Mercurial > hg > nginx-tests

comparison lib/Test/Nginx/HTTP3.pm @ 1917:24fea64f233f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: TLS early data tests with HTTP/3.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 22 Jun 2023 15:35:19 +0400
parents 15131dd931a0
children 0e4ff5f83653
comparison
equal deleted inserted replaced
1916:6ab08c255dd3 1917:24fea64f233f
39 ); 39 );
40 40
41 $self->{repeat} = 0; 41 $self->{repeat} = 0;
42 $self->{token} = $extra{token} || ''; 42 $self->{token} = $extra{token} || '';
43 $self->{psk_list} = $extra{psk_list} || []; 43 $self->{psk_list} = $extra{psk_list} || [];
44 $self->{early_data} = $extra{early_data};
44 45
45 $self->{sni} = exists $extra{sni} ? $extra{sni} : 'localhost'; 46 $self->{sni} = exists $extra{sni} ? $extra{sni} : 'localhost';
46 $self->{cipher} = 0x1301; 47 $self->{cipher} = 0x1301;
47 $self->{ciphers} = $extra{ciphers} || "\x13\x01"; 48 $self->{ciphers} = $extra{ciphers} || "\x13\x01";
48 $self->{opts} = $extra{opts}; 49 $self->{opts} = $extra{opts};
60 61
61 return $self; 62 return $self;
62 } 63 }
63 64
64 sub init { 65 sub init {
65 my ($self, $early_data) = @_; 66 my ($self) = @_;
66 $self->{keys} = []; 67 $self->{keys} = [];
67 $self->{pn} = [[-1, -1, -1, -1], [-1, -1, -1, -1]]; 68 $self->{pn} = [[-1, -1, -1, -1], [-1, -1, -1, -1]];
68 $self->{crypto_in} = [[],[],[],[]]; 69 $self->{crypto_in} = [[],[],[],[]];
69 $self->{stream_in} = []; 70 $self->{stream_in} = [];
70 $self->{frames_in} = []; 71 $self->{frames_in} = [];
80 $self->{scid} = Crypt::PRNG::random_bytes(17); 81 $self->{scid} = Crypt::PRNG::random_bytes(17);
81 $self->{dcid} = Crypt::PRNG::random_bytes(18); 82 $self->{dcid} = Crypt::PRNG::random_bytes(18);
82 $self->{salt} = "\x38\x76\x2c\xf7\xf5\x59\x34\xb3\x4d\x17" 83 $self->{salt} = "\x38\x76\x2c\xf7\xf5\x59\x34\xb3\x4d\x17"
83 . "\x9a\xe6\xa4\xc8\x0c\xad\xcc\xbb\x7f\x0a"; 84 . "\x9a\xe6\xa4\xc8\x0c\xad\xcc\xbb\x7f\x0a";
84 $self->{ncid} = []; 85 $self->{ncid} = [];
85 $self->{early_data} = $early_data;
86 } 86 }
87 87
88 sub retry { 88 sub retry {
89 my ($self, %extra) = @_; 89 my ($self, %extra) = @_;
90 my $prk = Crypt::KeyDerivation::hkdf_extract($self->{dcid}, 90 my $prk = Crypt::KeyDerivation::hkdf_extract($self->{dcid},
127 Test::Nginx::log_core('||', "es = " . unpack("H*", $self->{es_prk})); 127 Test::Nginx::log_core('||', "es = " . unpack("H*", $self->{es_prk}));
128 $self->{sk} = Crypt::PK::X25519->new->generate_key; 128 $self->{sk} = Crypt::PK::X25519->new->generate_key;
129 } 129 }
130 130
131 sub initial { 131 sub initial {
132 my ($self, $ed) = @_; 132 my ($self) = @_;
133 $self->{tlsm}{ch} = $self->build_tls_client_hello(); 133 $self->{tlsm}{ch} = $self->build_tls_client_hello();
134 my $ch = $self->{tlsm}{ch}; 134 my $ch = $self->{tlsm}{ch};
135 my $crypto = build_crypto($ch); 135 my $crypto = build_crypto($ch);
136 my $padding = 1200 - length($crypto); 136 my $padding = 1200 - length($crypto);
137 $padding = 0 if $padding < 0 || $self->{psk}->{ed}; 137 $padding = 0 if $padding < 0;
138 $padding = 0 if $self->{psk}{ed} && $self->{early_data};
138 my $payload = $crypto . pack("x$padding"); 139 my $payload = $crypto . pack("x$padding");
139 my $initial = $self->encrypt_aead($payload, 0); 140 my $initial = $self->encrypt_aead($payload, 0);
140 141
141 if ($ed && $self->{psk}->{ed}) { 142 if ($self->{early_data} && $self->{psk}->{ed}) {
142 my ($hash, $hlen) = $self->{psk}{cipher} == 0x1302 ? 143 my ($hash, $hlen) = $self->{psk}{cipher} == 0x1302 ?
