kris
/
tls-tris
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
64 Commits
4 Branches
2.5 MiB
 
 
 
 
 
 
Tree: 78f486a80c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '78f486a80c'
${ noResults }
tls-tris/common.go

263 lines
6.3 KiB
Raw Blame History 

  1. // Copyright 2009 The Go Authors. All rights reserved.

  2. // Use of this source code is governed by a BSD-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package tls

  6. 

  7. import (

  8. 	"crypto/rand"

  9. 	"crypto/rsa"

  10. 	"crypto/x509"

  11. 	"io"

  12. 	"io/ioutil"

  13. 	"sync"

  14. 	"time"

  15. )

  16. 

  17. const (

  18. 	maxPlaintext    = 16384        // maximum plaintext payload length

  19. 	maxCiphertext   = 16384 + 2048 // maximum ciphertext payload length

  20. 	recordHeaderLen = 5            // record header length

  21. 	maxHandshake    = 65536        // maximum handshake we support (protocol max is 16 MB)

  22. 

  23. 	minVersion = 0x0301 // minimum supported version - TLS 1.0

  24. 	maxVersion = 0x0301 // maximum supported version - TLS 1.0

  25. )

  26. 

  27. // TLS record types.

  28. type recordType uint8

  29. 

  30. const (

  31. 	recordTypeChangeCipherSpec recordType = 20

  32. 	recordTypeAlert            recordType = 21

  33. 	recordTypeHandshake        recordType = 22

  34. 	recordTypeApplicationData  recordType = 23

  35. )

  36. 

  37. // TLS handshake message types.

  38. const (

  39. 	typeClientHello        uint8 = 1

  40. 	typeServerHello        uint8 = 2

  41. 	typeCertificate        uint8 = 11

  42. 	typeServerKeyExchange  uint8 = 12

  43. 	typeCertificateRequest uint8 = 13

  44. 	typeServerHelloDone    uint8 = 14

  45. 	typeCertificateVerify  uint8 = 15

  46. 	typeClientKeyExchange  uint8 = 16

  47. 	typeFinished           uint8 = 20

  48. 	typeCertificateStatus  uint8 = 22

  49. 	typeNextProtocol       uint8 = 67 // Not IANA assigned

  50. )

  51. 

  52. // TLS compression types.

  53. const (

  54. 	compressionNone uint8 = 0

  55. )

  56. 

  57. // TLS extension numbers

  58. var (

  59. 	extensionServerName      uint16 = 0

  60. 	extensionStatusRequest   uint16 = 5

  61. 	extensionSupportedCurves uint16 = 10

  62. 	extensionSupportedPoints uint16 = 11

  63. 	extensionNextProtoNeg    uint16 = 13172 // not IANA assigned

  64. )

  65. 

  66. // TLS Elliptic Curves

  67. // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8

  68. var (

  69. 	curveP256 uint16 = 23

  70. 	curveP384 uint16 = 24

  71. 	curveP521 uint16 = 25

  72. )

  73. 

  74. // TLS Elliptic Curve Point Formats

  75. // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9

  76. var (

  77. 	pointFormatUncompressed uint8 = 0

  78. )

  79. 

  80. // TLS CertificateStatusType (RFC 3546)

  81. const (

  82. 	statusTypeOCSP uint8 = 1

  83. )

  84. 

  85. // Certificate types (for certificateRequestMsg)

  86. const (

  87. 	certTypeRSASign    = 1 // A certificate containing an RSA key

  88. 	certTypeDSSSign    = 2 // A certificate containing a DSA key

  89. 	certTypeRSAFixedDH = 3 // A certificate containing a static DH key

  90. 	certTypeDSSFixedDH = 4 // A certficiate containing a static DH key

  91. 	// Rest of these are reserved by the TLS spec

  92. )

  93. 

  94. // ConnectionState records basic TLS details about the connection.

  95. type ConnectionState struct {

  96. 	HandshakeComplete          bool

  97. 	CipherSuite                uint16

  98. 	NegotiatedProtocol         string

  99. 	NegotiatedProtocolIsMutual bool

  100. 

  101. 	// the certificate chain that was presented by the other side

  102. 	PeerCertificates []*x509.Certificate

  103. }

  104. 

  105. // A Config structure is used to configure a TLS client or server. After one

  106. // has been passed to a TLS function it must not be modified.

  107. type Config struct {

  108. 	// Rand provides the source of entropy for nonces and RSA blinding.

  109. 	// If Rand is nil, TLS uses the cryptographic random reader in package

  110. 	// crypto/rand.

  111. 	Rand io.Reader

  112. 

  113. 	// Time returns the current time as the number of seconds since the epoch.

  114. 	// If Time is nil, TLS uses the system time.Seconds.

  115. 	Time func() int64

  116. 

  117. 	// Certificates contains one or more certificate chains

  118. 	// to present to the other side of the connection.

  119. 	// Server configurations must include at least one certificate.

  120. 	Certificates []Certificate

  121. 

  122. 	// RootCAs defines the set of root certificate authorities

  123. 	// that clients use when verifying server certificates.

  124. 	// If RootCAs is nil, TLS uses the host's root CA set.

  125. 	RootCAs *CASet

  126. 

  127. 	// NextProtos is a list of supported, application level protocols.

  128. 	NextProtos []string

  129. 

  130. 	// ServerName is included in the client's handshake to support virtual

  131. 	// hosting.

  132. 	ServerName string

  133. 

  134. 	// AuthenticateClient controls whether a server will request a certificate

  135. 	// from the client. It does not require that the client send a

  136. 	// certificate nor does it require that the certificate sent be

  137. 	// anything more than self-signed.

  138. 	AuthenticateClient bool

  139. 

  140. 	// CipherSuites is a list of supported cipher suites. If CipherSuites

  141. 	// is nil, TLS uses a list of suites supported by the implementation.

  142. 	CipherSuites []uint16

  143. }

  144. 

  145. func (c *Config) rand() io.Reader {

  146. 	r := c.Rand

  147. 	if r == nil {

  148. 		return rand.Reader

  149. 	}

  150. 	return r

  151. }

  152. 

  153. func (c *Config) time() int64 {

  154. 	t := c.Time

  155. 	if t == nil {

  156. 		t = time.Seconds

  157. 	}

  158. 	return t()

  159. }

  160. 

  161. func (c *Config) rootCAs() *CASet {

  162. 	s := c.RootCAs

  163. 	if s == nil {

  164. 		s = defaultRoots()

  165. 	}

  166. 	return s

  167. }

  168. 

  169. func (c *Config) cipherSuites() []uint16 {

  170. 	s := c.CipherSuites

  171. 	if s == nil {

  172. 		s = defaultCipherSuites()

  173. 	}

  174. 	return s

  175. }

  176. 

  177. // A Certificate is a chain of one or more certificates, leaf first.

  178. type Certificate struct {

  179. 	Certificate [][]byte

  180. 	PrivateKey  *rsa.PrivateKey

  181. }

  182. 

  183. // A TLS record.

  184. type record struct {

  185. 	contentType  recordType

  186. 	major, minor uint8

  187. 	payload      []byte

  188. }

  189. 

  190. type handshakeMessage interface {

  191. 	marshal() []byte

  192. 	unmarshal([]byte) bool

  193. }

  194. 

  195. // mutualVersion returns the protocol version to use given the advertised

  196. // version of the peer.

  197. func mutualVersion(vers uint16) (uint16, bool) {

  198. 	if vers < minVersion {

  199. 		return 0, false

  200. 	}

  201. 	if vers > maxVersion {

  202. 		vers = maxVersion

  203. 	}

  204. 	return vers, true

  205. }

  206. 

  207. var emptyConfig Config

  208. 

  209. func defaultConfig() *Config {

  210. 	return &emptyConfig

  211. }

  212. 

  213. // Possible certificate files; stop after finding one.

  214. // On OS X we should really be using the Directory Services keychain

  215. // but that requires a lot of Mach goo to get at.  Instead we use

  216. // the same root set that curl uses.

  217. var certFiles = []string{

  218. 	"/etc/ssl/certs/ca-certificates.crt", // Linux etc

  219. 	"/usr/share/curl/curl-ca-bundle.crt", // OS X

  220. }

  221. 

  222. var once sync.Once

  223. 

  224. func defaultRoots() *CASet {

  225. 	once.Do(initDefaults)

  226. 	return varDefaultRoots

  227. }

  228. 

  229. func defaultCipherSuites() []uint16 {

  230. 	once.Do(initDefaults)

  231. 	return varDefaultCipherSuites

  232. }

  233. 

  234. func initDefaults() {

  235. 	initDefaultRoots()

  236. 	initDefaultCipherSuites()

  237. }

  238. 

  239. var varDefaultRoots *CASet

  240. 

  241. func initDefaultRoots() {

  242. 	roots := NewCASet()

  243. 	for _, file := range certFiles {

  244. 		data, err := ioutil.ReadFile(file)

  245. 		if err == nil {

  246. 			roots.SetFromPEM(data)

  247. 			break

  248. 		}

  249. 	}

  250. 	varDefaultRoots = roots

  251. }

  252. 

  253. var varDefaultCipherSuites []uint16

  254. 

  255. func initDefaultCipherSuites() {

  256. 	varDefaultCipherSuites = make([]uint16, len(cipherSuites))

  257. 	i := 0

  258. 	for id, _ := range cipherSuites {

  259. 		varDefaultCipherSuites[i] = id

  260. 		i++

  261. 	}

  262. }