diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 08:52:22 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 08:52:22 +0000 |
| commit | 6a7eecec57783a042d12f895d5ae148c44f4d074 (patch) | |
| tree | 77a2c3c5612655f1dd15e9a2ddf14e13bab90b1f /src/shrpx_quic.cc | |
| parent | Releasing progress-linux version 1.59.0-1~progress7.99u1. (diff) | |
| download | nghttp2-6a7eecec57783a042d12f895d5ae148c44f4d074.tar.xz nghttp2-6a7eecec57783a042d12f895d5ae148c44f4d074.zip | |
Merging upstream version 1.60.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/shrpx_quic.cc')
| -rw-r--r-- | src/shrpx_quic.cc | 34 |
1 files changed, 8 insertions, 26 deletions
diff --git a/src/shrpx_quic.cc b/src/shrpx_quic.cc index 2d4de59..a6d4dfa 100644 --- a/src/shrpx_quic.cc +++ b/src/shrpx_quic.cc @@ -175,7 +175,7 @@ int quic_send_packet(const UpstreamAddr *faddr, const sockaddr *remote_sa, int generate_quic_retry_connection_id(ngtcp2_cid &cid, size_t cidlen, const uint8_t *server_id, uint8_t km_id, - const uint8_t *key) { + EVP_CIPHER_CTX *ctx) { assert(cidlen == SHRPX_QUIC_SCIDLEN); if (RAND_bytes(cid.data, cidlen) != 1) { @@ -190,12 +190,12 @@ int generate_quic_retry_connection_id(ngtcp2_cid &cid, size_t cidlen, std::copy_n(server_id, SHRPX_QUIC_SERVER_IDLEN, p); - return encrypt_quic_connection_id(p, p, key); + return encrypt_quic_connection_id(p, p, ctx); } int generate_quic_connection_id(ngtcp2_cid &cid, size_t cidlen, const uint8_t *cid_prefix, uint8_t km_id, - const uint8_t *key) { + EVP_CIPHER_CTX *ctx) { assert(cidlen == SHRPX_QUIC_SCIDLEN); if (RAND_bytes(cid.data, cidlen) != 1) { @@ -210,20 +210,11 @@ int generate_quic_connection_id(ngtcp2_cid &cid, size_t cidlen, std::copy_n(cid_prefix, SHRPX_QUIC_CID_PREFIXLEN, p); - return encrypt_quic_connection_id(p, p, key); + return encrypt_quic_connection_id(p, p, ctx); } int encrypt_quic_connection_id(uint8_t *dest, const uint8_t *src, - const uint8_t *key) { - auto ctx = EVP_CIPHER_CTX_new(); - auto d = defer(EVP_CIPHER_CTX_free, ctx); - - if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), nullptr, key, nullptr)) { - return -1; - } - - EVP_CIPHER_CTX_set_padding(ctx, 0); - + EVP_CIPHER_CTX *ctx) { int len; if (!EVP_EncryptUpdate(ctx, dest, &len, src, SHRPX_QUIC_DECRYPTED_DCIDLEN) || @@ -235,20 +226,11 @@ int encrypt_quic_connection_id(uint8_t *dest, const uint8_t *src, } int decrypt_quic_connection_id(uint8_t *dest, const uint8_t *src, - const uint8_t *key) { - auto ctx = EVP_CIPHER_CTX_new(); - auto d = defer(EVP_CIPHER_CTX_free, ctx); - - if (!EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), nullptr, key, nullptr)) { - return -1; - } - - EVP_CIPHER_CTX_set_padding(ctx, 0); - + EVP_CIPHER_CTX *ctx) { int len; - if (!EVP_DecryptUpdate(ctx, dest, &len, src, SHRPX_QUIC_DECRYPTED_DCIDLEN) || - !EVP_DecryptFinal_ex(ctx, dest + len, &len)) { + if (!EVP_EncryptUpdate(ctx, dest, &len, src, SHRPX_QUIC_DECRYPTED_DCIDLEN) || + !EVP_EncryptFinal_ex(ctx, dest + len, &len)) { return -1; } |