crypto/tls: add support for session ticket key rotation

This change adds a new method to tls.Config, SetSessionTicketKeys, that changes the key used to encrypt session tickets while the server is running. Additional keys may be provided that will be used to maintain continuity while rotating keys. If a ticket encrypted with an old key is provided by the client, the server will resume the session and provide the client with a ticket encrypted using the new key. Fixes #9994 Change-Id: Idbc16b10ff39616109a51ed39a6fa208faad5b4e Reviewed-on: https://go-review.googlesource.com/9072 Reviewed-by: Jonathan Rudenberg <jonathan@titanous.com> Reviewed-by: Adam Langley <agl@golang.org>
2025-04-04 04:27:36 +03:00 · 2015-04-17 21:32:11 -04:00 · 2015-04-17 21:32:11 -04:00 · 7576470d56
commit 7576470d56
parent cf04082452
10 changed files with 367 additions and 242 deletions
--- a/testdata/Server-TLSv12-Resume
+++ b/testdata/Server-TLSv12-Resume
@ -1,36 +1,37 @@
 >>> Flow 1 (client to server)
-00000000  16 03 01 00 e8 01 00 00  e4 03 03 52 cc 57 59 c3  |...........R.WY.|
-00000010  8b df 97 05 d8 5f 16 22  b4 b1 e7 cb 7d 2f 9b 58  |....._."....}/.X|
-00000020  a3 f4 d7 2c a4 c1 9d 49  ed 4b ba 20 90 da 90 3e  |...,...I.K. ...>|
-00000030  36 19 7a db 56 43 26 f7  dc 42 57 33 22 ed 9d a4  |6.z.VC&..BW3"...|
-00000040  9d 53 da f8 9d 4e 60 66  71 a0 2e 2e 00 04 00 05  |.S...N`fq.......|
-00000050  00 ff 01 00 00 97 00 23  00 68 00 00 00 00 00 00  |.......#.h......|
-00000060  00 00 00 00 00 00 00 00  00 00 65 ea 4b d1 ef ba  |..........e.K...|
-00000070  06 38 1e e1 88 82 3a cd  03 ac 3b 39 0a e0 19 fd  |.8....:...;9....|
-00000080  af 6c 57 30 df 31 6e f7  92 38 4b 5d 77 90 39 ff  |.lW0.1n..8K]w.9.|
-00000090  32 51 f5 ed 12 d7 b0 7c  4d 6c c5 76 e4 72 48 3e  |2Q.....|Ml.v.rH>|
-000000a0  59 23 fe 0d 15 df f4 ba  ea b9 67 16 23 8f 7d 15  |Y#........g.#.}.|
-000000b0  b6 11 f1 ab d7 d4 cd a3  21 82 92 2a 12 cf 95 f3  |........!..*....|
-000000c0  60 b2 00 0d 00 22 00 20  06 01 06 02 06 03 05 01  |`....". ........|
-000000d0  05 02 05 03 04 01 04 02  04 03 03 01 03 02 03 03  |................|
-000000e0  02 01 02 02 02 03 01 01  00 0f 00 01 01           |.............|
+00000000  16 03 01 00 f7 01 00 00  f3 03 03 6a 1a d3 0a d3  |...........j....|
+00000010  e0 34 f9 c4 1b cc 42 bc  0b eb 97 fd 51 b7 77 fd  |.4....B.....Q.w.|
+00000020  50 0a 13 8c b6 ac 8e a1  ba 1f 74 20 fb 19 d1 6a  |P.........t ...j|
+00000030  cf 1c 8b fb 77 97 7b 11  a5 fe 66 dc b8 b6 21 ad  |....w.{...f...!.|
+00000040  8b b4 5f 38 ca 51 ca a3  af 40 84 8b 00 04 00 05  |.._8.Q...@......|
+00000050  00 ff 02 01 00 00 a5 00  23 00 78 50 46 ad c1 db  |........#.xPF...|
+00000060  a8 38 86 7b 2b bb fd d0  c3 42 3e 00 00 00 00 00  |.8.{+....B>.....|
+00000070  00 00 00 00 00 00 00 00  00 00 00 94 6f 2c b5 83  |............o,..|
+00000080  61 e8 c1 5d af d6 da c9  8f df 1e c4 16 47 a0 dd  |a..].........G..|
+00000090  cf 3c 9d 95 11 fe 01 fb  52 5b d0 aa 56 fb 04 d5  |.<......R[..V...|
