crypto/tls: add SessionState and use it on the server side

This change by itself is useless, because the application has no way to access or provide SessionStates to crypto/tls, but they will be provided in following CLs. For #60105 Change-Id: I8d5de79b1eda0a778420134cf6f346246a1bb296 Reviewed-on: https://go-review.googlesource.com/c/go/+/496818 Reviewed-by: Marten Seemann <martenseemann@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> Run-TryBot: Filippo Valsorda <filippo@golang.org>
2025-04-04 04:27:36 +03:00 · 2023-05-20 17:49:21 +02:00 · 2023-05-20 17:49:21 +02:00 · b838c1c320
commit b838c1c320
parent 65b9e15fc2
33 changed files with 2250 additions and 2302 deletions
--- a/handshake_server.go
+++ b/handshake_server.go
@ -31,7 +31,7 @@ type serverHandshakeState struct {
 	ecSignOk     bool
 	rsaDecryptOk bool
 	rsaSignOk    bool
-	sessionState *sessionState
+	sessionState *SessionState
 	finishedHash finishedHash
 	masterSecret []byte
 	cert         *Certificate
@ -410,11 +410,11 @@ func (hs *serverHandshakeState) checkForResumption() bool {
 	if plaintext == nil {
 		return false
 	}
-	hs.sessionState = &sessionState{}
-	ok := hs.sessionState.unmarshal(plaintext)
-	if !ok {
+	ss, err := ParseSessionState(plaintext)
+	if err != nil {
 		return false
 	}
+	hs.sessionState = ss

 	// TLS 1.2 tickets don't natively have a lifetime, but we want to avoid
 	// re-wrapping the same master secret in different tickets over and over for
@ -425,7 +425,7 @@ func (hs *serverHandshakeState) checkForResumption() bool {
 	}

 	// Never resume a session for a different TLS version.
-	if c.vers != hs.sessionState.vers {
+	if c.vers != hs.sessionState.version {
 		return false
 	}

@ -448,7 +448,7 @@ func (hs *serverHandshakeState) checkForResumption() bool {
 		return false
 	}

-	sessionHasClientCerts := len(hs.sessionState.certificates) != 0
+	sessionHasClientCerts := len(hs.sessionState.certificate.Certificate) != 0
 	needClientCerts := requiresClientCert(c.config.ClientAuth)
 	if needClientCerts && !sessionHasClientCerts {
 		return false
@ -481,9 +481,7 @@ func (hs *serverHandshakeState) doResumeHandshake() error {
 		return err
 	}

-	if err := c.processCertsFromClient(Certificate{
-		Certificate: hs.sessionState.certificates,
-	}); err != nil {
+	if err := c.processCertsFromClient(hs.sessionState.certificate); err != nil {
 		return err
 	}

@ -494,7 +492,7 @@ func (hs *serverHandshakeState) doResumeHandshake() error {
 		}
 	}

-	hs.masterSecret = hs.sessionState.masterSecret
+	hs.masterSecret = hs.sessionState.secret

 	return nil
 }
@ -772,14 +770,18 @@ func (hs *serverHandshakeState) sendSessionTicket() error {
 	for _, cert := range c.peerCertificates {
 		certsFromClient = append(certsFromClient, cert.Raw)
 	}
-	state := sessionState{
-		vers:         c.vers,
-		cipherSuite:  hs.suite.id,
-		createdAt:    createdAt,
-		masterSecret: hs.masterSecret,
-		certificates: certsFromClient,
+	state := SessionState{
+		version:     c.vers,
+		cipherSuite: hs.suite.id,
+		createdAt:   createdAt,
+		secret:      hs.masterSecret,
+		certificate: Certificate{
+			Certificate:                 certsFromClient,
+			OCSPStaple:                  c.ocspResponse,
+			SignedCertificateTimestamps: c.scts,
+		},
 	}
-	stateBytes, err := state.marshal()
+	stateBytes, err := state.Bytes()
 	if err != nil {
 		return err
 	}