gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity

retransmit the diversification nonce in the packet carrying the SHLO

Browse Source 
The packet containing the SHLO is the only packet that is sent with
initial encryption. If it is lost, we need to make sure that the
diversification nonce is included in the PublicHeader, otherwise the
client will not be able to derive the keys for the forward-secure
encryption.
This commit is contained in:
Marten Seemann
2017-03-01 15:06:10 +07:00
parent b5c8c11c0c
commit 8c5e7818a0
6 changed files with 44 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packet_packer.go
View File

@@ -93,7 +93,8 @@ func (p *packetPacker) packPacket(stopWaitingFrame *frames.StopWaitingFrame, lea
}
if p.perspective == protocol.PerspectiveServer {
responsePublicHeader.DiversificationNonce = p.cryptoSetup.DiversificationNonce()
force := isHandshakeRetransmission && (packetToRetransmit.EncryptionLevel == protocol.EncryptionSecure)
responsePublicHeader.DiversificationNonce = p.cryptoSetup.DiversificationNonce(force)
}
if p.perspective == protocol.PerspectiveClient && !p.cryptoSetup.HandshakeComplete() {