# HG changeset patch # User Sergey Kandaurov # Date 1585736862 -10800 # Node ID 2ac03e80d0138f15859be3aa35c180324763c429 # Parent 76818c9cdd6f413fe11880d28b35cb31eac3e964 TLS Early Data key derivation support. diff -r 76818c9cdd6f -r 2ac03e80d013 src/event/ngx_event_quic.c --- a/src/event/ngx_event_quic.c Wed Apr 01 13:27:42 2020 +0300 +++ b/src/event/ngx_event_quic.c Wed Apr 01 13:27:42 2020 +0300 @@ -195,7 +195,6 @@ c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn); ngx_quic_hexdump(c->log, "level:%d read", rsecret, secret_len, level); - ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); rc = ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, rsecret, secret_len, @@ -204,6 +203,12 @@ return rc; } + if (level == ssl_encryption_early_data) { + return 1; + } + + ngx_quic_hexdump(c->log, "level:%d write", wsecret, secret_len, level); + return ngx_quic_set_encryption_secret(c->pool, ssl_conn, level, wsecret, secret_len, &c->quic->secrets.server); diff -r 76818c9cdd6f -r 2ac03e80d013 src/event/ngx_event_quic_protection.c --- a/src/event/ngx_event_quic_protection.c Wed Apr 01 13:27:42 2020 +0300 +++ b/src/event/ngx_event_quic_protection.c Wed Apr 01 13:27:42 2020 +0300 @@ -620,6 +620,10 @@ switch (level) { + case ssl_encryption_early_data: + peer_secret = &qsec->ed; + break; + case ssl_encryption_handshake: peer_secret = &qsec->hs; break; diff -r 76818c9cdd6f -r 2ac03e80d013 src/event/ngx_event_quic_protection.h --- a/src/event/ngx_event_quic_protection.h Wed Apr 01 13:27:42 2020 +0300 +++ b/src/event/ngx_event_quic_protection.h Wed Apr 01 13:27:42 2020 +0300 @@ -18,6 +18,7 @@ typedef struct { ngx_quic_secret_t in; + ngx_quic_secret_t ed; ngx_quic_secret_t hs; ngx_quic_secret_t ad; } ngx_quic_peer_secrets_t;