gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

use a pre-generated test vectors to test hkdfExpandLabel

Browse Source 
The only reason we were using qtls.HkdfExpandLabel was to test our own
implementation of HKDF-Expand-Label. By using a pre-generated test
vector, we won't have to expose this function from qtls any more.
This commit is contained in:
Marten Seemann
2021-05-10 17:04:59 -07:00
parent 50746dbea6
commit 05af55b0c9
3 changed files with 5 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
internal/handshake/hkdf_test.go
View File

@@ -2,30 +2,16 @@ package handshake
import ( import (
"crypto" "crypto"
"crypto/rand"
mrand "math/rand"
"github.com/lucas-clemente/quic-go/internal/qtls"
. "github.com/onsi/ginkgo" . "github.com/onsi/ginkgo"
. "github.com/onsi/gomega" . "github.com/onsi/gomega"
) )
var _ = Describe("Initial AEAD using AES-GCM", func() { var _ = Describe("Initial AEAD using AES-GCM", func() {
// Result generated by running in qtls:
// cipherSuiteTLS13ByID(TLS_AES_128_GCM_SHA256).expandLabel([]byte("secret"), []byte("context"), "label", 42)
It("gets the same results as qtls", func() { It("gets the same results as qtls", func() {
for i := 0; i < 20; i++ { expanded := hkdfExpandLabel(crypto.SHA256, []byte("secret"), []byte("context"), "label", 42)
secret := make([]byte, 32) Expect(expanded).To(Equal([]byte{0x78, 0x87, 0x6a, 0xb5, 0x84, 0xa2, 0x26, 0xb7, 0x8, 0x5a, 0x7b, 0x3a, 0x4c, 0xbb, 0x1e, 0xbc, 0x2f, 0x9b, 0x67, 0xd0, 0x6a, 0xa2, 0x24, 0xb4, 0x7d, 0x29, 0x3c, 0x7a, 0xce, 0xc7, 0xc3, 0x74, 0xcd, 0x59, 0x7a, 0xa8, 0x21, 0x5e, 0xe7, 0xca, 0x1, 0xda}))
rand.Read(secret)
context := make([]byte, mrand.Intn(100))
rand.Read(context)
labelB := make([]byte, mrand.Intn(100))
rand.Read(labelB)
label := string(labelB)
length := mrand.Intn(100)
expanded := hkdfExpandLabel(crypto.SHA256, secret, context, label, length)
expandedQTLS := qtls.HkdfExpandLabel(crypto.SHA256, secret, context, label, length)
Expect(expanded).To(Equal(expandedQTLS))
}
}) })
}) })

7
internal/qtls/go115.go
View File

@@ -10,7 +10,7 @@ import (
"net" "net"
"unsafe" "unsafe"
qtls "github.com/marten-seemann/qtls-go1-15" "github.com/marten-seemann/qtls-go1-15"
) )
type ( type (
@@ -63,11 +63,6 @@ func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte {
return qtls.HkdfExtract(hash, newSecret, currentSecret) return qtls.HkdfExtract(hash, newSecret, currentSecret)
} }
// HkdfExpandLabel HKDF expands a label
func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte {
return qtls.HkdfExpandLabel(hash, secret, hashValue, label, L)
}
// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
return qtls.AEADAESGCMTLS13(key, fixedNonce) return qtls.AEADAESGCMTLS13(key, fixedNonce)

5
internal/qtls/go116.go
View File

@@ -62,11 +62,6 @@ func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte {
return qtls.HkdfExtract(hash, newSecret, currentSecret) return qtls.HkdfExtract(hash, newSecret, currentSecret)
} }
// HkdfExpandLabel HKDF expands a label
func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte {
return qtls.HkdfExpandLabel(hash, secret, hashValue, label, L)
}
// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
return qtls.AEADAESGCMTLS13(key, fixedNonce) return qtls.AEADAESGCMTLS13(key, fixedNonce)