[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 164/220: ngtcp2: sync with upstream API changes
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 164/220: ngtcp2: sync with upstream API changes |
|
Date: |
Thu, 12 Sep 2019 17:28:44 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit ff4ef390f6cd56720f1704b8d9b63fd64c9b5220
Author: Daniel Stenberg <address@hidden>
AuthorDate: Sun Aug 25 00:06:30 2019 +0200
ngtcp2: sync with upstream API changes
Assisted-by: Tatsuhiro Tsujikawa
---
lib/vquic/ngtcp2-crypto.c | 64 ++++++++++-------------------
lib/vquic/ngtcp2-crypto.h | 30 +++++++-------
lib/vquic/ngtcp2.c | 100 ++++++++++++++++++++--------------------------
3 files changed, 80 insertions(+), 114 deletions(-)
diff --git a/lib/vquic/ngtcp2-crypto.c b/lib/vquic/ngtcp2-crypto.c
index 576b04c5c..887c130cb 100644
--- a/lib/vquic/ngtcp2-crypto.c
+++ b/lib/vquic/ngtcp2-crypto.c
@@ -232,22 +232,17 @@ size_t Curl_qc_aead_max_overhead(const struct Context
*ctx)
return aead_tag_length(ctx);
}
-ssize_t Curl_qc_encrypt(uint8_t *dest, size_t destlen,
- const uint8_t *plaintext, size_t plaintextlen,
- const struct Context *ctx,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen)
+int Curl_qc_encrypt(uint8_t *dest,
+ const uint8_t *plaintext, size_t plaintextlen,
+ const struct Context *ctx,
+ const uint8_t *key,
+ const uint8_t *nonce, size_t noncelen,
+ const uint8_t *ad, size_t adlen)
{
size_t taglen = aead_tag_length(ctx);
EVP_CIPHER_CTX *actx;
- size_t outlen = 0;
+ int outlen = 0;
int len;
- (void)keylen;
-
- if(destlen < plaintextlen + taglen) {
- return -1;
- }
actx = EVP_CIPHER_CTX_new();
if(!actx)
@@ -281,40 +276,33 @@ ssize_t Curl_qc_encrypt(uint8_t *dest, size_t destlen,
if(EVP_EncryptFinal_ex(actx, dest + outlen, &len) != 1)
goto error;
- outlen += len;
- assert(outlen + taglen <= destlen);
-
if(EVP_CIPHER_CTX_ctrl(actx, EVP_CTRL_AEAD_GET_TAG,
(int)taglen, dest + outlen) != 1)
goto error;
- outlen += taglen;
-
EVP_CIPHER_CTX_free(actx);
- return outlen;
+ return 0;
error:
EVP_CIPHER_CTX_free(actx);
return -1;
}
-ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen,
- const uint8_t *ciphertext, size_t ciphertextlen,
- const struct Context *ctx,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen)
+int Curl_qc_decrypt(uint8_t *dest,
+ const uint8_t *ciphertext, size_t ciphertextlen,
+ const struct Context *ctx,
+ const uint8_t *key,
+ const uint8_t *nonce, size_t noncelen,
+ const uint8_t *ad, size_t adlen)
{
size_t taglen = aead_tag_length(ctx);
const uint8_t *tag;
EVP_CIPHER_CTX *actx;
- size_t outlen;
+ int outlen;
int len;
- (void)keylen;
- if(taglen > ciphertextlen || destlen + taglen < ciphertextlen) {
+ if(taglen > ciphertextlen)
return -1;
- }
ciphertextlen -= taglen;
tag = ciphertext + ciphertextlen;
@@ -351,7 +339,7 @@ ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen,
outlen = len;
if(ctx->aead == EVP_aes_128_ccm())
- return outlen;
+ return 0;
if(EVP_CIPHER_CTX_ctrl(actx, EVP_CTRL_AEAD_SET_TAG,
(int)taglen, (char *)tag) != 1)
@@ -360,10 +348,8 @@ ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen,
if(EVP_DecryptFinal_ex(actx, dest + outlen, &len) != 1)
goto error;
- outlen += len;
-
EVP_CIPHER_CTX_free(actx);
- return outlen;
+ return 0;
error:
EVP_CIPHER_CTX_free(actx);
return -1;
@@ -489,19 +475,13 @@ Curl_qc_derive_header_protection_key(uint8_t *dest,
size_t destlen,
return keylen;
}
-ssize_t Curl_qc_hp_mask(uint8_t *dest, size_t destlen,
- const struct Context *ctx,
- const uint8_t *key, size_t keylen,
- const uint8_t *sample, size_t samplelen)
+int Curl_qc_hp_mask(uint8_t *dest, const struct Context *ctx,
+ const uint8_t *key, const uint8_t *sample)
{
static uint8_t PLAINTEXT[] = "\x00\x00\x00\x00\x00";
EVP_CIPHER_CTX *actx;
- size_t outlen = 0;
+ int outlen = 0;
int len;
- (void)destlen; /* TODO: make use of these! */
- (void)keylen;
- (void)samplelen;
-
actx = EVP_CIPHER_CTX_new();
if(!actx)
return -1;
@@ -521,7 +501,7 @@ ssize_t Curl_qc_hp_mask(uint8_t *dest, size_t destlen,
DEBUGASSERT(len == 0);
- return outlen;
+ return 0;
error:
EVP_CIPHER_CTX_free(actx);
return -1;
diff --git a/lib/vquic/ngtcp2-crypto.h b/lib/vquic/ngtcp2-crypto.h
index f91b4e0ea..ae75517ab 100644
--- a/lib/vquic/ngtcp2-crypto.h
+++ b/lib/vquic/ngtcp2-crypto.h
@@ -44,18 +44,18 @@ size_t Curl_qc_aead_nonce_length(const struct Context *ctx);
int Curl_qc_negotiated_prf(struct Context *ctx, SSL *ssl);
int Curl_qc_negotiated_aead(struct Context *ctx, SSL *ssl);
size_t Curl_qc_aead_max_overhead(const struct Context *ctx);
-ssize_t Curl_qc_encrypt(uint8_t *dest, size_t destlen,
- const uint8_t *plaintext, size_t plaintextlen,
- const struct Context *ctx,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen);
-ssize_t Curl_qc_decrypt(uint8_t *dest, size_t destlen,
- const uint8_t *ciphertext, size_t ciphertextlen,
- const struct Context *ctx,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen);
+int Curl_qc_encrypt(uint8_t *dest,
+ const uint8_t *plaintext, size_t plaintextlen,
+ const struct Context *ctx,
+ const uint8_t *key,
+ const uint8_t *nonce, size_t noncelen,
+ const uint8_t *ad, size_t adlen);
+int Curl_qc_decrypt(uint8_t *dest,
+ const uint8_t *ciphertext, size_t ciphertextlen,
+ const struct Context *ctx,
+ const uint8_t *key,
+ const uint8_t *nonce, size_t noncelen,
+ const uint8_t *ad, size_t adlen);
ssize_t Curl_qc_encrypt_pn(uint8_t *dest, size_t destlen,
const uint8_t *plaintext, size_t plaintextlen,
const struct Context *ctx,
@@ -85,9 +85,7 @@ Curl_qc_derive_header_protection_key(uint8_t *dest, size_t
destlen,
const uint8_t *secret, size_t secretlen,
const struct Context *ctx);
-ssize_t Curl_qc_hp_mask(uint8_t *dest, size_t destlen,
- const struct Context *ctx,
- const uint8_t *key, size_t keylen,
- const uint8_t *sample, size_t samplelen);
+int Curl_qc_hp_mask(uint8_t *dest, const struct Context *ctx,
+ const uint8_t *key, const uint8_t *sample);
#endif /* USE_NGTCP2 */
#endif /* HEADER_CURL_VQUIC_NGTCP2_CRYPTO_H */
diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c
index 1cdbb7d39..6071c5906 100644
--- a/lib/vquic/ngtcp2.c
+++ b/lib/vquic/ngtcp2.c
@@ -778,19 +778,16 @@ static int cb_handshake_completed(ngtcp2_conn *tconn,
void *user_data)
return 0;
}
-static ssize_t cb_in_encrypt(ngtcp2_conn *tconn,
- uint8_t *dest, size_t destlen,
- const uint8_t *plaintext,
- size_t plaintextlen,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen,
- void *user_data)
+static int cb_in_encrypt(ngtcp2_conn *tconn, uint8_t *dest,
+ const uint8_t *plaintext, size_t plaintextlen,
+ const uint8_t *key, const uint8_t *nonce,
+ size_t noncelen, const uint8_t *ad, size_t adlen,
+ void *user_data)
