diff --git a/handshake_client.go b/handshake_client.go index f8db662..e5827f6 100644 --- a/handshake_client.go +++ b/handshake_client.go @@ -504,7 +504,11 @@ func (hs *clientHandshakeState) doFullHandshake() error { } } - hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random) + if hs.hello.ems && hs.serverHello.ems { + hs.masterSecret = extendedMasterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.finishedHash) + } else { + hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random) + } if err := c.config.writeKeyLog(hs.hello.random, hs.masterSecret); err != nil { c.sendAlert(alertInternalError) return errors.New("tls: failed to write to key log: " + err.Error()) diff --git a/handshake_messages.go b/handshake_messages.go index 0c7581f..873b989 100644 --- a/handshake_messages.go +++ b/handshake_messages.go @@ -20,6 +20,7 @@ type clientHelloMsg struct { serverName string ocspStapling bool scts bool + ems bool supportedCurves []CurveID supportedPoints []uint8 ticketSupported bool @@ -515,6 +516,7 @@ type serverHelloMsg struct { nextProtos []string ocspStapling bool scts [][]byte + ems bool ticketSupported bool secureRenegotiation []byte secureRenegotiationSupported bool @@ -545,6 +547,7 @@ func (m *serverHelloMsg) equal(i interface{}) bool { m.nextProtoNeg == m1.nextProtoNeg && eqStrings(m.nextProtos, m1.nextProtos) && m.ocspStapling == m1.ocspStapling && + m.ems == m1.ems && m.ticketSupported == m1.ticketSupported && m.secureRenegotiationSupported == m1.secureRenegotiationSupported && bytes.Equal(m.secureRenegotiation, m1.secureRenegotiation) && @@ -770,6 +773,12 @@ func (m *serverHelloMsg) unmarshal(data []byte) bool { return false } m.ticketSupported = true + case utlsExtensionExtendedMasterSecret: + // No sanity check for this extension: pretending not to know it. + // if length > 0 { + // return false + // } + m.ems = true case extensionRenegotiationInfo: if length == 0 { return false diff --git a/testdata/Client-TLSv12-UTLS-AES128-GCM-SHA256-Android-22 b/testdata/Client-TLSv12-UTLS-AES128-GCM-SHA256-Android-22 index 2f6fe6f..2189743 100644 --- a/testdata/Client-TLSv12-UTLS-AES128-GCM-SHA256-Android-22 +++ b/testdata/Client-TLSv12-UTLS-AES128-GCM-SHA256-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 35 02 00 00 31 03 03 cb 9e 94 a0 b8 |....5...1.......| -00000010 29 60 4d d5 b3 20 b5 12 b3 9c 5c 50 7b 2e e0 93 |)`M.. ....\P{...| -00000020 7b d2 ad 74 89 b8 fe 8a 05 93 da 00 00 9c 00 00 |{..t............| +00000000 16 03 03 00 35 02 00 00 31 03 03 5b bd b1 a5 f9 |....5...1..[....| +00000010 10 f6 d9 db 0e f6 3b 3d c1 7d cf 31 a8 90 40 1a |......;=.}.1..@.| +00000020 2a 77 0b d1 f5 34 77 9d 68 98 cf 00 00 9c 00 00 |*w...4w.h.......| 00000030 09 ff 01 00 01 00 00 23 00 00 16 03 03 02 59 0b |.......#......Y.| 00000040 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 82 01 |..U..R..O0..K0..| 00000050 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 5b ea |............?.[.| @@ -66,28 +66,28 @@ 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....| -00000090 01 16 03 03 00 28 00 00 00 00 00 00 00 00 52 db |.....(........R.| -000000a0 dc 3d 1d a6 b3 40 aa ca 3c 0a 4c 1f 97 2b 55 c9 |.=...@..<.L..+U.| -000000b0 ed e6 3d c6 18 7a 6a 72 53 59 93 4d c2 6e |..=..zjrSY.M.n| +00000090 01 16 03 03 00 28 00 00 00 00 00 00 00 00 98 17 |.....(..........| +000000a0 e4 6a 2d 52 31 25 8e 7d 81 26 d4 4b b6 f6 2f ca |.j-R1%.}.&.K../.| +000000b0 a7 1a 55 d3 11 4b 71 53 49 63 6c 52 d0 6d |..U..KqSIclR.m| >>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 ac |............ ...| -00000010 ff 5e 61 8a 55 04 80 bf 96 3a c2 70 9a cd 40 c3 |.^a.U....:.p..@.| -00000020 7b bb 9d 30 15 d9 bd 23 60 6a 6f 30 8b 2d 88 22 |{..0...#`jo0.-."| -00000030 0f cc 24 ee a5 a5 ea 0d a4 62 60 ff f0 42 42 59 |..$......b`..BBY| -00000040 a0 b3 56 af 67 20 60 cd 54 c3 09 05 dc 13 91 1b |..V.g `.T.......| -00000050 c8 14 51 7d 7d b2 f3 f0 fe 5d 95 cb 9e 70 62 cb |..Q}}....]...pb.| -00000060 23 8d 7d ab 17 77 96 05 9f e5 0a f2 11 cb 95 27 |#.}..w.........'| -00000070 01 dd 25 ab 56 ce df 6a 2f f5 22 44 59 3a 29 b1 |..%.V..j/."DY:).| -00000080 bf 55 e9 11 76 d0 92 9a 96 ec 60 f8 08 18 8f 0e |.U..v.....`.....| -00000090 66 fc e7 65 e9 91 e8 e9 f1 8d 66 5f b9 73 cc d8 |f..e......f_.s..| -000000a0 ab 8b e0 e3 77 74 53 69 9d 4d f6 f5 a2 54 2c 14 |....wtSi.M...T,.| -000000b0 03 03 00 01 01 16 03 03 00 28 fc 68 19 6d c3 b8 |.........(.h.m..| -000000c0 fb 43 f8 53 d0 be f2 56 52 0a 94 ca 30 6a ee 2a |.C.S...VR...0j.*| -000000d0 05 a3 bd c5 d1 f7 9c 47 6f 59 12 15 0d 9c 60 b2 |.......GoY....`.| -000000e0 7d 6e |}n| +00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 a5 |............ ...| +00000010 85 89 dc ca bd 16 61 aa 6b 39 81 20 6a cf 69 ba |......a.k9. j.i.| +00000020 c3 9a 7a ee 07 1e 29 91 20 dd 80 7c 75 89 1b 2c |..z...). ..|u..,| +00000030 65 2d ba 07 13 6c cb fe 09 88 67 8b 4e d2 18 fb |e-...l....g.N...| +00000040 8c 45 38 8a a0 97 92 fb ff 46 c5 3d b4 3a ca a1 |.E8......F.=.:..| +00000050 c5 b0 fc 1a 7e d5 e5 76 8a ec 7c de 7e 88 7d 9a |....~..v..|.~.}.| +00000060 8a 71 60 69 f6 c5 4a 3c 99 67 c4 33 f9 6e 8b 44 |.q`i..J<.g.3.n.D| +00000070 96 41 6e cf 94 c8 36 6c 89 6b 27 b2 f9 37 fe 9f |.An...6l.k'..7..| +00000080 c4 a4 a4 a3 c4 78 cb f3 f0 8d d2 2b 01 8b b0 04 |.....x.....+....| +00000090 b7 09 2a 1b 09 9c 1a 0b f4 76 ba 3d fb 27 11 ab |..*......v.=.'..| +000000a0 d6 6c 28 58 f2 79 b5 8b 73 b5 46 21 95 2d fa 14 |.l(X.y..s.F!.-..| +000000b0 03 03 00 01 01 16 03 03 00 28 d8 30 33 5a 95 3e |.........(.03Z.>| +000000c0 16 b9 f6 03 ce a0 49 de 84 d7 5b a2 e6 5e 8d 9a |......I...[..^..| +000000d0 87 39 a9 54 12 54 d6 a8 4a c3 25 e3 76 fd bb 5b |.9.T.T..J.%.v..[| +000000e0 fb 1a |..| >>> Flow 5 (client to server) -00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 4c 8c 50 |.............L.P| -00000010 c0 ff dd a5 5f 99 50 46 a4 92 88 d9 15 27 4e b3 |...._.PF.....'N.| -00000020 74 bf 94 15 03 03 00 1a 00 00 00 00 00 00 00 02 |t...............| -00000030 c7 15 f6 3d 97 e6 2c de 60 69 4e 3e ed ca e7 cc |...=..,.`iN>....| -00000040 09 8f |..| +00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 20 65 b1 |............. e.| +00000010 a7 d7 65 f4 78 04 4c 48 dc 1f 21 fe 32 5a 1e c1 |..e.x.LH..!.2Z..| +00000020 60 51 54 15 03 03 00 1a 00 00 00 00 00 00 00 02 |`QT.............| +00000030 73 04 1b 4b 17 88 79 8e 4e b7 f6 35 87 34 47 7e |s..K..y.N..5.4G~| +00000040 b5 86 |..| diff --git a/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-GCM-SHA256-Android-22 b/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-GCM-SHA256-Android-22 index a6f5df7..065d450 100644 --- a/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-GCM-SHA256-Android-22 +++ b/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-GCM-SHA256-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 74 61 47 f3 35 |....=...9..taG.5| -00000010 bb c9 02 ae 3f 28 de bb 86 56 7c ce 01 37 bc 6b |....?(...V|..7.k| -00000020 37 bf 72 46 6b 21 c8 6c 47 c6 04 00 c0 2b 00 00 |7.rFk!.lG....+..| +00000000 16 03 03 00 3d 02 00 00 39 03 03 91 6a cc 41 98 |....=...9...j.A.| +00000010 ac 9d 6a f6 49 ec c2 47 c4 96 dc 37 c2 76 dc 5b |..j.I..G...7.v.[| +00000020 22 a6 ed 82 0e 53 c5 52 16 39 f0 00 c0 2b 00 00 |"....S.R.9...+..| 00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| 00000040 00 00 16 03 03 02 0e 0b 00 02 0a 00 02 07 00 02 |................| 00000050 04 30 82 02 00 30 82 01 62 02 09 00 b8 bf 2d 47 |.0...0..b.....-G| @@ -50,49 +50,49 @@ 00000220 8c 25 c1 33 13 83 0d 94 06 bb d4 37 7a f6 ec 7a |.