protocol-quic 0.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (343) hide show
  1. checksums.yaml +7 -0
  2. checksums.yaml.gz.sig +0 -0
  3. data/ext/ngtcp2/AUTHORS +44 -0
  4. data/ext/ngtcp2/CMakeLists.txt +431 -0
  5. data/ext/ngtcp2/CMakeOptions.txt +17 -0
  6. data/ext/ngtcp2/COPYING +22 -0
  7. data/ext/ngtcp2/ChangeLog +0 -0
  8. data/ext/ngtcp2/Makefile.am +60 -0
  9. data/ext/ngtcp2/NEWS +0 -0
  10. data/ext/ngtcp2/README +1 -0
  11. data/ext/ngtcp2/README.rst +258 -0
  12. data/ext/ngtcp2/ci/build_boringssl.sh +10 -0
  13. data/ext/ngtcp2/ci/build_nghttp3.sh +9 -0
  14. data/ext/ngtcp2/ci/build_openssl1.sh +8 -0
  15. data/ext/ngtcp2/ci/build_openssl1_cross.sh +9 -0
  16. data/ext/ngtcp2/ci/build_openssl3.sh +8 -0
  17. data/ext/ngtcp2/ci/build_picotls.sh +26 -0
  18. data/ext/ngtcp2/ci/build_wolfssl.sh +9 -0
  19. data/ext/ngtcp2/ci/gen-certificate.sh +8 -0
  20. data/ext/ngtcp2/cmake/ExtractValidFlags.cmake +31 -0
  21. data/ext/ngtcp2/cmake/FindCUnit.cmake +40 -0
  22. data/ext/ngtcp2/cmake/FindJemalloc.cmake +40 -0
  23. data/ext/ngtcp2/cmake/FindLibev.cmake +38 -0
  24. data/ext/ngtcp2/cmake/FindLibnghttp3.cmake +41 -0
  25. data/ext/ngtcp2/cmake/Findwolfssl.cmake +41 -0
  26. data/ext/ngtcp2/cmake/Version.cmake +11 -0
  27. data/ext/ngtcp2/cmakeconfig.h.in +36 -0
  28. data/ext/ngtcp2/configure.ac +755 -0
  29. data/ext/ngtcp2/crypto/CMakeLists.txt +56 -0
  30. data/ext/ngtcp2/crypto/Makefile.am +49 -0
  31. data/ext/ngtcp2/crypto/boringssl/CMakeLists.txt +64 -0
  32. data/ext/ngtcp2/crypto/boringssl/Makefile.am +39 -0
  33. data/ext/ngtcp2/crypto/boringssl/boringssl.c +630 -0
  34. data/ext/ngtcp2/crypto/boringssl/libngtcp2_crypto_boringssl.pc.in +33 -0
  35. data/ext/ngtcp2/crypto/gnutls/CMakeLists.txt +86 -0
  36. data/ext/ngtcp2/crypto/gnutls/Makefile.am +43 -0
  37. data/ext/ngtcp2/crypto/gnutls/gnutls.c +644 -0
  38. data/ext/ngtcp2/crypto/gnutls/libngtcp2_crypto_gnutls.pc.in +33 -0
  39. data/ext/ngtcp2/crypto/includes/CMakeLists.txt +56 -0
  40. data/ext/ngtcp2/crypto/includes/Makefile.am +45 -0
  41. data/ext/ngtcp2/crypto/includes/ngtcp2/ngtcp2_crypto.h +893 -0
  42. data/ext/ngtcp2/crypto/includes/ngtcp2/ngtcp2_crypto_boringssl.h +104 -0
  43. data/ext/ngtcp2/crypto/includes/ngtcp2/ngtcp2_crypto_gnutls.h +107 -0
  44. data/ext/ngtcp2/crypto/includes/ngtcp2/ngtcp2_crypto_openssl.h +132 -0
  45. data/ext/ngtcp2/crypto/includes/ngtcp2/ngtcp2_crypto_picotls.h +246 -0
  46. data/ext/ngtcp2/crypto/includes/ngtcp2/ngtcp2_crypto_wolfssl.h +106 -0
  47. data/ext/ngtcp2/crypto/openssl/CMakeLists.txt +86 -0
  48. data/ext/ngtcp2/crypto/openssl/Makefile.am +43 -0
  49. data/ext/ngtcp2/crypto/openssl/libngtcp2_crypto_openssl.pc.in +33 -0
  50. data/ext/ngtcp2/crypto/openssl/openssl.c +807 -0
  51. data/ext/ngtcp2/crypto/picotls/CMakeLists.txt +65 -0
  52. data/ext/ngtcp2/crypto/picotls/Makefile.am +39 -0
  53. data/ext/ngtcp2/crypto/picotls/libngtcp2_crypto_picotls.pc.in +33 -0
  54. data/ext/ngtcp2/crypto/picotls/picotls.c +707 -0
  55. data/ext/ngtcp2/crypto/shared.c +1431 -0
  56. data/ext/ngtcp2/crypto/shared.h +350 -0
  57. data/ext/ngtcp2/crypto/wolfssl/CMakeLists.txt +84 -0
  58. data/ext/ngtcp2/crypto/wolfssl/Makefile.am +43 -0
  59. data/ext/ngtcp2/crypto/wolfssl/libngtcp2_crypto_wolfssl.pc.in +33 -0
  60. data/ext/ngtcp2/crypto/wolfssl/wolfssl.c +534 -0
  61. data/ext/ngtcp2/doc/Makefile.am +65 -0
  62. data/ext/ngtcp2/doc/make.bat +35 -0
  63. data/ext/ngtcp2/doc/mkapiref.py +356 -0
  64. data/ext/ngtcp2/doc/source/conf.py.in +94 -0
  65. data/ext/ngtcp2/doc/source/index.rst +22 -0
  66. data/ext/ngtcp2/doc/source/programmers-guide.rst +476 -0
  67. data/ext/ngtcp2/docker/Dockerfile +39 -0
  68. data/ext/ngtcp2/examples/CMakeLists.txt +361 -0
  69. data/ext/ngtcp2/examples/Makefile.am +228 -0
  70. data/ext/ngtcp2/examples/client.cc +3049 -0
  71. data/ext/ngtcp2/examples/client.h +192 -0
  72. data/ext/ngtcp2/examples/client_base.cc +202 -0
  73. data/ext/ngtcp2/examples/client_base.h +213 -0
  74. data/ext/ngtcp2/examples/debug.cc +298 -0
  75. data/ext/ngtcp2/examples/debug.h +124 -0
  76. data/ext/ngtcp2/examples/examplestest.cc +84 -0
  77. data/ext/ngtcp2/examples/gtlssimpleclient.c +720 -0
  78. data/ext/ngtcp2/examples/h09client.cc +2601 -0
  79. data/ext/ngtcp2/examples/h09client.h +196 -0
  80. data/ext/ngtcp2/examples/h09server.cc +3024 -0
  81. data/ext/ngtcp2/examples/h09server.h +237 -0
  82. data/ext/ngtcp2/examples/http.cc +138 -0
  83. data/ext/ngtcp2/examples/http.h +44 -0
  84. data/ext/ngtcp2/examples/network.h +80 -0
  85. data/ext/ngtcp2/examples/server.cc +3731 -0
  86. data/ext/ngtcp2/examples/server.h +256 -0
  87. data/ext/ngtcp2/examples/server_base.cc +58 -0
  88. data/ext/ngtcp2/examples/server_base.h +195 -0
  89. data/ext/ngtcp2/examples/shared.cc +385 -0
  90. data/ext/ngtcp2/examples/shared.h +96 -0
  91. data/ext/ngtcp2/examples/simpleclient.c +683 -0
  92. data/ext/ngtcp2/examples/template.h +71 -0
  93. data/ext/ngtcp2/examples/tests/README.rst +60 -0
  94. data/ext/ngtcp2/examples/tests/__init__.py +0 -0
  95. data/ext/ngtcp2/examples/tests/config.ini.in +32 -0
  96. data/ext/ngtcp2/examples/tests/conftest.py +28 -0
  97. data/ext/ngtcp2/examples/tests/ngtcp2test/__init__.py +6 -0
  98. data/ext/ngtcp2/examples/tests/ngtcp2test/certs.py +476 -0
  99. data/ext/ngtcp2/examples/tests/ngtcp2test/client.py +187 -0
  100. data/ext/ngtcp2/examples/tests/ngtcp2test/env.py +191 -0
  101. data/ext/ngtcp2/examples/tests/ngtcp2test/log.py +101 -0
  102. data/ext/ngtcp2/examples/tests/ngtcp2test/server.py +137 -0
  103. data/ext/ngtcp2/examples/tests/ngtcp2test/tls.py +983 -0
  104. data/ext/ngtcp2/examples/tests/test_01_handshake.py +30 -0
  105. data/ext/ngtcp2/examples/tests/test_02_resume.py +46 -0
  106. data/ext/ngtcp2/examples/tests/test_03_earlydata.py +56 -0
  107. data/ext/ngtcp2/examples/tests/test_04_clientcert.py +57 -0
  108. data/ext/ngtcp2/examples/tests/test_05_ciphers.py +46 -0
  109. data/ext/ngtcp2/examples/tls_client_context.h +52 -0
  110. data/ext/ngtcp2/examples/tls_client_context_boringssl.cc +126 -0
  111. data/ext/ngtcp2/examples/tls_client_context_boringssl.h +49 -0
  112. data/ext/ngtcp2/examples/tls_client_context_gnutls.cc +74 -0
  113. data/ext/ngtcp2/examples/tls_client_context_gnutls.h +50 -0
  114. data/ext/ngtcp2/examples/tls_client_context_openssl.cc +137 -0
  115. data/ext/ngtcp2/examples/tls_client_context_openssl.h +49 -0
  116. data/ext/ngtcp2/examples/tls_client_context_picotls.cc +158 -0
  117. data/ext/ngtcp2/examples/tls_client_context_picotls.h +53 -0
  118. data/ext/ngtcp2/examples/tls_client_context_wolfssl.cc +177 -0
  119. data/ext/ngtcp2/examples/tls_client_context_wolfssl.h +51 -0
  120. data/ext/ngtcp2/examples/tls_client_session.h +52 -0
  121. data/ext/ngtcp2/examples/tls_client_session_boringssl.cc +110 -0
  122. data/ext/ngtcp2/examples/tls_client_session_boringssl.h +52 -0
  123. data/ext/ngtcp2/examples/tls_client_session_gnutls.cc +190 -0
  124. data/ext/ngtcp2/examples/tls_client_session_gnutls.h +52 -0
  125. data/ext/ngtcp2/examples/tls_client_session_openssl.cc +113 -0
  126. data/ext/ngtcp2/examples/tls_client_session_openssl.h +52 -0
  127. data/ext/ngtcp2/examples/tls_client_session_picotls.cc +147 -0
  128. data/ext/ngtcp2/examples/tls_client_session_picotls.h +52 -0
  129. data/ext/ngtcp2/examples/tls_client_session_wolfssl.cc +160 -0
  130. data/ext/ngtcp2/examples/tls_client_session_wolfssl.h +52 -0
  131. data/ext/ngtcp2/examples/tls_server_context.h +52 -0
  132. data/ext/ngtcp2/examples/tls_server_context_boringssl.cc +257 -0
  133. data/ext/ngtcp2/examples/tls_server_context_boringssl.h +54 -0
  134. data/ext/ngtcp2/examples/tls_server_context_gnutls.cc +99 -0
  135. data/ext/ngtcp2/examples/tls_server_context_gnutls.h +59 -0
  136. data/ext/ngtcp2/examples/tls_server_context_openssl.cc +338 -0
  137. data/ext/ngtcp2/examples/tls_server_context_openssl.h +54 -0
  138. data/ext/ngtcp2/examples/tls_server_context_picotls.cc +321 -0
  139. data/ext/ngtcp2/examples/tls_server_context_picotls.h +58 -0
  140. data/ext/ngtcp2/examples/tls_server_context_wolfssl.cc +284 -0
  141. data/ext/ngtcp2/examples/tls_server_context_wolfssl.h +55 -0
  142. data/ext/ngtcp2/examples/tls_server_session.h +52 -0
  143. data/ext/ngtcp2/examples/tls_server_session_boringssl.cc +84 -0
  144. data/ext/ngtcp2/examples/tls_server_session_boringssl.h +47 -0
  145. data/ext/ngtcp2/examples/tls_server_session_gnutls.cc +155 -0
  146. data/ext/ngtcp2/examples/tls_server_session_gnutls.h +46 -0
  147. data/ext/ngtcp2/examples/tls_server_session_openssl.cc +54 -0
  148. data/ext/ngtcp2/examples/tls_server_session_openssl.h +47 -0
  149. data/ext/ngtcp2/examples/tls_server_session_picotls.cc +70 -0
  150. data/ext/ngtcp2/examples/tls_server_session_picotls.h +47 -0
  151. data/ext/ngtcp2/examples/tls_server_session_wolfssl.cc +55 -0
  152. data/ext/ngtcp2/examples/tls_server_session_wolfssl.h +47 -0
  153. data/ext/ngtcp2/examples/tls_session_base_gnutls.cc +87 -0
  154. data/ext/ngtcp2/examples/tls_session_base_gnutls.h +51 -0
  155. data/ext/ngtcp2/examples/tls_session_base_openssl.cc +54 -0
  156. data/ext/ngtcp2/examples/tls_session_base_openssl.h +52 -0
  157. data/ext/ngtcp2/examples/tls_session_base_picotls.cc +56 -0
  158. data/ext/ngtcp2/examples/tls_session_base_picotls.h +54 -0
  159. data/ext/ngtcp2/examples/tls_session_base_wolfssl.cc +54 -0
  160. data/ext/ngtcp2/examples/tls_session_base_wolfssl.h +54 -0
  161. data/ext/ngtcp2/examples/tls_shared_picotls.cc +59 -0
  162. data/ext/ngtcp2/examples/tls_shared_picotls.h +36 -0
  163. data/ext/ngtcp2/examples/util.cc +646 -0
  164. data/ext/ngtcp2/examples/util.h +361 -0
  165. data/ext/ngtcp2/examples/util_gnutls.cc +136 -0
  166. data/ext/ngtcp2/examples/util_openssl.cc +131 -0
  167. data/ext/ngtcp2/examples/util_test.cc +237 -0
  168. data/ext/ngtcp2/examples/util_test.h +45 -0
  169. data/ext/ngtcp2/examples/util_wolfssl.cc +130 -0
  170. data/ext/ngtcp2/fuzz/corpus/decode_frame/ack +0 -0
