QUIC: fixed computation of nonce with packet numbers beyond 2^32.

author Sergey Kandaurov <pluknet@nginx.com>

Fri, 25 Nov 2022 11:56:33 +0000 (15:56 +0400)

committer Sergey Kandaurov <pluknet@nginx.com>

Fri, 25 Nov 2022 11:56:33 +0000 (15:56 +0400)
author Sergey Kandaurov <pluknet@nginx.com>
Fri, 25 Nov 2022 11:56:33 +0000 (15:56 +0400)
committer Sergey Kandaurov <pluknet@nginx.com>
Fri, 25 Nov 2022 11:56:33 +0000 (15:56 +0400)
diff --git a/src/event/quic/ngx_event_quic_protection.c b/src/event/quic/ngx_event_quic_protection.c

index 3110c9e64e945916d6ad3d505bce27cec4ac71f7..91cfc6be332880822622e96bf223694634d4724f 100644 (file)
--- a/src/event/quic/ngx_event_quic_protection.c
+++ b/src/event/quic/ngx_event_quic_protection.c
@@ -964,10 +964,14 @@ ngx_quic_parse_pn(u_char **pos, ngx_int_t len, u_char *mask,
  static void
  ngx_quic_compute_nonce(u_char *nonce, size_t len, uint64_t pn)
  {
-    nonce[len - 4] ^= (pn & 0xff000000) >> 24;
-    nonce[len - 3] ^= (pn & 0x00ff0000) >> 16;
-    nonce[len - 2] ^= (pn & 0x0000ff00) >> 8;
-    nonce[len - 1] ^= (pn & 0x000000ff);
+    nonce[len - 8] ^= (pn >> 56) & 0x3f;
+    nonce[len - 7] ^= (pn >> 48) & 0xff;
+    nonce[len - 6] ^= (pn >> 40) & 0xff;
+    nonce[len - 5] ^= (pn >> 32) & 0xff;
+    nonce[len - 4] ^= (pn >> 24) & 0xff;
+    nonce[len - 3] ^= (pn >> 16) & 0xff;
+    nonce[len - 2] ^= (pn >> 8) & 0xff;
+    nonce[len - 1] ^= pn & 0xff;
  }
author	Sergey Kandaurov <pluknet@nginx.com>
	Fri, 25 Nov 2022 11:56:33 +0000 (15:56 +0400)
committer	Sergey Kandaurov <pluknet@nginx.com>
	Fri, 25 Nov 2022 11:56:33 +0000 (15:56 +0400)