QUIC: got rid of memory copy when initializing constant values.

This commit is contained in:
Sergey Kandaurov 2024-10-07 18:43:48 +04:00 committed by pluknet
parent 9a025219f6
commit 3f755b5a9e

View File

@ -18,6 +18,9 @@
#define NGX_QUIC_INITIAL_CIPHER TLS1_3_CK_AES_128_GCM_SHA256 #define NGX_QUIC_INITIAL_CIPHER TLS1_3_CK_AES_128_GCM_SHA256
#define ngx_quic_md(str) { sizeof(str) - 1, str }
static ngx_int_t ngx_hkdf_expand(u_char *out_key, size_t out_len, static ngx_int_t ngx_hkdf_expand(u_char *out_key, size_t out_len,
const EVP_MD *digest, const u_char *prk, size_t prk_len, const EVP_MD *digest, const u_char *prk, size_t prk_len,
const u_char *info, size_t info_len); const u_char *info, size_t info_len);
@ -606,7 +609,8 @@ ngx_quic_crypto_hp(ngx_quic_secret_t *s, u_char *out, u_char *in,
{ {
int outlen; int outlen;
EVP_CIPHER_CTX *ctx; EVP_CIPHER_CTX *ctx;
u_char zero[NGX_QUIC_HP_LEN] = {0};
static const u_char zero[NGX_QUIC_HP_LEN];
ctx = s->hp_ctx; ctx = s->hp_ctx;
@ -948,16 +952,15 @@ ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
{ {
u_char *start; u_char *start;
ngx_str_t ad, itag; ngx_str_t ad, itag;
ngx_quic_md_t key;
ngx_quic_secret_t secret; ngx_quic_secret_t secret;
ngx_quic_ciphers_t ciphers; ngx_quic_ciphers_t ciphers;
/* 5.8. Retry Packet Integrity */ /* 5.8. Retry Packet Integrity */
static u_char key_data[16] = static ngx_quic_md_t key = ngx_quic_md(
"\xbe\x0c\x69\x0b\x9f\x66\x57\x5a\x1d\x76\x6b\x54\xe3\x68\xc8\x4e"; "\xbe\x0c\x69\x0b\x9f\x66\x57\x5a\x1d\x76\x6b\x54\xe3\x68\xc8\x4e");
static u_char nonce[NGX_QUIC_IV_LEN] = static const u_char nonce[NGX_QUIC_IV_LEN] =
"\x46\x15\x99\xd3\x5d\x63\x2b\xf2\x23\x98\x25\xbb"; "\x46\x15\x99\xd3\x5d\x63\x2b\xf2\x23\x98\x25\xbb";
static ngx_str_t in = ngx_string(""); static ngx_str_t in = ngx_string("");
ad.data = res->data; ad.data = res->data;
ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start); ad.len = ngx_quic_create_retry_itag(pkt, ad.data, &start);
@ -974,8 +977,6 @@ ngx_quic_create_retry_packet(ngx_quic_header_t *pkt, ngx_str_t *res)
return NGX_ERROR; return NGX_ERROR;
} }
key.len = sizeof(key_data);
ngx_memcpy(key.data, key_data, sizeof(key_data));
secret.iv.len = NGX_QUIC_IV_LEN; secret.iv.len = NGX_QUIC_IV_LEN;
if (ngx_quic_crypto_init(ciphers.c, &secret, &key, 1, pkt->log) if (ngx_quic_crypto_init(ciphers.c, &secret, &key, 1, pkt->log)