Mercurial > hg > nginx-quic

comparison src/event/quic/ngx_event_quic_protection.c @ 8815:d8865baab732 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: removed draft versions support.
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 26 Jan 2022 14:15:40 +0300
parents 3341e4089c6c
children d8b3851f172c
comparison
equal deleted inserted replaced
8814:3d0fc72d409e 8815:d8865baab732
144 } 144 }
145 145
146 146
147 ngx_int_t 147 ngx_int_t
148 ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys, 148 ngx_quic_keys_set_initial_secret(ngx_pool_t *pool, ngx_quic_keys_t *keys,
149 ngx_str_t *secret, uint32_t version) 149 ngx_str_t *secret)
150 { 150 {
151 size_t is_len; 151 size_t is_len;
152 uint8_t is[SHA256_DIGEST_LENGTH]; 152 uint8_t is[SHA256_DIGEST_LENGTH];
153 ngx_uint_t i; 153 ngx_uint_t i;
154 const EVP_MD *digest; 154 const EVP_MD *digest;
155 ngx_quic_secret_t *client, *server; 155 ngx_quic_secret_t *client, *server;
156 156
157 static const uint8_t salt[20] = 157 static const uint8_t salt[20] =
158 "\x38\x76\x2c\xf7\xf5\x59\x34\xb3\x4d\x17" 158 "\x38\x76\x2c\xf7\xf5\x59\x34\xb3\x4d\x17"
159 "\x9a\xe6\xa4\xc8\x0c\xad\xcc\xbb\x7f\x0a"; 159 "\x9a\xe6\xa4\xc8\x0c\xad\xcc\xbb\x7f\x0a";
160 static const uint8_t salt29[20] =
161 "\xaf\xbf\xec\x28\x99\x93\xd2\x4c\x9e\x97"
162 "\x86\xf1\x9c\x61\x11\xe0\x43\x90\xa8\x99";
163 160
164 client = &keys->secrets[ssl_encryption_initial].client; 161 client = &keys->secrets[ssl_encryption_initial].client;
165 server = &keys->secrets[ssl_encryption_initial].server; 162 server = &keys->secrets[ssl_encryption_initial].server;
166 163
167 /* 164 /*
173 170
174 digest = EVP_sha256(); 171 digest = EVP_sha256();
175 is_len = SHA256_DIGEST_LENGTH; 172 is_len = SHA256_DIGEST_LENGTH;
176 173
177 if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len, 174 if (ngx_hkdf_extract(is, &is_len, digest, secret->data, secret->len,
178 (version & 0xff000000) ? salt29 : salt, sizeof(salt)) 175 salt, sizeof(salt))
179 != NGX_OK) 176 != NGX_OK)
180 { 177 {
181 return NGX_ERROR; 178 return NGX_ERROR;
182 } 179 }
183 180
890 ngx_quic_ciphers_t ciphers; 887 ngx_quic_ciphers_t ciphers;
891 888
892 /* 5.8. Retry Packet Integrity */ 889 /* 5.8. Retry Packet Integrity */
893 static u_char key[16] = 890 static u_char key[16] =
894 "\xbe\x0c\x69\x0b\x9f\x66\x57\x5a\x1d\x76\x6b\x54\xe3\x68\xc8\x4e"; 891 "\xbe\x0c\x69\x0b\x9f\x66\x57\x5a\x1d\x76\x6b\x54\xe3\x68\xc8\x4e";
895 static u_char key29[16] =
896 "\xcc\xce\x18\x7e\xd0\x9a\x09\xd0\x57\x28\x15\x5a\x6c\xb9\x6b\xe1";
897 static u_char nonce[NGX_QUIC_IV_LEN] = 892 static u_char nonce[NGX_QUIC_IV_LEN] =
898 "\x46\x15\x99\xd3\x5d\x63\x2b\xf2\x23\x98\x25\xbb"; 893 "\x46\x15\x99\xd3\x5d\x63\x2b\xf2\x23\x98\x25\xbb";
899 static u_char nonce29[NGX_QUIC_IV_LEN] =
900 "\xe5\x49\x30\xf9\x7f\x21\x36\xf0\x53\x0a\x8c\x1c";
901 static ngx_str_t in = ngx_string(""); 894 static ngx_str_t in = ngx_string("");
902 895
903 ad.data = res->data; 896 ad.data = res->data;
904 ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start); 897 ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start);
905 898
914 if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) { 907 if (ngx_quic_ciphers(0, &ciphers, pkt->level) == NGX_ERROR) {
915 return NGX_ERROR; 908 return NGX_ERROR;
916 } 909 }
917 910
918 secret.key.len = sizeof(key); 911 secret.key.len = sizeof(key);
919 secret.key.data = (pkt->version & 0xff000000) ? key29 : key; 912 secret.key.data = key;
920 secret.iv.len = NGX_QUIC_IV_LEN; 913 secret.iv.len = NGX_QUIC_IV_LEN;
921 914
922 if (ngx_quic_tls_seal(ciphers.c, &secret, &itag, 915 if (ngx_quic_tls_seal(ciphers.c, &secret, &itag, nonce, &in, &ad, pkt->log)
923 (pkt->version & 0xff000000) ? nonce29 : nonce,
924 &in, &ad, pkt->log)
925 != NGX_OK) 916 != NGX_OK)
926 { 917 {
927 return NGX_ERROR; 918 return NGX_ERROR;
928 } 919 }
929 920