Mercurial > hg > nginx
comparison src/event/ngx_event_quic.c @ 8178:a9ff4392ecde quic
QUIC header protection routines, introduced ngx_quic_tls_hp().
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Fri, 28 Feb 2020 13:09:52 +0300 |
| parents | 76e29ff31cd3 |
| children | 7ee1ada04c8a |
comparison
equal
deleted
inserted
replaced
| 8177:76e29ff31cd3 | 8178:a9ff4392ecde |
|---|---|
| 369 out->len += EVP_GCM_TLS_TAG_LEN; | 369 out->len += EVP_GCM_TLS_TAG_LEN; |
| 370 #endif | 370 #endif |
| 371 | 371 |
| 372 return NGX_OK; | 372 return NGX_OK; |
| 373 } | 373 } |
| 374 | |
| 375 | |
| 376 ngx_int_t | |
| 377 ngx_quic_tls_hp(ngx_connection_t *c, const EVP_CIPHER *cipher, | |
| 378 ngx_quic_secret_t *s, u_char *out, u_char *in) | |
| 379 { | |
| 380 int outlen; | |
| 381 EVP_CIPHER_CTX *ctx; | |
| 382 | |
| 383 ctx = EVP_CIPHER_CTX_new(); | |
| 384 if (ctx == NULL) { | |
| 385 return NGX_ERROR; | |
| 386 } | |
| 387 | |
| 388 if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, NULL) != 1) { | |
| 389 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptInit_ex() failed"); | |
| 390 goto failed; | |
| 391 } | |
| 392 | |
| 393 if (!EVP_EncryptUpdate(ctx, out, &outlen, in, 16)) { | |
| 394 ngx_ssl_error(NGX_LOG_INFO, c->log, 0, "EVP_EncryptUpdate() failed"); | |
| 395 goto failed; | |
| 396 } | |
| 397 | |
| 398 EVP_CIPHER_CTX_free(ctx); | |
| 399 | |
| 400 return NGX_OK; | |
| 401 | |
| 402 failed: | |
| 403 | |
| 404 EVP_CIPHER_CTX_free(ctx); | |
| 405 | |
| 406 return NGX_ERROR; | |
| 407 } |