Internal QUICHE change
PiperOrigin-RevId: 242861959
Change-Id: I559010d1c1880e615e18def8e27f5db093b0b102
diff --git a/quic/core/http/quic_spdy_client_session_test.cc b/quic/core/http/quic_spdy_client_session_test.cc
index 9a99ca7..4e1dc9e 100644
--- a/quic/core/http/quic_spdy_client_session_test.cc
+++ b/quic/core/http/quic_spdy_client_session_test.cc
@@ -489,22 +489,13 @@
EXPECT_CALL(*connection_, OnError(_)).Times(1);
// Verify that a decryptable packet with bad frames does close the connection.
- QuicConnectionId destination_connection_id =
- session_->connection()->connection_id();
- QuicConnectionId source_connection_id = EmptyQuicConnectionId();
+ QuicConnectionId connection_id = session_->connection()->connection_id();
QuicFramerPeer::SetLastSerializedConnectionId(
- QuicConnectionPeer::GetFramer(connection_), destination_connection_id);
+ QuicConnectionPeer::GetFramer(connection_), connection_id);
ParsedQuicVersionVector versions = {GetParam()};
- bool version_flag = false;
- QuicConnectionIdIncluded scid_included = CONNECTION_ID_ABSENT;
- if (GetParam().transport_version > QUIC_VERSION_43) {
- version_flag = true;
- source_connection_id = destination_connection_id;
- scid_included = CONNECTION_ID_PRESENT;
- }
std::unique_ptr<QuicEncryptedPacket> packet(ConstructMisFramedEncryptedPacket(
- destination_connection_id, source_connection_id, version_flag, false, 100,
- "data", CONNECTION_ID_ABSENT, scid_included, PACKET_4BYTE_PACKET_NUMBER,
+ connection_id, EmptyQuicConnectionId(), false, false, 100, "data",
+ CONNECTION_ID_ABSENT, CONNECTION_ID_ABSENT, PACKET_4BYTE_PACKET_NUMBER,
&versions, Perspective::IS_SERVER));
std::unique_ptr<QuicReceivedPacket> received(
ConstructReceivedPacket(*packet, QuicTime::Zero()));
diff --git a/quic/core/quic_connection.cc b/quic/core/quic_connection.cc
index d16b140..d90413a 100644
--- a/quic/core/quic_connection.cc
+++ b/quic/core/quic_connection.cc
@@ -2874,20 +2874,6 @@
}
}
-void QuicConnection::InstallDecrypter(
- EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter) {
- framer_.InstallDecrypter(level, std::move(decrypter));
- if (!undecryptable_packets_.empty() &&
- !process_undecryptable_packets_alarm_->IsSet()) {
- process_undecryptable_packets_alarm_->Set(clock_->ApproximateNow());
- }
-}
-
-void QuicConnection::RemoveDecrypter(EncryptionLevel level) {
- framer_.RemoveDecrypter(level);
-}
-
const QuicDecrypter* QuicConnection::decrypter() const {
return framer_.decrypter();
}
@@ -3908,13 +3894,6 @@
return packet_generator_.GetGuaranteedLargestMessagePayload();
}
-uint32_t QuicConnection::cipher_id() const {
- if (version().KnowsWhichDecrypterToUse()) {
- return framer_.GetDecrypter(last_decrypted_packet_level_)->cipher_id();
- }
- return framer_.decrypter()->cipher_id();
-}
-
bool QuicConnection::ShouldSetAckAlarm() const {
DCHECK(ack_frame_updated());
if (ack_alarm_->IsSet()) {
diff --git a/quic/core/quic_connection.h b/quic/core/quic_connection.h
index da666b4..7f8b8c8 100644
--- a/quic/core/quic_connection.h
+++ b/quic/core/quic_connection.h
@@ -672,10 +672,6 @@
std::unique_ptr<QuicDecrypter> decrypter,
bool latch_once_used);
- void InstallDecrypter(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter);
- void RemoveDecrypter(EncryptionLevel level);
-
const QuicDecrypter* decrypter() const;
const QuicDecrypter* alternative_decrypter() const;
@@ -769,8 +765,8 @@
// connection ID lengths do not change.
QuicPacketLength GetGuaranteedLargestMessagePayload() const;
- // Returns the id of the cipher last used for decrypting packets.
- uint32_t cipher_id() const;
+ // Return the id of the cipher of the primary decrypter of the framer.
+ uint32_t cipher_id() const { return framer_.decrypter()->cipher_id(); }
std::vector<std::unique_ptr<QuicEncryptedPacket>>* termination_packets() {
return termination_packets_.get();
diff --git a/quic/core/quic_connection_test.cc b/quic/core/quic_connection_test.cc
index b8990c9..78f31e1 100644
--- a/quic/core/quic_connection_test.cc
+++ b/quic/core/quic_connection_test.cc
@@ -5,15 +5,14 @@
#include "net/third_party/quiche/src/quic/core/quic_connection.h"
#include <errno.h>
-
#include <memory>
#include <ostream>
-#include <string>
#include <utility>
+#include <string>
+
#include "net/third_party/quiche/src/quic/core/congestion_control/loss_detection_interface.h"
#include "net/third_party/quiche/src/quic/core/congestion_control/send_algorithm_interface.h"
-#include "net/third_party/quiche/src/quic/core/crypto/null_decrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/null_encrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/quic_decrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/quic_encrypter.h"
@@ -359,21 +358,8 @@
}
if (use_tagging_decrypter_) {
- if (framer_.framer()->version().KnowsWhichDecrypterToUse()) {
- framer_.framer()->InstallDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<TaggingDecrypter>());
- framer_.framer()->InstallDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<TaggingDecrypter>());
- framer_.framer()->InstallDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<TaggingDecrypter>());
- } else {
- framer_.framer()->SetDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<TaggingDecrypter>());
- }
- } else if (framer_.framer()->version().KnowsWhichDecrypterToUse()) {
- framer_.framer()->InstallDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_SERVER));
+ framer_.framer()->SetDecrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<TaggingDecrypter>());
}
EXPECT_TRUE(framer_.ProcessPacket(packet));
if (block_on_next_write_) {
@@ -981,12 +967,6 @@
.WillRepeatedly(Return(QuicTime::Zero()));
EXPECT_CALL(*loss_algorithm_, DetectLosses(_, _, _, _, _, _))
.Times(AnyNumber());
-
- if (connection_.version().KnowsWhichDecrypterToUse()) {
- connection_.InstallDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
- }
}
QuicConnectionTest(const QuicConnectionTest&) = delete;
@@ -1014,16 +994,6 @@
void use_tagging_decrypter() { writer_->use_tagging_decrypter(); }
- void SetDecrypter(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter) {
- if (connection_.version().KnowsWhichDecrypterToUse()) {
- connection_.InstallDecrypter(level, std::move(decrypter));
- connection_.RemoveDecrypter(ENCRYPTION_INITIAL);
- } else {
- connection_.SetDecrypter(level, std::move(decrypter));
- }
- }
-
void ProcessPacket(uint64_t number) {
EXPECT_CALL(visitor_, OnStreamFrame(_)).Times(1);
ProcessDataPacket(number);
@@ -1078,11 +1048,8 @@
void ForceProcessFramePacket(QuicFrame frame) {
QuicFrames frames;
frames.push_back(QuicFrame(frame));
- bool send_version = connection_.perspective() == Perspective::IS_SERVER;
- if (connection_.version().KnowsWhichDecrypterToUse()) {
- send_version = true;
- }
- QuicPacketCreatorPeer::SetSendVersionInPacket(&peer_creator_, send_version);
+ QuicPacketCreatorPeer::SetSendVersionInPacket(
+ &peer_creator_, connection_.perspective() == Perspective::IS_SERVER);
QuicPacketHeader header;
QuicPacketCreatorPeer::FillPacketHeader(&peer_creator_, &header);
char encrypted_buffer[kMaxOutgoingPacketSize];
@@ -1114,16 +1081,6 @@
peer_framer_.perspective() == Perspective::IS_SERVER) {
header.destination_connection_id_included = CONNECTION_ID_ABSENT;
}
- if (level == ENCRYPTION_INITIAL &&
- peer_framer_.version().KnowsWhichDecrypterToUse()) {
- header.version_flag = true;
- header.retry_token_length_length = VARIABLE_LENGTH_INTEGER_LENGTH_1;
- header.length_length = VARIABLE_LENGTH_INTEGER_LENGTH_2;
- if (peer_framer_.perspective() == Perspective::IS_SERVER) {
- header.source_connection_id = connection_id_;
- header.source_connection_id_included = CONNECTION_ID_PRESENT;
- }
- }
header.packet_number = QuicPacketNumber(number);
QuicFrames frames;
frames.push_back(frame);
@@ -1137,16 +1094,9 @@
QuicPacketCreatorPeer::GetEncryptionLevel(&peer_creator_),
QuicMakeUnique<TaggingEncrypter>(0x01));
// Set the corresponding decrypter.
- if (connection_.version().KnowsWhichDecrypterToUse()) {
- connection_.InstallDecrypter(
- QuicPacketCreatorPeer::GetEncryptionLevel(&peer_creator_),
- QuicMakeUnique<StrictTaggingDecrypter>(0x01));
- connection_.RemoveDecrypter(ENCRYPTION_INITIAL);
- } else {
- connection_.SetDecrypter(
- QuicPacketCreatorPeer::GetEncryptionLevel(&peer_creator_),
- QuicMakeUnique<StrictTaggingDecrypter>(0x01));
- }
+ connection_.SetDecrypter(
+ QuicPacketCreatorPeer::GetEncryptionLevel(&peer_creator_),
+ QuicMakeUnique<StrictTaggingDecrypter>(0x01));
}
char buffer[kMaxOutgoingPacketSize];
@@ -3001,8 +2951,8 @@
EXPECT_CALL(visitor_, OnStreamFrame(_)).Times(1);
peer_framer_.SetEncrypter(ENCRYPTION_FORWARD_SECURE,
QuicMakeUnique<TaggingEncrypter>(0x01));
- SetDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<StrictTaggingDecrypter>(0x01));
+ connection_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
+ QuicMakeUnique<StrictTaggingDecrypter>(0x01));
ProcessDataPacketAtLevel(2, false, ENCRYPTION_FORWARD_SECURE);
EXPECT_EQ(0u, connection_.NumQueuedPackets());
@@ -3427,7 +3377,7 @@
1, stream_id, QUIC_ERROR_PROCESSING_STREAM, 14)));
}
EXPECT_EQ(1u, writer_->frame_count());
- ASSERT_EQ(1u, writer_->rst_stream_frames().size());
+ EXPECT_EQ(1u, writer_->rst_stream_frames().size());
EXPECT_EQ(stream_id, writer_->rst_stream_frames().front().stream_id);
}
@@ -4081,8 +4031,8 @@
// Transition to the new encryption state and process another encrypted packet
// which should result in the original packet being processed.
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
connection_.SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
connection_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
@@ -4155,8 +4105,8 @@
// Transition to the new encryption state and process another encrypted packet
// which should result in the original packets being processed.
EXPECT_FALSE(connection_.GetProcessUndecryptablePacketsAlarm()->IsSet());
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
EXPECT_TRUE(connection_.GetProcessUndecryptablePacketsAlarm()->IsSet());
connection_.SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
connection_.SetEncrypter(ENCRYPTION_ZERO_RTT,
@@ -5491,8 +5441,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5533,8 +5483,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5614,8 +5564,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5676,8 +5626,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5814,8 +5764,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5870,8 +5820,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5931,8 +5881,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -5998,8 +5948,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -6085,8 +6035,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -6156,8 +6106,8 @@
EXPECT_CALL(visitor_, OnSuccessfulVersionNegotiation(_));
EXPECT_FALSE(connection_.GetAckAlarm()->IsSet());
const uint8_t tag = 0x07;
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(tag));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(tag));
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(tag));
// Process a packet from the non-crypto stream.
@@ -6327,8 +6277,8 @@
EXPECT_CALL(visitor_, OnStreamFrame(_));
peer_framer_.SetEncrypter(ENCRYPTION_FORWARD_SECURE,
QuicMakeUnique<TaggingEncrypter>(0x01));
- SetDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<StrictTaggingDecrypter>(0x01));
+ connection_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
+ QuicMakeUnique<StrictTaggingDecrypter>(0x01));
ProcessDataPacketAtLevel(1, false, ENCRYPTION_FORWARD_SECURE);
connection_.SendStreamDataWithString(
GetNthClientInitiatedStreamId(1, connection_.transport_version()), "foo",
@@ -8610,8 +8560,8 @@
EXPECT_TRUE(connection_.GetAckAlarm()->IsSet());
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(0x02));
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(0x02));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(0x02));
connection_.SetEncrypter(ENCRYPTION_INITIAL,
QuicMakeUnique<TaggingEncrypter>(0x02));
// Receives packet 1000 in application data.
