mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: fix sessionState marshaling

Browse source 
Change-Id: I2910f322256c521dd03b1dc23d117defdcd0aa54
Reviewed-on: https://go-review.googlesource.com/c/go/+/232662
Run-TryBot: Katie Hockman <katie@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
This commit is contained in:
Katie Hockman 2020-05-06 19:06:29 -04:00
parent 11a4ff8485
commit 5c59a6c577
1 changed files with 15 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

32
ticket.go
View file

@ -23,8 +23,8 @@ type sessionState struct {
vers uint16
cipherSuite uint16
masterSecret []byte // opaque master_secret<1..2^16-1>;
// struct { opaque certificate<1..2^32-1> } Certificate;
certificates [][]byte // Certificate certificate_list<0..2^16-1>;
// uint16 num_certificates;
certificates [][]byte // opaque certificate<1..2^32-1>;
// usedOldKey is true if the ticket from which this session came from
// was encrypted with an older key and thus should be refreshed.
@ -38,35 +38,33 @@ func (m *sessionState) marshal() []byte {
b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
b.AddBytes(m.masterSecret)
})
b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
for _, cert := range m.certificates {
b.AddUint32LengthPrefixed(func(b *cryptobyte.Builder) {
b.AddBytes(cert)
})
}
})
b.AddUint16(uint16(len(m.certificates)))
for _, cert := range m.certificates {
b.AddUint32LengthPrefixed(func(b *cryptobyte.Builder) {
b.AddBytes(cert)
})
}
return b.BytesOrPanic()
}
func (m *sessionState) unmarshal(data []byte) bool {
*m = sessionState{usedOldKey: m.usedOldKey}
s := cryptobyte.String(data)
var numCerts uint16
if ok := s.ReadUint16(&m.vers) &&
m.vers != VersionTLS13 &&
s.ReadUint16(&m.cipherSuite) &&
readUint16LengthPrefixed(&s, &m.masterSecret) &&
len(m.masterSecret) != 0; !ok {
len(m.masterSecret) != 0 &&
s.ReadUint16(&numCerts); !ok {
return false
}
var certList cryptobyte.String
if !s.ReadUint16LengthPrefixed(&certList) {
return false
}
for !certList.Empty() {
for i := 0; i < int(numCerts); i++ {
var certLen uint32
certList.ReadUint32(&certLen)
s.ReadUint32(&certLen)
var cert []byte
if certLen == 0 || !certList.ReadBytes(&cert, int(certLen)) {
if certLen == 0 || !s.ReadBytes(&cert, int(certLen)) {
return false
}
m.certificates = append(m.certificates, cert)