mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
Expose DecryptTicketWith function (#61)
Expose DecryptTicketWith function
This commit is contained in:
parent
33a29038e7
commit
5801f3fc5a
2 changed files with 65 additions and 1 deletions
17
ticket.go
17
ticket.go
|
@ -171,7 +171,20 @@ func (c *Conn) encryptTicket(state []byte) ([]byte, error) {
|
|||
return encrypted, nil
|
||||
}
|
||||
|
||||
// [uTLS] changed to use exported DecryptTicketWith func below
|
||||
func (c *Conn) decryptTicket(encrypted []byte) (plaintext []byte, usedOldKey bool) {
|
||||
tks := ticketKeys(c.config.ticketKeys()).ToPublic()
|
||||
return DecryptTicketWith(encrypted, tks)
|
||||
}
|
||||
|
||||
// DecryptTicketWith decrypts an encrypted session ticket
|
||||
// using a TicketKeys (ie []TicketKey) struct
|
||||
//
|
||||
// usedOldKey will be true if the key used for decryption is
|
||||
// not the first in the []TicketKey slice
|
||||
//
|
||||
// [uTLS] changed to be made public and take a TicketKeys instead of use a Conn receiver
|
||||
func DecryptTicketWith(encrypted []byte, tks TicketKeys) (plaintext []byte, usedOldKey bool) {
|
||||
if len(encrypted) < ticketKeyNameLen+aes.BlockSize+sha256.Size {
|
||||
return nil, false
|
||||
}
|
||||
|
@ -181,7 +194,9 @@ func (c *Conn) decryptTicket(encrypted []byte) (plaintext []byte, usedOldKey boo
|
|||
macBytes := encrypted[len(encrypted)-sha256.Size:]
|
||||
ciphertext := encrypted[ticketKeyNameLen+aes.BlockSize : len(encrypted)-sha256.Size]
|
||||
|
||||
keys := c.config.ticketKeys()
|
||||
// keys := c.config.ticketKeys() // [uTLS] keys are received as a function argument
|
||||
|
||||
keys := tks.ToPrivate()
|
||||
keyIndex := -1
|
||||
for i, candidateKey := range keys {
|
||||
if bytes.Equal(keyName, candidateKey.keyName[:]) {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue