[PATCH 8 of 8] QUIC: explicitly zero out unused keying material
Roman Arutyunyan
arut at nginx.com
Thu Sep 21 13:29:30 UTC 2023
Hi,
On Thu, Sep 07, 2023 at 07:14:00PM +0400, Sergey Kandaurov wrote:
> # HG changeset patch
> # User Sergey Kandaurov <pluknet at nginx.com>
> # Date 1694099425 -14400
> # Thu Sep 07 19:10:25 2023 +0400
> # Node ID 813128cee322830435a95903993b17fb24683da7
> # Parent 8bd0104b7e6b658a1696fe7f3e2f1868ac2ae1f9
> QUIC: explicitly zero out unused keying material.
>
> diff --git a/src/event/quic/ngx_event_quic_openssl_compat.c b/src/event/quic/ngx_event_quic_openssl_compat.c
> --- a/src/event/quic/ngx_event_quic_openssl_compat.c
> +++ b/src/event/quic/ngx_event_quic_openssl_compat.c
> @@ -245,15 +245,6 @@ ngx_quic_compat_set_encryption_secret(ng
> return NGX_ERROR;
> }
>
> - if (sizeof(peer_secret->secret.data) < secret_len) {
> - ngx_log_error(NGX_LOG_ALERT, c->log, 0,
> - "unexpected secret len: %uz", secret_len);
> - return NGX_ERROR;
> - }
> -
> - peer_secret->secret.len = secret_len;
> - ngx_memcpy(peer_secret->secret.data, secret, secret_len);
> -
> peer_secret->key.len = key_len;
> peer_secret->iv.len = NGX_QUIC_IV_LEN;
>
> @@ -275,6 +266,9 @@ ngx_quic_compat_set_encryption_secret(ng
> return NGX_ERROR;
> }
>
> + ngx_explicit_memzero(secret_str.data, secret_str.len);
> + ngx_explicit_memzero(peer_secret->key.data, peer_secret->key.len);
> +
> /* register cleanup handler once */
>
> if (level == ssl_encryption_handshake) {
> diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
> --- a/src/event/quic/ngx_event_quic_protection.c
> +++ b/src/event/quic/ngx_event_quic_protection.c
> @@ -719,6 +719,8 @@ ngx_quic_keys_set_encryption_secret(ngx_
> return NGX_ERROR;
> }
>
> + ngx_explicit_memzero(peer_secret->key.data, peer_secret->key.len);
> +
> return NGX_OK;
> }
>
> @@ -749,6 +751,12 @@ ngx_quic_keys_discard(ngx_quic_keys_t *k
>
> ngx_quic_crypto_hp_cleanup(client);
> ngx_quic_crypto_hp_cleanup(server);
> +
> + ngx_explicit_memzero(client->secret.data, client->secret.len);
> + ngx_explicit_memzero(client->key.data, client->key.len);
> +
> + ngx_explicit_memzero(server->secret.data, server->secret.len);
> + ngx_explicit_memzero(server->key.data, server->key.len);
> }
>
>
> @@ -838,6 +846,14 @@ ngx_quic_keys_update(ngx_event_t *ev)
> goto failed;
> }
>
> + ngx_explicit_memzero(current->client.secret.data,
> + current->client.secret.len);
> + ngx_explicit_memzero(current->server.secret.data,
> + current->server.secret.len);
> +
> + ngx_explicit_memzero(next->client.key.data, next->client.key.len);
> + ngx_explicit_memzero(next->server.key.data, next->server.key.len);
> +
> return;
>
> failed:
> @@ -866,6 +882,12 @@ ngx_quic_keys_cleanup(void *data)
> secrets = &keys->next_key;
> ngx_quic_crypto_cleanup(&secrets->client);
> ngx_quic_crypto_cleanup(&secrets->server);
> +
> + ngx_explicit_memzero(secrets->client.secret.data,
> + secrets->client.secret.len);
> +
> + ngx_explicit_memzero(secrets->server.secret.data,
> + secrets->server.secret.len);
> }
>
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> https://mailman.nginx.org/mailman/listinfo/nginx-devel
Maybe also we need to zero out the secret in ngx_quic_compat_keylog_callback()?
Also, this patch made me think about removing key and hp from ngx_quic_secret_t.
Since we have ctx/hp_ctx now, we only need them when creating these contexts.
This will reduce the amount of sensitive data we permanently store in memory.
Attached is my effort towards making key and hp local.
--
Roman Arutyunyan
-------------- next part --------------
# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1695302414 -14400
# Thu Sep 21 17:20:14 2023 +0400
# Node ID bcc06b925738982fc6a4bae0c40c9ed7719ff86f
# Parent 5458263534926aede9253751017a3537e18d56f0
[mq]: c8-up
diff --git a/src/event/quic/ngx_event_quic_openssl_compat.c b/src/event/quic/ngx_event_quic_openssl_compat.c
--- a/src/event/quic/ngx_event_quic_openssl_compat.c
+++ b/src/event/quic/ngx_event_quic_openssl_compat.c
@@ -229,6 +229,7 @@ ngx_quic_compat_set_encryption_secret(ng
ngx_int_t key_len;
ngx_str_t secret_str;
ngx_uint_t i;
+ ngx_quic_md_t key;
ngx_quic_hkdf_t seq[2];
ngx_quic_secret_t *peer_secret;
ngx_quic_ciphers_t ciphers;
@@ -245,13 +246,14 @@ ngx_quic_compat_set_encryption_secret(ng
return NGX_ERROR;
}
- peer_secret->key.len = key_len;
+ key.len = key_len;
+
peer_secret->iv.len = NGX_QUIC_IV_LEN;
secret_str.len = secret_len;
secret_str.data = (u_char *) secret;
- ngx_quic_hkdf_set(&seq[0], "tls13 key", &peer_secret->key, &secret_str);
+ ngx_quic_hkdf_set(&seq[0], "tls13 key", &key, &secret_str);
ngx_quic_hkdf_set(&seq[1], "tls13 iv", &peer_secret->iv, &secret_str);
for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
@@ -262,12 +264,14 @@ ngx_quic_compat_set_encryption_secret(ng
ngx_quic_crypto_cleanup(peer_secret);
- if (ngx_quic_crypto_init(ciphers.c, peer_secret, 1, c->log) == NGX_ERROR) {
+ if (ngx_quic_crypto_init(ciphers.c, peer_secret, &key, 1, c->log)
+ == NGX_ERROR)
+ {
return NGX_ERROR;
}
ngx_explicit_memzero(secret_str.data, secret_str.len);
- ngx_explicit_memzero(peer_secret->key.data, peer_secret->key.len);
+ ngx_explicit_memzero(key.data, key.len);
/* register cleanup handler once */
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -30,7 +30,7 @@ static ngx_int_t ngx_quic_crypto_open(ng
u_char *nonce, ngx_str_t *in, ngx_str_t *ad, ngx_log_t *log);
static ngx_int_t ngx_quic_crypto_hp_init(const EVP_CIPHER *cipher,
- ngx_quic_secret_t *s, ngx_log_t *log);
+ ngx_quic_secret_t *s, ngx_quic_md_t *hp, ngx_log_t *log);
static ngx_int_t ngx_quic_crypto_hp(ngx_quic_secret_t *s,
u_char *out, u_char *in, ngx_log_t *log);
static void ngx_quic_crypto_hp_cleanup(ngx_quic_secret_t *s);
@@ -116,6 +116,8 @@ ngx_quic_keys_set_initial_secret(ngx_qui
ngx_str_t iss;
ngx_uint_t i;
const EVP_MD *digest;
+ ngx_quic_md_t client_key, server_key;
+ ngx_quic_md_t client_hp, server_hp;
ngx_quic_hkdf_t seq[8];
ngx_quic_secret_t *client, *server;
ngx_quic_ciphers_t ciphers;
@@ -159,24 +161,24 @@ ngx_quic_keys_set_initial_secret(ngx_qui
