forked from quic-go/quic-go
disable chacha20 build until we have solved the dependency situation
This commit is contained in:
Lucas Clemente
@@ -1,3 +1,5 @@
|
|||||||
|
// +build ignore
|
||||||
|
|
||||||
package crypto
|
package crypto
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|||||||
@@ -1,3 +1,5 @@
|
|||||||
|
// +build ignore
|
||||||
|
|
||||||
package crypto
|
package crypto
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|||||||
@@ -12,13 +12,13 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// DeriveKeysChacha20 derives the client and server keys and creates a matching chacha20poly1305 AEAD instance
|
// DeriveKeysChacha20 derives the client and server keys and creates a matching chacha20poly1305 AEAD instance
|
||||||
func DeriveKeysChacha20(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
// func DeriveKeysChacha20(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
||||||
otherKey, myKey, otherIV, myIV, err := deriveKeys(version, forwardSecure, sharedSecret, nonces, connID, chlo, scfg, cert, divNonce, 32)
|
// otherKey, myKey, otherIV, myIV, err := deriveKeys(version, forwardSecure, sharedSecret, nonces, connID, chlo, scfg, cert, divNonce, 32)
|
||||||
if err != nil {
|
// if err != nil {
|
||||||
return nil, err
|
// return nil, err
|
||||||
}
|
// }
|
||||||
return NewAEADChacha20Poly1305(otherKey, myKey, otherIV, myIV)
|
// return NewAEADChacha20Poly1305(otherKey, myKey, otherIV, myIV)
|
||||||
}
|
// }
|
||||||
|
|
||||||
// DeriveKeysAESGCM derives the client and server keys and creates a matching AES-GCM AEAD instance
|
// DeriveKeysAESGCM derives the client and server keys and creates a matching AES-GCM AEAD instance
|
||||||
func DeriveKeysAESGCM(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
func DeriveKeysAESGCM(version protocol.VersionNumber, forwardSecure bool, sharedSecret, nonces []byte, connID protocol.ConnectionID, chlo []byte, scfg []byte, cert []byte, divNonce []byte) (AEAD, error) {
|
||||||
|
|||||||
@@ -8,83 +8,83 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
var _ = Describe("KeyDerivation", func() {
|
var _ = Describe("KeyDerivation", func() {
|
||||||
Context("chacha20poly1305", func() {
|
// Context("chacha20poly1305", func() {
|
||||||
It("derives non-fs keys", func() {
|
// It("derives non-fs keys", func() {
|
||||||
aead, err := DeriveKeysChacha20(
|
// aead, err := DeriveKeysChacha20(
|
||||||
protocol.Version32,
|
// protocol.Version32,
|
||||||
false,
|
// false,
|
||||||
[]byte("0123456789012345678901"),
|
// []byte("0123456789012345678901"),
|
||||||
[]byte("nonce"),
|
// []byte("nonce"),
|
||||||
protocol.ConnectionID(42),
|
// protocol.ConnectionID(42),
|
||||||
[]byte("chlo"),
|
// []byte("chlo"),
|
||||||
[]byte("scfg"),
|
// []byte("scfg"),
|
||||||
[]byte("cert"),
|
// []byte("cert"),
|
||||||
nil,
|
// nil,
|
||||||
)
|
// )
|
||||||
Expect(err).ToNot(HaveOccurred())
|
// Expect(err).ToNot(HaveOccurred())
|
||||||
chacha := aead.(*aeadChacha20Poly1305)
|
// chacha := aead.(*aeadChacha20Poly1305)
|
||||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||||
Expect(chacha.myIV).To(Equal([]byte{0xf0, 0xf5, 0x4c, 0xa8}))
|
// Expect(chacha.myIV).To(Equal([]byte{0xf0, 0xf5, 0x4c, 0xa8}))
|
||||||
Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
// Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
||||||
})
|
// })
|
||||||
|
//
|
||||||
It("derives fs keys", func() {
|
// It("derives fs keys", func() {
|
||||||
aead, err := DeriveKeysChacha20(
|
// aead, err := DeriveKeysChacha20(
|
||||||
protocol.Version32,
|
// protocol.Version32,
|
||||||
true,
|
// true,
|
||||||
[]byte("0123456789012345678901"),