%.3.......7z..z| 00000230 c9 86 2e dd d7 11 69 7f 85 7c 56 de fb 31 78 2b |......i..|V..1x+| 00000240 e4 c7 78 0d ae cb be 9e 4e 36 24 31 7b 6a 0f 39 |..x.....N6$1{j.9| -00000250 95 12 07 8f 2a 16 03 03 00 d7 0c 00 00 d3 03 00 |....*...........| -00000260 17 41 04 32 22 ad 08 03 13 30 89 c0 79 a9 cd 4e |.A.2"....0..y..N| -00000270 b1 6b 6c 20 c1 80 04 2a d2 4f 74 52 b2 4d 21 71 |.kl ...*.OtR.M!q| -00000280 82 5d 31 5a 72 f4 7c 78 da d7 2d e8 55 9a 87 6d |.]1Zr.|x..-.U..m| -00000290 43 e7 13 f1 0e 00 25 e9 e4 ac 45 cd 82 7e 84 28 |C.....%...E..~.(| -000002a0 e2 b4 84 06 03 00 8a 30 81 87 02 42 00 dd 86 fa |.......0...B....| -000002b0 7a a6 8c b3 c6 73 f7 b5 f8 ba a7 16 6d d9 09 ea |z....s......m...| -000002c0 cd dd 82 83 44 0c 3f b1 0f 23 a3 61 76 eb eb 5a |....D.?..#.av..Z| -000002d0 88 d5 65 31 3f ba 81 84 0c 35 17 4f 2f 02 fb 8d |..e1?....5.O/...| -000002e0 21 1b c1 de 42 40 d8 a9 84 4a 44 f1 0c 3c 02 41 |!...B@...JD..<.A| -000002f0 76 8e 43 e9 c4 f7 47 68 03 23 6d 36 8e 9d 30 9a |v.C...Gh.#m6..0.| -00000300 71 6d a5 76 c0 20 d8 0e bd f6 dd 11 34 a8 e7 af |qm.v. ......4...| -00000310 85 a7 01 19 68 c8 df fa 9c 62 e1 71 b2 9b 01 83 |....h....b.q....| -00000320 8e 9b 96 e2 6d 30 71 ff 3b c4 70 16 a3 f8 59 2e |....m0q.;.p...Y.| -00000330 b8 16 03 03 00 04 0e 00 00 00 |..........| +00000250 95 12 07 8f 2a 16 03 03 00 d8 0c 00 00 d4 03 00 |....*...........| +00000260 17 41 04 ee 84 ef 37 3b a4 32 6f 76 56 3d b0 1d |.A....7;.2ovV=..| +00000270 13 44 5f d3 03 2a 1e fd 2e 8f a0 97 2c 5c 97 86 |.D_..*......,\..| +00000280 e1 17 b3 fc 0a 8f 65 7d b8 92 c9 5e ba 3c 35 72 |......e}...^.<5r| +00000290 73 68 f5 88 40 ea f6 f0 dd ed 0d d9 db 91 c1 83 |sh..@...........| +000002a0 35 36 36 06 03 00 8b 30 81 88 02 42 00 8c 39 1c |566....0...B..9.| +000002b0 4f 61 92 5a 9b c5 1d e5 ac 34 7e d6 9a 30 7e fb |Oa.Z.....4~..0~.| +000002c0 da c0 40 c0 77 c7 bb c6 cd 1d 30 29 a3 f6 2a c1 |..@.w.....0)..*.| +000002d0 43 89 cc 9e 1e c3 57 4d 3e 64 26 9d ff 27 ce f4 |C.....WM>d&..'..| +000002e0 7c 27 a2 cd a5 21 fa 98 d3 19 9b f6 53 16 02 42 ||'...!......S..B| +000002f0 01 0d f4 e9 92 e1 9c 7b 7e 38 6b 75 b5 6d 78 7f |.......{~8ku.mx.| +00000300 ce 54 08 f6 a1 34 4c b7 e6 19 bf d3 7c d5 82 cb |.T...4L.....|...| +00000310 45 53 00 6d de d8 ea 63 06 9a 3d a8 d4 44 3b 06 |ES.m...c..=..D;.| +00000320 9d e6 dc e4 a6 59 12 b4 db 9f 99 1e 23 4a 9a fc |.....Y......#J..| +00000330 27 fb 16 03 03 00 04 0e 00 00 00 |'..........| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| 00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 de cf |.....(..........| -00000060 13 d9 c7 68 45 02 da b9 8f fc fa 22 cf f1 2c 28 |...hE......"..,(| -00000070 ad f4 41 aa ae be 48 dd 44 51 a7 84 46 2e |..A...H.DQ..F.| +00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 16 2c |.....(.........,| +00000060 0b ab 09 d1 30 98 5a 65 59 43 7b ab f5 7a 50 6b |....0.ZeYC{..zPk| +00000070 a1 ed d9 2d 67 93 a7 1b 4a 0d 6e 78 14 f5 |...-g...J.nx..| >>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 74 |............ ..t| -00000010 80 d3 58 e2 3d dc 88 e2 73 88 cf 27 03 c5 a9 b8 |..X.=...s..'....| -00000020 52 09 cc c7 07 9f c5 8e a4 35 d5 fe 52 71 29 00 |R........5..Rq).| -00000030 90 a7 b8 49 1f 17 0b e6 1c b1 4c 05 3a d1 bd 7b |...I......L.:..{| -00000040 c1 1e 24 6e 5f 2e 57 c3 8f 40 a4 a4 e9 05 cb 89 |..$n_.W..@......| -00000050 1a 27 88 ee 20 7e 0f 3c 36 cc bb 1a 9a 5b 57 41 |.'.. ~.<6....[WA| -00000060 c5 a5 c8 ac b8 7b dc 38 04 38 8e 81 7a fd ad e8 |.....{.8.8..z...| -00000070 d4 17 29 70 92 bc 8d 95 1d 8d 11 85 75 e6 1b 4a |..)p........u..J| -00000080 73 b7 75 da ac 63 59 ea 50 e9 ad 18 4f 2f f6 b3 |s.u..cY.P...O/..| -00000090 c3 d7 46 5f f3 c3 de 08 b9 e8 b2 f9 99 33 ef 3d |..F_.........3.=| -000000a0 87 10 5d f0 26 22 4f 34 10 d1 b5 5c eb 46 44 14 |..].&"O4...\.FD.| -000000b0 03 03 00 01 01 16 03 03 00 28 d5 de 79 dc a4 08 |.........(..y...| -000000c0 ef 79 7f 0b e8 dd 11 71 5b 13 9a de 97 d4 35 59 |.y.....q[.....5Y| -000000d0 a0 eb f4 9e 6f 01 a2 4f cc 59 ea 57 dc 56 44 09 |....o..O.Y.W.VD.| -000000e0 2a 92 |*.| +00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 37 |............ ..7| +00000010 fd a3 da af 29 ce 19 e1 34 1e 44 2f 5a c8 bb fa |....)...4.D/Z...| +00000020 a3 22 fe 39 de 47 86 11 75 72 a9 63 2b cf 24 f3 |.".9.G..ur.c+.$.| +00000030 78 0c 28 27 10 b5 27 af 16 dc 4c 9b 45 9b 3c 1d |x.('..'...L.E.<.| +00000040 31 22 e1 29 06 7a 4a 97 62 63 cf 2c 3c 55 1b d2 |1".).zJ.bc.,>> Flow 5 (client to server) -00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 c6 26 13 |..............&.| -00000010 84 33 41 b2 e6 ab cf d8 b7 bd 7d a2 72 69 05 0d |.3A.......}.ri..| -00000020 8f a3 4c 15 03 03 00 1a 00 00 00 00 00 00 00 02 |..L.............| -00000030 41 d1 25 7e 36 4d 9c 53 38 a6 16 45 67 c5 66 4d |A.%~6M.S8..Eg.fM| -00000040 ff b0 |..| +00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 52 59 07 |.............RY.| +00000010 b5 0a c9 90 5a e9 fe e4 d8 e5 c1 e6 1c b7 61 4d |....Z.........aM| +00000020 bd 65 ba 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.e..............| +00000030 5d b3 de dc 80 07 2e 87 b3 0f e9 21 2c db ed 57 |]..........!,..W| +00000040 95 b5 |..| diff --git a/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-SHA-Android-22 b/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-SHA-Android-22 index d5976ef..4a87c22 100644 --- a/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-SHA-Android-22 +++ b/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES128-SHA-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 05 b2 2d 0b 47 |....=...9....-.G| -00000010 a6 e2 54 d4 e1 9b 7a 41 4f ea 60 5a 1f fd fe 38 |..T...zAO.`Z...8| -00000020 42 3f a3 26 f5 6c 6e 09 eb ee 04 00 c0 09 00 00 |B?.&.ln.........| +00000000 16 03 03 00 3d 02 00 00 39 03 03 9e 81 2f be 96 |....=...9..../..| +00000010 32 15 97 62 87 92 26 3c 15 ff b0 db c1 69 bf f8 |2..b..&<.....i..| +00000020 dc 23 d9 54 82 98 47 76 17 31 bc 00 c0 09 00 00 |.#.T..Gv.1......| 00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| 00000040 00 00 16 03 03 02 0e 0b 00 02 0a 00 02 07 00 02 |................| 00000050 04 30 82 02 00 30 82 01 62 02 09 00 b8 bf 2d 47 |.0...0..b.....-G| @@ -50,21 +50,21 @@ 00000220 8c 25 c1 33 13 83 0d 94 06 bb d4 37 7a f6 ec 7a |.%.3.......7z..z| 00000230 c9 86 2e dd d7 11 69 7f 85 7c 56 de fb 31 78 2b |......i..|V..1x+| 00000240 e4 c7 78 0d ae cb be 9e 4e 36 24 31 7b 6a 0f 39 |..x.....N6$1{j.9| -00000250 95 12 07 8f 2a 16 03 03 00 d7 0c 00 00 d3 03 00 |....*...........| -00000260 17 41 04 c6 83 33 2b 47 c8 d2 a0 60 b9 6d 8e e8 |.A...3+G...`.m..| -00000270 b2 6a 81 54 56 42 3c c9 72 17 7e a7 4c 5c 55 b9 |.j.TVB<.r.~.L\U.| -00000280 65 f2 e8 3c 11 5a a1 06 75 ed b1 27 f7 42 88 5c |e..<.Z..u..'.B.\| -00000290 a0 cb df 9d 0d fc 47 2d f3 b2 6b c6 92 9f 68 f9 |......G-..k...h.| -000002a0 14 a3 df 06 03 00 8a 30 81 87 02 41 54 1e 82 48 |.......0...AT..H| -000002b0 9f eb 40 47 20 81 25 ad b7 59 3b c6 97 0b 8d 1a |..@G .%..Y;.....| -000002c0 40 97 dd 4a 3f 76 f6 d8 65 29 b7 a9 06 57 33 cb |@..J?v..e)...W3.| -000002d0 a1 ef cf 02 55 17 81 ad 89 c1 9f 6b a0 23 f9 62 |....U......k.#.b| -000002e0 4c d4 07 68 91 fe 6e c0 8d 40 eb 25 4a 02 42 01 |L..h..n..@.%J.B.| -000002f0 18 94 e9 e1 41 ec 4b 84 8f 58 2d 3d 39 81 f2 e5 |....A.K..X-=9...| -00000300 9b 9e d9 ab 5e 60 34 f1 67 12 6b 66 92 d3 6f 45 |....^`4.g.kf..oE| -00000310 d7 5a ed a2 2a a5 80 4b 76 04 76 41 c2 95 24 8a |.Z..*..Kv.vA..$.| -00000320 bd 1b 53 06 ff d9 d0 c1 de ac c2 22 d1 1a c4 84 |..S........"....| -00000330 a1 16 03 03 00 04 0e 00 00 00 |..........| +00000250 95 12 07 8f 2a 16 03 03 00 d8 0c 00 00 d4 03 00 |....*...........| +00000260 17 41 04 d0 b4 5e 3c 45 42 4e 81 13 6d 68 de af |.A...^.B...| +00000320 5c ef c5 03 46 f6 6c 46 bc d9 74 51 00 89 3f c5 |\...F.lF..tQ..?.| +00000330 32 21 16 03 03 00 04 0e 00 00 00 |2!.........| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| @@ -72,32 +72,32 @@ 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| 00000050 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 5d 20 87 20 34 da 31 2e 3b 9b |......] . 4.1.;.| -00000070 ba 60 10 1c 41 39 2e 09 a9 1e 9b c5 57 e6 30 2b |.`..A9......W.0+| -00000080 11 bb 00 a7 b3 26 61 58 49 2b 7d 36 2f fc 91 47 |.....&aXI+}6/..G| -00000090 8e 34 ad a0 f0 70 |.4...p| +00000060 00 00 00 00 00 00 83 cf da 6d ee 53 44 ea 00 c2 |.........m.SD...| +00000070 42 64 b1 b2 f9 64 f3 f7 80 bd 1c 89 57 e4 d1 9b |Bd...d......W...| +00000080 e6 90 a4 00 6a 36 05 38 ec 0e a1 5d c1 37 f0 4a |....j6.8...].7.J| +00000090 4f 43 9d de 60 21 |OC..`!| >>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 2f |............ ../| -00000010 af 2f 7d 53 be 3c 62 3b 22 82 14 12 58 1c d6 54 |./}S.q8..!O$.(Y| +00000080 40 67 51 67 d4 fd c7 da e1 29 91 db 97 74 df 55 |@gQg.....)...t.U| +00000090 ca f1 8f 5d 28 bf 58 ca db cd 50 0d d6 87 40 9f |...](.X...P...@.| +000000a0 19 00 ab 0c 5e 1f de b9 cd 64 30 08 c3 26 c1 14 |....^....d0..&..| +000000b0 03 03 00 01 01 16 03 03 00 40 8a 54 cc 90 b9 2c |.........@.T...,| +000000c0 3b 9a 1b b1 36 03 93 93 49 5d e8 5c c6 52 f6 55 |;...6...I].\.R.U| +000000d0 38 98 ce f2 4e 4e 70 16 93 a0 72 89 b6 e7 bb 36 |8...NNp...r....6| +000000e0 83 35 70 14 53 86 43 20 7a ad 75 68 8e 4f 29 68 |.5p.S.C z.uh.O)h| +000000f0 2d 50 ac 2c ad f7 19 a0 84 c8 |-P.,......| >>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 80 ce c3 5d bb 87 a7 c6 63 96 65 |........]....c.e| -00000020 89 0c c1 73 3d 50 b9 14 6c 3f 50 87 09 bc 95 8b |...s=P..l?P.....| -00000030 cd 5b e3 bb 5d 15 03 03 00 30 00 00 00 00 00 00 |.[..]....0......| -00000040 00 00 00 00 00 00 00 00 00 00 73 c7 6a a9 68 9f |..........s.j.h.| -00000050 3e 98 99 da b3 7b aa 82 f7 59 04 cd 14 21 8d f4 |>....{...Y...!..| -00000060 1e 83 b8 f4 4d 7b 4e e9 95 eb |....M{N...| +00000010 00 00 00 00 00 90 f3 4a 44 b8 57 38 f3 f5 55 64 |.......JD.W8..Ud| +00000020 2b dc fd 31 10 b3 ca 03 f5 37 4c cf 90 10 29 df |+..1.....7L...).| +00000030 ae 6a 4f 27 ca 15 03 03 00 30 00 00 00 00 00 00 |.jO'.....0......| +00000040 00 00 00 00 00 00 00 00 00 00 60 ff c7 c8 d9 14 |..........`.....| +00000050 96 73 47 06 1f f4 81 6c 1d 50 69 d5 38 9c 3f d4 |.sG....l.Pi.8.?.| +00000060 ed 70 fd 1a be 4f 2e 33 19 59 |.p...O.3.Y| diff --git a/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES256-SHA-Android-22 b/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES256-SHA-Android-22 index 3b7d7bf..bf6f017 100644 --- a/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES256-SHA-Android-22 +++ b/testdata/Client-TLSv12-UTLS-ECDHE-ECDSA-AES256-SHA-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 98 7e 56 60 8a |....=...9...~V`.| -00000010 9a d9 bc 4f 7c 55 c4 3a 5b 2a fa 68 aa aa 63 4e |...O|U.:[*.h..cN| -00000020 b2 d0 05 d3 da ec 3a c8 ff f7 fe 00 c0 0a 00 00 |......:.........| +00000000 16 03 03 00 3d 02 00 00 39 03 03 c2 f7 37 da e5 |....=...9....7..| +00000010 8a 27 d4 fc 6d 36 28 5d 01 8c f8 49 43 00 b6 ae |.'..m6(]...IC...| +00000020 3e 8a c1 6c bf ff 62 56 42 09 f0 00 c0 0a 00 00 |>..l..bVB.......| 00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| 00000040 00 00 16 03 03 02 0e 0b 00 02 0a 00 02 07 00 02 |................| 00000050 04 30 82 02 00 30 82 01 62 02 09 00 b8 bf 2d 47 |.0...0..b.....-G| @@ -50,21 +50,21 @@ 00000220 8c 25 c1 33 13 83 0d 94 06 bb d4 37 7a f6 ec 7a |.%.3.......7z..z| 00000230 c9 86 2e dd d7 11 69 7f 85 7c 56 de fb 31 78 2b |......i..|V..1x+| 00000240 e4 c7 78 0d ae cb be 9e 4e 36 24 31 7b 6a 0f 39 |..x.....N6$1{j.9| -00000250 95 12 07 8f 2a 16 03 03 00 d6 0c 00 00 d2 03 00 |....*...........| -00000260 17 41 04 29 e7 e6 da c3 e5 0a 7a 1d 50 22 24 61 |.A.)......z.P"$a| -00000270 69 fd 96 ef 00 8b 7c a2 b9 6d 2b b3 09 0c f4 27 |i.....|..m+....'| -00000280 ad 4d 5e f1 d7 bc b2 97 5b c5 c7 15 3e c9 4e f7 |.M^.....[...>.N.| -00000290 32 ed fc 74 2b 4c b6 e8 b2 e8 33 d2 b4 33 84 c1 |2..t+L....3..3..| -000002a0 1d 29 ef 06 03 00 89 30 81 86 02 41 2b a7 bb a2 |.).....0...A+...| -000002b0 3b 22 0f ef 6f e5 44 ca 42 58 ca 25 60 47 3a 82 |;"..o.D.BX.%`G:.| -000002c0 a8 35 68 fc 83 6e 96 0e d9 11 fb 71 2a 5b e0 0f |.5h..n.....q*[..| -000002d0 ff 2e 17 13 74 8c 2c 39 1a ea d6 f0 38 4b 19 26 |....t.,9....8K.&| -000002e0 95 00 6b fa 61 b8 a9 dc 76 fc 5e da b4 02 41 6b |..k.a...v.^...Ak| -000002f0 86 39 91 a8 66 03 87 08 d5 a5 a0 46 b1 61 3a d4 |.9..f......F.a:.| -00000300 7b 1c 82 21 89 08 56 d0 d2 29 e8 51 b6 4f cc 34 |{..!..V..).Q.O.4| -00000310 f5 cd 23 b6 f0 98 3c 1a 18 79 56 30 08 ea 06 da |..#...<..yV0....| -00000320 12 ee 25 41 27 4e b1 ca 39 03 79 10 ce 31 0d ae |..%A'N..9.y..1..| -00000330 16 03 03 00 04 0e 00 00 00 |.........| +00000250 95 12 07 8f 2a 16 03 03 00 d7 0c 00 00 d3 03 00 |....*...........| +00000260 17 41 04 2a 6d 46 af 27 5b 78 f2 3e 4e fc 2c 55 |.A.*mF.'[x.>N.,U| +00000270 b2 8d 49 ba df 1b e5 3a fc 03 46 a3 4b 9f 0e cb |..I....:..F.K...| +00000280 c3 27 99 a7 8f 5d 5f 91 4d 98 07 ea 9e e7 af 4d |.'...]_.M......M| +00000290 f1 d2 d2 f0 77 dc b0 de 3c 3d a7 6a ec 68 91 94 |....w...<=.j.h..| +000002a0 df 96 f2 06 03 00 8a 30 81 87 02 41 52 1f ad ab |.......0...AR...| +000002b0 36 55 89 49 bf ff 99 30 8f 23 2e 21 47 4c 9d ff |6U.I...0.#.!GL..| +000002c0 cd db 0d 31 a8 23 d5 9a ed e2 9e c0 2a 7d e7 30 |...1.#......*}.0| +000002d0 1c 67 e8 18 ca 9c 2c c1 35 bf b8 11 07 0b 63 e5 |.g....,.5.....c.| +000002e0 ad 68 f7 d0 d6 55 90 8e 16 3f 18 90 14 02 42 01 |.h...U...?....B.| +000002f0 79 14 19 8e a6 77 63 8f 66 7d 5c ad e6 da 8f be |y....wc.f}\.....| +00000300 19 6c d8 a4 6d 90 43 3c 21 e0 d8 20 31 35 c1 99 |.l..m.C>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| @@ -72,32 +72,32 @@ 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| 00000050 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 20 ab 93 fa 57 6c 48 73 79 5f |...... ...WlHsy_| -00000070 7a ff 50 f4 a1 9d ec 6a 79 1e 68 87 ea bb 20 0a |z.P....jy.h... .| -00000080 24 97 fa 11 bf d9 ee 4c 2d 2b 80 88 11 23 a0 2e |$......L-+...#..| -00000090 79 87 d3 45 e6 e7 |y..E..| +00000060 00 00 00 00 00 00 ab ab 10 3d e0 30 ca 67 0e 2c |.........=.0.g.,| +00000070 30 c7 3d 6f 12 d0 40 7a 06 27 60 9f 6f 6a ad 1d |0.=o..@z.'`.oj..| +00000080 0c 84 5f a1 09 5b a9 29 f8 14 31 fc 90 ab 62 79 |.._..[.)..1...by| +00000090 cd 07 c8 58 f6 d9 |...X..| >>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 49 |............ ..I| -00000010 9a 8b 29 c7 e6 08 09 1a f9 61 99 ce 4b 4b 78 2e |..)......a..KKx.| -00000020 3d 48 4c 02 d3 3a ff ae dc cb 73 aa 7f 29 aa ec |=HL..:....s..)..| -00000030 e4 76 c0 b6 62 3e e7 a1 30 fa 0a f9 4d 9b ab 59 |.v..b>..0...M..Y| -00000040 8f d0 50 ef ea bd 12 e4 ab 31 b5 21 88 62 47 0e |..P......1.!.bG.| -00000050 37 37 e3 0a 88 ab 8b 88 d3 e9 70 6b 92 b3 72 1a |77........pk..r.| -00000060 f2 9b cb 57 d2 97 69 0f a0 dd cc d0 70 0d 0a 66 |...W..i.....p..f| -00000070 82 7f ea 9b b8 10 22 0e 37 93 6b e4 97 df 5d 9e |......".7.k...].| -00000080 4b 23 b8 fb 79 ff 28 d4 ed 31 fd 9f 01 a7 21 1b |K#..y.(..1....!.| -00000090 db 8b 6f bf c3 92 53 77 24 80 b4 3c f9 7a 2e a2 |..o...Sw$..<.z..| -000000a0 09 8a 6d 6b 47 8b 8e 86 18 c0 fe 78 06 59 47 14 |..mkG......x.YG.| -000000b0 03 03 00 01 01 16 03 03 00 40 78 f8 fb c1 2c 7d |.........@x...,}| -000000c0 18 5d 8a 94 f6 e9 ea c4 6f 71 50 a6 ee 62 3a 7d |.]......oqP..b:}| -000000d0 25 ef c2 6e 11 e3 04 70 76 6b 30 97 ba a1 9d 49 |%..n...pvk0....I| -000000e0 f6 47 64 60 8a ba ea 52 16 10 8d 9a 3c 56 1b 13 |.Gd`...R....>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 5f 1b 2b 17 f6 a2 53 36 49 ad e0 |....._.+...S6I..| -00000020 15 dd 38 f0 db ed c4 c2 31 76 b2 4b 11 b9 3f 72 |..8.....1v.K..?r| -00000030 48 f6 cd 2c c9 15 03 03 00 30 00 00 00 00 00 00 |H..,.....0......| -00000040 00 00 00 00 00 00 00 00 00 00 29 31 29 ca 84 78 |..........)1)..x| -00000050 c8 ed 7d 56 4d d2 d2 0d 47 f0 5a 7c 1f aa 6c d6 |..}VM...G.Z|..l.| -00000060 3b 41 b5 26 9d 05 f3 28 2f fe |;A.&...(/.| +00000010 00 00 00 00 00 b3 5d a3 6d aa ae fa 23 13 7f e2 |......].m...#...| +00000020 26 d0 b3 74 7f aa f1 7e 3e 7a 2d f2 60 d6 60 4d |&..t...~>z-.`.`M| +00000030 33 6f 09 0d dc 15 03 03 00 30 00 00 00 00 00 00 |3o.......0......| +00000040 00 00 00 00 00 00 00 00 00 00 2a 0b 5d 39 f6 6f |..........*.]9.o| +00000050 24 1b a3 38 cc 7f 14 5a 1b 9a e6 bd c3 d8 29 69 |$..8...Z......)i| +00000060 23 58 f4 48 a9 bc 6a 67 f4 28 |#X.H..jg.(| diff --git a/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-GCM-SHA256-Android-22 b/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-GCM-SHA256-Android-22 index eda50a6..a46e9c8 100644 --- a/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-GCM-SHA256-Android-22 +++ b/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-GCM-SHA256-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 83 de 75 c9 5f |....=...9....u._| -00000010 67 39 d4 57 19 ca d9 1c 3a ff 53 d8 aa 5a 4f 33 |g9.W....:.S..ZO3| -00000020 4e e7 aa ca 8d e4 1a cf 5a 98 e0 00 c0 2f 00 00 |N.......Z..../..| +00000000 16 03 03 00 3d 02 00 00 39 03 03 e7 37 01 d9 08 |....=...9...7...| +00000010 44 b6 97 5d 42 60 49 f8 f8 bc 12 b2 9c aa 83 b7 |D..]B`I.........| +00000020 55 f5 2b b9 68 9e ca a4 ec cc 02 00 c0 2f 00 00 |U.+.h......../..| 00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| 00000040 00 00 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 |......Y...U..R..| 00000050 4f 30 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 |O0..K0..........| @@ -55,48 +55,48 @@ 00000270 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 |s..Cw.......@.a.| 00000280 4c 72 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 |Lr+...F..M...>..| 00000290 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 |.B...=.`.\!.;...| -000002a0 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 2c 27 |............A.,'| -000002b0 ff f2 bb 63 4b 54 d6 8a 89 9a f7 9f 02 6c 14 85 |...cKT.......l..| -000002c0 c2 a2 a7 cd 9d 79 5a 53 fb 4c a4 5e fc b2 9d 12 |.....yZS.L.^....| -000002d0 19 c7 63 d7 85 3b 1c 24 ce ea 76 24 c3 74 73 55 |..c..;.$..v$.tsU| -000002e0 29 fa cc 24 15 9a db f6 4d 5a 2c 2c d8 cc 06 01 |)..$....MZ,,....| -000002f0 00 80 b1 49 d5 7c 2d 46 2d c5 56 0c 74 72 a7 8f |...I.|-F-.V.tr..| -00000300 2a 7b 5f 72 55 b8 36 dd eb 04 8b f7 ca 84 b6 ce |*{_rU.6.........| -00000310 c9 a0 f4 c5 e1 7f d4 9c ff e5 20 ff eb 28 cb be |.......... ..(..| -00000320 21 cb 85 ef 5b e3 60 da 38 39 57 6b 8c 55 40 e1 |!...[.`.89Wk.U@.| -00000330 84 6a d2 87 20 31 39 17 2e 09 e9 99 51 42 97 23 |.j.. 19.....QB.#| -00000340 c8 72 5b 82 70 6a ca 0e 19 28 51 ae 94 81 c8 6a |.r[.pj...(Q....j| -00000350 fe 6d 3d 9e cd e4 55 03 84 47 c8 41 91 1c dc e4 |.m=...U..G.A....| -00000360 3b 77 44 6c 88 7e 6c 28 98 e1 57 e0 b4 fa 6c b1 |;wDl.~l(..W...l.| -00000370 2f c8 16 03 03 00 04 0e 00 00 00 |/..........| +000002a0 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 08 a4 |............A...| +000002b0 25 da 45 ec 0c 20 1d ff c9 21 e4 2f 82 04 88 d7 |%.E.. ...!./....| +000002c0 d3 13 c8 72 ef 86 6d 1c f4 9c 7d 35 31 53 41 8a |...r..m...}51SA.| +000002d0 9b 3c c7 44 e8 bd 11 f4 88 30 8b dd 5f 4e 91 7e |.<.D.....0.._N.~| +000002e0 28 4d f5 a8 91 24 42 d6 5a d9 d7 80 26 00 06 01 |(M...$B.Z...&...| +000002f0 00 80 5f 2e 18 80 86 45 f2 65 a5 98 c1 50 d6 8a |.._....E.e...P..| +00000300 a8 0b 8a 78 2c ac 40 4c 20 44 32 cf 4a dc 07 82 |...x,.@L D2.J...| +00000310 8b 96 63 c2 03 82 ea 12 72 61 5c 64 f9 51 18 b6 |..c.....ra\d.Q..| +00000320 cb 9a 25 b0 ab a9 7c 8e f1 be 85 b7 50 1d 27 cc |..%...|.....P.'.| +00000330 c9 98 13 88 52 71 68 2b b2 27 82 07 fb a2 ab 04 |....Rqh+.'......| +00000340 66 c1 7e 18 b2 06 3f 5c 8b 82 c8 f9 4c 9a db 74 |f.~...?\....L..t| +00000350 df c2 5b ca 60 2c 0c cb d6 88 5d a4 26 bd e0 da |..[.`,....].&...| +00000360 a2 25 f7 81 a3 15 ad f1 12 c6 c8 89 f4 77 87 de |.%...........w..| +00000370 66 54 16 03 03 00 04 0e 00 00 00 |fT.........| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| 00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 01 ff |.....(..........| -00000060 f8 92 3a 63 d4 c5 e9 17 62 88 6a c3 26 72 58 76 |..:c....b.j.&rXv| -00000070 ca 63 8f 0d 1b f1 af 75 7c cd 93 35 a3 54 |.c.....u|..5.T| +00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 97 17 |.....(..........| +00000060 28 d4 b7 e4 ce 03 e0 91 09 cd 6c 57 4f 1a 4c e7 |(.........lWO.L.| +00000070 3c 87 72 2e 82 72 3c 69 48 da 66 b1 6a 96 |<.r..r>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 3c |............ ..<| -00000010 f5 21 c4 db 76 eb 6e c6 76 ff b0 01 de 03 ae c8 |.!..v.n.v.......| -00000020 2d d2 3a 76 a8 53 75 e1 0b 23 c8 82 23 90 f9 51 |-.:v.Su..#..#..Q| -00000030 f5 cb 47 63 38 e7 8f d7 9e e0 88 1d f3 63 b5 a2 |..Gc8........c..| -00000040 ed 27 90 02 21 df 0b e1 f3 3c b7 dd e0 d8 34 44 |.'..!....<....4D| -00000050 9f 13 6f 8a a0 01 91 ce 7e d1 3f b3 74 2c f6 3a |..o.....~.?.t,.:| -00000060 91 1b 98 86 62 d1 56 f7 3f 68 47 25 6a ed a0 ca |....b.V.?hG%j...| -00000070 c8 81 1a ae 94 15 db 3c db ee 25 dd 4c 6f 32 98 |.......<..%.Lo2.| -00000080 fa a0 bf 37 9b 9c 3b f1 18 94 4a 02 c1 d4 c6 67 |...7..;...J....g| -00000090 22 24 22 e8 d9 24 ad 7f 6c 34 37 50 3f c9 ac 45 |"$"..$..l47P?..E| -000000a0 f9 8e 88 d0 41 ff e8 8f c6 83 38 eb 9d 65 f1 14 |....A.....8..e..| -000000b0 03 03 00 01 01 16 03 03 00 28 03 46 d2 af 96 b2 |.........(.F....| -000000c0 2d 6a 2e 24 be 99 f2 d7 53 e8 cc 5d 33 50 19 25 |-j.$....S..]3P.%| -000000d0 0f 4d 8a ec 8d 77 d5 58 67 be cd b6 80 5c f8 5d |.M...w.Xg....\.]| -000000e0 a1 4e |.N| +00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 9b |............ ...| +00000010 5c 80 64 bf ad 0b 7f f2 f8 b9 a3 a1 d8 9e 66 ec |\.d...........f.| +00000020 55 73 e9 44 03 80 e2 32 f8 bb 79 89 c6 08 70 3a |Us.D...2..y...p:| +00000030 9c 14 9b d1 90 d7 15 26 6e 5d f1 78 9f 03 f7 d4 |.......&n].x....| +00000040 be eb 3d b9 b2 32 f8 e5 b9 79 64 5e fe ed be c2 |..=..2...yd^....| +00000050 73 a8 da e8 61 c9 39 a9 be b7 36 08 ab 59 f8 d9 |s...a.9...6..Y..| +00000060 f7 3f 4a ed cf a4 59 e0 b3 e3 5b 65 d8 9d 92 86 |.?J...Y...[e....| +00000070 42 12 5b 3d e5 f7 0f 9d c6 be 45 d7 04 78 9f d9 |B.[=......E..x..| +00000080 9e d4 4a f3 2c b1 a3 ea ee 37 4f 9d 14 1c bf 88 |..J.,....7O.....| +00000090 be cb ea a4 83 93 db e1 63 02 d4 a6 44 cd 23 36 |........c...D.#6| +000000a0 74 a5 08 a2 dc 3a e2 49 dc 0f bf 9d 6c b0 77 14 |t....:.I....l.w.| +000000b0 03 03 00 01 01 16 03 03 00 28 ce f5 ca 7c b3 a1 |.........(...|..| +000000c0 c4 c6 66 68 42 72 16 12 ef 08 3d c7 2a c4 0b 93 |..fhBr....=.*...| +000000d0 fe 1d 5b 24 3b da 5d 11 da 9d e3 55 af 2c c4 61 |..[$;.]....U.,.a| +000000e0 ca 2b |.+| >>> Flow 5 (client to server) -00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 66 61 98 |.............fa.| -00000010 10 ed c0 5d 9d 1d 0e 9f 35 c9 50 fc 4a d9 39 06 |...]....5.P.J.9.| -00000020 63 73 e7 15 03 03 00 1a 00 00 00 00 00 00 00 02 |cs..............| -00000030 5b 0c 8d f5 e0 88 97 5e ba a7 78 cc f1 f2 69 19 |[......^..x...i.| -00000040 44 83 |D.| +00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 ec f0 e7 |................| +00000010 ac 12 1c 79 82 52 41 d7 6d 12 17 16 28 17 ae 74 |...y.RA.m...(..t| +00000020 d3 f9 bb 15 03 03 00 1a 00 00 00 00 00 00 00 02 |................| +00000030 43 2d 84 2d a2 32 ba 41 9c 90 ff 2d 77 ac f0 c7 |C-.-.2.A...-w...| +00000040 e8 ef |..| diff --git a/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-SHA-Android-22 b/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-SHA-Android-22 index 3537e6d..1b2548d 100644 --- a/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-SHA-Android-22 +++ b/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES128-SHA-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 a5 6d 48 df 33 |....=...9...mH.3| -00000010 e4 75 4b 37 b4 36 84 c4 ff 32 b0 3f cb ff 3f d6 |.uK7.6...2.?..?.| -00000020 a6 f6 b2 a0 d7 84 f6 c0 70 d0 ad 00 c0 13 00 00 |........p.......| +00000000 16 03 03 00 3d 02 00 00 39 03 03 c4 76 93 e0 08 |....=...9...v...| +00000010 9c d4 7e 72 7f 3b b0 b4 b2 2d 61 8f b2 7d cd 74 |..~r.;...-a..}.t| +00000020 b3 4f 8a 83 c7 f2 2f 5e b5 cd ee 00 c0 13 00 00 |.O..../^........| 00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| 00000040 00 00 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 |......Y...U..R..| 00000050 4f 30 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 |O0..K0..........| @@ -55,20 +55,20 @@ 00000270 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 |s..Cw.......@.a.| 00000280 4c 72 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 |Lr+...F..M...>..| 00000290 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 |.B...=.`.\!.;...| -000002a0 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 1c fd |............A...| -000002b0 f6 6e e5 35 c4 18 ae c3 d9 4d 97 de 78 f0 44 73 |.n.5.....M..x.Ds| -000002c0 a8 76 85 0e 41 5c 49 5b 10 5b 90 c4 7b 9b f9 3c |.v..A\I[.[..{..<| -000002d0 9c dd 42 26 4f 47 1b 09 56 b5 19 27 a4 21 9c 2d |..B&OG..V..'.!.-| -000002e0 00 4d 92 1c 6c ed 00 9b 31 1b cb 90 ad e4 06 01 |.M..l...1.......| -000002f0 00 80 67 1d 29 1a 14 5a cb be b5 f8 11 a7 93 5e |..g.)..Z.......^| -00000300 da e2 c2 81 ed 3a 33 c0 32 c4 05 c5 75 5f de 15 |.....:3.2...u_..| -00000310 f3 b9 46 95 aa ee c7 67 34 2b 40 cc 22 e1 12 a4 |..F....g4+@."...| -00000320 a6 59 29 e7 54 30 f8 8e 08 e6 38 1d 37 f4 50 08 |.Y).T0....8.7.P.| -00000330 d3 3d 28 9b 9c c7 c7 ab 2c 6a 6e db 2e 57 84 e8 |.=(.....,jn..W..| -00000340 a5 77 97 ca d8 29 77 94 93 04 6f da 50 fc 41 c4 |.w...)w...o.P.A.| -00000350 d6 d7 1a ec b9 66 2a ed 17 4f 01 d2 94 7f 82 e4 |.....f*..O......| -00000360 e2 ea c5 30 12 b5 1e c3 44 cc 03 ba 34 12 47 e8 |...0....D...4.G.| -00000370 9e fc 16 03 03 00 04 0e 00 00 00 |...........| +000002a0 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 18 e3 |............A...| +000002b0 93 8e 39 e6 b0 dd 7e 07 50 6b ac 3f 57 da 04 b6 |..9...~.Pk.?W...| +000002c0 33 de de 66 02 1d 3d 2e 23 59 d5 50 ec 90 d6 76 |3..f..=.#Y.P...v| +000002d0 dd aa 61 6c b0 97 bb d8 a9 f7 d0 cb 3f 0f 8e 5a |..al........?..Z| +000002e0 3e 4c 67 7c 07 e9 b9 05 37 f9 55 38 e7 17 06 01 |>Lg|....7.U8....| +000002f0 00 80 a7 21 05 53 2c cf 42 5d 2b 20 53 54 bb a9 |...!.S,.B]+ ST..| +00000300 11 f0 97 08 c1 bb 1a 45 94 7b 70 54 a1 d0 e0 d3 |.......E.{pT....| +00000310 8f 26 e1 d9 a2 b0 4c 82 df ba 15 c6 bb 17 43 62 |.&....L.......Cb| +00000320 34 a4 54 c5 07 ad f0 1c 0f 72 65 b9 e9 db e1 bc |4.T......re.....| +00000330 dd 27 13 38 ba 20 70 0c 8b 0c 4f aa d0 75 6c 92 |.'.8. p...O..ul.| +00000340 47 1a b1 f5 a4 53 4f 9d 5b 84 a6 b8 04 d1 97 a4 |G....SO.[.......| +00000350 f3 e8 ba 1e 6d 4d 1f ef 76 7c 74 f2 bc 18 b1 fb |....mM..v|t.....| +00000360 5c ef 7c 20 dd 7a f1 2e 47 bc 1f a7 b1 62 a8 86 |\.| .z..G....b..| +00000370 f5 26 16 03 03 00 04 0e 00 00 00 |.&.........| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| @@ -76,32 +76,32 @@ 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| 00000050 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 bf 98 78 3b 51 81 70 2d 1c 5d |........x;Q.p-.]| -00000070 a6 1b ec ef 0a ae a0 52 dd 25 2a 26 45 29 58 93 |.......R.%*&E)X.| -00000080 59 b1 32 eb 83 8e 41 44 0d 57 b7 93 2a 13 c5 e2 |Y.2...AD.W..*...| -00000090 a1 7c 47 87 b2 0a |.|G...| +00000060 00 00 00 00 00 00 f0 33 8d 8e 3a 74 72 61 95 ea |.......3..:tra..| +00000070 ad db 26 71 e0 77 86 c6 cf 99 83 f2 8e fc 5f 92 |..&q.w........_.| +00000080 f1 56 7b 19 86 bc 81 b8 c0 c9 19 1a 8b e0 6e 8d |.V{...........n.| +00000090 d9 f6 56 a3 dc a5 |..V...| >>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 ec |............ ...| -00000010 56 10 cc 76 e5 78 39 22 8e 76 53 03 db 34 5e e3 |V..v.x9".vS..4^.| -00000020 a3 dd e5 fb 3f ba 38 a5 e3 8d 87 7a f3 b0 88 2d |....?.8....z...-| -00000030 81 ca 7c 0c da 56 5d 42 1e 45 a5 41 9d 52 3c 98 |..|..V]B.E.A.R<.| -00000040 bb 42 ad 90 51 06 95 ab 2b 7c f0 9f fa 54 1f 6d |.B..Q...+|...T.m| -00000050 55 a3 5e 77 1a b1 41 0e 30 4d 6c 06 af cf 13 99 |U.^w..A.0Ml.....| -00000060 89 47 40 77 f3 5f 15 81 e9 05 8d 23 31 00 a0 f4 |.G@w._.....#1...| -00000070 ab 02 90 03 f5 67 cb 93 9d f0 28 a6 0f 1d 7b ca |.....g....(...{.| -00000080 71 2a 59 2e b1 6d 32 de 11 99 11 2e 58 f3 c5 de |q*Y..m2.....X...| -00000090 cb b8 d3 35 b9 53 5a 44 c9 49 d0 a6 f8 d0 7b aa |...5.SZD.I....{.| -000000a0 f8 95 38 5b 61 78 21 1c be 2a c8 01 20 03 be 14 |..8[ax!..*.. ...| -000000b0 03 03 00 01 01 16 03 03 00 40 a0 82 06 07 49 de |.........@....I.| -000000c0 e9 85 67 1b 26 20 7c 1b ef 0c c8 68 c3 7b 81 8e |..g.& |....h.{..| -000000d0 e4 a7 4e 94 ff 5e 45 ce 6a a3 7a 29 ab 4c 28 7f |..N..^E.j.z).L(.| -000000e0 69 ec da ca 4f 3e 98 1c 8a 41 5f ba 7d 2d 13 28 |i...O>...A_.}-.(| -000000f0 a2 72 a3 14 da 98 7a 6c ef 77 |.r....zl.w| +00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 20 |............ .. | +00000010 3f 64 1b 3f ce e2 af ff b5 19 24 ed fc ce 9d 32 |?d.?......$....2| +00000020 9f dd 0c d6 3d 9a 7c 2f 5d 2d 68 61 24 bc a7 aa |....=.|/]-ha$...| +00000030 7a 2f 99 5f 53 c0 a9 53 eb 10 13 c5 aa 18 62 21 |z/._S..S......b!| +00000040 b6 b2 fa 9c 00 e8 30 dd c6 75 bb 3d c2 70 a3 da |......0..u.=.p..| +00000050 06 8a 95 0a 33 d4 35 76 bf bb 5a c8 45 ec d1 a6 |....3.5v..Z.E...| +00000060 50 26 13 ec 2c e9 bc 7e 4b 3f 1d 03 6c aa d8 97 |P&..,..~K?..l...| +00000070 dc 93 c2 33 2a 06 f9 90 e1 ff d9 cb a9 43 ee 19 |...3*........C..| +00000080 14 e4 a8 46 e9 c9 1f 31 28 80 03 cf 90 19 0c 0b |...F...1(.......| +00000090 45 6e 0f 53 78 76 30 3b f2 f2 59 c6 08 f0 cd df |En.Sxv0;..Y.....| +000000a0 66 e7 3b 62 3b 59 1a b4 ca 7e 58 3e 30 f9 37 14 |f.;b;Y...~X>0.7.| +000000b0 03 03 00 01 01 16 03 03 00 40 b7 d5 36 93 de 52 |.........@..6..R| +000000c0 f4 3e 63 86 8f f7 70 6e d5 79 da 76 05 0b 56 f2 |.>c...pn.y.v..V.| +000000d0 ea f2 34 42 9c 02 24 07 3d d8 b5 89 cf c2 bf bb |..4B..$.=.......| +000000e0 27 3b 57 1d 8c 19 3b bd 2e 58 b5 db dd 13 24 46 |';W...;..X....$F| +000000f0 4e 2d bf 34 62 cc d0 f3 49 1f |N-.4b...I.| >>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 a9 57 aa 50 33 9b 04 8d db 4b cd |......W.P3....K.| -00000020 0d e6 ca fc e8 58 24 d1 f4 d7 13 69 5a d0 a8 2b |.....X$....iZ..+| -00000030 ec ea ab 1b d2 15 03 03 00 30 00 00 00 00 00 00 |.........0......| -00000040 00 00 00 00 00 00 00 00 00 00 3c b1 d0 db c9 4a |..........<....J| -00000050 fd a3 8e 90 cd 86 49 a5 9d c6 95 bf 98 59 45 48 |......I......YEH| -00000060 ad 08 5c ea 60 24 fa 9e 6c d6 |..\.`$..l.| +00000010 00 00 00 00 00 0b 4d de 6d b7 ec 86 a8 12 75 5e |......M.m.....u^| +00000020 02 94 f9 67 db 02 fe 08 1f 3c b0 f3 9b aa ee 36 |...g.....<.....6| +00000030 39 30 4a 64 04 15 03 03 00 30 00 00 00 00 00 00 |90Jd.....0......| +00000040 00 00 00 00 00 00 00 00 00 00 fe 7e fd e1 25 09 |...........~..%.| +00000050 34 91 f2 f7 65 e3 f2 87 7d aa 3b 4d ee 21 bc ae |4...e...}.;M.!..| +00000060 76 ee f7 86 82 9e 3e 5a 5d 91 |v.....>Z].| diff --git a/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES256-SHA-Android-22 b/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES256-SHA-Android-22 index 95833b9..8d4b25d 100644 --- a/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES256-SHA-Android-22 +++ b/testdata/Client-TLSv12-UTLS-ECDHE-RSA-AES256-SHA-Android-22 @@ -13,9 +13,9 @@ 000000b0 33 2e 31 00 0b 00 02 01 00 00 0a 00 08 00 06 00 |3.1.............| 000000c0 17 00 18 00 19 |.....| >>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 8b 3e 63 de d4 |....=...9...>c..| -00000010 76 f3 88 6f 0e 35 0f 6a 18 03 2a b1 10 11 82 ea |v..o.5.j..*.....| -00000020 a5 c2 8b 6c 77 35 01 71 13 b7 f2 00 c0 14 00 00 |...lw5.q........| +00000000 16 03 03 00 3d 02 00 00 39 03 03 86 80 de 47 3d |....=...9.....G=| +00000010 a0 a5 f1 25 38 21 32 32 a7 12 2e f8 be 2e 0f 8c |...%8!22........| +00000020 42 84 8c d2 d6 33 dc 05 a2 33 3b 00 c0 14 00 00 |B....3...3;.....| 00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| 00000040 00 00 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 |......Y...U..R..| 00000050 4f 30 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 |O0..K0..........| @@ -55,20 +55,20 @@ 00000270 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 |s..Cw.......@.a.| 00000280 4c 72 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 |Lr+...F..M...>..| 00000290 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 |.B...=.`.\!.;...| -000002a0 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 2e c8 |............A...| -000002b0 2d cc 7a 32 59 32 54 a7 2a fc bd 80 b3 b0 29 a9 |-.z2Y2T.*.....).| -000002c0 a0 a8 3f 9d 5e 35 c5 7c 3d a2 7e 02 85 56 06 66 |..?.^5.|=.~..V.f| -000002d0 e4 6a 50 bd d1 6a b9 2f 83 cf bb 95 a8 47 15 0b |.jP..j./.....G..| -000002e0 96 63 0d eb 3b 51 cf e0 f4 a9 ce 85 b7 0c 06 01 |.c..;Q..........| -000002f0 00 80 53 54 11 b7 1b b4 bd 59 7e 65 04 8a 12 7b |..ST.....Y~e...{| -00000300 c1 de 4f 71 32 a8 b8 21 08 05 e1 33 bf 83 c4 3e |..Oq2..!...3...>| -00000310 27 10 e7 5b 16 7a ac 6b ee a1 92 ea ea bb 22 5b |'..[.z.k......"[| -00000320 6c 68 ce b1 e8 a2 51 a8 07 1c c0 98 fa 3c 01 59 |lh....Q......<.Y| -00000330 9e f0 ee 13 51 7c 09 78 d2 33 7b 2b 8c da 85 f1 |....Q|.x.3{+....| -00000340 96 05 8e ae 4d 92 51 1f fb 48 03 66 99 28 cb 2e |....M.Q..H.f.(..| -00000350 9f 63 47 51 ba 5b 28 d0 3b 8a 9e d9 c8 51 a8 af |.cGQ.[(.;....Q..| -00000360 dd a6 2e d5 84 0d c2 e4 f8 f4 2b 97 b1 ba 7d e8 |..........+...}.| -00000370 45 0d 16 03 03 00 04 0e 00 00 00 |E..........| +000002a0 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 8f 95 |............A...| +000002b0 ae 7a 23 c7 a8 93 6a 14 f2 bd 79 4f d8 89 0b 90 |.z#...j...yO....| +000002c0 e9 30 2b a5 a2 fe ca 82 fe ac 3e 1b 72 58 c0 f2 |.0+.......>.rX..| +000002d0 3d c8 1a 41 73 2e 31 21 b3 de b5 45 f9 99 ba 35 |=..As.1!...E...5| +000002e0 0f 20 86 8e 4c b8 31 21 27 63 4e a6 51 7d 06 01 |. ..L.1!'cN.Q}..| +000002f0 00 80 d4 37 38 1f 04 7b 2a 6b ae 33 50 b8 3e 2b |...78..{*k.3P.>+| +00000300 82 47 a3 88 2b 18 49 07 cb be b7 5b ff db 73 20 |.G..+.I....[..s | +00000310 a0 07 9b f4 17 9d ef 09 c4 0b a6 7d 2e 46 6d 4c |...........}.FmL| +00000320 06 9d 64 ef fb e0 db 79 93 62 2a 2d 00 10 71 0e |..d....y.b*-..q.| +00000330 14 5b 1e 83 6b 19 f4 59 29 37 9c cd dc cb 50 87 |.[..k..Y)7....P.| +00000340 17 94 01 3e 3f 07 ff cc ea 69 f3 f5 86 d7 9a 4f |...>?....i.....O| +00000350 d9 1a de 4d fe fa fb 22 45 f8 c0 06 95 42 cc 51 |...M..."E....B.Q| +00000360 02 9c f3 19 f8 da 13 27 75 e7 60 f5 a0 d9 c6 b0 |.......'u.`.....| +00000370 47 09 16 03 03 00 04 0e 00 00 00 |G..........| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| @@ -76,32 +76,32 @@ 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| 00000050 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 77 04 90 a4 32 b4 73 6b 41 4e |......w...2.skAN| -00000070 7b 25 a4 62 24 d6 8d 43 0d 45 19 51 99 53 f5 45 |{%.b$..C.E.Q.S.E| -00000080 76 26 5f 32 d0 ff cd 0f 86 a3 0e f8 7e 2f 09 8b |v&_2........~/..| -00000090 2e 1c 03 9c 25 f4 |....%.| +00000060 00 00 00 00 00 00 d9 e5 57 fb f5 9a 45 31 95 29 |........W...E1.)| +00000070 31 01 ec 1c 37 d1 9c 1c 1c 2c de 12 6f 1b ba 8b |1...7....,..o...| +00000080 33 a2 f9 8c 1f 43 b9 77 0e 2f 71 32 f7 06 42 71 |3....C.w./q2..Bq| +00000090 4c bb 10 d1 7c 7f |L...|.| >>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 79 |............ ..y| -00000010 f1 01 24 4b 47 9e 51 dc 90 98 cc 88 09 66 2b c0 |..$KG.Q......f+.| -00000020 ca b4 fc be 56 da d1 0c 86 61 91 a2 36 e2 55 91 |....V....a..6.U.| -00000030 f7 a2 d5 8c e8 4c 76 4b 3e 19 b2 33 fd 43 c1 5c |.....LvK>..3.C.\| -00000040 2a 67 9d 21 c3 2c 65 52 0e 6b bb 5f ca c6 1a fe |*g.!.,eR.k._....| -00000050 29 1e 42 10 56 4b 7b 58 93 72 5a 78 13 4c 42 cc |).B.VK{X.rZx.LB.| -00000060 17 f7 33 06 41 b7 f3 49 f0 45 f7 0a ca 16 d7 8c |..3.A..I.E......| -00000070 f5 60 ea 17 cf a0 b5 c2 3a c3 6b e6 65 75 48 c4 |.`......:.k.euH.| -00000080 76 37 37 28 ca f9 ae 43 ca 64 d1 33 21 02 fd 95 |v77(...C.d.3!...| -00000090 f1 75 15 ea b1 44 94 61 21 c4 4b 33 38 b9 cf cb |.u...D.a!.K38...| -000000a0 29 8f 91 12 25 11 93 d3 c3 5e 2d 48 fa ac 1b 14 |)...%....^-H....| -000000b0 03 03 00 01 01 16 03 03 00 40 f8 ca ea 95 92 6b |.........@.....k| -000000c0 c5 51 28 f6 01 e1 f1 77 f2 b8 55 3c f2 9b dd 4f |.Q(....w..U<...O| -000000d0 82 6d 16 17 02 bf ba 05 c7 bf 16 b2 68 fe d8 e3 |.m..........h...| -000000e0 b7 ad 2a 49 87 15 b4 25 7b bf 15 f4 2c 6b cd e9 |..*I...%{...,k..| -000000f0 7e ba c9 22 88 b4 d7 fa 3a 4b |~.."....:K| +00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 05 |............ ...| +00000010 fd c2 60 9f fa ba 3e 19 63 db da 43 68 65 5b 5c |..`...>.c..Che[\| +00000020 71 e8 58 e6 94 dc 42 e2 a5 08 89 bc 3e be ef bd |q.X...B.....>...| +00000030 20 b2 a1 99 58 14 05 47 cd 8d 2b ac 99 a4 28 11 | ...X..G..+...(.| +00000040 89 95 4d 07 3a d0 e4 7c 98 0f 5c 4b 62 08 da 80 |..M.:..|..\Kb...| +00000050 37 3c f9 b8 c4 f3 aa 44 4d be 99 70 4a 02 93 66 |7<.....DM..pJ..f| +00000060 16 e8 23 ff f5 62 96 2c cc b8 83 85 3f bb 6c a6 |..#..b.,....?.l.| +00000070 8e 49 c5 bb 4a 0c 20 97 21 a0 e6 98 c2 49 d3 df |.I..J. .!....I..| +00000080 6a 83 fc 84 2d e8 bc 79 0a 0b 78 45 51 54 9d c5 |j...-..y..xEQT..| +00000090 14 1f 52 97 0d 35 3e 9d f0 f5 e1 49 13 11 f4 a2 |..R..5>....I....| +000000a0 00 93 b1 dd 2c 14 e9 bc eb c1 0d d5 1b 30 e4 14 |....,........0..| +000000b0 03 03 00 01 01 16 03 03 00 40 a3 e7 1b 22 2d 2c |.........@..."-,| +000000c0 8b ed 72 2c e0 8c 28 b6 49 1d 07 87 c1 24 0b 60 |..r,..(.I....$.`| +000000d0 fd 8f c2 40 38 90 7f 59 02 64 c1 c1 db e0 6b 37 |...@8..Y.d....k7| +000000e0 ba 12 c5 3a 44 49 f9 83 e5 e3 5b 37 d8 3a 03 b3 |...:DI....[7.:..| +000000f0 62 e3 06 1f 16 7d c3 dc 15 7d |b....}...}| >>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 68 8e 89 29 68 99 fb 6e 8b e3 fb |.....h..)h..n...| -00000020 7b 1f b1 d3 ca 0b 0c 6f 23 dd ca 02 0a cf 93 11 |{......o#.......