Mercurial > hg > nginx

comparison src/event/quic/ngx_event_quic_protection.c @ 9030:172705615d04 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
QUIC: using native TLSv1.3 cipher suite constants. After BoringSSL aligned[1] with OpenSSL on TLS1_3_CK_* macros, and LibreSSL uses OpenSSL naming, our own variants can be dropped now. Compatibility is preserved with libraries that lack these macros. Additionally, transition to SSL_CIPHER_get_id() fixes build error with LibreSSL that doesn't implement SSL_CIPHER_get_protocol_id(). [1] https://boringssl.googlesource.com/boringssl/+/dfddbc4ded
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 20 Oct 2022 16:21:05 +0400
parents e50f77a2d0b0
children a6cc246654f8
comparison
equal deleted inserted replaced
9029:28fc35b71d75 9030:172705615d04
13 /* RFC 9001, 5.4.1. Header Protection Application: 5-byte mask */ 13 /* RFC 9001, 5.4.1. Header Protection Application: 5-byte mask */
14 #define NGX_QUIC_HP_LEN 5 14 #define NGX_QUIC_HP_LEN 5
15 15
16 #define NGX_QUIC_AES_128_KEY_LEN 16 16 #define NGX_QUIC_AES_128_KEY_LEN 16
17 17
18 #define NGX_AES_128_GCM_SHA256 0x1301 18 #ifndef TLS1_3_CK_AES_128_GCM_SHA256
19 #define NGX_AES_256_GCM_SHA384 0x1302 19 #define TLS1_3_CK_AES_128_GCM_SHA256 0x03001301
20 #define NGX_CHACHA20_POLY1305_SHA256 0x1303 20 #define TLS1_3_CK_AES_256_GCM_SHA384 0x03001302
21 #define TLS1_3_CK_CHACHA20_POLY1305_SHA256 \
22 0x03001303
23 #endif
21 24
22 25
23 #ifdef OPENSSL_IS_BORINGSSL 26 #ifdef OPENSSL_IS_BORINGSSL
24 #define ngx_quic_cipher_t EVP_AEAD 27 #define ngx_quic_cipher_t EVP_AEAD
25 #else 28 #else
88 enum ssl_encryption_level_t level) 91 enum ssl_encryption_level_t level)
89 { 92 {
90 ngx_int_t len; 93 ngx_int_t len;
91 94
92 if (level == ssl_encryption_initial) { 95 if (level == ssl_encryption_initial) {
93 id = NGX_AES_128_GCM_SHA256; 96 id = TLS1_3_CK_AES_128_GCM_SHA256;
94 } 97 }
95 98
96 switch (id) { 99 switch (id) {
97 100
98 case NGX_AES_128_GCM_SHA256: 101 case TLS1_3_CK_AES_128_GCM_SHA256:
99 #ifdef OPENSSL_IS_BORINGSSL 102 #ifdef OPENSSL_IS_BORINGSSL
100 ciphers->c = EVP_aead_aes_128_gcm(); 103 ciphers->c = EVP_aead_aes_128_gcm();
101 #else 104 #else
102 ciphers->c = EVP_aes_128_gcm(); 105 ciphers->c = EVP_aes_128_gcm();
103 #endif 106 #endif
104 ciphers->hp = EVP_aes_128_ctr(); 107 ciphers->hp = EVP_aes_128_ctr();
105 ciphers->d = EVP_sha256(); 108 ciphers->d = EVP_sha256();
106 len = 16; 109 len = 16;
107 break; 110 break;
108 111
109 case NGX_AES_256_GCM_SHA384: 112 case TLS1_3_CK_AES_256_GCM_SHA384:
110 #ifdef OPENSSL_IS_BORINGSSL 113 #ifdef OPENSSL_IS_BORINGSSL
111 ciphers->c = EVP_aead_aes_256_gcm(); 114 ciphers->c = EVP_aead_aes_256_gcm();
112 #else 115 #else
113 ciphers->c = EVP_aes_256_gcm(); 116 ciphers->c = EVP_aes_256_gcm();
114 #endif 117 #endif
115 ciphers->hp = EVP_aes_256_ctr(); 118 ciphers->hp = EVP_aes_256_ctr();
116 ciphers->d = EVP_sha384(); 119 ciphers->d = EVP_sha384();
117 len = 32; 120 len = 32;
118 break; 121 break;
119 122
120 case NGX_CHACHA20_POLY1305_SHA256: 123 case TLS1_3_CK_CHACHA20_POLY1305_SHA256:
121 #ifdef OPENSSL_IS_BORINGSSL 124 #ifdef OPENSSL_IS_BORINGSSL
122 ciphers->c = EVP_aead_chacha20_poly1305(); 125 ciphers->c = EVP_aead_chacha20_poly1305();
123 #else 126 #else
124 ciphers->c = EVP_chacha20_poly1305(); 127 ciphers->c = EVP_chacha20_poly1305();
125 #endif 128 #endif
640 ngx_quic_ciphers_t ciphers; 643 ngx_quic_ciphers_t ciphers;
641 644
642 peer_secret = is_write ? &keys->secrets[level].server 645 peer_secret = is_write ? &keys->secrets[level].server
643 : &keys->secrets[level].client; 646 : &keys->secrets[level].client;
644 647
645 keys->cipher = SSL_CIPHER_get_protocol_id(cipher); 648 keys->cipher = SSL_CIPHER_get_id(cipher);
646 649
647 key_len = ngx_quic_ciphers(keys->cipher, &ciphers, level); 650 key_len = ngx_quic_ciphers(keys->cipher, &ciphers, level);
648 651
649 if (key_len == NGX_ERROR) { 652 if (key_len == NGX_ERROR) {
650 ngx_ssl_error(NGX_LOG_INFO, log, 0, "unexpected cipher"); 653 ngx_ssl_error(NGX_LOG_INFO, log, 0, "unexpected cipher");