forked from quic-go/quic-go
return the encryption level of a packet when decrypting it
This commit is contained in:
Marten Seemann
@@ -577,26 +577,30 @@ var _ = Describe("Crypto setup", func() {
|
||||
})
|
||||
|
||||
It("is accepted initially", func() {
|
||||
d, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
d, enc, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("foobar")))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
})
|
||||
|
||||
It("is still accepted after CHLO", func() {
|
||||
doCHLO()
|
||||
Expect(cs.secureAEAD).ToNot(BeNil())
|
||||
_, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
_, enc, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
})
|
||||
|
||||
It("is not accepted after receiving secure packet", func() {
|
||||
doCHLO()
|
||||
Expect(cs.secureAEAD).ToNot(BeNil())
|
||||
d, err := cs.Open(nil, []byte("encrypted"), 0, []byte{})
|
||||
d, enc, err := cs.Open(nil, []byte("encrypted"), 0, []byte{})
|
||||
Expect(enc).To(Equal(protocol.EncryptionSecure))
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("decrypted")))
|
||||
_, err = cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
_, enc, err = cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
Expect(err).To(MatchError("authentication failed"))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnspecified))
|
||||
})
|
||||
|
||||
It("is not used after CHLO", func() {
|
||||
@@ -615,14 +619,15 @@ var _ = Describe("Crypto setup", func() {
|
||||
|
||||
It("is accepted after CHLO", func() {
|
||||
doCHLO()
|
||||
d, err := cs.Open(nil, []byte("encrypted"), 0, []byte{})
|
||||
d, enc, err := cs.Open(nil, []byte("encrypted"), 0, []byte{})
|
||||
Expect(enc).To(Equal(protocol.EncryptionSecure))
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("decrypted")))
|
||||
})
|
||||
|
||||
It("is not used after receiving forward secure packet", func() {
|
||||
doCHLO()
|
||||
_, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
|
||||
_, _, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal([]byte("foobar forward sec")))
|
||||
@@ -630,17 +635,19 @@ var _ = Describe("Crypto setup", func() {
|
||||
|
||||
It("is not accepted after receiving forward secure packet", func() {
|
||||
doCHLO()
|
||||
_, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
|
||||
_, _, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
_, err = cs.Open(nil, []byte("encrypted"), 0, []byte{})
|
||||
_, enc, err := cs.Open(nil, []byte("encrypted"), 0, []byte{})
|
||||
Expect(err).To(MatchError("authentication failed"))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnspecified))
|
||||
})
|
||||
})
|
||||
|
||||
Context("forward secure encryption", func() {
|
||||
It("is used after receiving forward secure packet", func() {
|
||||
doCHLO()
|
||||
_, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
|
||||
_, enc, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
|
||||
Expect(enc).To(Equal(protocol.EncryptionForwardSecure))
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal([]byte("foobar forward sec")))
|
||||
|
||||
Reference in New Issue
Block a user