Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 8168:b507592c15a7 quic
Server Initial Keys.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Fri, 28 Feb 2020 13:09:51 +0300 |
parents | 5d91389e0fd3 |
children | bd006bd520a9 |
comparison
equal
deleted
inserted
replaced
8167:5d91389e0fd3 | 8168:b507592c15a7 |
---|---|
896 { | 896 { |
897 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, | 897 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, |
898 "HKDF_expand(client_in_key) failed"); | 898 "HKDF_expand(client_in_key) failed"); |
899 ngx_http_close_connection(c); | 899 ngx_http_close_connection(c); |
900 return; | 900 return; |
901 } | 901 } |
902 | 902 |
903 qc->client_in_iv.len = EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()); | 903 qc->client_in_iv.len = EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()); |
904 qc->client_in_iv.data = ngx_pnalloc(c->pool, qc->client_in_iv.len); | 904 qc->client_in_iv.data = ngx_pnalloc(c->pool, qc->client_in_iv.len); |
905 if (qc->client_in_iv.data == NULL) { | 905 if (qc->client_in_iv.data == NULL) { |
906 ngx_http_close_connection(c); | 906 ngx_http_close_connection(c); |
956 m, buf, qc->client_in.len); | 956 m, buf, qc->client_in.len); |
957 | 957 |
958 m = ngx_hex_dump(buf, qc->client_in_key.data, qc->client_in_key.len) | 958 m = ngx_hex_dump(buf, qc->client_in_key.data, qc->client_in_key.len) |
959 - buf; | 959 - buf; |
960 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | 960 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, |
961 "quic key: %*s, len: %uz", | 961 "quic client key: %*s, len: %uz", |
962 m, buf, qc->client_in_key.len); | 962 m, buf, qc->client_in_key.len); |
963 | 963 |
964 m = ngx_hex_dump(buf, qc->client_in_iv.data, qc->client_in_iv.len) | 964 m = ngx_hex_dump(buf, qc->client_in_iv.data, qc->client_in_iv.len) |
965 - buf; | 965 - buf; |
966 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | 966 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, |
967 "quic iv: %*s, len: %uz", m, buf, qc->client_in_iv.len); | 967 "quic client iv: %*s, len: %uz", |
968 m, buf, qc->client_in_iv.len); | |
968 | 969 |
969 m = ngx_hex_dump(buf, qc->client_in_hp.data, qc->client_in_hp.len) | 970 m = ngx_hex_dump(buf, qc->client_in_hp.data, qc->client_in_hp.len) |
970 - buf; | 971 - buf; |
971 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | 972 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, |
972 "quic hp: %*s, len: %uz", m, buf, qc->client_in_hp.len); | 973 "quic client hp: %*s, len: %uz", |
974 m, buf, qc->client_in_hp.len); | |
975 } | |
976 #endif | |
977 | |
978 // server initial | |
979 | |
980 /* draft-ietf-quic-tls-23#section-5.2 */ | |
981 | |
982 qc->server_in.len = SHA256_DIGEST_LENGTH; | |
983 qc->server_in.data = ngx_pnalloc(c->pool, qc->server_in.len); | |
984 if (qc->server_in.data == NULL) { | |
985 ngx_http_close_connection(c); | |
986 return; | |
987 } | |
988 | |
989 hkdfl_len = 2 + 1 + sizeof("tls13 server in") - 1 + 1; | |
990 hkdfl[0] = 0; | |
991 hkdfl[1] = qc->server_in.len; | |
992 hkdfl[2] = sizeof("tls13 server in") - 1; | |
993 p = ngx_cpymem(&hkdfl[3], "tls13 server in", | |
994 sizeof("tls13 server in") - 1); | |
995 *p = '\0'; | |
996 | |
997 if (HKDF_expand(qc->server_in.data, qc->server_in.len, | |
998 digest, is, is_len, hkdfl, hkdfl_len) | |
999 == 0) | |
1000 { | |
1001 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, | |
1002 "HKDF_expand(server_in) failed"); | |
1003 ngx_http_close_connection(c); | |
1004 return; | |
1005 } | |
1006 | |
1007 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */ | |
1008 | |
1009 qc->server_in_key.len = EVP_AEAD_key_length(EVP_aead_aes_128_gcm()); | |
1010 qc->server_in_key.data = ngx_pnalloc(c->pool, qc->server_in_key.len); | |
1011 if (qc->server_in_key.data == NULL) { | |