+000000a0  7f 89 31 7d 75 e3 df f4  28 6a fb 1f 76 ee 77 55  |..1}u...(j..v.wU|
+000000b0  0b 33 94 82 e2 ee 73 2f  7f a7 f6 7c 68 25 eb fd  |.3....s/...|h%..|
+000000c0  56 5b 89 29 b4 32 b6 92  57 3f c3 f9 01 fb 01 25  |V[.).2..W?.....%|
+000000d0  7f 0f 10 00 0d 00 20 00  1e 06 01 06 02 06 03 05  |...... .........|
+000000e0  01 05 02 05 03 04 01 04  02 04 03 03 01 03 02 03  |................|
+000000f0  03 02 01 02 02 02 03 00  0f 00 01 01              |............|
 >>> Flow 2 (server to client)
 00000000  16 03 03 00 51 02 00 00  4d 03 03 00 00 00 00 00  |....Q...M.......|
 00000010  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
-00000020  00 00 00 00 00 00 00 00  00 00 00 20 90 da 90 3e  |........... ...>|
-00000030  36 19 7a db 56 43 26 f7  dc 42 57 33 22 ed 9d a4  |6.z.VC&..BW3"...|
-00000040  9d 53 da f8 9d 4e 60 66  71 a0 2e 2e 00 05 00 00  |.S...N`fq.......|
+00000020  00 00 00 00 00 00 00 00  00 00 00 20 fb 19 d1 6a  |........... ...j|
+00000030  cf 1c 8b fb 77 97 7b 11  a5 fe 66 dc b8 b6 21 ad  |....w.{...f...!.|
+00000040  8b b4 5f 38 ca 51 ca a3  af 40 84 8b 00 05 00 00  |.._8.Q...@......|
 00000050  05 ff 01 00 01 00 14 03  03 00 01 01 16 03 03 00  |................|
-00000060  24 11 12 ff 28 10 14 4c  e5 0e ad a7 fa f3 92 fb  |$...(..L........|
-00000070  13 7d ae f2 b2 4a 6b a1  9e 67 cf a8 f7 8c 6f a0  |.}...Jk..g....o.|
-00000080  6c 30 0e 18 55                                    |l0..U|
+00000060  24 0e 65 19 5e 79 90 4b  40 13 f1 5b 2f ed 0b f5  |$.e.^y.K@..[/...|
+00000070  cc 39 23 24 91 b3 b2 49  f6 9b d5 60 f3 ed bd 2a  |.9#$...I...`...*|
+00000080  31 00 14 5a 8e                                    |1..Z.|
 >>> Flow 3 (client to server)
-00000000  14 03 03 00 01 01 16 03  03 00 24 0d 46 41 8b 24  |..........$.FA.$|
-00000010  36 01 a9 fd 8b ec fc e6  b1 83 96 df 0d 3e 53 54  |6............>ST|
-00000020  58 b8 43 f2 a6 25 5e 1a  ae 19 9e d2 28 44 92     |X.C..%^.....(D.|
+00000000  14 03 03 00 01 01 16 03  03 00 24 72 4d 5d 05 d6  |..........$rM]..|
+00000010  79 93 41 21 a7 86 75 49  50 fe b2 6c a9 38 d7 5e  |y.A!..uIP..l.8.^|
+00000020  b7 f7 33 18 b0 53 ab ab  b7 5b ee 09 e7 83 51     |..3..S...[....Q|
 >>> Flow 4 (server to client)
-00000000  17 03 03 00 21 c4 fb f6  53 bb 3e 04 cc 0b a0 03  |....!...S.>.....|
-00000010  fa 49 96 da b5 8d b2 f2  e5 d8 f3 5c 27 57 4f 9c  |.I.........\'WO.|
-00000020  30 00 34 fc 52 92 15 03  03 00 16 a3 02 7a 50 d2  |0.4.R........zP.|
-00000030  c6 b3 fc 69 8f e4 94 ae  ab 22 ad 05 1d 15 69 b9  |...i....."....i.|
-00000040  a5                                                |.|
+00000000  17 03 03 00 21 1a 35 ab  27 ac db 7f e4 11 f2 b4  |....!.5.'.......|
+00000010  38 f5 3f 5d be 7a 58 74  92 05 a5 9c 8e a8 f2 ca  |8.?].zXt........|
+00000020  cd f0 2e 18 62 57 15 03  03 00 16 33 18 76 93 bb  |....bW.....3.v..|
+00000030  48 86 cc 13 79 ad e2 51  c6 ac 3e 89 2a 4f 05 e1  |H...y..Q..>.*O..|
+00000040  ee                                                |.|