forked from quic-go/quic-go
Merge pull request #814 from lucas-clemente/drop-quic36
drop support for QUIC 36
This commit is contained in:
Marten Seemann
@@ -2,7 +2,7 @@
|
||||
|
||||
## v0.6.0 (unreleased)
|
||||
|
||||
- Add support for QUIC 38 and 39, drop support for QUIC 35
|
||||
- Add support for QUIC 38 and 39, drop support for QUIC 35 and 36
|
||||
- Added `quic.Config` options for maximal flow control windows
|
||||
- Add a `quic.Config` option for QUIC versions
|
||||
- Add a `quic.Config` option to request truncation of the connection ID from a server
|
||||
|
||||
@@ -508,7 +508,7 @@ var _ = Describe("Client", func() {
|
||||
ConnectionID: 0x1337,
|
||||
}
|
||||
b := &bytes.Buffer{}
|
||||
err := ph.Write(b, protocol.Version36, protocol.PerspectiveServer)
|
||||
err := ph.Write(b, cl.version, protocol.PerspectiveServer)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
packetConn.dataToRead = b.Bytes()
|
||||
|
||||
|
||||
@@ -7,8 +7,5 @@ func NewNullAEAD(p protocol.Perspective, v protocol.VersionNumber) AEAD {
|
||||
if v.UsesTLS() {
|
||||
return &nullAEADFNV64a{}
|
||||
}
|
||||
return &nullAEADFNV128a{
|
||||
perspective: p,
|
||||
version: v,
|
||||
}
|
||||
return &nullAEADFNV128a{perspective: p}
|
||||
}
|
||||
|
||||
@@ -11,7 +11,6 @@ import (
|
||||
// nullAEAD handles not-yet encrypted packets
|
||||
type nullAEADFNV128a struct {
|
||||
perspective protocol.Perspective
|
||||
version protocol.VersionNumber
|
||||
}
|
||||
|
||||
var _ AEAD = &nullAEADFNV128a{}
|
||||
@@ -25,12 +24,10 @@ func (n *nullAEADFNV128a) Open(dst, src []byte, packetNumber protocol.PacketNumb
|
||||
hash := fnv128a.New()
|
||||
hash.Write(associatedData)
|
||||
hash.Write(src[12:])
|
||||
if n.version >= protocol.Version37 {
|
||||
if n.perspective == protocol.PerspectiveServer {
|
||||
hash.Write([]byte("Client"))
|
||||
} else {
|
||||
hash.Write([]byte("Server"))
|
||||
}
|
||||
if n.perspective == protocol.PerspectiveServer {
|
||||
hash.Write([]byte("Client"))
|
||||
} else {
|
||||
hash.Write([]byte("Server"))
|
||||
}
|
||||
testHigh, testLow := hash.Sum128()
|
||||
|
||||
@@ -55,12 +52,10 @@ func (n *nullAEADFNV128a) Seal(dst, src []byte, packetNumber protocol.PacketNumb
|
||||
hash.Write(associatedData)
|
||||
hash.Write(src)
|
||||
|
||||
if n.version >= protocol.Version37 {
|
||||
if n.perspective == protocol.PerspectiveServer {
|
||||
hash.Write([]byte("Server"))
|
||||
} else {
|
||||
hash.Write([]byte("Client"))
|
||||
}
|
||||
if n.perspective == protocol.PerspectiveServer {
|
||||
hash.Write([]byte("Server"))
|
||||
} else {
|
||||
hash.Write([]byte("Client"))
|
||||
}
|
||||
|
||||
high, low := hash.Sum128()
|
||||
|
||||
@@ -11,32 +11,37 @@ var _ = Describe("NullAEAD using FNV128a", func() {
|
||||
plainText := []byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.")
|
||||
hash36 := []byte{0x98, 0x9b, 0x33, 0x3f, 0xe8, 0xde, 0x32, 0x5c, 0xa6, 0x7f, 0x9c, 0xf7}
|
||||
|
||||
It("opens", func() {
|
||||
cipherText := append(hash36, plainText...)
|
||||
aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36)
|
||||
res, err := aead.Open(nil, cipherText, 0, aad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(res).To(Equal(plainText))
|
||||
var aeadServer AEAD
|
||||
var aeadClient AEAD
|
||||
|
||||
BeforeEach(func() {
|
||||
aeadServer = NewNullAEAD(protocol.PerspectiveServer, protocol.Version37)
|
||||
aeadClient = NewNullAEAD(protocol.PerspectiveClient, protocol.Version37)
|
||||
})
|
||||
|
||||
It("seals", func() {
|
||||
aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36)
|
||||
sealed := aead.Seal(nil, plainText, 0, aad)
|
||||
Expect(sealed).To(Equal(append(hash36, plainText...)))
|
||||
Expect(sealed).To(HaveLen(len(plainText) + aead.Overhead()))
|
||||
It("seals and opens, client => server", func() {
|
||||
cipherText := aeadClient.Seal(nil, plainText, 0, aad)
|
||||
res, err := aeadServer.Open(nil, cipherText, 0, aad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.")))
|
||||
})
|
||||
|
||||
It("seals and opens, server => client", func() {
|
||||
cipherText := aeadServer.Seal(nil, plainText, 0, aad)
|
||||
res, err := aeadClient.Open(nil, cipherText, 0, aad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.")))
|
||||
})
|
||||
|
||||
It("rejects short ciphertexts", func() {
|
||||
aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36)
|
||||
_, err := aead.Open(nil, nil, 0, nil)
|
||||
_, err := aeadServer.Open(nil, nil, 0, nil)
|
||||
Expect(err).To(MatchError("NullAEAD: ciphertext cannot be less than 12 bytes long"))
|
||||
})
|
||||
|
||||
It("seals in-place", func() {
|
||||
aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36)
|
||||
buf := make([]byte, 6, 12+6)
|
||||
copy(buf, []byte("foobar"))
|
||||
res := aead.Seal(buf[0:0], buf, 0, nil)
|
||||
res := aeadServer.Seal(buf[0:0], buf, 0, nil)
|
||||
buf = buf[:12+6]
|
||||
Expect(buf[12:]).To(Equal([]byte("foobar")))
|
||||
Expect(res[12:]).To(Equal([]byte("foobar")))
|
||||
@@ -44,32 +49,7 @@ var _ = Describe("NullAEAD using FNV128a", func() {
|
||||
|
||||
It("fails", func() {
|
||||
cipherText := append(append(hash36, plainText...), byte(0x42))
|
||||
aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36)
|
||||
_, err := aead.Open(nil, cipherText, 0, aad)
|
||||
_, err := aeadClient.Open(nil, cipherText, 0, aad)
|
||||
Expect(err).To(HaveOccurred())
|
||||
})
|
||||
|
||||
Context("including the perspective, for QUIC >= 37", func() {
|
||||
var aeadServer AEAD
|
||||
var aeadClient AEAD
|
||||
|
||||
BeforeEach(func() {
|
||||
aeadServer = NewNullAEAD(protocol.PerspectiveServer, protocol.Version37)
|
||||
aeadClient = NewNullAEAD(protocol.PerspectiveClient, protocol.Version37)
|
||||
})
|
||||
|
||||
It("opens, for QUIC version >= 37, as a server", func() {
|
||||
cipherText := aeadClient.Seal(nil, plainText, 0, aad)
|
||||
res, err := aeadServer.Open(nil, cipherText, 0, aad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.")))
|
||||
})
|
||||
|
||||
It("opens, for QUIC version >= 37, as a client", func() {
|
||||
cipherText := aeadServer.Seal(nil, plainText, 0, aad)
|
||||
res, err := aeadClient.Open(nil, cipherText, 0, aad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.")))
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
@@ -10,7 +10,6 @@ var _ = Describe("NullAEAD", func() {
|
||||
It("selects the right FVN variant", func() {
|
||||
Expect(NewNullAEAD(protocol.PerspectiveClient, protocol.Version39)).To(Equal(&nullAEADFNV128a{
|
||||
perspective: protocol.PerspectiveClient,
|
||||
version: protocol.Version39,
|
||||
}))
|
||||
Expect(NewNullAEAD(protocol.PerspectiveClient, protocol.VersionTLS)).To(Equal(&nullAEADFNV64a{}))
|
||||
})
|
||||
|
||||
@@ -22,14 +22,14 @@ var _ = Describe("ConnectionsParameterManager", func() {
|
||||
BeforeEach(func() {
|
||||
cpm = NewConnectionParamatersManager(
|
||||
protocol.PerspectiveServer,
|
||||
protocol.Version36,
|
||||
protocol.VersionWhatever,
|
||||
maxReceiveStreamFlowControlWindowServer,
|
||||
maxReceiveConnectionFlowControlWindowServer,
|
||||
idleTimeout,
|
||||
).(*connectionParametersManager)
|
||||
cpmClient = NewConnectionParamatersManager(
|
||||
protocol.PerspectiveClient,
|
||||
protocol.Version36,
|
||||
protocol.VersionWhatever,
|
||||
maxReceiveStreamFlowControlWindowClient,
|
||||
maxReceiveConnectionFlowControlWindowClient,
|
||||
idleTimeout,
|
||||
|
||||
@@ -98,12 +98,16 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
divNonce: divNonce,
|
||||
pers: pers,
|
||||
}
|
||||
return &mockAEAD{forwardSecure: forwardSecure, sharedSecret: sharedSecret}, nil
|
||||
encLevel := protocol.EncryptionSecure
|
||||
if forwardSecure {
|
||||
encLevel = protocol.EncryptionForwardSecure
|
||||
}
|
||||
return &mockAEAD{encLevel: encLevel, sharedSecret: sharedSecret}, nil
|
||||
}
|
||||
|
||||
stream = newMockStream()
|
||||
certManager = &mockCertManager{}
|
||||
version := protocol.Version36
|
||||
version := protocol.Version37
|
||||
aeadChanged = make(chan protocol.EncryptionLevel, 2)
|
||||
csInt, err := NewCryptoSetupClient(
|
||||
"hostname",
|
||||
@@ -126,6 +130,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
cs.certManager = certManager
|
||||
cs.keyDerivation = keyDerivation
|
||||
cs.keyExchange = func() crypto.KeyExchange { return &mockKEX{ephermal: true} }
|
||||
cs.nullAEAD = &mockAEAD{encLevel: protocol.EncryptionUnencrypted}
|
||||
})
|
||||
|
||||
AfterEach(func() {
|
||||
@@ -211,10 +216,11 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
})
|
||||
|
||||
It("doesn't care about unsupported versions", func() {
|
||||
cs.negotiatedVersions = []protocol.VersionNumber{protocol.VersionUnsupported, protocol.Version36, protocol.VersionUnsupported}
|
||||
ver := protocol.SupportedVersions[0]
|
||||
cs.negotiatedVersions = []protocol.VersionNumber{protocol.VersionUnsupported, ver, protocol.VersionUnsupported}
|
||||
b := &bytes.Buffer{}
|
||||
b.Write([]byte{0, 0, 0, 0})
|
||||
utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(protocol.Version36))
|
||||
utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(ver))
|
||||
b.Write([]byte{0x13, 0x37, 0x13, 0x37})
|
||||
Expect(cs.validateVersionList(b.Bytes())).To(BeTrue())
|
||||
})
|
||||
@@ -406,10 +412,11 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
})
|
||||
|
||||
It("accepts a SHLO after a version negotiation", func() {
|
||||
cs.negotiatedVersions = []protocol.VersionNumber{protocol.Version36}
|
||||
ver := protocol.SupportedVersions[0]
|
||||
cs.negotiatedVersions = []protocol.VersionNumber{ver}
|
||||
cs.receivedSecurePacket = true
|
||||
b := &bytes.Buffer{}
|
||||
utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(protocol.Version36))
|
||||
utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(ver))
|
||||
shloMap[TagVER] = b.Bytes()
|
||||
