Deprecate --gfe2_reloadable_flag_quic_heapless_obfuscator. PiperOrigin-RevId: 775248475
diff --git a/quiche/common/quiche_feature_flags_list.h b/quiche/common/quiche_feature_flags_list.h index 07f1045..9d27ee1 100755 --- a/quiche/common/quiche_feature_flags_list.h +++ b/quiche/common/quiche_feature_flags_list.h
@@ -39,7 +39,6 @@ QUICHE_FLAG(bool, quiche_reloadable_flag_quic_fin_before_completed_http_headers, false, true, "If true, close the connection with error if FIN is received before finish receiving the whole HTTP headers.") QUICHE_FLAG(bool, quiche_reloadable_flag_quic_fix_timeouts, true, true, "If true, postpone setting handshake timeout to infinite to handshake complete.") QUICHE_FLAG(bool, quiche_reloadable_flag_quic_heapless_key_derivation, false, true, "If true, QUIC key derivation uses heapless crypto utils.") -QUICHE_FLAG(bool, quiche_reloadable_flag_quic_heapless_obfuscator, true, true, "If true, generates QUIC initial obfuscators with no heap allocations.") QUICHE_FLAG(bool, quiche_reloadable_flag_quic_heapless_static_parser, true, true, "If true, stops parsing immediately on unknown version, to avoid a potential malloc when parsing the connection ID") QUICHE_FLAG(bool, quiche_reloadable_flag_quic_ignore_gquic_probing, true, true, "If true, QUIC server will not respond to gQUIC probing packet(PING + PADDING) but treat it as a regular packet.") QUICHE_FLAG(bool, quiche_reloadable_flag_quic_least_unacked_plus_1, false, false, "If true, sets peer_least_packet_awaiting_ack to one more than the highest confirmed acknowledgment to fix an off-by-one error.")
diff --git a/quiche/quic/core/crypto/crypto_utils.cc b/quiche/quic/core/crypto/crypto_utils.cc index 8aecaef..8c5aec5 100644 --- a/quiche/quic/core/crypto/crypto_utils.cc +++ b/quiche/quic/core/crypto/crypto_utils.cc
@@ -68,7 +68,6 @@ // |out_len|, respectively. The resulting expanded secret is returned. bool HkdfExpandLabel(const EVP_MD* prf, absl::Span<const uint8_t> secret, absl::string_view label, absl::Span<uint8_t> out) { - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 2, 7); constexpr absl::string_view kLabelPrefix = "tls13 "; constexpr size_t kMaxLabelLength = 10; // "quicv2 key" is the longest QUICHE_DCHECK_LE(label.length(), kMaxLabelLength); @@ -147,7 +146,6 @@ absl::string_view GetLabelForVersion(const ParsedQuicVersion& version, absl::string_view predicate, absl::Span<char> out) { - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 3, 7); static_assert(SupportedVersions().size() == 4u, "Supported versions out of sync with HKDF labels"); QuicDataWriter writer(out.size(), out.data()); @@ -183,7 +181,6 @@ absl::Span<const uint8_t> pp_secret, const ParsedQuicVersion& version, QuicCrypter* crypter) { - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 4, 7); SetKeyAndIVHeapless(prf, pp_secret, version, crypter); uint8_t header_protection_key[kMaxKeySize]; QUIC_BUG_IF(quic_bug_hp_length_mismatch, @@ -217,7 +214,6 @@ absl::Span<const uint8_t> pp_secret, const ParsedQuicVersion& version, QuicCrypter* crypter) { - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 5, 7); uint8_t key[kMaxKeySize]; QUIC_BUG_IF(quic_bug_key_length_mismatch, crypter->GetKeySize() > sizeof(key)) << "Key length does not match crypter"; @@ -267,7 +263,6 @@ bool CryptoUtils::GenerateHeaderProtectionKey( const EVP_MD* prf, absl::Span<const uint8_t> pp_secret, const ParsedQuicVersion& version, absl::Span<uint8_t> out) { - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 6, 7); char version_label_raw[kMaxVersionLabelLength]; constexpr absl::string_view kHeaderProtectionPredicate = "hp"; absl::string_view version_label = GetLabelForVersion( @@ -291,7 +286,6 @@ bool CryptoUtils::GenerateNextKeyPhaseSecret( const EVP_MD* prf, const ParsedQuicVersion& version, const absl::Span<const uint8_t> current_secret, absl::Span<uint8_t> out) { - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 7, 7); char version_label_raw[kMaxVersionLabelLength]; constexpr absl::string_view kKeyUpdatePredicate = "ku"; absl::string_view version_label = GetLabelForVersion( @@ -497,16 +491,15 @@ } // static -void CryptoUtils::CreateInitialObfuscatorsNew(Perspective perspective, - ParsedQuicVersion version, - QuicConnectionId connection_id, - CrypterPair* crypters) { +void CryptoUtils::CreateInitialObfuscators(Perspective perspective, + ParsedQuicVersion version, + QuicConnectionId connection_id, + CrypterPair* crypters) { if (!version.UsesInitialObfuscators()) { crypters->encrypter = std::make_unique<NullEncrypter>(perspective); crypters->decrypter = std::make_unique<NullDecrypter>(perspective); return; } - QUIC_RELOADABLE_FLAG_COUNT_N(quic_heapless_obfuscator, 1, 7); crypters->encrypter = std::make_unique<Aes128GcmEncrypter>(); crypters->decrypter = std::make_unique<Aes128GcmDecrypter>(); @@ -514,66 +507,6 @@ crypters->encrypter.get(), crypters->decrypter.get()); } -// static -void CryptoUtils::CreateInitialObfuscators(Perspective perspective, - ParsedQuicVersion version, - QuicConnectionId connection_id, - CrypterPair* crypters) { - if (GetQuicReloadableFlag(quic_heapless_obfuscator)) { - CreateInitialObfuscatorsNew(perspective, version, connection_id, crypters); - return; - } - QUIC_DLOG(INFO) << "Creating " - << (perspective == Perspective::IS_CLIENT ? "client" - : "server") - << " crypters for version " << version << " with CID " - << connection_id; - if (!version.UsesInitialObfuscators()) { - crypters->encrypter = std::make_unique<NullEncrypter>(perspective); - crypters->decrypter = std::make_unique<NullDecrypter>(perspective); - return; - } - QUIC_BUG_IF(quic_bug_12871_1, !QuicUtils::IsConnectionIdValidForVersion( - connection_id, version.transport_version)) - << "CreateTlsInitialCrypters: attempted to use connection ID " - << connection_id << " which is invalid with version " << version; - const EVP_MD* hash = EVP_sha256(); - - size_t salt_len; - const uint8_t* salt = InitialSaltForVersion(version, &salt_len); - std::vector<uint8_t> handshake_secret; - handshake_secret.resize(EVP_MAX_MD_SIZE); - size_t handshake_secret_len; - const bool hkdf_extract_success = - HKDF_extract(handshake_secret.data(), &handshake_secret_len, hash, - reinterpret_cast<const uint8_t*>(connection_id.data()), - connection_id.length(), salt, salt_len); - QUIC_BUG_IF(quic_bug_12871_2, !hkdf_extract_success) - << "HKDF_extract failed when creating initial crypters"; - handshake_secret.resize(handshake_secret_len); - - const std::string client_label = "client in"; - const std::string server_label = "server in"; - std::string encryption_label, decryption_label; - if (perspective == Perspective::IS_CLIENT) { - encryption_label = client_label; - decryption_label = server_label; - } else { - encryption_label = server_label; - decryption_label = client_label; - } - std::vector<uint8_t> encryption_secret = HkdfExpandLabel( - hash, handshake_secret, encryption_label, EVP_MD_size(hash)); - crypters->encrypter = std::make_unique<Aes128GcmEncrypter>(); - InitializeCrypterSecrets(hash, encryption_secret, version, - crypters->encrypter.get()); - - std::vector<uint8_t> decryption_secret = HkdfExpandLabel( - hash, handshake_secret, decryption_label, EVP_MD_size(hash)); - crypters->decrypter = std::make_unique<Aes128GcmDecrypter>(); - InitializeCrypterSecrets(hash, decryption_secret, version, - crypters->decrypter.get()); -} // static bool CryptoUtils::ValidateRetryIntegrityTag(
diff --git a/quiche/quic/core/crypto/crypto_utils.h b/quiche/quic/core/crypto/crypto_utils.h index f1541ab..cd1a438 100644 --- a/quiche/quic/core/crypto/crypto_utils.h +++ b/quiche/quic/core/crypto/crypto_utils.h
@@ -147,10 +147,6 @@ // as setting the key and IV on those crypters. For older versions of QUIC // that do not use the new IETF style ENCRYPTION_INITIAL obfuscators, this // function puts a NullEncrypter and NullDecrypter in |*crypters|. - static void CreateInitialObfuscatorsNew(Perspective perspective, - ParsedQuicVersion version, - QuicConnectionId connection_id, - CrypterPair* crypters); static void CreateInitialObfuscators(Perspective perspective, ParsedQuicVersion version, QuicConnectionId connection_id,
diff --git a/quiche/quic/core/crypto/crypto_utils_test.cc b/quiche/quic/core/crypto/crypto_utils_test.cc index 39862b7..c3fe45a 100644 --- a/quiche/quic/core/crypto/crypto_utils_test.cc +++ b/quiche/quic/core/crypto/crypto_utils_test.cc
@@ -177,97 +177,7 @@ // Test that the library is using the correct labels for each version, and // therefore generating correct obfuscators, using the test vectors in appendix // A of each RFC or internet-draft. -TEST_F(CryptoUtilsTest, ValidateCryptoLabelsHeapless) { - SetQuicReloadableFlag(quic_heapless_obfuscator, true); - // if the number of HTTP/3 QUIC versions has changed, we need to change the - // expected_keys hardcoded into this test. Regrettably, this is not a - // compile-time constant. - EXPECT_EQ(AllSupportedVersionsWithTls().size(), 3u); - const char draft_29_key[] = {// test vector from draft-ietf-quic-tls-29, A.1 - 0x14, - static_cast<char>(0x9d), - 0x0b, - 0x16, - 0x62, - static_cast<char>(0xab), - static_cast<char>(0x87), - 0x1f, - static_cast<char>(0xbe), - 0x63, - static_cast<char>(0xc4), - static_cast<char>(0x9b), - 0x5e, - 0x65, - 0x5a, - 0x5d}; - const char v1_key[] = {// test vector from RFC 9001, A.1 - static_cast<char>(0xcf), - 0x3a, - 0x53, - 0x31, - 0x65, - 0x3c, - 0x36, - 0x4c, - static_cast<char>(0x88), - static_cast<char>(0xf0), - static_cast<char>(0xf3), - 0x79, - static_cast<char>(0xb6), - 0x06, - 0x7e, - 0x37}; - const char v2_08_key[] = {// test vector from draft-ietf-quic-v2-08 - static_cast<char>(0x82), - static_cast<char>(0xdb), - static_cast<char>(0x63), - static_cast<char>(0x78), - static_cast<char>(0x61), - static_cast<char>(0xd5), - static_cast<char>(0x5e), - 0x1d, - static_cast<char>(0x01), - static_cast<char>(0x1f), - 0x19, - static_cast<char>(0xea), - 0x71, - static_cast<char>(0xd5), - static_cast<char>(0xd2), - static_cast<char>(0xa7)}; - const char connection_id[] = // test vector from both docs - {static_cast<char>(0x83), - static_cast<char>(0x94), - static_cast<char>(0xc8), - static_cast<char>(0xf0), - 0x3e, - 0x51, - 0x57, - 0x08}; - const QuicConnectionId cid(connection_id, sizeof(connection_id)); - const char* key_str; - size_t key_size; - for (const ParsedQuicVersion& version : AllSupportedVersionsWithTls()) { - if (version == ParsedQuicVersion::Draft29()) { - key_str = draft_29_key; - key_size = sizeof(draft_29_key); - } else if (version == ParsedQuicVersion::RFCv1()) { - key_str = v1_key; - key_size = sizeof(v1_key); - } else { // draft-ietf-quic-v2-01 - key_str = v2_08_key; - key_size = sizeof(v2_08_key); - } - const absl::string_view expected_key{key_str, key_size}; - - CrypterPair crypters; - CryptoUtils::CreateInitialObfuscators(Perspective::IS_SERVER, version, cid, - &crypters); - EXPECT_EQ(crypters.encrypter->GetKey(), expected_key); - } -} - -TEST_F(CryptoUtilsTest, ValidateCryptoLabelsHeap) { - SetQuicReloadableFlag(quic_heapless_obfuscator, false); +TEST_F(CryptoUtilsTest, ValidateCryptoLabels) { // if the number of HTTP/3 QUIC versions has changed, we need to change the // expected_keys hardcoded into this test. Regrettably, this is not a // compile-time constant.