Skip to content

deps: update ngtcp2 to 1.20.0 #61511

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
nodejs-github-bot wants to merge 1 commit into
base: main
Choose a base branch
from
+368 −438
Open

deps: update ngtcp2 to 1.20.0 #61511

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion deps/ngtcp2/ngtcp2/crypto/boringssl/boringssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
#include <openssl/chacha.h>
#include <openssl/rand.h>

#include "ngtcp2_macro.h"
#include "shared.h"

typedef enum ngtcp2_crypto_boringssl_cipher_type {
Expand Down Expand Up @@ -419,7 +420,7 @@ int ngtcp2_crypto_hp_mask(uint8_t *dest, const ngtcp2_crypto_cipher *hp,
#else /* !defined(WORDS_BIGENDIAN) */
memcpy(&counter, sample, sizeof(counter));
#endif /* !defined(WORDS_BIGENDIAN) */
CRYPTO_chacha_20(dest, PLAINTEXT, sizeof(PLAINTEXT) - 1, ctx->key,
CRYPTO_chacha_20(dest, PLAINTEXT, ngtcp2_strlen_lit(PLAINTEXT), ctx->key,
sample + sizeof(counter), counter);
return 0;
default:
Expand Down
5 changes: 3 additions & 2 deletions deps/ngtcp2/ngtcp2/crypto/ossl/ossl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -845,8 +845,9 @@ int ngtcp2_crypto_hp_mask(uint8_t *dest, const ngtcp2_crypto_cipher *hp,
(void)hp;

if (!EVP_EncryptInit_ex(actx, NULL, NULL, NULL, sample) ||
!EVP_EncryptUpdate(actx, dest, &len, PLAINTEXT, sizeof(PLAINTEXT) - 1) ||
!EVP_EncryptFinal_ex(actx, dest + sizeof(PLAINTEXT) - 1, &len)) {
!EVP_EncryptUpdate(actx, dest, &len, PLAINTEXT,
ngtcp2_strlen_lit(PLAINTEXT)) ||
!EVP_EncryptFinal_ex(actx, dest + ngtcp2_strlen_lit(PLAINTEXT), &len)) {
return -1;
}

Expand Down
3 changes: 2 additions & 1 deletion deps/ngtcp2/ngtcp2/crypto/picotls/picotls.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
#include <picotls.h>
#include <picotls/openssl.h>

#include "ngtcp2_macro.h"
#include "shared.h"

ngtcp2_crypto_aead *ngtcp2_crypto_aead_aes_128_gcm(ngtcp2_crypto_aead *aead) {
Expand Down Expand Up @@ -357,7 +358,7 @@ int ngtcp2_crypto_hp_mask(uint8_t *dest, const ngtcp2_crypto_cipher *hp,
(void)hp;

ptls_cipher_init(actx, sample);
ptls_cipher_encrypt(actx, dest, PLAINTEXT, sizeof(PLAINTEXT) - 1);
ptls_cipher_encrypt(actx, dest, PLAINTEXT, ngtcp2_strlen_lit(PLAINTEXT));

return 0;
}
Expand Down
6 changes: 4 additions & 2 deletions deps/ngtcp2/ngtcp2/crypto/quictls/quictls.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
# include <openssl/core_names.h>
#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */

#include "ngtcp2_macro.h"
#include "shared.h"

#if OPENSSL_VERSION_NUMBER >= 0x30000000L
Expand Down Expand Up @@ -785,8 +786,9 @@ int ngtcp2_crypto_hp_mask(uint8_t *dest, const ngtcp2_crypto_cipher *hp,
(void)hp;

if (!EVP_EncryptInit_ex(actx, NULL, NULL, NULL, sample) ||
!EVP_EncryptUpdate(actx, dest, &len, PLAINTEXT, sizeof(PLAINTEXT) - 1) ||
!EVP_EncryptFinal_ex(actx, dest + sizeof(PLAINTEXT) - 1, &len)) {
!EVP_EncryptUpdate(actx, dest, &len, PLAINTEXT,
ngtcp2_strlen_lit(PLAINTEXT)) ||
!EVP_EncryptFinal_ex(actx, dest + ngtcp2_strlen_lit(PLAINTEXT), &len)) {
return -1;
}

Expand Down
102 changes: 52 additions & 50 deletions deps/ngtcp2/ngtcp2/crypto/shared.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,9 @@ int ngtcp2_crypto_hkdf_expand_label(uint8_t *dest, size_t destlen,

