add support for the key_updated event for TLS key updates

2020-02-17 17:01:05 +07:00
parent d53c75f05f
commit 273a320f98
8 changed files with 168 additions and 1 deletions
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@@ -14,6 +14,7 @@ import (
 	"github.com/lucas-clemente/quic-go/internal/protocol"
 	"github.com/lucas-clemente/quic-go/internal/qerr"
 	"github.com/lucas-clemente/quic-go/internal/utils"
+	"github.com/lucas-clemente/quic-go/qlog"
 	"github.com/marten-seemann/qtls"
 )

@@ -90,7 +91,8 @@ type cryptoSetup struct {

 	rttStats *congestion.RTTStats

-	logger utils.Logger
+	qlogger qlog.Tracer
+	logger  utils.Logger

 	perspective protocol.Perspective

@@ -132,6 +134,7 @@ func NewCryptoSetupClient(
 	tlsConf *tls.Config,
 	enable0RTT bool,
 	rttStats *congestion.RTTStats,
+	qlogger qlog.Tracer,
 	logger utils.Logger,
 ) (CryptoSetup, <-chan *TransportParameters /* ClientHello written. Receive nil for non-0-RTT */) {
 	cs, clientHelloWritten := newCryptoSetup(
@@ -143,6 +146,7 @@ func NewCryptoSetupClient(
 		tlsConf,
 		enable0RTT,
 		rttStats,
+		qlogger,
 		logger,
 		protocol.PerspectiveClient,
 	)
@@ -162,6 +166,7 @@ func NewCryptoSetupServer(
 	tlsConf *tls.Config,
 	enable0RTT bool,
 	rttStats *congestion.RTTStats,
+	qlogger qlog.Tracer,
 	logger utils.Logger,
 ) CryptoSetup {
 	cs, _ := newCryptoSetup(
@@ -173,6 +178,7 @@ func NewCryptoSetupServer(
 		tlsConf,
 		enable0RTT,
 		rttStats,
+		qlogger,
 		logger,
 		protocol.PerspectiveServer,
 	)
@@ -189,10 +195,16 @@ func newCryptoSetup(
 	tlsConf *tls.Config,
 	enable0RTT bool,
 	rttStats *congestion.RTTStats,
+	qlogger qlog.Tracer,
 	logger utils.Logger,
 	perspective protocol.Perspective,
 ) (*cryptoSetup, <-chan *TransportParameters /* ClientHello written. Receive nil for non-0-RTT */) {
 	initialSealer, initialOpener := NewInitialAEAD(connID, perspective)
+	if qlogger != nil {
+		now := time.Now()
+		qlogger.UpdatedKeyFromTLS(now, protocol.EncryptionInitial, protocol.PerspectiveClient)
+		qlogger.UpdatedKeyFromTLS(now, protocol.EncryptionInitial, protocol.PerspectiveServer)
+	}
 	extHandler := newExtensionHandler(tp.Marshal(), perspective)
 	cs := &cryptoSetup{
 		initialStream:          initialStream,
@@ -206,6 +218,7 @@ func newCryptoSetup(
 		ourParams:              tp,
 		paramsChan:             extHandler.TransportParameters(),
 		rttStats:               rttStats,
+		qlogger:                qlogger,
 		logger:                 logger,
 		perspective:            perspective,
 		handshakeDone:          make(chan struct{}),
@@ -226,6 +239,11 @@ func (h *cryptoSetup) ChangeConnectionID(id protocol.ConnectionID) {
 	initialSealer, initialOpener := NewInitialAEAD(id, h.perspective)
 	h.initialSealer = initialSealer
 	h.initialOpener = initialOpener
+	if h.qlogger != nil {
+		now := time.Now()
+		h.qlogger.UpdatedKeyFromTLS(now, protocol.EncryptionInitial, protocol.PerspectiveClient)
+		h.qlogger.UpdatedKeyFromTLS(now, protocol.EncryptionInitial, protocol.PerspectiveServer)
+	}
 }

 func (h *cryptoSetup) SetLargest1RTTAcked(pn protocol.PacketNumber) {
@@ -563,6 +581,9 @@ func (h *cryptoSetup) SetReadKey(encLevel qtls.EncryptionLevel, suite *qtls.Ciph
 		)
 		h.mutex.Unlock()
 		h.logger.Debugf("Installed 0-RTT Read keys (using %s)", qtls.CipherSuiteName(suite.ID))
+		if h.qlogger != nil {
+			h.qlogger.UpdatedKeyFromTLS(time.Now(), protocol.Encryption0RTT, h.perspective.Opposite())
+		}
 		return
 	case qtls.EncryptionHandshake:
 		h.readEncLevel = protocol.EncryptionHandshake
@@ -582,6 +603,9 @@ func (h *cryptoSetup) SetReadKey(encLevel qtls.EncryptionLevel, suite *qtls.Ciph
 		panic("unexpected read encryption level")
 	}
 	h.mutex.Unlock()
+	if h.qlogger != nil {
+		h.qlogger.UpdatedKeyFromTLS(time.Now(), h.readEncLevel, h.perspective.Opposite())
+	}
 	h.receivedReadKey <- struct{}{}
 }

