mirrors/uquic
1
0
Fork 0
mirror of https://github.com/refraction-networking/uquic.git synced 2025-04-03 20:27:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

use the KEY_UPDATE_ERROR code when the peer updates keys too frequently

Browse source
This commit is contained in:
Marten Seemann 2020-09-10 18:14:27 +07:00
parent 10797cfc79
commit 8cb0570cb1
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
internal/handshake/updatable_aead.go
View file

@ -182,13 +182,13 @@ func (a *updatableAEAD) Open(dst, src []byte, rcvTime time.Time, pn protocol.Pac
// try opening the packet with the next key phase
dec, err := a.nextRcvAEAD.Open(dst, a.nonceBuf, src, ad)
if err == nil && receivedWrongInitialKeyPhase {
return nil, qerr.NewError(qerr.ProtocolViolation, "wrong initial key phase")
return nil, qerr.NewError(qerr.KeyUpdateError, "wrong initial key phase")
} else if err != nil {
return nil, ErrDecryptionFailed
}
// Opening succeeded. Check if the peer was allowed to update.
if a.firstSentWithCurrentKey == protocol.InvalidPacketNumber {
return nil, qerr.NewError(qerr.ProtocolViolation, "keys updated too quickly")
return nil, qerr.NewError(qerr.KeyUpdateError, "keys updated too quickly")
}
a.rollKeys()
// The peer initiated this key update. It's safe to drop the keys for the previous generation now.