mirror of
https://github.com/nginx/nginx.git
synced 2024-11-23 20:19:02 +08:00
QUIC: a new constant for AEAD tag length.
Previously used constant EVP_GCM_TLS_TAG_LEN had misleading name since it was used not only with GCM, but also with CHACHAPOLY. Now a new constant NGX_QUIC_TAG_LEN introduced. Luckily all AEAD algorithms used by QUIC have the same tag length of 16.
This commit is contained in:
parent
8b28fd7f26
commit
58c11ee714
@ -445,7 +445,7 @@ SSL_provide_quic_data(SSL *ssl, enum ssl_encryption_level_t level,
|
||||
u_char in[NGX_QUIC_COMPAT_RECORD_SIZE + 1];
|
||||
u_char out[NGX_QUIC_COMPAT_RECORD_SIZE + 1
|
||||
+ SSL3_RT_HEADER_LENGTH
|
||||
+ EVP_GCM_TLS_TAG_LEN];
|
||||
+ NGX_QUIC_TAG_LEN];
|
||||
|
||||
c = ngx_ssl_get_connection(ssl);
|
||||
|
||||
@ -528,7 +528,7 @@ ngx_quic_compat_create_header(ngx_quic_compat_record_t *rec, u_char *out,
|
||||
|
||||
} else {
|
||||
type = SSL3_RT_APPLICATION_DATA;
|
||||
len += EVP_GCM_TLS_TAG_LEN;
|
||||
len += NGX_QUIC_TAG_LEN;
|
||||
}
|
||||
|
||||
out[0] = type;
|
||||
@ -552,7 +552,7 @@ ngx_quic_compat_create_record(ngx_quic_compat_record_t *rec, ngx_str_t *res)
|
||||
ad.data = res->data;
|
||||
ad.len = ngx_quic_compat_create_header(rec, ad.data, 0);
|
||||
|
||||
out.len = rec->payload.len + EVP_GCM_TLS_TAG_LEN;
|
||||
out.len = rec->payload.len + NGX_QUIC_TAG_LEN;
|
||||
out.data = res->data + ad.len;
|
||||
|
||||
#ifdef NGX_QUIC_DEBUG_CRYPTO
|
||||
|
@ -406,7 +406,7 @@ ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
|
||||
}
|
||||
|
||||
if (EVP_DecryptUpdate(ctx, out->data, &len, in->data,
|
||||
in->len - EVP_GCM_TLS_TAG_LEN)
|
||||
in->len - NGX_QUIC_TAG_LEN)
|
||||
!= 1)
|
||||
{
|
||||
EVP_CIPHER_CTX_free(ctx);
|
||||
@ -415,9 +415,9 @@ ngx_quic_tls_open(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
|
||||
}
|
||||
|
||||
out->len = len;
|
||||
tag = in->data + in->len - EVP_GCM_TLS_TAG_LEN;
|
||||
tag = in->data + in->len - NGX_QUIC_TAG_LEN;
|
||||
|
||||
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, EVP_GCM_TLS_TAG_LEN, tag)
|
||||
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, NGX_QUIC_TAG_LEN, tag)
|
||||
== 0)
|
||||
{
|
||||
EVP_CIPHER_CTX_free(ctx);
|
||||
@ -519,7 +519,7 @@ ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
|
||||
|
||||
out->len += len;
|
||||
|
||||
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, EVP_GCM_TLS_TAG_LEN,
|
||||
if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, NGX_QUIC_TAG_LEN,
|
||||
out->data + in->len)
|
||||
== 0)
|
||||
{
|
||||
@ -531,7 +531,7 @@ ngx_quic_tls_seal(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
|
||||
|
||||
EVP_CIPHER_CTX_free(ctx);
|
||||
|
||||
out->len += EVP_GCM_TLS_TAG_LEN;
|
||||
out->len += NGX_QUIC_TAG_LEN;
|
||||
#endif
|
||||
return NGX_OK;
|
||||
}
|
||||
@ -738,7 +738,7 @@ ngx_quic_create_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
|
||||
ad.data = res->data;
|
||||
ad.len = ngx_quic_create_header(pkt, ad.data, &pnp);
|
||||
|
||||
out.len = pkt->payload.len + EVP_GCM_TLS_TAG_LEN;
|
||||
out.len = pkt->payload.len + NGX_QUIC_TAG_LEN;
|
||||
out.data = res->data + ad.len;
|
||||
|
||||
#ifdef NGX_QUIC_DEBUG_CRYPTO
|
||||
@ -802,7 +802,7 @@ ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
|
||||
ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start);
|
||||
|
||||
itag.data = ad.data + ad.len;
|
||||
itag.len = EVP_GCM_TLS_TAG_LEN;
|
||||
itag.len = NGX_QUIC_TAG_LEN;
|
||||
|
||||
#ifdef NGX_QUIC_DEBUG_CRYPTO
|
||||
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pkt->log, 0,
|
||||
@ -979,7 +979,7 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
|
||||
* AES and ChaCha20 algorithms sample 16 bytes
|
||||
*/
|
||||
|
||||
if (len < EVP_GCM_TLS_TAG_LEN + 4) {
|
||||
if (len < NGX_QUIC_TAG_LEN + 4) {
|
||||
return NGX_DECLINED;
|
||||
}
|
||||
|
||||
@ -1039,7 +1039,7 @@ ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
|
||||
"quic ad len:%uz %xV", ad.len, &ad);
|
||||
#endif
|
||||
|
||||
pkt->payload.len = in.len - EVP_GCM_TLS_TAG_LEN;
|
||||
pkt->payload.len = in.len - NGX_QUIC_TAG_LEN;
|
||||
pkt->payload.data = pkt->plaintext + ad.len;
|
||||
|
||||
rc = ngx_quic_tls_open(ciphers.c, secret, &pkt->payload,
|
||||
|
@ -16,8 +16,9 @@
|
||||
|
||||
#define NGX_QUIC_ENCRYPTION_LAST ((ssl_encryption_application) + 1)
|
||||
|
||||
/* RFC 5116, 5.1 and RFC 8439, 2.3 for all supported ciphers */
|
||||
/* RFC 5116, 5.1 and RFC 8439, 2.3/2.5 for all supported ciphers */
|
||||
#define NGX_QUIC_IV_LEN 12
|
||||
#define NGX_QUIC_TAG_LEN 16
|
||||
|
||||
/* largest hash used in TLS is SHA-384 */
|
||||
#define NGX_QUIC_MAX_MD_SIZE 48
|
||||
|
@ -578,7 +578,7 @@ ngx_quic_payload_size(ngx_quic_header_t *pkt, size_t pkt_len)
|
||||
|
||||
if (ngx_quic_short_pkt(pkt->flags)) {
|
||||
|
||||
len = 1 + pkt->dcid.len + pkt->num_len + EVP_GCM_TLS_TAG_LEN;
|
||||
len = 1 + pkt->dcid.len + pkt->num_len + NGX_QUIC_TAG_LEN;
|
||||
if (len > pkt_len) {
|
||||
return 0;
|
||||
}
|
||||
@ -596,7 +596,7 @@ ngx_quic_payload_size(ngx_quic_header_t *pkt, size_t pkt_len)
|
||||
|
||||
/* (pkt_len - len) is 'remainder' packet length (see RFC 9000, 17.2) */
|
||||
len += ngx_quic_varint_len(pkt_len - len)
|
||||
+ pkt->num_len + EVP_GCM_TLS_TAG_LEN;
|
||||
+ pkt->num_len + NGX_QUIC_TAG_LEN;
|
||||
|
||||
if (len > pkt_len) {
|
||||
return 0;
|
||||
@ -622,7 +622,7 @@ ngx_quic_create_long_header(ngx_quic_header_t *pkt, u_char *out,
|
||||
size_t rem_len;
|
||||
u_char *p, *start;
|
||||
|
||||
rem_len = pkt->num_len + pkt->payload.len + EVP_GCM_TLS_TAG_LEN;
|
||||
rem_len = pkt->num_len + pkt->payload.len + NGX_QUIC_TAG_LEN;
|
||||
|
||||
if (out == NULL) {
|
||||
return 5 + 2 + pkt->dcid.len + pkt->scid.len
|
||||
|
Loading…
Reference in New Issue
Block a user