mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: rotate session keys in older TLS versions

Browse source 
Also encode the certificates in a way that's more
consistent with TLS 1.3 (with a 24 byte length prefix).

Note that this will have an additional performance cost
requiring clients to do a full handshake every 7 days
where previously they were able to use the same ticket
indefinitely.

Updates #25256

Change-Id: Ic4d1ba0d92773c490b33b5f6c1320d557cc7347d
Reviewed-on: https://go-review.googlesource.com/c/go/+/231317
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
This commit is contained in:
Katie Hockman 2020-04-30 20:11:55 -04:00
parent 5c59a6c577
commit 451074ba19
11 changed files with 408 additions and 393 deletions
Download patch file Download diff file Expand all files Collapse all files

1
handshake_messages_test.go
View file

@ -309,6 +309,7 @@ func (*sessionState) Generate(rand *rand.Rand, size int) reflect.Value {
s.vers = uint16(rand.Intn(10000))
s.cipherSuite = uint16(rand.Intn(10000))
s.masterSecret = randomBytes(rand.Intn(100)+1, rand)
s.createdAt = uint64(rand.Int63())
for i := 0; i < rand.Intn(20); i++ {
s.certificates = append(s.certificates, randomBytes(rand.Intn(500)+1, rand))
}