diff --git a/Changelog.md b/Changelog.md index 941a6d6d..7a5a8e5d 100644 --- a/Changelog.md +++ b/Changelog.md @@ -2,7 +2,7 @@ ## v0.6.0 (unreleased) -- Add support for QUIC 38 and 39, drop support for QUIC 35 +- Add support for QUIC 38 and 39, drop support for QUIC 35 and 36 - Added `quic.Config` options for maximal flow control windows - Add a `quic.Config` option for QUIC versions - Add a `quic.Config` option to request truncation of the connection ID from a server diff --git a/client_test.go b/client_test.go index 3b5dd13f..78043b7f 100644 --- a/client_test.go +++ b/client_test.go @@ -508,7 +508,7 @@ var _ = Describe("Client", func() { ConnectionID: 0x1337, } b := &bytes.Buffer{} - err := ph.Write(b, protocol.Version36, protocol.PerspectiveServer) + err := ph.Write(b, cl.version, protocol.PerspectiveServer) Expect(err).ToNot(HaveOccurred()) packetConn.dataToRead = b.Bytes() diff --git a/internal/crypto/null_aead.go b/internal/crypto/null_aead.go index e1cc6135..fa1ccb7b 100644 --- a/internal/crypto/null_aead.go +++ b/internal/crypto/null_aead.go @@ -7,8 +7,5 @@ func NewNullAEAD(p protocol.Perspective, v protocol.VersionNumber) AEAD { if v.UsesTLS() { return &nullAEADFNV64a{} } - return &nullAEADFNV128a{ - perspective: p, - version: v, - } + return &nullAEADFNV128a{perspective: p} } diff --git a/internal/crypto/null_aead_fnv128a.go b/internal/crypto/null_aead_fnv128a.go index 5e49aa98..ecc4010b 100644 --- a/internal/crypto/null_aead_fnv128a.go +++ b/internal/crypto/null_aead_fnv128a.go @@ -11,7 +11,6 @@ import ( // nullAEAD handles not-yet encrypted packets type nullAEADFNV128a struct { perspective protocol.Perspective - version protocol.VersionNumber } var _ AEAD = &nullAEADFNV128a{} @@ -25,12 +24,10 @@ func (n *nullAEADFNV128a) Open(dst, src []byte, packetNumber protocol.PacketNumb hash := fnv128a.New() hash.Write(associatedData) hash.Write(src[12:]) - if n.version >= protocol.Version37 { - if n.perspective == protocol.PerspectiveServer { - hash.Write([]byte("Client")) - } else { - hash.Write([]byte("Server")) - } + if n.perspective == protocol.PerspectiveServer { + hash.Write([]byte("Client")) + } else { + hash.Write([]byte("Server")) } testHigh, testLow := hash.Sum128() @@ -55,12 +52,10 @@ func (n *nullAEADFNV128a) Seal(dst, src []byte, packetNumber protocol.PacketNumb hash.Write(associatedData) hash.Write(src) - if n.version >= protocol.Version37 { - if n.perspective == protocol.PerspectiveServer { - hash.Write([]byte("Server")) - } else { - hash.Write([]byte("Client")) - } + if n.perspective == protocol.PerspectiveServer { + hash.Write([]byte("Server")) + } else { + hash.Write([]byte("Client")) } high, low := hash.Sum128() diff --git a/internal/crypto/null_aead_fnv128a_test.go b/internal/crypto/null_aead_fnv128a_test.go index e632986c..9fbc2a77 100644 --- a/internal/crypto/null_aead_fnv128a_test.go +++ b/internal/crypto/null_aead_fnv128a_test.go @@ -11,32 +11,37 @@ var _ = Describe("NullAEAD using FNV128a", func() { plainText := []byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood.") hash36 := []byte{0x98, 0x9b, 0x33, 0x3f, 0xe8, 0xde, 0x32, 0x5c, 0xa6, 0x7f, 0x9c, 0xf7} - It("opens", func() { - cipherText := append(hash36, plainText...) - aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36) - res, err := aead.Open(nil, cipherText, 0, aad) - Expect(err).ToNot(HaveOccurred()) - Expect(res).To(Equal(plainText)) + var aeadServer AEAD + var aeadClient AEAD + + BeforeEach(func() { + aeadServer = NewNullAEAD(protocol.PerspectiveServer, protocol.Version37) + aeadClient = NewNullAEAD(protocol.PerspectiveClient, protocol.Version37) }) - It("seals", func() { - aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36) - sealed := aead.Seal(nil, plainText, 0, aad) - Expect(sealed).To(Equal(append(hash36, plainText...))) - Expect(sealed).To(HaveLen(len(plainText) + aead.Overhead())) + It("seals and opens, client => server", func() { + cipherText := aeadClient.Seal(nil, plainText, 0, aad) + res, err := aeadServer.Open(nil, cipherText, 0, aad) + Expect(err).ToNot(HaveOccurred()) + Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood."))) + }) + + It("seals and opens, server => client", func() { + cipherText := aeadServer.Seal(nil, plainText, 0, aad) + res, err := aeadClient.Open(nil, cipherText, 0, aad) + Expect(err).ToNot(HaveOccurred()) + Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood."))) }) It("rejects short ciphertexts", func() { - aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36) - _, err := aead.Open(nil, nil, 0, nil) + _, err := aeadServer.Open(nil, nil, 0, nil) Expect(err).To(MatchError("NullAEAD: ciphertext cannot be less than 12 bytes long")) }) It("seals in-place", func() { - aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36) buf := make([]byte, 6, 12+6) copy(buf, []byte("foobar")) - res := aead.Seal(buf[0:0], buf, 0, nil) + res := aeadServer.Seal(buf[0:0], buf, 0, nil) buf = buf[:12+6] Expect(buf[12:]).To(Equal([]byte("foobar"))) Expect(res[12:]).To(Equal([]byte("foobar"))) @@ -44,32 +49,7 @@ var _ = Describe("NullAEAD using FNV128a", func() { It("fails", func() { cipherText := append(append(hash36, plainText...), byte(0x42)) - aead := NewNullAEAD(protocol.PerspectiveServer, protocol.Version36) - _, err := aead.Open(nil, cipherText, 0, aad) + _, err := aeadClient.Open(nil, cipherText, 0, aad) Expect(err).To(HaveOccurred()) }) - - Context("including the perspective, for QUIC >= 37", func() { - var aeadServer AEAD - var aeadClient AEAD - - BeforeEach(func() { - aeadServer = NewNullAEAD(protocol.PerspectiveServer, protocol.Version37) - aeadClient = NewNullAEAD(protocol.PerspectiveClient, protocol.Version37) - }) - - It("opens, for QUIC version >= 37, as a server", func() { - cipherText := aeadClient.Seal(nil, plainText, 0, aad) - res, err := aeadServer.Open(nil, cipherText, 0, aad) - Expect(err).ToNot(HaveOccurred()) - Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood."))) - }) - - It("opens, for QUIC version >= 37, as a client", func() { - cipherText := aeadServer.Seal(nil, plainText, 0, aad) - res, err := aeadClient.Open(nil, cipherText, 0, aad) - Expect(err).ToNot(HaveOccurred()) - Expect(res).To(Equal([]byte("They are endowed with reason and conscience and should act towards one another in a spirit of brotherhood."))) - }) - }) }) diff --git a/internal/crypto/null_aead_test.go b/internal/crypto/null_aead_test.go index a456f541..092dd9b9 100644 --- a/internal/crypto/null_aead_test.go +++ b/internal/crypto/null_aead_test.go @@ -10,7 +10,6 @@ var _ = Describe("NullAEAD", func() { It("selects the right FVN variant", func() { Expect(NewNullAEAD(protocol.PerspectiveClient, protocol.Version39)).To(Equal(&nullAEADFNV128a{ perspective: protocol.PerspectiveClient, - version: protocol.Version39, })) Expect(NewNullAEAD(protocol.PerspectiveClient, protocol.VersionTLS)).To(Equal(&nullAEADFNV64a{})) }) diff --git a/internal/handshake/connection_parameters_manager_test.go b/internal/handshake/connection_parameters_manager_test.go index b1ff4d1d..e5d02972 100644 --- a/internal/handshake/connection_parameters_manager_test.go +++ b/internal/handshake/connection_parameters_manager_test.go @@ -22,14 +22,14 @@ var _ = Describe("ConnectionsParameterManager", func() { BeforeEach(func() { cpm = NewConnectionParamatersManager( protocol.PerspectiveServer, - protocol.Version36, + protocol.VersionWhatever, maxReceiveStreamFlowControlWindowServer, maxReceiveConnectionFlowControlWindowServer, idleTimeout, ).(*connectionParametersManager) cpmClient = NewConnectionParamatersManager( protocol.PerspectiveClient, - protocol.Version36, + protocol.VersionWhatever, maxReceiveStreamFlowControlWindowClient, maxReceiveConnectionFlowControlWindowClient, idleTimeout, diff --git a/internal/handshake/crypto_setup_client_test.go b/internal/handshake/crypto_setup_client_test.go index 9e3a2e31..181427bc 100644 --- a/internal/handshake/crypto_setup_client_test.go +++ b/internal/handshake/crypto_setup_client_test.go @@ -107,7 +107,7 @@ var _ = Describe("Client Crypto Setup", func() { stream = newMockStream() certManager = &mockCertManager{} - version := protocol.Version36 + version := protocol.Version37 aeadChanged = make(chan protocol.EncryptionLevel, 2) csInt, err := NewCryptoSetupClient( "hostname", @@ -216,10 +216,11 @@ var _ = Describe("Client Crypto Setup", func() { }) It("doesn't care about unsupported versions", func() { - cs.negotiatedVersions = []protocol.VersionNumber{protocol.VersionUnsupported, protocol.Version36, protocol.VersionUnsupported} + ver := protocol.SupportedVersions[0] + cs.negotiatedVersions = []protocol.VersionNumber{protocol.VersionUnsupported, ver, protocol.VersionUnsupported} b := &bytes.Buffer{} b.Write([]byte{0, 0, 0, 0}) - utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(protocol.Version36)) + utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(ver)) b.Write([]byte{0x13, 0x37, 0x13, 0x37}) Expect(cs.validateVersionList(b.Bytes())).To(BeTrue()) }) @@ -411,10 +412,11 @@ var _ = Describe("Client Crypto Setup", func() { }) It("accepts a SHLO after a version negotiation", func() { - cs.negotiatedVersions = []protocol.VersionNumber{protocol.Version36} + ver := protocol.SupportedVersions[0] + cs.negotiatedVersions = []protocol.VersionNumber{ver} cs.receivedSecurePacket = true b := &bytes.Buffer{} - utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(protocol.Version36)) + utils.LittleEndian.WriteUint32(b, protocol.VersionNumberToTag(ver)) shloMap[TagVER] = b.Bytes() err := cs.handleSHLOMessage(shloMap) Expect(err).ToNot(HaveOccurred()) @@ -486,7 +488,7 @@ var _ = Describe("Client Crypto Setup", func() { Expect(err).ToNot(HaveOccurred()) Expect(string(tags[TagSNI])).To(Equal(cs.hostname)) Expect(tags[TagPDMD]).To(Equal([]byte("X509"))) - Expect(tags[TagVER]).To(Equal([]byte("Q036"))) + Expect(tags[TagVER]).To(Equal([]byte("Q037"))) Expect(tags[TagCCS]).To(Equal(certManager.commonCertificateHashes)) Expect(tags).ToNot(HaveKey(TagTCID)) }) diff --git