Improve handling of crypters in CompareClientAndServerKeys
gfe-relnote: n/a (test-only)
PiperOrigin-RevId: 240383505
Change-Id: Iedebac7d79c041d8a7c628043ffb37b3037bf08b
diff --git a/quic/test_tools/crypto_test_utils.cc b/quic/test_tools/crypto_test_utils.cc
index 66692bd..af33d4e 100644
--- a/quic/test_tools/crypto_test_utils.cc
+++ b/quic/test_tools/crypto_test_utils.cc
@@ -729,121 +729,93 @@
rej->SetVector(kRREJ, reject_reasons);
}
+namespace {
+
+#define RETURN_STRING_LITERAL(x) \
+ case x: \
+ return #x
+
+std::string EncryptionLevelString(EncryptionLevel level) {
+ switch (level) {
+ RETURN_STRING_LITERAL(ENCRYPTION_INITIAL);
+ RETURN_STRING_LITERAL(ENCRYPTION_HANDSHAKE);
+ RETURN_STRING_LITERAL(ENCRYPTION_ZERO_RTT);
+ RETURN_STRING_LITERAL(ENCRYPTION_FORWARD_SECURE);
+ default:
+ return "";
+ }
+}
+
+void CompareCrypters(const QuicEncrypter* encrypter,
+ const QuicDecrypter* decrypter,
+ std::string label) {
+ QuicStringPiece encrypter_key = encrypter->GetKey();
+ QuicStringPiece encrypter_iv = encrypter->GetNoncePrefix();
+ QuicStringPiece decrypter_key = decrypter->GetKey();
+ QuicStringPiece decrypter_iv = decrypter->GetNoncePrefix();
+ CompareCharArraysWithHexError(label + " key", encrypter_key.data(),
+ encrypter_key.length(), decrypter_key.data(),
+ decrypter_key.length());
+ CompareCharArraysWithHexError(label + " iv", encrypter_iv.data(),
+ encrypter_iv.length(), decrypter_iv.data(),
+ decrypter_iv.length());
+}
+
+} // namespace
+
void CompareClientAndServerKeys(QuicCryptoClientStream* client,
QuicCryptoServerStream* server) {
QuicFramer* client_framer = QuicConnectionPeer::GetFramer(
QuicStreamPeer::session(client)->connection());
QuicFramer* server_framer = QuicConnectionPeer::GetFramer(
QuicStreamPeer::session(server)->connection());
- const QuicEncrypter* client_encrypter(
- QuicFramerPeer::GetEncrypter(client_framer, ENCRYPTION_ZERO_RTT));
- const QuicDecrypter* client_decrypter(
- QuicStreamPeer::session(client)->connection()->decrypter());
- const QuicEncrypter* client_forward_secure_encrypter(
- QuicFramerPeer::GetEncrypter(client_framer, ENCRYPTION_FORWARD_SECURE));
- const QuicDecrypter* client_forward_secure_decrypter(
- QuicStreamPeer::session(client)->connection()->alternative_decrypter());
- const QuicEncrypter* server_encrypter(
- QuicFramerPeer::GetEncrypter(server_framer, ENCRYPTION_ZERO_RTT));
- const QuicDecrypter* server_decrypter(
- QuicStreamPeer::session(server)->connection()->decrypter());
- const QuicEncrypter* server_forward_secure_encrypter(
- QuicFramerPeer::GetEncrypter(server_framer, ENCRYPTION_FORWARD_SECURE));
- const QuicDecrypter* server_forward_secure_decrypter(
- QuicStreamPeer::session(server)->connection()->alternative_decrypter());
-
- QuicStringPiece client_encrypter_key = client_encrypter->GetKey();
- QuicStringPiece client_encrypter_iv = client_encrypter->GetNoncePrefix();
- QuicStringPiece client_decrypter_key = client_decrypter->GetKey();
- QuicStringPiece client_decrypter_iv = client_decrypter->GetNoncePrefix();
- QuicStringPiece client_forward_secure_encrypter_key =
- client_forward_secure_encrypter->GetKey();
- QuicStringPiece client_forward_secure_encrypter_iv =
- client_forward_secure_encrypter->GetNoncePrefix();
- QuicStringPiece client_forward_secure_decrypter_key =
- client_forward_secure_decrypter->GetKey();
- QuicStringPiece client_forward_secure_decrypter_iv =
- client_forward_secure_decrypter->GetNoncePrefix();
- QuicStringPiece server_encrypter_key = server_encrypter->GetKey();
- QuicStringPiece server_encrypter_iv = server_encrypter->GetNoncePrefix();
- QuicStringPiece server_decrypter_key = server_decrypter->GetKey();
- QuicStringPiece server_decrypter_iv = server_decrypter->GetNoncePrefix();
- QuicStringPiece server_forward_secure_encrypter_key =
- server_forward_secure_encrypter->GetKey();
- QuicStringPiece server_forward_secure_encrypter_iv =
- server_forward_secure_encrypter->GetNoncePrefix();
- QuicStringPiece server_forward_secure_decrypter_key =
- server_forward_secure_decrypter->GetKey();
- QuicStringPiece server_forward_secure_decrypter_iv =
- server_forward_secure_decrypter->GetNoncePrefix();
+ for (EncryptionLevel level :
+ {ENCRYPTION_HANDSHAKE, ENCRYPTION_ZERO_RTT, ENCRYPTION_FORWARD_SECURE}) {
+ SCOPED_TRACE(EncryptionLevelString(level));
+ const QuicEncrypter* client_encrypter(
+ QuicFramerPeer::GetEncrypter(client_framer, level));
+ const QuicDecrypter* server_decrypter(
+ QuicFramerPeer::GetDecrypter(server_framer, level));
+ if (level == ENCRYPTION_FORWARD_SECURE ||
+ !(client_encrypter == nullptr && server_decrypter == nullptr)) {
+ CompareCrypters(client_encrypter, server_decrypter,
