New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encrypt key phase #1339
Closed
Closed
Encrypt key phase #1339
Changes from all commits
Commits
Show all changes
11 commits
Select commit
Hold shift + click to select a range
b3bb463
First pass at varint packet numbers
britram fae6da8
tweaks, thanks Martin and Ian
britram 50f0501
long headers too
britram 4f8bb35
Both long and short have varint PN
martinthomson 2320678
TLS draft changes for protecting key phase with PN
martinthomson d200766
Move the KEY_PHASE into the short header packet number encoding
martinthomson 3335dd5
Update examples for shorter encodings
martinthomson 38afa01
Superficial only
martinthomson 72d0b1b
Merge branch 'fix-pn-example' into encrypt-key-phase
martinthomson 129d120
Update examples for varying sizes
martinthomson 50fab43
Merge branch 'master' into encrypt-key-phase
martinthomson File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My understanding is that
pp_secret
only exists for 1-RTT. Do we need to define similar constructs for handshake secret and 0-RTT secret?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These are examples. The same secret that you would use for getting a key or IV should work for 0-RTT and the handshake. That probably needs work though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for the clarification. I think my confusion came from the statement saying
which seemed to me to imply a 1-RTT secret, since section 5.3.4 (1-RTT secrets) has the following sentence: