crypto/tls: implement TLS 1.3 client handshake (base)

Implement a basic TLS 1.3 client handshake, only enabled if explicitly requested with MaxVersion. This CL intentionally leaves for future CLs: - PSK modes and resumption - client authentication - post-handshake messages - downgrade protection - KeyLogWriter support Updates #9671 Change-Id: Ieb6130fb6f25aea4f0d39e3a2448dfc942e1de7a Reviewed-on: https://go-review.googlesource.com/c/146559 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org>
2025-04-04 12:37:35 +03:00 · 2018-11-01 01:01:09 -04:00 · 2018-11-01 01:01:09 -04:00 · 2c3ff7ba06
commit 2c3ff7ba06
parent ed74f7823e
25 changed files with 2074 additions and 362 deletions
--- a/cipher_suites.go
+++ b/cipher_suites.go
@ -410,6 +410,20 @@ func mutualCipherSuite(have []uint16, want uint16) *cipherSuite {
 	return nil
 }

+func mutualCipherSuiteTLS13(have []uint16, want uint16) *cipherSuiteTLS13 {
+	for _, id := range have {
+		if id == want {
+			for _, suite := range cipherSuitesTLS13 {
+				if suite.id == want {
+					return suite
+				}
+			}
+			return nil
+		}
+	}
+	return nil
+}
+
 // A list of cipher suite IDs that are, or have been, implemented by this
 // package.
 //