@@ -8638,8 +8588,8 @@
peer_framer_.SetEncrypter(ENCRYPTION_FORWARD_SECURE,
QuicMakeUnique<TaggingEncrypter>(0x02));
- SetDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<StrictTaggingDecrypter>(0x02));
+ connection_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
+ QuicMakeUnique<StrictTaggingDecrypter>(0x02));
// Verify zero rtt and forward secure packets get acked in the same packet.
EXPECT_CALL(*send_algorithm_, OnPacketSent(_, _, _, _, _)).Times(1);
ProcessDataPacketAtLevel(1003, false, ENCRYPTION_FORWARD_SECURE);
@@ -8658,8 +8608,8 @@
EXPECT_TRUE(connection_.GetAckAlarm()->IsSet());
peer_framer_.SetEncrypter(ENCRYPTION_ZERO_RTT,
QuicMakeUnique<TaggingEncrypter>(0x02));
- SetDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<StrictTaggingDecrypter>(0x02));
+ connection_.SetDecrypter(ENCRYPTION_ZERO_RTT,
+ QuicMakeUnique<StrictTaggingDecrypter>(0x02));
connection_.SetEncrypter(ENCRYPTION_INITIAL,
QuicMakeUnique<TaggingEncrypter>(0x02));
// Receives packet 1000 in application data.
diff --git a/quic/core/quic_crypto_client_handshaker.cc b/quic/core/quic_crypto_client_handshaker.cc
index d6c9af4..013ab3f 100644
--- a/quic/core/quic_crypto_client_handshaker.cc
+++ b/quic/core/quic_crypto_client_handshaker.cc
@@ -375,16 +375,10 @@
crypto_config_->pad_full_hello());
SendHandshakeMessage(out);
// Be prepared to decrypt with the new server write key.
- if (session()->connection()->version().KnowsWhichDecrypterToUse()) {
- session()->connection()->InstallDecrypter(
- ENCRYPTION_ZERO_RTT,
- std::move(crypto_negotiated_params_->initial_crypters.decrypter));
- } else {
- session()->connection()->SetAlternativeDecrypter(
- ENCRYPTION_ZERO_RTT,
- std::move(crypto_negotiated_params_->initial_crypters.decrypter),
- true /* latch once used */);
- }
+ session()->connection()->SetAlternativeDecrypter(
+ ENCRYPTION_ZERO_RTT,
+ std::move(crypto_negotiated_params_->initial_crypters.decrypter),
+ true /* latch once used */);
// Send subsequent packets under encryption on the assumption that the
// server will accept the handshake.
session()->connection()->SetEncrypter(
@@ -590,8 +584,10 @@
// to see whether the response was a reject, and if so, move on to
// the reject-processing state.
if ((in->tag() == kREJ) || (in->tag() == kSREJ)) {
- // A reject message must be sent in ENCRYPTION_INITIAL.
- if (session()->connection()->last_decrypted_level() != ENCRYPTION_INITIAL) {
+ // alternative_decrypter will be nullptr if the original alternative
+ // decrypter latched and became the primary decrypter. That happens
+ // if we received a message encrypted with the INITIAL key.
+ if (session()->connection()->alternative_decrypter() == nullptr) {
// The rejection was sent encrypted!
stream_->CloseConnectionWithDetails(
QUIC_CRYPTO_ENCRYPTION_LEVEL_INCORRECT, "encrypted REJ message");
@@ -607,7 +603,10 @@
return;
}
- if (session()->connection()->last_decrypted_level() == ENCRYPTION_INITIAL) {
+ // alternative_decrypter will be nullptr if the original alternative
+ // decrypter latched and became the primary decrypter. That happens
+ // if we received a message encrypted with the INITIAL key.
+ if (session()->connection()->alternative_decrypter() != nullptr) {
// The server hello was sent without encryption.
stream_->CloseConnectionWithDetails(QUIC_CRYPTO_ENCRYPTION_LEVEL_INCORRECT,
"unencrypted SHLO message");
@@ -639,14 +638,9 @@
// has been floated that the server shouldn't send packets encrypted
// with the FORWARD_SECURE key until it receives a FORWARD_SECURE
// packet from the client.
- if (session()->connection()->version().KnowsWhichDecrypterToUse()) {
- session()->connection()->InstallDecrypter(ENCRYPTION_FORWARD_SECURE,
- std::move(crypters->decrypter));
- } else {
- session()->connection()->SetAlternativeDecrypter(
- ENCRYPTION_FORWARD_SECURE, std::move(crypters->decrypter),
- false /* don't latch */);
- }
+ session()->connection()->SetAlternativeDecrypter(
+ ENCRYPTION_FORWARD_SECURE, std::move(crypters->decrypter),
+ false /* don't latch */);
session()->connection()->SetEncrypter(ENCRYPTION_FORWARD_SECURE,
std::move(crypters->encrypter));
session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
diff --git a/quic/core/quic_crypto_server_handshaker.cc b/quic/core/quic_crypto_server_handshaker.cc
index c0e61ef..cd3cce9 100644
--- a/quic/core/quic_crypto_server_handshaker.cc
+++ b/quic/core/quic_crypto_server_handshaker.cc
@@ -230,16 +230,9 @@
session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_ZERO_RTT);
// Set the decrypter immediately so that we no longer accept unencrypted
// packets.
