Welcome! Log In Create A New Profile

Advanced

[PATCH 08 of 11] QUIC: cleaned up now unused ngx_quic_ciphers() calls

Sergey Kandaurov
October 18, 2023 11:30AM
# HG changeset patch
# User Sergey Kandaurov <pluknet@nginx.com>
# Date 1697642587 -14400
# Wed Oct 18 19:23:07 2023 +0400
# Node ID 4cab026f67a8873c61983d56e46502ce42830bff
# Parent 72e780dcbd73aa331847f86b4115a9d33378c8ef
QUIC: cleaned up now unused ngx_quic_ciphers() calls.

diff --git a/src/event/quic/ngx_event_quic_openssl_compat.c b/src/event/quic/ngx_event_quic_openssl_compat.c
--- a/src/event/quic/ngx_event_quic_openssl_compat.c
+++ b/src/event/quic/ngx_event_quic_openssl_compat.c
@@ -582,10 +582,9 @@ ngx_quic_compat_create_header(ngx_quic_c
static ngx_int_t
ngx_quic_compat_create_record(ngx_quic_compat_record_t *rec, ngx_str_t *res)
{
- ngx_str_t ad, out;
- ngx_quic_secret_t *secret;
- ngx_quic_ciphers_t ciphers;
- u_char nonce[NGX_QUIC_IV_LEN];
+ ngx_str_t ad, out;
+ ngx_quic_secret_t *secret;
+ u_char nonce[NGX_QUIC_IV_LEN];

ad.data = res->data;
ad.len = ngx_quic_compat_create_header(rec, ad.data, 0);
@@ -598,11 +597,6 @@ ngx_quic_compat_create_record(ngx_quic_c
"quic compat ad len:%uz %xV", ad.len, &ad);
#endif

- if (ngx_quic_ciphers(rec->keys->cipher, &ciphers, rec->level) == NGX_ERROR)
- {
- return NGX_ERROR;
- }
-
secret = &rec->keys->secret;

ngx_memcpy(nonce, secret->iv.data, secret->iv.len);
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -855,12 +855,11 @@ ngx_quic_keys_cleanup(ngx_quic_keys_t *k
static ngx_int_t
ngx_quic_create_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
{
- u_char *pnp, *sample;
- ngx_str_t ad, out;
- ngx_uint_t i;
- ngx_quic_secret_t *secret;
- ngx_quic_ciphers_t ciphers;
- u_char nonce[NGX_QUIC_IV_LEN], mask[NGX_QUIC_HP_LEN];
+ u_char *pnp, *sample;
+ ngx_str_t ad, out;
+ ngx_uint_t i;
+ ngx_quic_secret_t *secret;
+ u_char nonce[NGX_QUIC_IV_LEN], mask[NGX_QUIC_HP_LEN];

ad.data = res->data;
ad.len = ngx_quic_create_header(pkt, ad.data, &pnp);
@@ -873,11 +872,6 @@ ngx_quic_create_packet(ngx_quic_header_t
"quic ad len:%uz %xV", ad.len, &ad);
#endif

- if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR)
- {
- return NGX_ERROR;
- }
-
secret = &pkt->keys->secrets[pkt->level].server;

ngx_memcpy(nonce, secret->iv.data, secret->iv.len);
@@ -1081,20 +1075,14 @@ ngx_quic_encrypt(ngx_quic_header_t *pkt,
ngx_int_t
ngx_quic_decrypt(ngx_quic_header_t *pkt, uint64_t *largest_pn)
{
- u_char *p, *sample;
- size_t len;
- uint64_t pn, lpn;
- ngx_int_t pnl;
- ngx_str_t in, ad;
- ngx_uint_t key_phase;
- ngx_quic_secret_t *secret;
- ngx_quic_ciphers_t ciphers;
- uint8_t nonce[NGX_QUIC_IV_LEN], mask[NGX_QUIC_HP_LEN];
-
- if (ngx_quic_ciphers(pkt->keys->cipher, &ciphers, pkt->level) == NGX_ERROR)
- {
- return NGX_ERROR;
- }
+ u_char *p, *sample;
+ size_t len;
+ uint64_t pn, lpn;
+ ngx_int_t pnl;
+ ngx_str_t in, ad;
+ ngx_uint_t key_phase;
+ ngx_quic_secret_t *secret;
+ uint8_t nonce[NGX_QUIC_IV_LEN], mask[NGX_QUIC_HP_LEN];

secret = &pkt->keys->secrets[pkt->level].client;

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Subject Author Views Posted

[PATCH 0 of 8] [quic] reusing crypto contexts, and more

Sergey Kandaurov 580 September 07, 2023 11:18AM

[PATCH 1 of 8] QUIC: split keys availability checks to read and write sides

Sergey Kandaurov 128 September 07, 2023 11:18AM

Re: [PATCH 1 of 8] QUIC: split keys availability checks to read and write sides

Roman Arutyunyan 123 September 21, 2023 09:30AM

[PATCH 2 of 8] QUIC: added check to prevent packet output with discarded keys

Sergey Kandaurov 128 September 07, 2023 11:18AM

Re: [PATCH 2 of 8] QUIC: added check to prevent packet output with discarded keys

Roman Arutyunyan 130 September 18, 2023 03:10AM

Re: [PATCH 2 of 8] QUIC: added check to prevent packet output with discarded keys

Sergey Kandaurov 153 October 13, 2023 11:10AM

[PATCH 3 of 8] QUIC: prevented output of ACK frame when discarding handshake keys

Sergey Kandaurov 123 September 07, 2023 11:18AM

[PATCH 4 of 8] QUIC: renamed protection functions

Sergey Kandaurov 126 September 07, 2023 11:18AM

Re: [PATCH 4 of 8] QUIC: renamed protection functions

Roman Arutyunyan 140 September 21, 2023 09:32AM

[PATCH 5 of 8] QUIC: reusing crypto contexts for packet protection

Sergey Kandaurov 127 September 07, 2023 11:18AM

Re: [PATCH 5 of 8] QUIC: reusing crypto contexts for packet protection

Roman Arutyunyan 169 September 19, 2023 09:54AM

Re: [PATCH 5 of 8] QUIC: reusing crypto contexts for packet protection

Sergey Kandaurov 140 October 13, 2023 11:14AM

Re: [PATCH 5 of 8] QUIC: reusing crypto contexts for packet protection

Sergey Kandaurov 130 October 17, 2023 06:40AM

Re: [PATCH 5 of 8] QUIC: reusing crypto contexts for packet protection

Sergey Kandaurov 164 October 23, 2023 06:38PM

[PATCH 6 of 8] QUIC: reusing crypto contexts for header protection

Sergey Kandaurov 114 September 07, 2023 11:18AM

Re: [PATCH 6 of 8] QUIC: reusing crypto contexts for header protection

Roman Arutyunyan 136 September 20, 2023 08:14AM

Re: [PATCH 6 of 8] QUIC: reusing crypto contexts for header protection

Sergey Kandaurov 121 October 13, 2023 11:14AM

[PATCH 7 of 8] QUIC: cleaned up now unused ngx_quic_ciphers() calls

Sergey Kandaurov 123 September 07, 2023 11:18AM

Re: [PATCH 7 of 8] QUIC: cleaned up now unused ngx_quic_ciphers() calls

Roman Arutyunyan 137 September 20, 2023 08:28AM

Re: [PATCH 7 of 8] QUIC: cleaned up now unused ngx_quic_ciphers() calls

Sergey Kandaurov 132 October 13, 2023 11:16AM

[PATCH 8 of 8] QUIC: explicitly zero out unused keying material

Sergey Kandaurov 120 September 07, 2023 11:18AM

Re: [PATCH 8 of 8] QUIC: explicitly zero out unused keying material

Roman Arutyunyan 120 September 21, 2023 09:30AM

Re: [PATCH 8 of 8] QUIC: explicitly zero out unused keying material

Sergey Kandaurov 123 October 13, 2023 11:16AM

[PATCH 00 of 11] [quic] reusing crypto contexts, and more #2

Sergey Kandaurov 122 October 18, 2023 11:28AM

[PATCH 01 of 11] QUIC: split keys availability checks to read and write sides

Sergey Kandaurov 121 October 18, 2023 11:28AM

[PATCH 02 of 11] QUIC: added safety belt to prevent using discarded keys

Sergey Kandaurov 136 October 18, 2023 11:28AM

[PATCH 03 of 11] QUIC: prevented generating ACK frames with discarded keys

Sergey Kandaurov 130 October 18, 2023 11:28AM

[PATCH 04 of 11] QUIC: renamed protection functions

Sergey Kandaurov 137 October 18, 2023 11:28AM

[PATCH 05 of 11] QUIC: reusing crypto contexts for packet protection

Sergey Kandaurov 125 October 18, 2023 11:28AM

[PATCH 06 of 11] QUIC: common code for crypto open and seal operations

Sergey Kandaurov 123 October 18, 2023 11:28AM

[PATCH 07 of 11] QUIC: reusing crypto contexts for header protection

Sergey Kandaurov 126 October 18, 2023 11:30AM

[PATCH 08 of 11] QUIC: cleaned up now unused ngx_quic_ciphers() calls

Sergey Kandaurov 121 October 18, 2023 11:30AM

[PATCH 09 of 11] QUIC: simplified ngx_quic_ciphers() API

Sergey Kandaurov 112 October 18, 2023 11:30AM

[PATCH 10 of 11] QUIC: removed key field from ngx_quic_secret_t

Sergey Kandaurov 120 October 18, 2023 11:30AM

[PATCH 11 of 11] QUIC: explicitly zero out unused keying material

Sergey Kandaurov 126 October 18, 2023 11:38AM

Re: [PATCH 00 of 11] [quic] reusing crypto contexts, and more #2

Roman Arutyunyan 134 October 20, 2023 03:28AM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 168
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready