kris
/
tls-tris
1
0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Pārlūkot izejas kodu

crypto/tls: prepare for TLS 1.3 client handshake. 

This change splits handshake processing for TLS 1.3, reindenting the TLS
1.2 code path and splitting initializationg of the handshake hash. No
equivalent is added for processServerHello because session resumption is
not supported yet.
tls13
Peter Wu pirms 7 gadiem
vecāks
9eb1d7faf7
revīzija
634f9a5858
2 mainītis faili ar 42 papildinājumiem un 16 dzēšanām
Dalītais skats
Salīdzināšanas iespējas
Rādīt statistiku Lejupielādēt ielāpa failu Lejupielādēt izmaiņu failu
  1. +7
    -0
      13.go
  2. +35
    -16
      handshake_client.go

+ 7
- 0
13.go Parādīt failu

@@ -735,3 +735,10 @@ func (hs *serverHandshakeState) traceErr(err error) {
}
}
}

func (hs *clientHandshakeState) doTLS13Handshake() error {
// TODO key exchange phase
// TODO server params phase
// TODO auth phase
return nil
}

+ 35
- 16
handshake_client.go Parādīt failu

@@ -25,9 +25,14 @@ type clientHandshakeState struct {
serverHello *serverHelloMsg
hello *clientHelloMsg
suite *cipherSuite
finishedHash finishedHash
masterSecret []byte
session *ClientSessionState

// TLS 1.0-1.2 fields
finishedHash finishedHash

// TLS 1.3 fields
keySchedule *keySchedule13
}

func makeClientHello(config *Config) (*clientHelloMsg, error) {
@@ -214,26 +219,40 @@ func (hs *clientHandshakeState) handshake() error {
return err
}

isResume, err := hs.processServerHello()
if err != nil {
return err
}
var isResume bool
if c.vers >= VersionTLS13 {
hs.keySchedule = newKeySchedule13(hs.suite, c.config, hs.hello.random)
hs.keySchedule.write(hs.hello.marshal())
hs.keySchedule.write(hs.serverHello.marshal())
} else {
isResume, err = hs.processServerHello()
if err != nil {
return err
}

hs.finishedHash = newFinishedHash(c.vers, hs.suite)
hs.finishedHash = newFinishedHash(c.vers, hs.suite)

// No signatures of the handshake are needed in a resumption.
// Otherwise, in a full handshake, if we don't have any certificates
// configured then we will never send a CertificateVerify message and
// thus no signatures are needed in that case either.
if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
hs.finishedHash.discardHandshakeBuffer()
}
// No signatures of the handshake are needed in a resumption.
// Otherwise, in a full handshake, if we don't have any certificates
// configured then we will never send a CertificateVerify message and
// thus no signatures are needed in that case either.
if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
hs.finishedHash.discardHandshakeBuffer()
}

hs.finishedHash.Write(hs.hello.marshal())
hs.finishedHash.Write(hs.serverHello.marshal())
hs.finishedHash.Write(hs.hello.marshal())
hs.finishedHash.Write(hs.serverHello.marshal())
}

c.buffering = true
if isResume {
if c.vers >= VersionTLS13 {
if err := hs.doTLS13Handshake(); err != nil {
return err
}
if _, err := c.flush(); err != nil {
return err
}
} else if isResume {
if err := hs.establishKeys(); err != nil {
return err
}


Rakstīt Priekšskatītījums
Notiek ielāde…
Atcelt
Saglabāt