rename packet number encryption to header encryption

2019-01-05 15:53:59 +07:00
parent 8ac77be934
commit 177c81610b
4 changed files with 33 additions and 33 deletions
--- a/internal/handshake/aead.go
+++ b/internal/handshake/aead.go
@@ -10,11 +10,11 @@ import (
 type sealer struct {
 	iv          []byte
 	aead        cipher.AEAD
-	pnEncrypter cipher.Block
+	hpEncrypter cipher.Block

 	// use a single slice to avoid allocations
 	nonceBuf []byte
-	pnMask   []byte
+	hpMask   []byte

 	// short headers protect 5 bits in the first byte, long headers only 4
 	is1RTT bool
@@ -22,14 +22,14 @@ type sealer struct {

 var _ Sealer = &sealer{}

-func newSealer(aead cipher.AEAD, iv []byte, pnEncrypter cipher.Block, is1RTT bool) Sealer {
+func newSealer(aead cipher.AEAD, iv []byte, hpEncrypter cipher.Block, is1RTT bool) Sealer {
 	return &sealer{
 		iv:          iv,
 		aead:        aead,
 		nonceBuf:    make([]byte, aead.NonceSize()),
 		is1RTT:      is1RTT,
-		pnEncrypter: pnEncrypter,
-		pnMask:      make([]byte, pnEncrypter.BlockSize()),
+		hpEncrypter: hpEncrypter,
+		hpMask:      make([]byte, hpEncrypter.BlockSize()),
 	}
 }

@@ -46,17 +46,17 @@ func (s *sealer) Seal(dst, src []byte, pn protocol.PacketNumber, ad []byte) []by
 }

 func (s *sealer) EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
-	if len(sample) != s.pnEncrypter.BlockSize() {
+	if len(sample) != s.hpEncrypter.BlockSize() {
 		panic("invalid sample size")
 	}
-	s.pnEncrypter.Encrypt(s.pnMask, sample)
+	s.hpEncrypter.Encrypt(s.hpMask, sample)
 	if s.is1RTT {
-		*firstByte ^= s.pnMask[0] & 0x1f
+		*firstByte ^= s.hpMask[0] & 0x1f
 	} else {
-		*firstByte ^= s.pnMask[0] & 0xf
+		*firstByte ^= s.hpMask[0] & 0xf
 	}
 	for i := range pnBytes {
-		pnBytes[i] ^= s.pnMask[i+1]
+		pnBytes[i] ^= s.hpMask[i+1]
 	}
 }

@@ -71,7 +71,7 @@ type opener struct {

 	// use a single slice to avoid allocations
 	nonceBuf []byte
-	pnMask   []byte
+	hpMask   []byte

 	// short headers protect 5 bits in the first byte, long headers only 4
 	is1RTT bool
@@ -86,7 +86,7 @@ func newOpener(aead cipher.AEAD, iv []byte, pnDecrypter cipher.Block, is1RTT boo
 		nonceBuf:    make([]byte, aead.NonceSize()),
 		is1RTT:      is1RTT,
 		pnDecrypter: pnDecrypter,
-		pnMask:      make([]byte, pnDecrypter.BlockSize()),
+		hpMask:      make([]byte, pnDecrypter.BlockSize()),
 	}
 }

@@ -106,13 +106,13 @@ func (o *opener) DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
 	if len(sample) != o.pnDecrypter.BlockSize() {
 		panic("invalid sample size")
 	}
-	o.pnDecrypter.Encrypt(o.pnMask, sample)
+	o.pnDecrypter.Encrypt(o.hpMask, sample)
 	if o.is1RTT {
-		*firstByte ^= o.pnMask[0] & 0x1f
+		*firstByte ^= o.hpMask[0] & 0x1f
 	} else {
-		*firstByte ^= o.pnMask[0] & 0xf
+		*firstByte ^= o.hpMask[0] & 0xf
 	}
 	for i := range pnBytes {
-		pnBytes[i] ^= o.pnMask[i+1]
+		pnBytes[i] ^= o.hpMask[i+1]
 	}
 }
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@@ -412,15 +412,15 @@ func (h *cryptoSetup) ReadHandshakeMessage() ([]byte, error) {
 func (h *cryptoSetup) SetReadKey(suite *qtls.CipherSuite, trafficSecret []byte) {
 	key := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "key", suite.KeyLen())
 	iv := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "iv", suite.IVLen())
-	pnKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "pn", suite.KeyLen())
-	pnDecrypter, err := aes.NewCipher(pnKey)
+	hpKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "pn", suite.KeyLen())
+	hpDecrypter, err := aes.NewCipher(hpKey)
 	if err != nil {
 		panic(fmt.Sprintf("error creating new AES cipher: %s", err))
 	}
 	opener := newOpener(
 		suite.AEAD(key, iv),
 		iv,
-		pnDecrypter,
+		hpDecrypter,
 		h.readEncLevel == protocol.Encryption1RTT,
 	)