*p++ = (uint8_t)(destlen / 256);
*p++ = (uint8_t)(destlen % 256);
*p++ = (uint8_t)(sizeof(LABEL) - 1 + labellen);
memcpy(p, LABEL, sizeof(LABEL) - 1);
p += sizeof(LABEL) - 1;
*p++ = (uint8_t)(ngtcp2_strlen_lit(LABEL) + labellen);
memcpy(p, LABEL, ngtcp2_strlen_lit(LABEL));
p += ngtcp2_strlen_lit(LABEL);
memcpy(p, label, labellen);
p += labellen;
*p++ = 0;
Expand Down Expand Up @@ -88,11 +88,11 @@ int ngtcp2_crypto_derive_initial_secrets(uint8_t *rx_secret, uint8_t *tx_secret,
case NGTCP2_PROTO_VER_V1:
default:
salt = (const uint8_t *)NGTCP2_INITIAL_SALT_V1;
saltlen = sizeof(NGTCP2_INITIAL_SALT_V1) - 1;
saltlen = ngtcp2_strlen_lit(NGTCP2_INITIAL_SALT_V1);
break;
case NGTCP2_PROTO_VER_V2:
salt = (const uint8_t *)NGTCP2_INITIAL_SALT_V2;
saltlen = sizeof(NGTCP2_INITIAL_SALT_V2) - 1;
saltlen = ngtcp2_strlen_lit(NGTCP2_INITIAL_SALT_V2);
break;
}

Expand All @@ -111,10 +111,12 @@ int ngtcp2_crypto_derive_initial_secrets(uint8_t *rx_secret, uint8_t *tx_secret,

if (ngtcp2_crypto_hkdf_expand_label(
client_secret, NGTCP2_CRYPTO_INITIAL_SECRETLEN, &ctx.md, initial_secret,
NGTCP2_CRYPTO_INITIAL_SECRETLEN, CLABEL, sizeof(CLABEL) - 1) != 0 ||
NGTCP2_CRYPTO_INITIAL_SECRETLEN, CLABEL,
ngtcp2_strlen_lit(CLABEL)) != 0 ||
ngtcp2_crypto_hkdf_expand_label(
server_secret, NGTCP2_CRYPTO_INITIAL_SECRETLEN, &ctx.md, initial_secret,
NGTCP2_CRYPTO_INITIAL_SECRETLEN, SLABEL, sizeof(SLABEL) - 1) != 0) {
NGTCP2_CRYPTO_INITIAL_SECRETLEN, SLABEL,
ngtcp2_strlen_lit(SLABEL)) != 0) {
return -1;
}

Expand Down Expand Up @@ -148,19 +150,19 @@ int ngtcp2_crypto_derive_packet_protection_key(
switch (version) {
case NGTCP2_PROTO_VER_V2:
key_label = KEY_LABEL_V2;
key_labellen = sizeof(KEY_LABEL_V2) - 1;
key_labellen = ngtcp2_strlen_lit(KEY_LABEL_V2);
iv_label = IV_LABEL_V2;
iv_labellen = sizeof(IV_LABEL_V2) - 1;
iv_labellen = ngtcp2_strlen_lit(IV_LABEL_V2);
hp_key_label = HP_KEY_LABEL_V2;
hp_key_labellen = sizeof(HP_KEY_LABEL_V2) - 1;
hp_key_labellen = ngtcp2_strlen_lit(HP_KEY_LABEL_V2);
break;
default:
key_label = KEY_LABEL_V1;
key_labellen = sizeof(KEY_LABEL_V1) - 1;
key_labellen = ngtcp2_strlen_lit(KEY_LABEL_V1);
iv_label = IV_LABEL_V1;
iv_labellen = sizeof(IV_LABEL_V1) - 1;
iv_labellen = ngtcp2_strlen_lit(IV_LABEL_V1);
hp_key_label = HP_KEY_LABEL_V1;
hp_key_labellen = sizeof(HP_KEY_LABEL_V1) - 1;
hp_key_labellen = ngtcp2_strlen_lit(HP_KEY_LABEL_V1);
}

