|
@@ -808,6 +808,11 @@ func (m *serverHelloMsg) marshal() []byte { |
|
|
extensionsLength += 2 |
|
|
extensionsLength += 2 |
|
|
numExtensions++ |
|
|
numExtensions++ |
|
|
} |
|
|
} |
|
|
|
|
|
// supported_versions extension |
|
|
|
|
|
if m.vers >= VersionTLS13 { |
|
|
|
|
|
extensionsLength += 2 |
|
|
|
|
|
numExtensions++ |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
if numExtensions > 0 { |
|
|
if numExtensions > 0 { |
|
|
extensionsLength += 4 * numExtensions |
|
|
extensionsLength += 4 * numExtensions |
|
@@ -819,8 +824,13 @@ func (m *serverHelloMsg) marshal() []byte { |
|
|
x[1] = uint8(length >> 16) |
|
|
x[1] = uint8(length >> 16) |
|
|
x[2] = uint8(length >> 8) |
|
|
x[2] = uint8(length >> 8) |
|
|
x[3] = uint8(length) |
|
|
x[3] = uint8(length) |
|
|
x[4] = uint8(m.vers >> 8) |
|
|
|
|
|
x[5] = uint8(m.vers) |
|
|
|
|
|
|
|
|
if m.vers >= VersionTLS13 { |
|
|
|
|
|
x[4] = 3 |
|
|
|
|
|
x[5] = 3 |
|
|
|
|
|
} else { |
|
|
|
|
|
x[4] = uint8(m.vers >> 8) |
|
|
|
|
|
x[5] = uint8(m.vers) |
|
|
|
|
|
} |
|
|
copy(x[6:38], m.random) |
|
|
copy(x[6:38], m.random) |
|
|
z := x[38:] |
|
|
z := x[38:] |
|
|
if !oldTLS13Draft { |
|
|
if !oldTLS13Draft { |
|
@@ -843,6 +853,14 @@ func (m *serverHelloMsg) marshal() []byte { |
|
|
z[1] = byte(extensionsLength) |
|
|
z[1] = byte(extensionsLength) |
|
|
z = z[2:] |
|
|
z = z[2:] |
|
|
} |
|
|
} |
|
|
|
|
|
if m.vers >= VersionTLS13 { |
|
|
|
|
|
z[0] = byte(extensionSupportedVersions >> 8) |
|
|
|
|
|
z[1] = byte(extensionSupportedVersions) |
|
|
|
|
|
z[3] = 2 |
|
|
|
|
|
z[4] = uint8(m.vers >> 8) |
|
|
|
|
|
z[5] = uint8(m.vers) |
|
|
|
|
|
z = z[6:] |
|
|
|
|
|
} |
|
|
if m.nextProtoNeg { |
|
|
if m.nextProtoNeg { |
|
|
z[0] = byte(extensionNextProtoNeg >> 8) |
|
|
z[0] = byte(extensionNextProtoNeg >> 8) |
|
|
z[1] = byte(extensionNextProtoNeg & 0xff) |
|
|
z[1] = byte(extensionNextProtoNeg & 0xff) |
|
@@ -996,6 +1014,17 @@ func (m *serverHelloMsg) unmarshal(data []byte) alert { |
|
|
return alertDecodeError |
|
|
return alertDecodeError |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
svData := findExtension(data, extensionSupportedVersions) |
|
|
|
|
|
if svData != nil { |
|
|
|
|
|
if len(svData) != 2 { |
|
|
|
|
|
return alertDecodeError |
|
|
|
|
|
} |
|
|
|
|
|
if m.vers != VersionTLS12 { |
|
|
|
|
|
return alertDecodeError |
|
|
|
|
|
} |
|
|
|
|
|
m.vers = uint16(svData[0])<<8 | uint16(svData[1]) |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
for len(data) != 0 { |
|
|
for len(data) != 0 { |
|
|
if len(data) < 4 { |
|
|
if len(data) < 4 { |
|
|
return alertDecodeError |
|
|
return alertDecodeError |
|
@@ -2384,3 +2413,22 @@ func eqKeyShares(x, y []keyShare) bool { |
|
|
} |
|
|
} |
|
|
return true |
|
|
return true |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
func findExtension(data []byte, extensionType uint16) []byte { |
|
|
|
|
|
for len(data) != 0 { |
|
|
|
|
|
if len(data) < 4 { |
|
|
|
|
|
return nil |
|
|
|
|
|
} |
|
|
|
|
|
extension := uint16(data[0])<<8 | uint16(data[1]) |
|
|
|
|
|
length := int(data[2])<<8 | int(data[3]) |
|
|
|
|
|
data = data[4:] |
|
|
|
|
|
if len(data) < length { |
|
|
|
|
|
return nil |
|
|
|
|
|
} |
|
|
|
|
|
if extension == extensionType { |
|
|
|
|
|
return data[:length] |
|
|
|
|
|
} |
|
|
|
|
|
data = data[length:] |
|
|
|
|
|
} |
|
|
|
|
|
return nil |
|
|
|
|
|
} |