| -00000030 fc e7 3d 18 ce 15 03 03 00 30 00 00 00 00 00 00 |..=......0......| -00000040 00 00 00 00 00 00 00 00 00 00 f6 50 1a 7b 60 a1 |...........P.{`.| -00000050 8c 41 63 4d 0f cc d5 94 81 d9 e2 7d 43 1d 5f 7a |.AcM.......}C._z| -00000060 c1 9b d9 8d f7 4d 1e d0 7d 96 |.....M..}.| +00000010 00 00 00 00 00 1b 56 48 ca 8b 40 0a c0 5d e0 33 |......VH..@..].3| +00000020 f8 2b d2 4d 07 2d a7 80 fe 43 0f 0e ac 0f 9f 73 |.+.M.-...C.....s| +00000030 67 d2 30 b3 00 15 03 03 00 30 00 00 00 00 00 00 |g.0......0......| +00000040 00 00 00 00 00 00 00 00 00 00 bb ab fa 77 25 5c |.............w%\| +00000050 43 84 93 9f 69 c1 81 30 30 cf fb 69 d3 cd 56 f5 |C...i..00..i..V.| +00000060 76 78 2b 3a 10 53 7f d8 81 1a |vx+:.S....| diff --git a/u_common.go b/u_common.go index 12b4539..a869643 100644 --- a/u_common.go +++ b/u_common.go @@ -8,16 +8,15 @@ import "fmt" // Naming convention: // Unsupported things are prefixed with "Fake" +// Things, supported by utls, but not crypto/tls' are prefixed with "utls" // Supported things, that have changed their ID are prefixed with "Old" // Supported but disabled things are prefixed with "Disabled". We will _enable_ them. const ( - // padding isn't quite a 'fake' extension, as uTLS provides full implementation - // just denotes that crypto/tls doesn't provide it - fakeExtensionPadding uint16 = 21 + utlsExtensionPadding uint16 = 21 + utlsExtensionExtendedMasterSecret uint16 = 23 // https://tools.ietf.org/html/rfc7627 - // extensions below break connection, if server echoes them back - fakeExtensionExtendedMasterSecret uint16 = 23 - fakeExtensionChannelID uint16 = 30032 // not IANA assigned + // extensions with 'fake' prefix break connection, if server echoes them back + fakeExtensionChannelID uint16 = 30032 // not IANA assigned ) const ( @@ -46,7 +45,6 @@ var ( const ( disabledHashSHA512 uint8 = 6 // Supported, but disabled by default. Will be enabled, as needed fakeHashSHA224 uint8 = 3 // Supported, but we won't enable it: sounds esoteric and fishy - ) type ClientHelloID struct { @@ -90,8 +88,8 @@ var ( HelloRandomizedNoALPN ClientHelloID = ClientHelloID{helloRandomized, helloRandomizedNoALPN} // The rest will will parrot given browser. - HelloFirefox_Auto ClientHelloID = ClientHelloID{helloFirefox, helloAutoVers} - HelloFirefox_55 = ClientHelloID{helloFirefox, 55} + HelloFirefox_Auto ClientHelloID = ClientHelloID{helloFirefox, helloAutoVers} + HelloFirefox_55 = ClientHelloID{helloFirefox, 55} HelloChrome_Auto ClientHelloID = ClientHelloID{helloChrome, helloAutoVers} HelloChrome_58 ClientHelloID = ClientHelloID{helloChrome, 58} @@ -101,7 +99,6 @@ var ( HelloAndroid_5_1_Browser ClientHelloID = ClientHelloID{helloAndroid, 22} ) - // Appends {hash, sig} to supportedSignatureAlgorithms, if not there already // Used to enable already supported but disabled signatures func appendToGlobalSigAlgs(hash uint8, sig uint8) { diff --git a/u_conn.go b/u_conn.go index 774d455..88b67fe 100644 --- a/u_conn.go +++ b/u_conn.go @@ -306,9 +306,9 @@ func (uconn *UConn) marshalClientHello() error { 1 + len(hello.CompressionMethods) extensionsLen := 0 - var paddingExt *FakePaddingExtension + var paddingExt *utlsPaddingExtension for _, ext := range uconn.Extensions { - if pe, ok := ext.(*FakePaddingExtension); !ok { + if pe, ok := ext.(*utlsPaddingExtension); !ok { // If not padding - just add length of extension to total length extensionsLen += ext.Len() } else { diff --git a/u_conn_test.go b/u_conn_test.go index 5a5690e..aa04311 100644 --- a/u_conn_test.go +++ b/u_conn_test.go @@ -230,8 +230,7 @@ func TestUTLSHandshakeClientParrotAndroid_5_1(t *testing.T) { testUTLSHandshakeClientRSA_AES128_GCM_SHA256(t, helloID) } -// Enable whenever EMS is implemented -func disabledtestUTLSHandshakeClientParrotAndroid_6_0(t *testing.T) { +func TestUTLSHandshakeClientParrotAndroid_6_0(t *testing.T) { helloID := HelloAndroid_6_0_Browser // As this package sometimes has to modify global vars cipherSuites and supportedSignatureAlgorithms, @@ -256,8 +255,7 @@ func disabledtestUTLSHandshakeClientParrotAndroid_6_0(t *testing.T) { testUTLSHandshakeClientRSA_AES128_GCM_SHA256(t, helloID) } -// Enable whenever EMS is implemented -func disabledtestUTLSHandshakeClientParrotChrome_58(t *testing.T) { +func TestUTLSHandshakeClientParrotChrome_58(t *testing.T) { helloID := HelloChrome_58 // As this package sometimes has to modify global vars cipherSuites and supportedSignatureAlgorithms, @@ -282,6 +280,36 @@ func disabledtestUTLSHandshakeClientParrotChrome_58(t *testing.T) { testUTLSHandshakeClientRSA_AES128_GCM_SHA256(t, helloID) } + +func TestUTLSHandshakeClientParrotFirefox_55(t *testing.T) { + helloID := HelloFirefox_55 + + // As this package sometimes has to modify global vars cipherSuites and supportedSignatureAlgorithms, + // we'll back them up and restore after running the tests. + supportedSignatureAlgorithmsBackup := make([]signatureAndHash, len(supportedSignatureAlgorithms)) + copy(supportedSignatureAlgorithmsBackup, supportedSignatureAlgorithms) + defer func() { + supportedSignatureAlgorithms = supportedSignatureAlgorithmsBackup + }() + + testUTLSHandshakeClientECDHE_ECDSA_AES128_GCM_SHA256(t, helloID) + testUTLSHandshakeClientECDHE_RSA_AES128_GCM_SHA256(t, helloID) + + testUTLSHandshakeClientECDHE_ECDSA_WITH_CHACHA20_POLY1305(t, helloID) + testUTLSHandshakeClientECDHE_RSA_WITH_CHACHA20_POLY1305(t, helloID) + + testUTLSHandshakeClientECDHE_ECDSA_AES256_GCM_SHA256(t, helloID) + testUTLSHandshakeClientECDHE_RSA_AES256_GCM_SHA256(t, helloID) + + testUTLSHandshakeClientECDHE_ECDSA_AES256_CBC_SHA(t, helloID) + testUTLSHandshakeClientECDHE_ECDSA_AES128_CBC_SHA(t, helloID) + + testUTLSHandshakeClientECDHE_RSA_AES256_CBC_SHA(t, helloID) + testUTLSHandshakeClientECDHE_RSA_AES128_CBC_SHA(t, helloID) + + testUTLSHandshakeClientRSA_AES128_GCM_SHA256(t, helloID) +} + func getUTLSTestConfig() *Config { testUTLSConfig := &Config{ Time: func() time.Time { return time.Unix(0, 0) }, diff --git a/u_parrots.go b/u_parrots.go index 0624939..072c44d 100644 --- a/u_parrots.go +++ b/u_parrots.go @@ -111,7 +111,7 @@ func (uconn *UConn) parrotFirefox_55() error { } sni := SNIExtension{uconn.config.ServerName} - ems := FakeExtendedMasterSecretExtension{} + ems := utlsExtendedMasterSecretExtension{} reneg := RenegotiationInfoExtension{renegotiation: RenegotiateOnceAsClient} curves := SupportedCurvesExtension{[]CurveID{X25519, CurveP256, CurveP384, CurveP521}} points := SupportedPointsExtension{SupportedPoints: []byte{pointFormatUncompressed}} @@ -128,6 +128,8 @@ func (uconn *UConn) parrotFirefox_55() error { } alpn := ALPNExtension{AlpnProtocols: []string{"h2", "http/1.1"}} status := StatusRequestExtension{} + appendToGlobalSigAlgs(disabledHashSHA512, signatureRSA) + appendToGlobalSigAlgs(disabledHashSHA512, signatureECDSA) sigAndHash := SignatureAlgorithmsExtension{SignatureAndHashes: []SignatureAndHash{ {hashSHA256, signatureECDSA}, {hashSHA384, signatureECDSA}, @@ -141,7 +143,7 @@ func (uconn *UConn) parrotFirefox_55() error { {hashSHA1, signatureECDSA}, {hashSHA1, signatureRSA}}, } - padding := FakePaddingExtension{GetPaddingLen: boringPaddingStyle} + padding := utlsPaddingExtension{GetPaddingLen: boringPaddingStyle} uconn.Extensions = []TLSExtension{ &sni, &ems, @@ -186,7 +188,7 @@ func (uconn *UConn) parrotAndroid_6_0() error { } sni := SNIExtension{uconn.config.ServerName} - ems := FakeExtendedMasterSecretExtension{} + ems := utlsExtendedMasterSecretExtension{} sessionTicket := SessionTicketExtension{Session: session} if session != nil { sessionTicket.Session = session @@ -215,7 +217,7 @@ func (uconn *UConn) parrotAndroid_6_0() error { alpn := ALPNExtension{AlpnProtocols: []string{"http/1.1", "spdy/8.1"}} points := SupportedPointsExtension{SupportedPoints: []byte{pointFormatUncompressed}} curves := SupportedCurvesExtension{[]CurveID{CurveP256, CurveP384}} - padding := FakePaddingExtension{GetPaddingLen: boringPaddingStyle} + padding := utlsPaddingExtension{GetPaddingLen: boringPaddingStyle} uconn.Extensions = []TLSExtension{ &sni, @@ -293,7 +295,7 @@ func (uconn *UConn) parrotAndroid_5_1() error { alpn := ALPNExtension{AlpnProtocols: []string{"http/1.1", "spdy/3", "spdy/3.1"}} points := SupportedPointsExtension{SupportedPoints: []byte{pointFormatUncompressed}} curves := SupportedCurvesExtension{[]CurveID{CurveP256, CurveP384, CurveP521}} - padding := FakePaddingExtension{GetPaddingLen: boringPaddingStyle} + padding := utlsPaddingExtension{GetPaddingLen: boringPaddingStyle} uconn.Extensions = []TLSExtension{ &sni, @@ -345,7 +347,7 @@ func (uconn *UConn) parrotChrome_58() error { grease1 := FakeGREASEExtension{Value: grease_ext1} reneg := RenegotiationInfoExtension{renegotiation: RenegotiateOnceAsClient} sni := SNIExtension{uconn.config.ServerName} - ems := FakeExtendedMasterSecretExtension{} + ems := utlsExtendedMasterSecretExtension{} sessionTicket := SessionTicketExtension{Session: session} if session != nil { sessionTicket.Session = session @@ -375,7 +377,7 @@ func (uconn *UConn) parrotChrome_58() error { curves := SupportedCurvesExtension{[]CurveID{CurveID(GetBoringGREASEValue(hello.Random, ssl_grease_group)), X25519, CurveP256, CurveP384}} grease2 := FakeGREASEExtension{Value: grease_ext2, Body: []byte{0}} - padding := FakePaddingExtension{GetPaddingLen: boringPaddingStyle} + padding := utlsPaddingExtension{GetPaddingLen: boringPaddingStyle} uconn.Extensions = []TLSExtension{ &grease1, @@ -470,7 +472,7 @@ func (uconn *UConn) parrotRandomizedNoALPN() error { } curves := SupportedCurvesExtension{curveIDs} - padding := FakePaddingExtension{GetPaddingLen: boringPaddingStyle} + padding := utlsPaddingExtension{GetPaddingLen: boringPaddingStyle} reneg := RenegotiationInfoExtension{renegotiation: RenegotiateOnceAsClient} uconn.Extensions = []TLSExtension{ diff --git a/u_public.go b/u_public.go index 66f1293..82c2465 100644 --- a/u_public.go +++ b/u_public.go @@ -67,6 +67,7 @@ type ServerHelloMsg struct { NextProtos []string OcspStapling bool Scts [][]byte + Ems bool TicketSupported bool SecureRenegotiation []byte SecureRenegotiationSupported bool @@ -88,6 +89,7 @@ func (shm *ServerHelloMsg) getPrivatePtr() *serverHelloMsg { nextProtos: shm.NextProtos, ocspStapling: shm.OcspStapling, scts: shm.Scts, + ems: shm.Ems, ticketSupported: shm.TicketSupported, secureRenegotiation: shm.SecureRenegotiation, secureRenegotiationSupported: shm.SecureRenegotiationSupported, @@ -111,6 +113,7 @@ func (shm *serverHelloMsg) getPublicPtr() *ServerHelloMsg { NextProtos: shm.nextProtos, OcspStapling: shm.ocspStapling, Scts: shm.scts, + Ems: shm.ems, TicketSupported: shm.ticketSupported, SecureRenegotiation: shm.secureRenegotiation, SecureRenegotiationSupported: shm.secureRenegotiationSupported, @@ -130,6 +133,7 @@ type ClientHelloMsg struct { ServerName string OcspStapling bool Scts bool + Ems bool SupportedCurves []CurveID SupportedPoints []uint8 TicketSupported bool @@ -155,6 +159,7 @@ func (chm *ClientHelloMsg) getPrivatePtr() *clientHelloMsg { serverName: chm.ServerName, ocspStapling: chm.OcspStapling, scts: chm.Scts, + ems: chm.Ems, supportedCurves: chm.SupportedCurves, supportedPoints: chm.SupportedPoints, ticketSupported: chm.TicketSupported, @@ -182,6 +187,7 @@ func (chm *clientHelloMsg) getPublicPtr() *ClientHelloMsg { ServerName: chm.serverName, OcspStapling: chm.ocspStapling, Scts: chm.scts, + Ems: chm.ems, SupportedCurves: chm.supportedCurves, SupportedPoints: chm.supportedPoints, TicketSupported: chm.ticketSupported, diff --git a/u_tls_extensions.go b/u_tls_extensions.go index a66dc67..3565dff 100644 --- a/u_tls_extensions.go +++ b/u_tls_extensions.go @@ -378,30 +378,41 @@ func (e *FakeChannelIDExtension) Read(b []byte) (int, error) { return e.Len(), io.EOF } -type FakeExtendedMasterSecretExtension struct { +type utlsExtendedMasterSecretExtension struct { } -// TODO: update when Cloudflare upstreams this extension to crypto/tls +// TODO: update when this extension is implemented in crypto/tls // but we probably won't have to enable it in Config -func (e *FakeExtendedMasterSecretExtension) writeToUConn(uc *UConn) error { +func (e *utlsExtendedMasterSecretExtension) writeToUConn(uc *UConn) error { + uc.HandshakeState.Hello.Ems = true return nil } -func (e *FakeExtendedMasterSecretExtension) Len() int { +func (e *utlsExtendedMasterSecretExtension) Len() int { return 4 } -func (e *FakeExtendedMasterSecretExtension) Read(b []byte) (int, error) { +func (e *utlsExtendedMasterSecretExtension) Read(b []byte) (int, error) { if len(b) < e.Len() { return 0, io.ErrShortBuffer } // https://tools.ietf.org/html/rfc7627 - b[0] = byte(fakeExtensionExtendedMasterSecret >> 8) - b[1] = byte(fakeExtensionExtendedMasterSecret) + b[0] = byte(utlsExtensionExtendedMasterSecret >> 8) + b[1] = byte(utlsExtensionExtendedMasterSecret) // The length is 0 return e.Len(), io.EOF } +var extendedMasterSecretLabel = []byte("extended master secret") +// extendedMasterFromPreMasterSecret generates the master secret from the pre-master +// secret and session hash. See https://tools.ietf.org/html/rfc7627#section-4 +func extendedMasterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret []byte, fh finishedHash) []byte { + sessionHash := fh.Sum() + masterSecret := make([]byte, masterSecretLength) + prfForVersion(version, suite)(masterSecret, preMasterSecret, extendedMasterSecretLabel, sessionHash) + return masterSecret +} + // GREASE stinks with dead parrots, have to be super careful, and, if possible, not include GREASE const ( ssl_grease_cipher = iota @@ -453,7 +464,7 @@ func (e *FakeGREASEExtension) Read(b []byte) (int, error) { } // -type FakePaddingExtension struct { +type utlsPaddingExtension struct { PaddingLen int WillPad bool // set to false to disable extension @@ -462,11 +473,11 @@ type FakePaddingExtension struct { GetPaddingLen func(clientHelloUnpaddedLen int) (paddingLen int, willPad bool) } -func (e *FakePaddingExtension) writeToUConn(uc *UConn) error { +func (e *utlsPaddingExtension) writeToUConn(uc *UConn) error { return nil } -func (e *FakePaddingExtension) Len() int { +func (e *utlsPaddingExtension) Len() int { if e.WillPad { return 4 + e.PaddingLen } else { @@ -474,13 +485,13 @@ func (e *FakePaddingExtension) Len() int { } } -func (e *FakePaddingExtension) Update(clientHelloUnpaddedLen int) { +func (e *utlsPaddingExtension) Update(clientHelloUnpaddedLen int) { if e.GetPaddingLen != nil { e.PaddingLen, e.WillPad = e.GetPaddingLen(clientHelloUnpaddedLen) } } -func (e *FakePaddingExtension) Read(b []byte) (int, error) { +func (e *utlsPaddingExtension) Read(b []byte) (int, error) { if !e.WillPad { return 0, io.EOF } @@ -488,8 +499,8 @@ func (e *FakePaddingExtension) Read(b []byte) (int, error) { return 0, io.ErrShortBuffer } // https://tools.ietf.org/html/rfc7627 - b[0] = byte(fakeExtensionPadding >> 8) - b[1] = byte(fakeExtensionPadding) + b[0] = byte(utlsExtensionPadding >> 8) + b[1] = byte(utlsExtensionPadding) b[2] = byte(e.PaddingLen >> 8) b[3] = byte(e.PaddingLen) return e.Len(), io.EOF