|
// []byte("0123456789012345678901"),
|
||||||
[]byte("nonce"),
|
// []byte("nonce"),
|
||||||
protocol.ConnectionID(42),
|
// protocol.ConnectionID(42),
|
||||||
[]byte("chlo"),
|
// []byte("chlo"),
|
||||||
[]byte("scfg"),
|
// []byte("scfg"),
|
||||||
[]byte("cert"),
|
// []byte("cert"),
|
||||||
nil,
|
// nil,
|
||||||
)
|
// )
|
||||||
Expect(err).ToNot(HaveOccurred())
|
// Expect(err).ToNot(HaveOccurred())
|
||||||
chacha := aead.(*aeadChacha20Poly1305)
|
// chacha := aead.(*aeadChacha20Poly1305)
|
||||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||||
Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
// Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
||||||
Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
// Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
||||||
})
|
// })
|
||||||
|
//
|
||||||
It("does not use diversification nonces in FS key derivation", func() {
|
// It("does not use diversification nonces in FS key derivation", func() {
|
||||||
aead, err := DeriveKeysChacha20(
|
// aead, err := DeriveKeysChacha20(
|
||||||
protocol.Version33,
|
// protocol.Version33,
|
||||||
true,
|
// true,
|
||||||
[]byte("0123456789012345678901"),
|
// []byte("0123456789012345678901"),
|
||||||
[]byte("nonce"),
|
// []byte("nonce"),
|
||||||
protocol.ConnectionID(42),
|
// protocol.ConnectionID(42),
|
||||||
[]byte("chlo"),
|
// []byte("chlo"),
|
||||||
[]byte("scfg"),
|
// []byte("scfg"),
|
||||||
[]byte("cert"),
|
// []byte("cert"),
|
||||||
[]byte("divnonce"),
|
// []byte("divnonce"),
|
||||||
)
|
// )
|
||||||
Expect(err).ToNot(HaveOccurred())
|
// Expect(err).ToNot(HaveOccurred())
|
||||||
chacha := aead.(*aeadChacha20Poly1305)
|
// chacha := aead.(*aeadChacha20Poly1305)
|
||||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||||
Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
// Expect(chacha.myIV).To(Equal([]byte{0xf5, 0x73, 0x11, 0x79}))
|
||||||
Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
// Expect(chacha.otherIV).To(Equal([]byte{0xf7, 0x26, 0x4d, 0x2c}))
|
||||||
})
|
// })
|
||||||
|
//
|
||||||
It("uses diversification nonces in initial key derivation", func() {
|
// It("uses diversification nonces in initial key derivation", func() {
|
||||||
aead, err := DeriveKeysChacha20(
|
// aead, err := DeriveKeysChacha20(
|
||||||
protocol.Version33,
|
// protocol.Version33,
|
||||||
false,
|
// false,
|
||||||
[]byte("0123456789012345678901"),
|
// []byte("0123456789012345678901"),
|
||||||
[]byte("nonce"),
|
// []byte("nonce"),
|
||||||
protocol.ConnectionID(42),
|
// protocol.ConnectionID(42),
|
||||||
[]byte("chlo"),
|
// []byte("chlo"),
|
||||||
[]byte("scfg"),
|
// []byte("scfg"),
|
||||||
[]byte("cert"),
|
// []byte("cert"),
|
||||||
[]byte("divnonce"),
|
// []byte("divnonce"),
|
||||||
)
|
// )
|
||||||
Expect(err).ToNot(HaveOccurred())
|
// Expect(err).ToNot(HaveOccurred())
|
||||||
chacha := aead.(*aeadChacha20Poly1305)
|
// chacha := aead.(*aeadChacha20Poly1305)
|
||||||
// If the IVs match, the keys will match too, since the keys are read earlier
|
// // If the IVs match, the keys will match too, since the keys are read earlier
|
||||||
Expect(chacha.myIV).To(Equal([]byte{0xc4, 0x12, 0x25, 0x64}))
|
// Expect(chacha.myIV).To(Equal([]byte{0xc4, 0x12, 0x25, 0x64}))
|
||||||
Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
// Expect(chacha.otherIV).To(Equal([]byte{0x75, 0xd8, 0xa2, 0x8d}))
|
||||||
})
|
// })
|
||||||
})
|
// })
|
||||||
|
|
||||||
Context("AES-GCM", func() {
|
Context("AES-GCM", func() {
|
||||||
It("derives non-fs keys", func() {
|
It("derives non-fs keys", func() {
|
||||||
|
|||||||
Reference in New Issue
Block a user