gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

implement header encrytion and decryption for sealers and openers

Browse Source
This commit is contained in:
Marten Seemann
2018-12-14 16:42:45 +06:30
parent 67f923c736
commit 5a68ba0a02
8 changed files with 239 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
internal/handshake/initial_aead.go
View File

@@ -21,8 +21,8 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
mySecret = serverSecret
otherSecret = clientSecret
}
myKey, _, myIV := computeInitialKeyAndIV(mySecret)
otherKey, _, otherIV := computeInitialKeyAndIV(otherSecret)
myKey, myPNKey, myIV := computeInitialKeyAndIV(mySecret)
otherKey, otherPNKey, otherIV := computeInitialKeyAndIV(otherSecret)
encrypterCipher, err := aes.NewCipher(myKey)
if err != nil {
@@ -32,6 +32,10 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
if err != nil {
return nil, nil, err
}
pnEncrypter, err := aes.NewCipher(myPNKey)
if err != nil {
return nil, nil, err
}
decrypterCipher, err := aes.NewCipher(otherKey)
if err != nil {
return nil, nil, err
@@ -40,7 +44,11 @@ func newInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective) (Se
if err != nil {
return nil, nil, err
}
return newSealer(encrypter, myIV), newOpener(decrypter, otherIV), nil
pnDecrypter, err := aes.NewCipher(otherPNKey)
if err != nil {
return nil, nil, err
}
return newSealer(encrypter, myIV, pnEncrypter, false), newOpener(decrypter, otherIV, pnDecrypter, false), nil
}
func computeSecrets(connID protocol.ConnectionID) (clientSecret, serverSecret []byte) {