gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

Merge pull request #2134 from lucas-clemente/draft-23-test-vectors

Browse Source 
update the Initial salt to draft-23
This commit is contained in:
Marten Seemann
2019-09-17 08:06:33 +07:00
committed by GitHub
parent 5302d035ae 1d6359543d
commit 57a9ed3379
2 changed files with 20 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/handshake/initial_aead.go
View File

@@ -7,7 +7,7 @@ import (
"github.com/marten-seemann/qtls"
)
var quicVersion1Salt = []byte{0x7f, 0xbc, 0xdb, 0x0e, 0x7c, 0x66, 0xbb, 0xe9, 0x19, 0x3a, 0x96, 0xcd, 0x21, 0x51, 0x9e, 0xbd, 0x7a, 0x02, 0x64, 0x4a}
var quicVersion1Salt = []byte{0xc3, 0xee, 0xf7, 0x12, 0xc7, 0x2e, 0xbb, 0x5a, 0x11, 0xa7, 0xd2, 0x43, 0x2b, 0xb4, 0x63, 0x65, 0xbe, 0xf9, 0xf5, 0x02}
var initialSuite = &qtls.CipherSuiteTLS13{
ID: qtls.TLS_AES_128_GCM_SHA256,

39
internal/handshake/initial_aead_test.go
View File

@@ -30,9 +30,8 @@ var _ = Describe("Initial AEAD using AES-GCM", func() {
Expect(split("dead beef")).To(Equal([]byte{0xde, 0xad, 0xbe, 0xef}))
})
// values taken from https://github.com/quicwg/base-drafts/wiki/Test-Vector-for-the-Clear-Text-AEAD-key-derivation
// The draft didn't update the test vectors for -22.
PContext("using the test vector from the QUIC draft", func() {
// values taken from the Appendix of the draft
Context("using the test vector from the QUIC draft", func() {
var connID protocol.ConnectionID
BeforeEach(func() {
@@ -41,48 +40,48 @@ var _ = Describe("Initial AEAD using AES-GCM", func() {
It("computes the client key and IV", func() {
clientSecret, _ := computeSecrets(connID)
Expect(clientSecret).To(Equal(split("8a3515a14ae3c31b9c2d6d5bc58538ca 5cd2baa119087143e60887428dcb52f6")))
Expect(clientSecret).To(Equal(split("fda3953aecc040e48b34e27ef87de3a6 098ecf0e38b7e032c5c57bcbd5975b84")))
key, iv := computeInitialKeyAndIV(clientSecret)
Expect(key).To(Equal(split("98b0d7e5e7a402c67c33f350fa65ea54")))
Expect(iv).To(Equal(split("19e94387805eb0b46c03a788")))
Expect(key).To(Equal(split("af7fd7efebd21878ff66811248983694")))
Expect(iv).To(Equal(split("8681359410a70bb9c92f0420")))
})
It("computes the server key and IV", func() {
_, serverSecret := computeSecrets(connID)
Expect(serverSecret).To(Equal(split("47b2eaea6c266e32c0697a9e2a898bdf 5c4fb3e5ac34f0e549bf2c58581a3811")))
Expect(serverSecret).To(Equal(split("554366b81912ff90be41f17e80222130 90ab17d8149179bcadf222f29ff2ddd5")))
key, iv := computeInitialKeyAndIV(serverSecret)
Expect(key).To(Equal(split("9a8be902a9bdd91d16064ca118045fb4")))
Expect(iv).To(Equal(split("0a82086d32205ba22241d8dc")))
Expect(key).To(Equal(split("5d51da9ee897a21b2659ccc7e5bfa577")))
Expect(iv).To(Equal(split("5e5ae651fd1e8495af13508b")))
})
It("encrypts the client's Initial", func() {
sealer, _, err := NewInitialAEAD(connID, protocol.PerspectiveClient)
Expect(err).ToNot(HaveOccurred())
header := split("c3ff000012508394c8f03e51570800449f00000002")
header := split("c3ff000017088394c8f03e5157080000449e00000002")
data := split("060040c4010000c003036660261ff947 cea49cce6cfad687f457cf1b14531ba1 4131a0e8f309a1d0b9c4000006130113 031302010000910000000b0009000006 736572766572ff01000100000a001400 12001d00170018001901000101010201 03010400230000003300260024001d00 204cfdfcd178b784bf328cae793b136f 2aedce005ff183d7bb14952072366470 37002b0003020304000d0020001e0403 05030603020308040805080604010501 060102010402050206020202002d0002 0101001c00024001")
data = append(data, make([]byte, 1163-len(data))...) // add PADDING
data = append(data, make([]byte, 1162-len(data))...) // add PADDING
sealed := sealer.Seal(nil, data, 2, header)
sample := sealed[0:16]
Expect(sample).To(Equal(split("0000f3a694c75775b4e546172ce9e047")))
Expect(sample).To(Equal(split("535064a4268a0d9d7b1c9d250ae35516")))
sealer.EncryptHeader(sample, &header[0], header[len(header)-4:])
Expect(header[0]).To(Equal(byte(0xc1)))
Expect(header[17:21]).To(Equal(split("0dbc195a")))
Expect(header[0]).To(Equal(byte(0xc0)))
Expect(header[len(header)-4:]).To(Equal(split("3b343aa8")))
packet := append(header, sealed...)
Expect(packet).To(Equal(split("c1ff000012508394c8f03e5157080044 9f0dbc195a0000f3a694c75775b4e546 172ce9e047cd0b5bee5181648c727adc 87f7eae54473ec6cba6bdad4f5982317 4b769f12358abd292d4f3286934484fb 8b239c38732e1f3bbbc6a003056487eb 8b5c88b9fd9279ffff3b0f4ecf95c462 4db6d65d4113329ee9b0bf8cdd7c8a8d 72806d55df25ecb66488bc119d7c9a29 abaf99bb33c56b08ad8c26995f838bb3 b7a3d5c1858b8ec06b839db2dcf918d5 ea9317f1acd6b663cc8925868e2f6a1b da546695f3c3f33175944db4a11a346a fb07e78489e509b02add51b7b203eda5 c330b03641179a31fbba9b56ce00f3d5 b5e3d7d9c5429aebb9576f2f7eacbe27 bc1b8082aaf68fb69c921aa5d33ec0c8 510410865a178d86d7e54122d55ef2c2 bbc040be46d7fece73fe8a1b24495ec1 60df2da9b20a7ba2f26dfa2a44366dbc 63de5cd7d7c94c57172fe6d79c901f02 5c0010b02c89b395402c009f62dc053b 8067a1e0ed0a1e0cf5087d7f78cbd94a fe0c3dd55d2d4b1a5cfe2b68b86264e3 51d1dcd858783a240f893f008ceed743 d969b8f735a1677ead960b1fb1ecc5ac 83c273b49288d02d7286207e663c45e1 a7baf50640c91e762941cf380ce8d79f 3e86767fbbcd25b42ef70ec334835a3a 6d792e170a432ce0cb7bde9aaa1e7563 7c1c34ae5fef4338f53db8b13a4d2df5 94efbfa08784543815c9c0d487bddfa1 539bc252cf43ec3686e9802d651cfd2a 829a06a9f332a733a4a8aed80efe3478 093fbc69c8608146b3f16f1a5c4eac93 20da49f1afa5f538ddecbbe7888f4355 12d0dd74fd9b8c99e3145ba84410d8ca 9a36dd884109e76e5fb8222a52e1473d a168519ce7a8a3c32e9149671b16724c 6c5c51bb5cd64fb591e567fb78b10f9f 6fee62c276f282a7df6bcf7c17747bc9 a81e6c9c3b032fdd0e1c3ac9eaa5077d e3ded18b2ed4faf328f49875af2e36ad 5ce5f6cc99ef4b60e57b3b5b9c9fcbcd 4cfb3975e70ce4c2506bcd71fef0e535 92461504e3d42c885caab21b782e2629 4c6a9d61118cc40a26f378441ceb48f3 1a362bf8502a723a36c63502229a462c c2a3796279a5e3a7f81a68c7f81312c3 81cc16a4ab03513a51ad5b54306ec1d7 8a5e47e2b15e5b7a1438e5b8b2882dbd ad13d6a4a8c3558cae043501b68eb3b0 40067152337c051c40b5af809aca2856 986fd1c86a4ade17d254b6262ac1bc07 7343b52bf89fa27d73e3c6f3118c9961 f0bebe68a5c323c2d84b8c29a2807df6 63635223242a2ce9828d4429ac270aab 5f1841e8e49cf433b1547989f419caa3 c758fff96ded40cf3427f0761b678daa 1a9e5554465d46b7a917493fc70f9ec5 e4e5d786ca501730898aaa1151dcd318 29641e29428d90e6065511c24d3109f7 cba32225d4accfc54fec42b733f95852 52ee36fa5ea0c656934385b468eee245 315146b8c047ed27c519b2c0a52d33ef e72c186ffe0a230f505676c5324baa6a e006a73e13aa8c39ab173ad2b2778eea 0b34c46f2b3beae2c62a2c8db238bf58 fc7c27bdceb96c56d29deec87c12351b fd5962497418716a4b915d334ffb5b92 ca94ffe1e4f78967042638639a9de325 357f5f08f6435061e5a274703936c06f c56af92c420797499ca431a7abaa4618 63bca656facfad564e6274d4a741033a ca1e31bf63200df41cdf41c10b912bec")))
Expect(packet).To(Equal(split("c0ff000017088394c8f03e5157080000 449e3b343aa8535064a4268a0d9d7b1c 9d250ae355162276e9b1e3011ef6bbc0 ab48ad5bcc2681e953857ca62becd752 4daac473e68d7405fbba4e9ee616c870 38bdbe908c06d9605d9ac49030359eec b1d05a14e117db8cede2bb09d0dbbfee 271cb374d8f10abec82d0f59a1dee29f e95638ed8dd41da07487468791b719c5 5c46968eb3b54680037102a28e53dc1d 12903db0af5821794b41c4a93357fa59 ce69cfe7f6bdfa629eef78616447e1d6 11c4baf71bf33febcb03137c2c75d253 17d3e13b684370f668411c0f00304b50 1c8fd422bd9b9ad81d643b20da89ca05 25d24d2b142041cae0af205092e43008 0cd8559ea4c5c6e4fa3f66082b7d303e 52ce0162baa958532b0bbc2bc785681f cf37485dff6595e01e739c8ac9efba31 b985d5f656cc092432d781db95221724 87641c4d3ab8ece01e39bc85b1543661 4775a98ba8fa12d46f9b35e2a55eb72d 7f85181a366663387ddc20551807e007 673bd7e26bf9b29b5ab10a1ca87cbb7a d97e99eb66959c2a9bc3cbde4707ff77 20b110fa95354674e395812e47a0ae53 b464dcb2d1f345df360dc227270c7506 76f6724eb479f0d2fbb6124429990457 ac6c9167f40aab739998f38b9eccb24f d47c8410131bf65a52af841275d5b3d1 880b197df2b5dea3e6de56ebce3ffb6e 9277a82082f8d9677a6767089b671ebd 244c214f0bde95c2beb02cd1172d58bd f39dce56ff68eb35ab39b49b4eac7c81 5ea60451d6e6ab82119118df02a58684 4a9ffe162ba006d0669ef57668cab38b 62f71a2523a084852cd1d079b3658dc2 f3e87949b550bab3e177cfc49ed190df f0630e43077c30de8f6ae081537f1e83 da537da980afa668e7b7fb25301cf741 524be3c49884b42821f17552fbd1931a 813017b6b6590a41ea18b6ba49cd48a4 40bd9a3346a7623fb4ba34a3ee571e3c 