Mercurial > hg > nginx
diff src/event/quic/ngx_event_quic_protection.h @ 9025:e50f77a2d0b0 quic
QUIC: removed ngx_quic_keys_new().
The ngx_quic_keys_t structure is now exposed.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 27 Jul 2022 17:31:16 +0400 |
parents | f2925c80401c |
children | 7da4791e0264 |
line wrap: on
line diff
--- a/src/event/quic/ngx_event_quic_protection.h Wed Jul 27 17:16:40 2022 +0400 +++ b/src/event/quic/ngx_event_quic_protection.h Wed Jul 27 17:31:16 2022 +0400 @@ -16,8 +16,46 @@ #define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1) +/* RFC 5116, 5.1 and RFC 8439, 2.3 for all supported ciphers */ +#define NGX_QUIC_IV_LEN 12 -ngx_quic_keys_t *ngx_quic_keys_new(ngx_pool_t *pool); +/* largest hash used in TLS is SHA-384 */ +#define NGX_QUIC_MAX_MD_SIZE 48 + + +typedef struct { + size_t len; + u_char data[NGX_QUIC_MAX_MD_SIZE]; +} ngx_quic_md_t; + + +typedef struct { + size_t len; + u_char data[NGX_QUIC_IV_LEN]; +} ngx_quic_iv_t; + + +typedef struct { + ngx_quic_md_t secret; + ngx_quic_md_t key; + ngx_quic_iv_t iv; + ngx_quic_md_t hp; +} ngx_quic_secret_t; + + +typedef struct { + ngx_quic_secret_t client; + ngx_quic_secret_t server; +} ngx_quic_secrets_t; + + +struct ngx_quic_keys_s { + ngx_quic_secrets_t secrets[NGX_QUIC_ENCRYPTION_LAST]; + ngx_quic_secrets_t next_key; + ngx_uint_t cipher; +}; + + ngx_int_t ngx_quic_keys_set_initial_secret(ngx_quic_keys_t *keys, ngx_str_t *secret, ngx_log_t *log); ngx_int_t ngx_quic_keys_set_encryption_secret(ngx_log_t *log,