log the cipher suite

2025-04-04 04:37:36 +03:00 · 2019-09-07 11:47:21 +07:00 · 2019-09-07 11:47:21 +07:00 · de3e1a3de5
commit de3e1a3de5
parent fa89ec345a
5 changed files with 43 additions and 45 deletions
--- a/internal/handshake/aead_test.go
+++ b/internal/handshake/aead_test.go
@ -14,9 +14,7 @@ var _ = Describe("AEAD", func() {
 	for i := range cipherSuites {
 		cs := cipherSuites[i]

-		Context(fmt.Sprintf("using %s", cs.name), func() {
-			suite := cs.suite
-
+		Context(fmt.Sprintf("using %s", cipherSuiteName(cs.ID)), func() {
 			getSealerAndOpener := func() (LongHeaderSealer, LongHeaderOpener) {
 				key := make([]byte, 16)
 				hpKey := make([]byte, 16)
@ -27,8 +25,8 @@ var _ = Describe("AEAD", func() {
 				aead, err := cipher.NewGCM(block)
 				Expect(err).ToNot(HaveOccurred())

-				return newLongHeaderSealer(aead, newHeaderProtector(suite, key, true)),
-					newLongHeaderOpener(aead, newHeaderProtector(suite, key, true))
+				return newLongHeaderSealer(aead, newHeaderProtector(cs, key, true)),
+					newLongHeaderOpener(aead, newHeaderProtector(cs, key, true))
 			}

 			Context("message encryption", func() {
--- a/internal/handshake/crypto_setup.go
+++ b/internal/handshake/crypto_setup.go
@ -500,12 +500,12 @@ func (h *cryptoSetup) SetReadKey(encLevel qtls.EncryptionLevel, suite *qtls.Ciph
 			createAEAD(suite, trafficSecret),
 			newHeaderProtector(suite, trafficSecret, true),
 		)
-		h.logger.Debugf("Installed Handshake Read keys")
+		h.logger.Debugf("Installed Handshake Read keys (using %s)", cipherSuiteName(suite.ID))
 	case qtls.EncryptionApplication:
 		h.readEncLevel = protocol.Encryption1RTT
 		h.aead.SetReadKey(suite, trafficSecret)
 		h.has1RTTOpener = true
-		h.logger.Debugf("Installed 1-RTT Read keys")
+		h.logger.Debugf("Installed 1-RTT Read keys (using %s)", cipherSuiteName(suite.ID))
 	default:
 		panic("unexpected read encryption level")
 	}
@ -522,12 +522,12 @@ func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.Cip
 			createAEAD(suite, trafficSecret),
 			newHeaderProtector(suite, trafficSecret, true),
 		)
-		h.logger.Debugf("Installed Handshake Write keys")
+		h.logger.Debugf("Installed Handshake Write keys (using %s)", cipherSuiteName(suite.ID))
 	case qtls.EncryptionApplication:
 		h.writeEncLevel = protocol.Encryption1RTT
 		h.aead.SetWriteKey(suite, trafficSecret)
 		h.has1RTTSealer = true
-		h.logger.Debugf("Installed 1-RTT Write keys")
+		h.logger.Debugf("Installed 1-RTT Write keys (using %s)", cipherSuiteName(suite.ID))
 	default:
 		panic("unexpected write encryption level")
 	}
--- a/internal/handshake/handshake_suite_test.go
+++ b/internal/handshake/handshake_suite_test.go
@ -31,36 +31,24 @@ var _ = AfterEach(func() {