143 ('SHA384', 48) : ('SHA256', 32); 144 ('SHA384', 48) : ('SHA256', 32);
144 $self->set_traffic_keys('tls13 c e traffic', $hash, $hlen, 1, 145 $self->set_traffic_keys('tls13 c e traffic', $hash, $hlen, 1,
145 'w', $self->{es_prk}, Crypt::Digest::digest_data($hash, 146 'w', $self->{es_prk}, Crypt::Digest::digest_data($hash,
146 $self->{tlsm}{ch})); 147 $self->{tlsm}{ch}));
147 148
148 # my $ed = "\x0a\x02\x08\x00\x04\x02\x06\x1f\x0d\x00\x0a" 149 $payload = $self->build_new_stream($self->{early_data});
149 # . $self->build_stream("\x01\x06\x00\x00\xc0");
150 $payload = $ed;
151 # $payload = $self->build_stream("GET /\n");
152 $padding = 1200 - length($crypto) - length($payload); 150 $padding = 1200 - length($crypto) - length($payload);
153 $payload .= pack("x$padding") if $padding > 0; 151 $payload .= pack("x$padding") if $padding > 0;
154 $initial .= $self->encrypt_aead($payload, 1); 152 $initial .= $self->encrypt_aead($payload, 1);
155 } 153 }
156 154
245 "resumption = " . unpack("H*", $self->{rms_prk})); 243 "resumption = " . unpack("H*", $self->{rms_prk}));
246 244
247 my $crypto = build_crypto($finished); 245 my $crypto = build_crypto($finished);
248 $self->{socket}->syswrite($self->encrypt_aead($crypto, 2)); 246 $self->{socket}->syswrite($self->encrypt_aead($crypto, 2));
249 } 247 }
250
251 #if (!$psk->{ed}) {
252 # my $r = "\x0a\x02\x08\x00\x04\x02\x06\x1f\x0d\x00\x0a";
253 # $s->syswrite(encrypt_aead($r, 3));
254 # $r = "\x01\x06\x00\x00\xc0";
255 # $s->syswrite(encrypt_aead($self->build_stream($r), 3));
256 #}
257 248
258 sub DESTROY { 249 sub DESTROY {
259 my ($self) = @_; 250 my ($self) = @_;
260 251
261 return unless $self->{socket}; 252 return unless $self->{socket};
406 $self->{control_offset} += $length; 397 $self->{control_offset} += $length;
407 $self->raw_write("\x0e\x06" 398 $self->raw_write("\x0e\x06"
408 . build_int($offset) . build_int($length) . $buf); 399 . build_int($offset) . build_int($length) . $buf);
409 } 400 }
410 401
411 sub new_stream { 402 sub build_new_stream {
412 my ($self, $uri, $stream) = @_; 403 my ($self, $uri, $stream) = @_;
413 my ($input, $buf); 404 my ($input, $buf);
414 405
415 $self->{headers} = ''; 406 $self->{headers} = '';
416 407
457 $buf .= build_int(length($input)); 448 $buf .= build_int(length($input));
458 $buf .= $input; 449 $buf .= $input;
459 $buf .= pack_body($self, $body) if defined $body; 450 $buf .= pack_body($self, $body) if defined $body;
460 451
461 $self->{streams}{$self->{last_stream}}{sent} = length($buf); 452 $self->{streams}{$self->{last_stream}}{sent} = length($buf);
462 $self->raw_write($self->build_stream($buf, start => $uri->{body_more})); 453 $self->build_stream($buf, start => $uri->{body_more});
463 454 }
455
456 sub new_stream {
457 my ($self, $uri, $stream) = @_;
458 $self->raw_write($self->build_new_stream($uri, $stream));
464 return $self->{last_stream}; 459 return $self->{last_stream};
465 } 460 }
466 461
467 sub h3_body { 462 sub h3_body {
468 my ($self, $body, $sid, $extra) = @_; 463 my ($self, $body, $sid, $extra) = @_;