Use *ring* for header protection (fixes #196)

[djc]

No description provided.

[djc]

As usual, ring doesn't offer access to private key bytes. Should we create a separate stage in our API to to enable tests for their correctness? I think we have sufficient coverage through full header encryption/decryption.

[codecov]

Codecov Report

Merging #200 into master will increase coverage by 0.03%.
The diff coverage is 85%.

@@            Coverage Diff             @@
##           master     #200      +/-   ##
==========================================
+ Coverage    74.2%   74.24%   +0.03%     
==========================================
  Files          24       24              
  Lines        5905     5870      -35     
==========================================
- Hits         4382     4358      -24     
+ Misses       1523     1512      -11

Impacted Files	Coverage Δ
quinn-proto/src/crypto.rs	91.46% <85%> (+2.44%)	⬆️
quinn-proto/src/packet.rs	82.16% <0%> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e4c51ba...4b4a77e. Read the comment docs.

[codecov]

Codecov Report

Merging #200 into master will increase coverage by 0.02%.
The diff coverage is 76.19%.

@@            Coverage Diff             @@
##           master     #200      +/-   ##
==========================================
+ Coverage    74.2%   74.23%   +0.02%     
==========================================
  Files          24       24              
  Lines        5905     5873      -32     
==========================================
- Hits         4382     4360      -22     
+ Misses       1523     1513      -10

Impacted Files	Coverage Δ
quinn-proto/src/crypto.rs	90.87% <76.19%> (+1.85%)	⬆️
quinn-proto/src/packet.rs	82.36% <0%> (+0.2%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e4c51ba...2dd416b. Read the comment docs.

[Ralith]

We could factor out the hkdf_expand call into its own trivial method, but I agree that the full-packet test vectors constitute adequate coverage already. Maybe just nuke the commented-out asserts?

[djc]

Nuked the commented-out stuff. Re-approve?

[briansmith]

As usual, ring doesn't offer access to private key bytes. Should we create a separate stage in our API to to enable tests for their correctness? I think we have sufficient coverage through full header encryption/decryption.

Check out https://github.com/briansmith/ring/blob/master/tests/quic_tests.rs, which shows how to test these kinds of things.

In this case, your old test was like this:

assert_eq!(
            client_header_key,	            client_header_key,
            HeaderKey::AesEcb128(hex!("0edd982a6ac527f2eddcbb7348dea5d7"))	            HeaderKey::AesEcb128(hex!("0edd982a6ac527f2eddcbb7348dea5d7"))

Instead of testing that the key is equal to some value, test that the result of using the key on a particular input has a particular output.

[djc]

We already have tests like that. 👍