Mercurial > hg > nginx-tests

changeset 1933:9bafe7cddd3c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: improved QUIC key update tests with old keys. On unsuccessful protection removal, it is now retried with old keys. Otherwise, old keys are removed to ensure they're no longer in use.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 21 Aug 2023 17:26:47 +0400
parents b68471aee5ad
children 4d13c9e74d04
files lib/Test/Nginx/HTTP3.pm
diffstat 1 files changed, 16 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/lib/Test/Nginx/HTTP3.pm
+++ b/lib/Test/Nginx/HTTP3.pm
@@ -1721,6 +1721,18 @@ sub decrypt_aead {
 	my ($f, @args) = decrypt_aead_f($level, $self->{cipher});
 	my $plaintext = $f->(@args,
 		$self->{keys}[$level]{r}{key}, $nonce, $ad, $ciphertext, $tag);
+	if ($level == 3 && $self->{keys}[4]) {
+		if (!defined $plaintext) {
+			# in-flight packets might be protected with old keys
+			$nonce = substr(pack("x12") . pack("N", $pn), -12)
+				^ $self->{keys}[4]{r}{iv};
+			$plaintext = $f->(@args, $self->{keys}[4]{r}{key},
+				$nonce, $ad, $ciphertext, $tag);
+		} else {
+			# remove old keys after unprotected with new keys
+			splice @{$self->{keys}}, 4, 1;
+		}
+	}
 	return if !defined $plaintext;
 	Test::Nginx::log_core('||',
 		"pn = $pn, level = $level, length = " . length($plaintext));
@@ -1884,6 +1896,10 @@ sub key_update {
 		$prk = hkdf_expand_label("tls13 quic ku", $hash, $hlen, $prk);
 		$key = hkdf_expand_label("tls13 quic key", $hash, $klen, $prk);
 		$iv = hkdf_expand_label("tls13 quic iv", $hash, 12, $prk);
+		$self->{keys}[4]{$direction}{key} =
+			$self->{keys}[3]{$direction}{key};
+		$self->{keys}[4]{$direction}{iv} =
+			$self->{keys}[3]{$direction}{iv};
 		$self->{keys}[3]{$direction}{prk} = $prk;
 		$self->{keys}[3]{$direction}{key} = $key;
 		$self->{keys}[3]{$direction}{iv} = $iv;