crypto/tls: don't always use the default private key.
When SNI based certificate selection is enabled, we previously used the default private key even if we selected a non-default certificate. Fixes #3367. R=golang-dev, bradfitz CC=golang-dev https://golang.org/cl/5987058
This commit is contained in:
parent
ca7f685323
commit
30b2db1e5f
@ -23,8 +23,8 @@ type keyAgreement interface {
|
|||||||
// In the case that the key agreement protocol doesn't use a
|
// In the case that the key agreement protocol doesn't use a
|
||||||
// ServerKeyExchange message, generateServerKeyExchange can return nil,
|
// ServerKeyExchange message, generateServerKeyExchange can return nil,
|
||||||
// nil.
|
// nil.
|
||||||
generateServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
|
generateServerKeyExchange(*Config, *Certificate, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
|
||||||
processClientKeyExchange(*Config, *clientKeyExchangeMsg, uint16) ([]byte, error)
|
processClientKeyExchange(*Config, *Certificate, *clientKeyExchangeMsg, uint16) ([]byte, error)
|
||||||
|
|
||||||
// On the client side, the next two methods are called in order.
|
// On the client side, the next two methods are called in order.
|
||||||
|
|
||||||
|
@ -112,37 +112,38 @@ FindCipherSuite:
|
|||||||
hello.nextProtoNeg = true
|
hello.nextProtoNeg = true
|
||||||
hello.nextProtos = config.NextProtos
|
hello.nextProtos = config.NextProtos
|
||||||
}
|
}
|
||||||
if clientHello.ocspStapling && len(config.Certificates[0].OCSPStaple) > 0 {
|
|
||||||
|
if len(config.Certificates) == 0 {
|
||||||
|
return c.sendAlert(alertInternalError)
|
||||||
|
}
|
||||||
|
cert := &config.Certificates[0]
|
||||||
|
if len(clientHello.serverName) > 0 {
|
||||||
|
c.serverName = clientHello.serverName
|
||||||
|
cert = config.getCertificateForName(clientHello.serverName)
|
||||||
|
}
|
||||||
|
|
||||||
|
if clientHello.ocspStapling && len(cert.OCSPStaple) > 0 {
|
||||||
hello.ocspStapling = true
|
hello.ocspStapling = true
|
||||||
}
|
}
|
||||||
|
|
||||||
finishedHash.Write(hello.marshal())
|
finishedHash.Write(hello.marshal())
|
||||||
c.writeRecord(recordTypeHandshake, hello.marshal())
|
c.writeRecord(recordTypeHandshake, hello.marshal())
|
||||||
|
|
||||||
if len(config.Certificates) == 0 {
|
|
||||||
return c.sendAlert(alertInternalError)
|
|
||||||
}
|
|
||||||
|
|
||||||
certMsg := new(certificateMsg)
|
certMsg := new(certificateMsg)
|
||||||
if len(clientHello.serverName) > 0 {
|
certMsg.certificates = cert.Certificate
|
||||||
c.serverName = clientHello.serverName
|
|
||||||
certMsg.certificates = config.getCertificateForName(clientHello.serverName).Certificate
|
|
||||||
} else {
|
|
||||||
certMsg.certificates = config.Certificates[0].Certificate
|
|
||||||
}
|
|
||||||
finishedHash.Write(certMsg.marshal())
|
finishedHash.Write(certMsg.marshal())
|
||||||
c.writeRecord(recordTypeHandshake, certMsg.marshal())
|
c.writeRecord(recordTypeHandshake, certMsg.marshal())
|
||||||
|
|
||||||
if hello.ocspStapling {
|
if hello.ocspStapling {
|
||||||
certStatus := new(certificateStatusMsg)
|
certStatus := new(certificateStatusMsg)
|
||||||
certStatus.statusType = statusTypeOCSP
|
certStatus.statusType = statusTypeOCSP
|
||||||
certStatus.response = config.Certificates[0].OCSPStaple
|
certStatus.response = cert.OCSPStaple
|
||||||
finishedHash.Write(certStatus.marshal())
|
finishedHash.Write(certStatus.marshal())
|
||||||
c.writeRecord(recordTypeHandshake, certStatus.marshal())
|
c.writeRecord(recordTypeHandshake, certStatus.marshal())
|
||||||
}
|
}
|
||||||
|
|
||||||
keyAgreement := suite.ka()
|
keyAgreement := suite.ka()
|
||||||
skx, err := keyAgreement.generateServerKeyExchange(config, clientHello, hello)
|
skx, err := keyAgreement.generateServerKeyExchange(config, cert, clientHello, hello)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.sendAlert(alertHandshakeFailure)
|
c.sendAlert(alertHandshakeFailure)
|
||||||
return err
|
return err
|
||||||
@ -288,7 +289,7 @@ FindCipherSuite:
|
|||||||
finishedHash.Write(certVerify.marshal())
|
finishedHash.Write(certVerify.marshal())
|
||||||
}
|
}
|
||||||
|
|
||||||
preMasterSecret, err := keyAgreement.processClientKeyExchange(config, ckx, c.vers)
|
preMasterSecret, err := keyAgreement.processClientKeyExchange(config, cert, ckx, c.vers)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.sendAlert(alertHandshakeFailure)
|
c.sendAlert(alertHandshakeFailure)
|
||||||
return err
|
return err
|
||||||
|
@ -40,9 +40,12 @@ func init() {
|
|||||||
testConfig = new(Config)
|
testConfig = new(Config)
|
||||||
testConfig.Time = func() time.Time { return time.Unix(0, 0) }
|
testConfig.Time = func() time.Time { return time.Unix(0, 0) }
|
||||||
testConfig.Rand = zeroSource{}
|
testConfig.Rand = zeroSource{}
|
||||||
testConfig.Certificates = make([]Certificate, 1)
|
testConfig.Certificates = make([]Certificate, 2)
|
||||||
testConfig.Certificates[0].Certificate = [][]byte{testCertificate}
|
testConfig.Certificates[0].Certificate = [][]byte{testCertificate}
|
||||||
testConfig.Certificates[0].PrivateKey = testPrivateKey
|
testConfig.Certificates[0].PrivateKey = testPrivateKey
|
||||||
|
testConfig.Certificates[1].Certificate = [][]byte{testSNICertificate}
|
||||||
|
testConfig.Certificates[1].PrivateKey = testPrivateKey
|
||||||
|
testConfig.BuildNameToCertificate()
|
||||||
testConfig.CipherSuites = []uint16{TLS_RSA_WITH_RC4_128_SHA}
|
testConfig.CipherSuites = []uint16{TLS_RSA_WITH_RC4_128_SHA}
|
||||||
testConfig.InsecureSkipVerify = true
|
testConfig.InsecureSkipVerify = true
|
||||||
}
|
}
|
||||||
@ -178,6 +181,13 @@ func TestHandshakeServerSSLv3(t *testing.T) {
|
|||||||
testServerScript(t, "SSLv3", sslv3ServerScript, testConfig, nil)
|
testServerScript(t, "SSLv3", sslv3ServerScript, testConfig, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TestHandshakeServerSNI involves a client sending an SNI extension of
|
||||||
|
// "snitest.com", which happens to match the CN of testSNICertificate. The test
|
||||||
|
// verifies that the server correctly selects that certificate.
|
||||||
|
func TestHandshakeServerSNI(t *testing.T) {
|
||||||
|
testServerScript(t, "SNI", selectCertificateBySNIScript, testConfig, nil)
|
||||||
|
}
|
||||||
|
|
||||||
type clientauthTest struct {
|
type clientauthTest struct {
|
||||||
name string
|
name string
|
||||||
clientauth ClientAuthType
|
clientauth ClientAuthType
|
||||||
@ -338,6 +348,8 @@ func fromHex(s string) []byte {
|
|||||||
|
|
||||||
var testCertificate = fromHex("308202b030820219a00302010202090085b0bba48a7fb8ca300d06092a864886f70d01010505003045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c7464301e170d3130303432343039303933385a170d3131303432343039303933385a3045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746430819f300d06092a864886f70d010101050003818d0030818902818100bb79d6f517b5e5bf4610d0dc69bee62b07435ad0032d8a7a4385b71452e7a5654c2c78b8238cb5b482e5de1f953b7e62a52ca533d6fe125c7a56fcf506bffa587b263fb5cd04d3d0c921964ac7f4549f5abfef427100fe1899077f7e887d7df10439c4a22edb51c97ce3c04c3b326601cfafb11db8719a1ddbdb896baeda2d790203010001a381a73081a4301d0603551d0e04160414b1ade2855acfcb28db69ce2369ded3268e18883930750603551d23046e306c8014b1ade2855acfcb28db69ce2369ded3268e188839a149a4473045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746482090085b0bba48a7fb8ca300c0603551d13040530030101ff300d06092a864886f70d010105050003818100086c4524c76bb159ab0c52ccf2b014d7879d7a6475b55a9566e4c52b8eae12661feb4f38b36e60d392fdf74108b52513b1187a24fb301dbaed98b917ece7d73159db95d31d78ea50565cd5825a2d5a5f33c4b6d8c97590968c0f5298b5cd981f89205ff2a01ca31b9694dda9fd57e970e8266d71999b266e3850296c90a7bdd9")
|
var testCertificate = fromHex("308202b030820219a00302010202090085b0bba48a7fb8ca300d06092a864886f70d01010505003045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c7464301e170d3130303432343039303933385a170d3131303432343039303933385a3045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746430819f300d06092a864886f70d010101050003818d0030818902818100bb79d6f517b5e5bf4610d0dc69bee62b07435ad0032d8a7a4385b71452e7a5654c2c78b8238cb5b482e5de1f953b7e62a52ca533d6fe125c7a56fcf506bffa587b263fb5cd04d3d0c921964ac7f4549f5abfef427100fe1899077f7e887d7df10439c4a22edb51c97ce3c04c3b326601cfafb11db8719a1ddbdb896baeda2d790203010001a381a73081a4301d0603551d0e04160414b1ade2855acfcb28db69ce2369ded3268e18883930750603551d23046e306c8014b1ade2855acfcb28db69ce2369ded3268e188839a149a4473045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746482090085b0bba48a7fb8ca300c0603551d13040530030101ff300d06092a864886f70d010105050003818100086c4524c76bb159ab0c52ccf2b014d7879d7a6475b55a9566e4c52b8eae12661feb4f38b36e60d392fdf74108b52513b1187a24fb301dbaed98b917ece7d73159db95d31d78ea50565cd5825a2d5a5f33c4b6d8c97590968c0f5298b5cd981f89205ff2a01ca31b9694dda9fd57e970e8266d71999b266e3850296c90a7bdd9")
|
||||||
|
|
||||||
|
