Mercurial > hg > nginx

comparison src/http/ngx_http_request.c @ 8168:b507592c15a7 quic

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Server Initial Keys.
author Sergey Kandaurov <pluknet@nginx.com>
date Fri, 28 Feb 2020 13:09:51 +0300
parents 5d91389e0fd3
children bd006bd520a9
comparison
equal deleted inserted replaced
8167:5d91389e0fd3 8168:b507592c15a7
896 { 896 {
897 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0, 897 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0,
898 "HKDF_expand(client_in_key) failed"); 898 "HKDF_expand(client_in_key) failed");
899 ngx_http_close_connection(c); 899 ngx_http_close_connection(c);
900 return; 900 return;
901 } 901 }
902 902
903 qc->client_in_iv.len = EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm()); 903 qc->client_in_iv.len = EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm());
904 qc->client_in_iv.data = ngx_pnalloc(c->pool, qc->client_in_iv.len); 904 qc->client_in_iv.data = ngx_pnalloc(c->pool, qc->client_in_iv.len);
905 if (qc->client_in_iv.data == NULL) { 905 if (qc->client_in_iv.data == NULL) {
906 ngx_http_close_connection(c); 906 ngx_http_close_connection(c);
956 m, buf, qc->client_in.len); 956 m, buf, qc->client_in.len);
957 957
958 m = ngx_hex_dump(buf, qc->client_in_key.data, qc->client_in_key.len) 958 m = ngx_hex_dump(buf, qc->client_in_key.data, qc->client_in_key.len)
959 - buf; 959 - buf;
960 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, 960 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
961 "quic key: %*s, len: %uz", 961 "quic client key: %*s, len: %uz",
962 m, buf, qc->client_in_key.len); 962 m, buf, qc->client_in_key.len);
963 963
964 m = ngx_hex_dump(buf, qc->client_in_iv.data, qc->client_in_iv.len) 964 m = ngx_hex_dump(buf, qc->client_in_iv.data, qc->client_in_iv.len)
965 - buf; 965 - buf;
966 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, 966 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
967 "quic iv: %*s, len: %uz", m, buf, qc->client_in_iv.len); 967 "quic client iv: %*s, len: %uz",
968 m, buf, qc->client_in_iv.len);
968 969
969 m = ngx_hex_dump(buf, qc->client_in_hp.data, qc->client_in_hp.len) 970 m = ngx_hex_dump(buf, qc->client_in_hp.data, qc->client_in_hp.len)
970 - buf; 971 - buf;
971 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0, 972 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
972 "quic hp: %*s, len: %uz", m, buf, qc->client_in_hp.len); 973 "quic client hp: %*s, len: %uz",
974 m, buf, qc->client_in_hp.len);
975 }
976 #endif
977
978 // server initial
979
980 /* draft-ietf-quic-tls-23#section-5.2 */
981
982 qc->server_in.len = SHA256_DIGEST_LENGTH;
983 qc->server_in.data = ngx_pnalloc(c->pool, qc->server_in.len);
984 if (qc->server_in.data == NULL) {
985 ngx_http_close_connection(c);
986 return;
987 }
988
989 hkdfl_len = 2 + 1 + sizeof("tls13 server in") - 1 + 1;
990 hkdfl[0] = 0;
991 hkdfl[1] = qc->server_in.len;
992 hkdfl[2] = sizeof("tls13 server in") - 1;
993 p = ngx_cpymem(&hkdfl[3], "tls13 server in",
994 sizeof("tls13 server in") - 1);
995 *p = '\0';
996
997 if (HKDF_expand(qc->server_in.data, qc->server_in.len,
998 digest, is, is_len, hkdfl, hkdfl_len)
999 == 0)
1000 {
1001 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0,
1002 "HKDF_expand(server_in) failed");
1003 ngx_http_close_connection(c);
1004 return;
1005 }
1006
1007 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.3 */
1008
1009 qc->server_in_key.len = EVP_AEAD_key_length(EVP_aead_aes_128_gcm());