  171. data/ext/ngtcp2/fuzz/corpus/decode_frame/ack_ecn +0 -0
  172. data/ext/ngtcp2/fuzz/corpus/decode_frame/connection_close +0 -0
  173. data/ext/ngtcp2/fuzz/corpus/decode_frame/crypto +1 -0
  174. data/ext/ngtcp2/fuzz/corpus/decode_frame/data_blocked +1 -0
  175. data/ext/ngtcp2/fuzz/corpus/decode_frame/datagram +1 -0
  176. data/ext/ngtcp2/fuzz/corpus/decode_frame/datagram_len +1 -0
  177. data/ext/ngtcp2/fuzz/corpus/decode_frame/max_data +1 -0
  178. data/ext/ngtcp2/fuzz/corpus/decode_frame/max_stream_data +0 -0
  179. data/ext/ngtcp2/fuzz/corpus/decode_frame/max_streams +0 -0
  180. data/ext/ngtcp2/fuzz/corpus/decode_frame/new_connection_id +1 -0
  181. data/ext/ngtcp2/fuzz/corpus/decode_frame/new_token +1 -0
  182. data/ext/ngtcp2/fuzz/corpus/decode_frame/path_challenge +1 -0
  183. data/ext/ngtcp2/fuzz/corpus/decode_frame/path_response +1 -0
  184. data/ext/ngtcp2/fuzz/corpus/decode_frame/reset_stream +0 -0
  185. data/ext/ngtcp2/fuzz/corpus/decode_frame/retire_connection_id +1 -0
  186. data/ext/ngtcp2/fuzz/corpus/decode_frame/stop_sending +0 -0
  187. data/ext/ngtcp2/fuzz/corpus/decode_frame/stream +0 -0
  188. data/ext/ngtcp2/fuzz/corpus/decode_frame/stream_data_blocked +0 -0
  189. data/ext/ngtcp2/fuzz/corpus/decode_frame/stream_len +0 -0
  190. data/ext/ngtcp2/fuzz/corpus/decode_frame/streams_blocked +0 -0
  191. data/ext/ngtcp2/fuzz/corpus/ksl/random +0 -0
  192. data/ext/ngtcp2/fuzz/decode_frame.cc +25 -0
  193. data/ext/ngtcp2/fuzz/ksl.cc +77 -0
  194. data/ext/ngtcp2/interop/Dockerfile +39 -0
  195. data/ext/ngtcp2/interop/run_endpoint.sh +93 -0
  196. data/ext/ngtcp2/lib/CMakeLists.txt +110 -0
  197. data/ext/ngtcp2/lib/Makefile.am +122 -0
  198. data/ext/ngtcp2/lib/includes/CMakeLists.txt +4 -0
  199. data/ext/ngtcp2/lib/includes/Makefile.am +25 -0
  200. data/ext/ngtcp2/lib/includes/ngtcp2/ngtcp2.h +5843 -0
  201. data/ext/ngtcp2/lib/includes/ngtcp2/version.h.in +51 -0
  202. data/ext/ngtcp2/lib/libngtcp2.pc.in +33 -0
  203. data/ext/ngtcp2/lib/ngtcp2_acktr.c +335 -0
  204. data/ext/ngtcp2/lib/ngtcp2_acktr.h +221 -0
  205. data/ext/ngtcp2/lib/ngtcp2_addr.c +117 -0
  206. data/ext/ngtcp2/lib/ngtcp2_addr.h +69 -0
  207. data/ext/ngtcp2/lib/ngtcp2_balloc.c +90 -0
  208. data/ext/ngtcp2/lib/ngtcp2_balloc.h +91 -0
  209. data/ext/ngtcp2/lib/ngtcp2_bbr.c +693 -0
  210. data/ext/ngtcp2/lib/ngtcp2_bbr.h +157 -0
  211. data/ext/ngtcp2/lib/ngtcp2_bbr2.c +1490 -0
  212. data/ext/ngtcp2/lib/ngtcp2_bbr2.h +149 -0
  213. data/ext/ngtcp2/lib/ngtcp2_buf.c +56 -0
  214. data/ext/ngtcp2/lib/ngtcp2_buf.h +108 -0
  215. data/ext/ngtcp2/lib/ngtcp2_cc.c +616 -0
  216. data/ext/ngtcp2/lib/ngtcp2_cc.h +422 -0
  217. data/ext/ngtcp2/lib/ngtcp2_cid.c +147 -0
  218. data/ext/ngtcp2/lib/ngtcp2_cid.h +175 -0
  219. data/ext/ngtcp2/lib/ngtcp2_conn.c +13731 -0
  220. data/ext/ngtcp2/lib/ngtcp2_conn.h +1119 -0
  221. data/ext/ngtcp2/lib/ngtcp2_conn_stat.h +131 -0
  222. data/ext/ngtcp2/lib/ngtcp2_conv.c +291 -0
  223. data/ext/ngtcp2/lib/ngtcp2_conv.h +208 -0
  224. data/ext/ngtcp2/lib/ngtcp2_crypto.c +895 -0
  225. data/ext/ngtcp2/lib/ngtcp2_crypto.h +148 -0
  226. data/ext/ngtcp2/lib/ngtcp2_err.c +154 -0
  227. data/ext/ngtcp2/lib/ngtcp2_err.h +34 -0
  228. data/ext/ngtcp2/lib/ngtcp2_gaptr.c +167 -0
  229. data/ext/ngtcp2/lib/ngtcp2_gaptr.h +98 -0
  230. data/ext/ngtcp2/lib/ngtcp2_idtr.c +79 -0
  231. data/ext/ngtcp2/lib/ngtcp2_idtr.h +89 -0
  232. data/ext/ngtcp2/lib/ngtcp2_ksl.c +819 -0
  233. data/ext/ngtcp2/lib/ngtcp2_ksl.h +345 -0
  234. data/ext/ngtcp2/lib/ngtcp2_log.c +822 -0
  235. data/ext/ngtcp2/lib/ngtcp2_log.h +123 -0
  236. data/ext/ngtcp2/lib/ngtcp2_macro.h +58 -0
  237. data/ext/ngtcp2/lib/ngtcp2_map.c +336 -0
  238. data/ext/ngtcp2/lib/ngtcp2_map.h +136 -0
  239. data/ext/ngtcp2/lib/ngtcp2_mem.c +113 -0
  240. data/ext/ngtcp2/lib/ngtcp2_mem.h +72 -0
  241. data/ext/ngtcp2/lib/ngtcp2_net.h +136 -0
  242. data/ext/ngtcp2/lib/ngtcp2_objalloc.c +40 -0
  243. data/ext/ngtcp2/lib/ngtcp2_objalloc.h +140 -0
  244. data/ext/ngtcp2/lib/ngtcp2_opl.c +46 -0
  245. data/ext/ngtcp2/lib/ngtcp2_opl.h +65 -0
  246. data/ext/ngtcp2/lib/ngtcp2_path.c +77 -0
  247. data/ext/ngtcp2/lib/ngtcp2_path.h +49 -0
  248. data/ext/ngtcp2/lib/ngtcp2_pkt.c +2527 -0
  249. data/ext/ngtcp2/lib/ngtcp2_pkt.h +1235 -0
  250. data/ext/ngtcp2/lib/ngtcp2_pmtud.c +160 -0
  251. data/ext/ngtcp2/lib/ngtcp2_pmtud.h +123 -0
  252. data/ext/ngtcp2/lib/ngtcp2_ppe.c +230 -0
  253. data/ext/ngtcp2/lib/ngtcp2_ppe.h +153 -0
  254. data/ext/ngtcp2/lib/ngtcp2_pq.c +164 -0
  255. data/ext/ngtcp2/lib/ngtcp2_pq.h +126 -0
  256. data/ext/ngtcp2/lib/ngtcp2_pv.c +172 -0
  257. data/ext/ngtcp2/lib/ngtcp2_pv.h +194 -0
  258. data/ext/ngtcp2/lib/ngtcp2_qlog.c +1219 -0
  259. data/ext/ngtcp2/lib/ngtcp2_qlog.h +161 -0
  260. data/ext/ngtcp2/lib/ngtcp2_range.c +61 -0
  261. data/ext/ngtcp2/lib/ngtcp2_range.h +80 -0
  262. data/ext/ngtcp2/lib/ngtcp2_rcvry.h +40 -0
  263. data/ext/ngtcp2/lib/ngtcp2_ringbuf.c +121 -0
  264. data/ext/ngtcp2/lib/ngtcp2_ringbuf.h +132 -0
  265. data/ext/ngtcp2/lib/ngtcp2_rob.c +319 -0
  266. data/ext/ngtcp2/lib/ngtcp2_rob.h +197 -0
  267. data/ext/ngtcp2/lib/ngtcp2_rst.c +138 -0
  268. data/ext/ngtcp2/lib/ngtcp2_rst.h +86 -0
  269. data/ext/ngtcp2/lib/ngtcp2_rtb.c +1676 -0
  270. data/ext/ngtcp2/lib/ngtcp2_rtb.h +468 -0
  271. data/ext/ngtcp2/lib/ngtcp2_str.c +233 -0
  272. data/ext/ngtcp2/lib/ngtcp2_str.h +94 -0
  273. data/ext/ngtcp2/lib/ngtcp2_strm.c +698 -0
  274. data/ext/ngtcp2/lib/ngtcp2_strm.h +310 -0
  275. data/ext/ngtcp2/lib/ngtcp2_unreachable.c +71 -0
  276. data/ext/ngtcp2/lib/ngtcp2_unreachable.h +46 -0
  277. data/ext/ngtcp2/lib/ngtcp2_vec.c +243 -0
  278. data/ext/ngtcp2/lib/ngtcp2_vec.h +120 -0
  279. data/ext/ngtcp2/lib/ngtcp2_version.c +39 -0
  280. data/ext/ngtcp2/lib/ngtcp2_window_filter.c +99 -0
  281. data/ext/ngtcp2/lib/ngtcp2_window_filter.h +65 -0
  282. data/ext/ngtcp2/m4/ax_check_compile_flag.m4 +74 -0
  283. data/ext/ngtcp2/m4/ax_cxx_compile_stdcxx.m4 +1009 -0
  284. data/ext/ngtcp2/tests/CMakeLists.txt +68 -0
  285. data/ext/ngtcp2/tests/Makefile.am +94 -0
  286. data/ext/ngtcp2/tests/main.c +358 -0
  287. data/ext/ngtcp2/tests/ngtcp2_acktr_test.c +367 -0
  288. data/ext/ngtcp2/tests/ngtcp2_acktr_test.h +37 -0
  289. data/ext/ngtcp2/tests/ngtcp2_conn_test.c +9821 -0
  290. data/ext/ngtcp2/tests/ngtcp2_conn_test.h +104 -0
  291. data/ext/ngtcp2/tests/ngtcp2_conv_test.c +430 -0
  292. data/ext/ngtcp2/tests/ngtcp2_conv_test.h +46 -0
  293. data/ext/ngtcp2/tests/ngtcp2_crypto_test.c +667 -0
  294. data/ext/ngtcp2/tests/ngtcp2_crypto_test.h +35 -0
  295. data/ext/ngtcp2/tests/ngtcp2_gaptr_test.c +127 -0
  296. data/ext/ngtcp2/tests/ngtcp2_gaptr_test.h +36 -0
  297. data/ext/ngtcp2/tests/ngtcp2_idtr_test.c +79 -0
  298. data/ext/ngtcp2/tests/ngtcp2_idtr_test.h +34 -0
  299. data/ext/ngtcp2/tests/ngtcp2_ksl_test.c +502 -0
  300. data/ext/ngtcp2/tests/ngtcp2_ksl_test.h +39 -0
  301. data/ext/ngtcp2/tests/ngtcp2_map_test.c +206 -0
  302. data/ext/ngtcp2/tests/ngtcp2_map_test.h +38 -0
  303. data/ext/ngtcp2/tests/ngtcp2_pkt_test.c +1645 -0
  304. data/ext/ngtcp2/tests/ngtcp2_pkt_test.h +68 -0
  305. data/ext/ngtcp2/tests/ngtcp2_pmtud_test.c +153 -0
  306. data/ext/ngtcp2/tests/ngtcp2_pmtud_test.h +34 -0
  307. data/ext/ngtcp2/tests/ngtcp2_pv_test.c +129 -0
  308. data/ext/ngtcp2/tests/ngtcp2_pv_test.h +35 -0
  309. data/ext/ngtcp2/tests/ngtcp2_range_test.c +105 -0
  310. data/ext/ngtcp2/tests/ngtcp2_range_test.h +36 -0
  311. data/ext/ngtcp2/tests/ngtcp2_ringbuf_test.c +91 -0
  312. data/ext/ngtcp2/tests/ngtcp2_ringbuf_test.h +35 -0
  313. data/ext/ngtcp2/tests/ngtcp2_rob_test.c +552 -0
  314. data/ext/ngtcp2/tests/ngtcp2_rob_test.h +37 -0
  315. data/ext/ngtcp2/tests/ngtcp2_rtb_test.c +470 -0
  316. data/ext/ngtcp2/tests/ngtcp2_rtb_test.h +38 -0
  317. data/ext/ngtcp2/tests/ngtcp2_str_test.c +96 -0
  318. data/ext/ngtcp2/tests/ngtcp2_str_test.h +36 -0
  319. data/ext/ngtcp2/tests/ngtcp2_strm_test.c +575 -0
  320. data/ext/ngtcp2/tests/ngtcp2_strm_test.h +36 -0
  321. data/ext/ngtcp2/tests/ngtcp2_test_helper.c +404 -0
  322. data/ext/ngtcp2/tests/ngtcp2_test_helper.h +191 -0
  323. data/ext/ngtcp2/tests/ngtcp2_vec_test.c +426 -0
  324. data/ext/ngtcp2/tests/ngtcp2_vec_test.h +36 -0
  325. data/ext/ngtcp2/third-party/CMakeLists.txt +34 -0
  326. data/ext/ngtcp2/third-party/Makefile.am +31 -0
  327. data/ext/ngtcp2/third-party/http-parser/AUTHORS +68 -0
  328. data/ext/ngtcp2/third-party/http-parser/LICENSE-MIT +23 -0
  329. data/ext/ngtcp2/third-party/http-parser/Makefile +157 -0
  330. data/ext/ngtcp2/third-party/http-parser/README.md +246 -0
  331. data/ext/ngtcp2/third-party/http-parser/bench.c +111 -0
  332. data/ext/ngtcp2/third-party/http-parser/contrib/parsertrace.c +160 -0
  333. data/ext/ngtcp2/third-party/http-parser/contrib/url_parser.c +47 -0
  334. data/ext/ngtcp2/third-party/http-parser/http_parser.c +2419 -0
  335. data/ext/ngtcp2/third-party/http-parser/http_parser.gyp +111 -0
  336. data/ext/ngtcp2/third-party/http-parser/http_parser.h +431 -0
  337. data/ext/ngtcp2/third-party/http-parser/test.c +4411 -0
  338. data/lib/protocol/quic/version.rb +10 -0
  339. data/lib/protocol/quic.rb +9 -0
  340. data/license.md +21 -0
  341. data.tar.gz.sig +1 -0
  342. metadata +424 -0
  343. metadata.gz.sig +1 -0
data/ext/ngtcp2/crypto/boringssl/boringssl.c ADDED
@@ -0,0 +1,630 @@
1
+ /*
2
+ * ngtcp2
3
+ *
4
+ * Copyright (c) 2020 ngtcp2 contributors
5
+ *
6
+ * Permission is hereby granted, free of charge, to any person obtaining
7
+ * a copy of this software and associated documentation files (the
8
+ * "Software"), to deal in the Software without restriction, including
9
+ * without limitation the rights to use, copy, modify, merge, publish,
10
+ * distribute, sublicense, and/or sell copies of the Software, and to
11
+ * permit persons to whom the Software is furnished to do so, subject to
12
+ * the following conditions:
13
+ *
14
+ * The above copyright notice and this permission notice shall be
15
+ * included in all copies or substantial portions of the Software.