@@ -598,6 +622,9 @@ func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.Cip
 		)
 		h.mutex.Unlock()
 		h.logger.Debugf("Installed 0-RTT Write keys (using %s)", qtls.CipherSuiteName(suite.ID))
+		if h.qlogger != nil {
+			h.qlogger.UpdatedKeyFromTLS(time.Now(), protocol.Encryption0RTT, h.perspective)
+		}
 		return
 	case qtls.EncryptionHandshake:
 		h.writeEncLevel = protocol.EncryptionHandshake
@@ -621,6 +648,9 @@ func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.Cip
 		panic("unexpected write encryption level")
 	}
 	h.mutex.Unlock()
+	if h.qlogger != nil {
+		h.qlogger.UpdatedKeyFromTLS(time.Now(), h.writeEncLevel, h.perspective)
+	}
 	h.receivedWriteKey <- struct{}{}
 }

--- a/internal/handshake/crypto_setup_test.go
+++ b/internal/handshake/crypto_setup_test.go
@@ -95,6 +95,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 			tlsConf,
 			false,
 			&congestion.RTTStats{},
+			nil,
 			utils.DefaultLogger.WithPrefix("server"),
 		)
 		qtlsConf := server.(*cryptoSetup).tlsConf
@@ -127,6 +128,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 			testdata.GetTLSConfig(),
 			false,
 			&congestion.RTTStats{},
+			nil,
 			utils.DefaultLogger.WithPrefix("server"),
 		)

@@ -165,6 +167,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 			testdata.GetTLSConfig(),
 			false,
 			&congestion.RTTStats{},
+			nil,
 			utils.DefaultLogger.WithPrefix("server"),
 		)

@@ -206,6 +209,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 			serverConf,
 			false,
 			&congestion.RTTStats{},
+			nil,
 			utils.DefaultLogger.WithPrefix("server"),
 		)

@@ -240,6 +244,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 			serverConf,
 			false,
 			&congestion.RTTStats{},
+			nil,
 			utils.DefaultLogger.WithPrefix("server"),
 		)

@@ -334,6 +339,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 				clientConf,
 				enable0RTT,
 				&congestion.RTTStats{},
+				nil,
 				utils.DefaultLogger.WithPrefix("client"),
 			)

@@ -356,6 +362,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 				serverConf,
 				enable0RTT,
 				&congestion.RTTStats{},
+				nil,
 				utils.DefaultLogger.WithPrefix("server"),
 			)

@@ -409,6 +416,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 				&tls.Config{InsecureSkipVerify: true},
 				false,
 				&congestion.RTTStats{},
+				nil,
 				utils.DefaultLogger.WithPrefix("client"),
 			)

@@ -450,6 +458,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 				clientConf,
 				false,
 				&congestion.RTTStats{},
+				nil,
 				utils.DefaultLogger.WithPrefix("client"),
 			)

@@ -473,6 +482,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 				serverConf,
 				false,
 				&congestion.RTTStats{},
+				nil,
 				utils.DefaultLogger.WithPrefix("server"),
 			)

@@ -505,6 +515,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 					clientConf,
 					false,
 					&congestion.RTTStats{},
+					nil,
 					utils.DefaultLogger.WithPrefix("client"),
 				)

@@ -523,6 +534,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 					serverConf,
 					false,
 					&congestion.RTTStats{},
+					nil,
 					utils.DefaultLogger.WithPrefix("server"),
 				)

@@ -562,6 +574,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 					clientConf,
 					false,
 					&congestion.RTTStats{},
+					nil,
 					utils.DefaultLogger.WithPrefix("client"),
 				)

@@ -580,6 +593,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 					serverConf,
 					false,
 					&congestion.RTTStats{},
+					nil,
 					utils.DefaultLogger.WithPrefix("server"),
 				)

@@ -691,6 +705,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 					clientConf,
 					true,
 					&congestion.RTTStats{},
+					nil,
 					utils.DefaultLogger.WithPrefix("client"),
 				)

@@ -709,6 +724,7 @@ var _ = Describe("Crypto Setup TLS", func() {
 					serverConf,
 					true,
 					&congestion.RTTStats{},
+					nil,
 					utils.DefaultLogger.WithPrefix("server"),
 				)