var testSNICertificate = fromHex("308201f23082015da003020102020100300b06092a864886f70d01010530283110300e060355040a130741636d6520436f311430120603550403130b736e69746573742e636f6d301e170d3132303431313137343033355a170d3133303431313137343533355a30283110300e060355040a130741636d6520436f311430120603550403130b736e69746573742e636f6d30819d300b06092a864886f70d01010103818d0030818902818100bb79d6f517b5e5bf4610d0dc69bee62b07435ad0032d8a7a4385b71452e7a5654c2c78b8238cb5b482e5de1f953b7e62a52ca533d6fe125c7a56fcf506bffa587b263fb5cd04d3d0c921964ac7f4549f5abfef427100fe1899077f7e887d7df10439c4a22edb51c97ce3c04c3b326601cfafb11db8719a1ddbdb896baeda2d790203010001a3323030300e0603551d0f0101ff0404030200a0300d0603551d0e0406040401020304300f0603551d2304083006800401020304300b06092a864886f70d0101050381810089c6455f1c1f5ef8eb1ab174ee2439059f5c4259bb1a8d86cdb1d056f56a717da40e95ab90f59e8deaf627c157995094db0802266eb34fc6842dea8a4b68d9c1389103ab84fb9e1f85d9b5d23ff2312c8670fbb540148245a4ebafe264d90c8a4cf4f85b0fac12ac2fc4a3154bad52462868af96c62c6525d652b6e31845bdcc")
|
||||||
|
|
||||||
var testPrivateKey = &rsa.PrivateKey{
|
var testPrivateKey = &rsa.PrivateKey{
|
||||||
PublicKey: rsa.PublicKey{
|
PublicKey: rsa.PublicKey{
|
||||||
N: bigFromString("131650079503776001033793877885499001334664249354723305978524647182322416328664556247316495448366990052837680518067798333412266673813370895702118944398081598789828837447552603077848001020611640547221687072142537202428102790818451901395596882588063427854225330436740647715202971973145151161964464812406232198521"),
|
N: bigFromString("131650079503776001033793877885499001334664249354723305978524647182322416328664556247316495448366990052837680518067798333412266673813370895702118944398081598789828837447552603077848001020611640547221687072142537202428102790818451901395596882588063427854225330436740647715202971973145151161964464812406232198521"),
|
||||||
@ -1025,6 +1037,142 @@ var sslv3ServerScript = [][]byte{
|
|||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var selectCertificateBySNIScript = [][]byte{
|
||||||
|
{
|
||||||
|
0x16, 0x03, 0x01, 0x00, 0x6e, 0x01, 0x00, 0x00,
|
||||||
|
0x6a, 0x03, 0x01, 0x4f, 0x85, 0xc4, 0xc2, 0xb9,
|
||||||
|
0x39, 0x80, 0x91, 0x66, 0x65, 0x56, 0x8e, 0xdd,
|
||||||
|
0x48, 0xe9, 0xca, 0x34, 0x02, 0x3c, 0xaf, 0x0d,
|
||||||
|
0x73, 0xb5, 0x2a, 0x05, 0x6e, 0xbd, 0x5e, 0x8f,
|
||||||
|
0x38, 0xf9, 0xe5, 0x00, 0x00, 0x28, 0x00, 0x39,
|
||||||
|
0x00, 0x38, 0x00, 0x35, 0x00, 0x16, 0x00, 0x13,
|
||||||
|
0x00, 0x0a, 0x00, 0x33, 0x00, 0x32, 0x00, 0x2f,
|
||||||
|
0x00, 0x05, 0x00, 0x04, 0x00, 0x15, 0x00, 0x12,
|
||||||
|
0x00, 0x09, 0x00, 0x14, 0x00, 0x11, 0x00, 0x08,
|
||||||
|
0x00, 0x06, 0x00, 0x03, 0x00, 0xff, 0x02, 0x01,
|
||||||
|
0x00, 0x00, 0x18, 0x00, 0x00, 0x00, 0x10, 0x00,
|
||||||
|
0x0e, 0x00, 0x00, 0x0b, 0x73, 0x6e, 0x69, 0x74,
|
||||||
|
0x65, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x00,
|
||||||
|
0x23, 0x00, 0x00,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
0x16, 0x03, 0x01, 0x00, 0x2a, 0x02, 0x00, 0x00,
|
||||||
|
0x26, 0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x16,
|
||||||
|
0x03, 0x01, 0x02, 0x00, 0x0b, 0x00, 0x01, 0xfc,
|
||||||
|
0x00, 0x01, 0xf9, 0x00, 0x01, 0xf6, 0x30, 0x82,
|
||||||
|
0x01, 0xf2, 0x30, 0x82, 0x01, 0x5d, 0xa0, 0x03,
|
||||||
|
0x02, 0x01, 0x02, 0x02, 0x01, 0x00, 0x30, 0x0b,
|
||||||
|
0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
|
||||||
|
0x01, 0x01, 0x05, 0x30, 0x28, 0x31, 0x10, 0x30,
|
||||||
|
0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x13, 0x07,
|
||||||
|
0x41, 0x63, 0x6d, 0x65, 0x20, 0x43, 0x6f, 0x31,
|
||||||
|
0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03,
|
||||||
|
0x13, 0x0b, 0x73, 0x6e, 0x69, 0x74, 0x65, 0x73,
|
||||||
|
0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30, 0x1e, 0x17,
|
||||||
|
0x0d, 0x31, 0x32, 0x30, 0x34, 0x31, 0x31, 0x31,
|
||||||
|
0x37, 0x34, 0x30, 0x33, 0x35, 0x5a, 0x17, 0x0d,
|
||||||
|
0x31, 0x33, 0x30, 0x34, 0x31, 0x31, 0x31, 0x37,
|
||||||
|
0x34, 0x35, 0x33, 0x35, 0x5a, 0x30, 0x28, 0x31,
|
||||||
|
0x10, 0x30, 0x0e, 0x06, 0x03, 0x55, 0x04, 0x0a,
|
||||||
|
0x13, 0x07, 0x41, 0x63, 0x6d, 0x65, 0x20, 0x43,
|
||||||
|
0x6f, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55,
|
||||||
|
0x04, 0x03, 0x13, 0x0b, 0x73, 0x6e, 0x69, 0x74,
|
||||||
|
0x65, 0x73, 0x74, 0x2e, 0x63, 0x6f, 0x6d, 0x30,
|
||||||
|
0x81, 0x9d, 0x30, 0x0b, 0x06, 0x09, 0x2a, 0x86,
|
||||||
|
0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x03,
|
||||||
|
0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81,
|
||||||
|
0x81, 0x00, 0xbb, 0x79, 0xd6, 0xf5, 0x17, 0xb5,
|
||||||
|
0xe5, 0xbf, 0x46, 0x10, 0xd0, 0xdc, 0x69, 0xbe,
|
||||||
|
0xe6, 0x2b, 0x07, 0x43, 0x5a, 0xd0, 0x03, 0x2d,
|
||||||
|
0x8a, 0x7a, 0x43, 0x85, 0xb7, 0x14, 0x52, 0xe7,
|
||||||
|
0xa5, 0x65, 0x4c, 0x2c, 0x78, 0xb8, 0x23, 0x8c,
|
||||||
|
0xb5, 0xb4, 0x82, 0xe5, 0xde, 0x1f, 0x95, 0x3b,
|
||||||
|
0x7e, 0x62, 0xa5, 0x2c, 0xa5, 0x33, 0xd6, 0xfe,
|
||||||
|
0x12, 0x5c, 0x7a, 0x56, 0xfc, 0xf5, 0x06, 0xbf,
|
||||||
|
0xfa, 0x58, 0x7b, 0x26, 0x3f, 0xb5, 0xcd, 0x04,
|
||||||
|
0xd3, 0xd0, 0xc9, 0x21, 0x96, 0x4a, 0xc7, 0xf4,
|
||||||
|
0x54, 0x9f, 0x5a, 0xbf, 0xef, 0x42, 0x71, 0x00,
|
||||||
|
0xfe, 0x18, 0x99, 0x07, 0x7f, 0x7e, 0x88, 0x7d,
|
||||||
|
0x7d, 0xf1, 0x04, 0x39, 0xc4, 0xa2, 0x2e, 0xdb,
|
||||||
|
0x51, 0xc9, 0x7c, 0xe3, 0xc0, 0x4c, 0x3b, 0x32,
|
||||||
|
0x66, 0x01, 0xcf, 0xaf, 0xb1, 0x1d, 0xb8, 0x71,
|
||||||
|
0x9a, 0x1d, 0xdb, 0xdb, 0x89, 0x6b, 0xae, 0xda,
|
||||||
|
0x2d, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xa3,
|
||||||
|
0x32, 0x30, 0x30, 0x30, 0x0e, 0x06, 0x03, 0x55,
|
||||||
|
0x1d, 0x0f, 0x01, 0x01, 0xff, 0x04, 0x04, 0x03,
|
||||||
|
0x02, 0x00, 0xa0, 0x30, 0x0d, 0x06, 0x03, 0x55,
|
||||||
|
0x1d, 0x0e, 0x04, 0x06, 0x04, 0x04, 0x01, 0x02,
|
||||||
|
0x03, 0x04, 0x30, 0x0f, 0x06, 0x03, 0x55, 0x1d,
|
||||||
|
0x23, 0x04, 0x08, 0x30, 0x06, 0x80, 0x04, 0x01,
|
||||||
|
0x02, 0x03, 0x04, 0x30, 0x0b, 0x06, 0x09, 0x2a,
|
||||||
|
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
|
||||||
|
0x03, 0x81, 0x81, 0x00, 0x89, 0xc6, 0x45, 0x5f,
|
||||||
|
0x1c, 0x1f, 0x5e, 0xf8, 0xeb, 0x1a, 0xb1, 0x74,
|
||||||
|
0xee, 0x24, 0x39, 0x05, 0x9f, 0x5c, 0x42, 0x59,
|
||||||
|
0xbb, 0x1a, 0x8d, 0x86, 0xcd, 0xb1, 0xd0, 0x56,
|
||||||
|
0xf5, 0x6a, 0x71, 0x7d, 0xa4, 0x0e, 0x95, 0xab,
|
||||||
|
0x90, 0xf5, 0x9e, 0x8d, 0xea, 0xf6, 0x27, 0xc1,
|
||||||
|
0x57, 0x99, 0x50, 0x94, 0xdb, 0x08, 0x02, 0x26,
|
||||||
|
0x6e, 0xb3, 0x4f, 0xc6, 0x84, 0x2d, 0xea, 0x8a,
|
||||||
|
0x4b, 0x68, 0xd9, 0xc1, 0x38, 0x91, 0x03, 0xab,
|
||||||
|
0x84, 0xfb, 0x9e, 0x1f, 0x85, 0xd9, 0xb5, 0xd2,
|
||||||
|
0x3f, 0xf2, 0x31, 0x2c, 0x86, 0x70, 0xfb, 0xb5,
|
||||||
|
0x40, 0x14, 0x82, 0x45, 0xa4, 0xeb, 0xaf, 0xe2,
|
||||||
|
0x64, 0xd9, 0x0c, 0x8a, 0x4c, 0xf4, 0xf8, 0x5b,
|
||||||
|
0x0f, 0xac, 0x12, 0xac, 0x2f, 0xc4, 0xa3, 0x15,
|
||||||
|
0x4b, 0xad, 0x52, 0x46, 0x28, 0x68, 0xaf, 0x96,
|
||||||
|
0xc6, 0x2c, 0x65, 0x25, 0xd6, 0x52, 0xb6, 0xe3,
|
||||||
|
0x18, 0x45, 0xbd, 0xcc, 0x16, 0x03, 0x01, 0x00,
|
||||||
|
0x04, 0x0e, 0x00, 0x00, 0x00,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
0x16, 0x03, 0x01, 0x00, 0x86, 0x10, 0x00, 0x00,
|
||||||
|
0x82, 0x00, 0x80, 0x70, 0x1d, 0x34, 0x75, 0xa2,
|
||||||
|
0xe7, 0xe3, 0x2f, 0x3d, 0xc1, 0x1d, 0xca, 0x0b,
|
||||||
|
0xe3, 0x64, 0xb9, 0x1a, 0x00, 0x69, 0xc4, 0x14,
|
||||||
|
0x05, 0x07, 0x7e, 0xc3, 0x51, 0x43, 0x52, 0x66,
|
||||||
|
0xe3, 0xbd, 0xff, 0x1b, 0x1a, 0x6a, 0x84, 0xf2,
|
||||||
|
0x07, 0x24, 0xd7, 0x12, 0xa8, 0x58, 0xcf, 0x8a,
|
||||||
|
0x50, 0x30, 0xe8, 0xc8, 0xb2, 0xf9, 0x58, 0x1c,
|
||||||
|
0x56, 0x53, 0x76, 0x21, 0xe0, 0x03, 0x7f, 0x77,
|
||||||
|
0xa7, 0xf1, 0xad, 0x67, 0xd4, 0xe2, 0x8f, 0xa0,
|
||||||
|
0x58, 0x6c, 0xe0, 0x28, 0x59, 0xf3, 0xd1, 0x53,
|
||||||
|
0x2b, 0x21, 0xbd, 0xa3, 0x84, 0x31, 0x73, 0xbf,
|
||||||
|
0x84, 0x0f, 0x83, 0xf4, 0xc4, 0xd0, 0xe5, 0x3c,
|
||||||
|
0x2d, 0x3e, 0xf2, 0x8a, 0x1e, 0xe7, 0xe9, 0x1f,
|
||||||
|
0x12, 0x13, 0xad, 0x29, 0xd6, 0x0c, 0xc7, 0xc6,
|
||||||
|
0x05, 0x53, 0x7d, 0x5e, 0xc6, 0x92, 0x72, 0xba,
|
||||||
|
0xd2, 0x93, 0x8f, 0x53, 0x84, 0x87, 0x44, 0x05,
|
||||||
|
0x9f, 0x5d, 0x66, 0x14, 0x03, 0x01, 0x00, 0x01,
|
||||||
|
0x01, 0x16, 0x03, 0x01, 0x00, 0x24, 0xfc, 0x71,
|
||||||
|
0xaa, 0xa8, 0x37, 0xa8, 0xbd, 0x63, 0xb7, 0xbc,
|
||||||
|
0x95, 0xef, 0x0c, 0xcf, 0x39, 0x31, 0x93, 0xe6,
|
||||||
|
0x86, 0xbd, 0x3f, 0x56, 0x9d, 0xf0, 0xb2, 0xb5,
|
||||||
|
0xd1, 0xa7, 0xc6, 0x45, 0x89, 0x18, 0xfb, 0xa0,
|
||||||
|
0x7f, 0xc1,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
0x14, 0x03, 0x01, 0x00, 0x01, 0x01, 0x16, 0x03,
|
||||||
|
0x01, 0x00, 0x24, 0xb8, 0x6d, 0x9a, 0x90, 0x3c,
|
||||||
|
0x45, 0xe0, 0xff, 0x63, 0xba, 0xab, 0x3d, 0x7a,
|
||||||
|
0xa6, 0x49, 0x5a, 0x13, 0xdc, 0x0e, 0xa3, 0xba,
|
||||||
|
0x7f, 0x04, 0x19, 0x45, 0xfd, 0xfb, 0xbd, 0x00,
|
||||||
|
0xa3, 0xa7, 0x78, 0x81, 0x38, 0x9f, 0x10, 0x17,
|
||||||
|
0x03, 0x01, 0x00, 0x21, 0x43, 0xc3, 0x91, 0xb7,
|
||||||
|
0xbf, 0x50, 0x0b, 0x04, 0xb4, 0x5d, 0xc6, 0x20,
|
||||||
|
0x64, 0xb8, 0x01, 0x09, 0x25, 0x2c, 0x03, 0x30,
|
||||||
|
0xc0, 0x77, 0xc9, 0x5e, 0xe6, 0xe0, 0x99, 0xdc,
|
||||||
|
0xcd, 0x75, 0x9d, 0x51, 0x82, 0x15, 0x03, 0x01,
|
||||||
|
0x00, 0x16, 0x2d, 0x7a, 0x89, 0x7b, 0x36, 0x85,
|
||||||
|
0x2a, 0x93, 0xcb, 0x83, 0xa7, 0x2f, 0x9e, 0x91,
|
||||||
|
0xfc, 0xad, 0x57, 0xca, 0xf5, 0xbc, 0x13, 0x2f,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
var clientauthTests = []clientauthTest{
|
var clientauthTests = []clientauthTest{
|
||||||
// Server doesn't asks for cert
|
// Server doesn't asks for cert
|
||||||
// go test -run "TestRunServer" -serve -clientauth 0
|
// go test -run "TestRunServer" -serve -clientauth 0
|
||||||
@ -1363,7 +1511,7 @@ var clientauthTests = []clientauthTest{
|
|||||||
// go test -run "TestRunServer" -serve -clientauth 1
|
// go test -run "TestRunServer" -serve -clientauth 1
|
||||||
// gnutls-cli --insecure --debug 100 -p 10443 localhost
|
// gnutls-cli --insecure --debug 100 -p 10443 localhost
|
||||||
{"RequestClientCert, client gives it", RequestClientCert,
|
{"RequestClientCert, client gives it", RequestClientCert,
|
||||||
[]*x509.Certificate{clicert},
|
[]*x509.Certificate{clientCertificate},
|
||||||
[][]byte{{
|
[][]byte{{
|
||||||
0x16, 0x03, 0x02, 0x00, 0x7a, 0x01, 0x00, 0x00,
|
0x16, 0x03, 0x02, 0x00, 0x7a, 0x01, 0x00, 0x00,
|
||||||
0x76, 0x03, 0x02, 0x4e, 0xe7, 0x44, 0xda, 0x58,
|
0x76, 0x03, 0x02, 0x4e, 0xe7, 0x44, 0xda, 0x58,
|
||||||
@ -1606,14 +1754,16 @@ var clientauthTests = []clientauthTest{
|
|||||||
0x00, 0x16, 0x53, 0xf5, 0xff, 0xe0, 0xa1, 0x6c,
|
0x00, 0x16, 0x53, 0xf5, 0xff, 0xe0, 0xa1, 0x6c,
|
||||||
0x33, 0xf4, 0x4e, 0x89, 0x68, 0xe1, 0xf7, 0x61,
|
0x33, 0xf4, 0x4e, 0x89, 0x68, 0xe1, 0xf7, 0x61,
|
||||||
0x13, 0xb3, 0x12, 0xa1, 0x8e, 0x5a, 0x7a, 0x02,
|
0x13, 0xb3, 0x12, 0xa1, 0x8e, 0x5a, 0x7a, 0x02,
|
||||||
}}},
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
// cert.pem and key.pem were generated with generate_cert.go
|
// cert.pem and key.pem were generated with generate_cert.go
|
||||||
// Thus, they have no ExtKeyUsage fields and trigger an error
|
// Thus, they have no ExtKeyUsage fields and trigger an error
|
||||||
// when verification is turned on.
|
// when verification is turned on.
|
||||||
|
|
||||||
var clicert = loadPEMCert(`
|
var clientCertificate = loadPEMCert(`
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIB7TCCAVigAwIBAgIBADALBgkqhkiG9w0BAQUwJjEQMA4GA1UEChMHQWNtZSBD
|
MIIB7TCCAVigAwIBAgIBADALBgkqhkiG9w0BAQUwJjEQMA4GA1UEChMHQWNtZSBD
|
||||||
bzESMBAGA1UEAxMJMTI3LjAuMC4xMB4XDTExMTIwODA3NTUxMloXDTEyMTIwNzA4
|
bzESMBAGA1UEAxMJMTI3LjAuMC4xMB4XDTExMTIwODA3NTUxMloXDTEyMTIwNzA4
|
||||||
|
@ -20,11 +20,11 @@ import (
|
|||||||
// encrypts the pre-master secret to the server's public key.
|
// encrypts the pre-master secret to the server's public key.
|
||||||
type rsaKeyAgreement struct{}
|
type rsaKeyAgreement struct{}
|
||||||
|
|
||||||
func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
|
func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
|
||||||
return nil, nil
|
return nil, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
|
func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
|
||||||
preMasterSecret := make([]byte, 48)
|
preMasterSecret := make([]byte, 48)
|
||||||
_, err := io.ReadFull(config.rand(), preMasterSecret[2:])
|
_, err := io.ReadFull(config.rand(), preMasterSecret[2:])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -44,7 +44,7 @@ func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKe
|
|||||||
ciphertext = ckx.ciphertext[2:]
|
ciphertext = ckx.ciphertext[2:]
|
||||||
}
|
}
|
||||||
|
|
||||||
err = rsa.DecryptPKCS1v15SessionKey(config.rand(), config.Certificates[0].PrivateKey.(*rsa.PrivateKey), ciphertext, preMasterSecret)
|
err = rsa.DecryptPKCS1v15SessionKey(config.rand(), cert.PrivateKey.(*rsa.PrivateKey), ciphertext, preMasterSecret)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -109,7 +109,7 @@ type ecdheRSAKeyAgreement struct {
|
|||||||
x, y *big.Int
|
x, y *big.Int
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ka *ecdheRSAKeyAgreement) generateServerKeyExchange(config *Config, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
|
func (ka *ecdheRSAKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
|
||||||
var curveid uint16
|
var curveid uint16
|
||||||
|
|
||||||
Curve:
|
Curve:
|
||||||
@ -151,7 +151,7 @@ Curve:
|
|||||||
copy(serverECDHParams[4:], ecdhePublic)
|
copy(serverECDHParams[4:], ecdhePublic)
|
||||||
|
|
||||||
md5sha1 := md5SHA1Hash(clientHello.random, hello.random, serverECDHParams)
|
md5sha1 := md5SHA1Hash(clientHello.random, hello.random, serverECDHParams)
|
||||||
sig, err := rsa.SignPKCS1v15(config.rand(), config.Certificates[0].PrivateKey.(*rsa.PrivateKey), crypto.MD5SHA1, md5sha1)
|
sig, err := rsa.SignPKCS1v15(config.rand(), cert.PrivateKey.(*rsa.PrivateKey), crypto.MD5SHA1, md5sha1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, errors.New("failed to sign ECDHE parameters: " + err.Error())
|
return nil, errors.New("failed to sign ECDHE parameters: " + err.Error())
|
||||||
}
|
}
|
||||||
@ -167,7 +167,7 @@ Curve:
|
|||||||
return skx, nil
|
return skx, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ka *ecdheRSAKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
|
func (ka *ecdheRSAKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
|
||||||
if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
|
if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
|
||||||
return nil, errors.New("bad ClientKeyExchange")
|
return nil, errors.New("bad ClientKeyExchange")
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user