mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-05 21:17:35 +03:00
crypto/tls: fix sessionState marshaling
Change-Id: I2910f322256c521dd03b1dc23d117defdcd0aa54 Reviewed-on: https://go-review.googlesource.com/c/go/+/232662 Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org>
This commit is contained in:
parent
11a4ff8485
commit
5c59a6c577
1 changed files with 15 additions and 17 deletions
32
ticket.go
32
ticket.go
|
@ -23,8 +23,8 @@ type sessionState struct {
|
||||||
vers uint16
|
vers uint16
|
||||||
cipherSuite uint16
|
cipherSuite uint16
|
||||||
masterSecret []byte // opaque master_secret<1..2^16-1>;
|
masterSecret []byte // opaque master_secret<1..2^16-1>;
|
||||||
// struct { opaque certificate<1..2^32-1> } Certificate;
|
// uint16 num_certificates;
|
||||||
certificates [][]byte // Certificate certificate_list<0..2^16-1>;
|
certificates [][]byte // opaque certificate<1..2^32-1>;
|
||||||
|
|
||||||
// usedOldKey is true if the ticket from which this session came from
|
// usedOldKey is true if the ticket from which this session came from
|
||||||
// was encrypted with an older key and thus should be refreshed.
|
// was encrypted with an older key and thus should be refreshed.
|
||||||
|
@ -38,35 +38,33 @@ func (m *sessionState) marshal() []byte {
|
||||||
b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
|
b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
|
||||||
b.AddBytes(m.masterSecret)
|
b.AddBytes(m.masterSecret)
|
||||||
})
|
})
|
||||||
b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
|
b.AddUint16(uint16(len(m.certificates)))
|
||||||
for _, cert := range m.certificates {
|
for _, cert := range m.certificates {
|
||||||
b.AddUint32LengthPrefixed(func(b *cryptobyte.Builder) {
|
b.AddUint32LengthPrefixed(func(b *cryptobyte.Builder) {
|
||||||
b.AddBytes(cert)
|
b.AddBytes(cert)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
})
|
|
||||||
return b.BytesOrPanic()
|
return b.BytesOrPanic()
|
||||||
}
|
}
|
||||||
|
|
||||||
func (m *sessionState) unmarshal(data []byte) bool {
|
func (m *sessionState) unmarshal(data []byte) bool {
|
||||||
*m = sessionState{usedOldKey: m.usedOldKey}
|
*m = sessionState{usedOldKey: m.usedOldKey}
|
||||||
s := cryptobyte.String(data)
|
s := cryptobyte.String(data)
|
||||||
|
var numCerts uint16
|
||||||
if ok := s.ReadUint16(&m.vers) &&
|
if ok := s.ReadUint16(&m.vers) &&
|
||||||
m.vers != VersionTLS13 &&
|
m.vers != VersionTLS13 &&
|
||||||
s.ReadUint16(&m.cipherSuite) &&
|
s.ReadUint16(&m.cipherSuite) &&
|
||||||
readUint16LengthPrefixed(&s, &m.masterSecret) &&
|
readUint16LengthPrefixed(&s, &m.masterSecret) &&
|
||||||
len(m.masterSecret) != 0; !ok {
|
len(m.masterSecret) != 0 &&
|
||||||
|
s.ReadUint16(&numCerts); !ok {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
var certList cryptobyte.String
|
|
||||||
if !s.ReadUint16LengthPrefixed(&certList) {
|
for i := 0; i < int(numCerts); i++ {
|
||||||
return false
|
|
||||||
}
|
|
||||||
for !certList.Empty() {
|
|
||||||
var certLen uint32
|
var certLen uint32
|
||||||
certList.ReadUint32(&certLen)
|
s.ReadUint32(&certLen)
|
||||||
var cert []byte
|
var cert []byte
|
||||||
if certLen == 0 || !certList.ReadBytes(&cert, int(certLen)) {
|
if certLen == 0 || !s.ReadBytes(&cert, int(certLen)) {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
m.certificates = append(m.certificates, cert)
|
m.certificates = append(m.certificates, cert)
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue