diff --git a/include/haproxy/quic_tls.h b/include/haproxy/quic_tls.h index 2f8f51ccb..4d1af10fe 100644 --- a/include/haproxy/quic_tls.h +++ b/include/haproxy/quic_tls.h @@ -58,7 +58,7 @@ int quic_tls_derive_initial_secrets(const EVP_MD *md, int quic_tls_encrypt(unsigned char *buf, size_t len, const unsigned char *aad, size_t aad_len, EVP_CIPHER_CTX *ctx, const EVP_CIPHER *aead, - const unsigned char *key, const unsigned char *iv); + const unsigned char *iv); int quic_tls_decrypt2(unsigned char *out, unsigned char *in, size_t ilen, diff --git a/src/quic_conn.c b/src/quic_conn.c index 3edfef767..f3891f12f 100644 --- a/src/quic_conn.c +++ b/src/quic_conn.c @@ -1565,7 +1565,7 @@ static void quic_packet_encrypt(unsigned char *payload, size_t payload_len, quic_aead_iv_build(iv, sizeof iv, tx_iv, tx_iv_sz, pn); if (!quic_tls_encrypt(payload, payload_len, aad, aad_len, - tls_ctx->tx.ctx, tls_ctx->tx.aead, tls_ctx->tx.key, iv)) { + tls_ctx->tx.ctx, tls_ctx->tx.aead, iv)) { TRACE_ERROR("QUIC packet encryption failed", QUIC_EV_CONN_ENCPKT, qc); *fail = 1; enc_debug_info_init(&edi, payload, payload_len, aad, aad_len, pn); @@ -6402,7 +6402,7 @@ static int quic_generate_retry_token(unsigned char *token, size_t len, p += sizeof timestamp; /* Do not encrypt the QUIC_TOKEN_FMT_RETRY byte */ - if (!quic_tls_encrypt(token + 1, p - token - 1, aad, aadlen, ctx, aead, key, iv)) { + if (!quic_tls_encrypt(token + 1, p - token - 1, aad, aadlen, ctx, aead, iv)) { TRACE_ERROR("quic_tls_encrypt() failed", QUIC_EV_CONN_TXPKT); goto err; } diff --git a/src/quic_tls.c b/src/quic_tls.c index 3efea45a6..6eda50f2f 100644 --- a/src/quic_tls.c +++ b/src/quic_tls.c @@ -671,7 +671,7 @@ int quic_tls_tx_ctx_init(EVP_CIPHER_CTX **tx_ctx, int quic_tls_encrypt(unsigned char *buf, size_t len, const unsigned char *aad, size_t aad_len, EVP_CIPHER_CTX *ctx, const EVP_CIPHER *aead, - const unsigned char *key, const unsigned char *iv) + const unsigned char *iv) { int outlen; int aead_nid = EVP_CIPHER_nid(aead);