forked from quic-go/quic-go
protect the AEAD calculating the integrity tag by a mutex
This commit is contained in:
Marten Seemann
@@ -5,6 +5,7 @@ import (
|
|||||||
"crypto/aes"
|
"crypto/aes"
|
||||||
"crypto/cipher"
|
"crypto/cipher"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"sync"
|
||||||
|
|
||||||
"github.com/lucas-clemente/quic-go/internal/protocol"
|
"github.com/lucas-clemente/quic-go/internal/protocol"
|
||||||
)
|
)
|
||||||
@@ -25,18 +26,23 @@ func init() {
|
|||||||
retryAEAD = aead
|
retryAEAD = aead
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var retryBuf bytes.Buffer
|
||||||
|
var retryMutex sync.Mutex
|
||||||
|
var retryNonce [12]byte
|
||||||
|
|
||||||
// GetRetryIntegrityTag calculates the integrity tag on a Retry packet
|
// GetRetryIntegrityTag calculates the integrity tag on a Retry packet
|
||||||
func GetRetryIntegrityTag(retry []byte, origDestConnID protocol.ConnectionID) *[16]byte {
|
func GetRetryIntegrityTag(retry []byte, origDestConnID protocol.ConnectionID) *[16]byte {
|
||||||
buf := bytes.NewBuffer(make([]byte, 0, 1+origDestConnID.Len()+len(retry)))
|
retryMutex.Lock()
|
||||||
buf.WriteByte(uint8(origDestConnID.Len()))
|
retryBuf.WriteByte(uint8(origDestConnID.Len()))
|
||||||
buf.Write(origDestConnID.Bytes())
|
retryBuf.Write(origDestConnID.Bytes())
|
||||||
buf.Write(retry)
|
retryBuf.Write(retry)
|
||||||
|
|
||||||
sealed := retryAEAD.Seal(nil, make([]byte, 12), []byte{}, buf.Bytes())
|
var tag [16]byte
|
||||||
|
sealed := retryAEAD.Seal(tag[:0], retryNonce[:], nil, retryBuf.Bytes())
|
||||||
if len(sealed) != 16 {
|
if len(sealed) != 16 {
|
||||||
panic(fmt.Sprintf("unexpected Retry integrity tag length: %d", len(sealed)))
|
panic(fmt.Sprintf("unexpected Retry integrity tag length: %d", len(sealed)))
|
||||||
}
|
}
|
||||||
var tag [16]byte
|
retryBuf.Reset()
|
||||||
copy(tag[:], sealed)
|
retryMutex.Unlock()
|
||||||
return &tag
|
return &tag
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user