kris
/
tls-tris
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
2 Révisions
4 Branches
2.5 MiB
Aborescence: 24b96e2917
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '24b96e2917'
${ noResults }
tls-tris/common.go

common.go 2.6 KiB
Brut Vue normale Historique

crypto/tls (part 1) Rather than drop everything into a single, huge review, I've included some simple bits of code here. R=rsc CC=go-dev http://go/go-review/1016029
il y a 15 ans
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 
  1. // Copyright 2009 The Go Authors. All rights reserved.

  2. // Use of this source code is governed by a BSD-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package tls

  6. 

  7. import (

  8. 	"crypto/rsa";

  9. 	"io";

  10. 	"os";

  11. )

  12. 

  13. const (

  14. 	// maxTLSCiphertext is the maximum length of a plaintext payload.

  15. 	maxTLSPlaintext	= 16384;

  16. 	// maxTLSCiphertext is the maximum length payload after compression and encryption.

  17. 	maxTLSCiphertext	= 16384+2048;

  18. 	// maxHandshakeMsg is the largest single handshake message that we'll buffer.

  19. 	maxHandshakeMsg	= 65536;

  20. )

  21. 

  22. 

  23. // TLS record types.

  24. type recordType uint8

  25. 

  26. const (

  27. 	recordTypeChangeCipherSpec	recordType	= 20;

  28. 	recordTypeAlert			recordType	= 21;

  29. 	recordTypeHandshake		recordType	= 22;

  30. 	recordTypeApplicationData	recordType	= 23;

  31. )

  32. 

  33. // TLS handshake message types.

  34. const (

  35. 	typeClientHello		uint8	= 1;

  36. 	typeServerHello		uint8	= 2;

  37. 	typeCertificate		uint8	= 11;

  38. 	typeServerHelloDone	uint8	= 14;

  39. 	typeClientKeyExchange	uint8	= 16;

  40. 	typeFinished		uint8	= 20;

  41. )

  42. 

  43. // TLS cipher suites.

  44. var (

  45. 	TLS_RSA_WITH_RC4_128_SHA uint16 = 5;

  46. )

  47. 

  48. // TLS compression types.

  49. var (

  50. 	compressionNone uint8 = 0;

  51. )

  52. 

  53. type ConnectionState struct {

  54. 	HandshakeComplete	bool;

  55. 	CipherSuite		string;

  56. 	Error			alertType;

  57. }

  58. 

  59. // A Config structure is used to configure a TLS client or server. After one

  60. // has been passed to a TLS function it must not be modified.

  61. type Config struct {

  62. 	// Rand provides the source of entropy for nonces and RSA blinding.

  63. 	Rand	io.Reader;

  64. 	// Time returns the current time as the number of seconds since the epoch.

  65. 	Time		func() int64;

  66. 	Certificates	[]Certificate;

  67. }

  68. 

  69. type Certificate struct {

  70. 	Certificate	[][]byte;

  71. 	PrivateKey	*rsa.PrivateKey;

  72. }

  73. 

  74. // A TLS record.

  75. type record struct {

  76. 	contentType	recordType;

  77. 	major, minor	uint8;

  78. 	payload		[]byte;

  79. }

  80. 

  81. type handshakeMessage interface {

  82. 	marshal() []byte;

  83. }

  84. 

  85. type encryptor interface {

  86. 	// XORKeyStream xors the contents of the slice with bytes from the key stream.

  87. 	XORKeyStream(buf []byte);

  88. }

  89. 

  90. // mutualVersion returns the protocol version to use given the advertised

  91. // version of the peer.

  92. func mutualVersion(theirMajor, theirMinor uint8) (major, minor uint8, ok bool) {

  93. 	// We don't deal with peers < TLS 1.0 (aka version 3.1).

  94. 	if theirMajor < 3 || theirMajor == 3 && theirMinor < 1 {

  95. 		return 0, 0, false;

  96. 	}

  97. 	major = 3;

  98. 	minor = 2;

  99. 	if theirMinor < minor {

  100. 		minor = theirMinor;

  101. 	}

  102. 	ok = true;

  103. 	return;

  104. }

  105. 

  106. // A nop implements the NULL encryption and MAC algorithms.

  107. type nop struct{}

  108. 

  109. func (nop) XORKeyStream(buf []byte) {}

  110. 

  111. func (nop) Write(buf []byte) (int, os.Error) {

  112. 	return len(buf), nil;

  113. }

  114. 

  115. func (nop) Sum() []byte {

  116. 	return nil;

  117. }

  118. 

  119. func (nop) Reset() {}

  120. 

  121. func (nop) Size() int {

  122. 	return 0;

  123. }