diff options
author | Tatsuhiro Tsujikawa <tatsuhiro.t@gmail.com> | 2021-08-10 21:44:51 +0900 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-08-10 23:17:28 +0200 |
commit | 2bfa57bff184437028025933d26fecb215355173 (patch) | |
tree | d2ce0cffaa1329951d7c7addb8f707255863d49a | |
parent | 09cea3fbef654fc72fd4a65ee17ac534d88b22bd (diff) | |
download | curl-2bfa57bff184437028025933d26fecb215355173.tar.gz |
ngtcp2: utilize crypto API functions to simplify
Closes #7551
-rw-r--r-- | lib/vquic/ngtcp2.c | 68 |
1 files changed, 11 insertions, 57 deletions
diff --git a/lib/vquic/ngtcp2.c b/lib/vquic/ngtcp2.c index 3374e9eeb..f9d3a98c0 100644 --- a/lib/vquic/ngtcp2.c +++ b/lib/vquic/ngtcp2.c @@ -28,6 +28,9 @@ #include <nghttp3/nghttp3.h> #ifdef USE_OPENSSL #include <openssl/err.h> +#include <ngtcp2/ngtcp2_crypto_openssl.h> +#elif defined(USE_GNUTLS) +#include <ngtcp2/ngtcp2_crypto_gnutls.h> #endif #include "urldata.h" #include "sendf.h" @@ -117,42 +120,6 @@ static void quic_printf(void *user_data, const char *fmt, ...) } #endif -#ifdef USE_OPENSSL -static ngtcp2_crypto_level -quic_from_ossl_level(OSSL_ENCRYPTION_LEVEL ossl_level) -{ - switch(ossl_level) { - case ssl_encryption_initial: - return NGTCP2_CRYPTO_LEVEL_INITIAL; - case ssl_encryption_early_data: - return NGTCP2_CRYPTO_LEVEL_EARLY; - case ssl_encryption_handshake: - return NGTCP2_CRYPTO_LEVEL_HANDSHAKE; - case ssl_encryption_application: - return NGTCP2_CRYPTO_LEVEL_APPLICATION; - default: - assert(0); - } -} -#elif defined(USE_GNUTLS) -static ngtcp2_crypto_level -quic_from_gtls_level(gnutls_record_encryption_level_t gtls_level) -{ - switch(gtls_level) { - case GNUTLS_ENCRYPTION_LEVEL_INITIAL: - return NGTCP2_CRYPTO_LEVEL_INITIAL; - case GNUTLS_ENCRYPTION_LEVEL_EARLY: - return NGTCP2_CRYPTO_LEVEL_EARLY; - case GNUTLS_ENCRYPTION_LEVEL_HANDSHAKE: - return NGTCP2_CRYPTO_LEVEL_HANDSHAKE; - case GNUTLS_ENCRYPTION_LEVEL_APPLICATION: - return NGTCP2_CRYPTO_LEVEL_APPLICATION; - default: - assert(0); - } -} -#endif - static void qlog_callback(void *user_data, uint32_t flags, const void *data, size_t datalen) { @@ -260,7 +227,7 @@ static int quic_set_encryption_secrets(SSL *ssl, size_t secretlen) { struct quicsocket *qs = (struct quicsocket *)SSL_get_app_data(ssl); - int level = quic_from_ossl_level(ossl_level); + int level = ngtcp2_crypto_openssl_from_ossl_encryption_level(ossl_level); if(ngtcp2_crypto_derive_and_install_rx_key( qs->qconn, NULL, NULL, NULL, level, rx_secret, secretlen) != 0) @@ -282,7 +249,8 @@ static int quic_add_handshake_data(SSL *ssl, OSSL_ENCRYPTION_LEVEL ossl_level, const uint8_t *data, size_t len) { struct quicsocket *qs = (struct quicsocket *)SSL_get_app_data(ssl); - ngtcp2_crypto_level level = quic_from_ossl_level(ossl_level); + ngtcp2_crypto_level level = + ngtcp2_crypto_openssl_from_ossl_encryption_level(ossl_level); return write_client_handshake(qs, level, data, len); } @@ -370,7 +338,8 @@ static int secret_func(gnutls_session_t ssl, const void *tx_secret, size_t secretlen) { struct quicsocket *qs = gnutls_session_get_ptr(ssl); - int level = quic_from_gtls_level(gtls_level); + int level = + ngtcp2_crypto_gnutls_from_gnutls_record_encryption_level(gtls_level); if(level != NGTCP2_CRYPTO_LEVEL_EARLY && ngtcp2_crypto_derive_and_install_rx_key( @@ -395,7 +364,8 @@ static int read_func(gnutls_session_t ssl, size_t len) { struct quicsocket *qs = gnutls_session_get_ptr(ssl); - ngtcp2_crypto_level level = quic_from_gtls_level(gtls_level); + ngtcp2_crypto_level level = + ngtcp2_crypto_gnutls_from_gnutls_record_encryption_level(gtls_level); int rv; if(htype == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC) @@ -543,22 +513,6 @@ static int quic_init_ssl(struct quicsocket *qs) } #endif -static int -cb_recv_crypto_data(ngtcp2_conn *tconn, ngtcp2_crypto_level crypto_level, - uint64_t offset, - const uint8_t *data, size_t datalen, - void *user_data) -{ - (void)offset; - (void)user_data; - - if(ngtcp2_crypto_read_write_crypto_data(tconn, crypto_level, data, - datalen) != 0) - return NGTCP2_ERR_CRYPTO; - - return 0; -} - static int cb_handshake_completed(ngtcp2_conn *tconn, void *user_data) { (void)user_data; @@ -731,7 +685,7 @@ static int cb_get_new_connection_id(ngtcp2_conn *tconn, ngtcp2_cid *cid, static ngtcp2_callbacks ng_callbacks = { ngtcp2_crypto_client_initial_cb, NULL, /* recv_client_initial */ - cb_recv_crypto_data, + ngtcp2_crypto_recv_crypto_data_cb, cb_handshake_completed, NULL, /* recv_version_negotiation */ ngtcp2_crypto_encrypt_cb, |