mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-04 12:47:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

remove leftover code from v30

Browse source
This commit is contained in:
Lucas Clemente 2016-08-18 10:31:28 +02:00
parent 1d7cf74e48
commit 6239d80492
2 changed files with 4 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

13
crypto/proof_source.go
View file

@ -28,15 +28,10 @@ func (ps *proofSource) SignServerProof(sni string, chlo []byte, serverConfigData
}
hash := sha256.New()
if len(chlo) > 0 {
hash.Write([]byte("QUIC CHLO and server config signature\x00"))
chloHash := sha256.Sum256(chlo)
hash.Write([]byte{32, 0, 0, 0})
hash.Write(chloHash[:])
} else {
// TODO: Remove when we drop support for version 30
hash.Write([]byte("QUIC server config signature\x00"))
}
hash.Write([]byte("QUIC CHLO and server config signature\x00"))
chloHash := sha256.Sum256(chlo)
hash.Write([]byte{32, 0, 0, 0})
hash.Write(chloHash[:])
hash.Write(serverConfigData)
key, ok := cert.PrivateKey.(crypto.Signer)

28
crypto/proof_source_test.go
View file

@ -60,19 +60,6 @@ var _ = Describe("ProofRsa", func() {
err = rsa.VerifyPSS(key, crypto.SHA256, data, signature, &rsa.PSSOptions{SaltLength: 32})
Expect(err).ToNot(HaveOccurred())
})
It("gives valid signatures for version 30", func() {
key := testdata.GetTLSConfig().Certificates[0].PrivateKey.(*rsa.PrivateKey).Public().(*rsa.PublicKey)
kd, err := NewProofSource(testdata.GetTLSConfig())
Expect(err).ToNot(HaveOccurred())
signature, err := kd.SignServerProof("", nil, []byte{'S', 'C', 'F', 'G'})
Expect(err).ToNot(HaveOccurred())
// Generated with:
// ruby -e 'require "digest"; p Digest::SHA256.digest("QUIC server config signature\x00" + "SCFG")'
data := []byte("\x1D\xBB\v\xE9\x14\xD5Q\v\x83\xDB\xA7\x91\xB7\xDAO\xC2\xD3\xE6\xCC\xB2\xE8\xC3QW\x86\t\xB4\b6\x9C\x91C")
err = rsa.VerifyPSS(key, crypto.SHA256, data, signature, &rsa.PSSOptions{SaltLength: 32})
Expect(err).ToNot(HaveOccurred())
})
})
Context("when using ECDSA", func() {
@ -106,21 +93,6 @@ var _ = Describe("ProofRsa", func() {
b := ecdsa.Verify(key.Public().(*ecdsa.PublicKey), data, s.R, s.S)
Expect(b).To(BeTrue())
})
It("gives valid signatures for version 30", func() {
kd, err := NewProofSource(config)
Expect(err).ToNot(HaveOccurred())
signature, err := kd.SignServerProof("", nil, []byte{'S', 'C', 'F', 'G'})
Expect(err).ToNot(HaveOccurred())
// Generated with:
// ruby -e 'require "digest"; p Digest::SHA256.digest("QUIC server config signature\x00" + "SCFG")'
data := []byte("\x1D\xBB\v\xE9\x14\xD5Q\v\x83\xDB\xA7\x91\xB7\xDAO\xC2\xD3\xE6\xCC\xB2\xE8\xC3QW\x86\t\xB4\b6\x9C\x91C")
s := &ecdsaSignature{}
_, err = asn1.Unmarshal(signature, s)
Expect(err).NotTo(HaveOccurred())
b := ecdsa.Verify(key.Public().(*ecdsa.PublicKey), data, s.R, s.S)
Expect(b).To(BeTrue())
})
})
Context("retrieving certificate", func() {