diff --git a/internal/handshake/aead_test.go b/internal/handshake/aead_test.go index c0e5f2a2c..49082d2f6 100644 --- a/internal/handshake/aead_test.go +++ b/internal/handshake/aead_test.go @@ -14,9 +14,7 @@ var _ = Describe("AEAD", func() { for i := range cipherSuites { cs := cipherSuites[i] - Context(fmt.Sprintf("using %s", cs.name), func() { - suite := cs.suite - + Context(fmt.Sprintf("using %s", cipherSuiteName(cs.ID)), func() { getSealerAndOpener := func() (LongHeaderSealer, LongHeaderOpener) { key := make([]byte, 16) hpKey := make([]byte, 16) @@ -27,8 +25,8 @@ var _ = Describe("AEAD", func() { aead, err := cipher.NewGCM(block) Expect(err).ToNot(HaveOccurred()) - return newLongHeaderSealer(aead, newHeaderProtector(suite, key, true)), - newLongHeaderOpener(aead, newHeaderProtector(suite, key, true)) + return newLongHeaderSealer(aead, newHeaderProtector(cs, key, true)), + newLongHeaderOpener(aead, newHeaderProtector(cs, key, true)) } Context("message encryption", func() { diff --git a/internal/handshake/crypto_setup.go b/internal/handshake/crypto_setup.go index c67108e24..91f555a39 100644 --- a/internal/handshake/crypto_setup.go +++ b/internal/handshake/crypto_setup.go @@ -500,12 +500,12 @@ func (h *cryptoSetup) SetReadKey(encLevel qtls.EncryptionLevel, suite *qtls.Ciph createAEAD(suite, trafficSecret), newHeaderProtector(suite, trafficSecret, true), ) - h.logger.Debugf("Installed Handshake Read keys") + h.logger.Debugf("Installed Handshake Read keys (using %s)", cipherSuiteName(suite.ID)) case qtls.EncryptionApplication: h.readEncLevel = protocol.Encryption1RTT h.aead.SetReadKey(suite, trafficSecret) h.has1RTTOpener = true - h.logger.Debugf("Installed 1-RTT Read keys") + h.logger.Debugf("Installed 1-RTT Read keys (using %s)", cipherSuiteName(suite.ID)) default: panic("unexpected read encryption level") } @@ -522,12 +522,12 @@ func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.Cip createAEAD(suite, trafficSecret), newHeaderProtector(suite, trafficSecret, true), ) - h.logger.Debugf("Installed Handshake Write keys") + h.logger.Debugf("Installed Handshake Write keys (using %s)", cipherSuiteName(suite.ID)) case qtls.EncryptionApplication: h.writeEncLevel = protocol.Encryption1RTT h.aead.SetWriteKey(suite, trafficSecret) h.has1RTTSealer = true - h.logger.Debugf("Installed 1-RTT Write keys") + h.logger.Debugf("Installed 1-RTT Write keys (using %s)", cipherSuiteName(suite.ID)) default: panic("unexpected write encryption level") } diff --git a/internal/handshake/handshake_suite_test.go b/internal/handshake/handshake_suite_test.go index 158460eb4..20750b996 100644 --- a/internal/handshake/handshake_suite_test.go +++ b/internal/handshake/handshake_suite_test.go @@ -31,36 +31,24 @@ var _ = AfterEach(func() { var aeadChaCha20Poly1305 func(key, nonceMask []byte) cipher.AEAD -var cipherSuites = []struct { - name string - suite *qtls.CipherSuiteTLS13 -}{ - { - name: "TLS_AES_128_GCM_SHA256", - suite: &qtls.CipherSuiteTLS13{ - ID: qtls.TLS_AES_128_GCM_SHA256, - KeyLen: 16, - AEAD: qtls.AEADAESGCMTLS13, - Hash: crypto.SHA256, - }, +var cipherSuites = []*qtls.CipherSuiteTLS13{ + &qtls.CipherSuiteTLS13{ + ID: qtls.TLS_AES_128_GCM_SHA256, + KeyLen: 16, + AEAD: qtls.AEADAESGCMTLS13, + Hash: crypto.SHA256, }, - { - name: "TLS_AES_256_GCM_SHA384", - suite: &qtls.CipherSuiteTLS13{ - ID: qtls.TLS_AES_256_GCM_SHA384, - KeyLen: 32, - AEAD: qtls.AEADAESGCMTLS13, - Hash: crypto.SHA384, - }, + &qtls.CipherSuiteTLS13{ + ID: qtls.TLS_AES_256_GCM_SHA384, + KeyLen: 32, + AEAD: qtls.AEADAESGCMTLS13, + Hash: crypto.SHA384, }, - { - name: "TLS_CHACHA20_POLY1305_SHA256", - suite: &qtls.CipherSuiteTLS13{ - ID: qtls.TLS_CHACHA20_POLY1305_SHA256, - KeyLen: 32, - AEAD: nil, // will be set by init - Hash: crypto.SHA256, - }, + &qtls.CipherSuiteTLS13{ + ID: qtls.TLS_CHACHA20_POLY1305_SHA256, + KeyLen: 32, + AEAD: nil, // will be set by init + Hash: crypto.SHA256, }, } @@ -69,8 +57,8 @@ func init() { panic(err) } for _, s := range cipherSuites { - if s.suite.ID == qtls.TLS_CHACHA20_POLY1305_SHA256 { - s.suite.AEAD = aeadChaCha20Poly1305 + if s.ID == qtls.TLS_CHACHA20_POLY1305_SHA256 { + s.AEAD = aeadChaCha20Poly1305 } } } diff --git a/internal/handshake/qtls.go b/internal/handshake/qtls.go index cd0931428..9ce5e655c 100644 --- a/internal/handshake/qtls.go +++ b/internal/handshake/qtls.go @@ -131,3 +131,16 @@ func tlsConfigToQtlsConfig( ReceivedExtensions: extHandler.ReceivedExtensions, } } + +func cipherSuiteName(id uint16) string { + switch id { + case qtls.TLS_AES_128_GCM_SHA256: + return "TLS_AES_128_GCM_SHA256" + case qtls.TLS_CHACHA20_POLY1305_SHA256: + return "TLS_CHACHA20_POLY1305_SHA256" + case qtls.TLS_AES_256_GCM_SHA384: + return "TLS_AES_256_GCM_SHA384" + default: + return "unknown cipher suite" + } +} diff --git a/internal/handshake/updatable_aead_test.go b/internal/handshake/updatable_aead_test.go index ab28d28b1..51000a44c 100644 --- a/internal/handshake/updatable_aead_test.go +++ b/internal/handshake/updatable_aead_test.go @@ -17,8 +17,7 @@ var _ = Describe("Updatable AEAD", func() { for i := range cipherSuites { cs := cipherSuites[i] - Context(fmt.Sprintf("using %s", cs.name), func() { - suite := cs.suite + Context(fmt.Sprintf("using %s", cipherSuiteName(cs.ID)), func() { getPeers := func(rttStats *congestion.RTTStats) (client, server *updatableAEAD) { trafficSecret1 := make([]byte, 16) @@ -28,10 +27,10 @@ var _ = Describe("Updatable AEAD", func() { client = newUpdatableAEAD(rttStats, utils.DefaultLogger) server = newUpdatableAEAD(rttStats, utils.DefaultLogger) - client.SetReadKey(suite, trafficSecret2) - client.SetWriteKey(suite, trafficSecret1) - server.SetReadKey(suite, trafficSecret1) - server.SetWriteKey(suite, trafficSecret2) + client.SetReadKey(cs, trafficSecret2) + client.SetWriteKey(cs, trafficSecret1) + server.SetReadKey(cs, trafficSecret1) + server.SetWriteKey(cs, trafficSecret2) return }