mirror of
https://github.com/refraction-networking/uquic.git
synced 2025-04-04 20:57:36 +03:00
76 lines
2 KiB
Go
76 lines
2 KiB
Go
package handshake
|
|
|
|
import (
|
|
"crypto"
|
|
"crypto/cipher"
|
|
"crypto/rand"
|
|
"crypto/tls"
|
|
"testing"
|
|
"unsafe"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
var tls13CipherSuites = []uint16{tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384, tls.TLS_CHACHA20_POLY1305_SHA256}
|
|
|
|
type cipherSuiteTLS13 struct {
|
|
ID uint16
|
|
KeyLen int
|
|
AEAD func(key, fixedNonce []byte) cipher.AEAD
|
|
Hash crypto.Hash
|
|
}
|
|
|
|
//go:linkname cipherSuitesTLS13 crypto/tls.cipherSuitesTLS13
|
|
var cipherSuitesTLS13 []unsafe.Pointer
|
|
|
|
func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 {
|
|
for _, v := range cipherSuitesTLS13 {
|
|
cs := (*cipherSuiteTLS13)(v)
|
|
if cs.ID == id {
|
|
return cs
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
//go:linkname nextTrafficSecret crypto/tls.(*cipherSuiteTLS13).nextTrafficSecret
|
|
func nextTrafficSecret(cs *cipherSuiteTLS13, trafficSecret []byte) []byte
|
|
|
|
func TestHKDF(t *testing.T) {
|
|
for _, id := range tls13CipherSuites {
|
|
t.Run(tls.CipherSuiteName(id), func(t *testing.T) {
|
|
cs := cipherSuiteTLS13ByID(id)
|
|
expected := nextTrafficSecret(cs, []byte("foobar"))
|
|
expanded := hkdfExpandLabel(cs.Hash, []byte("foobar"), nil, "traffic upd", cs.Hash.Size())
|
|
require.Equal(t, expected, expanded)
|
|
})
|
|
}
|
|
}
|
|
|
|
// As of Go 1.24, the standard library and our implementation of hkdfExpandLabel should provide the same performance.
|
|
func BenchmarkHKDFExpandLabelStandardLibrary(b *testing.B) {
|
|
for _, id := range tls13CipherSuites {
|
|
b.Run(tls.CipherSuiteName(id), func(b *testing.B) { benchmarkHKDFExpandLabel(b, id, true) })
|
|
}
|
|
}
|
|
|
|
func BenchmarkHKDFExpandLabelOurs(b *testing.B) {
|
|
for _, id := range tls13CipherSuites {
|
|
b.Run(tls.CipherSuiteName(id), func(b *testing.B) { benchmarkHKDFExpandLabel(b, id, false) })
|
|
}
|
|
}
|
|
|
|
func benchmarkHKDFExpandLabel(b *testing.B, cipherSuite uint16, useStdLib bool) {
|
|
b.ReportAllocs()
|
|
cs := cipherSuiteTLS13ByID(cipherSuite)
|
|
secret := make([]byte, 32)
|
|
rand.Read(secret)
|
|
b.ResetTimer()
|
|
for i := 0; i < b.N; i++ {
|
|
if useStdLib {
|
|
nextTrafficSecret(cs, secret)
|
|
} else {
|
|
hkdfExpandLabel(cs.Hash, secret, nil, "traffic upd", cs.Hash.Size())
|
|
}
|
|
}
|
|
}
|