mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
crypto/tls: implement TLS 1.3 client handshake (base)
Implement a basic TLS 1.3 client handshake, only enabled if explicitly requested with MaxVersion. This CL intentionally leaves for future CLs: - PSK modes and resumption - client authentication - post-handshake messages - downgrade protection - KeyLogWriter support Updates #9671 Change-Id: Ieb6130fb6f25aea4f0d39e3a2448dfc942e1de7a Reviewed-on: https://go-review.googlesource.com/c/146559 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda
parent
ed74f7823e
commit
2c3ff7ba06
25 changed files with 2074 additions and 362 deletions
28
auth.go
28
auth.go
|
|
@ -11,6 +11,8 @@ import (
|
|||
"encoding/asn1"
|
||||
"errors"
|
||||
"fmt"
|
||||
"hash"
|
||||
"io"
|
||||
)
|
||||
|
||||
// pickSignatureAlgorithm selects a signature algorithm that is compatible with
|
||||
|
|
@ -43,7 +45,7 @@ func pickSignatureAlgorithm(pubkey crypto.PublicKey, peerSigAlgs, ourSigAlgs []S
|
|||
if !isSupportedSignatureAlgorithm(sigAlg, ourSigAlgs) {
|
||||
continue
|
||||
}
|
||||
hashAlg, err := lookupTLSHash(sigAlg)
|
||||
hashAlg, err := hashFromSignatureScheme(sigAlg)
|
||||
if err != nil {
|
||||
panic("tls: supported signature algorithm has an unknown hash function")
|
||||
}
|
||||
|
|
@ -105,3 +107,27 @@ func verifyHandshakeSignature(sigType uint8, pubkey crypto.PublicKey, hashFunc c
|
|||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
const (
|
||||
serverSignatureContext = "TLS 1.3, server CertificateVerify\x00"
|
||||
clientSignatureContext = "TLS 1.3, client CertificateVerify\x00"
|
||||
)
|
||||
|
||||
var signaturePadding = []byte{
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
|
||||
}
|
||||
|
||||
// writeSignedMessage writes the content to be signed by certificate keys in TLS
|
||||
// 1.3 to sigHash. See RFC 8446, Section 4.4.3.
|
||||
func writeSignedMessage(sigHash io.Writer, context string, transcript hash.Hash) {
|
||||
sigHash.Write(signaturePadding)
|
||||
io.WriteString(sigHash, context)
|
||||
sigHash.Write(transcript.Sum(nil))
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue