forked from quic-go/quic-go
replace the SetDiversificationNonce crypto setup method by a chan
This commit is contained in:
Marten Seemann
@@ -38,7 +38,7 @@ type cryptoSetupClient struct {
|
||||
lastSentCHLO []byte
|
||||
certManager crypto.CertManager
|
||||
|
||||
divNonceChan chan []byte
|
||||
divNonceChan <-chan []byte
|
||||
diversificationNonce []byte
|
||||
|
||||
clientHelloCounter int
|
||||
@@ -76,12 +76,13 @@ func NewCryptoSetupClient(
|
||||
handshakeEvent chan<- struct{},
|
||||
initialVersion protocol.VersionNumber,
|
||||
negotiatedVersions []protocol.VersionNumber,
|
||||
) (CryptoSetup, error) {
|
||||
) (CryptoSetup, chan<- []byte, error) {
|
||||
nullAEAD, err := crypto.NewNullAEAD(protocol.PerspectiveClient, connID, version)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
return nil, nil, err
|
||||
}
|
||||
return &cryptoSetupClient{
|
||||
divNonceChan := make(chan []byte)
|
||||
cs := &cryptoSetupClient{
|
||||
cryptoStream: cryptoStream,
|
||||
hostname: hostname,
|
||||
connID: connID,
|
||||
@@ -94,8 +95,9 @@ func NewCryptoSetupClient(
|
||||
handshakeEvent: handshakeEvent,
|
||||
initialVersion: initialVersion,
|
||||
negotiatedVersions: negotiatedVersions,
|
||||
divNonceChan: make(chan []byte),
|
||||
}, nil
|
||||
divNonceChan: divNonceChan,
|
||||
}
|
||||
return cs, divNonceChan, nil
|
||||
}
|
||||
|
||||
func (h *cryptoSetupClient) HandleCryptoStream() error {
|
||||
@@ -375,10 +377,6 @@ func (h *cryptoSetupClient) DiversificationNonce() []byte {
|
||||
panic("not needed for cryptoSetupClient")
|
||||
}
|
||||
|
||||
func (h *cryptoSetupClient) SetDiversificationNonce(data []byte) {
|
||||
h.divNonceChan <- data
|
||||
}
|
||||
|
||||
func (h *cryptoSetupClient) ConnectionState() ConnectionState {
|
||||
h.mutex.Lock()
|
||||
defer h.mutex.Unlock()
|
||||
|
||||
@@ -91,6 +91,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
shloMap map[Tag][]byte
|
||||
handshakeEvent chan struct{}
|
||||
paramsChan chan TransportParameters
|
||||
divNonceChan chan<- []byte
|
||||
)
|
||||
|
||||
BeforeEach(func() {
|
||||
@@ -119,7 +120,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
// use a buffered channel here, so that we can parse a SHLO without having to receive the TransportParameters to avoid blocking
|
||||
paramsChan = make(chan TransportParameters, 1)
|
||||
handshakeEvent = make(chan struct{}, 2)
|
||||
csInt, err := NewCryptoSetupClient(
|
||||
csInt, dnc, err := NewCryptoSetupClient(
|
||||
stream,
|
||||
"hostname",
|
||||
0,
|
||||
@@ -137,6 +138,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
cs.keyDerivation = keyDerivation
|
||||
cs.nullAEAD = mockcrypto.NewMockAEAD(mockCtrl)
|
||||
cs.cryptoStream = stream
|
||||
divNonceChan = dnc
|
||||
})
|
||||
|
||||
Context("Reading REJ", func() {
|
||||
@@ -723,7 +725,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
cs.diversificationNonce = nil
|
||||
cs.serverVerified = true
|
||||
Expect(cs.secureAEAD).To(BeNil())
|
||||
cs.SetDiversificationNonce([]byte("div"))
|
||||
divNonceChan <- []byte("div")
|
||||
Eventually(handshakeEvent).Should(Receive())
|
||||
Expect(cs.secureAEAD).ToNot(BeNil())
|
||||
