diff --git a/common.go b/common.go index 286e60d..986b917 100644 --- a/common.go +++ b/common.go @@ -40,7 +40,7 @@ const ( maxWarnAlertCount = 5 // maximum number of consecutive warning alerts minVersion = VersionTLS10 - maxVersion = VersionTLS12 + maxVersion = VersionTLS13Draft22 ) // TLS record types. diff --git a/example_test.go b/example_test.go index 02d0f18..5b4106f 100644 --- a/example_test.go +++ b/example_test.go @@ -71,7 +71,52 @@ yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx conn.Close() } -func ExampleConfig_keyLogWriter() { +func ExampleConfig_keyLogWriter_TLS12() { + // Debugging TLS applications by decrypting a network traffic capture. + + // WARNING: Use of KeyLogWriter compromises security and should only be + // used for debugging. + + // Dummy test HTTP server for the example with insecure random so output is + // reproducible. + server := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) + server.TLS = &tls.Config{ + Rand: zeroSource{}, // for example only; don't do this. + MaxVersion: tls.VersionTLS12, + } + server.StartTLS() + defer server.Close() + + // Typically the log would go to an open file: + // w, err := os.OpenFile("tls-secrets.txt", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) + w := os.Stdout + + client := &http.Client{ + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + KeyLogWriter: w, + + Rand: zeroSource{}, // for reproducible output; don't do this. + InsecureSkipVerify: true, // test server certificate is not trusted. + }, + }, + } + resp, err := client.Get(server.URL) + if err != nil { + log.Fatalf("Failed to get URL: %v", err) + } + resp.Body.Close() + + // The resulting file can be used with Wireshark to decrypt the TLS + // connection by setting (Pre)-Master-Secret log filename in SSL Protocol + // preferences. + + // Output: + // CLIENT_RANDOM 0000000000000000000000000000000000000000000000000000000000000000 baca0df460a688e44ce018b025183cc2353ae01f89755ef766eedd3ecc302888ee3b3a22962e45f48c20df15a98c0e80 +} + + +func ExampleConfig_keyLogWriter_TLS13() { // Debugging TLS applications by decrypting a network traffic capture. // WARNING: Use of KeyLogWriter compromises security and should only be @@ -111,5 +156,8 @@ func ExampleConfig_keyLogWriter() { // preferences. // Output: - // CLIENT_RANDOM 0000000000000000000000000000000000000000000000000000000000000000 baca0df460a688e44ce018b025183cc2353ae01f89755ef766eedd3ecc302888ee3b3a22962e45f48c20df15a98c0e80 + // CLIENT_HANDSHAKE_TRAFFIC_SECRET 0000000000000000000000000000000000000000000000000000000000000000 dd81138732f799edb6fbc3d99132544d7f9cfa324e06a870f54dcf7ae514f07a + // SERVER_HANDSHAKE_TRAFFIC_SECRET 0000000000000000000000000000000000000000000000000000000000000000 7ded606632ac89e595f01a52228afe8e8f8833396ececf4e6e2196acda4a4eec + // SERVER_TRAFFIC_SECRET_0 0000000000000000000000000000000000000000000000000000000000000000 53f0129133343e630d989c0c8a30ca217d754f33e85787f07c06ebcfd3d333cb + // CLIENT_TRAFFIC_SECRET_0 0000000000000000000000000000000000000000000000000000000000000000 c388383316a48082800ca08f8b8348fbb9039bda7569d51a93b397c83044344e } diff --git a/handshake_client_test.go b/handshake_client_test.go index 0caf045..b8d26ae 100644 --- a/handshake_client_test.go +++ b/handshake_client_test.go @@ -660,6 +660,8 @@ func TestHandshakeClientCertECDSA(t *testing.T) { runClientTestTLS12(t, test) } +// This test is specific to TLS versions which support session tickets (TLSv1.2 and below). +// Session tickets are obsolete in TLSv1.3 (see 2.2 of TLS RFC) func TestClientResumption(t *testing.T) { serverConfig := &Config{ CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, @@ -679,6 +681,7 @@ func TestClientResumption(t *testing.T) { ClientSessionCache: NewLRUClientSessionCache(32), RootCAs: rootCAs, ServerName: "example.golang", + MaxVersion: VersionTLS12, // Enforce TLSv1.2 } testResumeState := func(test string, didResume bool) { diff --git a/handshake_server_test.go b/handshake_server_test.go index 8f5cc6f..7ff06eb 100644 --- a/handshake_server_test.go +++ b/handshake_server_test.go @@ -390,6 +390,8 @@ func TestSCTHandshake(t *testing.T) { PrivateKey: testRSAPrivateKey, SignedCertificateTimestamps: expected, }}, + // See GH#76 + MaxVersion: VersionTLS12, } clientConfig := &Config{ InsecureSkipVerify: true, diff --git a/tls_test.go b/tls_test.go index e25f1c8..13482d8 100644 --- a/tls_test.go +++ b/tls_test.go @@ -356,7 +356,11 @@ func TestVerifyHostname(t *testing.T) { func TestVerifyHostnameResumed(t *testing.T) { config := &Config{ ClientSessionCache: NewLRUClientSessionCache(32), + // There is no "New ticket" sent in case TLS v1.3 is advertised. + // Hence forcing TLSv12 + MaxVersion: VersionTLS12, } + for i := 0; i < 2; i++ { c, err := Dial("tcp", "www.google.com:https", config) if err != nil {