- if (session()->connection()->version().KnowsWhichDecrypterToUse()) {
- session()->connection()->InstallDecrypter(
- ENCRYPTION_ZERO_RTT,
- std::move(crypto_negotiated_params_->initial_crypters.decrypter));
- session()->connection()->RemoveDecrypter(ENCRYPTION_INITIAL);
- } else {
- session()->connection()->SetDecrypter(
- ENCRYPTION_ZERO_RTT,
- std::move(crypto_negotiated_params_->initial_crypters.decrypter));
- }
+ session()->connection()->SetDecrypter(
+ ENCRYPTION_ZERO_RTT,
+ std::move(crypto_negotiated_params_->initial_crypters.decrypter));
session()->connection()->SetDiversificationNonce(*diversification_nonce);
session()->connection()->set_fully_pad_crypto_hadshake_packets(
@@ -251,17 +244,10 @@
std::move(crypto_negotiated_params_->forward_secure_crypters.encrypter));
session()->connection()->SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
- if (session()->connection()->version().KnowsWhichDecrypterToUse()) {
- session()->connection()->InstallDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- std::move(
- crypto_negotiated_params_->forward_secure_crypters.decrypter));
- } else {
- session()->connection()->SetAlternativeDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- std::move(crypto_negotiated_params_->forward_secure_crypters.decrypter),
- false /* don't latch */);
- }
+ session()->connection()->SetAlternativeDecrypter(
+ ENCRYPTION_FORWARD_SECURE,
+ std::move(crypto_negotiated_params_->forward_secure_crypters.decrypter),
+ false /* don't latch */);
encryption_established_ = true;
handshake_confirmed_ = true;
diff --git a/quic/core/quic_framer.cc b/quic/core/quic_framer.cc
index fdce309..c24a23c 100644
--- a/quic/core/quic_framer.cc
+++ b/quic/core/quic_framer.cc
@@ -346,32 +346,6 @@
return NUM_PACKET_NUMBER_SPACES;
}
-EncryptionLevel GetEncryptionLevel(const QuicPacketHeader& header) {
- switch (header.form) {
- case GOOGLE_QUIC_PACKET:
- QUIC_BUG << "Cannot determine EncryptionLevel from Google QUIC header";
- break;
- case IETF_QUIC_SHORT_HEADER_PACKET:
- return ENCRYPTION_FORWARD_SECURE;
- case IETF_QUIC_LONG_HEADER_PACKET:
- switch (header.long_packet_type) {
- case INITIAL:
- return ENCRYPTION_INITIAL;
- case HANDSHAKE:
- return ENCRYPTION_HANDSHAKE;
- case ZERO_RTT_PROTECTED:
- return ENCRYPTION_ZERO_RTT;
- case VERSION_NEGOTIATION:
- case RETRY:
- case INVALID_PACKET_TYPE:
- QUIC_BUG << "No encryption used with type "
- << QuicUtils::QuicLongHeaderTypetoString(
- header.long_packet_type);
- }
- }
- return NUM_ENCRYPTION_LEVELS;
-}
-
QuicStringPiece TruncateErrorString(QuicStringPiece error) {
if (error.length() <= kMaxErrorStringLength) {
return error;
@@ -3904,7 +3878,6 @@
std::unique_ptr<QuicDecrypter> decrypter) {
DCHECK_EQ(alternative_decrypter_level_, NUM_ENCRYPTION_LEVELS);
DCHECK_GE(level, decrypter_level_);
- DCHECK(!version_.KnowsWhichDecrypterToUse());
decrypter_[decrypter_level_] = nullptr;
decrypter_[level] = std::move(decrypter);
decrypter_level_ = level;
@@ -3915,7 +3888,6 @@
std::unique_ptr<QuicDecrypter> decrypter,
bool latch_once_used) {
DCHECK_NE(level, decrypter_level_);
- DCHECK(!version_.KnowsWhichDecrypterToUse());
if (alternative_decrypter_level_ != NUM_ENCRYPTION_LEVELS) {
decrypter_[alternative_decrypter_level_] = nullptr;
}
@@ -3924,22 +3896,6 @@
alternative_decrypter_latch_ = latch_once_used;
}
-void QuicFramer::InstallDecrypter(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter) {
- DCHECK(version_.KnowsWhichDecrypterToUse());
- decrypter_[level] = std::move(decrypter);
-}
-
-void QuicFramer::RemoveDecrypter(EncryptionLevel level) {
- DCHECK(version_.KnowsWhichDecrypterToUse());
- decrypter_[level] = nullptr;
-}
-
-const QuicDecrypter* QuicFramer::GetDecrypter(EncryptionLevel level) const {
- DCHECK(version_.KnowsWhichDecrypterToUse());
- return decrypter_[level].get();
-}
-
const QuicDecrypter* QuicFramer::decrypter() const {
return decrypter_[decrypter_level_].get();
}
@@ -4035,31 +3991,18 @@
size_t buffer_length,
size_t* decrypted_length,
EncryptionLevel* decrypted_level) {
- EncryptionLevel level = decrypter_level_;
- QuicDecrypter* decrypter = decrypter_[level].get();
+ DCHECK(decrypter_[decrypter_level_] != nullptr);
QuicDecrypter* alternative_decrypter = nullptr;
- if (version().KnowsWhichDecrypterToUse()) {
- level = GetEncryptionLevel(header);
- decrypter = decrypter_[level].get();
- if (decrypter == nullptr) {
- return false;
- }
- if (level == ENCRYPTION_ZERO_RTT &&
- perspective_ == Perspective::IS_CLIENT && header.nonce != nullptr) {
- decrypter->SetDiversificationNonce(*header.nonce);
- }
- } else if (alternative_decrypter_level_ != NUM_ENCRYPTION_LEVELS) {
+ if (alternative_decrypter_level_ != NUM_ENCRYPTION_LEVELS) {
alternative_decrypter = decrypter_[alternative_decrypter_level_].get();
}
- DCHECK(decrypter != nullptr);
-
- bool success = decrypter->DecryptPacket(
+ bool success = decrypter_[decrypter_level_]->DecryptPacket(
header.packet_number.ToUint64(), associated_data, encrypted,
decrypted_buffer, decrypted_length, buffer_length);
if (success) {
- visitor_->OnDecryptedPacket(level);
- *decrypted_level = level;
+ visitor_->OnDecryptedPacket(decrypter_level_);
+ *decrypted_level = decrypter_level_;
} else if (alternative_decrypter != nullptr) {
if (header.nonce != nullptr) {
DCHECK_EQ(perspective_, Perspective::IS_CLIENT);
diff --git a/quic/core/quic_framer.h b/quic/core/quic_framer.h
index 26c7125..84773b4 100644
--- a/quic/core/quic_framer.h
+++ b/quic/core/quic_framer.h
@@ -475,11 +475,6 @@
std::unique_ptr<QuicDecrypter> decrypter,
bool latch_once_used);
- void InstallDecrypter(EncryptionLevel level,
- std::unique_ptr<QuicDecrypter> decrypter);
- void RemoveDecrypter(EncryptionLevel level);
-
- const QuicDecrypter* GetDecrypter(EncryptionLevel level) const;
const QuicDecrypter* decrypter() const;
const QuicDecrypter* alternative_decrypter() const;
diff --git a/quic/core/quic_framer_test.cc b/quic/core/quic_framer_test.cc
index 523b0b8..927b100 100644
--- a/quic/core/quic_framer_test.cc
+++ b/quic/core/quic_framer_test.cc
@@ -454,13 +454,8 @@
kQuicDefaultConnectionIdLength) {
SetQuicFlag(&FLAGS_quic_supports_tls_handshake, true);
framer_.set_version(version_);
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_INITIAL,
- std::unique_ptr<QuicDecrypter>(decrypter_));
- } else {
- framer_.SetDecrypter(ENCRYPTION_INITIAL,
- std::unique_ptr<QuicDecrypter>(decrypter_));
- }
+ framer_.SetDecrypter(ENCRYPTION_INITIAL,
+ std::unique_ptr<QuicDecrypter>(decrypter_));
framer_.SetEncrypter(ENCRYPTION_INITIAL,
std::unique_ptr<QuicEncrypter>(encrypter_));
@@ -468,14 +463,6 @@
framer_.InferPacketHeaderTypeFromVersion();
}
- void SetDecrypterLevel(EncryptionLevel level) {
- if (!framer_.version().KnowsWhichDecrypterToUse()) {
- return;
- }
- decrypter_ = new TestDecrypter();
- framer_.InstallDecrypter(level, std::unique_ptr<QuicDecrypter>(decrypter_));
- }
-
// Helper function to get unsigned char representation of the handshake
// protocol byte of the current QUIC version number.
unsigned char GetQuicVersionProtocolByte() {
@@ -814,7 +801,6 @@
}
TEST_P(QuicFramerTest, LargePacket) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[kMaxIncomingPacketSize + 1] = {
// public flags (8 byte connection_id)
@@ -972,7 +958,6 @@
}
TEST_P(QuicFramerTest, PacketHeaderWith0ByteConnectionId) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
QuicFramerPeer::SetLastSerializedConnectionId(&framer_,
FramerTestConnectionId());
QuicFramerPeer::SetPerspective(&framer_, Perspective::IS_CLIENT);
@@ -1028,7 +1013,6 @@
}
TEST_P(QuicFramerTest, PacketHeaderWithVersionFlag) {
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
// clang-format off
PacketFragments packet = {
// public flags (0 byte connection_id)
@@ -1128,7 +1112,6 @@
}
TEST_P(QuicFramerTest, PacketHeaderWith4BytePacketNumber) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
QuicFramerPeer::SetLargestPacketNumber(&framer_, kPacketNumber - 2);
// clang-format off
@@ -1188,7 +1171,6 @@
}
TEST_P(QuicFramerTest, PacketHeaderWith2BytePacketNumber) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
QuicFramerPeer::SetLargestPacketNumber(&framer_, kPacketNumber - 2);
// clang-format off
@@ -1249,7 +1231,6 @@
}
TEST_P(QuicFramerTest, PacketHeaderWith1BytePacketNumber) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
QuicFramerPeer::SetLargestPacketNumber(&framer_, kPacketNumber - 2);
// clang-format off
@@ -1311,7 +1292,6 @@
}
TEST_P(QuicFramerTest, PacketNumberDecreasesThenIncreases) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// Test the case when a packet is received from the past and future packet
// numbers are still calculated relative to the largest received packet.
QuicPacketHeader header;
@@ -1378,7 +1358,6 @@
}
TEST_P(QuicFramerTest, PacketWithDiversificationNonce) {
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
// clang-format off
unsigned char packet[] = {
// public flags: includes nonce flag
@@ -1548,7 +1527,6 @@
}
TEST_P(QuicFramerTest, PaddingFrame) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[] = {
// public flags (8 byte connection_id)
@@ -1693,7 +1671,6 @@
}
TEST_P(QuicFramerTest, StreamFrame) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -1850,7 +1827,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// type (short header, 4 byte packet number)
@@ -1904,18 +1880,11 @@
return;
}
QuicFramerPeer::SetPerspective(&framer_, Perspective::IS_CLIENT);
+ framer_.SetDecrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
decrypter_ = new test::TestDecrypter();
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_INITIAL, QuicMakeUnique<NullDecrypter>(
- Perspective::IS_CLIENT));
- framer_.InstallDecrypter(ENCRYPTION_ZERO_RTT,
- std::unique_ptr<QuicDecrypter>(decrypter_));
- } else {
- framer_.SetDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
- framer_.SetAlternativeDecrypter(
- ENCRYPTION_ZERO_RTT, std::unique_ptr<QuicDecrypter>(decrypter_), false);
- }
+ framer_.SetAlternativeDecrypter(
+ ENCRYPTION_ZERO_RTT, std::unique_ptr<QuicDecrypter>(decrypter_), false);
// clang-format off
unsigned char packet[] = {
@@ -2060,7 +2029,6 @@
}
TEST_P(QuicFramerTest, StreamFrame2ByteStreamId) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -2212,7 +2180,6 @@
}
TEST_P(QuicFramerTest, StreamFrame1ByteStreamId) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -2364,7 +2331,6 @@
}
TEST_P(QuicFramerTest, StreamFrameWithVersion) {
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
// clang-format off
PacketFragments packet = {
// public flags (version, 8 byte connection_id)
@@ -2554,7 +2520,6 @@
}
TEST_P(QuicFramerTest, RejectPacket) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
visitor_.accept_packet_ = false;
// clang-format off
@@ -2700,7 +2665,6 @@
}
TEST_P(QuicFramerTest, AckFrameOneAckBlock) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -2852,7 +2816,6 @@
// and handles the case where the first ack block is larger than the
// largest_acked packet.
TEST_P(QuicFramerTest, FirstAckFrameUnderflow) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -2987,7 +2950,6 @@
// for now, only v99
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -3045,7 +3007,6 @@
// for now, only v99
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -3101,7 +3062,6 @@
// for now, only v99
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -3151,7 +3111,6 @@
// for now, only v99
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -3200,7 +3159,6 @@
// for now, only v99
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -3399,7 +3357,6 @@
}
TEST_P(QuicFramerTest, AckFrameOneAckBlockMaxLength) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -3542,7 +3499,6 @@
// Tests ability to handle multiple ackblocks after the first ack
// block. Non-version-99 tests include multiple timestamps as well.
