Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8171:4daf03d2bd0a quic
OpenSSL compatibility.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Fri, 28 Feb 2020 13:09:51 +0300 |
parents | |
children | 76e29ff31cd3 |
comparison
equal
deleted
inserted
replaced
8170:53a5cdbe500c | 8171:4daf03d2bd0a |
---|---|
1 #include <ngx_config.h> | |
2 #include <ngx_core.h> | |
3 #include <ngx_event.h> | |
4 | |
5 | |
6 uint64_t | |
7 ngx_quic_parse_int(u_char **pos) | |
8 { | |
9 u_char *p; | |
10 uint64_t value; | |
11 ngx_uint_t len; | |
12 | |
13 p = *pos; | |
14 len = 1 << ((*p & 0xc0) >> 6); | |
15 value = *p++ & 0x3f; | |
16 | |
17 while (--len) { | |
18 value = (value << 8) + *p++; | |
19 } | |
20 | |
21 *pos = p; | |
22 return value; | |
23 } | |
24 | |
25 | |
26 void | |
27 ngx_quic_build_int(u_char **pos, uint64_t value) | |
28 { | |
29 u_char *p; | |
30 ngx_uint_t len;//, len2; | |
31 | |
32 p = *pos; | |
33 len = 0; | |
34 | |
35 while (value >> ((1 << len) * 8 - 2)) { | |
36 len++; | |
37 } | |
38 | |
39 *p = len << 6; | |
40 | |
41 // len2 = | |
42 len = (1 << len); | |
43 len--; | |
44 *p |= value >> (len * 8); | |
45 p++; | |
46 | |
47 while (len) { | |
48 *p++ = value >> ((len-- - 1) * 8); | |
49 } | |
50 | |
51 *pos = p; | |
52 // return len2; | |
53 } | |
54 | |
55 | |
56 uint64_t | |
57 ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask) | |
58 { | |
59 u_char *p; | |
60 uint64_t value; | |
61 | |
62 p = *pos; | |
63 value = *p++ ^ *mask++; | |
64 | |
65 while (--len) { | |
66 value = (value << 8) + (*p++ ^ *mask++); | |
67 } | |
68 | |
69 *pos = p; | |
70 return value; | |
71 } | |
72 | |
73 | |
74 ngx_int_t | |
75 ngx_hkdf_extract(u_char *out_key, size_t *out_len, const EVP_MD *digest, | |
76 const u_char *secret, size_t secret_len, const u_char *salt, | |
77 size_t salt_len) | |
78 { | |
79 #ifdef OPENSSL_IS_BORINGSSL | |
80 if (HKDF_extract(out_key, out_len, digest, secret, secret_len, salt, | |
81 salt_len) | |
82 == 0) | |
83 { | |
84 return NGX_ERROR; | |
85 } | |
86 #else | |
87 | |
88 EVP_PKEY_CTX *pctx; | |
89 | |
90 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); | |
91 | |
92 if (EVP_PKEY_derive_init(pctx) <= 0) { | |
93 return NGX_ERROR; | |
94 } | |
95 | |
96 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY) <= 0) { | |
97 return NGX_ERROR; | |
98 } | |
99 | |
100 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { | |
101 return NGX_ERROR; | |
102 } | |
103 | |
104 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, secret, secret_len) <= 0) { | |
105 return NGX_ERROR; | |
106 } | |
107 | |
108 if (EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, salt_len) <= 0) { | |
109 return NGX_ERROR; | |
110 } | |
111 | |
112 if (EVP_PKEY_derive(pctx, out_key, out_len) <= 0) { | |
113 return NGX_ERROR; | |
114 } | |
115 | |
116 #endif | |
117 | |
118 return NGX_OK; | |
119 } | |
120 | |
121 | |
122 ngx_int_t | |
123 ngx_hkdf_expand(u_char *out_key, size_t out_len, const EVP_MD *digest, | |
124 const u_char *prk, size_t prk_len, const u_char *info, size_t info_len) | |
125 { | |
126 #ifdef OPENSSL_IS_BORINGSSL | |
127 if (HKDF_expand(out_key, out_len, digest, prk, prk_len, info, info_len) | |
128 == 0) | |
129 { | |
130 return NGX_ERROR; | |
131 } | |
132 #else | |
133 | |
134 EVP_PKEY_CTX *pctx; | |
135 | |
136 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL); | |
137 | |
138 if (EVP_PKEY_derive_init(pctx) <= 0) { | |
139 return NGX_ERROR; | |
140 } | |
141 | |
142 if (EVP_PKEY_CTX_hkdf_mode(pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY) <= 0) { | |
143 return NGX_ERROR; | |
144 } | |
145 | |
146 if (EVP_PKEY_CTX_set_hkdf_md(pctx, digest) <= 0) { | |
147 return NGX_ERROR; | |
148 } | |
149 | |
150 if (EVP_PKEY_CTX_set1_hkdf_key(pctx, prk, prk_len) <= 0) { | |
151 return NGX_ERROR; | |
152 } | |
153 | |
154 if (EVP_PKEY_CTX_add1_hkdf_info(pctx, info, info_len) <= 0) { | |
155 return NGX_ERROR; | |
156 } | |
157 | |
158 if (EVP_PKEY_derive(pctx, out_key, &out_len) <= 0) { | |
159 return NGX_ERROR; | |
160 } | |
161 | |
162 #endif | |
163 | |
164 return NGX_OK; | |
165 } |