == NULL) {
         return NGX_ERROR;
@@ -2129,7 +2140,9 @@ ngx_quic_ciphers(ngx_connection_t *c, ng
 #else
         ciphers->c = EVP_chacha20_poly1305();
 #endif
-#ifndef OPENSSL_IS_BORINGSSL
+#ifdef OPENSSL_IS_BORINGSSL
+        ciphers->hp = (const EVP_CIPHER *) EVP_aead_chacha20_poly1305();
+#else
         ciphers->hp = EVP_chacha20();
 #endif
         ciphers->d = EVP_sha256();