TEST_P(QuicFramerTest, AckFrameTwoTimeStampsMultipleAckBlocks) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -4176,7 +4132,6 @@
}
TEST_P(QuicFramerTest, RstStreamFrame) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -4302,7 +4257,6 @@
}
TEST_P(QuicFramerTest, ConnectionCloseFrame) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -4455,7 +4409,6 @@
// This frame does not exist in versions other than 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -4731,7 +4684,6 @@
// This frame is available only in version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -4775,7 +4727,6 @@
// This frame available only in version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -4817,7 +4768,6 @@
}
TEST_P(QuicFramerTest, BlockedFrame) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// public flags (8 byte connection_id)
@@ -4927,7 +4877,6 @@
}
TEST_P(QuicFramerTest, PingFrame) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[] = {
// public flags (8 byte connection_id)
@@ -5011,7 +4960,6 @@
if (framer_.transport_version() <= QUIC_VERSION_44) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet45 = {
// type (short header, 4 byte packet number)
@@ -5314,18 +5262,11 @@
return;
}
QuicFramerPeer::SetPerspective(&framer_, Perspective::IS_CLIENT);
+ framer_.SetDecrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
decrypter_ = new test::TestDecrypter();
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_INITIAL, QuicMakeUnique<NullDecrypter>(
- Perspective::IS_CLIENT));
- framer_.InstallDecrypter(ENCRYPTION_ZERO_RTT,
- std::unique_ptr<QuicDecrypter>(decrypter_));
- } else {
- framer_.SetDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
- framer_.SetAlternativeDecrypter(
- ENCRYPTION_ZERO_RTT, std::unique_ptr<QuicDecrypter>(decrypter_), false);
- }
+ framer_.SetAlternativeDecrypter(
+ ENCRYPTION_ZERO_RTT, std::unique_ptr<QuicDecrypter>(decrypter_), false);
// This packet cannot be decrypted because diversification nonce is missing.
QuicEncryptedPacket encrypted(AsChars(packet), QUIC_ARRAYSIZE(packet), false);
EXPECT_TRUE(framer_.ProcessPacket(encrypted));
@@ -5351,18 +5292,11 @@
return;
}
QuicFramerPeer::SetPerspective(&framer_, Perspective::IS_CLIENT);
+ framer_.SetDecrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
decrypter_ = new test::TestDecrypter();
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_INITIAL, QuicMakeUnique<NullDecrypter>(
- Perspective::IS_CLIENT));
- framer_.InstallDecrypter(ENCRYPTION_ZERO_RTT,
- std::unique_ptr<QuicDecrypter>(decrypter_));
- } else {
- framer_.SetDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_CLIENT));
- framer_.SetAlternativeDecrypter(
- ENCRYPTION_ZERO_RTT, std::unique_ptr<QuicDecrypter>(decrypter_), false);
- }
+ framer_.SetAlternativeDecrypter(
+ ENCRYPTION_ZERO_RTT, std::unique_ptr<QuicDecrypter>(decrypter_), false);
// This packet cannot be decrypted because diversification nonce is missing.
QuicEncryptedPacket encrypted(AsChars(packet), QUIC_ARRAYSIZE(packet), false);
EXPECT_FALSE(framer_.ProcessPacket(encrypted));
@@ -6268,7 +6202,6 @@
// CRYPTO frames aren't supported prior to v46.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
@@ -9520,7 +9453,6 @@
}
TEST_P(QuicFramerTest, StopPacketProcessing) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[] = {
// public flags (8 byte connection_id)
@@ -9715,14 +9647,10 @@
TEST_P(QuicFramerTest, ConstructEncryptedPacket) {
// Since we are using ConstructEncryptedPacket, we have to set the framer's
// crypto to be Null.
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(framer_.perspective()));
- } else {
- framer_.SetDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<NullDecrypter>(framer_.perspective()));
- }
+ framer_.SetDecrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<NullDecrypter>(framer_.perspective()));
+ framer_.SetEncrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<NullEncrypter>(framer_.perspective()));
ParsedQuicVersionVector versions;
versions.push_back(framer_.version());
std::unique_ptr<QuicEncryptedPacket> packet(ConstructEncryptedPacket(
@@ -9757,16 +9685,10 @@
// Verify that the packet returned by ConstructMisFramedEncryptedPacket()
// does cause the framer to return an error.
TEST_P(QuicFramerTest, ConstructMisFramedEncryptedPacket) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// Since we are using ConstructEncryptedPacket, we have to set the framer's
// crypto to be Null.
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_INITIAL, QuicMakeUnique<NullDecrypter>(
- framer_.perspective()));
- } else {
- framer_.SetDecrypter(ENCRYPTION_INITIAL,
- QuicMakeUnique<NullDecrypter>(framer_.perspective()));
- }
+ framer_.SetDecrypter(ENCRYPTION_INITIAL,
+ QuicMakeUnique<NullDecrypter>(framer_.perspective()));
framer_.SetEncrypter(ENCRYPTION_INITIAL,
QuicMakeUnique<NullEncrypter>(framer_.perspective()));
ParsedQuicVersionVector versions;
@@ -9939,7 +9861,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10022,7 +9943,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10110,7 +10030,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10158,7 +10077,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10209,7 +10127,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10258,7 +10175,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10312,7 +10228,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -10356,7 +10271,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -10406,7 +10320,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -10451,7 +10364,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -10499,7 +10411,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -10529,7 +10440,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10582,7 +10492,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10630,7 +10539,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10679,7 +10587,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -10731,7 +10638,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -10766,7 +10672,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet99[] = {
@@ -11166,7 +11071,6 @@
// This frame is only for version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -11222,7 +11126,6 @@
// This frame is only for version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -11280,7 +11183,6 @@
// The NEW_CONNECTION_ID frame is only for version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -11373,7 +11275,6 @@
// This frame is only for version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// type (short header, 4 byte packet number)
@@ -11466,7 +11367,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -11554,7 +11454,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -11637,7 +11536,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
@@ -11804,7 +11702,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// type (short header, 4 byte packet number)
@@ -11836,7 +11733,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
@@ -11869,7 +11765,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
@@ -11902,7 +11797,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// type (short header, 4 byte packet number)
@@ -11938,7 +11832,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
@@ -11971,7 +11864,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
@@ -12004,7 +11896,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet = {
// type (short header, 4 byte packet number)
@@ -12040,7 +11931,6 @@
if (framer_.transport_version() != QUIC_VERSION_99) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packets[] = {
@@ -12441,7 +12331,6 @@
// This frame is only for version 99.
