diff options
Diffstat (limited to 'src/plugins/quic/quic_crypto.c')
-rw-r--r-- | src/plugins/quic/quic_crypto.c | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/plugins/quic/quic_crypto.c b/src/plugins/quic/quic_crypto.c index c30e68c34ab..2223ab66eab 100644 --- a/src/plugins/quic/quic_crypto.c +++ b/src/plugins/quic/quic_crypto.c @@ -322,6 +322,51 @@ ptls_cipher_suite_t *quic_crypto_cipher_suites[] = NULL }; +int +quic_encrypt_ticket_cb (ptls_encrypt_ticket_t * _self, ptls_t * tls, + int is_encrypt, ptls_buffer_t * dst, ptls_iovec_t src) +{ + quic_session_cache_t *self = (void *) _self; + int ret; + + if (is_encrypt) + { + + /* replace the cached entry along with a newly generated session id */ + clib_mem_free (self->data.base); + if ((self->data.base = clib_mem_alloc (src.len)) == NULL) + return PTLS_ERROR_NO_MEMORY; + + ptls_get_context (tls)->random_bytes (self->id, sizeof (self->id)); + clib_memcpy (self->data.base, src.base, src.len); + self->data.len = src.len; + + /* store the session id in buffer */ + if ((ret = ptls_buffer_reserve (dst, sizeof (self->id))) != 0) + return ret; + clib_memcpy (dst->base + dst->off, self->id, sizeof (self->id)); + dst->off += sizeof (self->id); + + } + else + { + + /* check if session id is the one stored in cache */ + if (src.len != sizeof (self->id)) + return PTLS_ERROR_SESSION_NOT_FOUND; + if (clib_memcmp (self->id, src.base, sizeof (self->id)) != 0) + return PTLS_ERROR_SESSION_NOT_FOUND; + + /* return the cached value */ + if ((ret = ptls_buffer_reserve (dst, self->data.len)) != 0) + return ret; + clib_memcpy (dst->base + dst->off, self->data.base, self->data.len); + dst->off += self->data.len; + } + + return 0; +} + /* * fd.io coding-style-patch-verification: ON * |