err := cs.handleSHLOMessage(shloMap)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
@@ -481,7 +488,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(string(tags[TagSNI])).To(Equal(cs.hostname))
|
||||
Expect(tags[TagPDMD]).To(Equal([]byte("X509")))
|
||||
Expect(tags[TagVER]).To(Equal([]byte("Q036")))
|
||||
Expect(tags[TagVER]).To(Equal([]byte("Q037")))
|
||||
Expect(tags[TagCCS]).To(Equal(certManager.commonCertificateHashes))
|
||||
Expect(tags).ToNot(HaveKey(TagTCID))
|
||||
})
|
||||
@@ -578,8 +585,6 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
})
|
||||
|
||||
Context("escalating crypto", func() {
|
||||
var foobarFNVSigned []byte
|
||||
|
||||
doCompleteREJ := func() {
|
||||
cs.serverVerified = true
|
||||
err := cs.maybeUpgradeCrypto()
|
||||
@@ -595,7 +600,6 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
|
||||
// sets all values necessary for escalating to secureAEAD
|
||||
BeforeEach(func() {
|
||||
foobarFNVSigned = []byte{0x18, 0x6f, 0x44, 0xba, 0x97, 0x35, 0xd, 0x6f, 0xbf, 0x64, 0x3c, 0x79, 0x66, 0x6f, 0x6f, 0x62, 0x61, 0x72}
|
||||
kex, err := crypto.NewCurve25519KEX()
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
cs.serverConfig = &serverConfigClient{
|
||||
@@ -688,20 +692,20 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
enc, sealer := cs.GetSealer()
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
|
||||
It("is used for the crypto stream", func() {
|
||||
enc, sealer := cs.GetSealerForCryptoStream()
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
|
||||
It("is accepted initially", func() {
|
||||
d, enc, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
d, enc, err := cs.Open(nil, []byte("unencrypted"), 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("foobar")))
|
||||
Expect(d).To(Equal([]byte("decrypted")))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
})
|
||||
|
||||
@@ -709,24 +713,23 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
doCompleteREJ()
|
||||
cs.receivedSecurePacket = false
|
||||
Expect(cs.secureAEAD).ToNot(BeNil())
|
||||
d, enc, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
d, enc, err := cs.Open(nil, []byte("unencrypted"), 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("foobar")))
|
||||
Expect(d).To(Equal([]byte("decrypted")))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
})
|
||||
|
||||
It("is not accepted after the server sent an encrypted packet", func() {
|
||||
doCompleteREJ()
|
||||
cs.receivedSecurePacket = true
|
||||
_, enc, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
_, enc, err := cs.Open(nil, []byte("unecnrypted"), 0, []byte{})
|
||||
Expect(err).To(MatchError("authentication failed"))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnspecified))
|
||||
})
|
||||
|
||||
It("errors if the has the wrong hash", func() {
|
||||
foobarFNVSigned[0]++
|
||||
_, enc, err := cs.Open(nil, foobarFNVSigned, 0, []byte{})
|
||||
Expect(err).To(MatchError("NullAEAD: failed to authenticate received data"))
|
||||
_, enc, err := cs.Open(nil, []byte("not unecnrypted"), 0, []byte{})
|
||||
Expect(err).To(MatchError("authentication failed"))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnspecified))
|
||||
})
|
||||
})
|
||||
@@ -762,7 +765,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
enc, sealer := cs.GetSealerForCryptoStream()
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
})
|
||||
|
||||
@@ -783,7 +786,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
enc, sealer := cs.GetSealerForCryptoStream()
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
})
|
||||
|
||||
@@ -792,7 +795,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
sealer, err := cs.GetSealerWithEncryptionLevel(protocol.EncryptionUnencrypted)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
|
||||
It("forces initial encryption", func() {
|
||||
|
||||
@@ -55,8 +55,8 @@ func (*mockSigner) GetLeafCert(sni string) ([]byte, error) {
|
||||
}
|
||||
|
||||
type mockAEAD struct {
|
||||
forwardSecure bool
|
||||
sharedSecret []byte
|
||||
encLevel protocol.EncryptionLevel
|
||||
sharedSecret []byte
|
||||
}
|
||||
|
||||
var _ crypto.AEAD = &mockAEAD{}
|
||||
@@ -67,18 +67,23 @@ func (m *mockAEAD) Seal(dst, src []byte, packetNumber protocol.PacketNumber, ass
|
||||
}
|
||||
dst = dst[:len(src)+12]
|
||||
copy(dst, src)
|
||||
if !m.forwardSecure {
|
||||
switch m.encLevel {
|
||||
case protocol.EncryptionUnencrypted:
|
||||
copy(dst[len(src):], []byte(" unencrypted"))
|
||||
case protocol.EncryptionSecure:
|
||||
copy(dst[len(src):], []byte(" normal sec"))
|
||||
} else {
|
||||
case protocol.EncryptionForwardSecure:
|
||||
copy(dst[len(src):], []byte(" forward sec"))
|
||||
default:
|
||||
Fail("invalid encryption level")
|
||||
}
|
||||
return dst
|
||||
}
|
||||
|
||||
func (m *mockAEAD) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, error) {
|
||||
if m.forwardSecure && string(src) == "forward secure encrypted" {
|
||||
return []byte("decrypted"), nil
|
||||
} else if !m.forwardSecure && string(src) == "encrypted" {
|
||||
if m.encLevel == protocol.EncryptionUnencrypted && string(src) == "unencrypted" ||
|
||||
m.encLevel == protocol.EncryptionForwardSecure && string(src) == "forward secure encrypted" ||
|
||||
m.encLevel == protocol.EncryptionSecure && string(src) == "encrypted" {
|
||||
return []byte("decrypted"), nil
|
||||
}
|
||||
return nil, errors.New("authentication failed")
|
||||
@@ -92,12 +97,15 @@ var expectedInitialNonceLen int
|
||||
var expectedFSNonceLen int
|
||||
|
||||
func mockQuicCryptoKeyDerivation(forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte, pers protocol.Perspective) (crypto.AEAD, error) {
|
||||
var encLevel protocol.EncryptionLevel
|
||||
if forwardSecure {
|
||||
encLevel = protocol.EncryptionForwardSecure
|
||||
Expect(nonces).To(HaveLen(expectedFSNonceLen))
|
||||
} else {
|
||||
encLevel = protocol.EncryptionSecure
|
||||
Expect(nonces).To(HaveLen(expectedInitialNonceLen))
|
||||
}
|
||||
return &mockAEAD{forwardSecure: forwardSecure, sharedSecret: sharedSecret}, nil
|
||||
return &mockAEAD{encLevel: encLevel, sharedSecret: sharedSecret}, nil
|
||||
}
|
||||
|
||||
type mockStream struct {
|
||||
@@ -216,6 +224,7 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
cs.acceptSTKCallback = func(_ net.Addr, _ *Cookie) bool { return sourceAddrValid }
|
||||
cs.keyDerivation = mockQuicCryptoKeyDerivation
|
||||
cs.keyExchange = func() crypto.KeyExchange { return &mockKEX{ephermal: true} }
|
||||
cs.nullAEAD = &mockAEAD{encLevel: protocol.EncryptionUnencrypted}
|
||||
})
|
||||
|
||||
AfterEach(func() {
|
||||
@@ -334,11 +343,11 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
Expect(response).To(ContainSubstring(string(b.Bytes())))
|
||||
}
|
||||
Expect(cs.secureAEAD).ToNot(BeNil())
|
||||
Expect(cs.secureAEAD.(*mockAEAD).forwardSecure).To(BeFalse())
|
||||
Expect(cs.secureAEAD.(*mockAEAD).encLevel).To(Equal(protocol.EncryptionSecure))
|
||||
Expect(cs.secureAEAD.(*mockAEAD).sharedSecret).To(Equal([]byte("shared key")))
|
||||
Expect(cs.forwardSecureAEAD).ToNot(BeNil())
|
||||
Expect(cs.forwardSecureAEAD.(*mockAEAD).sharedSecret).To(Equal([]byte("shared ephermal")))
|
||||
Expect(cs.forwardSecureAEAD.(*mockAEAD).forwardSecure).To(BeTrue())
|
||||
