Source file src/pkg/crypto/tls/handshake_messages.go
1 // Copyright 2009 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package tls 6 7 import "bytes" 8 9 type clientHelloMsg struct { 10 raw []byte 11 vers uint16 12 random []byte 13 sessionId []byte 14 cipherSuites []uint16 15 compressionMethods []uint8 16 nextProtoNeg bool 17 serverName string 18 ocspStapling bool 19 supportedCurves []uint16 20 supportedPoints []uint8 21 } 22 23 func (m *clientHelloMsg) equal(i interface{}) bool { 24 m1, ok := i.(*clientHelloMsg) 25 if !ok { 26 return false 27 } 28 29 return bytes.Equal(m.raw, m1.raw) && 30 m.vers == m1.vers && 31 bytes.Equal(m.random, m1.random) && 32 bytes.Equal(m.sessionId, m1.sessionId) && 33 eqUint16s(m.cipherSuites, m1.cipherSuites) && 34 bytes.Equal(m.compressionMethods, m1.compressionMethods) && 35 m.nextProtoNeg == m1.nextProtoNeg && 36 m.serverName == m1.serverName && 37 m.ocspStapling == m1.ocspStapling && 38 eqUint16s(m.supportedCurves, m1.supportedCurves) && 39 bytes.Equal(m.supportedPoints, m1.supportedPoints) 40 } 41 42 func (m *clientHelloMsg) marshal() []byte { 43 if m.raw != nil { 44 return m.raw 45 } 46 47 length := 2 + 32 + 1 + len(m.sessionId) + 2 + len(m.cipherSuites)*2 + 1 + len(m.compressionMethods) 48 numExtensions := 0 49 extensionsLength := 0 50 if m.nextProtoNeg { 51 numExtensions++ 52 } 53 if m.ocspStapling { 54 extensionsLength += 1 + 2 + 2 55 numExtensions++ 56 } 57 if len(m.serverName) > 0 { 58 extensionsLength += 5 + len(m.serverName) 59 numExtensions++ 60 } 61 if len(m.supportedCurves) > 0 { 62 extensionsLength += 2 + 2*len(m.supportedCurves) 63 numExtensions++ 64 } 65 if len(m.supportedPoints) > 0 { 66 extensionsLength += 1 + len(m.supportedPoints) 67 numExtensions++ 68 } 69 if numExtensions > 0 { 70 extensionsLength += 4 * numExtensions 71 length += 2 + extensionsLength 72 } 73 74 x := make([]byte, 4+length) 75 x[0] = typeClientHello 76 x[1] = uint8(length >> 16) 77 x[2] = uint8(length >> 8) 78 x[3] = uint8(length) 79 x[4] = uint8(m.vers >> 8) 80 x[5] = uint8(m.vers) 81 copy(x[6:38], m.random) 82 x[38] = uint8(len(m.sessionId)) 83 copy(x[39:39+len(m.sessionId)], m.sessionId) 84 y := x[39+len(m.sessionId):] 85 y[0] = uint8(len(m.cipherSuites) >> 7) 86 y[1] = uint8(len(m.cipherSuites) << 1) 87 for i, suite := range m.cipherSuites { 88 y[2+i*2] = uint8(suite >> 8) 89 y[3+i*2] = uint8(suite) 90 } 91 z := y[2+len(m.cipherSuites)*2:] 92 z[0] = uint8(len(m.compressionMethods)) 93 copy(z[1:], m.compressionMethods) 94 95 z = z[1+len(m.compressionMethods):] 96 if numExtensions > 0 { 97 z[0] = byte(extensionsLength >> 8) 98 z[1] = byte(extensionsLength) 99 z = z[2:] 100 } 101 if m.nextProtoNeg { 102 z[0] = byte(extensionNextProtoNeg >> 8) 103 z[1] = byte(extensionNextProtoNeg) 104 // The length is always 0 105 z = z[4:] 106 } 107 if len(m.serverName) > 0 { 108 z[0] = byte(extensionServerName >> 8) 109 z[1] = byte(extensionServerName) 110 l := len(m.serverName) + 5 111 z[2] = byte(l >> 8) 112 z[3] = byte(l) 113 z = z[4:] 114 115 // RFC 3546, section 3.1 116 // 117 // struct { 118 // NameType name_type; 119 // select (name_type) { 120 // case host_name: HostName; 121 // } name; 122 // } ServerName; 123 // 124 // enum { 125 // host_name(0), (255) 126 // } NameType; 127 // 128 // opaque HostName<1..2^16-1>; 129 // 130 // struct { 131 // ServerName server_name_list<1..2^16-1> 132 // } ServerNameList; 133 134 z[0] = byte((len(m.serverName) + 3) >> 8) 135 z[1] = byte(len(m.serverName) + 3) 136 z[3] = byte(len(m.serverName) >> 8) 137 z[4] = byte(len(m.serverName)) 138 copy(z[5:], []byte(m.serverName)) 139 z = z[l:] 140 } 141 if m.ocspStapling { 142 // RFC 4366, section 3.6 143 z[0] = byte(extensionStatusRequest >> 8) 144 z[1] = byte(extensionStatusRequest) 145 z[2] = 0 146 z[3] = 5 147 z[4] = 1 // OCSP type 148 // Two zero valued uint16s for the two lengths. 149 z = z[9:] 150 } 151 if len(m.supportedCurves) > 0 { 152 // http://tools.ietf.org/html/rfc4492#section-5.5.1 153 z[0] = byte(extensionSupportedCurves >> 8) 154 z[1] = byte(extensionSupportedCurves) 155 l := 2 + 2*len(m.supportedCurves) 156 z[2] = byte(l >> 8) 157 z[3] = byte(l) 158 l -= 2 159 z[4] = byte(l >> 8) 160 z[5] = byte(l) 161 z = z[6:] 162 for _, curve := range m.supportedCurves { 163 z[0] = byte(curve >> 8) 164 z[1] = byte(curve) 165 z = z[2:] 166 } 167 } 168 if len(m.supportedPoints) > 0 { 169 // http://tools.ietf.org/html/rfc4492#section-5.5.2 170 z[0] = byte(extensionSupportedPoints >> 8) 171 z[1] = byte(extensionSupportedPoints) 172 l := 1 + len(m.supportedPoints) 173 z[2] = byte(l >> 8) 174 z[3] = byte(l) 175 l-- 176 z[4] = byte(l) 177 z = z[5:] 178 for _, pointFormat := range m.supportedPoints { 179 z[0] = byte(pointFormat) 180 z = z[1:] 181 } 182 } 183 184 m.raw = x 185 186 return x 187 } 188 189 func (m *clientHelloMsg) unmarshal(data []byte) bool { 190 if len(data) < 42 { 191 return false 192 } 193 m.raw = data 194 m.vers = uint16(data[4])<<8 | uint16(data[5]) 195 m.random = data[6:38] 196 sessionIdLen := int(data[38]) 197 if sessionIdLen > 32 || len(data) < 39+sessionIdLen { 198 return false 199 } 200 m.sessionId = data[39 : 39+sessionIdLen] 201 data = data[39+sessionIdLen:] 202 if len(data) < 2 { 203 return false 204 } 205 // cipherSuiteLen is the number of bytes of cipher suite numbers. Since 206 // they are uint16s, the number must be even. 207 cipherSuiteLen := int(data[0])<<8 | int(data[1]) 208 if cipherSuiteLen%2 == 1 || len(data) < 2+cipherSuiteLen { 209 return false 210 } 211 numCipherSuites := cipherSuiteLen / 2 212 m.cipherSuites = make([]uint16, numCipherSuites) 213 for i := 0; i < numCipherSuites; i++ { 214 m.cipherSuites[i] = uint16(data[2+2*i])<<8 | uint16(data[3+2*i]) 215 } 216 data = data[2+cipherSuiteLen:] 217 if len(data) < 1 { 218 return false 219 } 220 compressionMethodsLen := int(data[0]) 221 if len(data) < 1+compressionMethodsLen { 222 return false 223 } 224 m.compressionMethods = data[1 : 1+compressionMethodsLen] 225 226 data = data[1+compressionMethodsLen:] 227 228 m.nextProtoNeg = false 229 m.serverName = "" 230 m.ocspStapling = false 231 232 if len(data) == 0 { 233 // ClientHello is optionally followed by extension data 234 return true 235 } 236 if len(data) < 2 { 237 return false 238 } 239 240 extensionsLength := int(data[0])<<8 | int(data[1]) 241 data = data[2:] 242 if extensionsLength != len(data) { 243 return false 244 } 245 246 for len(data) != 0 { 247 if len(data) < 4 { 248 return false 249 } 250 extension := uint16(data[0])<<8 | uint16(data[1]) 251 length := int(data[2])<<8 | int(data[3]) 252 data = data[4:] 253 if len(data) < length { 254 return false 255 } 256 257 switch extension { 258 case extensionServerName: 259 if length < 2 { 260 return false 261 } 262 numNames := int(data[0])<<8 | int(data[1]) 263 d := data[2:] 264 for i := 0; i < numNames; i++ { 265 if len(d) < 3 { 266 return false 267 } 268 nameType := d[0] 269 nameLen := int(d[1])<<8 | int(d[2]) 270 d = d[3:] 271 if len(d) < nameLen { 272 return false 273 } 274 if nameType == 0 { 275 m.serverName = string(d[0:nameLen]) 276 break 277 } 278 d = d[nameLen:] 279 } 280 case extensionNextProtoNeg: 281 if length > 0 { 282 return false 283 } 284 m.nextProtoNeg = true 285 case extensionStatusRequest: 286 m.ocspStapling = length > 0 && data[0] == statusTypeOCSP 287 case extensionSupportedCurves: 288 // http://tools.ietf.org/html/rfc4492#section-5.5.1 289 if length < 2 { 290 return false 291 } 292 l := int(data[0])<<8 | int(data[1]) 293 if l%2 == 1 || length != l+2 { 294 return false 295 } 296 numCurves := l / 2 297 m.supportedCurves = make([]uint16, numCurves) 298 d := data[2:] 299 for i := 0; i < numCurves; i++ { 300 m.supportedCurves[i] = uint16(d[0])<<8 | uint16(d[1]) 301 d = d[2:] 302 } 303 case extensionSupportedPoints: 304 // http://tools.ietf.org/html/rfc4492#section-5.5.2 305 if length < 1 { 306 return false 307 } 308 l := int(data[0]) 309 if length != l+1 { 310 return false 311 } 312 m.supportedPoints = make([]uint8, l) 313 copy(m.supportedPoints, data[1:]) 314 } 315 data = data[length:] 316 } 317 318 return true 319 } 320 321 type serverHelloMsg struct { 322 raw []byte 323 vers uint16 324 random []byte 325 sessionId []byte 326 cipherSuite uint16 327 compressionMethod uint8 328 nextProtoNeg bool 329 nextProtos []string 330 ocspStapling bool 331 } 332 333 func (m *serverHelloMsg) equal(i interface{}) bool { 334 m1, ok := i.(*serverHelloMsg) 335 if !ok { 336 return false 337 } 338 339 return bytes.Equal(m.raw, m1.raw) && 340 m.vers == m1.vers && 341 bytes.Equal(m.random, m1.random) && 342 bytes.Equal(m.sessionId, m1.sessionId) && 343 m.cipherSuite == m1.cipherSuite && 344 m.compressionMethod == m1.compressionMethod && 345 m.nextProtoNeg == m1.nextProtoNeg && 346 eqStrings(m.nextProtos, m1.nextProtos) && 347 m.ocspStapling == m1.ocspStapling 348 } 349 350 func (m *serverHelloMsg) marshal() []byte { 351 if m.raw != nil { 352 return m.raw 353 } 354 355 length := 38 + len(m.sessionId) 356 numExtensions := 0 357 extensionsLength := 0 358 359 nextProtoLen := 0 360 if m.nextProtoNeg { 361 numExtensions++ 362 for _, v := range m.nextProtos { 363 nextProtoLen += len(v) 364 } 365 nextProtoLen += len(m.nextProtos) 366 extensionsLength += nextProtoLen 367 } 368 if m.ocspStapling { 369 numExtensions++ 370 } 371 if numExtensions > 0 { 372 extensionsLength += 4 * numExtensions 373 length += 2 + extensionsLength 374 } 375 376 x := make([]byte, 4+length) 377 x[0] = typeServerHello 378 x[1] = uint8(length >> 16) 379 x[2] = uint8(length >> 8) 380 x[3] = uint8(length) 381 x[4] = uint8(m.vers >> 8) 382 x[5] = uint8(m.vers) 383 copy(x[6:38], m.random) 384 x[38] = uint8(len(m.sessionId)) 385 copy(x[39:39+len(m.sessionId)], m.sessionId) 386 z := x[39+len(m.sessionId):] 387 z[0] = uint8(m.cipherSuite >> 8) 388 z[1] = uint8(m.cipherSuite) 389 z[2] = uint8(m.compressionMethod) 390 391 z = z[3:] 392 if numExtensions > 0 { 393 z[0] = byte(extensionsLength >> 8) 394 z[1] = byte(extensionsLength) 395 z = z[2:] 396 } 397 if m.nextProtoNeg { 398 z[0] = byte(extensionNextProtoNeg >> 8) 399 z[1] = byte(extensionNextProtoNeg) 400 z[2] = byte(nextProtoLen >> 8) 401 z[3] = byte(nextProtoLen) 402 z = z[4:] 403 404 for _, v := range m.nextProtos { 405 l := len(v) 406 if l > 255 { 407 l = 255 408 } 409 z[0] = byte(l) 410 copy(z[1:], []byte(v[0:l])) 411 z = z[1+l:] 412 } 413 } 414 if m.ocspStapling { 415 z[0] = byte(extensionStatusRequest >> 8) 416 z[1] = byte(extensionStatusRequest) 417 z = z[4:] 418 } 419 420 m.raw = x 421 422 return x 423 } 424 425 func (m *serverHelloMsg) unmarshal(data []byte) bool { 426 if len(data) < 42 { 427 return false 428 } 429 m.raw = data 430 m.vers = uint16(data[4])<<8 | uint16(data[5]) 431 m.random = data[6:38] 432 sessionIdLen := int(data[38]) 433 if sessionIdLen > 32 || len(data) < 39+sessionIdLen { 434 return false 435 } 436 m.sessionId = data[39 : 39+sessionIdLen] 437 data = data[39+sessionIdLen:] 438 if len(data) < 3 { 439 return false 440 } 441 m.cipherSuite = uint16(data[0])<<8 | uint16(data[1]) 442 m.compressionMethod = data[2] 443 data = data[3:] 444 445 m.nextProtoNeg = false 446 m.nextProtos = nil 447 m.ocspStapling = false 448 449 if len(data) == 0 { 450 // ServerHello is optionally followed by extension data 451 return true 452 } 453 if len(data) < 2 { 454 return false 455 } 456 457 extensionsLength := int(data[0])<<8 | int(data[1]) 458 data = data[2:] 459 if len(data) != extensionsLength { 460 return false 461 } 462 463 for len(data) != 0 { 464 if len(data) < 4 { 465 return false 466 } 467 extension := uint16(data[0])<<8 | uint16(data[1]) 468 length := int(data[2])<<8 | int(data[3]) 469 data = data[4:] 470 if len(data) < length { 471 return false 472 } 473 474 switch extension { 475 case extensionNextProtoNeg: 476 m.nextProtoNeg = true 477 d := data 478 for len(d) > 0 { 479 l := int(d[0]) 480 d = d[1:] 481 if l == 0 || l > len(d) { 482 return false 483 } 484 m.nextProtos = append(m.nextProtos, string(d[0:l])) 485 d = d[l:] 486 } 487 case extensionStatusRequest: 488 if length > 0 { 489 return false 490 } 491 m.ocspStapling = true 492 } 493 data = data[length:] 494 } 495 496 return true 497 } 498 499 type certificateMsg struct { 500 raw []byte 501 certificates [][]byte 502 } 503 504 func (m *certificateMsg) equal(i interface{}) bool { 505 m1, ok := i.(*certificateMsg) 506 if !ok { 507 return false 508 } 509 510 return bytes.Equal(m.raw, m1.raw) && 511 eqByteSlices(m.certificates, m1.certificates) 512 } 513 514 func (m *certificateMsg) marshal() (x []byte) { 515 if m.raw != nil { 516 return m.raw 517 } 518 519 var i int 520 for _, slice := range m.certificates { 521 i += len(slice) 522 } 523 524 length := 3 + 3*len(m.certificates) + i 525 x = make([]byte, 4+length) 526 x[0] = typeCertificate 527 x[1] = uint8(length >> 16) 528 x[2] = uint8(length >> 8) 529 x[3] = uint8(length) 530 531 certificateOctets := length - 3 532 x[4] = uint8(certificateOctets >> 16) 533 x[5] = uint8(certificateOctets >> 8) 534 x[6] = uint8(certificateOctets) 535 536 y := x[7:] 537 for _, slice := range m.certificates { 538 y[0] = uint8(len(slice) >> 16) 539 y[1] = uint8(len(slice) >> 8) 540 y[2] = uint8(len(slice)) 541 copy(y[3:], slice) 542 y = y[3+len(slice):] 543 } 544 545 m.raw = x 546 return 547 } 548 549 func (m *certificateMsg) unmarshal(data []byte) bool { 550 if len(data) < 7 { 551 return false 552 } 553 554 m.raw = data 555 certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6]) 556 if uint32(len(data)) != certsLen+7 { 557 return false 558 } 559 560 numCerts := 0 561 d := data[7:] 562 for certsLen > 0 { 563 if len(d) < 4 { 564 return false 565 } 566 certLen := uint32(d[0])<<24 | uint32(d[1])<<8 | uint32(d[2]) 567 if uint32(len(d)) < 3+certLen { 568 return false 569 } 570 d = d[3+certLen:] 571 certsLen -= 3 + certLen 572 numCerts++ 573 } 574 575 m.certificates = make([][]byte, numCerts) 576 d = data[7:] 577 for i := 0; i < numCerts; i++ { 578 certLen := uint32(d[0])<<24 | uint32(d[1])<<8 | uint32(d[2]) 579 m.certificates[i] = d[3 : 3+certLen] 580 d = d[3+certLen:] 581 } 582 583 return true 584 } 585 586 type serverKeyExchangeMsg struct { 587 raw []byte 588 key []byte 589 } 590 591 func (m *serverKeyExchangeMsg) equal(i interface{}) bool { 592 m1, ok := i.(*serverKeyExchangeMsg) 593 if !ok { 594 return false 595 } 596 597 return bytes.Equal(m.raw, m1.raw) && 598 bytes.Equal(m.key, m1.key) 599 } 600 601 func (m *serverKeyExchangeMsg) marshal() []byte { 602 if m.raw != nil { 603 return m.raw 604 } 605 length := len(m.key) 606 x := make([]byte, length+4) 607 x[0] = typeServerKeyExchange 608 x[1] = uint8(length >> 16) 609 x[2] = uint8(length >> 8) 610 x[3] = uint8(length) 611 copy(x[4:], m.key) 612 613 m.raw = x 614 return x 615 } 616 617 func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool { 618 m.raw = data 619 if len(data) < 4 { 620 return false 621 } 622 m.key = data[4:] 623 return true 624 } 625 626 type certificateStatusMsg struct { 627 raw []byte 628 statusType uint8 629 response []byte 630 } 631 632 func (m *certificateStatusMsg) equal(i interface{}) bool { 633 m1, ok := i.