Add packet session key identifiers
ci / test (push) Has been cancelled
ci / remote-bench (push) Has been cancelled

This commit is contained in:
DuProcess
2026-06-13 15:51:55 -04:00
parent 3642de71e4
commit da16588bc5
4 changed files with 51 additions and 23 deletions
+23
View File
@@ -50,10 +50,33 @@ fn encrypted_packet_round_trips() {
let decoded = protocol::decode(&packet).unwrap();
assert_eq!(decoded.header.kind, PacketKind::Input);
assert_eq!(decoded.header.conn_id, conn_id);
assert_eq!(
decoded.header.session_key_id,
protocol::session_key_id(&key)
);
let plain = protocol::decrypt_body(&decoded, &key, CLIENT_TO_SERVER).unwrap();
assert_eq!(plain, b"hello");
}
#[test]
fn encrypted_packet_rejects_wrong_session_key_id_before_decrypt() {
let key = crypto::random_32();
let wrong_key = crypto::random_32();
let packet = protocol::encode_encrypted(
PacketKind::Input,
crypto::random_16(),
1,
0,
&key,
CLIENT_TO_SERVER,
b"hello",
)
.unwrap();
let decoded = protocol::decode(&packet).unwrap();
let err = protocol::decrypt_body(&decoded, &wrong_key, CLIENT_TO_SERVER).unwrap_err();
assert!(err.to_string().contains("session key id"));
}
#[test]
fn attach_ticket_is_sealed_and_verifies_scope() {
let dir = tempfile::tempdir().unwrap();