client->secret.len = SHA256_DIGEST_LENGTH;
server->secret.len = SHA256_DIGEST_LENGTH;
- client->key.len = NGX_QUIC_AES_128_KEY_LEN;
- server->key.len = NGX_QUIC_AES_128_KEY_LEN;
+ client_key.len = NGX_QUIC_AES_128_KEY_LEN;
+ server_key.len = NGX_QUIC_AES_128_KEY_LEN;
- client->hp.len = NGX_QUIC_AES_128_KEY_LEN;
- server->hp.len = NGX_QUIC_AES_128_KEY_LEN;
+ client_hp.len = NGX_QUIC_AES_128_KEY_LEN;
+ server_hp.len = NGX_QUIC_AES_128_KEY_LEN;
client->iv.len = NGX_QUIC_IV_LEN;
server->iv.len = NGX_QUIC_IV_LEN;
/* labels per RFC 9001, 5.1. Packet Protection Keys */
ngx_quic_hkdf_set(&seq[0], "tls13 client in", &client->secret, &iss);
- ngx_quic_hkdf_set(&seq[1], "tls13 quic key", &client->key, &client->secret);
+ ngx_quic_hkdf_set(&seq[1], "tls13 quic key", &client_key, &client->secret);
ngx_quic_hkdf_set(&seq[2], "tls13 quic iv", &client->iv, &client->secret);
- ngx_quic_hkdf_set(&seq[3], "tls13 quic hp", &client->hp, &client->secret);
+ ngx_quic_hkdf_set(&seq[3], "tls13 quic hp", &client_hp, &client->secret);
ngx_quic_hkdf_set(&seq[4], "tls13 server in", &server->secret, &iss);
- ngx_quic_hkdf_set(&seq[5], "tls13 quic key", &server->key, &server->secret);
+ ngx_quic_hkdf_set(&seq[5], "tls13 quic key", &server_key, &server->secret);
ngx_quic_hkdf_set(&seq[6], "tls13 quic iv", &server->iv, &server->secret);
- ngx_quic_hkdf_set(&seq[7], "tls13 quic hp", &server->hp, &server->secret);
+ ngx_quic_hkdf_set(&seq[7], "tls13 quic hp", &server_hp, &server->secret);
for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
if (ngx_quic_hkdf_expand(&seq[i], digest, log) != NGX_OK) {
@@ -188,20 +190,28 @@ ngx_quic_keys_set_initial_secret(ngx_qui
return NGX_ERROR;
}
- if (ngx_quic_crypto_init(ciphers.c, client, 0, log) == NGX_ERROR) {
+ if (ngx_quic_crypto_init(ciphers.c, client, &client_key, 0, log)
+ == NGX_ERROR)
+ {
return NGX_ERROR;
}
- if (ngx_quic_crypto_init(ciphers.c, server, 1, log) == NGX_ERROR) {
+ if (ngx_quic_crypto_init(ciphers.c, server, &server_key, 1, log)
+ == NGX_ERROR)
+ {
ngx_quic_crypto_cleanup(client);
return NGX_ERROR;
}
- if (ngx_quic_crypto_hp_init(ciphers.hp, client, log) == NGX_ERROR) {
+ if (ngx_quic_crypto_hp_init(ciphers.hp, client, &client_hp, log)
+ == NGX_ERROR)
+ {
return NGX_ERROR;
}
- if (ngx_quic_crypto_hp_init(ciphers.hp, server, log) == NGX_ERROR) {
+ if (ngx_quic_crypto_hp_init(ciphers.hp, server, &server_hp, log)
+ == NGX_ERROR)
+ {
return NGX_ERROR;
}
@@ -370,13 +380,13 @@ failed:
ngx_int_t
ngx_quic_crypto_init(const ngx_quic_cipher_t *cipher, ngx_quic_secret_t *s,
- ngx_int_t enc, ngx_log_t *log)
+ ngx_quic_md_t *key, ngx_int_t enc, ngx_log_t *log)
{
#ifdef OPENSSL_IS_BORINGSSL
EVP_AEAD_CTX *ctx;
- ctx = EVP_AEAD_CTX_new(cipher, s->key.data, s->key.len,
+ ctx = EVP_AEAD_CTX_new(cipher, key->data, key->len,
EVP_AEAD_DEFAULT_TAG_LENGTH);
if (ctx == NULL) {
ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_new() failed");
@@ -408,7 +418,7 @@ ngx_quic_crypto_init(const ngx_quic_ciph
return NGX_ERROR;
}
- if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, s->iv.len, NULL)
+ if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, NGX_QUIC_IV_LEN, NULL)
== 0)
{
EVP_CIPHER_CTX_free(ctx);
@@ -417,7 +427,7 @@ ngx_quic_crypto_init(const ngx_quic_ciph
return NGX_ERROR;
}
- if (EVP_CipherInit_ex(ctx, NULL, NULL, s->key.data, NULL, enc) != 1) {
+ if (EVP_CipherInit_ex(ctx, NULL, NULL, key->data, NULL, enc) != 1) {
EVP_CIPHER_CTX_free(ctx);
ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_CipherInit_ex() failed");
return NGX_ERROR;
@@ -438,8 +448,8 @@ ngx_quic_crypto_open(ngx_quic_secret_t *
ctx = s->ctx;
#ifdef OPENSSL_IS_BORINGSSL
- if (EVP_AEAD_CTX_open(ctx, out->data, &out->len, out->len, nonce, s->iv.len,
- in->data, in->len, ad->data, ad->len)
+ if (EVP_AEAD_CTX_open(ctx, out->data, &out->len, out->len, nonce,
+ NGX_QUIC_IV_LEN, in->data, in->len, ad->data, ad->len)
!= 1)
{
ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_open() failed");
@@ -504,8 +514,8 @@ ngx_quic_crypto_seal(ngx_quic_secret_t *
ctx = s->ctx;
#ifdef OPENSSL_IS_BORINGSSL
- if (EVP_AEAD_CTX_seal(ctx, out->data, &out->len, out->len, nonce, s->iv.len,
- in->data, in->len, ad->data, ad->len)
+ if (EVP_AEAD_CTX_seal(ctx, out->data, &out->len, out->len, nonce,
+ NGX_QUIC_IV_LEN, in->data, in->len, ad->data, ad->len)
!= 1)
{
ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_AEAD_CTX_seal() failed");
@@ -577,7 +587,7 @@ ngx_quic_crypto_cleanup(ngx_quic_secret_
static ngx_int_t
ngx_quic_crypto_hp_init(const EVP_CIPHER *cipher, ngx_quic_secret_t *s,
- ngx_log_t *log)
+ ngx_quic_md_t *hp, ngx_log_t *log)
{
EVP_CIPHER_CTX *ctx;
@@ -595,7 +605,7 @@ ngx_quic_crypto_hp_init(const EVP_CIPHER
return NGX_ERROR;
}
- if (EVP_EncryptInit_ex(ctx, cipher, NULL, s->hp.data, NULL) != 1) {
+ if (EVP_EncryptInit_ex(ctx, cipher, NULL, hp->data, NULL) != 1) {
EVP_CIPHER_CTX_free(ctx);
ngx_ssl_error(NGX_LOG_INFO, log, 0, "EVP_EncryptInit_ex() failed");
return NGX_ERROR;
@@ -669,6 +679,7 @@ ngx_quic_keys_set_encryption_secret(ngx_
ngx_int_t key_len;
ngx_str_t secret_str;
ngx_uint_t i;
+ ngx_quic_md_t key, hp;
ngx_quic_hkdf_t seq[3];
ngx_quic_secret_t *peer_secret;
ngx_quic_ciphers_t ciphers;
@@ -693,18 +704,17 @@ ngx_quic_keys_set_encryption_secret(ngx_
peer_secret->secret.len = secret_len;
ngx_memcpy(peer_secret->secret.data, secret, secret_len);
+ peer_secret->iv.len = NGX_QUIC_IV_LEN;
- peer_secret->key.len = key_len;
- peer_secret->iv.len = NGX_QUIC_IV_LEN;
- peer_secret->hp.len = key_len;
+ key.len = key_len;
+ hp.len = key_len;
secret_str.len = secret_len;
secret_str.data = (u_char *) secret;
- ngx_quic_hkdf_set(&seq[0], "tls13 quic key",
- &peer_secret->key, &secret_str);
+ ngx_quic_hkdf_set(&seq[0], "tls13 quic key", &key, &secret_str);
ngx_quic_hkdf_set(&seq[1], "tls13 quic iv", &peer_secret->iv, &secret_str);
- ngx_quic_hkdf_set(&seq[2], "tls13 quic hp", &peer_secret->hp, &secret_str);
+ ngx_quic_hkdf_set(&seq[2], "tls13 quic hp", &hp, &secret_str);
for (i = 0; i < (sizeof(seq) / sizeof(seq[0])); i++) {
if (ngx_quic_hkdf_expand(&seq[i], ciphers.d, log) != NGX_OK) {
@@ -712,17 +722,19 @@ ngx_quic_keys_set_encryption_secret(ngx_
}
}
- if (ngx_quic_crypto_init(ciphers.c, peer_secret, is_write, log)
+ if (ngx_quic_crypto_init(ciphers.c, peer_secret, &key, is_write, log)
== NGX_ERROR)
{
return NGX_ERROR;
}
- if (ngx_quic_crypto_hp_init(ciphers.hp, peer_secret, log) == NGX_ERROR) {
+ if (ngx_quic_crypto_hp_init(ciphers.hp, peer_secret, &hp, log) == NGX_ERROR)
+ {
return NGX_ERROR;
}
- ngx_explicit_memzero(peer_secret->key.data, peer_secret->key.len);
+ ngx_explicit_memzero(key.data, key.len);
+ ngx_explicit_memzero(hp.data, hp.len);
return NGX_OK;
}
@@ -756,10 +768,7 @@ ngx_quic_keys_discard(ngx_quic_keys_t *k
ngx_quic_crypto_hp_cleanup(server);
ngx_explicit_memzero(client->secret.data, client->secret.len);
- ngx_explicit_memzero(client->key.data, client->key.len);
-
ngx_explicit_memzero(server->secret.data, server->secret.len);
- ngx_explicit_memzero(server->key.data, server->key.len);
}
@@ -783,7 +792,9 @@ ngx_quic_keys_switch(ngx_connection_t *c
void
ngx_quic_keys_update(ngx_event_t *ev)
{
+ ngx_int_t key_len;
ngx_uint_t i;
+ ngx_quic_md_t client_key, server_key;
ngx_quic_hkdf_t seq[6];
ngx_quic_keys_t *keys;
ngx_connection_t *c;
@@ -802,34 +813,34 @@ ngx_quic_keys_update(ngx_event_t *ev)
c->log->action = "updating keys";
- if (ngx_quic_ciphers(keys->cipher, &ciphers, ssl_encryption_application)
- == NGX_ERROR)
- {
+ key_len = ngx_quic_ciphers(keys->cipher, &ciphers,
+ ssl_encryption_application);
+
+ if (key_len == NGX_ERROR) {
goto failed;
}
+ client_key.len = key_len;
+ server_key.len = key_len;
+
next->client.secret.len = current->client.secret.len;
- next->client.key.len = current->client.key.len;
next->client.iv.len = NGX_QUIC_IV_LEN;
- next->client.hp = current->client.hp;
next->client.hp_ctx = current->client.hp_ctx;
next->server.secret.len = current->server.secret.len;
- next->server.key.len = current->server.key.len;
next->server.iv.len = NGX_QUIC_IV_LEN;
- next->server.hp = current->server.hp;
next->server.hp_ctx = current->server.hp_ctx;
ngx_quic_hkdf_set(&seq[0], "tls13 quic ku",
&next->client.secret, ¤t->client.secret);
ngx_quic_hkdf_set(&seq[1], "tls13 quic key",
- &next->client.key, &next->client.secret);
+ &client_key, &next->client.secret);
ngx_quic_hkdf_set(&seq[2], "tls13 quic iv",
&next->client.iv, &next->client.secret);
ngx_quic_hkdf_set(&seq[3], "tls13 quic ku",
&next->server.secret, ¤t->server.secret);
ngx_quic_hkdf_set(&seq[4], "tls13 quic key",
- &next->server.key, &next->server.secret);
+ &server_key, &next->server.secret);
ngx_quic_hkdf_set(&seq[5], "tls13 quic iv",
&next->server.iv, &next->server.secret);
@@ -839,12 +850,14 @@ ngx_quic_keys_update(ngx_event_t *ev)
}
}
- if (ngx_quic_crypto_init(ciphers.c, &next->client, 0, c->log) == NGX_ERROR)
+ if (ngx_quic_crypto_init(ciphers.c, &next->client, &client_key, 0, c->log)
+ == NGX_ERROR)
{
goto failed;
}
- if (ngx_quic_crypto_init(ciphers.c, &next->server, 1, c->log) == NGX_ERROR)
+ if (ngx_quic_crypto_init(ciphers.c, &next->server, &server_key, 1, c->log)
+ == NGX_ERROR)
{
goto failed;
}
@@ -854,8 +867,8 @@ ngx_quic_keys_update(ngx_event_t *ev)
ngx_explicit_memzero(current->server.secret.data,
current->server.secret.len);
- ngx_explicit_memzero(next->client.key.data, next->client.key.len);
- ngx_explicit_memzero(next->server.key.data, next->server.key.len);
+ ngx_explicit_memzero(client_key.data, client_key.len);
+ ngx_explicit_memzero(server_key.data, server_key.len);
return;
@@ -950,11 +963,12 @@ ngx_quic_create_retry_packet(ngx_quic_he
{
u_char *start;
ngx_str_t ad, itag;
+ ngx_quic_md_t key;
ngx_quic_secret_t secret;
ngx_quic_ciphers_t ciphers;
/* 5.8. Retry Packet Integrity */
- static u_char key[16] =
+ static u_char key_str[16] =
"\xbe\x0c\x69\x0b\x9f\x66\x57\x5a\x1d\x76\x6b\x54\xe3\x68\xc8\x4e";
static u_char nonce[NGX_QUIC_IV_LEN] =
"\x46\x15\x99\xd3\x5d\x63\x2b\xf2\x23\x98\x25\xbb";
@@ -975,11 +989,13 @@ ngx_quic_create_retry_packet(ngx_quic_he
return NGX_ERROR;
}
- secret.key.len = sizeof(key);
- ngx_memcpy(secret.key.data, key, sizeof(key));
+ key.len = sizeof(key_str);
+ ngx_memcpy(key.data, key_str, sizeof(key_str));
secret.iv.len = NGX_QUIC_IV_LEN;
- if (ngx_quic_crypto_init(ciphers.c, &secret, 1, pkt->log) == NGX_ERROR) {
+ if (ngx_quic_crypto_init(ciphers.c, &secret, &key, 1, pkt->log)
+ == NGX_ERROR)
+ {
return NGX_ERROR;
}
diff --git a/src/event/quic/ngx_event_quic_protection.h b/src/event/quic/ngx_event_quic_protection.h
--- a/src/event/quic/ngx_event_quic_protection.h
+++ b/src/event/quic/ngx_event_quic_protection.h
@@ -47,9 +47,7 @@ typedef struct {
typedef struct {
ngx_quic_md_t secret;
- ngx_quic_md_t key;
ngx_quic_iv_t iv;
- ngx_quic_md_t hp;
ngx_quic_crypto_ctx_t *ctx;
EVP_CIPHER_CTX *hp_ctx;
} ngx_quic_secret_t;
@@ -111,7 +109,7 @@ void ngx_quic_compute_nonce(u_char *nonc
ngx_int_t ngx_quic_ciphers(ngx_uint_t id, ngx_quic_ciphers_t *ciphers,
enum ssl_encryption_level_t level);
ngx_int_t ngx_quic_crypto_init(const ngx_quic_cipher_t *cipher,
- ngx_quic_secret_t *s, ngx_int_t enc, ngx_log_t *log);
+ ngx_quic_secret_t *s, ngx_quic_md_t *key, ngx_int_t enc, ngx_log_t *log);
ngx_int_t ngx_quic_crypto_seal(ngx_quic_secret_t *s, ngx_str_t *out,
u_char *nonce, ngx_str_t *in, ngx_str_t *ad, ngx_log_t *log);
void ngx_quic_crypto_cleanup(ngx_quic_secret_t *s);
More information about the nginx-devel
mailing list