Google Git
Sign in
quiche / quiche.git / 1c6e592bd976bd9e18075cf81c377d0b05236153^! / . / quic / core / quic_packet_creator.cc
commit1c6e592bd976bd9e18075cf81c377d0b05236153[log] [tgz]
authordschinazi <dschinazi@google.com>Fri Jun 19 10:35:03 2020 -0700
committerCopybara-Service <copybara-worker@google.com>Fri Jun 19 10:35:35 2020 -0700
tree127620d0d71a43952eef0d6471d35e98a9120939
parent95480b9512d75acd57621613a98f7fe6fce549ba [diff] [blame]
Add DCHECKs to enforce encryption level in packet creator

The QuicPacketCreator has 5 different paths that serialize packets: one general-purpose, then one for non-crypto streams and three for path probes. Non-crypto streams are only ever sent in 0-RTT or 1-RTT, while path probes are only sent in 1-RTT. This CL enforces this with DCHECKs, and tweaks some tests to use the correct encryption levels.

Dcheck-only change

PiperOrigin-RevId: 317334226
Change-Id: I55419c30c927ab155ba375d6ef71e1e293aaa1f4

diff --git a/quic/core/quic_packet_creator.cc b/quic/core/quic_packet_creator.cc
index a977a8e..82b4a27 100644
--- a/quic/core/quic_packet_creator.cc
+++ b/quic/core/quic_packet_creator.cc

@@ -550,6 +550,7 @@
     TransmissionType transmission_type,
     size_t* num_bytes_consumed) {
   DCHECK(queued_frames_.empty());
+  DCHECK(!QuicUtils::IsCryptoStreamId(transport_version(), id));
   // Write out the packet header
   QuicPacketHeader header;
   FillPacketHeader(&header);
@@ -638,6 +639,9 @@
 
   packet_.transmission_type = transmission_type;
 
+  DCHECK(packet_.encryption_level == ENCRYPTION_FORWARD_SECURE ||
+         packet_.encryption_level == ENCRYPTION_ZERO_RTT)
+      << packet_.encryption_level;
   size_t encrypted_length = framer_->EncryptInPlace(
       packet_.encryption_level, packet_.packet_number,
       GetStartOfEncryptedData(framer_->transport_version(), header),
@@ -838,6 +842,7 @@
       header, buffer.get(), max_plaintext_size_, packet_.encryption_level);
   DCHECK(length);
 
+  DCHECK_EQ(packet_.encryption_level, ENCRYPTION_FORWARD_SECURE);
   const size_t encrypted_length = framer_->EncryptInPlace(
       packet_.encryption_level, packet_.packet_number,
       GetStartOfEncryptedData(framer_->transport_version(), header), length,
@@ -877,6 +882,7 @@
       packet_.encryption_level);
   DCHECK(length);
 
+  DCHECK_EQ(packet_.encryption_level, ENCRYPTION_FORWARD_SECURE);
   const size_t encrypted_length = framer_->EncryptInPlace(
       packet_.encryption_level, packet_.packet_number,
       GetStartOfEncryptedData(framer_->transport_version(), header), length,
@@ -918,6 +924,7 @@
                               payloads, is_padded, packet_.encryption_level);
   DCHECK(length);
 
+  DCHECK_EQ(packet_.encryption_level, ENCRYPTION_FORWARD_SECURE);
   const size_t encrypted_length = framer_->EncryptInPlace(
       packet_.encryption_level, packet_.packet_number,
       GetStartOfEncryptedData(framer_->transport_version(), header), length,