save the STK expiry time as a time.Duration

handshake/crypto_setup_server.go

@@ -281,7 +281,7 @@ func (h *cryptoSetupServer) verifySTK(stk []byte) bool {
 		utils.Debugf("STK invalid: %s", err.Error())
 		return false
 	}
-	if time.Now().After(stkTime.Add(protocol.STKExpiryTimeSec * time.Second)) {
+	if time.Now().After(stkTime.Add(protocol.STKExpiryTime)) {
 		return false
 	}
 	return true

handshake/crypto_setup_server_test.go

@@ -441,7 +441,7 @@ var _ = Describe("Server Crypto Setup", func() {
 		})
 
 		It("REJ messages that have an expired STK", func() {
-			cs.scfg.stkSource.(*mockStkSource).stkTime = time.Now().Add(-protocol.STKExpiryTimeSec * time.Second).Add(-time.Second)
+			cs.scfg.stkSource.(*mockStkSource).stkTime = time.Now().Add(-protocol.STKExpiryTime).Add(-time.Second)
 			Expect(cs.isInchoateCHLO(fullCHLO, cert)).To(BeTrue())
 		})
 

protocol/server_parameters.go

@@ -84,8 +84,8 @@ const SkipPacketAveragePeriodLength PacketNumber = 500
 // MaxTrackedSkippedPackets is the maximum number of skipped packet numbers the SentPacketHandler keep track of for Optimistic ACK attack mitigation
 const MaxTrackedSkippedPackets = 10
 
-// STKExpiryTimeSec is the valid time of a source address token in seconds
+// STKExpiryTime is the valid time of a source address token
-const STKExpiryTimeSec = 24 * 60 * 60
+const STKExpiryTime = 24 * time.Hour
 
 // MaxTrackedSentPackets is maximum number of sent packets saved for either later retransmission or entropy calculation
 const MaxTrackedSentPackets = 2 * DefaultMaxCongestionWindow