16
+ *
17
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
20
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
21
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
22
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
23
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
24
+ */
25
+ #ifdef HAVE_CONFIG_H
26
+ # include <config.h>
27
+ #endif /* HAVE_CONFIG_H */
28
+
29
+ #include <assert.h>
30
+ #include <string.h>
31
+
32
+ #include <ngtcp2/ngtcp2_crypto.h>
33
+ #include <ngtcp2/ngtcp2_crypto_boringssl.h>
34
+
35
+ #include <openssl/ssl.h>
36
+ #include <openssl/evp.h>
37
+ #include <openssl/hkdf.h>
38
+ #include <openssl/aes.h>
39
+ #include <openssl/chacha.h>
40
+ #include <openssl/rand.h>
41
+
42
+ #include "shared.h"
43
+
44
+ typedef enum ngtcp2_crypto_boringssl_cipher_type {
45
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_128,
46
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_256,
47
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_CHACHA20,
48
+ } ngtcp2_crypto_boringssl_cipher_type;
49
+
50
+ typedef struct ngtcp2_crypto_boringssl_cipher {
51
+ ngtcp2_crypto_boringssl_cipher_type type;
52
+ } ngtcp2_crypto_boringssl_cipher;
53
+
54
+ static ngtcp2_crypto_boringssl_cipher crypto_cipher_aes_128 = {
55
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_128,
56
+ };
57
+
58
+ static ngtcp2_crypto_boringssl_cipher crypto_cipher_aes_256 = {
59
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_256,
60
+ };
61
+
62
+ static ngtcp2_crypto_boringssl_cipher crypto_cipher_chacha20 = {
63
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_CHACHA20,
64
+ };
65
+
66
+ ngtcp2_crypto_aead *ngtcp2_crypto_aead_aes_128_gcm(ngtcp2_crypto_aead *aead) {
67
+ return ngtcp2_crypto_aead_init(aead, (void *)EVP_aead_aes_128_gcm());
68
+ }
69
+
70
+ ngtcp2_crypto_md *ngtcp2_crypto_md_sha256(ngtcp2_crypto_md *md) {
71
+ md->native_handle = (void *)EVP_sha256();
72
+ return md;
73
+ }
74
+
75
+ ngtcp2_crypto_ctx *ngtcp2_crypto_ctx_initial(ngtcp2_crypto_ctx *ctx) {
76
+ ngtcp2_crypto_aead_init(&ctx->aead, (void *)EVP_aead_aes_128_gcm());
77
+ ctx->md.native_handle = (void *)EVP_sha256();
78
+ ctx->hp.native_handle = (void *)&crypto_cipher_aes_128;
79
+ ctx->max_encryption = 0;
80
+ ctx->max_decryption_failure = 0;
81
+ return ctx;
82
+ }
83
+
84
+ ngtcp2_crypto_aead *ngtcp2_crypto_aead_init(ngtcp2_crypto_aead *aead,
85
+ void *aead_native_handle) {
86
+ aead->native_handle = aead_native_handle;
87
+ aead->max_overhead = EVP_AEAD_max_overhead(aead->native_handle);
88
+ return aead;
89
+ }
90
+
91
+ ngtcp2_crypto_aead *ngtcp2_crypto_aead_retry(ngtcp2_crypto_aead *aead) {
92
+ return ngtcp2_crypto_aead_init(aead, (void *)EVP_aead_aes_128_gcm());
93
+ }
94
+
95
+ static const EVP_AEAD *crypto_ssl_get_aead(SSL *ssl) {
96
+ switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) {
97
+ case TLS1_CK_AES_128_GCM_SHA256:
98
+ return EVP_aead_aes_128_gcm();
99
+ case TLS1_CK_AES_256_GCM_SHA384:
100
+ return EVP_aead_aes_256_gcm();
101
+ case TLS1_CK_CHACHA20_POLY1305_SHA256:
102
+ return EVP_aead_chacha20_poly1305();
103
+ default:
104
+ return NULL;
105
+ }
106
+ }
107
+
108
+ static uint64_t crypto_ssl_get_aead_max_encryption(SSL *ssl) {
109
+ switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) {
110
+ case TLS1_CK_AES_128_GCM_SHA256:
111
+ case TLS1_CK_AES_256_GCM_SHA384:
112
+ return NGTCP2_CRYPTO_MAX_ENCRYPTION_AES_GCM;
113
+ case TLS1_CK_CHACHA20_POLY1305_SHA256:
114
+ return NGTCP2_CRYPTO_MAX_ENCRYPTION_CHACHA20_POLY1305;
115
+ default:
116
+ return 0;
117
+ }
118
+ }
119
+
120
+ static uint64_t crypto_ssl_get_aead_max_decryption_failure(SSL *ssl) {
121
+ switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) {
122
+ case TLS1_CK_AES_128_GCM_SHA256:
123
+ case TLS1_CK_AES_256_GCM_SHA384:
124
+ return NGTCP2_CRYPTO_MAX_DECRYPTION_FAILURE_AES_GCM;
125
+ case TLS1_CK_CHACHA20_POLY1305_SHA256:
126
+ return NGTCP2_CRYPTO_MAX_DECRYPTION_FAILURE_CHACHA20_POLY1305;
127
+ default:
128
+ return 0;
129
+ }
130
+ }
131
+
132
+ static const ngtcp2_crypto_boringssl_cipher *crypto_ssl_get_hp(SSL *ssl) {
133
+ switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) {
134
+ case TLS1_CK_AES_128_GCM_SHA256:
135
+ return &crypto_cipher_aes_128;
136
+ case TLS1_CK_AES_256_GCM_SHA384:
137
+ return &crypto_cipher_aes_256;
138
+ case TLS1_CK_CHACHA20_POLY1305_SHA256:
139
+ return &crypto_cipher_chacha20;
140
+ default:
141
+ return NULL;
142
+ }
143
+ }
144
+
145
+ static const EVP_MD *crypto_ssl_get_md(SSL *ssl) {
146
+ switch (SSL_CIPHER_get_id(SSL_get_current_cipher(ssl))) {
147
+ case TLS1_CK_AES_128_GCM_SHA256:
148
+ case TLS1_CK_CHACHA20_POLY1305_SHA256:
149
+ return EVP_sha256();
150
+ case TLS1_CK_AES_256_GCM_SHA384:
151
+ return EVP_sha384();
152
+ default:
153
+ return NULL;
154
+ }
155
+ }
156
+
157
+ ngtcp2_crypto_ctx *ngtcp2_crypto_ctx_tls(ngtcp2_crypto_ctx *ctx,
158
+ void *tls_native_handle) {
159
+ SSL *ssl = tls_native_handle;
160
+ ngtcp2_crypto_aead_init(&ctx->aead, (void *)crypto_ssl_get_aead(ssl));
161
+ ctx->md.native_handle = (void *)crypto_ssl_get_md(ssl);
162
+ ctx->hp.native_handle = (void *)crypto_ssl_get_hp(ssl);
163
+ ctx->max_encryption = crypto_ssl_get_aead_max_encryption(ssl);
164
+ ctx->max_decryption_failure = crypto_ssl_get_aead_max_decryption_failure(ssl);
