Mercurial > hg > nginx-quic
comparison src/event/ngx_event_quic.c @ 7645:7ee1ada04c8a quic
Generic function for HKDF expansion.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 26 Feb 2020 16:56:47 +0300 |
parents | a9ff4392ecde |
children | 01dc595de244 |
comparison
equal
deleted
inserted
replaced
7644:a9ff4392ecde | 7645:7ee1ada04c8a |
---|---|
118 return NGX_OK; | 118 return NGX_OK; |
119 } | 119 } |
120 | 120 |
121 | 121 |
122 ngx_int_t | 122 ngx_int_t |
123 ngx_quic_hkdf_expand(ngx_connection_t *c, const EVP_MD *digest, ngx_str_t *out, | |
124 ngx_str_t *prk, ngx_str_t *name, ngx_uint_t sender) | |
125 { | |
126 uint8_t *p; | |
127 size_t hkdfl_len; | |
128 uint8_t hkdfl[20]; | |
129 | |
130 #if (NGX_DEBUG) | |
131 u_char buf[512]; | |
132 size_t m; | |
133 #endif | |
134 | |
135 out->data = ngx_pnalloc(c->pool, out->len); | |
136 if (out->data == NULL) { | |
137 return NGX_ERROR; | |
138 } | |
139 | |
140 hkdfl_len = 2 + 1 + name->len + 1; | |
141 | |
142 if (sender) { | |
143 hkdfl[0] = out->len / 256; | |
144 hkdfl[1] = out->len % 256; | |
145 | |
146 } else { | |
147 hkdfl[0] = 0; | |
148 hkdfl[1] = out->len; | |
149 } | |
150 | |
151 hkdfl[2] = name->len; | |
152 p = ngx_cpymem(&hkdfl[3], name->data, name->len); | |
153 *p = '\0'; | |
154 | |
155 if (ngx_hkdf_expand(out->data, out->len, digest, | |
156 prk->data, prk->len, hkdfl, hkdfl_len) | |
157 != NGX_OK) | |
158 { | |
159 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, | |
160 "ngx_hkdf_expand(%V) failed", name); | |
161 return NGX_ERROR; | |
162 } | |
163 | |
164 if (c->log->log_level & NGX_LOG_DEBUG_EVENT) { | |
165 m = ngx_hex_dump(buf, out->data, out->len) - buf; | |
166 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
167 "%V: %*s, len: %uz", name, m, buf, out->len); | |
168 | |
169 m = ngx_hex_dump(buf, hkdfl, hkdfl_len) - buf; | |
170 ngx_log_debug4(NGX_LOG_DEBUG_EVENT, c->log, 0, | |
171 "%V hkdf: %*s, len: %uz", name, m, buf, hkdfl_len); | |
172 } | |
173 | |
174 return NGX_OK; | |
175 } | |
176 | |
177 | |
178 ngx_int_t | |
123 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, | 179 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, |
124 const u_char *prk, size_t prk_len, const u_char *info, size_t info_len) | 180 const u_char *prk, size_t prk_len, const u_char *info, size_t info_len) |
125 { | 181 { |
126 #ifdef OPENSSL_IS_BORINGSSL | 182 #ifdef OPENSSL_IS_BORINGSSL |
127 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) | 183 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) |