mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-03 20:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

drop 0-RTT write keys when receiving the 1-RTT keys

Browse source
This commit is contained in:
Marten Seemann 2019-08-11 13:10:25 +07:00
parent 40a993e31c
commit 22abcfe6fb
2 changed files with 4 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

4
internal/handshake/crypto_setup.go
View file

@ -568,6 +568,10 @@ func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.Cip
h.aead.SetWriteKey(suite, trafficSecret)
h.has1RTTSealer = true
h.logger.Debugf("Installed 1-RTT Write keys (using %s)", cipherSuiteName(suite.ID))
if h.zeroRTTSealer != nil {
h.zeroRTTSealer = nil
h.logger.Debugf("Dropping 0-RTT keys.")
}
default:
panic("unexpected write encryption level")
}

12
internal/handshake/crypto_setup_test.go
View file

@ -720,18 +720,6 @@ var _ = Describe("Crypto Setup TLS", func() {
Expect(server.ConnectionState().DidResume).To(BeTrue())
Expect(client.ConnectionState().DidResume).To(BeTrue())
opener, err := server.Get0RTTOpener()
Expect(err).ToNot(HaveOccurred())
Expect(opener).ToNot(BeNil())
sealer, err := client.Get0RTTSealer()
Expect(err).ToNot(HaveOccurred())
Expect(sealer).ToNot(BeNil())
// use the 0-RTT sealer and opener to encrypt and decrypt a message
plaintext := []byte("Lorem ipsum dolor sit amet")
msg := sealer.Seal(nil, plaintext, 0x1337, []byte("foobar"))
decrypted, err := opener.Open(nil, msg, 0x1337, []byte("foobar"))
Expect(err).ToNot(HaveOccurred())
Expect(decrypted).To(Equal(plaintext))
})
})
})