if (ngtcp2_crypto_hkdf_expand_label(key, keylen, md, secret, secretlen,
Expand Down Expand Up @@ -194,11 +196,11 @@ int ngtcp2_crypto_update_traffic_secret(uint8_t *dest, uint32_t version,
switch (version) {
case NGTCP2_PROTO_VER_V2:
label = LABEL_V2;
labellen = sizeof(LABEL_V2) - 1;
labellen = ngtcp2_strlen_lit(LABEL_V2);
break;
default:
label = LABEL;
labellen = sizeof(LABEL) - 1;
labellen = ngtcp2_strlen_lit(LABEL);
}

if (ngtcp2_crypto_hkdf_expand_label(dest, secretlen, md, secret, secretlen,
Expand Down Expand Up @@ -592,11 +594,11 @@ int ngtcp2_crypto_derive_and_install_initial_key(
case NGTCP2_PROTO_VER_V1:
default:
retry_key = (const uint8_t *)NGTCP2_RETRY_KEY_V1;
retry_noncelen = sizeof(NGTCP2_RETRY_NONCE_V1) - 1;
retry_noncelen = ngtcp2_strlen_lit(NGTCP2_RETRY_NONCE_V1);
break;
case NGTCP2_PROTO_VER_V2:
retry_key = (const uint8_t *)NGTCP2_RETRY_KEY_V2;
retry_noncelen = sizeof(NGTCP2_RETRY_NONCE_V2) - 1;
retry_noncelen = ngtcp2_strlen_lit(NGTCP2_RETRY_NONCE_V2);
break;
}

Expand Down Expand Up @@ -845,7 +847,7 @@ int ngtcp2_crypto_generate_stateless_reset_token(uint8_t *token,
if (ngtcp2_crypto_hkdf(token, NGTCP2_STATELESS_RESET_TOKENLEN,
ngtcp2_crypto_md_sha256(&md), secret, secretlen,
cid->data, cid->datalen, info,
sizeof(info) - 1) != 0) {
ngtcp2_strlen_lit(info)) != 0) {
return -1;
}

Expand All @@ -865,8 +867,8 @@ static int crypto_derive_token_key(uint8_t *key, size_t keylen, uint8_t *iv,
uint8_t *p;

assert(ngtcp2_crypto_md_hashlen(md) == sizeof(intsecret));
assert(info_prefixlen + sizeof(key_info_suffix) - 1 <= sizeof(info));
assert(info_prefixlen + sizeof(iv_info_suffix) - 1 <= sizeof(info));
assert(info_prefixlen + ngtcp2_strlen_lit(key_info_suffix) <= sizeof(info));
assert(info_prefixlen + ngtcp2_strlen_lit(iv_info_suffix) <= sizeof(info));

if (ngtcp2_crypto_hkdf_extract(intsecret, md, secret, secretlen, salt,
saltlen) != 0) {
Expand All @@ -876,8 +878,8 @@ static int crypto_derive_token_key(uint8_t *key, size_t keylen, uint8_t *iv,
memcpy(info, info_prefix, info_prefixlen);
p = info + info_prefixlen;

memcpy(p, key_info_suffix, sizeof(key_info_suffix) - 1);
p += sizeof(key_info_suffix) - 1;
memcpy(p, key_info_suffix, ngtcp2_strlen_lit(key_info_suffix));
p += ngtcp2_strlen_lit(key_info_suffix);

if (ngtcp2_crypto_hkdf_expand(key, keylen, md, intsecret, sizeof(intsecret),
info, (size_t)(p - info)) != 0) {
Expand All @@ -886,8 +888,8 @@ static int crypto_derive_token_key(uint8_t *key, size_t keylen, uint8_t *iv,

p = info + info_prefixlen;

memcpy(p, iv_info_suffix, sizeof(iv_info_suffix) - 1);
p += sizeof(iv_info_suffix) - 1;
memcpy(p, iv_info_suffix, ngtcp2_strlen_lit(iv_info_suffix));
p += ngtcp2_strlen_lit(iv_info_suffix);

if (ngtcp2_crypto_hkdf_expand(iv, ivlen, md, intsecret, sizeof(intsecret),
info, (size_t)(p - info)) != 0) {
Expand Down Expand Up @@ -963,10 +965,10 @@ ngtcp2_ssize ngtcp2_crypto_generate_retry_token(
assert(sizeof(key) == keylen);
assert(sizeof(iv) == ivlen);

if (crypto_derive_token_key(key, keylen, iv, ivlen, &md, secret, secretlen,
rand_data, sizeof(rand_data),
retry_token_info_prefix,
sizeof(retry_token_info_prefix) - 1) != 0) {
if (crypto_derive_token_key(
key, keylen, iv, ivlen, &md, secret, secretlen, rand_data,
sizeof(rand_data), retry_token_info_prefix,
ngtcp2_strlen_lit(retry_token_info_prefix)) != 0) {
return -1;
}