165
+ return ctx;
166
+ }
167
+
168
+ ngtcp2_crypto_ctx *ngtcp2_crypto_ctx_tls_early(ngtcp2_crypto_ctx *ctx,
169
+ void *tls_native_handle) {
170
+ return ngtcp2_crypto_ctx_tls(ctx, tls_native_handle);
171
+ }
172
+
173
+ static size_t crypto_md_hashlen(const EVP_MD *md) {
174
+ return (size_t)EVP_MD_size(md);
175
+ }
176
+
177
+ size_t ngtcp2_crypto_md_hashlen(const ngtcp2_crypto_md *md) {
178
+ return crypto_md_hashlen(md->native_handle);
179
+ }
180
+
181
+ static size_t crypto_aead_keylen(const EVP_AEAD *aead) {
182
+ return (size_t)EVP_AEAD_key_length(aead);
183
+ }
184
+
185
+ size_t ngtcp2_crypto_aead_keylen(const ngtcp2_crypto_aead *aead) {
186
+ return crypto_aead_keylen(aead->native_handle);
187
+ }
188
+
189
+ static size_t crypto_aead_noncelen(const EVP_AEAD *aead) {
190
+ return (size_t)EVP_AEAD_nonce_length(aead);
191
+ }
192
+
193
+ size_t ngtcp2_crypto_aead_noncelen(const ngtcp2_crypto_aead *aead) {
194
+ return crypto_aead_noncelen(aead->native_handle);
195
+ }
196
+
197
+ int ngtcp2_crypto_aead_ctx_encrypt_init(ngtcp2_crypto_aead_ctx *aead_ctx,
198
+ const ngtcp2_crypto_aead *aead,
199
+ const uint8_t *key, size_t noncelen) {
200
+ const EVP_AEAD *cipher = aead->native_handle;
201
+ size_t keylen = crypto_aead_keylen(cipher);
202
+ EVP_AEAD_CTX *actx;
203
+
204
+ (void)noncelen;
205
+
206
+ actx = EVP_AEAD_CTX_new(cipher, key, keylen, EVP_AEAD_DEFAULT_TAG_LENGTH);
207
+ if (actx == NULL) {
208
+ return -1;
209
+ }
210
+
211
+ aead_ctx->native_handle = actx;
212
+
213
+ return 0;
214
+ }
215
+
216
+ int ngtcp2_crypto_aead_ctx_decrypt_init(ngtcp2_crypto_aead_ctx *aead_ctx,
217
+ const ngtcp2_crypto_aead *aead,
218
+ const uint8_t *key, size_t noncelen) {
219
+ return ngtcp2_crypto_aead_ctx_encrypt_init(aead_ctx, aead, key, noncelen);
220
+ }
221
+
222
+ void ngtcp2_crypto_aead_ctx_free(ngtcp2_crypto_aead_ctx *aead_ctx) {
223
+ if (aead_ctx->native_handle) {
224
+ EVP_AEAD_CTX_free(aead_ctx->native_handle);
225
+ }
226
+ }
227
+
228
+ typedef struct ngtcp2_crypto_boringssl_cipher_ctx {
229
+ ngtcp2_crypto_boringssl_cipher_type type;
230
+ union {
231
+ /* aes_key is an encryption key when type is either
232
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_128 or
233
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_256. */
234
+ AES_KEY aes_key;
235
+ /* key contains an encryption key when type ==
236
+ NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_CHACHA20. */
237
+ uint8_t key[32];
238
+ };
239
+ } ngtcp2_crypto_boringssl_cipher_ctx;
240
+
241
+ int ngtcp2_crypto_cipher_ctx_encrypt_init(ngtcp2_crypto_cipher_ctx *cipher_ctx,
242
+ const ngtcp2_crypto_cipher *cipher,
243
+ const uint8_t *key) {
244
+ ngtcp2_crypto_boringssl_cipher *hp_cipher = cipher->native_handle;
245
+ ngtcp2_crypto_boringssl_cipher_ctx *ctx;
246
+ int rv;
247
+ (void)rv;
248
+
249
+ ctx = malloc(sizeof(*ctx));
250
+ if (ctx == NULL) {
251
+ return -1;
252
+ }
253
+
254
+ ctx->type = hp_cipher->type;
255
+ cipher_ctx->native_handle = ctx;
256
+
257
+ switch (hp_cipher->type) {
258
+ case NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_128:
259
+ rv = AES_set_encrypt_key(key, 128, &ctx->aes_key);
260
+ assert(0 == rv);
261
+ return 0;
262
+ case NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_256:
263
+ rv = AES_set_encrypt_key(key, 256, &ctx->aes_key);
264
+ assert(0 == rv);
265
+ return 0;
266
+ case NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_CHACHA20:
267
+ memcpy(ctx->key, key, sizeof(ctx->key));
268
+ return 0;
269
+ default:
270
+ assert(0);
271
+ abort();
272
+ };
273
+ }
274
+
275
+ void ngtcp2_crypto_cipher_ctx_free(ngtcp2_crypto_cipher_ctx *cipher_ctx) {
276
+ if (!cipher_ctx->native_handle) {
277
+ return;
278
+ }
279
+
280
+ free(cipher_ctx->native_handle);
281
+ }
282
+
283
+ int ngtcp2_crypto_hkdf_extract(uint8_t *dest, const ngtcp2_crypto_md *md,
284
+ const uint8_t *secret, size_t secretlen,
285
+ const uint8_t *salt, size_t saltlen) {
286
+ const EVP_MD *prf = md->native_handle;
287
+ size_t destlen = (size_t)EVP_MD_size(prf);
288
+
289
+ if (HKDF_extract(dest, &destlen, prf, secret, secretlen, salt, saltlen) !=
290
+ 1) {
291
+ return -1;
292
+ }
293
+
294
+ return 0;
295
+ }
296
+
297
+ int ngtcp2_crypto_hkdf_expand(uint8_t *dest, size_t destlen,
298
+ const ngtcp2_crypto_md *md, const uint8_t *secret,
299
+ size_t secretlen, const uint8_t *info,
300
+ size_t infolen) {
301
+ const EVP_MD *prf = md->native_handle;
302
+
303
+ if (HKDF_expand(dest, destlen, prf, secret, secretlen, info, infolen) != 1) {
304
+ return -1;
305
+ }
306
+
307
+ return 0;
308
+ }
309
+
310
+ int ngtcp2_crypto_hkdf(uint8_t *dest, size_t destlen,
311
+ const ngtcp2_crypto_md *md, const uint8_t *secret,
312
+ size_t secretlen, const uint8_t *salt, size_t saltlen,
313
+ const uint8_t *info, size_t infolen) {
314
+ const EVP_MD *prf = md->native_handle;
315
+
316
+ if (HKDF(dest, destlen, prf, secret, secretlen, salt, saltlen, info,
317
+ infolen) != 1) {
318
+ return -1;
319
+ }
320
+
321
+ return 0;
322
+ }
323
+
324
+ int ngtcp2_crypto_encrypt(uint8_t *dest, const ngtcp2_crypto_aead *aead,
325
+ const ngtcp2_crypto_aead_ctx *aead_ctx,
326
+ const uint8_t *plaintext, size_t plaintextlen,
327
+ const uint8_t *nonce, size_t noncelen,
328