@@ -442,15 +442,15 @@ func (h *cryptoSetup) SetReadKey(suite *qtls.CipherSuite, trafficSecret []byte)
 func (h *cryptoSetup) SetWriteKey(suite *qtls.CipherSuite, trafficSecret []byte) {
 	key := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "key", suite.KeyLen())
 	iv := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "iv", suite.IVLen())
-	pnKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "pn", suite.KeyLen())
-	pnEncrypter, err := aes.NewCipher(pnKey)
+	hpKey := qtls.HkdfExpandLabel(suite.Hash(), trafficSecret, []byte{}, "pn", suite.KeyLen())
+	hpEncrypter, err := aes.NewCipher(hpKey)
 	if err != nil {
 		panic(fmt.Sprintf("error creating new AES cipher: %s", err))
 	}
 	sealer := newSealer(
 		suite.AEAD(key, iv),
 		iv,
-		pnEncrypter,
+		hpEncrypter,
 		h.writeEncLevel == protocol.Encryption1RTT,
 	)

--- a/internal/handshake/initial_aead.go
+++ b/internal/handshake/initial_aead.go
@@ -21,8 +21,8 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
 		mySecret = serverSecret
 		otherSecret = clientSecret
 	}
-	myKey, myPNKey, myIV := computeInitialKeyAndIV(mySecret)
-	otherKey, otherPNKey, otherIV := computeInitialKeyAndIV(otherSecret)
+	myKey, myHPKey, myIV := computeInitialKeyAndIV(mySecret)
+	otherKey, otherHPKey, otherIV := computeInitialKeyAndIV(otherSecret)

 	encrypterCipher, err := aes.NewCipher(myKey)
 	if err != nil {
@@ -32,7 +32,7 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
 	if err != nil {
 		return nil, nil, err
 	}
-	pnEncrypter, err := aes.NewCipher(myPNKey)
+	hpEncrypter, err := aes.NewCipher(myHPKey)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -44,11 +44,11 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
 	if err != nil {
 		return nil, nil, err
 	}
-	pnDecrypter, err := aes.NewCipher(otherPNKey)
+	hpDecrypter, err := aes.NewCipher(otherHPKey)
 	if err != nil {
 		return nil, nil, err
 	}
-	return newSealer(encrypter, myIV, pnEncrypter, false), newOpener(decrypter, otherIV, pnDecrypter, false), nil
+	return newSealer(encrypter, myIV, hpEncrypter, false), newOpener(decrypter, otherIV, hpDecrypter, false), nil
 }

 func computeSecrets(connID protocol.ConnectionID) (clientSecret, serverSecret []byte) {
@@ -58,9 +58,9 @@ func computeSecrets(connID protocol.ConnectionID) (clientSecret, serverSecret []
 	return
 }

-func computeInitialKeyAndIV(secret []byte) (key, pnKey, iv []byte) {
+func computeInitialKeyAndIV(secret []byte) (key, hpKey, iv []byte) {
 	key = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16)
-	pnKey = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic hp", 16)
+	hpKey = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic hp", 16)
 	iv = qtls.HkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12)
 	return
 }
--- a/internal/handshake/initial_aead_test.go
+++ b/internal/handshake/initial_aead_test.go
@@ -32,12 +32,12 @@ var _ = Describe("Initial AEAD using AES-GCM", func() {

 		It("computes the client key and IV", func() {
 			clientSecret, _ := computeSecrets(connID)
-			key, pnKey, iv := computeInitialKeyAndIV(clientSecret)
+			key, hpKey, iv := computeInitialKeyAndIV(clientSecret)
 			Expect(key).To(Equal([]byte{
 				0x86, 0xd1, 0x83, 0x04, 0x80, 0xb4, 0x0f, 0x86,
 				0xcf, 0x9d, 0x68, 0xdc, 0xad, 0xf3, 0x5d, 0xfe,
 			}))
-			Expect(pnKey).To(Equal([]byte{
+			Expect(hpKey).To(Equal([]byte{
 				0xcd, 0x25, 0x3a, 0x36, 0xff, 0x93, 0x93, 0x7c,
 				0x46, 0x93, 0x84, 0xa8, 0x23, 0xaf, 0x6c, 0x56,
 			}))
@@ -49,12 +49,12 @@ var _ = Describe("Initial AEAD using AES-GCM", func() {

 		It("computes the server key and IV", func() {
 			_, serverSecret := computeSecrets(connID)
-			key, pnKey, iv := computeInitialKeyAndIV(serverSecret)
+			key, hpKey, iv := computeInitialKeyAndIV(serverSecret)
 			Expect(key).To(Equal([]byte{
 				0x2c, 0x78, 0x63, 0x3e, 0x20, 0x6e, 0x99, 0xad,
 				0x25, 0x19, 0x64, 0xf1, 0x9f, 0x6d, 0xcd, 0x6d,
 			}))
-			Expect(pnKey).To(Equal([]byte{
+			Expect(hpKey).To(Equal([]byte{
 				0x25, 0x79, 0xd8, 0x69, 0x6f, 0x85, 0xed, 0xa6,
 				0x8d, 0x35, 0x02, 0xb6, 0x55, 0x96, 0x58, 0x6b,
 			}))