Expand Down Expand Up @@ -1040,10 +1042,10 @@ int ngtcp2_crypto_verify_retry_token(
assert(sizeof(key) == keylen);
assert(sizeof(iv) == ivlen);

if (crypto_derive_token_key(key, keylen, iv, ivlen, &md, secret, secretlen,
rand_data, NGTCP2_CRYPTO_TOKEN_RAND_DATALEN,
retry_token_info_prefix,
sizeof(retry_token_info_prefix) - 1) != 0) {
if (crypto_derive_token_key(
key, keylen, iv, ivlen, &md, secret, secretlen, rand_data,
NGTCP2_CRYPTO_TOKEN_RAND_DATALEN, retry_token_info_prefix,
ngtcp2_strlen_lit(retry_token_info_prefix)) != 0) {
return -1;
}

Expand Down Expand Up @@ -1143,10 +1145,10 @@ ngtcp2_ssize ngtcp2_crypto_generate_retry_token2(
assert(sizeof(key) == keylen);
assert(sizeof(iv) == ivlen);

if (crypto_derive_token_key(key, keylen, iv, ivlen, &md, secret, secretlen,
rand_data, sizeof(rand_data),
retry_token_info_prefix2,
sizeof(retry_token_info_prefix2) - 1) != 0) {
if (crypto_derive_token_key(
key, keylen, iv, ivlen, &md, secret, secretlen, rand_data,
sizeof(rand_data), retry_token_info_prefix2,
ngtcp2_strlen_lit(retry_token_info_prefix2)) != 0) {
return -1;
}

Expand Down Expand Up @@ -1221,10 +1223,10 @@ int ngtcp2_crypto_verify_retry_token2(
assert(sizeof(key) == keylen);
assert(sizeof(iv) == ivlen);

if (crypto_derive_token_key(key, keylen, iv, ivlen, &md, secret, secretlen,
rand_data, NGTCP2_CRYPTO_TOKEN_RAND_DATALEN,
retry_token_info_prefix2,
sizeof(retry_token_info_prefix2) - 1) != 0) {
if (crypto_derive_token_key(
key, keylen, iv, ivlen, &md, secret, secretlen, rand_data,
NGTCP2_CRYPTO_TOKEN_RAND_DATALEN, retry_token_info_prefix2,
ngtcp2_strlen_lit(retry_token_info_prefix2)) != 0) {
return NGTCP2_CRYPTO_ERR_INTERNAL;
}

Expand Down Expand Up @@ -1366,10 +1368,10 @@ static ngtcp2_ssize crypto_generate_regular_token(
assert(sizeof(key) == keylen);
assert(sizeof(iv) == ivlen);

if (crypto_derive_token_key(key, keylen, iv, ivlen, &md, secret, secretlen,
rand_data, sizeof(rand_data),
regular_token_info_prefix,
sizeof(regular_token_info_prefix) - 1) != 0) {
if (crypto_derive_token_key(
key, keylen, iv, ivlen, &md, secret, secretlen, rand_data,
sizeof(rand_data), regular_token_info_prefix,
ngtcp2_strlen_lit(regular_token_info_prefix)) != 0) {
return -1;
}

Expand Down Expand Up @@ -1442,10 +1444,10 @@ static ngtcp2_ssize crypto_verify_regular_token(
assert(sizeof(key) == keylen);
assert(sizeof(iv) == ivlen);

if (crypto_derive_token_key(key, keylen, iv, ivlen, &md, secret, secretlen,
rand_data, NGTCP2_CRYPTO_TOKEN_RAND_DATALEN,
regular_token_info_prefix,
sizeof(regular_token_info_prefix) - 1) != 0) {
if (crypto_derive_token_key(
key, keylen, iv, ivlen, &md, secret, secretlen, rand_data,
NGTCP2_CRYPTO_TOKEN_RAND_DATALEN, regular_token_info_prefix,
ngtcp2_strlen_lit(regular_token_info_prefix)) != 0) {
return NGTCP2_CRYPTO_ERR_INTERNAL;
}