Expect(cs.forwardSecureAEAD.(*mockAEAD).encLevel).To(Equal(protocol.EncryptionForwardSecure))
|
||||
})
|
||||
|
||||
It("handles long handshake", func() {
|
||||
@@ -544,16 +553,6 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
})
|
||||
|
||||
Context("escalating crypto", func() {
|
||||
var foobarServerFNVSigned []byte // a "foobar" sent by the server, FNV signed
|
||||
var foobarClientFNVSigned []byte // a "foobar" sent by the client, FNV signed
|
||||
|
||||
BeforeEach(func() {
|
||||
nullAEADServer := crypto.NewNullAEAD(protocol.PerspectiveServer, version)
|
||||
foobarServerFNVSigned = nullAEADServer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
nullAEADClient := crypto.NewNullAEAD(protocol.PerspectiveClient, version)
|
||||
foobarClientFNVSigned = nullAEADClient.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
})
|
||||
|
||||
doCHLO := func() {
|
||||
_, err := cs.handleCHLO("", []byte("chlo-data"), map[Tag][]byte{
|
||||
TagPUBS: []byte("pubs-c"),
|
||||
@@ -571,34 +570,33 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
enc, sealer := cs.GetSealer()
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarServerFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
|
||||
It("is used for crypto stream", func() {
|
||||
enc, sealer := cs.GetSealerForCryptoStream()
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarServerFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
|
||||
It("is accepted initially", func() {
|
||||
d, enc, err := cs.Open(nil, foobarClientFNVSigned, 0, []byte{})
|
||||
d, enc, err := cs.Open(nil, []byte("unencrypted"), 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("foobar")))
|
||||
Expect(d).To(Equal([]byte("decrypted")))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
})
|
||||
|
||||
It("errors if the has the wrong hash", func() {
|
||||
foobarClientFNVSigned[0]++
|
||||
_, enc, err := cs.Open(nil, foobarClientFNVSigned, 0, []byte{})
|
||||
Expect(err).To(MatchError("NullAEAD: failed to authenticate received data"))
|
||||
_, enc, err := cs.Open(nil, []byte("not unencrypted"), 0, []byte{})
|
||||
Expect(err).To(MatchError("authentication failed"))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnspecified))
|
||||
})
|
||||
|
||||
It("is still accepted after CHLO", func() {
|
||||
doCHLO()
|
||||
Expect(cs.secureAEAD).ToNot(BeNil())
|
||||
_, enc, err := cs.Open(nil, foobarClientFNVSigned, 0, []byte{})
|
||||
_, enc, err := cs.Open(nil, []byte("unencrypted"), 0, []byte{})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
|
||||
})
|
||||
@@ -610,7 +608,7 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
Expect(enc).To(Equal(protocol.EncryptionSecure))
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(d).To(Equal([]byte("decrypted")))
|
||||
_, enc, err = cs.Open(nil, foobarClientFNVSigned, 0, []byte{})
|
||||
_, enc, err = cs.Open(nil, []byte("foobar unencrypted"), 0, []byte{})
|
||||
Expect(err).To(MatchError("authentication failed"))
|
||||
Expect(enc).To(Equal(protocol.EncryptionUnspecified))
|
||||
})
|
||||
@@ -620,7 +618,7 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
enc, sealer := cs.GetSealer()
|
||||
Expect(enc).ToNot(Equal(protocol.EncryptionUnencrypted))
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).ToNot(Equal(foobarServerFNVSigned))
|
||||
Expect(d).ToNot(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
})
|
||||
|
||||
@@ -673,7 +671,7 @@ var _ = Describe("Server Crypto Setup", func() {
|
||||
sealer, err := cs.GetSealerWithEncryptionLevel(protocol.EncryptionUnencrypted)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