+ const uint8_t *aad, size_t aadlen) {
329
+ const EVP_AEAD *cipher = aead->native_handle;
330
+ EVP_AEAD_CTX *actx = aead_ctx->native_handle;
331
+ size_t max_outlen = plaintextlen + EVP_AEAD_max_overhead(cipher);
332
+ size_t outlen;
333
+
334
+ if (EVP_AEAD_CTX_seal(actx, dest, &outlen, max_outlen, nonce, noncelen,
335
+ plaintext, plaintextlen, aad, aadlen) != 1) {
336
+ return -1;
337
+ }
338
+
339
+ return 0;
340
+ }
341
+
342
+ int ngtcp2_crypto_decrypt(uint8_t *dest, const ngtcp2_crypto_aead *aead,
343
+ const ngtcp2_crypto_aead_ctx *aead_ctx,
344
+ const uint8_t *ciphertext, size_t ciphertextlen,
345
+ const uint8_t *nonce, size_t noncelen,
346
+ const uint8_t *aad, size_t aadlen) {
347
+ const EVP_AEAD *cipher = aead->native_handle;
348
+ EVP_AEAD_CTX *actx = aead_ctx->native_handle;
349
+ size_t max_overhead = EVP_AEAD_max_overhead(cipher);
350
+ size_t max_outlen;
351
+ size_t outlen;
352
+
353
+ if (ciphertextlen < max_overhead) {
354
+ return -1;
355
+ }
356
+
357
+ max_outlen = ciphertextlen - max_overhead;
358
+
359
+ if (EVP_AEAD_CTX_open(actx, dest, &outlen, max_outlen, nonce, noncelen,
360
+ ciphertext, ciphertextlen, aad, aadlen) != 1) {
361
+ return -1;
362
+ }
363
+
364
+ return 0;
365
+ }
366
+
367
+ int ngtcp2_crypto_hp_mask(uint8_t *dest, const ngtcp2_crypto_cipher *hp,
368
+ const ngtcp2_crypto_cipher_ctx *hp_ctx,
369
+ const uint8_t *sample) {
370
+ static const uint8_t PLAINTEXT[] = "\x00\x00\x00\x00\x00";
371
+ ngtcp2_crypto_boringssl_cipher_ctx *ctx = hp_ctx->native_handle;
372
+ uint32_t counter;
373
+
374
+ (void)hp;
375
+
376
+ switch (ctx->type) {
377
+ case NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_128:
378
+ case NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_AES_256:
379
+ AES_ecb_encrypt(sample, dest, &ctx->aes_key, 1);
380
+ return 0;
381
+ case NGTCP2_CRYPTO_BORINGSSL_CIPHER_TYPE_CHACHA20:
382
+ #if defined(WORDS_BIGENDIAN)
383
+ counter = (uint32_t)sample[0] + (uint32_t)(sample[1] << 8) +
384
+ (uint32_t)(sample[2] << 16) + (uint32_t)(sample[3] << 24);
385
+ #else /* !WORDS_BIGENDIAN */
386
+ memcpy(&counter, sample, sizeof(counter));
387
+ #endif /* !WORDS_BIGENDIAN */
388
+ CRYPTO_chacha_20(dest, PLAINTEXT, sizeof(PLAINTEXT) - 1, ctx->key,
389
+ sample + sizeof(counter), counter);
390
+ return 0;
391
+ default:
392
+ assert(0);
393
+ abort();
394
+ }
395
+ }
396
+
397
+ int ngtcp2_crypto_read_write_crypto_data(ngtcp2_conn *conn,
398
+ ngtcp2_crypto_level crypto_level,
399
+ const uint8_t *data, size_t datalen) {
400
+ SSL *ssl = ngtcp2_conn_get_tls_native_handle(conn);
401
+ int rv;
402
+ int err;
403
+
404
+ if (SSL_provide_quic_data(
405
+ ssl, ngtcp2_crypto_boringssl_from_ngtcp2_crypto_level(crypto_level),
406
+ data, datalen) != 1) {
407
+ return -1;
408
+ }
409
+
410
+ if (!ngtcp2_conn_get_handshake_completed(conn)) {
411
+ retry:
412
+ rv = SSL_do_handshake(ssl);
413
+ if (rv <= 0) {
414
+ err = SSL_get_error(ssl, rv);
415
+ switch (err) {
416
+ case SSL_ERROR_WANT_READ:
417
+ case SSL_ERROR_WANT_WRITE:
418
+ return 0;
419
+ case SSL_ERROR_SSL:
420
+ return -1;
421
+ case SSL_ERROR_EARLY_DATA_REJECTED:
422
+ assert(!ngtcp2_conn_is_server(conn));
423
+
424
+ SSL_reset_early_data_reject(ssl);
425
+
426
+ rv = ngtcp2_conn_early_data_rejected(conn);
427
+ if (rv != 0) {
428
+ return -1;
429
+ }
430
+
431
+ goto retry;
432
+ default:
433
+ return -1;
434
+ }
435
+ }
436
+
437
+ if (SSL_in_early_data(ssl)) {
438
+ return 0;
439
+ }
440
+
441
+ ngtcp2_conn_handshake_completed(conn);
442
+ }
443
+
444
+ rv = SSL_process_quic_post_handshake(ssl);
445
+ if (rv != 1) {
446
+ err = SSL_get_error(ssl, rv);
447
+ switch (err) {
448
+ case SSL_ERROR_WANT_READ:
449
+ case SSL_ERROR_WANT_WRITE:
450
+ return 0;
451
+ case SSL_ERROR_SSL:
452
+ case SSL_ERROR_ZERO_RETURN:
453
+ return -1;
454
+ default:
455
+ return -1;
456
+ }
457
+ }
458
+
459
+ return 0;
460
+ }
461
+
462
+ int ngtcp2_crypto_set_remote_transport_params(ngtcp2_conn *conn, void *tls) {
463
+ SSL *ssl = tls;
464
+ const uint8_t *tp;
465
+ size_t tplen;
466
+ int rv;
467
+
468
+ SSL_get_peer_quic_transport_params(ssl, &tp, &tplen);
469
+
470
+ rv = ngtcp2_conn_decode_remote_transport_params(conn, tp, tplen);
471
+ if (rv != 0) {
472
+ ngtcp2_conn_set_tls_error(conn, rv);
473
+ return -1;
474
+ }
475
+
476
+ return 0;
477
+ }
478
+
479
+ int ngtcp2_crypto_set_local_transport_params(void *tls, const uint8_t *buf,
480
+ size_t len) {
481
+ if (SSL_set_quic_transport_params(tls, buf, len) != 1) {
482
+ return -1;
483
+ }
484
+
485
+ return 0;
486
+ }
487
+
488
+ ngtcp2_crypto_level ngtcp2_crypto_boringssl_from_ssl_encryption_level(
489
+ enum ssl_encryption_level_t ssl_level) {
490
+ switch (ssl_level) {
491
+ case ssl_encryption_initial:
492
+ return NGTCP2_CRYPTO_LEVEL_INITIAL;
493
+ case ssl_encryption_early_data:
494
+ return NGTCP2_CRYPTO_LEVEL_EARLY;
495
+ case ssl_encryption_handshake:
496
+ return NGTCP2_CRYPTO_LEVEL_HANDSHAKE;
497
+ case ssl_encryption_application:
498
+ return NGTCP2_CRYPTO_LEVEL_APPLICATION;
499
+ default:
500
+ assert(0);
501
+ abort();
502
+ }
503
+ }
504
+
505
+ enum ssl_encryption_level_t ngtcp2_crypto_boringssl_from_ngtcp2_crypto_level(
506
+ ngtcp2_crypto_level crypto_level) {
507
+ switch (crypto_level) {
508
+ case NGTCP2_CRYPTO_LEVEL_INITIAL:
509
+ return ssl_encryption_initial;
510
+ case NGTCP2_CRYPTO_LEVEL_HANDSHAKE:
511
+ return ssl_encryption_handshake;
512
+ case NGTCP2_CRYPTO_LEVEL_APPLICATION:
513
+ return ssl_encryption_application;
514
+ case NGTCP2_CRYPTO_LEVEL_EARLY:
515
+ return ssl_encryption_early_data;
516
+ default:
517
+ assert(0);
518
+ abort();
519
+ }
520
+ }
521
+
522
+ int ngtcp2_crypto_get_path_challenge_data_cb(ngtcp2_conn *conn, uint8_t *data,
523
+ void *user_data) {
524
+ (void)conn;
525
+ (void)user_data;
526
+
527
+ if (RAND_bytes(data, NGTCP2_PATH_CHALLENGE_DATALEN) != 1) {
528
+ return NGTCP2_ERR_CALLBACK_FAILURE;
529
+ }
530
+
531
+ return 0;
532
+ }
533
+
534
+ int ngtcp2_crypto_random(uint8_t *data, size_t datalen) {
535
+ if (RAND_bytes(data, datalen) != 1) {
536
+ return -1;
537
+ }
538
+
539
+ return 0;
540
+ }
541
+
542
+ static int set_read_secret(SSL *ssl, enum ssl_encryption_level_t bssl_level,
543
+ const SSL_CIPHER *cipher, const uint8_t *secret,
544
+ size_t secretlen) {
545
+ ngtcp2_crypto_conn_ref *conn_ref = SSL_get_app_data(ssl);
546
+ ngtcp2_conn *conn = conn_ref->get_conn(conn_ref);
547
+ ngtcp2_crypto_level level =
548
+ ngtcp2_crypto_boringssl_from_ssl_encryption_level(bssl_level);
549
+ (void)cipher;
550
+
551
+ if (ngtcp2_crypto_derive_and_install_rx_key(conn, NULL, NULL, NULL, level,
552
+ secret, secretlen) != 0) {
553
+ return 0;
554
+ }
555
+
556
+ return 1;
557
+ }
558
+
559
+ static int set_write_secret(SSL *ssl, enum ssl_encryption_level_t bssl_level,
560
+ const SSL_CIPHER *cipher, const uint8_t *secret,
561
+ size_t secretlen) {
562
+ ngtcp2_crypto_conn_ref *conn_ref = SSL_get_app_data(ssl);
563
+ ngtcp2_conn *conn = conn_ref->get_conn(conn_ref);
564
+ ngtcp2_crypto_level level =
565
+ ngtcp2_crypto_boringssl_from_ssl_encryption_level(bssl_level);
566
+ (void)cipher;
567
+
568
+ if (ngtcp2_crypto_derive_and_install_tx_key(conn, NULL, NULL, NULL, level,
569
+ secret, secretlen) != 0) {
570
+ return 0;
571
+ }
572
+
573
+ return 1;
574
+ }
575
+
576
+ static int add_handshake_data(SSL *ssl, enum ssl_encryption_level_t bssl_level,
577
+ const uint8_t *data, size_t datalen) {
578
+ ngtcp2_crypto_conn_ref *conn_ref = SSL_get_app_data(ssl);
579
+ ngtcp2_conn *conn = conn_ref->get_conn(conn_ref);
580
+ ngtcp2_crypto_level level =
581
+ ngtcp2_crypto_boringssl_from_ssl_encryption_level(bssl_level);
582
+ int rv;
583
+
584
+ rv = ngtcp2_conn_submit_crypto_data(conn, level, data, datalen);
585
+ if (rv != 0) {
586
+ ngtcp2_conn_set_tls_error(conn, rv);
587
+ return 0;
588
+ }
589
+
590
+ return 1;
591
+ }
592
+
593
+ static int flush_flight(SSL *ssl) {
594
+ (void)ssl;
595
+ return 1;
596
+ }
597
+
598
+ static int send_alert(SSL *ssl, enum ssl_encryption_level_t bssl_level,
599
+ uint8_t alert) {
600
+ ngtcp2_crypto_conn_ref *conn_ref = SSL_get_app_data(ssl);
601
+ ngtcp2_conn *conn = conn_ref->get_conn(conn_ref);
602
+ (void)bssl_level;
603
+
604
+ ngtcp2_conn_set_tls_alert(conn, alert);
605
+
606
+ return 1;
607
+ }
608
+
609
+ static SSL_QUIC_METHOD quic_method = {
610
+ set_read_secret, set_write_secret, add_handshake_data,
611
+ flush_flight, send_alert,
612
+ };
613
+
614
+ static void crypto_boringssl_configure_context(SSL_CTX *ssl_ctx) {
615
+ SSL_CTX_set_min_proto_version(ssl_ctx, TLS1_3_VERSION);
616
+ SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_3_VERSION);
617
+ SSL_CTX_set_quic_method(ssl_ctx, &quic_method);
618
+ }
619
+
620
+ int ngtcp2_crypto_boringssl_configure_server_context(SSL_CTX *ssl_ctx) {
621
+ crypto_boringssl_configure_context(ssl_ctx);
622
+
623
+ return 0;
624
+ }
625
+
626
+ int ngtcp2_crypto_boringssl_configure_client_context(SSL_CTX *ssl_ctx) {
627
+ crypto_boringssl_configure_context(ssl_ctx);
628
+
629
+ return 0;
630
+ }
data/ext/ngtcp2/crypto/boringssl/libngtcp2_crypto_boringssl.pc.in ADDED
@@ -0,0 +1,33 @@
1
+ # ngtcp2
2
+
3
+ # Copyright (c) 2020 ngtcp2 contributors
4
+
5
+ # Permission is hereby granted, free of charge, to any person obtaining
6
+ # a copy of this software and associated documentation files (the
7
+ # "Software"), to deal in the Software without restriction, including
8
+ # without limitation the rights to use, copy, modify, merge, publish,
9
+ # distribute, sublicense, and/or sell copies of the Software, and to
10
+ # permit persons to whom the Software is furnished to do so, subject to
11
+ # the following conditions:
12
+
13
+ # The above copyright notice and this permission notice shall be
14
+ # included in all copies or substantial portions of the Software.
15
+
16
+ # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17
+ # EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18
+ # MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19
+ # NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20
+ # LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21
+ # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22
+ # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23
+ prefix=@prefix@
24
+ exec_prefix=@exec_prefix@
25
+ libdir=@libdir@
26
+ includedir=@includedir@
27
+
28
+ Name: libngtcp2_crypto_boringssl
29
+ Description: ngtcp2 BoringSSL crypto library
30
+ URL: https://github.com/ngtcp2/ngtcp2
31
+ Version: @VERSION@
32
+ Libs: -L${libdir} -lngtcp2_crypto_boringssl
33
+ Cflags: -I${includedir}