1012 ngx_http_close_connection(c); | |
1013 return; | |
1014 } | |
1015 | |
1016 hkdfl_len = 2 + 1 + sizeof("tls13 quic key") - 1 + 1; | |
1017 hkdfl[1] = qc->server_in_key.len; | |
1018 hkdfl[2] = sizeof("tls13 quic key") - 1; | |
1019 p = ngx_cpymem(&hkdfl[3], "tls13 quic key", | |
1020 sizeof("tls13 quic key") - 1); | |
1021 *p = '\0'; | |
1022 | |
1023 if (HKDF_expand(qc->server_in_key.data, qc->server_in_key.len, | |
1024 digest, qc->server_in.data, qc->server_in.len, | |
1025 hkdfl, hkdfl_len) | |
1026 == 0) | |
1027 { | |
1028 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, | |
1029 "HKDF_expand(server_in_key) failed"); | |
1030 ngx_http_close_connection(c); | |
1031 return; | |
1032 } | |
1033 | |
1034 qc->server_in_iv.len = EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()); | |
1035 qc->server_in_iv.data = ngx_pnalloc(c->pool, qc->server_in_iv.len); | |
1036 if (qc->server_in_iv.data == NULL) { | |
1037 ngx_http_close_connection(c); | |
1038 return; | |
1039 } | |
1040 | |
1041 hkdfl_len = 2 + 1 + sizeof("tls13 quic iv") - 1 + 1; | |
1042 hkdfl[1] = qc->server_in_iv.len; | |
1043 hkdfl[2] = sizeof("tls13 quic iv") - 1; | |
1044 p = ngx_cpymem(&hkdfl[3], "tls13 quic iv", sizeof("tls13 quic iv") - 1); | |
1045 *p = '\0'; | |
1046 | |
1047 if (HKDF_expand(qc->server_in_iv.data, qc->server_in_iv.len, digest, | |
1048 qc->server_in.data, qc->server_in.len, hkdfl, hkdfl_len) | |
1049 == 0) | |
1050 { | |
1051 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, | |
1052 "HKDF_expand(server_in_iv) failed"); | |
1053 ngx_http_close_connection(c); | |
1054 return; | |
1055 } | |
1056 | |
1057 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */ | |
1058 | |
1059 qc->server_in_hp.len = EVP_AEAD_key_length(EVP_aead_aes_128_gcm()); | |
1060 qc->server_in_hp.data = ngx_pnalloc(c->pool, qc->server_in_hp.len); | |
1061 if (qc->server_in_hp.data == NULL) { | |
1062 ngx_http_close_connection(c); | |
1063 return; | |
1064 } | |
1065 | |
1066 hkdfl_len = 2 + 1 + sizeof("tls13 quic hp") - 1 + 1; | |
1067 hkdfl[1] = qc->server_in_hp.len; | |
1068 hkdfl[2] = sizeof("tls13 quic hp") - 1; | |
1069 p = ngx_cpymem(&hkdfl[3], "tls13 quic hp", sizeof("tls13 quic hp") - 1); | |
1070 *p = '\0'; | |
1071 | |
1072 if (HKDF_expand(qc->server_in_hp.data, qc->server_in_hp.len, digest, | |
1073 qc->server_in.data, qc->server_in.len, hkdfl, hkdfl_len) | |
1074 == 0) | |
1075 { | |
1076 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, | |
1077 "HKDF_expand(server_in_hp) failed"); | |
1078 ngx_http_close_connection(c); | |
1079 return; | |
1080 } | |
1081 | |
1082 #if (NGX_DEBUG) | |
1083 if (c->log->log_level & NGX_LOG_DEBUG_EVENT) { | |
1084 m = ngx_hex_dump(buf, qc->server_in.data, qc->server_in.len) - buf; | |
1085 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | |
1086 "quic server initial secret: %*s, len: %uz", | |
1087 m, buf, qc->server_in.len); | |
1088 | |
1089 m = ngx_hex_dump(buf, qc->server_in_key.data, qc->server_in_key.len) | |
1090 - buf; | |
1091 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | |
1092 "quic server key: %*s, len: %uz", | |
1093 m, buf, qc->server_in_key.len); | |
1094 | |
1095 m = ngx_hex_dump(buf, qc->server_in_iv.data, qc->server_in_iv.len) | |
1096 - buf; | |
1097 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | |
1098 "quic server iv: %*s, len: %uz", | |
1099 m, buf, qc->server_in_iv.len); | |
1100 | |
1101 m = ngx_hex_dump(buf, qc->server_in_hp.data, qc->server_in_hp.len) | |
1102 - buf; | |
1103 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, | |
1104 "quic server hp: %*s, len: %uz", | |
1105 m, buf, qc->server_in_hp.len); | |
973 } | 1106 } |
974 #endif | 1107 #endif |
975 | 1108 |
976 // header protection | 1109 // header protection |
977 | 1110 |