Mercurial > hg > nginx

comparison src/event/ngx_event_quic_protection.c @ 8359:2f900ae486bc quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Debug cleanup. + all dumps are moved under one of the following macros (undefined by default): NGX_QUIC_DEBUG_PACKETS NGX_QUIC_DEBUG_FRAMES NGX_QUIC_DEBUG_FRAMES_ALLOC NGX_QUIC_DEBUG_CRYPTO + all QUIC debug messages got "quic " prefix + all input frames are reported as "quic frame in FOO_FRAME bar:1 baz:2" + all outgoing frames re reported as "quic frame out foo bar baz" + all stream operations are prefixed with id, like: "quic stream id 0x33 recv" + all transport parameters are prefixed with "quic tp" (hex dump is moved to caller, to avoid using ngx_cycle->log) + packet flags and some other debug messages are updated to include packet type
author Vladimir Homutov <vl@nginx.com>
date Fri, 24 Apr 2020 10:11:47 +0300
parents aba84d9ab256
children f175006124d0
comparison
equal deleted inserted replaced
8358:2a6e91a1691d 8359:2f900ae486bc
154 ngx_str_t iss = { 154 ngx_str_t iss = {
155 .data = is, 155 .data = is,
156 .len = is_len 156 .len = is_len
157 }; 157 };
158 158
159 #ifdef NGX_QUIC_DEBUG_CRYPTO
159 ngx_quic_hexdump0(pool->log, "salt", salt, sizeof(salt)); 160 ngx_quic_hexdump0(pool->log, "salt", salt, sizeof(salt));
160 ngx_quic_hexdump0(pool->log, "initial secret", is, is_len); 161 ngx_quic_hexdump0(pool->log, "initial secret", is, is_len);
162 #endif
161 163
162 /* draft-ietf-quic-tls-23#section-5.2 */ 164 /* draft-ietf-quic-tls-23#section-5.2 */
163 client->secret.len = SHA256_DIGEST_LENGTH; 165 client->secret.len = SHA256_DIGEST_LENGTH;
164 server->secret.len = SHA256_DIGEST_LENGTH; 166 server->secret.len = SHA256_DIGEST_LENGTH;
165 167
261 ngx_ssl_error(NGX_LOG_INFO, pool->log, 0, 263 ngx_ssl_error(NGX_LOG_INFO, pool->log, 0,
262 "ngx_hkdf_expand(%V) failed", label); 264 "ngx_hkdf_expand(%V) failed", label);
263 return NGX_ERROR; 265 return NGX_ERROR;
264 } 266 }
265 267
268 #ifdef NGX_QUIC_DEBUG_CRYPTO
266 ngx_quic_hexdump(pool->log, "%V info", info, info_len, label); 269 ngx_quic_hexdump(pool->log, "%V info", info, info_len, label);
267 ngx_quic_hexdump(pool->log, "%V key", out->data, out->len, label); 270 ngx_quic_hexdump(pool->log, "%V key", out->data, out->len, label);
271 #endif
268 272
269 return NGX_OK; 273 return NGX_OK;
270 } 274 }
271 275
272 276
759 ad.data = res->data; 763 ad.data = res->data;
760 ad.len = ngx_quic_create_long_header(pkt, ad.data, out.len, &pnp); 764 ad.len = ngx_quic_create_long_header(pkt, ad.data, out.len, &pnp);
761 765
762 out.data = res->data + ad.len; 766 out.data = res->data + ad.len;
763 767
768 #ifdef NGX_QUIC_DEBUG_CRYPTO
764 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); 769 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len);
770 #endif
765 771
766 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { 772 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) {
767 return NGX_ERROR; 773 return NGX_ERROR;
768 } 774 }
769
770 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pkt->log, 0,
771 "ngx_quic_create_long_packet: number %L, encoded %d:0x%xD",
772 pkt->number, (int) pkt->num_len, pkt->trunc);
773 775
774 ngx_memcpy(nonce, pkt->secret->iv.data, pkt->secret->iv.len); 776 ngx_memcpy(nonce, pkt->secret->iv.data, pkt->secret->iv.len);
775 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); 777 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number);
776 778
779 #ifdef NGX_QUIC_DEBUG_CRYPTO
777 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); 780 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12);
778 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); 781 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12);
782 #endif
779 783
780 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, 784 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out,
781 nonce, &pkt->payload, &ad, pkt->log) 785 nonce, &pkt->payload, &ad, pkt->log)
782 != NGX_OK) 786 != NGX_OK)
783 { 787 {
789 != NGX_OK) 793 != NGX_OK)
790 { 794 {
791 return NGX_ERROR; 795 return NGX_ERROR;
792 } 796 }
793 797
798 #ifdef NGX_QUIC_DEBUG_CRYPTO
794 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); 799 ngx_quic_hexdump0(pkt->log, "sample", sample, 16);
795 ngx_quic_hexdump0(pkt->log, "mask", mask, 5); 800 ngx_quic_hexdump0(pkt->log, "mask", mask, 5);
801 #endif
796 802
797 /* quic-tls: 5.4.1. Header Protection Application */ 803 /* quic-tls: 5.4.1. Header Protection Application */
798 ad.data[0] ^= mask[0] & 0x0f; 804 ad.data[0] ^= mask[0] & 0x0f;
799 805
800 for (i = 0; i < pkt->num_len; i++) { 806 for (i = 0; i < pkt->num_len; i++) {
822 ad.data = res->data; 828 ad.data = res->data;
823 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp); 829 ad.len = ngx_quic_create_short_header(pkt, ad.data, out.len, &pnp);
824 830
825 out.data = res->data + ad.len; 831 out.data = res->data + ad.len;
826 832
833 #ifdef NGX_QUIC_DEBUG_CRYPTO
827 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); 834 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len);
835 #endif
828 836
829 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) { 837 if (ngx_quic_ciphers(ssl_conn, &ciphers, pkt->level) == NGX_ERROR) {
830 return NGX_ERROR; 838 return NGX_ERROR;
831 } 839 }
832 840
833 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pkt->log, 0, 841 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, pkt->log, 0,
834 "ngx_quic_create_short_packet: number %L, encoded %d:0x%xD", 842 "quic ngx_quic_create_short_packet: number %L,"
835 pkt->number, (int) pkt->num_len, pkt->trunc); 843 " encoded %d:0x%xD", pkt->number, (int) pkt->num_len,
844 pkt->trunc);
836 845
837 ngx_memcpy(nonce, pkt->secret->iv.data, pkt->secret->iv.len); 846 ngx_memcpy(nonce, pkt->secret->iv.data, pkt->secret->iv.len);
838 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number); 847 ngx_quic_compute_nonce(nonce, sizeof(nonce), pkt->number);
839 848
849 #ifdef NGX_QUIC_DEBUG_CRYPTO
840 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12); 850 ngx_quic_hexdump0(pkt->log, "server_iv", pkt->secret->iv.data, 12);
841 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); 851 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12);
852 #endif
842 853
843 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out, 854 if (ngx_quic_tls_seal(ciphers.c, pkt->secret, &out,
844 nonce, &pkt->payload, &ad, pkt->log) 855 nonce, &pkt->payload, &ad, pkt->log)
845 != NGX_OK) 856 != NGX_OK)
846 { 857 {
852 != NGX_OK) 863 != NGX_OK)
853 { 864 {
854 return NGX_ERROR; 865 return NGX_ERROR;
855 } 866 }
856 867
868 #ifdef NGX_QUIC_DEBUG_CRYPTO
857 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); 869 ngx_quic_hexdump0(pkt->log, "sample", sample, 16);
858 ngx_quic_hexdump0(pkt->log, "mask", mask, 5); 870 ngx_quic_hexdump0(pkt->log, "mask", mask, 5);
871 #endif
859 872
860 /* quic-tls: 5.4.1. Header Protection Application */ 873 /* quic-tls: 5.4.1. Header Protection Application */
861 ad.data[0] ^= mask[0] & 0x1f; 874 ad.data[0] ^= mask[0] & 0x1f;
862 875
863 for (i = 0; i < pkt->num_len; i++) { 876 for (i = 0; i < pkt->num_len; i++) {
961 * AES-Based and ChaCha20-Based header protections sample 16 bytes 974 * AES-Based and ChaCha20-Based header protections sample 16 bytes
962 */ 975 */
963 976
964 sample = p + 4; 977 sample = p + 4;
965 978
979 #ifdef NGX_QUIC_DEBUG_CRYPTO
966 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); 980 ngx_quic_hexdump0(pkt->log, "sample", sample, 16);
981 #endif
967 982
968 /* header protection */ 983 /* header protection */
969 984
970 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample) 985 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, secret, mask, sample)
971 != NGX_OK) 986 != NGX_OK)
989 pnl = (clearflags & 0x03) + 1; 1004 pnl = (clearflags & 0x03) + 1;
990 pn = ngx_quic_parse_pn(&p, pnl, &mask[1], largest_pn); 1005 pn = ngx_quic_parse_pn(&p, pnl, &mask[1], largest_pn);
991 1006
992 pkt->pn = pn; 1007 pkt->pn = pn;
993 1008
1009 #ifdef NGX_QUIC_DEBUG_CRYPTO
994 ngx_quic_hexdump0(pkt->log, "mask", mask, 5); 1010 ngx_quic_hexdump0(pkt->log, "mask", mask, 5);
1011 #endif
1012
995 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0, 1013 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, pkt->log, 0,
996 "quic clear flags: %xi", clearflags); 1014 "quic clear flags: %xi", clearflags);
997 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0, 1015 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0,
998 "quic packet number: %uL, len: %xi", pn, pnl); 1016 "quic packet number: %uL, len: %xi", pn, pnl);
999 1017
1019 } while (--pnl); 1037 } while (--pnl);
1020 1038
1021 ngx_memcpy(nonce, secret->iv.data, secret->iv.len); 1039 ngx_memcpy(nonce, secret->iv.data, secret->iv.len);
1022 ngx_quic_compute_nonce(nonce, sizeof(nonce), pn); 1040 ngx_quic_compute_nonce(nonce, sizeof(nonce), pn);
1023 1041
1042 #ifdef NGX_QUIC_DEBUG_CRYPTO
1024 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12); 1043 ngx_quic_hexdump0(pkt->log, "nonce", nonce, 12);
1025 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len); 1044 ngx_quic_hexdump0(pkt->log, "ad", ad.data, ad.len);
1045 #endif
1026 1046
1027 pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN; 1047 pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN;
1028 1048
1029 if (NGX_QUIC_DEFAULT_MAX_PACKET_SIZE - ad.len < pkt->payload.len) { 1049 if (NGX_QUIC_DEFAULT_MAX_PACKET_SIZE - ad.len < pkt->payload.len) {
1030 return NGX_ERROR; 1050 return NGX_ERROR;
1033 pkt->payload.data = pkt->plaintext + ad.len; 1053 pkt->payload.data = pkt->plaintext + ad.len;
1034 1054
1035 rc = ngx_quic_tls_open(ciphers.c, secret, &pkt->payload, 1055 rc = ngx_quic_tls_open(ciphers.c, secret, &pkt->payload,
1036 nonce, &in, &ad, pkt->log); 1056 nonce, &in, &ad, pkt->log);
1037 1057
1058 #if defined(NGX_QUIC_DEBUG_CRYPTO) && defined(NGX_QUIC_DEBUG_PACKETS)
1038 ngx_quic_hexdump0(pkt->log, "packet payload", 1059 ngx_quic_hexdump0(pkt->log, "packet payload",
1039 pkt->payload.data, pkt->payload.len); 1060 pkt->payload.data, pkt->payload.len);
1061 #endif
1040 1062
1041 return rc; 1063 return rc;
1042 } 1064 }
1043 1065