Mercurial > hg > nginx-tests
comparison lib/Test/Nginx/HTTP3.pm @ 1910:e0b53fbdb5cf
Tests: TLS_AES_128_CCM_SHA256 support in QUIC handshake.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 13 Jun 2023 17:58:46 +0400 |
| parents | 46bb1ffbb960 |
| children | afbf4c06c014 |
comparison
equal
deleted
inserted
replaced
| 1909:46bb1ffbb960 | 1910:e0b53fbdb5cf |
|---|---|
| 24 | 24 |
| 25 require Crypt::KeyDerivation; | 25 require Crypt::KeyDerivation; |
| 26 require Crypt::PK::X25519; | 26 require Crypt::PK::X25519; |
| 27 require Crypt::PRNG; | 27 require Crypt::PRNG; |
| 28 require Crypt::AuthEnc::GCM; | 28 require Crypt::AuthEnc::GCM; |
| 29 require Crypt::AuthEnc::CCM; | |
| 29 require Crypt::AuthEnc::ChaCha20Poly1305; | 30 require Crypt::AuthEnc::ChaCha20Poly1305; |
| 30 require Crypt::Mode::CTR; | 31 require Crypt::Mode::CTR; |
| 31 require Crypt::Stream::ChaCha; | 32 require Crypt::Stream::ChaCha; |
| 32 require Crypt::Digest; | 33 require Crypt::Digest; |
| 33 require Crypt::Mac::HMAC; | 34 require Crypt::Mac::HMAC; |
| 1661 sub decrypt_aead_f { | 1662 sub decrypt_aead_f { |
| 1662 my ($level, $cipher) = @_; | 1663 my ($level, $cipher) = @_; |
| 1663 if ($level == 0 || $cipher == 0x1301 || $cipher == 0x1302) { | 1664 if ($level == 0 || $cipher == 0x1301 || $cipher == 0x1302) { |
| 1664 return \&Crypt::AuthEnc::GCM::gcm_decrypt_verify, 'AES'; | 1665 return \&Crypt::AuthEnc::GCM::gcm_decrypt_verify, 'AES'; |
| 1665 } | 1666 } |
| 1667 if ($cipher == 0x1304) { | |
| 1668 return \&Crypt::AuthEnc::CCM::ccm_decrypt_verify, 'AES'; | |
| 1669 } | |
| 1666 \&Crypt::AuthEnc::ChaCha20Poly1305::chacha20poly1305_decrypt_verify; | 1670 \&Crypt::AuthEnc::ChaCha20Poly1305::chacha20poly1305_decrypt_verify; |
| 1667 } | 1671 } |
| 1668 | 1672 |
| 1669 sub decrypt_aead { | 1673 sub decrypt_aead { |
| 1670 my ($self, $buf) = @_; | 1674 my ($self, $buf) = @_; |
| 1735 sub encrypt_aead_f { | 1739 sub encrypt_aead_f { |
| 1736 my ($level, $cipher) = @_; | 1740 my ($level, $cipher) = @_; |
| 1737 if ($level == 0 || $cipher == 0x1301 || $cipher == 0x1302) { | 1741 if ($level == 0 || $cipher == 0x1301 || $cipher == 0x1302) { |
| 1738 return \&Crypt::AuthEnc::GCM::gcm_encrypt_authenticate, 'AES'; | 1742 return \&Crypt::AuthEnc::GCM::gcm_encrypt_authenticate, 'AES'; |
| 1739 } | 1743 } |
| 1744 if ($cipher == 0x1304) { | |
| 1745 return \&Crypt::AuthEnc::CCM::ccm_encrypt_authenticate, 'AES'; | |
| 1746 } | |
| 1740 \&Crypt::AuthEnc::ChaCha20Poly1305::chacha20poly1305_encrypt_authenticate; | 1747 \&Crypt::AuthEnc::ChaCha20Poly1305::chacha20poly1305_encrypt_authenticate; |
| 1741 } | 1748 } |
| 1742 | 1749 |
| 1743 sub encrypt_aead { | 1750 sub encrypt_aead { |
| 1744 my ($self, $payload, $level) = @_; | 1751 my ($self, $payload, $level) = @_; |
| 1754 $ad .= pack("N", $pn); | 1761 $ad .= pack("N", $pn); |
| 1755 my $nonce = substr(pack("x12") . pack("N", $pn), -12) | 1762 my $nonce = substr(pack("x12") . pack("N", $pn), -12) |
| 1756 ^ $self->{keys}[$level]{w}{iv}; | 1763 ^ $self->{keys}[$level]{w}{iv}; |
| 1757 my ($f, @args) = encrypt_aead_f($level, $self->{cipher}); | 1764 my ($f, @args) = encrypt_aead_f($level, $self->{cipher}); |
| 1758 my ($ciphertext, $tag) = $f->(@args, | 1765 my ($ciphertext, $tag) = $f->(@args, |
| 1759 $self->{keys}[$level]{w}{key}, $nonce, $ad, $payload); | 1766 $self->{keys}[$level]{w}{key}, $nonce, $ad, |
| 1767 $self->{cipher} == 0x1304 ? 16 : (), $payload); | |
| 1760 my $sample = substr($ciphertext . $tag, 0, 16); | 1768 my $sample = substr($ciphertext . $tag, 0, 16); |
| 1761 | 1769 |
| 1762 $ad = $self->encrypt_ad($ad, $self->{keys}[$level]{w}{hp}, | 1770 $ad = $self->encrypt_ad($ad, $self->{keys}[$level]{w}{hp}, |
| 1763 $sample, $level); | 1771 $sample, $level); |
| 1764 return $ad . $ciphertext . $tag; | 1772 return $ad . $ciphertext . $tag; |
| 1809 | 1817 |
| 1810 sub set_traffic_keys { | 1818 sub set_traffic_keys { |
| 1811 my ($self, $label, $hash, $hlen, $level, $direction, $secret, $digest) | 1819 my ($self, $label, $hash, $hlen, $level, $direction, $secret, $digest) |
| 1812 = @_; | 1820 = @_; |
| 1813 my $prk = hkdf_expand_label($label, $hash, $hlen, $secret, $digest); | 1821 my $prk = hkdf_expand_label($label, $hash, $hlen, $secret, $digest); |
| 1814 my $klen = $self->{cipher} == 0x1301 ? 16 : 32; | 1822 my $klen = $self->{cipher} == 0x1301 || $self->{cipher} == 0x1304 |
| 1823 ? 16 : 32; | |
| 1815 my $key = hkdf_expand_label("tls13 quic key", $hash, $klen, $prk); | 1824 my $key = hkdf_expand_label("tls13 quic key", $hash, $klen, $prk); |
| 1816 my $iv = hkdf_expand_label("tls13 quic iv", $hash, 12, $prk); | 1825 my $iv = hkdf_expand_label("tls13 quic iv", $hash, 12, $prk); |
| 1817 my $hp = hkdf_expand_label("tls13 quic hp", $hash, $klen, $prk); | 1826 my $hp = hkdf_expand_label("tls13 quic hp", $hash, $klen, $prk); |
| 1818 $self->{keys}[$level]{$direction}{prk} = $prk; | 1827 $self->{keys}[$level]{$direction}{prk} = $prk; |
| 1819 $self->{keys}[$level]{$direction}{key} = $key; | 1828 $self->{keys}[$level]{$direction}{key} = $key; |