gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

use chacha20poly1305 instead of AES and include cert in key derivation

Browse Source 
Unfortunately QUIC uses non-standard tag sizes with both AES-GCM and
Poly1305. Adopting AES-GCM seems much harder, so I changed it to
Chacha20Poly1305 and only made some slight changes to an existing algo.
This should probably be double-checked at some point.
This commit is contained in:
Lucas Clemente
2016-04-14 23:44:31 +02:00
parent 388fdf7399
commit 86b4ffdaaf
8 changed files with 217 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
session.go
View File

@@ -83,11 +83,10 @@ func (s *Session) HandlePacket(addr *net.UDPAddr, publicHeaderBinary []byte, pub
if err != nil {
return err
}
s.aead, err = crypto.DeriveKeysAESGCM(sharedSecret, cryptoData[handshake.TagNONC], s.ConnectionID, frame.Data, s.ServerConfig.Get())
s.aead, err = crypto.DeriveKeysChacha20(sharedSecret, cryptoData[handshake.TagNONC], s.ConnectionID, frame.Data, s.ServerConfig.Get(), s.ServerConfig.kd.GetCertUncompressed())
if err != nil {
return err
}
fmt.Println("Got common secret")
s.SendFrames([]Frame{&AckFrame{
Entropy: s.Entropy.Get(),
LargestObserved: 2,