From 46dee48948c187e25c5f7649b473c110365ce844 Mon Sep 17 00:00:00 2001 From: Alex Holland Date: Fri, 3 Mar 2017 20:37:10 -0500 Subject: [PATCH 1/2] remove ztls, change references --- main.go | 2 +- zlib/conn.go | 2 +- zlib/grabber.go | 2 +- zlib/grabber_test.go | 2 +- zlib/zgrab.go | 2 +- ztools/http/client_test.go | 2 +- ztools/http/request.go | 2 +- ztools/http/transport.go | 2 +- ztools/ztls/alert.go | 77 - ztools/ztls/chacha20_poly1305.go | 163 -- ztools/ztls/chacha20_poly1305_test.go | 103 - ztools/ztls/cipher_suites.go | 1076 ----------- ztools/ztls/cipher_suites_test.go | 47 - ztools/ztls/common.go | 1244 ------------ ztools/ztls/conn.go | 1097 ----------- ztools/ztls/conn_test.go | 106 - ztools/ztls/example_test.go | 57 - ztools/ztls/generate_cert.go | 117 -- ztools/ztls/handshake_client.go | 1062 ---------- ztools/ztls/handshake_client_test.go | 503 ----- ztools/ztls/handshake_extensions.go | 392 ---- ztools/ztls/handshake_messages.go | 1718 ----------------- ztools/ztls/handshake_messages_test.go | 251 --- ztools/ztls/handshake_server.go | 809 -------- ztools/ztls/handshake_server_test.go | 866 --------- ztools/ztls/handshake_test.go | 167 -- ztools/ztls/key_agreement.go | 740 ------- ztools/ztls/poly1305.go | 1540 --------------- ztools/ztls/prf.go | 460 ----- ztools/ztls/prf_test.go | 128 -- .../Client-TLSv10-ClientCert-ECDSA-ECDSA | 129 -- .../Client-TLSv10-ClientCert-ECDSA-RSA | 125 -- .../Client-TLSv10-ClientCert-RSA-ECDSA | 128 -- .../testdata/Client-TLSv10-ClientCert-RSA-RSA | 124 -- .../testdata/Client-TLSv10-ECDHE-ECDSA-AES | 87 - .../ztls/testdata/Client-TLSv10-ECDHE-RSA-AES | 97 - ztools/ztls/testdata/Client-TLSv10-RSA-RC4 | 83 - .../testdata/Client-TLSv11-ECDHE-ECDSA-AES | 89 - .../ztls/testdata/Client-TLSv11-ECDHE-RSA-AES | 99 - ztools/ztls/testdata/Client-TLSv11-RSA-RC4 | 83 - .../Client-TLSv12-ClientCert-ECDSA-ECDSA | 134 -- .../Client-TLSv12-ClientCert-ECDSA-RSA | 127 -- .../Client-TLSv12-ClientCert-RSA-ECDSA | 133 -- .../testdata/Client-TLSv12-ClientCert-RSA-RSA | 126 -- .../testdata/Client-TLSv12-ClientFingerprint | 106 - .../testdata/Client-TLSv12-ECDHE-ECDSA-AES | 89 - .../Client-TLSv12-ECDHE-ECDSA-AES-GCM | 84 - .../ztls/testdata/Client-TLSv12-ECDHE-RSA-AES | 99 - ztools/ztls/testdata/Client-TLSv12-RSA-RC4 | 83 - ztools/ztls/testdata/Server-SSLv3-RSA-3DES | 83 - ztools/ztls/testdata/Server-SSLv3-RSA-AES | 84 - ztools/ztls/testdata/Server-SSLv3-RSA-RC4 | 79 - .../testdata/Server-TLSv10-ECDHE-ECDSA-AES | 84 - ztools/ztls/testdata/Server-TLSv10-RSA-3DES | 79 - ztools/ztls/testdata/Server-TLSv10-RSA-AES | 82 - ztools/ztls/testdata/Server-TLSv10-RSA-RC4 | 76 - ztools/ztls/testdata/Server-TLSv11-RSA-RC4 | 76 - ...rver-TLSv12-CipherSuiteCertPreferenceECDSA | 91 - ...Server-TLSv12-CipherSuiteCertPreferenceRSA | 101 - ...er-TLSv12-ClientAuthRequestedAndECDSAGiven | 122 -- .../Server-TLSv12-ClientAuthRequestedAndGiven | 121 -- .../Server-TLSv12-ClientAuthRequestedNotGiven | 81 - .../testdata/Server-TLSv12-ECDHE-ECDSA-AES | 89 - .../ztls/testdata/Server-TLSv12-IssueTicket | 87 - .../Server-TLSv12-IssueTicketPreDisable | 87 - ztools/ztls/testdata/Server-TLSv12-RSA-3DES | 83 - ztools/ztls/testdata/Server-TLSv12-RSA-AES | 87 - .../ztls/testdata/Server-TLSv12-RSA-AES-GCM | 93 - ztools/ztls/testdata/Server-TLSv12-RSA-RC4 | 79 - ztools/ztls/testdata/Server-TLSv12-Resume | 36 - .../testdata/Server-TLSv12-ResumeDisabled | 87 - ztools/ztls/testdata/Server-TLSv12-SNI | 76 - ztools/ztls/ticket.go | 189 -- ztools/ztls/tls.go | 287 --- ztools/ztls/tls_test.go | 237 --- ztools/ztls/ztls_handshake.go | 510 ----- ztools/ztls/ztls_handshake_test.go | 50 - ztools/ztls/ztls_heartbeat.go | 89 - ztools/ztls/ztls_ka.go | 171 -- ztools/ztls/ztls_names.go | 565 ------ 80 files changed, 8 insertions(+), 18817 deletions(-) delete mode 100644 ztools/ztls/alert.go delete mode 100644 ztools/ztls/chacha20_poly1305.go delete mode 100644 ztools/ztls/chacha20_poly1305_test.go delete mode 100644 ztools/ztls/cipher_suites.go delete mode 100644 ztools/ztls/cipher_suites_test.go delete mode 100644 ztools/ztls/common.go delete mode 100644 ztools/ztls/conn.go delete mode 100644 ztools/ztls/conn_test.go delete mode 100644 ztools/ztls/example_test.go delete mode 100644 ztools/ztls/generate_cert.go delete mode 100644 ztools/ztls/handshake_client.go delete mode 100644 ztools/ztls/handshake_client_test.go delete mode 100644 ztools/ztls/handshake_extensions.go delete mode 100644 ztools/ztls/handshake_messages.go delete mode 100644 ztools/ztls/handshake_messages_test.go delete mode 100644 ztools/ztls/handshake_server.go delete mode 100644 ztools/ztls/handshake_server_test.go delete mode 100644 ztools/ztls/handshake_test.go delete mode 100644 ztools/ztls/key_agreement.go delete mode 100644 ztools/ztls/poly1305.go delete mode 100644 ztools/ztls/prf.go delete mode 100644 ztools/ztls/prf_test.go delete mode 100644 ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA delete mode 100644 ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-RSA delete mode 100644 ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-ECDSA delete mode 100644 ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-RSA delete mode 100644 ztools/ztls/testdata/Client-TLSv10-ECDHE-ECDSA-AES delete mode 100644 ztools/ztls/testdata/Client-TLSv10-ECDHE-RSA-AES delete mode 100644 ztools/ztls/testdata/Client-TLSv10-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Client-TLSv11-ECDHE-ECDSA-AES delete mode 100644 ztools/ztls/testdata/Client-TLSv11-ECDHE-RSA-AES delete mode 100644 ztools/ztls/testdata/Client-TLSv11-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ClientCert-ECDSA-ECDSA delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ClientCert-ECDSA-RSA delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-RSA delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ClientFingerprint delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM delete mode 100644 ztools/ztls/testdata/Client-TLSv12-ECDHE-RSA-AES delete mode 100644 ztools/ztls/testdata/Client-TLSv12-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Server-SSLv3-RSA-3DES delete mode 100644 ztools/ztls/testdata/Server-SSLv3-RSA-AES delete mode 100644 ztools/ztls/testdata/Server-SSLv3-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Server-TLSv10-ECDHE-ECDSA-AES delete mode 100644 ztools/ztls/testdata/Server-TLSv10-RSA-3DES delete mode 100644 ztools/ztls/testdata/Server-TLSv10-RSA-AES delete mode 100644 ztools/ztls/testdata/Server-TLSv10-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Server-TLSv11-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceECDSA delete mode 100644 ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceRSA delete mode 100644 ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven delete mode 100644 ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven delete mode 100644 ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven delete mode 100644 ztools/ztls/testdata/Server-TLSv12-ECDHE-ECDSA-AES delete mode 100644 ztools/ztls/testdata/Server-TLSv12-IssueTicket delete mode 100644 ztools/ztls/testdata/Server-TLSv12-IssueTicketPreDisable delete mode 100644 ztools/ztls/testdata/Server-TLSv12-RSA-3DES delete mode 100644 ztools/ztls/testdata/Server-TLSv12-RSA-AES delete mode 100644 ztools/ztls/testdata/Server-TLSv12-RSA-AES-GCM delete mode 100644 ztools/ztls/testdata/Server-TLSv12-RSA-RC4 delete mode 100644 ztools/ztls/testdata/Server-TLSv12-Resume delete mode 100644 ztools/ztls/testdata/Server-TLSv12-ResumeDisabled delete mode 100644 ztools/ztls/testdata/Server-TLSv12-SNI delete mode 100644 ztools/ztls/ticket.go delete mode 100644 ztools/ztls/tls.go delete mode 100644 ztools/ztls/tls_test.go delete mode 100644 ztools/ztls/ztls_handshake.go delete mode 100644 ztools/ztls/ztls_handshake_test.go delete mode 100644 ztools/ztls/ztls_heartbeat.go delete mode 100644 ztools/ztls/ztls_ka.go delete mode 100644 ztools/ztls/ztls_names.go diff --git a/main.go b/main.go index aea134ea..ca5a8cd3 100644 --- a/main.go +++ b/main.go @@ -31,7 +31,7 @@ import ( "github.com/zmap/zgrab/ztools/processing" "github.com/zmap/zgrab/ztools/x509" "github.com/zmap/zgrab/ztools/zlog" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" ) // Command-line flags diff --git a/zlib/conn.go b/zlib/conn.go index 01691870..6a7ad030 100644 --- a/zlib/conn.go +++ b/zlib/conn.go @@ -33,7 +33,7 @@ import ( "github.com/zmap/zgrab/ztools/ssh" "github.com/zmap/zgrab/ztools/util" "github.com/zmap/zgrab/ztools/x509" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" ) var smtpEndRegex = regexp.MustCompile(`(?:^\d\d\d\s.*\r\n$)|(?:^\d\d\d-[\s\S]*\r\n\d\d\d\s.*\r\n$)`) diff --git a/zlib/grabber.go b/zlib/grabber.go index 37d2ac21..6b39815e 100644 --- a/zlib/grabber.go +++ b/zlib/grabber.go @@ -37,7 +37,7 @@ import ( "github.com/zmap/zgrab/ztools/telnet" "github.com/zmap/zgrab/ztools/xssh" "github.com/zmap/zgrab/ztools/zlog" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" ) type GrabTarget struct { diff --git a/zlib/grabber_test.go b/zlib/grabber_test.go index 416388d0..95e64111 100644 --- a/zlib/grabber_test.go +++ b/zlib/grabber_test.go @@ -6,7 +6,7 @@ import ( . "github.com/zmap/zgrab/ztools/http" "github.com/zmap/zgrab/ztools/http/httptest" "github.com/zmap/zgrab/ztools/zlog" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" "net" "net/url" "os" diff --git a/zlib/zgrab.go b/zlib/zgrab.go index fc80f72d..5e8071e3 100644 --- a/zlib/zgrab.go +++ b/zlib/zgrab.go @@ -27,7 +27,7 @@ import ( "github.com/zmap/zgrab/ztools/ssh" "github.com/zmap/zgrab/ztools/telnet" "github.com/zmap/zgrab/ztools/xssh" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" ) type Grab struct { diff --git a/ztools/http/client_test.go b/ztools/http/client_test.go index 5baa6bc9..d571c2fe 100644 --- a/ztools/http/client_test.go +++ b/ztools/http/client_test.go @@ -11,7 +11,7 @@ import ( "fmt" . "github.com/zmap/zgrab/ztools/http" "github.com/zmap/zgrab/ztools/http/httptest" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" "io" "io/ioutil" "net" diff --git a/ztools/http/request.go b/ztools/http/request.go index ba4fbc27..7cebffd4 100644 --- a/ztools/http/request.go +++ b/ztools/http/request.go @@ -14,7 +14,7 @@ import ( "encoding/json" "errors" "fmt" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" "io" "io/ioutil" "mime" diff --git a/ztools/http/transport.go b/ztools/http/transport.go index a054e3de..9800bb99 100644 --- a/ztools/http/transport.go +++ b/ztools/http/transport.go @@ -15,7 +15,7 @@ import ( "encoding/base64" "errors" "fmt" - "github.com/zmap/zgrab/ztools/ztls" + "github.com/zmap/ztls/ztls" "io" "io/ioutil" "net" diff --git a/ztools/ztls/alert.go b/ztools/ztls/alert.go deleted file mode 100644 index 7069f608..00000000 --- a/ztools/ztls/alert.go +++ /dev/null @@ -1,77 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import "strconv" - -type alert uint8 - -const ( - // alert level - alertLevelWarning = 1 - alertLevelError = 2 -) - -const ( - alertCloseNotify alert = 0 - alertUnexpectedMessage alert = 10 - alertBadRecordMAC alert = 20 - alertDecryptionFailed alert = 21 - alertRecordOverflow alert = 22 - alertDecompressionFailure alert = 30 - alertHandshakeFailure alert = 40 - alertBadCertificate alert = 42 - alertUnsupportedCertificate alert = 43 - alertCertificateRevoked alert = 44 - alertCertificateExpired alert = 45 - alertCertificateUnknown alert = 46 - alertIllegalParameter alert = 47 - alertUnknownCA alert = 48 - alertAccessDenied alert = 49 - alertDecodeError alert = 50 - alertDecryptError alert = 51 - alertProtocolVersion alert = 70 - alertInsufficientSecurity alert = 71 - alertInternalError alert = 80 - alertUserCanceled alert = 90 - alertNoRenegotiation alert = 100 -) - -var alertText = map[alert]string{ - alertCloseNotify: "close notify", - alertUnexpectedMessage: "unexpected message", - alertBadRecordMAC: "bad record MAC", - alertDecryptionFailed: "decryption failed", - alertRecordOverflow: "record overflow", - alertDecompressionFailure: "decompression failure", - alertHandshakeFailure: "handshake failure", - alertBadCertificate: "bad certificate", - alertUnsupportedCertificate: "unsupported certificate", - alertCertificateRevoked: "revoked certificate", - alertCertificateExpired: "expired certificate", - alertCertificateUnknown: "unknown certificate", - alertIllegalParameter: "illegal parameter", - alertUnknownCA: "unknown certificate authority", - alertAccessDenied: "access denied", - alertDecodeError: "error decoding message", - alertDecryptError: "error decrypting message", - alertProtocolVersion: "protocol version not supported", - alertInsufficientSecurity: "insufficient security level", - alertInternalError: "internal error", - alertUserCanceled: "user canceled", - alertNoRenegotiation: "no renegotiation", -} - -func (e alert) String() string { - s, ok := alertText[e] - if ok { - return s - } - return "alert(" + strconv.Itoa(int(e)) + ")" -} - -func (e alert) Error() string { - return e.String() -} diff --git a/ztools/ztls/chacha20_poly1305.go b/ztools/ztls/chacha20_poly1305.go deleted file mode 100644 index bd9d86dc..00000000 --- a/ztools/ztls/chacha20_poly1305.go +++ /dev/null @@ -1,163 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "crypto/cipher" - "crypto/subtle" - "encoding/binary" - "errors" -) - -// See draft-agl-tls-chacha20poly1305-04 and -// draft-irtf-cfrg-chacha20-poly1305-10. Where the two differ, the -// draft-agl-tls-chacha20poly1305-04 variant is implemented. - -func leftRotate(a uint32, n uint) uint32 { - return (a << n) | (a >> (32 - n)) -} - -func chaChaQuarterRound(state *[16]uint32, a, b, c, d int) { - state[a] += state[b] - state[d] = leftRotate(state[d]^state[a], 16) - - state[c] += state[d] - state[b] = leftRotate(state[b]^state[c], 12) - - state[a] += state[b] - state[d] = leftRotate(state[d]^state[a], 8) - - state[c] += state[d] - state[b] = leftRotate(state[b]^state[c], 7) -} - -func chaCha20Block(state *[16]uint32, out []byte) { - var workingState [16]uint32 - copy(workingState[:], state[:]) - for i := 0; i < 10; i++ { - chaChaQuarterRound(&workingState, 0, 4, 8, 12) - chaChaQuarterRound(&workingState, 1, 5, 9, 13) - chaChaQuarterRound(&workingState, 2, 6, 10, 14) - chaChaQuarterRound(&workingState, 3, 7, 11, 15) - chaChaQuarterRound(&workingState, 0, 5, 10, 15) - chaChaQuarterRound(&workingState, 1, 6, 11, 12) - chaChaQuarterRound(&workingState, 2, 7, 8, 13) - chaChaQuarterRound(&workingState, 3, 4, 9, 14) - } - for i := 0; i < 16; i++ { - binary.LittleEndian.PutUint32(out[i*4:i*4+4], workingState[i]+state[i]) - } -} - -// sliceForAppend takes a slice and a requested number of bytes. It returns a -// slice with the contents of the given slice followed by that many bytes and a -// second slice that aliases into it and contains only the extra bytes. If the -// original slice has sufficient capacity then no allocation is performed. -func sliceForAppend(in []byte, n int) (head, tail []byte) { - if total := len(in) + n; cap(in) >= total { - head = in[:total] - } else { - head = make([]byte, total) - copy(head, in) - } - tail = head[len(in):] - return -} - -type chaCha20Poly1305 struct { - key [32]byte -} - -func newChaCha20Poly1305(key []byte) (cipher.AEAD, error) { - if len(key) != 32 { - return nil, errors.New("bad key length") - } - aead := new(chaCha20Poly1305) - copy(aead.key[:], key) - return aead, nil -} - -func (c *chaCha20Poly1305) NonceSize() int { return 8 } -func (c *chaCha20Poly1305) Overhead() int { return 16 } - -func (c *chaCha20Poly1305) chaCha20(out, in, nonce []byte, counter uint64) { - var state [16]uint32 - state[0] = 0x61707865 - state[1] = 0x3320646e - state[2] = 0x79622d32 - state[3] = 0x6b206574 - for i := 0; i < 8; i++ { - state[4+i] = binary.LittleEndian.Uint32(c.key[i*4 : i*4+4]) - } - state[14] = binary.LittleEndian.Uint32(nonce[0:4]) - state[15] = binary.LittleEndian.Uint32(nonce[4:8]) - - for i := 0; i < len(in); i += 64 { - state[12] = uint32(counter & 0xffffffff) - state[13] = uint32(counter >> 32) - - var tmp [64]byte - chaCha20Block(&state, tmp[:]) - count := 64 - if len(in)-i < count { - count = len(in) - i - } - for j := 0; j < count; j++ { - out[i+j] = in[i+j] ^ tmp[j] - } - - counter++ - } -} - -func (c *chaCha20Poly1305) poly1305(tag *[16]byte, nonce, ciphertext, additionalData []byte) { - input := make([]byte, 0, len(additionalData)+8+len(ciphertext)+8) - input = append(input, additionalData...) - input, out := sliceForAppend(input, 8) - binary.LittleEndian.PutUint64(out, uint64(len(additionalData))) - input = append(input, ciphertext...) - input, out = sliceForAppend(input, 8) - binary.LittleEndian.PutUint64(out, uint64(len(ciphertext))) - - var poly1305Key [32]byte - c.chaCha20(poly1305Key[:], poly1305Key[:], nonce, 0) - - poly1305Sum(tag, input, &poly1305Key) -} - -func (c *chaCha20Poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte { - if len(nonce) != 8 { - panic("Bad nonce length") - } - - ret, out := sliceForAppend(dst, len(plaintext)+16) - c.chaCha20(out[:len(plaintext)], plaintext, nonce, 1) - - var tag [16]byte - c.poly1305(&tag, nonce, out[:len(plaintext)], additionalData) - copy(out[len(plaintext):], tag[:]) - - return ret -} - -func (c *chaCha20Poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) { - if len(nonce) != 8 { - panic("Bad nonce length") - } - if len(ciphertext) < 16 { - return nil, errors.New("chacha20: message authentication failed") - } - plaintextLen := len(ciphertext) - 16 - - var tag [16]byte - c.poly1305(&tag, nonce, ciphertext[:plaintextLen], additionalData) - if subtle.ConstantTimeCompare(tag[:], ciphertext[plaintextLen:]) != 1 { - return nil, errors.New("chacha20: message authentication failed") - } - - ret, out := sliceForAppend(dst, plaintextLen) - c.chaCha20(out, ciphertext[:plaintextLen], nonce, 1) - return ret, nil -} diff --git a/ztools/ztls/chacha20_poly1305_test.go b/ztools/ztls/chacha20_poly1305_test.go deleted file mode 100644 index 7ce0c785..00000000 --- a/ztools/ztls/chacha20_poly1305_test.go +++ /dev/null @@ -1,103 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "encoding/hex" - "testing" -) - -// See draft-irtf-cfrg-chacha20-poly1305-10, section 2.1.1. -func TestChaChaQuarterRound(t *testing.T) { - state := [16]uint32{0x11111111, 0x01020304, 0x9b8d6f43, 0x01234567} - chaChaQuarterRound(&state, 0, 1, 2, 3) - - a, b, c, d := state[0], state[1], state[2], state[3] - if a != 0xea2a92f4 || b != 0xcb1cf8ce || c != 0x4581472e || d != 0x5881c4bb { - t.Errorf("Incorrect results: %x", state) - } -} - -// See draft-irtf-cfrg-chacha20-poly1305-10, section 2.2.1. -func TestChaChaQuarterRoundState(t *testing.T) { - state := [16]uint32{ - 0x879531e0, 0xc5ecf37d, 0x516461b1, 0xc9a62f8a, - 0x44c20ef3, 0x3390af7f, 0xd9fc690b, 0x2a5f714c, - 0x53372767, 0xb00a5631, 0x974c541a, 0x359e9963, - 0x5c971061, 0x3d631689, 0x2098d9d6, 0x91dbd320, - } - chaChaQuarterRound(&state, 2, 7, 8, 13) - - expected := [16]uint32{ - 0x879531e0, 0xc5ecf37d, 0xbdb886dc, 0xc9a62f8a, - 0x44c20ef3, 0x3390af7f, 0xd9fc690b, 0xcfacafd2, - 0xe46bea80, 0xb00a5631, 0x974c541a, 0x359e9963, - 0x5c971061, 0xccc07c79, 0x2098d9d6, 0x91dbd320, - } - for i := range state { - if state[i] != expected[i] { - t.Errorf("Mismatch at %d: %x vs %x", i, state, expected) - } - } -} - -// See draft-irtf-cfrg-chacha20-poly1305-10, section 2.3.2. -func TestChaCha20Block(t *testing.T) { - state := [16]uint32{ - 0x61707865, 0x3320646e, 0x79622d32, 0x6b206574, - 0x03020100, 0x07060504, 0x0b0a0908, 0x0f0e0d0c, - 0x13121110, 0x17161514, 0x1b1a1918, 0x1f1e1d1c, - 0x00000001, 0x09000000, 0x4a000000, 0x00000000, - } - out := make([]byte, 64) - chaCha20Block(&state, out) - - expected := []byte{ - 0x10, 0xf1, 0xe7, 0xe4, 0xd1, 0x3b, 0x59, 0x15, - 0x50, 0x0f, 0xdd, 0x1f, 0xa3, 0x20, 0x71, 0xc4, - 0xc7, 0xd1, 0xf4, 0xc7, 0x33, 0xc0, 0x68, 0x03, - 0x04, 0x22, 0xaa, 0x9a, 0xc3, 0xd4, 0x6c, 0x4e, - 0xd2, 0x82, 0x64, 0x46, 0x07, 0x9f, 0xaa, 0x09, - 0x14, 0xc2, 0xd7, 0x05, 0xd9, 0x8b, 0x02, 0xa2, - 0xb5, 0x12, 0x9c, 0xd1, 0xde, 0x16, 0x4e, 0xb9, - 0xcb, 0xd0, 0x83, 0xe8, 0xa2, 0x50, 0x3c, 0x4e, - } - if !bytes.Equal(out, expected) { - t.Errorf("Got %x, wanted %x", out, expected) - } -} - -// See draft-agl-tls-chacha20poly1305-04, section 7. -func TestChaCha20Poly1305(t *testing.T) { - key, _ := hex.DecodeString("4290bcb154173531f314af57f3be3b5006da371ece272afa1b5dbdd1100a1007") - input, _ := hex.DecodeString("86d09974840bded2a5ca") - nonce, _ := hex.DecodeString("cd7cf67be39c794a") - ad, _ := hex.DecodeString("87e229d4500845a079c0") - output, _ := hex.DecodeString("e3e446f7ede9a19b62a4677dabf4e3d24b876bb284753896e1d6") - - aead, err := newChaCha20Poly1305(key) - if err != nil { - t.Fatal(err) - } - - out, err := aead.Open(nil, nonce, output, ad) - if err != nil { - t.Errorf("Open failed: %s", err) - } else if !bytes.Equal(out, input) { - t.Errorf("Open gave %x, wanted %x", out, input) - } - - out = aead.Seal(nil, nonce, input, ad) - if !bytes.Equal(out, output) { - t.Errorf("Open gave %x, wanted %x", out, output) - } - - out[0]++ - _, err = aead.Open(nil, nonce, out, ad) - if err == nil { - t.Errorf("Open on malformed data unexpectedly succeeded") - } -} diff --git a/ztools/ztls/cipher_suites.go b/ztools/ztls/cipher_suites.go deleted file mode 100644 index 782e6155..00000000 --- a/ztools/ztls/cipher_suites.go +++ /dev/null @@ -1,1076 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "crypto/aes" - "crypto/cipher" - "crypto/des" - "crypto/hmac" - "crypto/md5" - "crypto/rc4" - "crypto/sha1" - "crypto/sha256" - "crypto/sha512" - "hash" - - "github.com/zmap/rc2" - "github.com/zmap/zgrab/ztools/x509" -) - -// a keyAgreement implements the client and server side of a TLS key agreement -// protocol by generating and processing key exchange messages. -type keyAgreement interface { - // On the server side, the first two methods are called in order. - - // In the case that the key agreement protocol doesn't use a - // ServerKeyExchange message, generateServerKeyExchange can return nil, - // nil. - generateServerKeyExchange(*Config, *Certificate, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error) - processClientKeyExchange(*Config, *Certificate, *clientKeyExchangeMsg) ([]byte, error) - - // On the client side, the next two methods are called in order. - - // This method may not be called if the server doesn't send a - // ServerKeyExchange message. - processServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error - generateClientKeyExchange(*Config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) -} - -const ( - // suiteECDH indicates that the cipher suite involves elliptic curve - // Diffie-Hellman. This means that it should only be selected when the - // client indicates that it supports ECC with a curve and point format - // that we're happy with. - suiteECDHE = 1 << iota - // suiteECDSA indicates that the cipher suite involves an ECDSA - // signature and therefore may only be selected when the server's - // certificate is ECDSA. If this is not set then the cipher suite is - // RSA based. - suiteECDSA - // suiteTLS12 indicates that the cipher suite should only be advertised - // and accepted when using TLS 1.2. - suiteTLS12 - - // suiteSHA384 indicates that the cipher suite uses SHA384 as the - // handshake hash. - suiteSHA384 - - // suiteNoDTLS indicates that the cipher suite cannot be used - // in DTLS. - suiteNoDTLS - - // suitePSK indicates that the cipher suite authenticates with - // a pre-shared key rather than a server private key. - suitePSK - - // suiteExport indicates that the cipher suite is an export suite - suiteExport - - // suiteAnon indicates the cipher suite is anonymous - suiteAnon - - // suiteDSS indicates the cipher suite uses DSS signatures and requires a - // DSA server key - suiteDSS -) - -// A cipherSuite is a specific combination of key agreement, cipher and MAC -// function. All cipher suites currently assume RSA key agreement. -type cipherSuite struct { - id uint16 - // the lengths, in bytes, of the key material needed for each component. - keyLen int - macLen int - ivLen int - - // used by export ciphers - expandedKeyLen int - - ka func(version uint16) keyAgreement - // flags is a bitmask of the suite* values, above. - flags int - cipher func(key, iv []byte, isRead bool) interface{} - mac func(version uint16, macKey []byte) macFunction - aead func(key, fixedNonce []byte) *tlsAead -} - -type tlsAead struct { - cipher.AEAD - explicitNonce bool -} - -var implementedCipherSuites = []*cipherSuite{ - {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, 32, 0, 0, 32, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12, nil, nil, aeadCHACHA20POLY1305}, - {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 32, 0, 0, 32, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadCHACHA20POLY1305}, - {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, 32, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, - {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, 32, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, - {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, 16, ecdheRSAKA, suiteECDHE | suiteNoDTLS, cipherRC4, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteNoDTLS, cipherRC4, macSHA1, nil}, - {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, 16, ecdheRSAKA, suiteECDHE | suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil}, - {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, 32, 48, 16, 32, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, cipherAES, macSHA384, nil}, - {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 32, 48, 16, 32, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12 | suiteSHA384, cipherAES, macSHA384, nil}, - {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil}, - {TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, 32, 0, 0, 32, dheRSAKA, suiteTLS12, nil, nil, aeadCHACHA20POLY1305}, - {TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, dheRSAKA, suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, 32, dheRSAKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, - {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, 16, dheRSAKA, suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, 32, 32, 16, 32, dheRSAKA, suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, dheRSAKA, 0, cipherAES, macSHA1, nil}, - {TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, dheRSAKA, 0, cipherAES, macSHA1, nil}, - {TLS_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, rsaKA, suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, 32, rsaKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, - {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, 16, rsaKA, suiteNoDTLS, cipherRC4, macSHA1, nil}, - {TLS_RSA_WITH_RC4_128_MD5, 16, 16, 0, 16, rsaKA, suiteNoDTLS, cipherRC4, macMD5, nil}, - {TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, 16, rsaKA, suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_RSA_WITH_AES_256_CBC_SHA256, 32, 32, 16, 32, rsaKA, suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, rsaKA, 0, cipherAES, macSHA1, nil}, - {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, rsaKA, 0, cipherAES, macSHA1, nil}, - {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil}, - {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, dheRSAKA, 0, cipher3DES, macSHA1, nil}, - {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, rsaKA, 0, cipher3DES, macSHA1, nil}, - //{TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdhePSKKA, suiteECDHE | suiteTLS12 | suitePSK, nil, nil, aeadAESGCM}, - //{TLS_PSK_WITH_RC4_128_SHA, 16, 20, 0, pskKA, suiteNoDTLS | suitePSK, cipherRC4, macSHA1, nil}, - //{TLS_PSK_WITH_AES_128_CBC_SHA, 16, 20, 16, pskKA, suitePSK, cipherAES, macSHA1, nil}, - //{TLS_PSK_WITH_AES_256_CBC_SHA, 32, 20, 16, pskKA, suitePSK, cipherAES, macSHA1, nil}, - //{TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil}, - //{TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdhePSKKA, suiteECDHE | suitePSK, cipherAES, macSHA1, nil}, - {TLS_RSA_EXPORT_WITH_RC4_40_MD5, 5, 16, 0, 16, rsaEphemeralKA, suiteExport, cipherRC4, macMD5, nil}, - {TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, 5, 20, 8, 8, rsaEphemeralKA, suiteExport, cipherDES, macSHA1, nil}, - {TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, 5, 16, 8, 16, rsaEphemeralKA, suiteExport, cipherRC2, macMD5, nil}, - {TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, 5, 20, 8, 8, dheRSAKA, suiteExport, cipherDES, macSHA1, nil}, - {TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, 5, 20, 8, 8, dheDSSKA, suiteExport | suiteDSS, cipherDES, macSHA1, nil}, - {TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA, 5, 20, 8, 8, dhAnonKA, suiteExport | suiteAnon, cipherDES, macSHA1, nil}, - {TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5, 5, 16, 0, 16, dhAnonKA, suiteExport | suiteAnon, cipherRC4, macMD5, nil}, - {TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, dheDSSKA, suiteDSS, cipherAES, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipher3DES, macSHA1, nil}, - {TLS_DHE_DSS_WITH_DES_CBC_SHA, 8, 20, 8, 8, dheDSSKA, suiteDSS, cipherDES, macSHA1, nil}, - {TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, dheDSSKA, suiteDSS, cipher3DES, macSHA1, nil}, - {TLS_DHE_RSA_WITH_DES_CBC_SHA, 8, 20, 8, 8, dheRSAKA, 0, cipherDES, macSHA1, nil}, - {TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, dheDSSKA, suiteDSS, cipherAES, macSHA1, nil}, - {TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, 16, 32, 16, 16, dheDSSKA, suiteDSS | suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_DHE_DSS_WITH_RC4_128_SHA, 16, 20, 0, 16, dheDSSKA, suiteDSS, cipherRC4, macSHA1, nil}, - {TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, 32, 32, 16, 32, dheDSSKA, suiteDSS | suiteTLS12, cipherAES, macSHA256, nil}, - {TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, dheDSSKA, suiteDSS | suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, 32, 0, 4, 32, dheDSSKA, suiteDSS | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, -} - -var stdlibCipherSuites = []*cipherSuite{ - // Ciphersuite order is chosen so that ECDHE comes before plain RSA - // and RC4 comes before AES (because of the Lucky13 attack). - {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA | suiteTLS12, nil, nil, aeadAESGCM}, - {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, 16, ecdheRSAKA, suiteECDHE, cipherRC4, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherRC4, macSHA1, nil}, - {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil}, - {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil}, - {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, ecdheECDSAKA, suiteECDHE | suiteECDSA, cipherAES, macSHA1, nil}, - {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, 16, rsaKA, 0, cipherRC4, macSHA1, nil}, - {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, 16, rsaKA, 0, cipherAES, macSHA1, nil}, - {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, 32, rsaKA, 0, cipherAES, macSHA1, nil}, - {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil}, - {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, 24, rsaKA, 0, cipher3DES, macSHA1, nil}, -} - -func cipherDES(key, iv []byte, isRead bool) interface{} { - block, _ := des.NewCipher(key) - if isRead { - return cipher.NewCBCDecrypter(block, iv) - } - return cipher.NewCBCEncrypter(block, iv) -} - -func cipherRC2(key, iv []byte, isRead bool) interface{} { - block, _ := rc2.NewCipher(key) - if isRead { - return cipher.NewCBCDecrypter(block, iv) - } - return cipher.NewCBCEncrypter(block, iv) -} - -func cipherRC4(key, iv []byte, isRead bool) interface{} { - cipher, _ := rc4.NewCipher(key) - return cipher -} - -func cipher3DES(key, iv []byte, isRead bool) interface{} { - block, _ := des.NewTripleDESCipher(key) - if isRead { - return cipher.NewCBCDecrypter(block, iv) - } - return cipher.NewCBCEncrypter(block, iv) -} - -func cipherAES(key, iv []byte, isRead bool) interface{} { - block, _ := aes.NewCipher(key) - if isRead { - return cipher.NewCBCDecrypter(block, iv) - } - return cipher.NewCBCEncrypter(block, iv) -} - -// macSHA1 returns a macFunction for the given protocol version. -func macSHA1(version uint16, key []byte) macFunction { - if version == VersionSSL30 { - mac := ssl30MAC{ - h: sha1.New(), - key: make([]byte, len(key)), - } - copy(mac.key, key) - return mac - } - return tls10MAC{hmac.New(sha1.New, key)} -} - -func macMD5(version uint16, key []byte) macFunction { - if version == VersionSSL30 { - mac := ssl30MAC{ - h: md5.New(), - key: make([]byte, len(key)), - } - copy(mac.key, key) - return mac - } - return tls10MAC{hmac.New(md5.New, key)} -} - -func macSHA256(version uint16, key []byte) macFunction { - if version == VersionSSL30 { - mac := ssl30MAC{ - h: sha256.New(), - key: make([]byte, len(key)), - } - copy(mac.key, key) - return mac - } - return tls10MAC{hmac.New(sha256.New, key)} -} - -func macSHA384(version uint16, key []byte) macFunction { - if version == VersionSSL30 { - mac := ssl30MAC{ - h: sha512.New384(), - key: make([]byte, len(key)), - } - copy(mac.key, key) - return mac - } - return tls10MAC{hmac.New(sha512.New384, key)} -} - -type macFunction interface { - Size() int - MAC(digestBuf, seq, header, length, data []byte) []byte -} - -// fixedNonceAEAD wraps an AEAD and prefixes a fixed portion of the nonce to -// each call. -type fixedNonceAEAD struct { - // sealNonce and openNonce are buffers where the larger nonce will be - // constructed. Since a seal and open operation may be running - // concurrently, there is a separate buffer for each. - sealNonce, openNonce []byte - aead cipher.AEAD -} - -func (f *fixedNonceAEAD) NonceSize() int { return 8 } -func (f *fixedNonceAEAD) Overhead() int { return f.aead.Overhead() } - -func (f *fixedNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte { - copy(f.sealNonce[len(f.sealNonce)-8:], nonce) - return f.aead.Seal(out, f.sealNonce, plaintext, additionalData) -} - -func (f *fixedNonceAEAD) Open(out, nonce, plaintext, additionalData []byte) ([]byte, error) { - copy(f.openNonce[len(f.openNonce)-8:], nonce) - return f.aead.Open(out, f.openNonce, plaintext, additionalData) -} - -func aeadAESGCM(key, fixedNonce []byte) *tlsAead { - aes, err := aes.NewCipher(key) - if err != nil { - panic(err) - } - aead, err := cipher.NewGCM(aes) - if err != nil { - panic(err) - } - - nonce1, nonce2 := make([]byte, 12), make([]byte, 12) - copy(nonce1, fixedNonce) - copy(nonce2, fixedNonce) - - return &tlsAead{&fixedNonceAEAD{nonce1, nonce2, aead}, true} -} - -func aeadCHACHA20POLY1305(key, fixedNonce []byte) *tlsAead { - aead, err := newChaCha20Poly1305(key) - if err != nil { - panic(err) - } - return &tlsAead{aead, false} -} - -// ssl30MAC implements the SSLv3 MAC function, as defined in -// www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt section 5.2.3.1 -type ssl30MAC struct { - h hash.Hash - key []byte -} - -func (s ssl30MAC) Size() int { - return s.h.Size() -} - -var ssl30Pad1 = [48]byte{0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36} - -var ssl30Pad2 = [48]byte{0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c} - -func (s ssl30MAC) MAC(digestBuf, seq, header, length, data []byte) []byte { - padLength := 48 - if s.h.Size() == 20 { - padLength = 40 - } - - s.h.Reset() - s.h.Write(s.key) - s.h.Write(ssl30Pad1[:padLength]) - s.h.Write(seq) - s.h.Write(header[:1]) - s.h.Write(length) - s.h.Write(data) - digestBuf = s.h.Sum(digestBuf[:0]) - - s.h.Reset() - s.h.Write(s.key) - s.h.Write(ssl30Pad2[:padLength]) - s.h.Write(digestBuf) - return s.h.Sum(digestBuf[:0]) -} - -// tls10MAC implements the TLS 1.0 MAC function. RFC 2246, section 6.2.3. -type tls10MAC struct { - h hash.Hash -} - -func (s tls10MAC) Size() int { - return s.h.Size() -} - -func (s tls10MAC) MAC(digestBuf, seq, header, length, data []byte) []byte { - s.h.Reset() - s.h.Write(seq) - s.h.Write(header) - s.h.Write(length) - s.h.Write(data) - return s.h.Sum(digestBuf[:0]) -} - -func rsaKA(version uint16) keyAgreement { - return &rsaKeyAgreement{ - version: version, - auth: &signedKeyAgreement{ - sigType: signatureRSA, - version: version, - }, - } -} - -func rsaEphemeralKA(version uint16) keyAgreement { - return &rsaKeyAgreement{ - version: version, - ephemeral: true, - auth: &signedKeyAgreement{ - sigType: signatureRSA, - version: version, - }, - } -} - -func ecdheECDSAKA(version uint16) keyAgreement { - return &ecdheKeyAgreement{ - auth: &signedKeyAgreement{ - sigType: signatureECDSA, - version: version, - }, - } -} - -func ecdheRSAKA(version uint16) keyAgreement { - return &ecdheKeyAgreement{ - auth: &signedKeyAgreement{ - sigType: signatureRSA, - version: version, - }, - } -} - -func dheRSAKA(version uint16) keyAgreement { - return &dheKeyAgreement{ - auth: &signedKeyAgreement{ - sigType: signatureRSA, - version: version, - }, - } -} - -func dheDSSKA(version uint16) keyAgreement { - return &dheKeyAgreement{ - auth: &signedKeyAgreement{ - sigType: signatureDSA, - version: version, - }, - } -} - -func dhAnonKA(version uint16) keyAgreement { - return &dheKeyAgreement{ - auth: &nilKeyAgreementAuthentication{}, - } -} - -// mutualCipherSuite returns a cipherSuite given a list of supported -// ciphersuites and the id requested by the peer. -func mutualCipherSuite(have []uint16, want uint16) *cipherSuite { - for _, id := range have { - if id == want { - for _, suite := range implementedCipherSuites { - if suite.id == want { - return suite - } - } - return nil - } - } - return nil -} - -// A list of the possible cipher suite ids. Taken from -// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml -const ( - TLS_NULL_WITH_NULL_NULL = 0x0000 - TLS_RSA_WITH_NULL_MD5 = 0x0001 - TLS_RSA_WITH_NULL_SHA = 0x0002 - TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003 - TLS_RSA_WITH_RC4_128_MD5 = 0x0004 - TLS_RSA_WITH_RC4_128_SHA = 0x0005 - TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006 - TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007 - TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008 - TLS_RSA_WITH_DES_CBC_SHA = 0x0009 - TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A - TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B - TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C - TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D - TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E - TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F - TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010 - TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011 - TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012 - TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013 - TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014 - TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015 - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016 - TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5 = 0x0017 - TLS_DH_ANON_WITH_RC4_128_MD5 = 0x0018 - TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA = 0x0019 - TLS_DH_ANON_WITH_DES_CBC_SHA = 0x001A - TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA = 0x001B - SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x001C - SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x001D - TLS_KRB5_WITH_DES_CBC_SHA = 0x001E - TLS_KRB5_WITH_3DES_EDE_CBC_SHA = 0x001F - TLS_KRB5_WITH_RC4_128_SHA = 0x0020 - TLS_KRB5_WITH_IDEA_CBC_SHA = 0x0021 - TLS_KRB5_WITH_DES_CBC_MD5 = 0x0022 - TLS_KRB5_WITH_3DES_EDE_CBC_MD5 = 0x0023 - TLS_KRB5_WITH_RC4_128_MD5 = 0x0024 - TLS_KRB5_WITH_IDEA_CBC_MD5 = 0x0025 - TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA = 0x0026 - TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA = 0x0027 - TLS_KRB5_EXPORT_WITH_RC4_40_SHA = 0x0028 - TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 = 0x0029 - TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 = 0x002A - TLS_KRB5_EXPORT_WITH_RC4_40_MD5 = 0x002B - TLS_PSK_WITH_NULL_SHA = 0x002C - TLS_DHE_PSK_WITH_NULL_SHA = 0x002D - TLS_RSA_PSK_WITH_NULL_SHA = 0x002E - TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F - TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030 - TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031 - TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032 - TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033 - TLS_DH_ANON_WITH_AES_128_CBC_SHA = 0x0034 - TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035 - TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036 - TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037 - TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038 - TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039 - TLS_DH_ANON_WITH_AES_256_CBC_SHA = 0x003A - TLS_RSA_WITH_NULL_SHA256 = 0x003B - TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C - TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D - TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E - TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F - TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040 - TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041 - TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042 - TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043 - TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044 - TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045 - TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA = 0x0046 - TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 = 0x0060 - TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 = 0x0061 - TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = 0x0062 - TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = 0x0063 - TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = 0x0064 - TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = 0x0065 - TLS_DHE_DSS_WITH_RC4_128_SHA = 0x0066 - TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067 - TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068 - TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069 - TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A - TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B - TLS_DH_ANON_WITH_AES_128_CBC_SHA256 = 0x006C - TLS_DH_ANON_WITH_AES_256_CBC_SHA256 = 0x006D - TLS_GOSTR341094_WITH_28147_CNT_IMIT = 0x0080 - TLS_GOSTR341001_WITH_28147_CNT_IMIT = 0x0081 - TLS_GOSTR341094_WITH_NULL_GOSTR3411 = 0x0082 - TLS_GOSTR341001_WITH_NULL_GOSTR3411 = 0x0083 - TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084 - TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085 - TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086 - TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087 - TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088 - TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA = 0x0089 - TLS_PSK_WITH_RC4_128_SHA = 0x008A - TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B - TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C - TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D - TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E - TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F - TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090 - TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091 - TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092 - TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093 - TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094 - TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095 - TLS_RSA_WITH_SEED_CBC_SHA = 0x0096 - TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097 - TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098 - TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099 - TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A - TLS_DH_ANON_WITH_SEED_CBC_SHA = 0x009B - TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C - TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F - TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0 - TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1 - TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2 - TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3 - TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4 - TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5 - TLS_DH_ANON_WITH_AES_128_GCM_SHA256 = 0x00A6 - TLS_DH_ANON_WITH_AES_256_GCM_SHA384 = 0x00A7 - TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8 - TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9 - TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA - TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB - TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC - TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD - TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE - TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF - TLS_PSK_WITH_NULL_SHA256 = 0x00B0 - TLS_PSK_WITH_NULL_SHA384 = 0x00B1 - TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2 - TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3 - TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4 - TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5 - TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6 - TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7 - TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8 - TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9 - TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA - TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB - TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC - TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD - TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE - TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF - TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0 - TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1 - TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2 - TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3 - TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4 - TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5 - TLS_RENEGO_PROTECTION_REQUEST = 0x00FF - TLS_FALLBACK_SCSV = 0x5600 - TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001 - TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002 - TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005 - TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006 - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007 - TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A - TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B - TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C - TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F - TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010 - TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011 - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014 - TLS_ECDH_ANON_WITH_NULL_SHA = 0xC015 - TLS_ECDH_ANON_WITH_RC4_128_SHA = 0xC016 - TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA = 0xC017 - TLS_ECDH_ANON_WITH_AES_128_CBC_SHA = 0xC018 - TLS_ECDH_ANON_WITH_AES_256_CBC_SHA = 0xC019 - TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A - TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B - TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C - TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D - TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E - TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F - TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020 - TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021 - TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032 - TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033 - TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034 - TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035 - TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036 - TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037 - TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038 - TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039 - TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A - TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B - TLS_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC03C - TLS_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC03D - TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256 = 0xC03E - TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384 = 0xC03F - TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC040 - TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC041 - TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256 = 0xC042 - TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384 = 0xC043 - TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC044 - TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC045 - TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256 = 0xC046 - TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384 = 0xC047 - TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256 = 0xC048 - TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384 = 0xC049 - TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256 = 0xC04A - TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384 = 0xC04B - TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC04C - TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC04D - TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256 = 0xC04E - TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384 = 0xC04F - TLS_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC050 - TLS_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC051 - TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC052 - TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC053 - TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC054 - TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC055 - TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256 = 0xC056 - TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384 = 0xC057 - TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256 = 0xC058 - TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384 = 0xC059 - TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256 = 0xC05A - TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384 = 0xC05B - TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256 = 0xC05C - TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384 = 0xC05D - TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256 = 0xC05E - TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384 = 0xC05F - TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC060 - TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC061 - TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256 = 0xC062 - TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384 = 0xC063 - TLS_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC064 - TLS_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC065 - TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC066 - TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC067 - TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC068 - TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC069 - TLS_PSK_WITH_ARIA_128_GCM_SHA256 = 0xC06A - TLS_PSK_WITH_ARIA_256_GCM_SHA384 = 0xC06B - TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256 = 0xC06C - TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384 = 0xC06D - TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256 = 0xC06E - TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384 = 0xC06F - TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256 = 0xC070 - TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384 = 0xC071 - TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072 - TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073 - TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074 - TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075 - TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076 - TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077 - TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078 - TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079 - TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A - TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B - TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C - TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D - TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E - TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F - TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080 - TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081 - TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082 - TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083 - TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084 - TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085 - TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086 - TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087 - TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088 - TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089 - TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A - TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B - TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C - TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D - TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E - TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F - TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090 - TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091 - TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092 - TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093 - TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094 - TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095 - TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096 - TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097 - TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098 - TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099 - TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A - TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B - TLS_RSA_WITH_AES_128_CCM = 0xC09C - TLS_RSA_WITH_AES_256_CCM = 0xC09D - TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E - TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F - TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0 - TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1 - TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2 - TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3 - TLS_PSK_WITH_AES_128_CCM = 0xC0A4 - TLS_PSK_WITH_AES_256_CCM = 0xC0A5 - TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6 - TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7 - TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8 - TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9 - TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA - TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB - TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC - TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD - TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE - TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF - TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256 = 0xCAFE - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9 - TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA - // Old ids for Chacha20 ciphers - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD = 0xCC13 - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD = 0xCC14 - TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD = 0xCC15 - //SSL_RSA_FIPS_WITH_DES_CBC_SHA = 0xFEFE - //SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = 0xFEFF - //SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA = 0xFFE0 - //SSL_RSA_FIPS_WITH_DES_CBC_SHA = 0xFFE1 - SSL_RSA_WITH_RC2_CBC_MD5 = 0xFF80 - SSL_RSA_WITH_IDEA_CBC_MD5 = 0xFF81 - SSL_RSA_WITH_DES_CBC_MD5 = 0xFF82 - SSL_RSA_WITH_3DES_EDE_CBC_MD5 = 0xFF83 - SSL_EN_RC2_128_CBC_WITH_MD5 = 0xFF03 - OP_PCL_TLS10_AES_128_CBC_SHA512 = 0xFF85 -) - -// RSA Ciphers -var RSACiphers = []uint16{ - TLS_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_GCM_SHA256, -} - -var DHECiphers []uint16 = []uint16{ - TLS_DHE_DSS_WITH_DES_CBC_SHA, - TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, - TLS_DHE_RSA_WITH_DES_CBC_SHA, - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_DHE_DSS_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_DSS_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, - TLS_DHE_DSS_WITH_RC4_128_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, - TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, - TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, - TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, -} - -var ECDHECiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_RSA_WITH_RC4_128_SHA, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, -} - -var ExportCiphers []uint16 = []uint16{ - TLS_RSA_EXPORT_WITH_RC4_40_MD5, - TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, - TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, - TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA, - TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA, - TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, - TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, - TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5, - TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA, - TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA, - TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA, - TLS_KRB5_EXPORT_WITH_RC4_40_SHA, - TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5, - TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5, - TLS_KRB5_EXPORT_WITH_RC4_40_MD5, - TLS_RSA_EXPORT1024_WITH_RC4_56_MD5, - TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, - TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, - TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, - TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, - TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, -} - -var RSAExportCiphers []uint16 = []uint16{ - TLS_RSA_EXPORT_WITH_RC4_40_MD5, - TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, - TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, - TLS_RSA_EXPORT1024_WITH_RC4_56_MD5, - TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5, - TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA, - TLS_RSA_EXPORT1024_WITH_RC4_56_SHA, -} - -var RSA512ExportCiphers []uint16 = []uint16{ - TLS_RSA_EXPORT_WITH_RC4_40_MD5, - TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5, - TLS_RSA_EXPORT_WITH_DES40_CBC_SHA, -} - -var DHEExportCiphers []uint16 = []uint16{ - TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, - TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, - TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5, - TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA, -} - -var ChromeCiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - TLS_ECDHE_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_AES_128_GCM_SHA256, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_MD5, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, -} - -var ChromeNoDHECiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - TLS_ECDHE_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_AES_128_GCM_SHA256, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_MD5, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, -} - -var FirefoxCiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_DSS_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, -} - -var FirefoxNoDHECiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_DSS_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, -} - -var SafariCiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_RSA_WITH_AES_256_CBC_SHA256, - TLS_RSA_WITH_AES_128_CBC_SHA256, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - TLS_ECDHE_RSA_WITH_RC4_128_SHA, - TLS_ECDH_ECDSA_WITH_RC4_128_SHA, - TLS_ECDH_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_MD5, -} - -var SafariNoDHECiphers []uint16 = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_RSA_WITH_AES_256_CBC_SHA256, - TLS_RSA_WITH_AES_128_CBC_SHA256, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, - TLS_ECDHE_RSA_WITH_RC4_128_SHA, - TLS_ECDH_ECDSA_WITH_RC4_128_SHA, - TLS_ECDH_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_SHA, - TLS_RSA_WITH_RC4_128_MD5, -} - -func cipherIDInCipherIDList(cipher uint16, cipherIDList []uint16) bool { - for _, val := range cipherIDList { - if cipher == val { - return true - } - } - return false -} - -func cipherIDInCipherList(cipherID uint16, cipherList []*cipherSuite) bool { - for _, cipher := range cipherList { - if cipherID == cipher.id { - return true - } - } - return false -} - -var SChannelSuites []uint16 = []uint16{ - TLS_RSA_WITH_AES_128_GCM_SHA256, - TLS_RSA_WITH_RC4_128_SHA, -} diff --git a/ztools/ztls/cipher_suites_test.go b/ztools/ztls/cipher_suites_test.go deleted file mode 100644 index cc8db69c..00000000 --- a/ztools/ztls/cipher_suites_test.