 var aeadChaCha20Poly1305 func(key, nonceMask []byte) cipher.AEAD

-var cipherSuites = []struct {
-	name  string
-	suite *qtls.CipherSuiteTLS13
-}{
-	{
-		name: "TLS_AES_128_GCM_SHA256",
-		suite: &qtls.CipherSuiteTLS13{
-			ID:     qtls.TLS_AES_128_GCM_SHA256,
-			KeyLen: 16,
-			AEAD:   qtls.AEADAESGCMTLS13,
-			Hash:   crypto.SHA256,
-		},
+var cipherSuites = []*qtls.CipherSuiteTLS13{
+	&qtls.CipherSuiteTLS13{
+		ID:     qtls.TLS_AES_128_GCM_SHA256,
+		KeyLen: 16,
+		AEAD:   qtls.AEADAESGCMTLS13,
+		Hash:   crypto.SHA256,
 	},
-	{
-		name: "TLS_AES_256_GCM_SHA384",
-		suite: &qtls.CipherSuiteTLS13{
-			ID:     qtls.TLS_AES_256_GCM_SHA384,
-			KeyLen: 32,
-			AEAD:   qtls.AEADAESGCMTLS13,
-			Hash:   crypto.SHA384,
-		},
+	&qtls.CipherSuiteTLS13{
+		ID:     qtls.TLS_AES_256_GCM_SHA384,
+		KeyLen: 32,
+		AEAD:   qtls.AEADAESGCMTLS13,
+		Hash:   crypto.SHA384,
 	},
-	{
-		name: "TLS_CHACHA20_POLY1305_SHA256",
-		suite: &qtls.CipherSuiteTLS13{
-			ID:     qtls.TLS_CHACHA20_POLY1305_SHA256,
-			KeyLen: 32,
-			AEAD:   nil, // will be set by init
-			Hash:   crypto.SHA256,
-		},
+	&qtls.CipherSuiteTLS13{
+		ID:     qtls.TLS_CHACHA20_POLY1305_SHA256,
+		KeyLen: 32,
+		AEAD:   nil, // will be set by init
+		Hash:   crypto.SHA256,
 	},
 }

@ -69,8 +57,8 @@ func init() {
 		panic(err)
 	}
 	for _, s := range cipherSuites {
-		if s.suite.ID == qtls.TLS_CHACHA20_POLY1305_SHA256 {
-			s.suite.AEAD = aeadChaCha20Poly1305
+		if s.ID == qtls.TLS_CHACHA20_POLY1305_SHA256 {
+			s.AEAD = aeadChaCha20Poly1305
 		}
 	}
 }
--- a/internal/handshake/qtls.go
+++ b/internal/handshake/qtls.go
@ -131,3 +131,16 @@ func tlsConfigToQtlsConfig(
 		ReceivedExtensions:     extHandler.ReceivedExtensions,
 	}
 }
+
+func cipherSuiteName(id uint16) string {
+	switch id {
+	case qtls.TLS_AES_128_GCM_SHA256:
+		return "TLS_AES_128_GCM_SHA256"
+	case qtls.TLS_CHACHA20_POLY1305_SHA256:
+		return "TLS_CHACHA20_POLY1305_SHA256"
+	case qtls.TLS_AES_256_GCM_SHA384:
+		return "TLS_AES_256_GCM_SHA384"
+	default:
+		return "unknown cipher suite"
+	}
+}
--- a/internal/handshake/updatable_aead_test.go
+++ b/internal/handshake/updatable_aead_test.go
@ -17,8 +17,7 @@ var _ = Describe("Updatable AEAD", func() {
 	for i := range cipherSuites {
 		cs := cipherSuites[i]

-		Context(fmt.Sprintf("using %s", cs.name), func() {
-			suite := cs.suite
+		Context(fmt.Sprintf("using %s", cipherSuiteName(cs.ID)), func() {

 			getPeers := func(rttStats *congestion.RTTStats) (client, server *updatableAEAD) {
 				trafficSecret1 := make([]byte, 16)
@ -28,10 +27,10 @@ var _ = Describe("Updatable AEAD", func() {

 				client = newUpdatableAEAD(rttStats, utils.DefaultLogger)
 				server = newUpdatableAEAD(rttStats, utils.DefaultLogger)
-				client.SetReadKey(suite, trafficSecret2)
-				client.SetWriteKey(suite, trafficSecret1)
-				server.SetReadKey(suite, trafficSecret1)
-				server.SetWriteKey(suite, trafficSecret2)
+				client.SetReadKey(cs, trafficSecret2)
+				client.SetWriteKey(cs, trafficSecret1)
+				server.SetReadKey(cs, trafficSecret1)
+				server.SetWriteKey(cs, trafficSecret2)
 				return
 			}