mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
65b9e15fc2
Ever since session ticket key rotation was introduced in CL 9072, we've been including a prefix in every ticket to identify what key it's encrypted with. It's a small privacy gain, but the cost of trial decryptions is also small, especially since the first key is probably the most frequently used. Also reissue tickets on every resumption so that the next connection can't be linked to all the previous ones. Again the privacy gain is small but the performance cost is small and it comes with a reduction in complexity. For #60105 Change-Id: I852f297162d2b79a3d9bf61f6171e8ce94b2537a Reviewed-on: https://go-review.googlesource.com/c/go/+/496817 Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> Run-TryBot: Damien Neil <dneil@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
58 lines
4.3 KiB
Text
58 lines
4.3 KiB
Text
>>> Flow 1 (client to server)
|
|
00000000 16 03 01 01 5e 01 00 01 5a 03 03 4a d8 ce b7 81 |....^...Z..J....|
|
|
00000010 81 08 19 ae 15 cd a3 a1 69 cf 91 35 f3 b0 77 91 |........i..5..w.|
|
|
00000020 4c 59 7a 91 52 8b 0e 5a e8 4c bf 20 58 4d cf b1 |LYz.R..Z.L. XM..|
|
|
00000030 9e 71 1d 9e 95 27 83 18 b1 29 13 3b 33 79 c4 3d |.q...'...).;3y.=|
|
|
00000040 6c 96 a4 d5 db f3 08 5c 6d f7 fe 28 00 04 13 01 |l......\m..(....|
|
|
00000050 00 ff 01 00 01 0d 00 0b 00 04 03 00 01 02 00 0a |................|
|
|
00000060 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 23 |...............#|
|
|
00000070 00 00 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c |................|
|
|
00000080 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................|
|
|
00000090 08 04 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 |.............+..|
|
|
000000a0 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 |....-.....3.&.$.|
|
|
000000b0 1d 00 20 b9 4b 27 a1 8c 14 d5 53 0c 0d e4 d5 3f |.. .K'....S....?|
|
|
000000c0 96 d6 fd a2 06 69 57 0f eb c1 f9 fc 7a 36 04 ce |.....iW.....z6..|
|
|
000000d0 f3 7e 29 00 29 00 8c 00 67 00 61 00 00 00 00 00 |.~).)...g.a.....|
|
|
000000e0 00 00 00 00 00 00 00 00 00 00 00 94 68 2c a3 82 |............h,..|
|
|
000000f0 51 ed 14 ef 68 ca 42 c5 5c 0e f0 13 2b 49 4b af |Q...h.B.\...+IK.|
|
|
00000100 0a 68 2a 6d 66 17 44 4e 21 1f 93 74 1c 94 2e 64 |.h*mf.DN!..t...d|
|
|
00000110 97 80 eb 5a e9 00 26 db dd 99 76 3c c3 a2 8a 88 |...Z..&...v<....|
|
|
00000120 24 10 e6 07 1a b5 9e 15 04 26 83 13 ba 92 76 3e |$........&....v>|
|
|
00000130 ef ea 7b 42 ee 47 e8 7a f6 0e 61 db 00 00 00 00 |..{B.G.z..a.....|
|
|
00000140 00 21 20 a3 43 af 6e e8 fc 95 e0 85 23 4d d7 b5 |.! .C.n.....#M..|
|
|
00000150 9f 90 ba f8 73 28 a4 bf 9f b4 23 f2 cb 80 d0 c3 |....s(....#.....|
|
|
00000160 2a 92 a0 |*..|
|
|
>>> Flow 2 (server to client)
|
|
00000000 16 03 03 00 80 02 00 00 7c 03 03 00 00 00 00 00 |........|.......|
|
|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
|
|
00000020 00 00 00 00 00 00 00 00 00 00 00 20 58 4d cf b1 |........... XM..|
|
|
00000030 9e 71 1d 9e 95 27 83 18 b1 29 13 3b 33 79 c4 3d |.q...'...).;3y.=|
|
|
00000040 6c 96 a4 d5 db f3 08 5c 6d f7 fe 28 13 01 00 00 |l......\m..(....|
|
|
00000050 34 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |4.+.....3.$... /|
|
|
00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0|
|
|
00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 00 |.........._X.;t.|
|
|
00000080 29 00 02 00 00 14 03 03 00 01 01 17 03 03 00 17 |)...............|
|
|
00000090 15 eb 8b 3b 3b 11 c3 29 34 e6 de 27 08 a2 7f 1e |...;;..)4..'....|
|
|
000000a0 10 ce 18 67 06 de f0 17 03 03 00 35 b4 48 82 07 |...g.......5.H..|
|
|
000000b0 73 9e 31 b4 c1 a1 c6 f0 30 71 2f 68 42 ff e8 71 |s.1.....0q/hB..q|
|
|
000000c0 6c b8 49 c5 c7 7f e3 8a 4c 22 46 cc 4d b1 a5 db |l.I.....L"F.M...|
|
|
000000d0 0f 8a 98 b2 d0 fc 1f e2 a6 5e fc 53 fe 26 aa 45 |.........^.S.&.E|
|
|
000000e0 a8 17 03 03 00 83 c6 ab 4b b5 81 7e f7 45 02 a5 |........K..~.E..|
|
|
000000f0 01 73 df ff f6 5f 7d fd 7e cf a7 f6 c3 6a 3e 04 |.s..._}.~....j>.|
|
|
00000100 f2 08 e3 c1 52 bf c6 10 ff da 21 a9 31 32 c9 07 |....R.....!.12..|
|
|
00000110 2f 63 d0 89 ef 52 61 c1 7d 47 b7 0c 10 1f 90 fe |/c...Ra.}G......|
|
|
00000120 17 aa 0d f2 2d 34 9b f8 85 a3 ac 78 ee cd ec 7f |....-4.....x....|
|
|
00000130 1e c8 32 be f4 e9 88 0a 7b c1 c6 89 7e 20 56 86 |..2.....{...~ V.|
|
|
00000140 69 e4 1c a3 69 51 a2 53 6e 30 71 9e d8 4b 16 67 |i...iQ.Sn0q..K.g|
|
|
00000150 c6 5c 36 36 83 3e f7 29 58 4d 52 b2 35 18 07 97 |.\66.>.)XMR.5...|
|
|
00000160 0f 64 e3 75 e1 24 9e 8d 68 |.d.u.$..h|
|
|
>>> Flow 3 (client to server)
|
|
00000000 14 03 03 00 01 01 17 03 03 00 35 40 86 84 c9 1e |..........5@....|
|
|
00000010 28 47 1d 59 2a da 37 de 96 ea d6 29 8b 87 49 bf |(G.Y*.7....)..I.|
|
|
00000020 50 01 6e 25 e4 d3 5c e4 d7 a6 cc 66 fe dc aa 20 |P.n%..\....f... |
|
|
00000030 78 b5 57 b9 1c 19 98 f5 30 f8 04 97 31 33 70 cd |x.W.....0...13p.|
|
|
>>> Flow 4 (server to client)
|
|
00000000 17 03 03 00 1e 30 0c 80 74 7d 49 65 a2 ff 26 3a |.....0..t}Ie..&:|
|
|
00000010 3c 6c 97 d1 9d 04 66 e1 7b 70 a1 f2 54 03 a8 1d |<l....f.{p..T...|
|
|
00000020 00 8c c6 17 03 03 00 13 4f 3d b2 42 25 fa ef 85 |........O=.B%...|
|
|
00000030 bb 31 e2 b1 ab e9 d3 38 0e 4f f0 |.1.....8.O.|
|