mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-04 04:27:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: implement TLS 1.3 server handshake (base)

Browse source 
Implement a basic TLS 1.3 server handshake, only enabled if explicitly
requested with MaxVersion.

This CL intentionally leaves for future CLs:
  - PSK modes and resumption
  - client authentication
  - compatibility mode ChangeCipherSpecs
  - early data skipping
  - post-handshake messages
  - downgrade protection
  - KeyLogWriter support
  - TLS_FALLBACK_SCSV processing

It also leaves a few areas up for a wider refactor (maybe in Go 1.13):
  - the certificate selection logic can be significantly improved,
    including supporting and surfacing signature_algorithms_cert, but
    this isn't new in TLS 1.3 (see comment in processClientHello)
  - handshake_server_tls13.go can be dried up and broken into more
    meaningful, smaller functions, but it felt premature to do before
    PSK and client auth support
  - the monstrous ClientHello equality check in doHelloRetryRequest can
    get both cleaner and more complete with collaboration from the
    parsing layer, which can come at the same time as extension
    duplicates detection

Updates #9671

Change-Id: Id9db2b6ecc2eea21bf9b59b6d1d9c84a7435151c
Reviewed-on: https://go-review.googlesource.com/c/147017
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda 2018-11-02 00:57:30 -04:00
parent 2c3ff7ba06
commit 376ff45dc1
19 changed files with 1788 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

90
testdata/Server-TLSv13-AES128-SHA256 vendored Normal file
View file

@ -0,0 +1,90 @@
>>> Flow 1 (client to server)
00000000 16 03 01 00 dc 01 00 00 d8 03 03 f8 75 ee c1 65 |............u..e|
00000010 31 d9 dd 36 00 f6 b0 f0 a8 d6 a0 42 da d1 8a a3 |1..6.......B....|
00000020 17 82 1a 44 14 6e bc 43 e0 4b 89 20 88 b8 53 ac |...D.n.C.K. ..S.|
00000030 16 d5 64 58 23 21 20 c4 0b 8d 96 d7 db 59 44 3d |..dX#! ......YD=|
00000040 9e 67 9b f8 a8 21 6c 6d 02 54 a9 b6 00 04 13 01 |.g...!lm.T......|
00000050 00 ff 01 00 00 8b 00 00 00 0e 00 0c 00 00 09 31 |...............1|
00000060 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........|
00000070 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................|
00000080 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 |................|
00000090 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................|
000000a0 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 |...........+....|
000000b0 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 |..-.....3.&.$...|
000000c0 20 be 01 5d e4 e9 b4 66 52 bf 5f 5f ab 82 80 be | ..]...fR.__....|
000000d0 25 13 b3 e7 28 5e 00 a6 b0 a6 d5 f1 f0 20 42 e5 |%...(^....... B.|
000000e0 2e |.|
>>> Flow 2 (server to client)
00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
00000020 00 00 00 00 00 00 00 00 00 00 00 20 88 b8 53 ac |........... ..S.|
00000030 16 d5 64 58 23 21 20 c4 0b 8d 96 d7 db 59 44 3d |..dX#! ......YD=|
00000040 9e 67 9b f8 a8 21 6c 6d 02 54 a9 b6 13 01 00 00 |.g...!lm.T......|
00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /|
00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 17 |.........._X.;t.|
00000080 03 03 00 17 ff de 7b 26 44 70 00 05 64 fc 65 e3 |......{&Dp..d.e.|
00000090 23 fd ea 4b b3 d0 e6 80 db 2b 4c 17 03 03 02 6d |#..K.....+L....m|
000000a0 8f 7b 9c 1f b5 a8 26 b3 89 76 13 7f a2 9a 9b e3 |.{....&..v......|
000000b0 b8 06 c3 ff 02 c2 41 8e 29 fd f4 45 43 d3 57 23 |......A.)..EC.W#|
000000c0 71 32 03 31 24 2b 73 ca 7a df e9 79 4e 96 7c d5 |q2.1$+s.z..yN.|.|
000000d0 f1 19 05 11 1c cf 5f 85 30 e5 32 2c 61 2c d2 40 |......_.0.2,a,.@|
000000e0 25 c0 72 2c f8 ef d2 8d d9 4f 81 88 cc 9f c0 71 |%.r,.....O.....q|
000000f0 97 9e 79 f4 33 e8 75 47 1e 5a c1 02 20 48 6f a4 |..y.3.uG.Z.. Ho.|
00000100 41 d6 37 73 07 ad 90 37 80 d7 f9 c1 59 96 9f a8 |A.7s...7....Y...|
00000110 e4 f5 e4 65 99 02 a3 69 95 e1 39 07 fb a8 ac 6d |...e...i..9....m|
00000120 40 fb de 64 05 5b b4 32 ba 09 da 92 0a ba 1e 11 |@..d.[.2........|
00000130 3f d3 bd 6d 68 f7 15 d3 74 60 18 cd 96 04 2f db |?..mh...t`..../.|
00000140 c5 09 f2 05 5f 82 8b 23 65 00 7c b7 d5 ef 1d 0e |...._..#e.|.....|
00000150 3a 08 2b c9 6d 99 9b 9a a6 55 2c df 08 c0 4a b1 |:.+.m....U,...J.|
00000160 b3 69 9c d9 68 49 43 28 8e 00 c5 e1 60 07 25 4d |.i..hIC(....`.%M|
00000170 aa 61 2e 74 82 49 62 e0 a8 f0 53 6c 64 ea fc cc |.a.t.Ib...Sld...|
00000180 84 ab 26 b6 b8 ef 55 cd 3d 34 1a 65 25 8f 76 f4 |..&...U.=4.e%.v.|
00000190 dc 06 9b 67 98 59 c1 37 86 0f 24 34 86 b5 a3 dd |...g.Y.7..$4....|
000001a0 5b d4 c8 04 cb 73 e1 67 bb 66 d7 94 16 eb 3b 73 |[....s.g.f....;s|
000001b0 7e 67 8d 7f bf e9 f9 89 6d d8 6a a9 3c 97 eb 67 |~g......m.j.<..g|
000001c0 f0 6f fa 9b 4d f0 25 25 a2 30 1d 3c 93 14 6e 33 |.o..M.%%.0.<..n3|
000001d0 fa bf 5b 3c c3 cc f4 0e fa 55 e2 20 46 3f 1c b7 |..[<.....U. F?..|
000001e0 9d d3 ec d8 54 18 0b 4a be 45 bd 5e a1 3a f2 e9 |....T..J.E.^.:..|
000001f0 15 b0 15 a4 b4 a6 f5 52 36 9b 6b 18 ce ac 37 ae |.......R6.k...7.|
00000200 76 e6 2c d1 6b 3f 95 eb 37 79 fe ec cc a6 34 4a |v.,.k?..7y....4J|
00000210 27 68 0e d0 80 d8 5c 1c 9c ac aa 02 18 e7 c1 72 |'h....\........r|
00000220 08 52 07 63 04 65 13 53 23 51 ce 0e f4 1d 4f ca |.R.c.e.S#Q....O.|
00000230 51 13 ad 10 1b f3 a4 c3 69 ce c0 ed d1 25 6c 60 |Q.......i....%l`|
00000240 e7 21 9e d7 9f 8b a1 20 61 75 f6 e0 06 c4 dd bb |.!..... au......|
00000250 8e e2 05 86 ef fe 75 0e 47 ae 54 82 e9 32 9b 87 |......u.G.T..2..|
00000260 fb eb e4 14 e3 f0 90 1d 48 72 00 02 53 52 24 47 |........Hr..SR$G|
00000270 98 a1 cc b9 b3 8d ab a7 db b0 f5 83 db 56 a1 ad |.............V..|
00000280 7d 45 e7 5f 6a bd a9 65 87 8c 48 1f de dc b4 ce |}E._j..e..H.....|
00000290 47 7c ec 63 fb 77 f3 5a a0 3b 84 53 cf 8b 73 30 |G|.c.w.Z.;.S..s0|
000002a0 bd 0f ac 5a 9b e8 a1 88 f6 45 96 ca b9 48 c3 be |...Z.....E...H..|
000002b0 8b 7e f1 1a fd 8a 54 9e 5a 76 e7 9a bc 06 7e 04 |.~....T.Zv....~.|
000002c0 bd e1 a1 a3 4d 52 56 3b 64 29 70 87 89 c5 f5 ce |....MRV;d)p.....|
000002d0 1f 65 7d 55 9f 28 32 3e 6b c7 b6 17 0b dd 7e ea |.e}U.(2>k.....~.|
000002e0 ef 7b a0 f0 6f 84 2a 11 93 d5 d8 99 dc ee 17 57 |.{..o.*........W|
000002f0 3f d7 7f a7 da c0 30 77 13 31 60 9c ca 32 67 09 |?.....0w.1`..2g.|
00000300 70 ce 05 0d c8 b6 e1 a2 df e4 f1 3c 67 17 03 03 |p..........<g...|
00000310 00 99 fb 8f 18 6d bc 39 45 b6 8e 22 8d f2 c7 1a |.....m.9E.."....|
00000320 79 5b 03 1a 99 e3 23 48 b6 de e2 f8 7b b0 7b 64 |y[....#H....{.{d|
00000330 6d 4e 78 2e fa ff fd 1e 84 76 53 6f 7c 38 19 83 |mNx......vSo|8..|
00000340 67 fa c4 80 74 f5 21 3d d3 08 60 f0 d3 25 b9 87 |g...t.!=..`..%..|
00000350 2c 59 7d 91 86 02 a5 23 81 dc 1c b8 bd 51 6f 19 |,Y}....#.....Qo.|
00000360 69 e3 06 11 a0 77 02 8e 3e db ed 64 af d8 b0 42 |i....w..>..d...B|
00000370 39 15 00 13 c3 c8 35 66 21 d0 1f 94 0b 21 79 22 |9.....5f!....!y"|
00000380 5b 32 89 d4 81 28 6c c7 55 74 a7 a4 22 62 a9 cb |[2...(l.Ut.."b..|
00000390 76 9f e9 af 55 d5 1f b5 51 f7 40 2c fb 3b 03 30 |v...U...Q.@,.;.0|
000003a0 13 ca a0 79 ba 80 1b 0e 57 3d 84 17 03 03 00 35 |...y....W=.....5|
000003b0 fb 34 92 6a 46 f2 59 1a 94 39 63 d1 9d 58 40 e8 |.4.jF.Y..9c..X@.|
000003c0 f0 bb e7 fe 4d 1c 42 a2 38 9e cd a2 01 1c b6 a7 |....M.B.8.......|
000003d0 e3 9a cb 28 73 5f 8a 1e b3 40 41 80 85 2c 49 54 |...(s_...@A..,IT|
000003e0 3d 13 dc cc 6c |=...l|
>>> Flow 3 (client to server)
00000000 14 03 03 00 01 01 17 03 03 00 35 c5 aa 6e cd 44 |..........5..n.D|
00000010 2f f6 09 74 33 13 e1 c1 32 6f 94 cd 55 2c 45 88 |/..t3...2o..U,E.|
00000020 f1 f8 51 c7 3e 64 62 e1 8a 48 cc bd c8 ac 91 a3 |..Q.>db..H......|
00000030 90 ea 45 1b 21 52 d4 81 84 88 0d ed a2 86 d4 64 |..E.!R.........d|
>>> Flow 4 (server to client)
00000000 17 03 03 00 1e 4c e5 b2 aa 21 9e 56 24 62 da a7 |.....L...!.V$b..|
00000010 af ef 76 b5 8a 9a a1 3b 2e cd e8 68 27 ac 08 e1 |..v....;...h'...|
00000020 c1 37 52 17 03 03 00 13 8e 91 11 5b cf c4 28 e3 |.7R........[..(.|
00000030 a5 ea bb 89 93 fc 94 bc e6 28 32 |.........(2|