kris
/
tls-tris
1
0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
Bladeren bron

crypto/tls: prepare for TLS 1.3 client handshake. 

This change splits handshake processing for TLS 1.3, reindenting the TLS
1.2 code path and splitting initializationg of the handshake hash. No
equivalent is added for processServerHello because session resumption is
not supported yet.
tls13
Peter Wu 7 jaren geleden
bovenliggende
9eb1d7faf7
commit
634f9a5858
2 gewijzigde bestanden met toevoegingen van 42 en 16 verwijderingen
Zij-aan-zij weergave
Diff opties
Statistieken weergeven Download Patch-bestand Download Diff-bestand
  1. +7
    -0
      13.go
  2. +35
    -16
      handshake_client.go

+ 7
- 0
13.go Bestand weergeven

@@ -735,3 +735,10 @@ func (hs *serverHandshakeState) traceErr(err error) {
}
}
}

func (hs *clientHandshakeState) doTLS13Handshake() error {
// TODO key exchange phase
// TODO server params phase
// TODO auth phase
return nil
}

+ 35
- 16
handshake_client.go Bestand weergeven

@@ -25,9 +25,14 @@ type clientHandshakeState struct {
serverHello *serverHelloMsg
hello *clientHelloMsg
suite *cipherSuite
finishedHash finishedHash
masterSecret []byte
session *ClientSessionState

// TLS 1.0-1.2 fields
finishedHash finishedHash

// TLS 1.3 fields
keySchedule *keySchedule13
}

func makeClientHello(config *Config) (*clientHelloMsg, error) {
@@ -214,26 +219,40 @@ func (hs *clientHandshakeState) handshake() error {
return err
}

isResume, err := hs.processServerHello()
if err != nil {
return err
}
var isResume bool
if c.vers >= VersionTLS13 {
hs.keySchedule = newKeySchedule13(hs.suite, c.config, hs.hello.random)
hs.keySchedule.write(hs.hello.marshal())
hs.keySchedule.write(hs.serverHello.marshal())
} else {
isResume, err = hs.processServerHello()
if err != nil {
return err
}

hs.finishedHash = newFinishedHash(c.vers, hs.suite)
hs.finishedHash = newFinishedHash(c.vers, hs.suite)

// No signatures of the handshake are needed in a resumption.
// Otherwise, in a full handshake, if we don't have any certificates
// configured then we will never send a CertificateVerify message and
// thus no signatures are needed in that case either.
if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
hs.finishedHash.discardHandshakeBuffer()
}
// No signatures of the handshake are needed in a resumption.
// Otherwise, in a full handshake, if we don't have any certificates
// configured then we will never send a CertificateVerify message and
// thus no signatures are needed in that case either.
if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
hs.finishedHash.discardHandshakeBuffer()
}

hs.finishedHash.Write(hs.hello.marshal())
hs.finishedHash.Write(hs.serverHello.marshal())
hs.finishedHash.Write(hs.hello.marshal())
hs.finishedHash.Write(hs.serverHello.marshal())
}

c.buffering = true
if isResume {
if c.vers >= VersionTLS13 {
if err := hs.doTLS13Handshake(); err != nil {
return err
}
if _, err := c.flush(); err != nil {
return err
}
} else if isResume {
if err := hs.establishKeys(); err != nil {
return err
}


Schrijf Voorbeeld
Laden…
Annuleren
Opslaan