d := sealer.Seal(nil, []byte("foobar"), 0, []byte{})
|
||||
Expect(d).To(Equal(foobarServerFNVSigned))
|
||||
Expect(d).To(Equal([]byte("foobar unencrypted")))
|
||||
})
|
||||
|
||||
It("forces initial encryption", func() {
|
||||
|
||||
@@ -27,7 +27,7 @@ func (h *fakeMintController) ComputeExporter(label string, context []byte, keyLe
|
||||
}
|
||||
|
||||
func mockKeyDerivation(crypto.MintController, protocol.Perspective) (crypto.AEAD, error) {
|
||||
return &mockAEAD{forwardSecure: true}, nil
|
||||
return &mockAEAD{encLevel: protocol.EncryptionForwardSecure}, nil
|
||||
}
|
||||
|
||||
var _ = Describe("TLS Crypto Setup", func() {
|
||||
|
||||
@@ -5,8 +5,7 @@ type VersionNumber int
|
||||
|
||||
// The version numbers, making grepping easier
|
||||
const (
|
||||
Version36 VersionNumber = 36 + iota
|
||||
Version37
|
||||
Version37 VersionNumber = 37 + iota
|
||||
Version38
|
||||
Version39
|
||||
VersionTLS VersionNumber = 101
|
||||
@@ -21,7 +20,6 @@ var SupportedVersions = []VersionNumber{
|
||||
Version39,
|
||||
Version38,
|
||||
Version37,
|
||||
Version36,
|
||||
}
|
||||
|
||||
// UsesTLS says if this QUIC version uses TLS 1.3 for the handshake
|
||||
|
||||
@@ -7,7 +7,6 @@ import (
|
||||
|
||||
var _ = Describe("Version", func() {
|
||||
It("says if a version supports TLS", func() {
|
||||
Expect(Version36.UsesTLS()).To(BeFalse())
|
||||
Expect(Version37.UsesTLS()).To(BeFalse())
|
||||
Expect(Version38.UsesTLS()).To(BeFalse())
|
||||
Expect(Version39.UsesTLS()).To(BeFalse())
|
||||
|
||||
@@ -8,8 +8,8 @@ import (
|
||||
|
||||
var _ = Describe("Byte Order", func() {
|
||||
It("says little Little Endian before QUIC 39", func() {
|
||||
Expect(GetByteOrder(protocol.Version36)).To(Equal(LittleEndian))
|
||||
Expect(GetByteOrder(protocol.Version37)).To(Equal(LittleEndian))
|
||||
Expect(GetByteOrder(protocol.Version38)).To(Equal(LittleEndian))
|
||||
})
|
||||
|
||||
It("says little Little Endian for QUIC 39", func() {
|
||||
|
||||
@@ -365,7 +365,7 @@ var _ = Describe("Public Header", func() {
|
||||
b := &bytes.Buffer{}
|
||||
hdr := PublicHeader{
|
||||
VersionFlag: true,
|
||||
VersionNumber: protocol.Version36,
|
||||
VersionNumber: protocol.Version38,
|
||||
ConnectionID: 0x4cfa9f9b668619f6,
|
||||
PacketNumber: 0x1337,
|
||||
PacketNumberLen: protocol.PacketNumberLen6,
|
||||
@@ -377,7 +377,7 @@ var _ = Describe("Public Header", func() {
|
||||
firstByte, _ := b.ReadByte()
|
||||
Expect(firstByte & 0x01).To(Equal(uint8(1)))
|
||||
Expect(firstByte & 0x30).To(Equal(uint8(0x30)))
|
||||
Expect(string(b.Bytes()[8:12])).To(Equal("Q036"))
|
||||
Expect(string(b.Bytes()[8:12])).To(Equal("Q038"))
|
||||
Expect(b.Bytes()[12:18]).To(Equal([]byte{0x37, 0x13, 0, 0, 0, 0}))
|
||||
})
|
||||
})
|
||||
@@ -455,7 +455,7 @@ var _ = Describe("Public Header", func() {
|
||||
PacketNumber: 0xDECAFBAD,
|
||||
PacketNumberLen: protocol.PacketNumberLen6,
|
||||
VersionFlag: true,
|
||||
VersionNumber: protocol.Version36,
|
||||
VersionNumber: versionLittleEndian,
|
||||
}
|
||||
length, err := hdr.GetLength(protocol.PerspectiveClient)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
|
||||
@@ -17,7 +17,7 @@ type mockAEAD struct {
|
||||
}
|
||||
|
||||
func (m *mockAEAD) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error) {
|
||||
nullAEAD := crypto.NewNullAEAD(protocol.PerspectiveServer, protocol.VersionWhatever)
|
||||
nullAEAD := crypto.NewNullAEAD(protocol.PerspectiveClient, protocol.VersionWhatever)
|
||||
res, err := nullAEAD.Open(dst, src, packetNumber, associatedData)
|
||||
return res, m.encLevelOpen, err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user