Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8643:5fdd0ef42232 quic
QUIC: macros for manipulating header protection and reserved bits.
This gets rid of magic numbers from quic protection and allows to push down
header construction specifics further to quic transport.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 17 Nov 2020 21:32:22 +0000 |
parents | 05b1ee464350 |
children | e953bd2c5bb3 |
comparison
equal
deleted
inserted
replaced
8642:05b1ee464350 | 8643:5fdd0ef42232 |
---|---|
868 { | 868 { |
869 return NGX_ERROR; | 869 return NGX_ERROR; |
870 } | 870 } |
871 | 871 |
872 /* quic-tls: 5.4.1. Header Protection Application */ | 872 /* quic-tls: 5.4.1. Header Protection Application */ |
873 ad.data[0] ^= mask[0] & 0x0f; | 873 ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); |
874 | 874 |
875 for (i = 0; i < pkt->num_len; i++) { | 875 for (i = 0; i < pkt->num_len; i++) { |
876 pnp[i] ^= mask[i + 1]; | 876 pnp[i] ^= mask[i + 1]; |
877 } | 877 } |
878 | 878 |
926 { | 926 { |
927 return NGX_ERROR; | 927 return NGX_ERROR; |
928 } | 928 } |
929 | 929 |
930 /* quic-tls: 5.4.1. Header Protection Application */ | 930 /* quic-tls: 5.4.1. Header Protection Application */ |
931 ad.data[0] ^= mask[0] & 0x1f; | 931 ad.data[0] ^= mask[0] & ngx_quic_pkt_hp_mask(pkt->flags); |
932 | 932 |
933 for (i = 0; i < pkt->num_len; i++) { | 933 for (i = 0; i < pkt->num_len; i++) { |
934 pnp[i] ^= mask[i + 1]; | 934 pnp[i] ^= mask[i + 1]; |
935 } | 935 } |
936 | 936 |
1159 != NGX_OK) | 1159 != NGX_OK) |
1160 { | 1160 { |
1161 return NGX_DECLINED; | 1161 return NGX_DECLINED; |
1162 } | 1162 } |
1163 | 1163 |
1164 if (ngx_quic_long_pkt(pkt->flags)) { | 1164 clearflags = pkt->flags ^ (mask[0] & ngx_quic_pkt_hp_mask(pkt->flags)); |
1165 clearflags = pkt->flags ^ (mask[0] & 0x0f); | 1165 |
1166 | 1166 if (ngx_quic_short_pkt(pkt->flags)) { |
1167 } else { | |
1168 clearflags = pkt->flags ^ (mask[0] & 0x1f); | |
1169 key_phase = (clearflags & NGX_QUIC_PKT_KPHASE) != 0; | 1167 key_phase = (clearflags & NGX_QUIC_PKT_KPHASE) != 0; |
1170 | 1168 |
1171 if (key_phase != pkt->key_phase) { | 1169 if (key_phase != pkt->key_phase) { |
1172 secret = &pkt->keys->next_key.client; | 1170 secret = &pkt->keys->next_key.client; |
1173 pkt->key_update = 1; | 1171 pkt->key_update = 1; |
1190 /* packet protection */ | 1188 /* packet protection */ |
1191 | 1189 |
1192 in.data = p; | 1190 in.data = p; |
1193 in.len = len - pnl; | 1191 in.len = len - pnl; |
1194 | 1192 |
1195 if (ngx_quic_long_pkt(pkt->flags)) { | 1193 badflags = clearflags & ngx_quic_pkt_rb_mask(pkt->flags); |
1196 badflags = clearflags & NGX_QUIC_PKT_LONG_RESERVED_BIT; | |
1197 | |
1198 } else { | |
1199 badflags = clearflags & NGX_QUIC_PKT_SHORT_RESERVED_BIT; | |
1200 } | |
1201 | 1194 |
1202 ad.len = p - pkt->data; | 1195 ad.len = p - pkt->data; |
1203 ad.data = pkt->plaintext; | 1196 ad.data = pkt->plaintext; |
1204 | 1197 |
1205 ngx_memcpy(ad.data, pkt->data, ad.len); | 1198 ngx_memcpy(ad.data, pkt->data, ad.len); |