[nginx] QUIC: common cipher control constants instead of GCM-related.

Roman Arutyunyan arut at nginx.com
Tue Jun 20 13:51:27 UTC 2023


details:   https://hg.nginx.org/nginx/rev/a7b850a5d98d
branches:  
changeset: 9127:a7b850a5d98d
user:      Roman Arutyunyan <arut at nginx.com>
date:      Fri Jun 09 10:23:22 2023 +0400
description:
QUIC: common cipher control constants instead of GCM-related.

The constants are used for both GCM and CHACHAPOLY.

diffstat:

 src/event/quic/ngx_event_quic_protection.c |  16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diffs (64 lines):

diff -r 29a6c0e11f75 -r a7b850a5d98d src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c	Fri Jun 09 10:25:54 2023 +0400
+++ b/src/event/quic/ngx_event_quic_protection.c	Fri Jun 09 10:23:22 2023 +0400
@@ -384,12 +384,12 @@ ngx_quic_tls_open(const ngx_quic_cipher_
         return NGX_ERROR;
     }
 
-    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL)
+    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, s->iv.len, NULL)
         == 0)
     {
         EVP_CIPHER_CTX_free(ctx);
         ngx_ssl_error(NGX_LOG_INFO, log, 0,
-                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed");
+                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_SET_IVLEN) failed");
         return NGX_ERROR;
     }
 
@@ -417,12 +417,12 @@ ngx_quic_tls_open(const ngx_quic_cipher_
     out->len = len;
     tag = in->data + in->len - NGX_QUIC_TAG_LEN;
 
-    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, NGX_QUIC_TAG_LEN, tag)
+    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, NGX_QUIC_TAG_LEN, tag)
         == 0)
     {
         EVP_CIPHER_CTX_free(ctx);
         ngx_ssl_error(NGX_LOG_INFO, log, 0,
-                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_TAG) failed");
+                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_SET_TAG) failed");
         return NGX_ERROR;
     }
 
@@ -482,12 +482,12 @@ ngx_quic_tls_seal(const ngx_quic_cipher_
         return NGX_ERROR;
     }
 
-    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, s->iv.len, NULL)
+    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, s->iv.len, NULL)
         == 0)
     {
         EVP_CIPHER_CTX_free(ctx);
         ngx_ssl_error(NGX_LOG_INFO, log, 0,
-                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_SET_IVLEN) failed");
+                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_SET_IVLEN) failed");
         return NGX_ERROR;
     }
 
@@ -519,13 +519,13 @@ ngx_quic_tls_seal(const ngx_quic_cipher_
 
     out->len += len;
 
-    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, NGX_QUIC_TAG_LEN,
+    if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, NGX_QUIC_TAG_LEN,
                             out->data + in->len)
         == 0)
     {
         EVP_CIPHER_CTX_free(ctx);
         ngx_ssl_error(NGX_LOG_INFO, log, 0,
-                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_GCM_GET_TAG) failed");
+                      "EVP_CIPHER_CTX_ctrl(EVP_CTRL_AEAD_GET_TAG) failed");
         return NGX_ERROR;
     }
 


More information about the nginx-devel mailing list