QUIC: fixed computation of nonce with packet numbers beyond 2^32.

Prodded by Yu Zhu.
author: Sergey Kandaurov <pluknet@nginx.com> 2022-11-25 15:56:33 +0400
committer: Sergey Kandaurov <pluknet@nginx.com> 2022-11-25 15:56:33 +0400
commit: d3294e61d598021554b91dd350c2dcd33c55887d (patch)
tree: 08f707612730b15da5e827c9b5861bf477711092 /src
parent: 7d73c50a2d11314270663ebfa4665719c66634f4 (diff)
download: nginx-d3294e61d598021554b91dd350c2dcd33c55887d.tar.gz
nginx-d3294e61d598021554b91dd350c2dcd33c55887d.zip
1 files changed, 8 insertions, 4 deletions
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c
index 3110c9e64..91cfc6be3 100644
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -964,10 +964,14 @@ ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask,
 static void
 ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn)
 {
-    nonce[len - 4] ^= (pn & 0xff000000) >> 24;
-    nonce[len - 3] ^= (pn & 0x00ff0000) >> 16;
-    nonce[len - 2] ^= (pn & 0x0000ff00) >> 8;
-    nonce[len - 1] ^= (pn & 0x000000ff);
+    nonce[len - 8] ^= (pn >> 56) & 0x3f;
+    nonce[len - 7] ^= (pn >> 48) & 0xff;
+    nonce[len - 6] ^= (pn >> 40) & 0xff;
+    nonce[len - 5] ^= (pn >> 32) & 0xff;
+    nonce[len - 4] ^= (pn >> 24) & 0xff;
+    nonce[len - 3] ^= (pn >> 16) & 0xff;
+    nonce[len - 2] ^= (pn >> 8) & 0xff;
+    nonce[len - 1] ^= pn & 0xff;
 }
author	Sergey Kandaurov <pluknet@nginx.com>	2022-11-25 15:56:33 +0400
committer	Sergey Kandaurov <pluknet@nginx.com>	2022-11-25 15:56:33 +0400
commit	d3294e61d598021554b91dd350c2dcd33c55887d (patch)
tree	08f707612730b15da5e827c9b5861bf477711092 /src
parent	7d73c50a2d11314270663ebfa4665719c66634f4 (diff)
download	nginx-d3294e61d598021554b91dd350c2dcd33c55887d.tar.gz nginx-d3294e61d598021554b91dd350c2dcd33c55887d.zip