count number of failed decryptions, error when lifetime-limit is reached

2020-09-07 18:22:23 +07:00
parent 3a4de205b0
commit 45246dad22
3 changed files with 51 additions and 8 deletions
--- a/internal/handshake/updatable_aead_test.go
+++ b/internal/handshake/updatable_aead_test.go
@@ -9,6 +9,7 @@ import (

 	mocklogging "github.com/lucas-clemente/quic-go/internal/mocks/logging"
 	"github.com/lucas-clemente/quic-go/internal/protocol"
+	"github.com/lucas-clemente/quic-go/internal/qerr"
 	"github.com/lucas-clemente/quic-go/internal/qtls"
 	"github.com/lucas-clemente/quic-go/internal/utils"

@@ -116,6 +117,16 @@ var _ = Describe("Updatable AEAD", func() {
 					Expect(err).To(MatchError(ErrDecryptionFailed))
 				})

+				It("returns an AEAD_LIMIT_REACHED error when reaching the AEAD limit", func() {
+					client.invalidPacketLimit = 10
+					for i := 0; i < 9; i++ {
+						_, err := client.Open(nil, []byte("foobar"), time.Now(), protocol.PacketNumber(i), protocol.KeyPhaseZero, []byte("ad"))
+						Expect(err).To(MatchError(ErrDecryptionFailed))
+					}
+					_, err := client.Open(nil, []byte("foobar"), time.Now(), 10, protocol.KeyPhaseZero, []byte("ad"))
+					Expect(err).To(MatchError(qerr.AEADLimitReached))
+				})
+
 				Context("key updates", func() {
 					Context("receiving key updates", func() {
 						It("updates keys", func() {