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
PacketFragments packet99 = {
// type (short header, 4 byte packet number)
@@ -12522,7 +12411,6 @@
}
TEST_P(QuicFramerTest, AckFrameWithInvalidLargestObserved) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[] = {
// public flags (8 byte connection_id)
@@ -12623,7 +12511,6 @@
}
TEST_P(QuicFramerTest, FirstAckBlockJustUnderFlow) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[] = {
// public flags (8 byte connection_id)
@@ -12726,7 +12613,6 @@
}
TEST_P(QuicFramerTest, ThirdAckBlockJustUnderflow) {
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char packet[] = {
// public flags (8 byte connection_id)
@@ -12875,7 +12761,6 @@
if (!QuicVersionHasLongHeaderLengths(framer_.transport_version())) {
return;
}
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
// clang-format off
unsigned char packet[] = {
// first coalesced packet
@@ -12970,7 +12855,6 @@
if (!QuicVersionHasLongHeaderLengths(framer_.transport_version())) {
return;
}
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
// clang-format off
unsigned char packet[] = {
// first coalesced packet
@@ -13053,7 +12937,6 @@
if (!QuicVersionHasLongHeaderLengths(framer_.transport_version())) {
return;
}
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
// clang-format off
unsigned char packet[] = {
// first coalesced packet
@@ -13114,7 +12997,6 @@
if (framer_.transport_version() < QUIC_VERSION_46) {
return;
}
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
char connection_id_bytes[9] = {0xFE, 0xDC, 0xBA, 0x98, 0x76,
0x54, 0x32, 0x10, 0x42};
QuicConnectionId connection_id(connection_id_bytes,
@@ -13155,7 +13037,6 @@
if (framer_.transport_version() < QUIC_VERSION_46) {
return;
}
- SetDecrypterLevel(ENCRYPTION_ZERO_RTT);
framer_.SetShouldUpdateExpectedConnectionIdLength(true);
// clang-format off
@@ -13210,7 +13091,6 @@
EXPECT_EQ(visitor_.header_.get()->packet_number,
QuicPacketNumber(UINT64_C(0x12345678)));
- SetDecrypterLevel(ENCRYPTION_FORWARD_SECURE);
// clang-format off
unsigned char short_header_packet[] = {
// type (short header, 4 byte packet number)
@@ -13278,13 +13158,7 @@
};
// clang-format on
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<TestDecrypter>());
- framer_.RemoveDecrypter(ENCRYPTION_INITIAL);
- } else {
- framer_.SetDecrypter(ENCRYPTION_ZERO_RTT, QuicMakeUnique<TestDecrypter>());
- }
+ framer_.SetDecrypter(ENCRYPTION_ZERO_RTT, QuicMakeUnique<TestDecrypter>());
if (!QuicVersionHasLongHeaderLengths(framer_.transport_version())) {
EXPECT_TRUE(framer_.ProcessPacket(
QuicEncryptedPacket(AsChars(long_header_packet),
@@ -13320,14 +13194,8 @@
QuicEncryptedPacket short_header_encrypted(
AsChars(short_header_packet), QUIC_ARRAYSIZE(short_header_packet), false);
- if (framer_.version().KnowsWhichDecrypterToUse()) {
- framer_.InstallDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<TestDecrypter>());
- framer_.RemoveDecrypter(ENCRYPTION_ZERO_RTT);
- } else {
- framer_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<TestDecrypter>());
- }
+ framer_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
+ QuicMakeUnique<TestDecrypter>());
EXPECT_TRUE(framer_.ProcessPacket(short_header_encrypted));
EXPECT_EQ(QUIC_NO_ERROR, framer_.error());
diff --git a/quic/core/quic_packet_creator_test.cc b/quic/core/quic_packet_creator_test.cc
index 56381ea..d463846 100644
--- a/quic/core/quic_packet_creator_test.cc
+++ b/quic/core/quic_packet_creator_test.cc
@@ -9,7 +9,6 @@
#include <ostream>
#include <string>
-#include "net/third_party/quiche/src/quic/core/crypto/null_decrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/null_encrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/quic_decrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/quic_encrypter.h"
@@ -165,17 +164,6 @@
client_framer_.set_visitor(&framer_visitor_);
server_framer_.set_visitor(&framer_visitor_);
client_framer_.set_data_producer(&producer_);
- if (server_framer_.version().KnowsWhichDecrypterToUse()) {
- server_framer_.InstallDecrypter(
- ENCRYPTION_ZERO_RTT,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_SERVER));
- server_framer_.InstallDecrypter(
- ENCRYPTION_HANDSHAKE,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_SERVER));
- server_framer_.InstallDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_SERVER));
- }
}
~QuicPacketCreatorTest() override {
diff --git a/quic/core/quic_packet_generator_test.cc b/quic/core/quic_packet_generator_test.cc
index 466d96b..9edddfc 100644
--- a/quic/core/quic_packet_generator_test.cc
+++ b/quic/core/quic_packet_generator_test.cc
@@ -9,7 +9,6 @@
#include <string>
#include "net/third_party/quiche/src/quic/core/crypto/crypto_protocol.h"
-#include "net/third_party/quiche/src/quic/core/crypto/null_decrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/null_encrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/quic_decrypter.h"
#include "net/third_party/quiche/src/quic/core/crypto/quic_encrypter.h"
@@ -216,11 +215,6 @@
QuicMakeUnique<NullEncrypter>(Perspective::IS_CLIENT));
creator_->set_encryption_level(ENCRYPTION_FORWARD_SECURE);
framer_.set_data_producer(&producer_);
- if (simple_framer_.framer()->version().KnowsWhichDecrypterToUse()) {
- simple_framer_.framer()->InstallDecrypter(
- ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(Perspective::IS_SERVER));
- }
generator_.AttachPacketFlusher();
}
diff --git a/quic/core/quic_versions.cc b/quic/core/quic_versions.cc
index ef2657c..fa9f640 100644
--- a/quic/core/quic_versions.cc
+++ b/quic/core/quic_versions.cc
@@ -37,11 +37,6 @@
}
}
-bool ParsedQuicVersion::KnowsWhichDecrypterToUse() const {
- return transport_version == QUIC_VERSION_99 ||
- handshake_protocol == PROTOCOL_TLS1_3;
-}
-
std::ostream& operator<<(std::ostream& os, const ParsedQuicVersion& version) {
os << ParsedQuicVersionToString(version);
return os;
diff --git a/quic/core/quic_versions.h b/quic/core/quic_versions.h
index 160adeb..cc780b4 100644
--- a/quic/core/quic_versions.h
+++ b/quic/core/quic_versions.h
@@ -145,8 +145,6 @@
return handshake_protocol != other.handshake_protocol ||
transport_version != other.transport_version;
}
-
- bool KnowsWhichDecrypterToUse() const;
};
QUIC_EXPORT_PRIVATE ParsedQuicVersion UnsupportedQuicVersion();
diff --git a/quic/core/tls_client_handshaker.cc b/quic/core/tls_client_handshaker.cc
index 932d537..5081a48 100644
--- a/quic/core/tls_client_handshaker.cc
+++ b/quic/core/tls_client_handshaker.cc
@@ -73,8 +73,8 @@
session()->connection_id(), &crypters);
session()->connection()->SetEncrypter(ENCRYPTION_INITIAL,
std::move(crypters.encrypter));
- session()->connection()->InstallDecrypter(ENCRYPTION_INITIAL,
- std::move(crypters.decrypter));
+ session()->connection()->SetDecrypter(ENCRYPTION_INITIAL,
+ std::move(crypters.decrypter));
state_ = STATE_HANDSHAKE_RUNNING;
// Configure certificate verification.