1010 qc->server_in_key.data = ngx_pnalloc(c->pool, qc->server_in_key.len);
1011 if (qc->server_in_key.data == NULL) {
1012 ngx_http_close_connection(c);
1013 return;
1014 }
1015
1016 hkdfl_len = 2 + 1 + sizeof("tls13 quic key") - 1 + 1;
1017 hkdfl[1] = qc->server_in_key.len;
1018 hkdfl[2] = sizeof("tls13 quic key") - 1;
1019 p = ngx_cpymem(&hkdfl[3], "tls13 quic key",
1020 sizeof("tls13 quic key") - 1);
1021 *p = '\0';
1022
1023 if (HKDF_expand(qc->server_in_key.data, qc->server_in_key.len,
1024 digest, qc->server_in.data, qc->server_in.len,
1025 hkdfl, hkdfl_len)
1026 == 0)
1027 {
1028 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0,
1029 "HKDF_expand(server_in_key) failed");
1030 ngx_http_close_connection(c);
1031 return;
1032 }
1033
1034 qc->server_in_iv.len = EVP_AEAD_nonce_length(EVP_aead_aes_128_gcm());
1035 qc->server_in_iv.data = ngx_pnalloc(c->pool, qc->server_in_iv.len);
1036 if (qc->server_in_iv.data == NULL) {
1037 ngx_http_close_connection(c);
1038 return;
1039 }
1040
1041 hkdfl_len = 2 + 1 + sizeof("tls13 quic iv") - 1 + 1;
1042 hkdfl[1] = qc->server_in_iv.len;
1043 hkdfl[2] = sizeof("tls13 quic iv") - 1;
1044 p = ngx_cpymem(&hkdfl[3], "tls13 quic iv", sizeof("tls13 quic iv") - 1);
1045 *p = '\0';
1046
1047 if (HKDF_expand(qc->server_in_iv.data, qc->server_in_iv.len, digest,
1048 qc->server_in.data, qc->server_in.len, hkdfl, hkdfl_len)
1049 == 0)
1050 {
1051 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0,
1052 "HKDF_expand(server_in_iv) failed");
1053 ngx_http_close_connection(c);
1054 return;
1055 }
1056
1057 /* AEAD_AES_128_GCM prior to handshake, quic-tls-23#section-5.4.1 */
1058
1059 qc->server_in_hp.len = EVP_AEAD_key_length(EVP_aead_aes_128_gcm());
1060 qc->server_in_hp.data = ngx_pnalloc(c->pool, qc->server_in_hp.len);
1061 if (qc->server_in_hp.data == NULL) {
1062 ngx_http_close_connection(c);
1063 return;
1064 }
1065
1066 hkdfl_len = 2 + 1 + sizeof("tls13 quic hp") - 1 + 1;
1067 hkdfl[1] = qc->server_in_hp.len;
1068 hkdfl[2] = sizeof("tls13 quic hp") - 1;
1069 p = ngx_cpymem(&hkdfl[3], "tls13 quic hp", sizeof("tls13 quic hp") - 1);
1070 *p = '\0';
1071
1072 if (HKDF_expand(qc->server_in_hp.data, qc->server_in_hp.len, digest,
1073 qc->server_in.data, qc->server_in.len, hkdfl, hkdfl_len)
1074 == 0)
1075 {
1076 ngx_ssl_error(NGX_LOG_INFO, rev->log, 0,
1077 "HKDF_expand(server_in_hp) failed");
1078 ngx_http_close_connection(c);
1079 return;
1080 }
1081
1082 #if (NGX_DEBUG)
1083 if (c->log->log_level & NGX_LOG_DEBUG_EVENT) {
1084 m = ngx_hex_dump(buf, qc->server_in.data, qc->server_in.len) - buf;
1085 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
1086 "quic server initial secret: %*s, len: %uz",
1087 m, buf, qc->server_in.len);
1088
1089 m = ngx_hex_dump(buf, qc->server_in_key.data, qc->server_in_key.len)
1090 - buf;
1091 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
1092 "quic server key: %*s, len: %uz",
1093 m, buf, qc->server_in_key.len);
1094
1095 m = ngx_hex_dump(buf, qc->server_in_iv.data, qc->server_in_iv.len)
1096 - buf;
1097 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
1098 "quic server iv: %*s, len: %uz",
1099 m, buf, qc->server_in_iv.len);
1100
1101 m = ngx_hex_dump(buf, qc->server_in_hp.data, qc->server_in_hp.len)
1102 - buf;
1103 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, rev->log, 0,
1104 "quic server hp: %*s, len: %uz",
1105 m, buf, qc->server_in_hp.len);
973 } 1106 }
974 #endif 1107 #endif
975 1108
976 // header protection 1109 // header protection
977 1110