Expect(handshakeEvent).ToNot(Receive())
|
||||
@@ -923,7 +925,7 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
close(done)
|
||||
}()
|
||||
nonce := []byte("foobar")
|
||||
cs.SetDiversificationNonce(nonce)
|
||||
divNonceChan <- nonce
|
||||
Eventually(func() []byte { return cs.diversificationNonce }).Should(Equal(nonce))
|
||||
// make the go routine return
|
||||
stream.close()
|
||||
@@ -939,8 +941,8 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
close(done)
|
||||
}()
|
||||
nonce := []byte("foobar")
|
||||
cs.SetDiversificationNonce(nonce)
|
||||
cs.SetDiversificationNonce(nonce)
|
||||
divNonceChan <- nonce
|
||||
divNonceChan <- nonce
|
||||
Eventually(func() []byte { return cs.diversificationNonce }).Should(Equal(nonce))
|
||||
// make the go routine return
|
||||
stream.close()
|
||||
@@ -957,8 +959,8 @@ var _ = Describe("Client Crypto Setup", func() {
|
||||
}()
|
||||
nonce1 := []byte("foobar")
|
||||
nonce2 := []byte("raboof")
|
||||
cs.SetDiversificationNonce(nonce1)
|
||||
cs.SetDiversificationNonce(nonce2)
|
||||
divNonceChan <- nonce1
|
||||
divNonceChan <- nonce2
|
||||
Eventually(done).Should(BeClosed())
|
||||
})
|
||||
})
|
||||
|
||||
@@ -455,10 +455,6 @@ func (h *cryptoSetupServer) DiversificationNonce() []byte {
|
||||
return h.diversificationNonce
|
||||
}
|
||||
|
||||
func (h *cryptoSetupServer) SetDiversificationNonce(data []byte) {
|
||||
panic("not needed for cryptoSetupServer")
|
||||
}
|
||||
|
||||
func (h *cryptoSetupServer) ConnectionState() ConnectionState {
|
||||
h.mutex.Lock()
|
||||
defer h.mutex.Unlock()
|
||||
|
||||
@@ -161,10 +161,6 @@ func (h *cryptoSetupTLS) DiversificationNonce() []byte {
|
||||
panic("diversification nonce not needed for TLS")
|
||||
}
|
||||
|
||||
func (h *cryptoSetupTLS) SetDiversificationNonce([]byte) {
|
||||
panic("diversification nonce not needed for TLS")
|
||||
}
|
||||
|
||||
func (h *cryptoSetupTLS) ConnectionState() ConnectionState {
|
||||
h.mutex.Lock()
|
||||
defer h.mutex.Unlock()
|
||||
|
||||
@@ -40,8 +40,7 @@ type CryptoSetup interface {
|
||||
Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
|
||||
HandleCryptoStream() error
|
||||
// TODO: clean up this interface
|
||||
DiversificationNonce() []byte // only needed for cryptoSetupServer
|
||||
SetDiversificationNonce([]byte) // only needed for cryptoSetupClient
|
||||
DiversificationNonce() []byte // only needed for cryptoSetupServer
|
||||
ConnectionState() ConnectionState
|
||||
|
||||
GetSealer() (protocol.EncryptionLevel, Sealer)
|
||||
|
||||
@@ -48,9 +48,8 @@ func (m *mockCryptoSetup) GetSealerForCryptoStream() (protocol.EncryptionLevel,
|
||||
func (m *mockCryptoSetup) GetSealerWithEncryptionLevel(protocol.EncryptionLevel) (handshake.Sealer, error) {
|
||||
return &mockSealer{}, nil
|
||||
}
|
||||
func (m *mockCryptoSetup) DiversificationNonce() []byte { return m.divNonce }
|
||||
func (m *mockCryptoSetup) SetDiversificationNonce(divNonce []byte) { m.divNonce = divNonce }
|
||||
func (m *mockCryptoSetup) ConnectionState() ConnectionState { panic("not implemented") }
|
||||
func (m *mockCryptoSetup) DiversificationNonce() []byte { return m.divNonce }
|
||||
func (m *mockCryptoSetup) ConnectionState() ConnectionState { panic("not implemented") }
|
||||
|
||||
var _ = Describe("Packet packer", func() {
|
||||
const maxPacketSize protocol.ByteCount = 1357
|
||||
|
||||
11
session.go
11
session.go
@@ -84,7 +84,8 @@ type session struct {
|
||||
unpacker unpacker
|
||||
packer *packetPacker
|
||||
|
||||
cryptoSetup handshake.CryptoSetup
|
||||
cryptoSetup handshake.CryptoSetup
|
||||
divNonceChan chan<- []byte // only set for the client
|
||||
|
||||
receivedPackets chan *receivedPacket
|
||||
sendingScheduled chan struct{}
|
||||
@@ -210,7 +211,7 @@ var newClientSession = func(
|
||||
IdleTimeout: s.config.IdleTimeout,
|
||||
OmitConnectionID: s.config.RequestConnectionIDOmission,
|
||||
}
|
||||
cs, err := newCryptoSetupClient(
|
||||
cs, divNonceChan, err := newCryptoSetupClient(
|
||||
s.cryptoStream,
|
||||
hostname,
|
||||
s.connectionID,
|
||||
@@ -226,6 +227,7 @@ var newClientSession = func(
|
||||
return nil, err
|
||||
}
|
||||
s.cryptoSetup = cs
|
||||
s.divNonceChan = divNonceChan
|
||||
return s, s.postSetup(1)
|
||||
}
|
||||
|
||||
@@ -503,9 +505,8 @@ func (s *session) maybeResetTimer() {
|
||||
|
||||
func (s *session) handlePacketImpl(p *receivedPacket) error {
|
||||
if s.perspective == protocol.PerspectiveClient {
|
||||
diversificationNonce := p.header.DiversificationNonce
|
||||
if len(diversificationNonce) > 0 {
|
||||
s.cryptoSetup.SetDiversificationNonce(diversificationNonce)
|
||||
if divNonce := p.header.DiversificationNonce; len(divNonce) > 0 {
|
||||
s.divNonceChan <- divNonce
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1681,6 +1681,7 @@ var _ = Describe("Client Session", func() {
|
||||
sess *session
|
||||
mconn *mockConnection
|
||||
handshakeChan chan<- struct{}
|
||||
divNonceChan chan []byte
|
||||
|
||||
cryptoSetup *mockCryptoSetup
|
||||
)
|
||||
@@ -1689,6 +1690,7 @@ var _ = Describe("Client Session", func() {
|
||||
Eventually(areSessionsRunning).Should(BeFalse())
|
||||
|
||||
cryptoSetup = &mockCryptoSetup{}
|
||||
divNonceChan = make(chan []byte, 1)
|
||||
newCryptoSetupClient = func(
|
||||
_ io.ReadWriter,
|
||||
_ string,
|
||||
@@ -1700,9 +1702,9 @@ var _ = Describe("Client Session", func() {
|
||||
handshakeChanP chan<- struct{},
|
||||
_ protocol.VersionNumber,
|
||||
_ []protocol.VersionNumber,
|
||||
) (handshake.CryptoSetup, error) {
|
||||
) (handshake.CryptoSetup, chan<- []byte, error) {
|
||||
handshakeChan = handshakeChanP
|
||||
return cryptoSetup, nil
|
||||
return cryptoSetup, divNonceChan, nil
|
||||
}
|
||||
|
||||
mconn = newMockConnection()
|
||||
@@ -1760,7 +1762,7 @@ var _ = Describe("Client Session", func() {
|
||||
hdr.DiversificationNonce = []byte("foobar")
|
||||
err := sess.handlePacketImpl(&receivedPacket{header: hdr})
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Eventually(func() []byte { return cryptoSetup.divNonce }).Should(Equal(hdr.DiversificationNonce))
|
||||
Expect(divNonceChan).To(Receive(Equal(hdr.DiversificationNonce)))
|
||||
Expect(sess.Close(nil)).To(Succeed())
|
||||
Eventually(done).Should(BeClosed())
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user