+ "client " + EncryptionLevelString(level) + " write");
+ }
+ const QuicEncrypter* server_encrypter(
+ QuicFramerPeer::GetEncrypter(server_framer, level));
+ const QuicDecrypter* client_decrypter(
+ QuicFramerPeer::GetDecrypter(client_framer, level));
+ if (level == ENCRYPTION_FORWARD_SECURE ||
+ !(server_encrypter == nullptr && client_decrypter == nullptr)) {
+ CompareCrypters(server_encrypter, client_decrypter,
+ "server " + EncryptionLevelString(level) + " write");
+ }
+ }
QuicStringPiece client_subkey_secret =
client->crypto_negotiated_params().subkey_secret;
QuicStringPiece server_subkey_secret =
server->crypto_negotiated_params().subkey_secret;
+ CompareCharArraysWithHexError("subkey secret", client_subkey_secret.data(),
+ client_subkey_secret.length(),
+ server_subkey_secret.data(),
+ server_subkey_secret.length());
const char kSampleLabel[] = "label";
const char kSampleContext[] = "context";
const size_t kSampleOutputLength = 32;
std::string client_key_extraction;
std::string server_key_extraction;
- std::string client_tb_ekm;
- std::string server_tb_ekm;
EXPECT_TRUE(client->ExportKeyingMaterial(kSampleLabel, kSampleContext,
kSampleOutputLength,
&client_key_extraction));
EXPECT_TRUE(server->ExportKeyingMaterial(kSampleLabel, kSampleContext,
kSampleOutputLength,
&server_key_extraction));
-
- CompareCharArraysWithHexError("client write key", client_encrypter_key.data(),
- client_encrypter_key.length(),
- server_decrypter_key.data(),
- server_decrypter_key.length());
- CompareCharArraysWithHexError("client write IV", client_encrypter_iv.data(),
- client_encrypter_iv.length(),
- server_decrypter_iv.data(),
- server_decrypter_iv.length());
- CompareCharArraysWithHexError("server write key", server_encrypter_key.data(),
- server_encrypter_key.length(),
- client_decrypter_key.data(),
- client_decrypter_key.length());
- CompareCharArraysWithHexError("server write IV", server_encrypter_iv.data(),
- server_encrypter_iv.length(),
- client_decrypter_iv.data(),
- client_decrypter_iv.length());
- CompareCharArraysWithHexError("client forward secure write key",
- client_forward_secure_encrypter_key.data(),
- client_forward_secure_encrypter_key.length(),
- server_forward_secure_decrypter_key.data(),
- server_forward_secure_decrypter_key.length());
- CompareCharArraysWithHexError("client forward secure write IV",
- client_forward_secure_encrypter_iv.data(),
- client_forward_secure_encrypter_iv.length(),
- server_forward_secure_decrypter_iv.data(),
- server_forward_secure_decrypter_iv.length());
- CompareCharArraysWithHexError("server forward secure write key",
- server_forward_secure_encrypter_key.data(),
- server_forward_secure_encrypter_key.length(),
- client_forward_secure_decrypter_key.data(),
- client_forward_secure_decrypter_key.length());
- CompareCharArraysWithHexError("server forward secure write IV",
- server_forward_secure_encrypter_iv.data(),
- server_forward_secure_encrypter_iv.length(),
- client_forward_secure_decrypter_iv.data(),
- client_forward_secure_decrypter_iv.length());
- CompareCharArraysWithHexError("subkey secret", client_subkey_secret.data(),
- client_subkey_secret.length(),
- server_subkey_secret.data(),
- server_subkey_secret.length());
CompareCharArraysWithHexError(
"sample key extraction", client_key_extraction.data(),
client_key_extraction.length(), server_key_extraction.data(),
server_key_extraction.length());
-
- CompareCharArraysWithHexError("token binding key extraction",
- client_tb_ekm.data(), client_tb_ekm.length(),
- server_tb_ekm.data(), server_tb_ekm.length());
}
QuicTag ParseTag(const char* tagstr) {
diff --git a/quic/test_tools/quic_framer_peer.cc b/quic/test_tools/quic_framer_peer.cc
index 68c7d0e..5f8068e 100644
--- a/quic/test_tools/quic_framer_peer.cc
+++ b/quic/test_tools/quic_framer_peer.cc
@@ -329,6 +329,12 @@
}
// static
+QuicDecrypter* QuicFramerPeer::GetDecrypter(QuicFramer* framer,
+ EncryptionLevel level) {
+ return framer->decrypter_[level].get();
+}
+
+// static
size_t QuicFramerPeer::ComputeFrameLength(
QuicFramer* framer,
const QuicFrame& frame,
diff --git a/quic/test_tools/quic_framer_peer.h b/quic/test_tools/quic_framer_peer.h
index 6e34be2..e5c5e00 100644
--- a/quic/test_tools/quic_framer_peer.h
+++ b/quic/test_tools/quic_framer_peer.h
@@ -33,6 +33,7 @@
static void SwapCrypters(QuicFramer* framer1, QuicFramer* framer2);
static QuicEncrypter* GetEncrypter(QuicFramer* framer, EncryptionLevel level);
+ static QuicDecrypter* GetDecrypter(QuicFramer* framer, EncryptionLevel level);
// IETF defined frame append/process methods.
static bool ProcessIetfStreamFrame(QuicFramer* framer,