a/internal/protocol/version.go b/internal/protocol/version.go index 12cf91d8..5f269808 100644 --- a/internal/protocol/version.go +++ b/internal/protocol/version.go @@ -5,8 +5,7 @@ type VersionNumber int // The version numbers, making grepping easier const ( - Version36 VersionNumber = 36 + iota - Version37 + Version37 VersionNumber = 37 + iota Version38 Version39 VersionTLS VersionNumber = 101 @@ -21,7 +20,6 @@ var SupportedVersions = []VersionNumber{ Version39, Version38, Version37, - Version36, } // UsesTLS says if this QUIC version uses TLS 1.3 for the handshake diff --git a/internal/protocol/version_test.go b/internal/protocol/version_test.go index fbaa2410..4f7436c7 100644 --- a/internal/protocol/version_test.go +++ b/internal/protocol/version_test.go @@ -7,7 +7,6 @@ import ( var _ = Describe("Version", func() { It("says if a version supports TLS", func() { - Expect(Version36.UsesTLS()).To(BeFalse()) Expect(Version37.UsesTLS()).To(BeFalse()) Expect(Version38.UsesTLS()).To(BeFalse()) Expect(Version39.UsesTLS()).To(BeFalse()) diff --git a/internal/utils/byteorder_test.go b/internal/utils/byteorder_test.go index 16ba55c2..7547bafe 100644 --- a/internal/utils/byteorder_test.go +++ b/internal/utils/byteorder_test.go @@ -8,8 +8,8 @@ import ( var _ = Describe("Byte Order", func() { It("says little Little Endian before QUIC 39", func() { - Expect(GetByteOrder(protocol.Version36)).To(Equal(LittleEndian)) Expect(GetByteOrder(protocol.Version37)).To(Equal(LittleEndian)) + Expect(GetByteOrder(protocol.Version38)).To(Equal(LittleEndian)) }) It("says little Little Endian for QUIC 39", func() { diff --git a/internal/wire/public_header_test.go b/internal/wire/public_header_test.go index 5c42f33d..4ff9d6cf 100644 --- a/internal/wire/public_header_test.go +++ b/internal/wire/public_header_test.go @@ -365,7 +365,7 @@ var _ = Describe("Public Header", func() { b := &bytes.Buffer{} hdr := PublicHeader{ VersionFlag: true, - VersionNumber: protocol.Version36, + VersionNumber: protocol.Version38, ConnectionID: 0x4cfa9f9b668619f6, PacketNumber: 0x1337, PacketNumberLen: protocol.PacketNumberLen6, @@ -377,7 +377,7 @@ var _ = Describe("Public Header", func() { firstByte, _ := b.ReadByte() Expect(firstByte & 0x01).To(Equal(uint8(1))) Expect(firstByte & 0x30).To(Equal(uint8(0x30))) - Expect(string(b.Bytes()[8:12])).To(Equal("Q036")) + Expect(string(b.Bytes()[8:12])).To(Equal("Q038")) Expect(b.Bytes()[12:18]).To(Equal([]byte{0x37, 0x13, 0, 0, 0, 0})) }) }) @@ -455,7 +455,7 @@ var _ = Describe("Public Header", func() { PacketNumber: 0xDECAFBAD, PacketNumberLen: protocol.PacketNumberLen6, VersionFlag: true, - VersionNumber: protocol.Version36, + VersionNumber: versionLittleEndian, } length, err := hdr.GetLength(protocol.PerspectiveClient) Expect(err).ToNot(HaveOccurred()) diff --git a/packet_unpacker_test.go b/packet_unpacker_test.go index f51bae2c..238e0a3f 100644 --- a/packet_unpacker_test.go +++ b/packet_unpacker_test.go @@ -17,7 +17,7 @@ type mockAEAD struct { } func (m *mockAEAD) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error) { - nullAEAD := crypto.NewNullAEAD(protocol.PerspectiveServer, protocol.VersionWhatever) + nullAEAD := crypto.NewNullAEAD(protocol.PerspectiveClient, protocol.VersionWhatever) res, err := nullAEAD.Open(dst, src, packetNumber, associatedData) return res, m.encLevelOpen, err }