diff --git a/internal/handshake/updatable_aead.go b/internal/handshake/updatable_aead.go index 36caf398..719ad20b 100644 --- a/internal/handshake/updatable_aead.go +++ b/internal/handshake/updatable_aead.go @@ -182,13 +182,13 @@ func (a *updatableAEAD) Open(dst, src []byte, rcvTime time.Time, pn protocol.Pac // try opening the packet with the next key phase dec, err := a.nextRcvAEAD.Open(dst, a.nonceBuf, src, ad) if err == nil && receivedWrongInitialKeyPhase { - return nil, qerr.NewError(qerr.ProtocolViolation, "wrong initial key phase") + return nil, qerr.NewError(qerr.KeyUpdateError, "wrong initial key phase") } else if err != nil { return nil, ErrDecryptionFailed } // Opening succeeded. Check if the peer was allowed to update. if a.firstSentWithCurrentKey == protocol.InvalidPacketNumber { - return nil, qerr.NewError(qerr.ProtocolViolation, "keys updated too quickly") + return nil, qerr.NewError(qerr.KeyUpdateError, "keys updated too quickly") } a.rollKeys() // The peer initiated this key update. It's safe to drop the keys for the previous generation now. diff --git a/internal/handshake/updatable_aead_test.go b/internal/handshake/updatable_aead_test.go index 9cfbd505..2a18d481 100644 --- a/internal/handshake/updatable_aead_test.go +++ b/internal/handshake/updatable_aead_test.go @@ -208,7 +208,7 @@ var _ = Describe("Updatable AEAD", func() { client.rollKeys() encrypted := client.Seal(nil, msg, 0x1337, ad) _, err := server.Open(nil, encrypted, time.Now(), 0x1337, protocol.KeyPhaseOne, ad) - Expect(err).To(MatchError("PROTOCOL_VIOLATION: wrong initial key phase")) + Expect(err).To(MatchError("KEY_UPDATE_ERROR: wrong initial key phase")) }) It("only errors when the peer starts with key phase 1 if decrypting the packet succeeds", func() { @@ -228,7 +228,7 @@ var _ = Describe("Updatable AEAD", func() { client.rollKeys() encrypted1 := client.Seal(nil, msg, 0x42, ad) _, err = server.Open(nil, encrypted1, time.Now(), 0x42, protocol.KeyPhaseOne, ad) - Expect(err).To(MatchError("PROTOCOL_VIOLATION: keys updated too quickly")) + Expect(err).To(MatchError("KEY_UPDATE_ERROR: keys updated too quickly")) }) })