forked from quic-go/quic-go
disable chacha20 build until we have solved the dependency situation
This commit is contained in:
Lucas Clemente
@@ -1,3 +1,5 @@
|
||||
// +build ignore
|
||||
|
||||
package crypto
|
||||
|
||||
import (
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
// +build ignore
|
||||
|
||||
package crypto
|
||||
|
||||
import (
|
||||
|
||||
@@ -12,13 +12,13 @@ import (
|
||||
)
|
||||
|
||||
// DeriveKeysChacha20 derives the client and server keys and creates a matching chacha20poly1305 AEAD instance
|
||||
func DeriveKeysChacha20(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
||||
otherKey, myKey, otherIV, myIV, err := deriveKeys(version, forwardSecure, sharedSecret, nonces, connID, chlo, scfg, cert, divNonce, 32)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return NewAEADChacha20Poly1305(otherKey, myKey, otherIV, myIV)
|
||||
}
|
||||
// func DeriveKeysChacha20(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
||||
// otherKey, myKey, otherIV, myIV, err := deriveKeys(version, forwardSecure, sharedSecret, nonces, connID, chlo, scfg, cert, divNonce, 32)
|
||||
// if err != nil {
|
||||
// return nil, err
|
||||
// }
|
||||
// return NewAEADChacha20Poly1305(otherKey, myKey, otherIV, myIV)
|
||||
// }
|
||||
|
||||
// DeriveKeysAESGCM derives the client and server keys and creates a matching AES-GCM AEAD instance
|
||||
func DeriveKeysAESGCM(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
||||
|
||||
@@ -8,83 +8,83 @@ import (
|
||||
)
|
||||
|
||||
var _ = Describe("KeyDerivation", func() {
|
||||
Context("chacha20poly1305", func() {
|
||||
It("derives non-fs keys", func() {
|
||||
aead, err := DeriveKeysChacha20(
|
||||
protocol.Version32,
|
||||
false,
|
||||
[]byte("0123456789012345678901"),
|
||||
[]byte("nonce"),
|
||||
protocol.ConnectionID(42),
|
||||
[]byte("chlo"),
|
||||
[]byte("scfg"),
|
||||
[]byte("cert"),
|
||||
nil,
|
||||
)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
chacha := aead.(*aeadChacha20Poly1305)
|
||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
||||
Expect(chacha.myIV).To(Equal([]byte{0xf0, 0xf5, 0x4c, 0xa8}))
|
||||
Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
||||
})
|
||||
|
||||
It("derives fs keys", func() {
|
||||
aead, err := DeriveKeysChacha20(
|
||||
protocol.Version32,
|
||||
true,
|
||||
[]byte("0123456789012345678901"),
|
||||
[]byte("nonce"),
|
||||
protocol.ConnectionID(42),
|
||||
[]byte("chlo"),
|
||||
[]byte("scfg"),
|
||||
[]byte("cert"),
|
||||
nil,
|
||||
)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
chacha := aead.(*aeadChacha20Poly1305)
|
||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
||||
Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
||||
Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
||||
})
|
||||
|
||||
It("does not use diversification nonces in FS key derivation", func() {
|
||||
aead, err := DeriveKeysChacha20(
|
||||
protocol.Version33,
|
||||
true,
|
||||
[]byte("0123456789012345678901"),
|
||||
[]byte("nonce"),
|
||||
protocol.ConnectionID(42),
|
||||
[]byte("chlo"),
|
||||
[]byte("scfg"),
|
||||
[]byte("cert"),
|
||||
[]byte("divnonce"),
|
||||
)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
chacha := aead.(*aeadChacha20Poly1305)
|
||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
||||
Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
||||
Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
||||
})
|
||||
|
||||
It("uses diversification nonces in initial key derivation", func() {
|
||||
aead, err := DeriveKeysChacha20(
|
||||
protocol.Version33,
|
||||
false,
|
||||
[]byte("0123456789012345678901"),
|
||||
[]byte("nonce"),
|
||||
protocol.ConnectionID(42),
|
||||
[]byte("chlo"),
|
||||
[]byte("scfg"),
|
||||
[]byte("cert"),
|
||||
[]byte("divnonce"),
|
||||
)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
chacha := aead.(*aeadChacha20Poly1305)
|
||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
||||
Expect(chacha.myIV).To(Equal([]byte{0xc4, 0x12, 0x25, 0x64}))
|
||||
Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
||||
})
|
||||
})
|
||||
// Context("chacha20poly1305", func() {
|
||||
// It("derives non-fs keys", func() {
|
||||
// aead, err := DeriveKeysChacha20(
|
||||
// protocol.Version32,
|
||||
// false,
|
||||
// []byte("0123456789012345678901"),
|
||||
// []byte("nonce"),
|
||||
// protocol.ConnectionID(42),
|
||||
// []byte("chlo"),
|
||||
// []byte("scfg"),
|
||||
// []byte("cert"),
|
||||
// nil,
|
||||
// )
|
||||
// Expect(err).ToNot(HaveOccurred())
|
||||
// chacha := aead.(*aeadChacha20Poly1305)
|
||||
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||
// Expect(chacha.myIV).To(Equal([]byte{0xf0, 0xf5, 0x4c, 0xa8}))
|
||||
// Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
||||
// })
|
||||
//
|
||||
// It("derives fs keys", func() {
|
||||
// aead, err := DeriveKeysChacha20(
|
||||
// protocol.Version32,
|
||||
// true,
|
||||
// []byte("0123456789012345678901"),
|
||||
// []byte("nonce"),
|
||||
// protocol.ConnectionID(42),
|
||||
// []byte("chlo"),
|
||||
// []byte("scfg"),
|
||||
// []byte("cert"),
|
||||
// nil,
|
||||
// )
|
||||
// Expect(err).ToNot(HaveOccurred())
|
||||
// chacha := aead.(*aeadChacha20Poly1305)
|
||||
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||
// Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
||||
// Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
||||
// })
|
||||
//
|
||||
// It("does not use diversification nonces in FS key derivation", func() {
|
||||
// aead, err := DeriveKeysChacha20(
|
||||
// protocol.Version33,
|
||||
// true,
|
||||
// []byte("0123456789012345678901"),
|
||||
// []byte("nonce"),
|
||||
// protocol.ConnectionID(42),
|
||||
// []byte("chlo"),
|
||||
// []byte("scfg"),
|
||||
// []byte("cert"),
|
||||
// []byte("divnonce"),
|
||||
// )
|
||||
// Expect(err).ToNot(HaveOccurred())
|
||||
// chacha := aead.(*aeadChacha20Poly1305)
|
||||
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||
// Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
||||
// Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
||||
// })
|
||||
//
|
||||
// It("uses diversification nonces in initial key derivation", func() {
|
||||
// aead, err := DeriveKeysChacha20(
|
||||
// protocol.Version33,
|
||||
// false,
|
||||
// []byte("0123456789012345678901"),
|
||||
// []byte("nonce"),
|
||||
// protocol.ConnectionID(42),
|
||||
// []byte("chlo"),
|
||||
// []byte("scfg"),
|
||||
// []byte("cert"),
|
||||
// []byte("divnonce"),
|
||||
// )
|
||||
// Expect(err).ToNot(HaveOccurred())
|
||||
// chacha := aead.(*aeadChacha20Poly1305)
|
||||
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||
// Expect(chacha.myIV).To(Equal([]byte{0xc4, 0x12, 0x25, 0x64}))
|
||||
// Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
||||
// })
|
||||
// })
|
||||
|
||||
Context("AES-GCM", func() {
|
||||
It("derives non-fs keys", func() {
|
||||
|
||||
Reference in New Issue
Block a user