mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
crypto/tls: implement TLS 1.3 server handshake (base)
Implement a basic TLS 1.3 server handshake, only enabled if explicitly
requested with MaxVersion.
This CL intentionally leaves for future CLs:
- PSK modes and resumption
- client authentication
- compatibility mode ChangeCipherSpecs
- early data skipping
- post-handshake messages
- downgrade protection
- KeyLogWriter support
- TLS_FALLBACK_SCSV processing
It also leaves a few areas up for a wider refactor (maybe in Go 1.13):
- the certificate selection logic can be significantly improved,
including supporting and surfacing signature_algorithms_cert, but
this isn't new in TLS 1.3 (see comment in processClientHello)
- handshake_server_tls13.go can be dried up and broken into more
meaningful, smaller functions, but it felt premature to do before
PSK and client auth support
- the monstrous ClientHello equality check in doHelloRetryRequest can
get both cleaner and more complete with collaboration from the
parsing layer, which can come at the same time as extension
duplicates detection
Updates #9671
Change-Id: Id9db2b6ecc2eea21bf9b59b6d1d9c84a7435151c
Reviewed-on: https://go-review.googlesource.com/c/147017
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
Filippo Valsorda
parent
2c3ff7ba06
commit
376ff45dc1
19 changed files with 1788 additions and 77 deletions
118
testdata/Server-TLSv13-HelloRetryRequest
vendored
Normal file
118
testdata/Server-TLSv13-HelloRetryRequest
vendored
Normal file
|
|
@ -0,0 +1,118 @@
|
|||
>>> Flow 1 (client to server)
|
||||
00000000 16 03 01 00 da 01 00 00 d6 03 03 29 a2 7e 24 c3 |...........).~$.|
|
||||
00000010 02 bf 2c 29 7b 47 08 06 bf 75 ef c5 59 2d a4 f0 |..,){G...u..Y-..|
|
||||
00000020 2f fc 53 62 5d b8 4d 3c f1 31 2d 20 96 7c 00 da |/.Sb].M<.1- .|..|
|
||||
00000030 35 8c 39 0a f8 1c 61 b8 4a a8 28 b4 a2 de 56 7b |5.9...a.J.(...V{|
|
||||
00000040 a9 f3 ab 5d db 30 ca 2c d1 82 9e e2 00 08 13 02 |...].0.,........|
|
||||
00000050 13 03 13 01 00 ff 01 00 00 85 00 00 00 0e 00 0c |................|
|
||||
00000060 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....|
|
||||
00000070 03 00 01 02 00 0a 00 06 00 04 00 1d 00 17 00 16 |................|
|
||||
00000080 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 05 03 |................|
|
||||
00000090 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................|
|
||||
000000a0 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 04 00 |.........+......|
|
||||
000000b0 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 20 dd |-.....3.&.$... .|
|
||||
000000c0 c7 c6 35 0b c9 5f f0 7e 40 e8 f1 f7 6f e7 84 8f |..5.._.~@...o...|
|
||||
000000d0 7f 32 2f 8c a3 22 c6 c1 b9 34 1c ef 17 e7 25 |.2/.."...4....%|
|
||||
>>> Flow 2 (server to client)
|
||||
00000000 16 03 03 00 58 02 00 00 54 03 03 cf 21 ad 74 e5 |....X...T...!.t.|
|
||||
00000010 9a 61 11 be 1d 8c 02 1e 65 b8 91 c2 a2 11 16 7a |.a......e......z|
|
||||
00000020 bb 8c 5e 07 9e 09 e2 c8 a8 33 9c 20 96 7c 00 da |..^......3. .|..|
|
||||
00000030 35 8c 39 0a f8 1c 61 b8 4a a8 28 b4 a2 de 56 7b |5.9...a.J.(...V{|
|
||||
00000040 a9 f3 ab 5d db 30 ca 2c d1 82 9e e2 13 02 00 00 |...].0.,........|
|
||||
00000050 0c 00 2b 00 02 03 04 00 33 00 02 00 17 |..+.....3....|
|
||||
>>> Flow 3 (client to server)
|
||||
00000000 14 03 03 00 01 01 16 03 03 00 fb 01 00 00 f7 03 |................|
|
||||
00000010 03 29 a2 7e 24 c3 02 bf 2c 29 7b 47 08 06 bf 75 |.).~$...,){G...u|
|
||||
00000020 ef c5 59 2d a4 f0 2f fc 53 62 5d b8 4d 3c f1 31 |..Y-../.Sb].M<.1|
|
||||
00000030 2d 20 96 7c 00 da 35 8c 39 0a f8 1c 61 b8 4a a8 |- .|..5.9...a.J.|
|
||||
00000040 28 b4 a2 de 56 7b a9 f3 ab 5d db 30 ca 2c d1 82 |(...V{...].0.,..|
|
||||
00000050 9e e2 00 08 13 02 13 03 13 01 00 ff 01 00 00 a6 |................|
|
||||
00000060 00 00 00 0e 00 0c 00 00 09 31 32 37 2e 30 2e 30 |.........127.0.0|
|
||||
00000070 2e 31 00 0b 00 04 03 00 01 02 00 0a 00 06 00 04 |.1..............|
|
||||
00000080 00 1d 00 17 00 16 00 00 00 17 00 00 00 0d 00 1e |................|
|
||||
00000090 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................|
|
||||
000000a0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 00 2b |...............+|
|
||||
000000b0 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 47 00 |......-.....3.G.|
|
||||
000000c0 45 00 17 00 41 04 30 30 c4 62 c9 14 6b f7 28 88 |E...A.00.b..k.(.|
|
||||
000000d0 ff c8 3f 87 2b 9f 24 a3 46 9b 2f 86 c7 df 3f 05 |..?.+.$.F./...?.|
|
||||
000000e0 6b 8e a7 80 64 ff 66 b7 4d 80 62 fd b4 ba de 27 |k...d.f.M.b....'|
|
||||
000000f0 44 7f 7a a4 c7 4a f0 81 25 52 3f 8a 8a 48 1e ff |D.z..J..%R?..H..|
|
||||
00000100 6f 11 ad a9 fe bd |o.....|
|
||||
>>> Flow 4 (server to client)
|
||||
00000000 16 03 03 00 9b 02 00 00 97 03 03 00 00 00 00 00 |................|
|
||||
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
||||
00000020 00 00 00 00 00 00 00 00 00 00 00 20 96 7c 00 da |........... .|..|
|
||||
00000030 35 8c 39 0a f8 1c 61 b8 4a a8 28 b4 a2 de 56 7b |5.9...a.J.(...V{|
|
||||
00000040 a9 f3 ab 5d db 30 ca 2c d1 82 9e e2 13 02 00 00 |...].0.,........|
|
||||
00000050 4f 00 2b 00 02 03 04 00 33 00 45 00 17 00 41 04 |O.+.....3.E...A.|
|
||||
00000060 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 5b 12 |..7...Q.5uq..T[.|
|
||||
00000070 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 28 5e |...g..$ >.V...(^|
|
||||
00000080 f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 32 42 |.+-O....lK[.V.2B|
|
||||
00000090 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc 5a 89 |.X..I..h.A.Vk.Z.|
|
||||
000000a0 17 03 03 00 17 74 86 c5 4d 7f f0 06 2b fa a3 03 |.....t..M...+...|
|
||||
000000b0 4d 27 46 e7 33 ce 70 32 ba 61 55 61 17 03 03 02 |M'F.3.p2.aUa....|
|
||||
000000c0 6d c5 ac cc 02 19 b0 92 c1 bc 6a fe 1d 94 a6 75 |m.........j....u|
|
||||
000000d0 66 6a 88 b0 87 76 da 3f f9 07 40 67 c7 e5 b8 b7 |fj...v.?..@g....|
|
||||
000000e0 70 38 41 0e 11 3b cf db 0b 76 73 58 10 93 0e 06 |p8A..;...vsX....|
|
||||
000000f0 cb 31 75 d0 a8 2f 20 35 b4 c2 87 5f 42 94 e1 18 |.1u../ 5..._B...|
|
||||
00000100 d5 f8 bc 11 d7 7c 9b ff 0b fe 59 8b 78 1e ef 52 |.....|....Y.x..R|
|
||||
00000110 6f ea 39 e5 f5 55 93 8b 0b 65 87 05 d3 0d a3 6d |o.9..U...e.....m|
|
||||
00000120 2e 10 79 1d 60 61 ba 43 13 cd 5a 58 28 cb 32 df |..y.`a.C..ZX(.2.|
|
||||
00000130 74 3a 58 4e e0 21 d4 d0 2f 6f 63 72 1c 82 18 16 |t:XN.!../ocr....|
|
||||
00000140 12 4c e7 0b 5e 21 ce e4 de 26 6c d2 91 c1 fd 85 |.L..^!...&l.....|
|
||||
00000150 5a f4 b7 5d 5a c6 fe 8c 05 fe f7 2a ae a1 67 73 |Z..]Z......*..gs|
|
||||
00000160 8a 66 60 07 57 35 46 ed cf e1 58 f3 22 94 57 26 |.f`.W5F...X.".W&|
|
||||
00000170 ae 81 3c ea 42 1c ef 56 ca 0e 35 5a 4c 97 49 36 |..<.B..V..5ZL.I6|
|
||||
00000180 73 e2 be 8b ad 55 42 a3 8f 50 65 8a 7a 9d cf 7c |s....UB..Pe.z..||
|
||||
00000190 4f d9 4b db 0d a4 0e 57 99 08 72 0a 1f cf 9d 19 |O.K....W..r.....|
|
||||
000001a0 ad 24 7b 64 9b ef d2 9f 8f 42 d4 ca a8 84 2f 15 |.${d.....B..../.|
|
||||
000001b0 3a 10 8e 1e 22 b8 fc 9f 77 0b 8e 82 22 bd 08 f2 |:..."...w..."...|
|
||||
000001c0 3e 4c a7 f1 d0 46 a8 fb fb 5e f6 0d 32 8e 2d e4 |>L...F...^..2.-.|
|
||||
000001d0 3b 17 b8 da 71 03 cb d9 b8 12 9b 70 a0 3a 07 19 |;...q......p.:..|
|
||||
000001e0 f6 c1 66 1e b8 e2 b2 5a 50 50 c5 51 8f f3 91 e7 |..f....ZPP.Q....|
|
||||
000001f0 bc ba a2 ee ca a8 71 24 5f f2 25 79 c3 a2 23 70 |......q$_.%y..#p|
|
||||
00000200 03 0b 8b 99 4d 33 92 f1 ff 64 cd cc 31 b2 13 a9 |....M3...d..1...|
|
||||
00000210 d3 c2 37 b7 11 17 7f d7 64 ba da 6d 46 b1 a2 03 |..7.....d..mF...|
|
||||
00000220 fe 8d 4d e3 cd eb a3 2f af 89 f4 a4 af 82 0e e3 |..M..../........|
|
||||
00000230 65 c3 64 38 33 6a bd c9 13 77 9d 37 c7 c8 1d 55 |e.d83j...w.7...U|
|
||||
00000240 f9 a6 b8 fc 57 0f f7 94 76 1f bd 4f 4a 74 fe 0a |....W...v..OJt..|
|
||||
00000250 98 be e9 d9 2e d2 c0 c9 fb d2 3b 27 fb 37 14 f5 |..........;'.7..|
|
||||
00000260 29 d5 f4 88 a5 b0 98 1d 0c 85 9e 1f ad 29 cf 36 |)............).6|
|
||||
00000270 3d 2f c0 54 93 1f 14 8b 1e a3 93 aa 53 af da d1 |=/.T........S...|
|
||||
00000280 da 0b 2b e4 01 fe 8e 48 df 8b 97 fe 92 ab 32 80 |..+....H......2.|
|
||||
00000290 c3 d2 84 1a 45 a7 0d f3 f8 07 e3 7d a3 27 62 67 |....E......}.'bg|
|
||||
000002a0 10 4b 3e 09 ee 22 77 0d 54 71 8b 6f 68 6a a9 cc |.K>.."w.Tq.ohj..|
|
||||
000002b0 80 34 5e 35 36 b0 cb d5 8b 04 6f 0f 28 82 5f 69 |.4^56.....o.(._i|
|
||||
000002c0 d3 66 cd 19 db 39 1d 73 c2 28 36 94 5f 1b 24 c6 |.f...9.s.(6._.$.|
|
||||
000002d0 9a 62 34 0f ec 9a f9 c5 8c 72 5c c3 a0 c7 d6 5b |.b4......r\....[|
|
||||
000002e0 1d 2e 4b 31 cd 2e 8b 37 cc 9a b2 ca e9 5d b0 f9 |..K1...7.....]..|
|
||||
000002f0 b4 2c ba 27 08 c3 d6 90 1b 51 0c 83 72 0b 8a 72 |.,.'.....Q..r..r|
|
||||
00000300 a1 12 ab 5c 91 a8 b2 76 f1 c1 09 d3 74 fb bc e5 |...\...v....t...|
|
||||
00000310 33 96 59 91 3e e0 89 cf 99 7c 40 c4 af 0e 8d 58 |3.Y.>....|@....X|
|
||||
00000320 20 ea d9 0d 0e 64 10 2c c8 ad ed 38 b0 fa 17 03 | ....d.,...8....|
|
||||
00000330 03 00 99 f0 80 72 33 a3 53 2f c6 7f 68 e5 42 ee |.....r3.S/..h.B.|
|
||||
00000340 d0 81 00 07 8b b7 69 ec 0d 9e 5a dc f5 0b 40 82 |......i...Z...@.|
|
||||
00000350 0e a5 bc ce dd 13 1e 15 4c 10 d8 62 00 42 45 eb |........L..b.BE.|
|
||||
00000360 2b f1 aa d4 43 4e 29 02 a8 0e b8 3d 17 88 84 0c |+...CN)....=....|
|
||||
00000370 2d d0 49 48 ff f5 83 8f 0d da 7f 81 d6 e7 93 d5 |-.IH............|
|
||||
00000380 12 c0 59 1c ed b7 35 7f 9e 1f 9c 39 e6 56 ce a2 |..Y...5....9.V..|
|
||||
00000390 98 ca 74 72 49 65 7f 69 16 a7 13 67 b3 11 fe 32 |..trIe.i...g...2|
|
||||
000003a0 99 23 c6 8f 37 e5 18 e8 5e 3b e3 25 84 cd f5 9f |.#..7...^;.%....|
|
||||
000003b0 de 4c f0 b1 cb 25 31 86 73 07 48 f8 30 7e 7c 7b |.L...%1.s.H.0~|{|
|
||||
000003c0 04 0f a5 5c 15 c2 25 00 43 18 6e 35 17 03 03 00 |...\..%.C.n5....|
|
||||
000003d0 45 e0 8a a3 17 a4 5d 29 0d da b8 c1 e8 b9 19 cf |E.....])........|
|
||||
000003e0 4b 08 e6 d8 5c 0e 9e ed b4 ea cc 95 68 54 6b 4b |K...\.......hTkK|
|
||||
000003f0 0f 1f 32 3e f0 68 10 a1 9f aa 4b 44 86 3f 3b 66 |..2>.h....KD.?;f|
|
||||
00000400 08 cd cb d0 92 a2 07 df 64 f9 f2 88 f9 c2 63 9f |........d.....c.|
|
||||
00000410 01 98 a7 58 41 e6 |...XA.|
|
||||
>>> Flow 5 (client to server)
|
||||
00000000 17 03 03 00 45 64 f9 84 9e cc d0 58 bd 27 48 4f |....Ed.....X.'HO|
|
||||
00000010 5c fb 26 21 50 37 f7 eb 80 fc 86 a9 a7 00 d7 0f |\.&!P7..........|
|
||||
00000020 c4 4e e8 2d 4a cf 0b 57 34 10 f4 ea df a0 91 31 |.N.-J..W4......1|
|
||||
00000030 80 45 78 20 38 1c cd dd 16 5d f5 6c 83 a6 ee f4 |.Ex 8....].l....|
|
||||
00000040 24 c7 3f f1 0a f8 2d 78 7e b4 |$.?...-x~.|
|
||||
>>> Flow 6 (server to client)
|
||||
00000000 17 03 03 00 1e fe 3e da ac 07 b3 a8 37 ca 6d 3a |......>.....7.m:|
|
||||
00000010 21 3a 2e 52 e4 1c ee 1c 49 e8 c5 a4 ef 10 bb 92 |!:.R....I.......|
|
||||
00000020 7b 45 ba 17 03 03 00 13 4d f6 22 39 83 19 74 a8 |{E......M."9..t.|
|
||||
00000030 86 55 bb 07 4d db 37 a6 f1 9f 13 |.U..M.7....|
|
||||
Loading…
Add table
Add a link
Reference in a new issue