// TODO(nharper): This only verifies certs on initial connection, not on
diff --git a/quic/core/tls_handshaker.cc b/quic/core/tls_handshaker.cc
index 3a45f36..c6394b8 100644
--- a/quic/core/tls_handshaker.cc
+++ b/quic/core/tls_handshaker.cc
@@ -205,8 +205,22 @@
const std::vector<uint8_t>& write_secret) {
std::unique_ptr<QuicEncrypter> encrypter = CreateEncrypter(write_secret);
session()->connection()->SetEncrypter(level, std::move(encrypter));
- std::unique_ptr<QuicDecrypter> decrypter = CreateDecrypter(read_secret);
- session()->connection()->InstallDecrypter(level, std::move(decrypter));
+ if (level != ENCRYPTION_FORWARD_SECURE) {
+ std::unique_ptr<QuicDecrypter> decrypter = CreateDecrypter(read_secret);
+ session()->connection()->SetDecrypter(level, std::move(decrypter));
+ } else {
+ // When forward-secure read keys are available, they get set as the
+ // alternative decrypter instead of the primary decrypter. One reason for
+ // this is that after the forward secure keys become available, the server
+ // still has crypto handshake messages to read at the handshake encryption
+ // level, meaning that both the ENCRYPTION_ZERO_RTT and
+ // ENCRYPTION_FORWARD_SECURE decrypters need to be available. (Tests also
+ // assume that an alternative decrypter gets set, so at some point we need
+ // to call SetAlternativeDecrypter.)
+ std::unique_ptr<QuicDecrypter> decrypter = CreateDecrypter(read_secret);
+ session()->connection()->SetAlternativeDecrypter(
+ level, std::move(decrypter), /*latch_once_used*/ true);
+ }
}
void TlsHandshaker::WriteMessage(EncryptionLevel level, QuicStringPiece data) {
diff --git a/quic/core/tls_server_handshaker.cc b/quic/core/tls_server_handshaker.cc
index 15b2c82..96e1802 100644
--- a/quic/core/tls_server_handshaker.cc
+++ b/quic/core/tls_server_handshaker.cc
@@ -69,8 +69,8 @@
session->connection_id(), &crypters);
session->connection()->SetEncrypter(ENCRYPTION_INITIAL,
std::move(crypters.encrypter));
- session->connection()->InstallDecrypter(ENCRYPTION_INITIAL,
- std::move(crypters.decrypter));
+ session->connection()->SetDecrypter(ENCRYPTION_INITIAL,
+ std::move(crypters.decrypter));
// Configure the SSL to be a server.
SSL_set_accept_state(ssl());
diff --git a/quic/test_tools/crypto_test_utils.cc b/quic/test_tools/crypto_test_utils.cc
index 63154b9..af33d4e 100644
--- a/quic/test_tools/crypto_test_utils.cc
+++ b/quic/test_tools/crypto_test_utils.cc
@@ -749,11 +749,6 @@
void CompareCrypters(const QuicEncrypter* encrypter,
const QuicDecrypter* decrypter,
std::string label) {
- if (encrypter == nullptr || decrypter == nullptr) {
- ADD_FAILURE() << "Expected non-null crypters; have " << encrypter << " and "
- << decrypter;
- return;
- }
QuicStringPiece encrypter_key = encrypter->GetKey();
QuicStringPiece encrypter_iv = encrypter->GetNoncePrefix();
QuicStringPiece decrypter_key = decrypter->GetKey();
diff --git a/quic/test_tools/quic_test_utils.cc b/quic/test_tools/quic_test_utils.cc
index b6d285d..e5988e0 100644
--- a/quic/test_tools/quic_test_utils.cc
+++ b/quic/test_tools/quic_test_utils.cc
@@ -923,11 +923,6 @@
header.reset_flag = reset_flag;
header.packet_number_length = packet_number_length;
header.packet_number = QuicPacketNumber(packet_number);
- if (QuicVersionHasLongHeaderLengths((*versions)[0].transport_version) &&
- version_flag) {
- header.retry_token_length_length = VARIABLE_LENGTH_INTEGER_LENGTH_1;
- header.length_length = VARIABLE_LENGTH_INTEGER_LENGTH_2;
- }
QuicFrame frame(QuicStreamFrame(1, false, 0, QuicStringPiece(data)));
QuicFrames frames;
frames.push_back(frame);
@@ -946,7 +941,8 @@
GetIncludedDestinationConnectionIdLength(header),
GetIncludedSourceConnectionIdLength(header), version_flag,
false /* no diversification nonce */, packet_number_length,
- header.retry_token_length_length, 0, header.length_length)] = 0x1F;
+ VARIABLE_LENGTH_INTEGER_LENGTH_0, 0, VARIABLE_LENGTH_INTEGER_LENGTH_0)] =
+ 0x1F;
char* buffer = new char[kMaxOutgoingPacketSize];
size_t encrypted_length =
diff --git a/quic/test_tools/simulator/quic_endpoint.cc b/quic/test_tools/simulator/quic_endpoint.cc
index 9e5c3fa..1072724 100644
--- a/quic/test_tools/simulator/quic_endpoint.cc
+++ b/quic/test_tools/simulator/quic_endpoint.cc
@@ -86,14 +86,8 @@
connection_.set_visitor(this);
connection_.SetEncrypter(ENCRYPTION_FORWARD_SECURE,
QuicMakeUnique<NullEncrypter>(perspective));
- if (connection_.version().KnowsWhichDecrypterToUse()) {
- connection_.InstallDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(perspective));
- connection_.RemoveDecrypter(ENCRYPTION_INITIAL);
- } else {
- connection_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
- QuicMakeUnique<NullDecrypter>(perspective));
- }
+ connection_.SetDecrypter(ENCRYPTION_FORWARD_SECURE,
+ QuicMakeUnique<NullDecrypter>(perspective));
connection_.SetDefaultEncryptionLevel(ENCRYPTION_FORWARD_SECURE);
if (perspective == Perspective::IS_SERVER) {
// Skip version negotiation.
