Replace MockQUICTransport tags with record types.
They align exactly with TLS record types, so just use the existing
constants.
Change-Id: I693e7c740458cf73061e6b573eeb466d0fce93cc
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/44990
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/mock_quic_transport.cc b/ssl/test/mock_quic_transport.cc
index 45d664a..4b8bc30 100644
--- a/ssl/test/mock_quic_transport.cc
+++ b/ssl/test/mock_quic_transport.cc
@@ -19,14 +19,6 @@
#include <cstring>
#include <limits>
-namespace {
-
-const uint8_t kTagHandshake = 'H';
-const uint8_t kTagApplication = 'A';
-const uint8_t kTagAlert = 'L';
-
-} // namespace
-
MockQuicTransport::MockQuicTransport(bssl::UniquePtr<BIO> bio, SSL *ssl)
: bio_(std::move(bio)),
read_levels_(ssl_encryption_application + 1),
@@ -89,7 +81,7 @@
} // namespace
-bool MockQuicTransport::ReadHeader(uint8_t *out_tag,
+bool MockQuicTransport::ReadHeader(uint8_t *out_type,
enum ssl_encryption_level_t *out_level,
size_t *out_len) {
for (;;) {
@@ -105,7 +97,7 @@
uint16_t cipher_suite;
uint32_t remaining_bytes;
CBS_init(&cbs, header, sizeof(header));
- if (!CBS_get_u8(&cbs, out_tag) ||
+ if (!CBS_get_u8(&cbs, out_type) ||
!CBS_get_u8(&cbs, &level_id) ||
!CBS_get_u16(&cbs, &cipher_suite) ||
!CBS_get_u32(&cbs, &remaining_bytes) ||
@@ -160,13 +152,13 @@
}
bool MockQuicTransport::ReadHandshake() {
- uint8_t tag;
+ uint8_t type;
ssl_encryption_level_t level;
size_t len;
- if (!ReadHeader(&tag, &level, &len)) {
+ if (!ReadHeader(&type, &level, &len)) {
return false;
}
- if (tag != kTagHandshake) {
+ if (type != SSL3_RT_HANDSHAKE) {
return false;
}
@@ -192,19 +184,19 @@
return len;
}
- uint8_t tag = 0;
+ uint8_t type = 0;
ssl_encryption_level_t level;
size_t len;
while (true) {
- if (!ReadHeader(&tag, &level, &len)) {
+ if (!ReadHeader(&type, &level, &len)) {
// Assume that a failure to read the header means there's no more to read,
// not an error reading.
return 0;
}
- if (tag == kTagApplication) {
+ if (type == SSL3_RT_APPLICATION_DATA) {
break;
}
- if (tag != kTagHandshake) {
+ if (type != SSL3_RT_HANDSHAKE) {
return -1;
}
@@ -247,13 +239,13 @@
}
bool MockQuicTransport::WriteRecord(enum ssl_encryption_level_t level,
- uint8_t tag, const uint8_t *data,
+ uint8_t type, const uint8_t *data,
size_t len) {
uint16_t cipher_suite = write_levels_[level].cipher;
const std::vector<uint8_t> &secret = write_levels_[level].secret;
size_t tlv_len = secret.size() + len;
uint8_t header[8];
- header[0] = tag;
+ header[0] = type;
header[1] = level;
header[2] = (cipher_suite >> 8) & 0xff;
header[3] = cipher_suite & 0xff;
@@ -268,7 +260,7 @@
bool MockQuicTransport::WriteHandshakeData(enum ssl_encryption_level_t level,
const uint8_t *data, size_t len) {
- return WriteRecord(level, kTagHandshake, data, len);
+ return WriteRecord(level, SSL3_RT_HANDSHAKE, data, len);
}
bool MockQuicTransport::WriteApplicationData(const uint8_t *in, size_t len) {
@@ -276,7 +268,7 @@
if (SSL_in_early_data(ssl_) && !SSL_is_server(ssl_)) {
level = ssl_encryption_early_data;
}
- return WriteRecord(level, kTagApplication, in, len);
+ return WriteRecord(level, SSL3_RT_APPLICATION_DATA, in, len);
}
bool MockQuicTransport::Flush() { return BIO_flush(bio_.get()); }
@@ -284,5 +276,5 @@
bool MockQuicTransport::SendAlert(enum ssl_encryption_level_t level,
uint8_t alert) {
uint8_t alert_msg[] = {2, alert};
- return WriteRecord(level, kTagAlert, alert_msg, sizeof(alert_msg));
+ return WriteRecord(level, SSL3_RT_ALERT, alert_msg, sizeof(alert_msg));
}
diff --git a/ssl/test/mock_quic_transport.h b/ssl/test/mock_quic_transport.h
index 114f059..2cd7437 100644
--- a/ssl/test/mock_quic_transport.h
+++ b/ssl/test/mock_quic_transport.h
@@ -44,18 +44,17 @@
private:
// Reads a record header from |bio_| and returns whether the record was read
// successfully. As part of reading the header, this function checks that the
- // cipher suite and secret in the header are correct. On success, the tag
- // indicating the TLS record type is put in |*out_tag|, the encryption level
- // is put in |*out_level|, the length of the TLS record is put in |*out_len|,
- // and the next thing to be read from |bio_| is |*out_len| bytes of the TLS
- // record.
- bool ReadHeader(uint8_t *out_tag, enum ssl_encryption_level_t *out_level,
+ // cipher suite and secret in the header are correct. On success, the TLS
+ // record type is put in |*out_type|, the encryption level is put in
+ // |*out_level|, the length of the TLS record is put in |*out_len|, and the
+ // next thing to be read from |bio_| is |*out_len| bytes of the TLS record.
+ bool ReadHeader(uint8_t *out_type, enum ssl_encryption_level_t *out_level,
size_t *out_len);
// Writes a MockQuicTransport record to |bio_| at encryption level |level|
- // with record type |tag| and a TLS record payload of length |len| from
+ // with record type |type| and a TLS record payload of length |len| from
// |data|.
- bool WriteRecord(enum ssl_encryption_level_t level, uint8_t tag,
+ bool WriteRecord(enum ssl_encryption_level_t level, uint8_t type,
const uint8_t *data, size_t len);
bssl::UniquePtr<BIO> bio_;
diff --git a/ssl/test/runner/mock_quic_transport.go b/ssl/test/runner/mock_quic_transport.go
index 99ce0f7..7654281 100644
--- a/ssl/test/runner/mock_quic_transport.go
+++ b/ssl/test/runner/mock_quic_transport.go
@@ -22,10 +22,6 @@
"net"
)
-const tagHandshake = byte('H')
-const tagApplication = byte('A')
-const tagAlert = byte('L')
-
type encryptionLevel byte
const (
@@ -41,15 +37,24 @@
// provides no confidentiality guarantees. (In fact, it leaks keys in the
// clear.)
//
-// Messages from TLS that are sent over a mockQUICTransport are wrapped in a
-// TLV-like format. The first byte of a mockQUICTransport message is a tag
-// indicating the TLS record type. This is followed by the 2 byte cipher suite
-// ID of the cipher suite that would have been used to encrypt the record. Next
-// is a 4-byte big-endian length indicating the length of the remaining payload.
-// The payload starts with the key that would be used to encrypt the record, and
-// the remainder of the payload is the plaintext of the TLS record. Note that
-// the 4-byte length covers the length of the key and plaintext, but not the
-// cipher suite ID or tag.
+// Messages from TLS that are sent over a mockQUICTransport are a series of
+// records in the following format:
+//
+// enum {
+// initial(0), early_data(1), handshake(2), application(3), (255)
+// } EncryptionLevel;
+//
+// struct {
+// ContentType record_type;
+// EncryptionLevel level;
+// CipherSuite cipher_suite;
+// opaque encrypted_record<0..2^32-1>;
+// } MockQUICRecord;
+//
+// The "encrypted" record is the concatenation of the encryption key and
+// plaintext. It and the cipher suite exist only to check both sides agree on
+// encryption parameters. The key is included in the length prefix so records
+// may be skipped without knowing the key length.
type mockQUICTransport struct {
net.Conn
readLevel, writeLevel encryptionLevel
@@ -62,13 +67,13 @@
return &mockQUICTransport{Conn: conn}
}
-func (m *mockQUICTransport) read() (byte, []byte, error) {
+func (m *mockQUICTransport) read() (recordType, []byte, error) {
for {
header := make([]byte, 8)
if _, err := io.ReadFull(m.Conn, header); err != nil {
return 0, nil, err
}
- tag := header[0]
+ typ := recordType(header[0])
level := header[1]
cipherSuite := binary.BigEndian.Uint16(header[2:4])
length := binary.BigEndian.Uint32(header[4:])
@@ -96,7 +101,7 @@
// Although not true for QUIC in general, our transport is ordered, so
// we expect to stop skipping early data after a valid record.
m.skipEarlyData = false
- return tag, out, nil
+ return typ, out, nil
}
}
@@ -105,29 +110,16 @@
if err != nil {
return 0, nil, err
}
- var returnType recordType
- if typ == tagHandshake {
- returnType = recordTypeHandshake
- } else if typ == tagApplication {
- returnType = recordTypeApplicationData
- } else if typ == tagAlert {
- returnType = recordTypeAlert
- } else {
- return 0, nil, fmt.Errorf("unknown type %d\n", typ)
- }
- return returnType, &block{contents, 0, nil}, nil
+ return typ, &block{contents, 0, nil}, nil
}
func (m *mockQUICTransport) writeRecord(typ recordType, data []byte) (int, error) {
- tag := tagHandshake
- if typ == recordTypeApplicationData {
- tag = tagApplication
- } else if typ != recordTypeHandshake {
+ if typ != recordTypeApplicationData && typ != recordTypeHandshake {
return 0, fmt.Errorf("unsupported record type %d\n", typ)
}
length := len(m.writeSecret) + len(data)
payload := make([]byte, 1+1+2+4+length)
- payload[0] = tag
+ payload[0] = byte(typ)
payload[1] = byte(m.writeLevel)
binary.BigEndian.PutUint16(payload[2:4], m.writeCipherSuite)
binary.BigEndian.PutUint32(payload[4:8], uint32(length))
