Mercurial > hg > nginx
comparison src/event/quic/ngx_event_quic_protection.h @ 9025:e50f77a2d0b0 quic
QUIC: removed ngx_quic_keys_new().
The ngx_quic_keys_t structure is now exposed.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Wed, 27 Jul 2022 17:31:16 +0400 |
| parents | f2925c80401c |
| children | 7da4791e0264 |
comparison
equal
deleted
inserted
replaced
| 9024:f2925c80401c | 9025:e50f77a2d0b0 |
|---|---|
| 14 #include <ngx_event_quic_transport.h> | 14 #include <ngx_event_quic_transport.h> |
| 15 | 15 |
| 16 | 16 |
| 17 #define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1) | 17 #define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1) |
| 18 | 18 |
| 19 /* RFC 5116, 5.1 and RFC 8439, 2.3 for all supported ciphers */ | |
| 20 #define NGX_QUIC_IV_LEN 12 | |
| 19 | 21 |
| 20 ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool); | 22 /* largest hash used in TLS is SHA-384 */ |
| 23 #define NGX_QUIC_MAX_MD_SIZE 48 | |
| 24 | |
| 25 | |
| 26 typedef struct { | |
| 27 size_t len; | |
| 28 u_char data[NGX_QUIC_MAX_MD_SIZE]; | |
| 29 } ngx_quic_md_t; | |
| 30 | |
| 31 | |
| 32 typedef struct { | |
| 33 size_t len; | |
| 34 u_char data[NGX_QUIC_IV_LEN]; | |
| 35 } ngx_quic_iv_t; | |
| 36 | |
| 37 | |
| 38 typedef struct { | |
| 39 ngx_quic_md_t secret; | |
| 40 ngx_quic_md_t key; | |
| 41 ngx_quic_iv_t iv; | |
| 42 ngx_quic_md_t hp; | |
| 43 } ngx_quic_secret_t; | |
| 44 | |
| 45 | |
| 46 typedef struct { | |
| 47 ngx_quic_secret_t client; | |
| 48 ngx_quic_secret_t server; | |
| 49 } ngx_quic_secrets_t; | |
| 50 | |
| 51 | |
| 52 struct ngx_quic_keys_s { | |
| 53 ngx_quic_secrets_t secrets[NGX_QUIC_ENCRYPTION_LAST]; | |
| 54 ngx_quic_secrets_t next_key; | |
| 55 ngx_uint_t cipher; | |
| 56 }; | |
| 57 | |
| 58 | |
| 21 ngx_int_t ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, | 59 ngx_int_t ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, |
| 22 ngx_str_t *secret, ngx_log_t *log); | 60 ngx_str_t *secret, ngx_log_t *log); |
| 23 ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_log_t *log, | 61 ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_log_t *log, |
| 24 ngx_uint_t is_write, ngx_quic_keys_t *keys, | 62 ngx_uint_t is_write, ngx_quic_keys_t *keys, |
| 25 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, | 63 enum ssl_encryption_level_t level, const SSL_CIPHER *cipher, |