Expand Down Expand Up @@ -1601,11 +1603,11 @@ ngtcp2_ssize ngtcp2_crypto_write_retry(uint8_t *dest, size_t destlen,
case NGTCP2_PROTO_VER_V1:
default:
key = (const uint8_t *)NGTCP2_RETRY_KEY_V1;
noncelen = sizeof(NGTCP2_RETRY_NONCE_V1) - 1;
noncelen = ngtcp2_strlen_lit(NGTCP2_RETRY_NONCE_V1);
break;
case NGTCP2_PROTO_VER_V2:
key = (const uint8_t *)NGTCP2_RETRY_KEY_V2;
noncelen = sizeof(NGTCP2_RETRY_NONCE_V2) - 1;
noncelen = ngtcp2_strlen_lit(NGTCP2_RETRY_NONCE_V2);
break;
}

Expand Down
8 changes: 5 additions & 3 deletions deps/ngtcp2/ngtcp2/crypto/wolfssl/wolfssl.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
#include <wolfssl/ssl.h>
#include <wolfssl/quic.h>

#include "ngtcp2_macro.h"
#include "shared.h"

#define PRINTF_DEBUG 0
Expand Down Expand Up @@ -297,9 +298,10 @@ int ngtcp2_crypto_hp_mask(uint8_t *dest, const ngtcp2_crypto_cipher *hp,
if (wolfSSL_EVP_EncryptInit_ex(actx, NULL, NULL, NULL, sample) !=
WOLFSSL_SUCCESS ||
wolfSSL_EVP_CipherUpdate(actx, dest, &len, PLAINTEXT,
sizeof(PLAINTEXT) - 1) != WOLFSSL_SUCCESS ||
wolfSSL_EVP_EncryptFinal_ex(actx, dest + sizeof(PLAINTEXT) - 1, &len) !=
WOLFSSL_SUCCESS) {
ngtcp2_strlen_lit(PLAINTEXT)) !=
WOLFSSL_SUCCESS ||
wolfSSL_EVP_EncryptFinal_ex(actx, dest + ngtcp2_strlen_lit(PLAINTEXT),
&len) != WOLFSSL_SUCCESS) {
DEBUG_MSG("WOLFSSL: hp_mask FAILED\n");
return -1;
}
Expand Down
10 changes: 5 additions & 5 deletions deps/ngtcp2/ngtcp2/examples/client.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1049,16 +1049,17 @@ ngtcp2_ssize write_pkt(ngtcp2_conn *conn, ngtcp2_path *path,
ngtcp2_ssize Client::write_pkt(ngtcp2_path *path, ngtcp2_pkt_info *pi,
uint8_t *dest, size_t destlen,
ngtcp2_tstamp ts) {
std::array<nghttp3_vec, 16> vec;
std::array<SharedVec, 16> vec;

for (;;) {
int64_t stream_id = -1;
int fin = 0;
nghttp3_ssize sveccnt = 0;

if (httpconn_ && ngtcp2_conn_get_max_data_left(conn_)) {
sveccnt = nghttp3_conn_writev_stream(httpconn_, &stream_id, &fin,
vec.data(), vec.size());
sveccnt = nghttp3_conn_writev_stream(
httpconn_, &stream_id, &fin,
reinterpret_cast<nghttp3_vec *>(vec.data()), vec.size());
if (sveccnt < 0) {
std::cerr << "nghttp3_conn_writev_stream: "
<< nghttp3_strerror(static_cast<int>(sveccnt)) << std::endl;
Expand All @@ -1071,7 +1072,6 @@ ngtcp2_ssize Client::write_pkt(ngtcp2_path *path, ngtcp2_pkt_info *pi,
}

ngtcp2_ssize ndatalen;
auto v = vec.data();
auto vcnt = static_cast<size_t>(sveccnt);

uint32_t flags = NGTCP2_WRITE_STREAM_FLAG_MORE;
Expand All @@ -1081,7 +1081,7 @@ ngtcp2_ssize Client::write_pkt(ngtcp2_path *path, ngtcp2_pkt_info *pi,

auto nwrite = ngtcp2_conn_writev_stream(
conn_, path, pi, dest, destlen, &ndatalen, flags, stream_id,
reinterpret_cast<const ngtcp2_vec *>(v), vcnt, ts);
reinterpret_cast<const ngtcp2_vec *>(vec.data()), vcnt, ts);
if (nwrite < 0) {
switch (nwrite) {
case NGTCP2_ERR_STREAM_DATA_BLOCKED:
Expand Down
Loading
Loading