mirror of
https://github.com/refraction-networking/uquic.git
synced 2025-04-03 20:27:35 +03:00
add support for ChaCha20 header protection
This commit is contained in:
Marten Seemann
parent
33b74fca79
commit
fa89ec345a
6 changed files with 398 additions and 285 deletions
|
|
@ -4,83 +4,92 @@ import (
|
|||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"crypto/rand"
|
||||
"fmt"
|
||||
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
)
|
||||
|
||||
var _ = Describe("AEAD", func() {
|
||||
getSealerAndOpener := func() (LongHeaderSealer, LongHeaderOpener) {
|
||||
key := make([]byte, 16)
|
||||
hpKey := make([]byte, 16)
|
||||
rand.Read(key)
|
||||
rand.Read(hpKey)
|
||||
block, err := aes.NewCipher(key)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
aead, err := cipher.NewGCM(block)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
for i := range cipherSuites {
|
||||
cs := cipherSuites[i]
|
||||
|
||||
return newLongHeaderSealer(aead, newHeaderProtector(aesSuite, key, true)),
|
||||
newLongHeaderOpener(aead, newAESHeaderProtector(aesSuite, key, true))
|
||||
}
|
||||
Context(fmt.Sprintf("using %s", cs.name), func() {
|
||||
suite := cs.suite
|
||||
|
||||
Context("message encryption", func() {
|
||||
msg := []byte("Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.")
|
||||
ad := []byte("Donec in velit neque.")
|
||||
getSealerAndOpener := func() (LongHeaderSealer, LongHeaderOpener) {
|
||||
key := make([]byte, 16)
|
||||
hpKey := make([]byte, 16)
|
||||
rand.Read(key)
|
||||
rand.Read(hpKey)
|
||||
block, err := aes.NewCipher(key)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
aead, err := cipher.NewGCM(block)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
|
||||
It("encrypts and decrypts a message", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
encrypted := sealer.Seal(nil, msg, 0x1337, ad)
|
||||
opened, err := opener.Open(nil, encrypted, 0x1337, ad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(opened).To(Equal(msg))
|
||||
})
|
||||
|
||||
It("fails to open a message if the associated data is not the same", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
encrypted := sealer.Seal(nil, msg, 0x1337, ad)
|
||||
_, err := opener.Open(nil, encrypted, 0x1337, []byte("wrong ad"))
|
||||
Expect(err).To(MatchError(ErrDecryptionFailed))
|
||||
})
|
||||
|
||||
It("fails to open a message if the packet number is not the same", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
encrypted := sealer.Seal(nil, msg, 0x1337, ad)
|
||||
_, err := opener.Open(nil, encrypted, 0x42, ad)
|
||||
Expect(err).To(MatchError(ErrDecryptionFailed))
|
||||
})
|
||||
})
|
||||
|
||||
Context("header encryption", func() {
|
||||
It("encrypts and encrypts the header", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
var lastFourBitsDifferent int
|
||||
for i := 0; i < 100; i++ {
|
||||
sample := make([]byte, 16)
|
||||
rand.Read(sample)
|
||||
header := []byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}
|
||||
sealer.EncryptHeader(sample, &header[0], header[9:13])
|
||||
if header[0]&0xf != 0xb5&0xf {
|
||||
lastFourBitsDifferent++
|
||||
}
|
||||
Expect(header[0] & 0xf0).To(Equal(byte(0xb5 & 0xf0)))
|
||||
Expect(header[1:9]).To(Equal([]byte{1, 2, 3, 4, 5, 6, 7, 8}))
|
||||
Expect(header[9:13]).ToNot(Equal([]byte{0xde, 0xad, 0xbe, 0xef}))
|
||||
opener.DecryptHeader(sample, &header[0], header[9:13])
|
||||
Expect(header).To(Equal([]byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}))
|
||||
return newLongHeaderSealer(aead, newHeaderProtector(suite, key, true)),
|
||||
newLongHeaderOpener(aead, newHeaderProtector(suite, key, true))
|
||||
}
|
||||
Expect(lastFourBitsDifferent).To(BeNumerically(">", 75))
|
||||
})
|
||||
|
||||
It("fails to decrypt the header when using a different sample", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
header := []byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}
|
||||
sample := make([]byte, 16)
|
||||
rand.Read(sample)
|
||||
sealer.EncryptHeader(sample, &header[0], header[9:13])
|
||||
rand.Read(sample) // use a different sample
|
||||
opener.DecryptHeader(sample, &header[0], header[9:13])
|
||||
Expect(header).ToNot(Equal([]byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}))
|
||||
Context("message encryption", func() {
|
||||
msg := []byte("Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.")
|
||||
ad := []byte("Donec in velit neque.")
|
||||
|
||||
It("encrypts and decrypts a message", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
encrypted := sealer.Seal(nil, msg, 0x1337, ad)
|
||||
opened, err := opener.Open(nil, encrypted, 0x1337, ad)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(opened).To(Equal(msg))
|
||||
})
|
||||
|
||||
It("fails to open a message if the associated data is not the same", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
encrypted := sealer.Seal(nil, msg, 0x1337, ad)
|
||||
_, err := opener.Open(nil, encrypted, 0x1337, []byte("wrong ad"))
|
||||
Expect(err).To(MatchError(ErrDecryptionFailed))
|
||||
})
|
||||
|
||||
It("fails to open a message if the packet number is not the same", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
encrypted := sealer.Seal(nil, msg, 0x1337, ad)
|
||||
_, err := opener.Open(nil, encrypted, 0x42, ad)
|
||||
Expect(err).To(MatchError(ErrDecryptionFailed))
|
||||
})
|
||||
})
|
||||
|
||||
Context("header encryption", func() {
|
||||
It("encrypts and encrypts the header", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
var lastFourBitsDifferent int
|
||||
for i := 0; i < 100; i++ {
|
||||
sample := make([]byte, 16)
|
||||
rand.Read(sample)
|
||||
header := []byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}
|
||||
sealer.EncryptHeader(sample, &header[0], header[9:13])
|
||||
if header[0]&0xf != 0xb5&0xf {
|
||||
lastFourBitsDifferent++
|
||||
}
|
||||
Expect(header[0] & 0xf0).To(Equal(byte(0xb5 & 0xf0)))
|
||||
Expect(header[1:9]).To(Equal([]byte{1, 2, 3, 4, 5, 6, 7, 8}))
|
||||
Expect(header[9:13]).ToNot(Equal([]byte{0xde, 0xad, 0xbe, 0xef}))
|
||||
opener.DecryptHeader(sample, &header[0], header[9:13])
|
||||
Expect(header).To(Equal([]byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}))
|
||||
}
|
||||
Expect(lastFourBitsDifferent).To(BeNumerically(">", 75))
|
||||
})
|
||||
|
||||
It("fails to decrypt the header when using a different sample", func() {
|
||||
sealer, opener := getSealerAndOpener()
|
||||
header := []byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}
|
||||
sample := make([]byte, 16)
|
||||
rand.Read(sample)
|
||||
sealer.EncryptHeader(sample, &header[0], header[9:13])
|
||||
rand.Read(sample) // use a different sample
|
||||
opener.DecryptHeader(sample, &header[0], header[9:13])
|
||||
Expect(header).ToNot(Equal([]byte{0xb5, 1, 2, 3, 4, 5, 6, 7, 8, 0xde, 0xad, 0xbe, 0xef}))
|
||||
})
|
||||
})
|
||||
})
|
||||
})
|
||||
}
|
||||
})
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue