Add UpdateOnHRR to allow PSK to recalculate its state using previously transcribed Client Hello's hash and client handshake state.
Signed-off-by: Gaukas Wang <i@gaukas.wang>
* Lock sessionController only on last call to BuildHandshakeState
* Add public getter/setter for SessionState.extMasterSecret
* Fix breaking exported MakeClientSessionState
* Revert `(*UConn).BuildHandshakeState` to lock session controller
This partially reverts ebe5d664d2
and introduces BuildHandshakeStateWithoutSession.
* fix: Marshal the Client Hello after loading session
---------
Signed-off-by: Gaukas Wang <i@gaukas.wang>
* fix: UConn Read does not trigger correct Handshake
Copy `(*Conn).Read` to `(*UConn).Read` and force it use `(*UConn).Handshake`.
Same for `handleRenegotiation` and `handlePostHandshakeMessage`.
Signed-off-by: Gaukas Wang <i@gaukas.wang>
* update: use VerifyData in RenegotiationInfoExt
This make sure the renegotiation would work in certain scenarios instead of no scenarios.
Signed-off-by: Gaukas Wang <i@gaukas.wang>
---------
Signed-off-by: Gaukas Wang <i@gaukas.wang>
* build(deps): bump github.com/quic-go/quic-go from 0.40.1 to 0.42.0
Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) from 0.40.1 to 0.42.0.
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.40.1...v0.42.0)
---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* update: remove dependency of quic-go
We now vendor the quicvarint submodule from quic-go for a minimal dependency tree.
This also updates the minimal Go version requirement to Go 1.21, given uTLS promised to support 2 most recent minor versions of Go.
Signed-off-by: Gaukas Wang <i@gaukas.wang>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Gaukas Wang <i@gaukas.wang>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Gaukas Wang <i@gaukas.wang>
The following weak ciphers are from now on deprecated:
- TLS_RSA_WITH_AES_128_CBC_SHA
- TLS_RSA_WITH_AES_256_CBC_SHA
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384
Signed-off-by: Gaukas Wang <i@gaukas.wang>
* dicttls: update ECH-related entries
* wip: GREASE ECH extension
* new: GREASE ECH extension
* fix: GREASE ECH Read must succeed with io.EOF
* new: GREASE ECH multiple payload len
* new: parse ECH in EncryptedExtensions
* fix: ECHConfig Length always 0
* new: GREASE ECH parrots
* new: (*Config).ECHConfigs
Add (*Config).ECHConfigs for future full ECH extension.
* new: add GREASE ECH example
Add an incomplete example of using GREASE ECH extension (Chrome 120 parrot).
* fix: invalid httpGetOverConn call
fix a problem in old example where httpGetOverConn was called with uTlsConn.HandshakeState.ServerHello.AlpnProtocol, which will not be populated in case TLS 1.3 is used.
* new: possible InnerClientHello length
* Add a function `AlwaysPadToLen` to generate padding styles according to the raw clienthello.
* Add an extra step in `FromRaw` after parsing the extension list to update the padding style.
[release-branch.go1.21] crypto/tls: QUIC: fix panics when processing post-handshake messages
The check for fragmentary post-handshake messages in QUICConn.HandleData
was reversed, resulting in a potential panic when HandleData receives
a partial message.
In addition, HandleData wasn't checking the size of buffered
post-handshake messages. Produce an error when a post-handshake
message is larger than maxHandshake.
TestQUICConnectionState was using an onHandleCryptoData hook
in runTestQUICConnection that was never being called.
(I think it was inadvertently removed at some point while
the CL was in review.) Fix this test while making the hook
more general.
For #62266Fixes#62290
Change-Id: I210b70634e50beb456ab3977eb11272b8724c241
Reviewed-on: https://go-review.googlesource.com/c/go/+/522595
Run-TryBot: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Marten Seemann <martenseemann@gmail.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
(cherry picked from commit e92c0f8)
Reviewed-on: https://go-review.googlesource.com/c/go/+/523039
Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Co-authored-by: Damien Neil <52544+neild@users.noreply.github.com>
Co-authored-by: GopherBot <8566911+gopherbot@users.noreply.github.com>
We should call Value as late as possible to allow programs to set
GODEBUG with os.Setenv, and IncNonDefault only when (and every time) the
GODEBUG has an effect on a connection (that we'd have regularly
rejected).
Change-Id: If7a1446de407db7ca2d904d41dda13558b684dda
Reviewed-on: https://go-review.googlesource.com/c/go/+/544335
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
According to RFC 9001 Section 4.2, the client MUST NOT offer any TLS version
older than 1.3.
Fixes#63723.
Change-Id: Ia92f98274ca784e2bc151faf236380af51f699c1
Reviewed-on: https://go-review.googlesource.com/c/go/+/537576
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
Removes the RSA KEX based ciphers from the default list. This can be
reverted using the tlsrsakex GODEBUG.
Fixes#63413
Change-Id: Id221be3eb2f6c24b91039d380313f0c87d339f98
Reviewed-on: https://go-review.googlesource.com/c/go/+/541517
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
Updates the default from 1.0 -> 1.2 for servers, bringing it in line
with clients. Add a GODEBUG setting, tls10server, which lets users
revert this change.
Fixes#62459
Change-Id: I2b82f85b1c2d527df1f9afefae4ab30a8f0ceb41
Reviewed-on: https://go-review.googlesource.com/c/go/+/541516
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
Change-Id: Ifc669399dde7d6229c6ccdbe29611ed1f8698fb1
Reviewed-on: https://go-review.googlesource.com/c/go/+/534778
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: shuang cui <imcusg@gmail.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Ian Lance Taylor <iant@google.com>
* ci: use latest Go 1.21 build
Use `1.21.x` instead of `1.21.0` to automatically select the latest.
* fix: remove unused fipsonly package
Remove an unused package that was unintendedly introduced as a conditional dependency of upstream
* update: use boring package not global var
Align with the upstream to use `boring` as a name for a package. No functional changes.
* new: name aliasing
Create u_alias.go to hold any alias names created by version upgrades or other necessary changes (e.g., upstream breaking change) to prevent further breaking the API.
When running crypto/tls tests with GOEXPERIMENT=boringcrypto, some
tests are embedded with unreadable hexadecimal values:
=== RUN TestBoringServerSignatureAndHash/5053...3536
This corresponds to a string representation of SignatureScheme as it
implements fmt.Stringer. With this change, the above will be printed
as:
=== RUN TestBoringServerSignatureAndHash/PSSWithSHA256
Change-Id: I953c0bb35c68e77a7f01e7f1fceda203c272faf7
GitHub-Last-Rev: 19700d53a8578d335dc803ac94cc7c6c72e9920a
GitHub-Pull-Request: golang/go#63175
Reviewed-on: https://go-review.googlesource.com/c/go/+/530715
Reviewed-by: Heschi Kreinick <heschi@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Than McIntosh <thanm@google.com>
Change-Id: I8787458f9ccd3b5cdcdda820d8a45deb4f77eade
GitHub-Last-Rev: be865d67ef68815b8c1c2a9ad222fff594620e66
GitHub-Pull-Request: golang/go#63165
Reviewed-on: https://go-review.googlesource.com/c/go/+/530120
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Than McIntosh <thanm@google.com>