731f35a7a3cf25b551a680fa68763507 b7fde3aaf023c50b9d22da6876ba337e b5e9dd9ec3daf970242b6c5aab3aa4b2 96ad8b9f6832f686ef70fa938b31b4e5 ddd7364442d3ea72e73d668fb0937796 f462923a81a47e1cee7426ff6d922126 9b5a62ec03d6ec94d12606cb485560ba b574816009e96504249385bb61a819be 04f62c2066214d8360a2022beb316240 b6c7d78bbe56c13082e0ca272661210a bf020bf3b5783f1426436cf9ff418405 93a5d0638d32fc51c5c65ff291a3a7a5 2fd6775e623a4439cc08dd25582febc9 44ef92d8dbd329c91de3e9c9582e41f1 7f3d186f104ad3f90995116c682a2a14 a3b4b1f547c335f0be710fc9fc03e0e5 87b8cda31ce65b969878a4ad4283e6d5 b0373f43da86e9e0ffe1ae0fddd35162 55bd74566f36a38703d5f34249ded1f6 6b3d9b45b9af2ccfefe984e13376b1b2 c6404aa48c8026132343da3f3a33659e c1b3e95080540b28b7f3fcd35fa5d843 b579a84c089121a60d8c1754915c344e eaf45a9bf27dc0c1e784161691220913 13eb0e87555abd706626e557fc36a04f cd191a58829104d6075c5594f627ca50 6bf181daec940f4a4f3af0074eee89da acde6758312622d4fa675b39f728e062 d2bee680d8f41a597c262648bb18bcfc 13c8b3d97b1a77b2ac3af745d61a34cc 4709865bac824a94bb19058015e4e42d c9be6c7803567321829dd85853396269")))
})
It("encrypt the server's Initial", func() {
sealer, _, err := NewInitialAEAD(connID, protocol.PerspectiveServer)
Expect(err).ToNot(HaveOccurred())
header := split("c1ff00001205f067a5502a4262b50040740001")
header := split("c1ff0000170008f067a5502a4262b50040740001")
data := split("0d0000000018410a020000560303eefc e7f7b37ba1d1632e96677825ddf73988 cfc79825df566dc5430b9a045a120013 0100002e00330024001d00209d3c940d 89690b84d08a60993c144eca684d1081 287c834d5311bcf32bb9da1a002b0002 0304")
sealed := sealer.Seal(nil, data, 1, header)
sample := sealed[2:18]
Expect(sample).To(Equal(split("c4c2a2303d297e3c519bf6b22386e3d0")))
sample := sealed[2 : 2+16]
Expect(sample).To(Equal(split("7002596f99ae67abf65a5852f54f58c3")))
sealer.EncryptHeader(sample, &header[0], header[len(header)-2:])
Expect(header).To(Equal(split("c4ff00001205f067a5502a4262b5004074f7ed")))
Expect(header).To(Equal(split("c9ff0000170008f067a5502a4262b5004074168b")))
packet := append(header, sealed...)
Expect(packet).To(Equal(split("c4ff00001205f067a5502a4262b50040 74f7ed5f01c4c2a2303d297e3c519bf6 b22386e3d0bd6dfc6612167729803104 1bb9a79c9f0f9d4c5877270a660f5da3 6207d98b73839b2fdf2ef8e7df5a51b1 7b8c68d864fd3e708c6c1b71a98a3318 15599ef5014ea38c44bdfd387c03b527 5c35e009b6238f831420047c7271281c cb54df7884")))
Expect(packet).To(Equal(split("c9ff0000170008f067a5502a4262b500 4074168bf22b7002596f99ae67abf65a 5852f54f58c37c808682e2e40492d8a3 899fb04fc0afe9aabc8767b18a0aa493 537426373b48d502214dd856d63b78ce e37bc664b3fe86d487ac7a77c53038a3 cd32f0b5004d9f5754c4f7f2d1f35cf3 f7116351c92b9cf9bb6d091ddfc8b32d 432348a2c413")))
})
})