(*certificateStatusMsg) 634 if !ok { 635 return false 636 } 637 638 return bytes.Equal(m.raw, m1.raw) && 639 m.statusType == m1.statusType && 640 bytes.Equal(m.response, m1.response) 641 } 642 643 func (m *certificateStatusMsg) marshal() []byte { 644 if m.raw != nil { 645 return m.raw 646 } 647 648 var x []byte 649 if m.statusType == statusTypeOCSP { 650 x = make([]byte, 4+4+len(m.response)) 651 x[0] = typeCertificateStatus 652 l := len(m.response) + 4 653 x[1] = byte(l >> 16) 654 x[2] = byte(l >> 8) 655 x[3] = byte(l) 656 x[4] = statusTypeOCSP 657 658 l -= 4 659 x[5] = byte(l >> 16) 660 x[6] = byte(l >> 8) 661 x[7] = byte(l) 662 copy(x[8:], m.response) 663 } else { 664 x = []byte{typeCertificateStatus, 0, 0, 1, m.statusType} 665 } 666 667 m.raw = x 668 return x 669 } 670 671 func (m *certificateStatusMsg) unmarshal(data []byte) bool { 672 m.raw = data 673 if len(data) < 5 { 674 return false 675 } 676 m.statusType = data[4] 677 678 m.response = nil 679 if m.statusType == statusTypeOCSP { 680 if len(data) < 8 { 681 return false 682 } 683 respLen := uint32(data[5])<<16 | uint32(data[6])<<8 | uint32(data[7]) 684 if uint32(len(data)) != 4+4+respLen { 685 return false 686 } 687 m.response = data[8:] 688 } 689 return true 690 } 691 692 type serverHelloDoneMsg struct{} 693 694 func (m *serverHelloDoneMsg) equal(i interface{}) bool { 695 _, ok := i.(*serverHelloDoneMsg) 696 return ok 697 } 698 699 func (m *serverHelloDoneMsg) marshal() []byte { 700 x := make([]byte, 4) 701 x[0] = typeServerHelloDone 702 return x 703 } 704 705 func (m *serverHelloDoneMsg) unmarshal(data []byte) bool { 706 return len(data) == 4 707 } 708 709 type clientKeyExchangeMsg struct { 710 raw []byte 711 ciphertext []byte 712 } 713 714 func (m *clientKeyExchangeMsg) equal(i interface{}) bool { 715 m1, ok := i.(*clientKeyExchangeMsg) 716 if !ok { 717 return false 718 } 719 720 return bytes.Equal(m.raw, m1.raw) && 721 bytes.Equal(m.ciphertext, m1.ciphertext) 722 } 723 724 func (m *clientKeyExchangeMsg) marshal() []byte { 725 if m.raw != nil { 726 return m.raw 727 } 728 length := len(m.ciphertext) 729 x := make([]byte, length+4) 730 x[0] = typeClientKeyExchange 731 x[1] = uint8(length >> 16) 732 x[2] = uint8(length >> 8) 733 x[3] = uint8(length) 734 copy(x[4:], m.ciphertext) 735 736 m.raw = x 737 return x 738 } 739 740 func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool { 741 m.raw = data 742 if len(data) < 4 { 743 return false 744 } 745 l := int(data[1])<<16 | int(data[2])<<8 | int(data[3]) 746 if l != len(data)-4 { 747 return false 748 } 749 m.ciphertext = data[4:] 750 return true 751 } 752 753 type finishedMsg struct { 754 raw []byte 755 verifyData []byte 756 } 757 758 func (m *finishedMsg) equal(i interface{}) bool { 759 m1, ok := i.