2009-11-04 01:25:13 +00:00
|
|
|
// Copyright 2009 The Go Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a BSD-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
package tls
|
|
|
|
|
|
|
|
type clientHelloMsg struct {
|
|
|
|
raw []byte;
|
|
|
|
major, minor uint8;
|
|
|
|
random []byte;
|
|
|
|
sessionId []byte;
|
|
|
|
cipherSuites []uint16;
|
|
|
|
compressionMethods []uint8;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *clientHelloMsg) marshal() []byte {
|
|
|
|
if m.raw != nil {
|
2009-11-09 20:07:39 +00:00
|
|
|
return m.raw
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
length := 2 + 32 + 1 + len(m.sessionId) + 2 + len(m.cipherSuites)*2 + 1 + len(m.compressionMethods);
|
|
|
|
x := make([]byte, 4+length);
|
|
|
|
x[0] = typeClientHello;
|
2009-11-10 05:13:17 +00:00
|
|
|
x[1] = uint8(length >> 16);
|
|
|
|
x[2] = uint8(length >> 8);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[3] = uint8(length);
|
|
|
|
x[4] = m.major;
|
|
|
|
x[5] = m.minor;
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(x[6:38], m.random);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[38] = uint8(len(m.sessionId));
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(x[39:39+len(m.sessionId)], m.sessionId);
|
2009-11-04 01:25:13 +00:00
|
|
|
y := x[39+len(m.sessionId) : len(x)];
|
2009-11-10 05:13:17 +00:00
|
|
|
y[0] = uint8(len(m.cipherSuites) >> 7);
|
|
|
|
y[1] = uint8(len(m.cipherSuites) << 1);
|
2009-11-04 01:25:13 +00:00
|
|
|
for i, suite := range m.cipherSuites {
|
2009-11-10 05:13:17 +00:00
|
|
|
y[2+i*2] = uint8(suite >> 8);
|
|
|
|
y[3+i*2] = uint8(suite);
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
2009-11-10 05:13:17 +00:00
|
|
|
z := y[2+len(m.cipherSuites)*2 : len(y)];
|
2009-11-04 01:25:13 +00:00
|
|
|
z[0] = uint8(len(m.compressionMethods));
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(z[1:len(z)], m.compressionMethods);
|
2009-11-04 01:25:13 +00:00
|
|
|
m.raw = x;
|
|
|
|
|
|
|
|
return x;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *clientHelloMsg) unmarshal(data []byte) bool {
|
|
|
|
if len(data) < 39 {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
m.raw = data;
|
|
|
|
m.major = data[4];
|
|
|
|
m.minor = data[5];
|
|
|
|
m.random = data[6:38];
|
|
|
|
sessionIdLen := int(data[38]);
|
2009-11-10 05:13:17 +00:00
|
|
|
if sessionIdLen > 32 || len(data) < 39+sessionIdLen {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
2009-11-10 05:13:17 +00:00
|
|
|
m.sessionId = data[39 : 39+sessionIdLen];
|
|
|
|
data = data[39+sessionIdLen : len(data)];
|
2009-11-04 01:25:13 +00:00
|
|
|
if len(data) < 2 {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
// cipherSuiteLen is the number of bytes of cipher suite numbers. Since
|
|
|
|
// they are uint16s, the number must be even.
|
|
|
|
cipherSuiteLen := int(data[0])<<8 | int(data[1]);
|
2009-11-10 05:13:17 +00:00
|
|
|
if cipherSuiteLen%2 == 1 || len(data) < 2+cipherSuiteLen {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
numCipherSuites := cipherSuiteLen / 2;
|
|
|
|
m.cipherSuites = make([]uint16, numCipherSuites);
|
|
|
|
for i := 0; i < numCipherSuites; i++ {
|
2009-11-10 05:13:17 +00:00
|
|
|
m.cipherSuites[i] = uint16(data[2+2*i])<<8 | uint16(data[3+2*i])
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
2009-11-10 05:13:17 +00:00
|
|
|
data = data[2+cipherSuiteLen : len(data)];
|
2009-11-04 01:25:13 +00:00
|
|
|
if len(data) < 2 {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
compressionMethodsLen := int(data[0]);
|
2009-11-10 05:13:17 +00:00
|
|
|
if len(data) < 1+compressionMethodsLen {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
2009-11-10 05:13:17 +00:00
|
|
|
m.compressionMethods = data[1 : 1+compressionMethodsLen];
|
2009-11-04 01:25:13 +00:00
|
|
|
|
|
|
|
// A ClientHello may be following by trailing data: RFC 4346 section 7.4.1.2
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
type serverHelloMsg struct {
|
|
|
|
raw []byte;
|
|
|
|
major, minor uint8;
|
|
|
|
random []byte;
|
|
|
|
sessionId []byte;
|
|
|
|
cipherSuite uint16;
|
|
|
|
compressionMethod uint8;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *serverHelloMsg) marshal() []byte {
|
|
|
|
if m.raw != nil {
|
2009-11-09 20:07:39 +00:00
|
|
|
return m.raw
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
|
2009-11-10 05:13:17 +00:00
|
|
|
length := 38 + len(m.sessionId);
|
2009-11-04 01:25:13 +00:00
|
|
|
x := make([]byte, 4+length);
|
|
|
|
x[0] = typeServerHello;
|
2009-11-10 05:13:17 +00:00
|
|
|
x[1] = uint8(length >> 16);
|
|
|
|
x[2] = uint8(length >> 8);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[3] = uint8(length);
|
|
|
|
x[4] = m.major;
|
|
|
|
x[5] = m.minor;
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(x[6:38], m.random);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[38] = uint8(len(m.sessionId));
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(x[39:39+len(m.sessionId)], m.sessionId);
|
2009-11-04 01:25:13 +00:00
|
|
|
z := x[39+len(m.sessionId) : len(x)];
|
|
|
|
z[0] = uint8(m.cipherSuite >> 8);
|
|
|
|
z[1] = uint8(m.cipherSuite);
|
|
|
|
z[2] = uint8(m.compressionMethod);
|
|
|
|
m.raw = x;
|
|
|
|
|
|
|
|
return x;
|
|
|
|
}
|
|
|
|
|
|
|
|
type certificateMsg struct {
|
|
|
|
raw []byte;
|
|
|
|
certificates [][]byte;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *certificateMsg) marshal() (x []byte) {
|
|
|
|
if m.raw != nil {
|
2009-11-09 20:07:39 +00:00
|
|
|
return m.raw
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
var i int;
|
|
|
|
for _, slice := range m.certificates {
|
2009-11-09 20:07:39 +00:00
|
|
|
i += len(slice)
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
length := 3 + 3*len(m.certificates) + i;
|
|
|
|
x = make([]byte, 4+length);
|
|
|
|
x[0] = typeCertificate;
|
2009-11-10 05:13:17 +00:00
|
|
|
x[1] = uint8(length >> 16);
|
|
|
|
x[2] = uint8(length >> 8);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[3] = uint8(length);
|
|
|
|
|
2009-11-10 05:13:17 +00:00
|
|
|
certificateOctets := length - 3;
|
2009-11-04 01:25:13 +00:00
|
|
|
x[4] = uint8(certificateOctets >> 16);
|
|
|
|
x[5] = uint8(certificateOctets >> 8);
|
|
|
|
x[6] = uint8(certificateOctets);
|
|
|
|
|
|
|
|
y := x[7:len(x)];
|
|
|
|
for _, slice := range m.certificates {
|
2009-11-10 05:13:17 +00:00
|
|
|
y[0] = uint8(len(slice) >> 16);
|
|
|
|
y[1] = uint8(len(slice) >> 8);
|
2009-11-04 01:25:13 +00:00
|
|
|
y[2] = uint8(len(slice));
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(y[3:len(y)], slice);
|
2009-11-04 01:25:13 +00:00
|
|
|
y = y[3+len(slice) : len(y)];
|
|
|
|
}
|
|
|
|
|
|
|
|
m.raw = x;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
type serverHelloDoneMsg struct{}
|
|
|
|
|
|
|
|
func (m *serverHelloDoneMsg) marshal() []byte {
|
|
|
|
x := make([]byte, 4);
|
|
|
|
x[0] = typeServerHelloDone;
|
|
|
|
return x;
|
|
|
|
}
|
|
|
|
|
|
|
|
type clientKeyExchangeMsg struct {
|
|
|
|
raw []byte;
|
|
|
|
ciphertext []byte;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *clientKeyExchangeMsg) marshal() []byte {
|
|
|
|
if m.raw != nil {
|
2009-11-09 20:07:39 +00:00
|
|
|
return m.raw
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
2009-11-10 05:13:17 +00:00
|
|
|
length := len(m.ciphertext) + 2;
|
2009-11-04 01:25:13 +00:00
|
|
|
x := make([]byte, length+4);
|
|
|
|
x[0] = typeClientKeyExchange;
|
2009-11-10 05:13:17 +00:00
|
|
|
x[1] = uint8(length >> 16);
|
|
|
|
x[2] = uint8(length >> 8);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[3] = uint8(length);
|
2009-11-10 05:13:17 +00:00
|
|
|
x[4] = uint8(len(m.ciphertext) >> 8);
|
2009-11-04 01:25:13 +00:00
|
|
|
x[5] = uint8(len(m.ciphertext));
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(x[6:len(x)], m.ciphertext);
|
2009-11-04 01:25:13 +00:00
|
|
|
|
|
|
|
m.raw = x;
|
|
|
|
return x;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool {
|
|
|
|
m.raw = data;
|
|
|
|
if len(data) < 7 {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
cipherTextLen := int(data[4])<<8 | int(data[5]);
|
2009-11-10 05:13:17 +00:00
|
|
|
if len(data) != 6+cipherTextLen {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
m.ciphertext = data[6:len(data)];
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
type finishedMsg struct {
|
|
|
|
raw []byte;
|
|
|
|
verifyData []byte;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *finishedMsg) marshal() (x []byte) {
|
|
|
|
if m.raw != nil {
|
2009-11-09 20:07:39 +00:00
|
|
|
return m.raw
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
x = make([]byte, 16);
|
|
|
|
x[0] = typeFinished;
|
|
|
|
x[3] = 12;
|
2009-11-18 23:24:24 +00:00
|
|
|
copy(x[4:len(x)], m.verifyData);
|
2009-11-04 01:25:13 +00:00
|
|
|
m.raw = x;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
func (m *finishedMsg) unmarshal(data []byte) bool {
|
|
|
|
m.raw = data;
|
|
|
|
if len(data) != 4+12 {
|
2009-11-09 20:07:39 +00:00
|
|
|
return false
|
2009-11-04 01:25:13 +00:00
|
|
|
}
|
|
|
|
m.verifyData = data[4:len(data)];
|
|
|
|
return true;
|
|
|
|
}
|