{
struct quicsocket *qs = (struct quicsocket *)user_data;
- ssize_t nwrite = Curl_qc_encrypt(dest, destlen, plaintext, plaintextlen,
- &qs->hs_crypto_ctx,
- key, keylen, nonce, noncelen, ad, adlen);
+ int nwrite = Curl_qc_encrypt(dest, plaintext, plaintextlen,
+ &qs->hs_crypto_ctx,
+ key, nonce, noncelen, ad, adlen);
if(nwrite < 0) {
return NGTCP2_ERR_CALLBACK_FAILURE;
}
@@ -799,56 +796,51 @@ static ssize_t cb_in_encrypt(ngtcp2_conn *tconn,
return nwrite;
}
-static ssize_t cb_in_decrypt(ngtcp2_conn *tconn,
- uint8_t *dest, size_t destlen,
- const uint8_t *ciphertext, size_t ciphertextlen,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen,
- void *user_data)
+static int cb_in_decrypt(ngtcp2_conn *tconn, uint8_t *dest,
+ const uint8_t *ciphertext, size_t ciphertextlen,
+ const uint8_t *key, const uint8_t *nonce,
+ size_t noncelen, const uint8_t *ad, size_t adlen,
+ void *user_data)
{
struct quicsocket *qs = (struct quicsocket *)user_data;
(void)tconn;
- return Curl_qc_decrypt(dest, destlen, ciphertext, ciphertextlen,
- &qs->hs_crypto_ctx, key, keylen,
+ return Curl_qc_decrypt(dest, ciphertext, ciphertextlen,
+ &qs->hs_crypto_ctx, key,
nonce, noncelen, ad, adlen);
}
-static ssize_t cb_encrypt_data(ngtcp2_conn *tconn,
- uint8_t *dest, size_t destlen,
- const uint8_t *plaintext, size_t plaintextlen,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen,
- void *user_data)
+static int cb_encrypt_data(ngtcp2_conn *tconn,
+ uint8_t *dest,
+ const uint8_t *plaintext, size_t plaintextlen,
+ const uint8_t *key,
+ const uint8_t *nonce, size_t noncelen,
+ const uint8_t *ad, size_t adlen,
+ void *user_data)
{
struct quicsocket *qs = (struct quicsocket *)user_data;
- ssize_t rc;
+ int rc;
(void)tconn;
- rc = Curl_qc_encrypt(dest, destlen, plaintext, plaintextlen,
+ rc = Curl_qc_encrypt(dest, plaintext, plaintextlen,
&qs->crypto_ctx,
- key, keylen, nonce, noncelen, ad, adlen);
+ key, nonce, noncelen, ad, adlen);
if(rc < 0)
return NGTCP2_ERR_CALLBACK_FAILURE;
return rc;
}
-static ssize_t
-cb_decrypt_data(ngtcp2_conn *tconn,
- uint8_t *dest, size_t destlen,
- const uint8_t *ciphertext, size_t ciphertextlen,
- const uint8_t *key, size_t keylen,
- const uint8_t *nonce, size_t noncelen,
- const uint8_t *ad, size_t adlen,
- void *user_data)
+static int cb_decrypt_data(ngtcp2_conn *tconn, uint8_t *dest,
+ const uint8_t *ciphertext, size_t ciphertextlen,
+ const uint8_t *key,
+ const uint8_t *nonce, size_t noncelen,
+ const uint8_t *ad, size_t adlen,
+ void *user_data)
{
struct quicsocket *qs = (struct quicsocket *)user_data;
- ssize_t rc;
+ int rc;
(void)tconn;
- rc = Curl_qc_decrypt(dest, destlen, ciphertext, ciphertextlen,
- &qs->crypto_ctx,
- key, keylen, nonce, noncelen, ad, adlen);
+ rc = Curl_qc_decrypt(dest, ciphertext, ciphertextlen,
+ &qs->crypto_ctx, key, nonce, noncelen, ad, adlen);
if(rc < 0)
return NGTCP2_ERR_TLS_DECRYPT;
return rc;
@@ -960,34 +952,30 @@ static int cb_recv_retry(ngtcp2_conn *tconn, const
ngtcp2_pkt_hd *hd,
return 0;
}
-static ssize_t cb_in_hp_mask(ngtcp2_conn *tconn, uint8_t *dest, size_t destlen,
- const uint8_t *key, size_t keylen,
- const uint8_t *sample, size_t samplelen,
- void *user_data)
+static int cb_in_hp_mask(ngtcp2_conn *tconn, uint8_t *dest,
+ const uint8_t *key, const uint8_t *sample,
+ void *user_data)
{
struct quicsocket *qs = (struct quicsocket *)user_data;
- ssize_t nwrite;
+ int nwrite;
(void)tconn;
- nwrite = Curl_qc_hp_mask(dest, destlen, &qs->hs_crypto_ctx,
- key, keylen, sample, samplelen);
+ nwrite = Curl_qc_hp_mask(dest, &qs->hs_crypto_ctx, key, sample);
if(nwrite < 0)
return NGTCP2_ERR_CALLBACK_FAILURE;
return nwrite;
}
-static ssize_t cb_hp_mask(ngtcp2_conn *tconn, uint8_t *dest, size_t destlen,
- const uint8_t *key, size_t keylen,
- const uint8_t *sample, size_t samplelen,
- void *user_data)
+static int cb_hp_mask(ngtcp2_conn *tconn, uint8_t *dest,
+ const uint8_t *key, const uint8_t *sample,
+ void *user_data)
{
struct quicsocket *qs = (struct quicsocket *)user_data;
- ssize_t nwrite;
+ int nwrite;
(void)tconn;
- nwrite = Curl_qc_hp_mask(dest, destlen, &qs->crypto_ctx,
- key, keylen, sample, samplelen);
+ nwrite = Curl_qc_hp_mask(dest, &qs->crypto_ctx, key, sample);
if(nwrite < 0)
return NGTCP2_ERR_CALLBACK_FAILURE;
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [GNUnet-SVN] [gnurl] 129/220: ngtcp2: Consume QUIC STREAM data properly, (continued)
- [GNUnet-SVN] [gnurl] 129/220: ngtcp2: Consume QUIC STREAM data properly, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 137/220: travis: add a quiche build, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 149/220: CURLOPT_SSL_VERIFYHOST: treat the value 1 as 2, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 154/220: openssl: build warning free with boringssl, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 165/220: ngtcp2: use nghttp3_version(), gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 166/220: ngtcp2: improve h3 response receiving, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 136/220: http: fix use of credentials from URL when using HTTP proxy, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 155/220: spnego_sspi: add typecast to fix build warning, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 152/220: ngtcp2: make postfields-set posts work, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 162/220: http: the 'closed' struct field is used by both ngh2 and ngh3, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 164/220: ngtcp2: sync with upstream API changes,
gnunet <=
- [GNUnet-SVN] [gnurl] 167/220: ngtcp2: add support for SSLKEYLOGFILE, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 143/220: ssh: add a generic Curl_ssh_version function for SSH backends, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 139/220: TODO/ROADMAP: remove "refuse downgrade redirects" and HTTP/3, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 146/220: ngtcp2: use ngtcp2_version() to get the run-time version, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 156/220: cleanup: remove DOT_CHAR completely, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 171/220: vauth: return CURLE_AUTH_ERROR on gss_init_sec_context() failure, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 173/220: RELEASE-NOTES: synced, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 142/220: base64: check for SSH, not specific SSH backends, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 147/220: netrc: make the code try ".netrc" on Windows as well, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 148/220: curl: use .curlrc (with a dot) on Windows as well, gnunet, 2019/09/12