-
Notifications
You must be signed in to change notification settings - Fork 9
/
earlyccs_tls.patch
112 lines (105 loc) · 3.26 KB
/
earlyccs_tls.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
diff -r 9fd0fe734a42 src/pkg/crypto/tls/common.go
--- a/src/pkg/crypto/tls/common.go Mon May 05 11:34:03 2014 -0700
+++ b/src/pkg/crypto/tls/common.go Wed Jun 04 12:15:22 2014 -0700
@@ -302,6 +302,8 @@
CurvePreferences []CurveID
serverInitOnce sync.Once // guards calling (*Config).serverInit
+
+ EarlyCCS int
}
func (c *Config) serverInit() {
diff -r 9fd0fe734a42 src/pkg/crypto/tls/conn.go
--- a/src/pkg/crypto/tls/conn.go Mon May 05 11:34:03 2014 -0700
+++ b/src/pkg/crypto/tls/conn.go Wed Jun 04 12:15:22 2014 -0700
@@ -132,7 +132,7 @@
// to the ones previously passed to prepareCipherSpec.
func (hc *halfConn) changeCipherSpec() error {
if hc.nextCipher == nil {
- return alertInternalError
+ return nil
}
hc.cipher = hc.nextCipher
hc.mac = hc.nextMac
diff -r 9fd0fe734a42 src/pkg/crypto/tls/handshake_client.go
--- a/src/pkg/crypto/tls/handshake_client.go Mon May 05 11:34:03 2014 -0700
+++ b/src/pkg/crypto/tls/handshake_client.go Wed Jun 04 12:15:22 2014 -0700
@@ -8,7 +8,7 @@
"bytes"
"crypto/ecdsa"
"crypto/rsa"
- "crypto/subtle"
+ //"crypto/subtle"
"crypto/x509"
"encoding/asn1"
"errors"
@@ -162,6 +162,11 @@
hs.finishedHash.Write(hs.hello.marshal())
hs.finishedHash.Write(hs.serverHello.marshal())
+ if c.config.EarlyCCS > 0 {
+ hs.establishKeys()
+ c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ }
+
isResume, err := hs.processServerHello()
if err != nil {
return err
@@ -184,8 +189,10 @@
if err := hs.doFullHandshake(); err != nil {
return err
}
- if err := hs.establishKeys(); err != nil {
- return err
+ if c.config.EarlyCCS == 0 {
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
}
if err := hs.sendFinished(); err != nil {
return err
@@ -405,7 +412,9 @@
return err
}
if ckx != nil {
- hs.finishedHash.Write(ckx.marshal())
+ if c.config.EarlyCCS < 2 {
+ hs.finishedHash.Write(ckx.marshal())
+ }
c.writeRecord(recordTypeHandshake, ckx.marshal())
}
@@ -515,12 +524,12 @@
return unexpectedMessageError(serverFinished, msg)
}
- verify := hs.finishedHash.serverSum(hs.masterSecret)
- if len(verify) != len(serverFinished.verifyData) ||
+ //verify := hs.finishedHash.serverSum(hs.masterSecret)
+ /*if len(verify) != len(serverFinished.verifyData) ||
subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 {
c.sendAlert(alertHandshakeFailure)
return errors.New("tls: server's Finished message was incorrect")
- }
+ }*/
hs.finishedHash.Write(serverFinished.marshal())
return nil
}
@@ -556,7 +565,9 @@
func (hs *clientHandshakeState) sendFinished() error {
c := hs.c
- c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ if c.config.EarlyCCS == 0 {
+ c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ }
if hs.serverHello.nextProtoNeg {
nextProto := new(nextProtoMsg)
proto, fallback := mutualProtocol(c.config.NextProtos, hs.serverHello.nextProtos)
@@ -569,7 +580,11 @@
}
finished := new(finishedMsg)
- finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret)
+ if c.config.EarlyCCS == 2 {
+ finished.verifyData = hs.finishedHash.clientSum(nil)
+ } else {
+ finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret)
+ }
hs.finishedHash.Write(finished.marshal())
c.writeRecord(recordTypeHandshake, finished.marshal())
return nil