(*finishedMsg) 760 if !ok { 761 return false 762 } 763 764 return bytes.Equal(m.raw, m1.raw) && 765 bytes.Equal(m.verifyData, m1.verifyData) 766 } 767 768 func (m *finishedMsg) marshal() (x []byte) { 769 if m.raw != nil { 770 return m.raw 771 } 772 773 x = make([]byte, 4+len(m.verifyData)) 774 x[0] = typeFinished 775 x[3] = byte(len(m.verifyData)) 776 copy(x[4:], m.verifyData) 777 m.raw = x 778 return 779 } 780 781 func (m *finishedMsg) unmarshal(data []byte) bool { 782 m.raw = data 783 if len(data) < 4 { 784 return false 785 } 786 m.verifyData = data[4:] 787 return true 788 } 789 790 type nextProtoMsg struct { 791 raw []byte 792 proto string 793 } 794 795 func (m *nextProtoMsg) equal(i interface{}) bool { 796 m1, ok := i.(*nextProtoMsg) 797 if !ok { 798 return false 799 } 800 801 return bytes.Equal(m.raw, m1.raw) && 802 m.proto == m1.proto 803 } 804 805 func (m *nextProtoMsg) marshal() []byte { 806 if m.raw != nil { 807 return m.raw 808 } 809 l := len(m.proto) 810 if l > 255 { 811 l = 255 812 } 813 814 padding := 32 - (l+2)%32 815 length := l + padding + 2 816 x := make([]byte, length+4) 817 x[0] = typeNextProtocol 818 x[1] = uint8(length >> 16) 819 x[2] = uint8(length >> 8) 820 x[3] = uint8(length) 821 822 y := x[4:] 823 y[0] = byte(l) 824 copy(y[1:], []byte(m.proto[0:l])) 825 y = y[1+l:] 826 y[0] = byte(padding) 827 828 m.raw = x 829 830 return x 831 } 832 833 func (m *nextProtoMsg) unmarshal(data []byte) bool { 834 m.raw = data 835 836 if len(data) < 5 { 837 return false 838 } 839 data = data[4:] 840 protoLen := int(data[0]) 841 data = data[1:] 842 if len(data) < protoLen { 843 return false 844 } 845 m.proto = string(data[0:protoLen]) 846 data = data[protoLen:] 847 848 if len(data) < 1 { 849 return false 850 } 851 paddingLen := int(data[0]) 852 data = data[1:] 853 if len(data) != paddingLen { 854 return false 855 } 856 857 return true 858 } 859 860 type certificateRequestMsg struct { 861 raw []byte 862 certificateTypes []byte 863 certificateAuthorities [][]byte 864 } 865 866 func (m *certificateRequestMsg) equal(i interface{}) bool { 867 m1, ok := i.(*certificateRequestMsg) 868 if !ok { 869 return false 870 } 871 872 return bytes.Equal(m.raw, m1.raw) && 873 bytes.Equal(m.certificateTypes, m1.certificateTypes) && 874 eqByteSlices(m.certificateAuthorities, m1.certificateAuthorities) 875 } 876 877 func (m *certificateRequestMsg) marshal() (x []byte) { 878 if m.raw != nil { 879 return m.raw 880 } 881 882 // See http://tools.ietf.org/html/rfc4346#section-7.4.4 883 length := 1 + len(m.certificateTypes) + 2 884 casLength := 0 885 for _, ca := range m.certificateAuthorities { 886 casLength += 2 + len(ca) 887 } 888 length += casLength 889 890 x = make([]byte, 4+length) 891 x[0] = typeCertificateRequest 892 x[1] = uint8(length >> 16) 893 x[2] = uint8(length >> 8) 894 x[3] = uint8(length) 895 896 x[4] = uint8(len(m.certificateTypes)) 897 898 copy(x[5:], m.certificateTypes) 899 y := x[5+len(m.certificateTypes):] 900 y[0] = uint8(casLength >> 8) 901 y[1] = uint8(casLength) 902 y = y[2:] 903 for _, ca := range m.certificateAuthorities { 904 y[0] = uint8(len(ca) >> 8) 905 y[1] = uint8(len(ca)) 906 y = y[2:] 907 copy(y, ca) 908 y = y[len(ca):] 909 } 910 911 m.raw = x 912 return 913 } 914 915 func (m *certificateRequestMsg) unmarshal(data []byte) bool { 916 m.raw = data 917 918 if len(data) < 5 { 919 return false 920 } 921 922 length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) 923 if uint32(len(data))-4 != length { 924 return false 925 } 926 927 numCertTypes := int(data[4]) 928 data = data[5:] 929 if numCertTypes == 0 || len(data) <= numCertTypes { 930 return false 931 } 932 933 m.certificateTypes = make([]byte, numCertTypes) 934 if copy(m.certificateTypes, data) != numCertTypes { 935 return false 936 } 937 938 data = data[numCertTypes:] 939 940 if len(data) < 2 { 941 return false 942 } 943 casLength := uint16(data[0])<<8 | uint16(data[1]) 944 data = data[2:] 945 if len(data) < int(casLength) { 946 return false 947 } 948 cas := make([]byte, casLength) 949 copy(cas, data) 950 data = data[casLength:] 951 952 m.certificateAuthorities = nil 953 for len(cas) > 0 { 954 if len(cas) < 2 { 955 return false 956 } 957 caLen := uint16(cas[0])<<8 | uint16(cas[1]) 958 cas = cas[2:] 959 960 if len(cas) < int(caLen) { 961 return false 962 } 963 964 m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen]) 965 cas = cas[caLen:] 966 } 967 if len(data) > 0 { 968 return false 969 } 970 971 return true 972 } 973 974 type certificateVerifyMsg struct { 975 raw []byte 976 signature []byte 977 } 978 979 func (m *certificateVerifyMsg) equal(i interface{}) bool { 980 m1, ok := i.(*certificateVerifyMsg) 981 if !ok { 982 return false 983 } 984 985 return bytes.Equal(m.raw, m1.raw) && 986 bytes.Equal(m.signature, m1.signature) 987 } 988 989 func (m *certificateVerifyMsg) marshal() (x []byte) { 990 if m.raw != nil { 991 return m.raw 992 } 993 994 // See http://tools.ietf.org/html/rfc4346#section-7.4.8 995 siglength := len(m.signature) 996 length := 2 + siglength 997 x = make([]byte, 4+length) 998 x[0] = typeCertificateVerify 999 x[1] = uint8(length >> 16) 1000 x[2] = uint8(length >> 8) 1001 x[3] = uint8(length) 1002 x[4] = uint8(siglength >> 8) 1003 x[5] = uint8(siglength) 1004 copy(x[6:], m.signature) 1005 1006 m.raw = x 1007 1008 return 1009 } 1010 1011 func (m *certificateVerifyMsg) unmarshal(data []byte) bool { 1012 m.raw = data 1013 1014 if len(data) < 6 { 1015 return false 1016 } 1017 1018 length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) 1019 if uint32(len(data))-4 != length { 1020 return false 1021 } 1022 1023 siglength := int(data[4])<<8 + int(data[5]) 1024 if len(data)-6 != siglength { 1025 return false 1026 } 1027 1028 m.signature = data[6:] 1029 1030 return true 1031 } 1032 1033 func eqUint16s(x, y []uint16) bool { 1034 if len(x) != len(y) { 1035 return false 1036 } 1037 for i, v := range x { 1038 if y[i] != v { 1039 return false 1040 } 1041 } 1042 return true 1043 } 1044 1045 func eqStrings(x, y []string) bool { 1046 if len(x) != len(y) { 1047 return false 1048 } 1049 for i, v := range x { 1050 if y[i] != v { 1051 return false 1052 } 1053 } 1054 return true 1055 } 1056 1057 func eqByteSlices(x, y [][]byte) bool { 1058 if len(x) != len(y) { 1059 return false 1060 } 1061 for i, v := range x { 1062 if !bytes.Equal(v, y[i]) { 1063 return false 1064 } 1065 } 1066 return true 1067 }