Mercurial > hg > nginx
comparison src/event/ngx_event_quic_protection.c @ 8315:fdda518d10ba quic
Proper handling of packet number in header.
- fixed setting of largest received packet number.
- sending properly truncated packet number
- added support for multi-byte packet number
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Fri, 03 Apr 2020 14:02:16 +0300 |
| parents | c625bde6cb77 |
| children | 435fed8e2489 |
comparison
equal
deleted
inserted
replaced
| 8314:de8981bf2dd5 | 8315:fdda518d10ba |
|---|---|
| 654 ngx_quic_create_long_packet(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, | 654 ngx_quic_create_long_packet(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
| 655 ngx_str_t *res) | 655 ngx_str_t *res) |
| 656 { | 656 { |
| 657 u_char *pnp, *sample; | 657 u_char *pnp, *sample; |
| 658 ngx_str_t ad, out; | 658 ngx_str_t ad, out; |
| 659 ngx_uint_t i; | |
| 659 ngx_quic_ciphers_t ciphers; | 660 ngx_quic_ciphers_t ciphers; |
| 660 u_char nonce[12], mask[16]; | 661 u_char nonce[12], mask[16]; |
| 661 | 662 |
| 662 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; | 663 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; |
| 663 | 664 |
| 683 != NGX_OK) | 684 != NGX_OK) |
| 684 { | 685 { |
| 685 return NGX_ERROR; | 686 return NGX_ERROR; |
| 686 } | 687 } |
| 687 | 688 |
| 688 sample = &out.data[3]; // pnl=0 | 689 sample = &out.data[4 - pkt->num_len]; |
| 689 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) | 690 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) |
| 690 != NGX_OK) | 691 != NGX_OK) |
| 691 { | 692 { |
| 692 return NGX_ERROR; | 693 return NGX_ERROR; |
| 693 } | 694 } |
| 694 | 695 |
| 695 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); | 696 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); |
| 696 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); | 697 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); |
| 697 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); | 698 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); |
| 698 | 699 |
| 699 // header protection, pnl = 0 | 700 /* quic-tls: 5.4.1. Header Protection Application */ |
| 700 ad.data[0] ^= mask[0] & 0x0f; | 701 ad.data[0] ^= mask[0] & 0x0f; |
| 701 *pnp ^= mask[1]; | 702 |
| 703 for (i = 0; i < pkt->num_len; i++) { | |
| 704 pnp[i] ^= mask[i + 1]; | |
| 705 } | |
| 702 | 706 |
| 703 res->len = ad.len + out.len; | 707 res->len = ad.len + out.len; |
| 704 | 708 |
| 705 return NGX_OK; | 709 return NGX_OK; |
| 706 } | 710 } |
| 710 ngx_quic_create_short_packet(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, | 714 ngx_quic_create_short_packet(ngx_quic_header_t *pkt, ngx_ssl_conn_t *ssl_conn, |
| 711 ngx_str_t *res) | 715 ngx_str_t *res) |
| 712 { | 716 { |
| 713 u_char *pnp, *sample; | 717 u_char *pnp, *sample; |
| 714 ngx_str_t ad, out; | 718 ngx_str_t ad, out; |
| 719 ngx_uint_t i; | |
| 715 ngx_quic_ciphers_t ciphers; | 720 ngx_quic_ciphers_t ciphers; |
| 716 u_char nonce[12], mask[16]; | 721 u_char nonce[12], mask[16]; |
| 717 | 722 |
| 718 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; | 723 out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN; |
| 719 | 724 |
| 741 return NGX_ERROR; | 746 return NGX_ERROR; |
| 742 } | 747 } |
| 743 | 748 |
| 744 ngx_quic_hexdump0(pkt->log, "out", out.data, out.len); | 749 ngx_quic_hexdump0(pkt->log, "out", out.data, out.len); |
| 745 | 750 |
| 746 sample = &out.data[3]; // pnl=0 | 751 sample = &out.data[4 - pkt->num_len]; |
| 747 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) | 752 if (ngx_quic_tls_hp(pkt->log, ciphers.hp, pkt->secret, mask, sample) |
| 748 != NGX_OK) | 753 != NGX_OK) |
| 749 { | 754 { |
| 750 return NGX_ERROR; | 755 return NGX_ERROR; |
| 751 } | 756 } |
| 752 | 757 |
| 753 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); | 758 ngx_quic_hexdump0(pkt->log, "sample", sample, 16); |
| 754 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); | 759 ngx_quic_hexdump0(pkt->log, "mask", mask, 16); |
| 755 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); | 760 ngx_quic_hexdump0(pkt->log, "hp_key", pkt->secret->hp.data, 16); |
| 756 | 761 |
| 757 // header protection, pnl = 0 | 762 /* quic-tls: 5.4.1. Header Protection Application */ |
| 758 ad.data[0] ^= mask[0] & 0x1f; | 763 ad.data[0] ^= mask[0] & 0x1f; |
| 759 *pnp ^= mask[1]; | 764 |
| 765 for (i = 0; i < pkt->num_len; i++) { | |
| 766 pnp[i] ^= mask[i + 1]; | |
| 767 } | |
| 760 | 768 |
| 761 res->len = ad.len + out.len; | 769 res->len = ad.len + out.len; |
| 762 | 770 |
| 763 ngx_quic_hexdump0(pkt->log, "packet", res->data, res->len); | 771 ngx_quic_hexdump0(pkt->log, "packet", res->data, res->len); |
| 764 | 772 |