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "testing" -) - -func TestChromeCiphersImplemented(t *testing.T) { - for _, cipherID := range ChromeCiphers { - supported := cipherIDInCipherList(cipherID, implementedCipherSuites) - if supported != true { - t.Errorf("Chrome cipher %d (%s) not supported", cipherID, nameForSuite(cipherID)) - } - } -} - -func TestFirefoxCiphersImplemented(t *testing.T) { - for _, cipherID := range FirefoxCiphers { - supported := cipherIDInCipherList(cipherID, implementedCipherSuites) - if supported != true { - t.Errorf("Firefox cipher %d (%s) not supported", cipherID, nameForSuite(cipherID)) - } - } -} - -func TestDHECiphersImplemented(t *testing.T) { - for _, cipherID := range DHECiphers { - supported := cipherIDInCipherList(cipherID, implementedCipherSuites) - if supported != true { - t.Errorf("DHE cipher %d (%s) not supported", cipherID, nameForSuite(cipherID)) - } - } -} - -/* -func TestSafariCiphersImplemented(t *testing.T) { - for _, cipherID := range SafariCiphers { - supported := cipherIDInCipherList(cipherID, implementedCipherSuites) - if supported != true { - t.Errorf("Safari cipher %d (%s) not supported", cipherID, nameForSuite(cipherID)) - } - } -} -*/ diff --git a/ztools/ztls/common.go b/ztools/ztls/common.go deleted file mode 100644 index 8311124e..00000000 --- a/ztools/ztls/common.go +++ /dev/null @@ -1,1244 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "container/list" - "crypto" - "crypto/rand" - "crypto/rsa" - "crypto/sha512" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "io" - "math/big" - "net" - "strings" - "sync" - "time" - - "github.com/zmap/zgrab/ztools/x509" -) - -const ( - VersionSSL30 = 0x0300 - VersionTLS10 = 0x0301 - VersionTLS11 = 0x0302 - VersionTLS12 = 0x0303 -) - -const ( - maxPlaintext = 16384 // maximum plaintext payload length - maxCiphertext = 16384 + 2048 // maximum ciphertext payload length - tlsRecordHeaderLen = 5 // record header length - dtlsRecordHeaderLen = 13 - maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB) - - minVersion = VersionSSL30 - maxVersion = VersionTLS12 -) - -// TLS record types. -type recordType uint8 - -const ( - recordTypeChangeCipherSpec recordType = 20 - recordTypeAlert recordType = 21 - recordTypeHandshake recordType = 22 - recordTypeApplicationData recordType = 23 -) - -// TLS handshake message types. -const ( - typeHelloRequest uint8 = 0 - typeClientHello uint8 = 1 - typeServerHello uint8 = 2 - typeHelloVerifyRequest uint8 = 3 - typeNewSessionTicket uint8 = 4 - typeCertificate uint8 = 11 - typeServerKeyExchange uint8 = 12 - typeCertificateRequest uint8 = 13 - typeServerHelloDone uint8 = 14 - typeCertificateVerify uint8 = 15 - typeClientKeyExchange uint8 = 16 - typeFinished uint8 = 20 - typeCertificateStatus uint8 = 22 - typeNextProtocol uint8 = 67 // Not IANA assigned - typeEncryptedExtensions uint8 = 203 // Not IANA assigned -) - -// TLS compression types. -const ( - compressionNone uint8 = 0 -) - -// TLS extension numbers -const ( - extensionServerName uint16 = 0 - extensionStatusRequest uint16 = 5 - extensionSupportedCurves uint16 = 10 - extensionSupportedPoints uint16 = 11 - extensionSignatureAlgorithms uint16 = 13 - extensionALPN uint16 = 16 - extensionExtendedMasterSecret uint16 = 23 - extensionSessionTicket uint16 = 35 - extensionNextProtoNeg uint16 = 13172 // not IANA assigned - extensionRenegotiationInfo uint16 = 0xff01 - extensionExtendedRandom uint16 = 0x0028 // not IANA assigned - extensionSCT uint16 = 18 -) - -// TLS signaling cipher suite values -const ( - scsvRenegotiation uint16 = 0x00ff -) - -// CurveID is the type of a TLS identifier for an elliptic curve. See -// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8 -type CurveID uint16 - -const ( - CurveP256 CurveID = 23 - CurveP384 CurveID = 24 - CurveP521 CurveID = 25 -) - -func (curveID *CurveID) MarshalJSON() ([]byte, error) { - buf := make([]byte, 2) - buf[0] = byte(*curveID >> 8) - buf[1] = byte(*curveID) - enc := strings.ToUpper(hex.EncodeToString(buf)) - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint16 `json:"value"` - }{ - Hex: fmt.Sprintf("0x%s", enc), - Name: curveID.String(), - Value: uint16(*curveID), - } - - return json.Marshal(aux) -} - -func (curveID *CurveID) UnmarshalJSON(b []byte) error { - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint16 `json:"value"` - }{} - if err := json.Unmarshal(b, &aux); err != nil { - return err - } - if expectedName := nameForCurve(aux.Value); expectedName != aux.Name { - return fmt.Errorf("mismatched curve and name, curve: %d, name: %s, expected name: %s", aux.Value, aux.Name, expectedName) - } - *curveID = CurveID(aux.Value) - return nil -} - -type PointFormat uint8 - -// TLS Elliptic Curve Point Formats -// http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9 -const ( - pointFormatUncompressed uint8 = 0 -) - -func (pFormat *PointFormat) MarshalJSON() ([]byte, error) { - buf := make([]byte, 1) - buf[0] = byte(*pFormat) - enc := strings.ToUpper(hex.EncodeToString(buf)) - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint8 `json:"value"` - }{ - Hex: fmt.Sprintf("0x%s", enc), - Name: pFormat.String(), - Value: uint8(*pFormat), - } - - return json.Marshal(aux) -} - -func (pFormat *PointFormat) UnmarshalJSON(b []byte) error { - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint8 `json:"value"` - }{} - if err := json.Unmarshal(b, &aux); err != nil { - return err - } - if expectedName := nameForPointFormat(aux.Value); expectedName != aux.Name { - return fmt.Errorf("mismatched point format and name, point format: %d, name: %s, expected name: %s", aux.Value, aux.Name, expectedName) - } - *pFormat = PointFormat(aux.Value) - return nil -} - -// TLS CertificateStatusType (RFC 3546) -const ( - statusTypeOCSP uint8 = 1 -) - -// Certificate types (for certificateRequestMsg) -const ( - certTypeRSASign = 1 // A certificate containing an RSA key - certTypeDSSSign = 2 // A certificate containing a DSA key - certTypeRSAFixedDH = 3 // A certificate containing a static DH key - certTypeDSSFixedDH = 4 // A certificate containing a static DH key - - // See RFC4492 sections 3 and 5.5. - certTypeECDSASign = 64 // A certificate containing an ECDSA-capable public key, signed with ECDSA. - certTypeRSAFixedECDH = 65 // A certificate containing an ECDH-capable public key, signed with RSA. - certTypeECDSAFixedECDH = 66 // A certificate containing an ECDH-capable public key, signed with ECDSA. - - // Rest of these are reserved by the TLS spec -) - -// Hash functions for TLS 1.2 (See RFC 5246, section A.4.1) -const ( - hashMD5 uint8 = 1 - hashSHA1 uint8 = 2 - hashSHA224 uint8 = 3 - hashSHA256 uint8 = 4 - hashSHA384 uint8 = 5 - hashSHA512 uint8 = 6 -) - -// Signature algorithms for TLS 1.2 (See RFC 5246, section A.4.1) -const ( - signatureRSA uint8 = 1 - signatureDSA uint8 = 2 - signatureECDSA uint8 = 3 -) - -// signatureAndHash mirrors the TLS 1.2, SignatureAndHashAlgorithm struct. See -// RFC 5246, section A.4.1. -type signatureAndHash struct { - signature, hash uint8 -} - -// supportedSKXSignatureAlgorithms contains the signature and hash algorithms -// that the code advertises as supported in a TLS 1.2 ClientHello. -var supportedSKXSignatureAlgorithms = []signatureAndHash{ - {signatureRSA, hashSHA256}, - {signatureECDSA, hashSHA256}, - {signatureRSA, hashSHA1}, - {signatureECDSA, hashSHA1}, - {signatureDSA, hashSHA1}, -} - -var defaultSKXSignatureAlgorithms = []signatureAndHash{ - {signatureRSA, hashSHA256}, - {signatureECDSA, hashSHA256}, - {signatureRSA, hashSHA1}, - {signatureECDSA, hashSHA1}, -} - -// supportedClientCertSignatureAlgorithms contains the signature and hash -// algorithms that the code advertises as supported in a TLS 1.2 -// CertificateRequest. -var supportedClientCertSignatureAlgorithms = []signatureAndHash{ - {signatureRSA, hashSHA256}, - {signatureECDSA, hashSHA256}, -} - -// ConnectionState records basic TLS details about the connection. -type ConnectionState struct { - Version uint16 // TLS version used by the connection (e.g. VersionTLS12) - HandshakeComplete bool // TLS handshake is complete - DidResume bool // connection resumes a previous TLS connection - CipherSuite uint16 // cipher suite in use (TLS_RSA_WITH_RC4_128_SHA, ...) - NegotiatedProtocol string // negotiated next protocol (from Config.NextProtos) - NegotiatedProtocolIsMutual bool // negotiated protocol was advertised by server - ServerName string // server name requested by client, if any (server side only) - PeerCertificates []*x509.Certificate // certificate chain presented by remote peer - VerifiedChains [][]*x509.Certificate // verified chains built from PeerCertificates -} - -// ClientAuthType declares the policy the server will follow for -// TLS Client Authentication. -type ClientAuthType int - -const ( - // Values have no meaning (were previously 'iota') - // Values added IOT allow dereference to name for JSON - NoClientCert ClientAuthType = 0 - RequestClientCert ClientAuthType = 1 - RequireAnyClientCert ClientAuthType = 2 - VerifyClientCertIfGiven ClientAuthType = 3 - RequireAndVerifyClientCert ClientAuthType = 4 -) - -func (authType *ClientAuthType) String() string { - if name, ok := clientAuthTypeNames[int(*authType)]; ok { - return name - } - - return "unknown" -} - -func (authType *ClientAuthType) MarshalJSON() ([]byte, error) { - return []byte(`"` + authType.String() + `"`), nil -} - -func (authType *ClientAuthType) UnmarshalJSON(b []byte) error { - panic("unimplemented") -} - -// ClientSessionState contains the state needed by clients to resume TLS -// sessions. -type ClientSessionState struct { - sessionTicket []uint8 // Encrypted ticket used for session resumption with server - lifetimeHint uint32 // Hint from server about how long the session ticket should be stored - vers uint16 // SSL/TLS version negotiated for the session - cipherSuite uint16 // Ciphersuite negotiated for the session - masterSecret []byte // MasterSecret generated by client on a full handshake - serverCertificates []*x509.Certificate // Certificate chain presented by the server - extendedMasterSecret bool // Whether an extended master secret was used to generate the session -} - -// ClientSessionCache is a cache of ClientSessionState objects that can be used -// by a client to resume a TLS session with a given server. ClientSessionCache -// implementations should expect to be called concurrently from different -// goroutines. -type ClientSessionCache interface { - // Get searches for a ClientSessionState associated with the given key. - // On return, ok is true if one was found. - Get(sessionKey string) (session *ClientSessionState, ok bool) - - // Put adds the ClientSessionState to the cache with the given key. - Put(sessionKey string, cs *ClientSessionState) -} - -// A Config structure is used to configure a TLS client or server. -// After one has been passed to a TLS function it must not be -// modified. A Config may be reused; the tls package will also not -// modify it. -type Config struct { - // Rand provides the source of entropy for nonces and RSA blinding. - // If Rand is nil, TLS uses the cryptographic random reader in package - // crypto/rand. - // The Reader must be safe for use by multiple goroutines. - Rand io.Reader - - // Time returns the current time as the number of seconds since the epoch. - // If Time is nil, TLS uses time.Now. - Time func() time.Time - - // Certificates contains one or more certificate chains - // to present to the other side of the connection. - // Server configurations must include at least one certificate. - Certificates []Certificate - - // NameToCertificate maps from a certificate name to an element of - // Certificates. Note that a certificate name can be of the form - // '*.example.com' and so doesn't have to be a domain name as such. - // See Config.BuildNameToCertificate - // The nil value causes the first element of Certificates to be used - // for all connections. - NameToCertificate map[string]*Certificate - - // RootCAs defines the set of root certificate authorities - // that clients use when verifying server certificates. - // If RootCAs is nil, TLS uses the host's root CA set. - RootCAs *x509.CertPool - - // NextProtos is a list of supported, application level protocols. - NextProtos []string - - // ServerName is used to verify the hostname on the returned - // certificates unless InsecureSkipVerify is given. It is also included - // in the client's handshake to support virtual hosting. - ServerName string - - // ClientAuth determines the server's policy for - // TLS Client Authentication. The default is NoClientCert. - ClientAuth ClientAuthType - - // ClientCAs defines the set of root certificate authorities - // that servers use if required to verify a client certificate - // by the policy in ClientAuth. - ClientCAs *x509.CertPool - - // InsecureSkipVerify controls whether a client verifies the - // server's certificate chain and host name. - // If InsecureSkipVerify is true, TLS accepts any certificate - // presented by the server and any host name in that certificate. - // In this mode, TLS is susceptible to man-in-the-middle attacks. - // This should be used only for testing. - InsecureSkipVerify bool - - // CipherSuites is a list of supported cipher suites. If CipherSuites - // is nil, TLS uses a list of suites supported by the implementation. - CipherSuites []uint16 - - // PreferServerCipherSuites controls whether the server selects the - // client's most preferred ciphersuite, or the server's most preferred - // ciphersuite. If true then the server's preference, as expressed in - // the order of elements in CipherSuites, is used. - PreferServerCipherSuites bool - - // SessionTicketsDisabled may be set to true to disable session ticket - // (resumption) support. - SessionTicketsDisabled bool - - // SessionTicketKey is used by TLS servers to provide session - // resumption. See RFC 5077. If zero, it will be filled with - // random data before the first server handshake. - // - // If multiple servers are terminating connections for the same host - // they should all have the same SessionTicketKey. If the - // SessionTicketKey leaks, previously recorded and future TLS - // connections using that key are compromised. - SessionTicketKey [32]byte - - // SessionCache is a cache of ClientSessionState entries for TLS session - // resumption. - ClientSessionCache ClientSessionCache - - // MinVersion contains the minimum SSL/TLS version that is acceptable. - // If zero, then SSLv3 is taken as the minimum. - MinVersion uint16 - - // MaxVersion contains the maximum SSL/TLS version that is acceptable. - // If zero, then the maximum version supported by this package is used, - // which is currently TLS 1.2. - MaxVersion uint16 - - // CurvePreferences contains the elliptic curves that will be used in - // an ECDHE handshake, in preference order. If empty, the default will - // be used. - CurvePreferences []CurveID - - serverInitOnce sync.Once // guards calling (*Config).serverInit - - // Add all ciphers in CipherSuites to Client Hello even if unimplemented - // Client-side Only - ForceSuites bool - - // Export RSA Key - ExportRSAKey *rsa.PrivateKey - - // HeartbeatEnabled sets whether the heartbeat extension is sent - HeartbeatEnabled bool - - // ClientDSAEnabled sets whether a TLS client will accept server DSA keys - // and DSS signatures - ClientDSAEnabled bool - - // Use extended random - ExtendedRandom bool - - // Force Client Hello to send TLS Session Ticket extension - ForceSessionTicketExt bool - - // Enable use of the Extended Master Secret extension - ExtendedMasterSecret bool - - SignedCertificateTimestampExt bool - - // Explicitly set Client random - ClientRandom []byte - - // Explicitly set ClientHello with raw data - ExternalClientHello []byte - - // If non-null specifies the contents of the client-hello - // WARNING: Setting this may invalidate other fields in the Config object - ClientFingerprintConfiguration *ClientFingerprintConfiguration - - // GetConfigForClient, if not nil, is called after a ClientHello is - // received from a client. It may return a non-nil Config in order to - // change the Config that will be used to handle this connection. If - // the returned Config is nil, the original Config will be used. The - // Config returned by this callback may not be subsequently modified. - // - // If GetConfigForClient is nil, the Config passed to Server() will be - // used for all connections. - // - // Uniquely for the fields in the returned Config, session ticket keys - // will be duplicated from the original Config if not set. - // Specifically, if SetSessionTicketKeys was called on the original - // config but not on the returned config then the ticket keys from the - // original config will be copied into the new config before use. - // Otherwise, if SessionTicketKey was set in the original config but - // not in the returned config then it will be copied into the returned - // config before use. If neither of those cases applies then the key - // material from the returned config will be used for session tickets. - GetConfigForClient func(*ClientHelloInfo) (*Config, error) - - // mutex protects sessionTicketKeys and originalConfig. - mutex sync.RWMutex - // sessionTicketKeys contains zero or more ticket keys. If the length - // is zero, SessionTicketsDisabled must be true. The first key is used - // for new tickets and any subsequent keys can be used to decrypt old - // tickets. - sessionTicketKeys []ticketKey - // originalConfig is set to the Config that was passed to Server if - // this Config is returned by a GetConfigForClient callback. It's used - // by serverInit in order to copy session ticket keys if needed. - originalConfig *Config -} - -// ticketKeyNameLen is the number of bytes of identifier that is prepended to -// an encrypted session ticket in order to identify the key used to encrypt it. -const ticketKeyNameLen = 16 - -// ticketKey is the internal representation of a session ticket key. -type ticketKey struct { - // keyName is an opaque byte string that serves to identify the session - // ticket key. It's exposed as plaintext in every session ticket. - keyName [ticketKeyNameLen]byte - aesKey [16]byte - hmacKey [16]byte -} - -// ticketKeyFromBytes converts from the external representation of a session -// ticket key to a ticketKey. Externally, session ticket keys are 32 random -// bytes and this function expands that into sufficient name and key material. -func ticketKeyFromBytes(b [32]byte) (key ticketKey) { - hashed := sha512.Sum512(b[:]) - copy(key.keyName[:], hashed[:ticketKeyNameLen]) - copy(key.aesKey[:], hashed[ticketKeyNameLen:ticketKeyNameLen+16]) - copy(key.hmacKey[:], hashed[ticketKeyNameLen+16:ticketKeyNameLen+32]) - return key -} - -// Clone returns a shallow clone of c. It is safe to clone a Config that is -// being used concurrently by a TLS client or server. -func (c *Config) Clone() *Config { - // Running serverInit ensures that it's safe to read - // SessionTicketsDisabled. - c.serverInitOnce.Do(c.serverInit) - - var sessionTicketKeys []ticketKey - c.mutex.RLock() - sessionTicketKeys = c.sessionTicketKeys - c.mutex.RUnlock() - - return &Config{ - Rand: c.Rand, - Time: c.Time, - Certificates: c.Certificates, - NameToCertificate: c.NameToCertificate, - GetConfigForClient: c.GetConfigForClient, - RootCAs: c.RootCAs, - NextProtos: c.NextProtos, - ServerName: c.ServerName, - ClientAuth: c.ClientAuth, - ClientCAs: c.ClientCAs, - InsecureSkipVerify: c.InsecureSkipVerify, - CipherSuites: c.CipherSuites, - PreferServerCipherSuites: c.PreferServerCipherSuites, - SessionTicketsDisabled: c.SessionTicketsDisabled, - SessionTicketKey: c.SessionTicketKey, - ClientSessionCache: c.ClientSessionCache, - MinVersion: c.MinVersion, - MaxVersion: c.MaxVersion, - CurvePreferences: c.CurvePreferences, - sessionTicketKeys: sessionTicketKeys, - ClientFingerprintConfiguration: c.ClientFingerprintConfiguration, - // originalConfig is deliberately not duplicated. - - // Not merged from upstream: - // GetCertificate: c.GetCertificate, - // DynamicRecordSizingDisabled: c.DynamicRecordSizingDisabled, - // VerifyPeerCertificate: c.VerifyPeerCertificate, - // KeyLogWriter: c.KeyLogWriter, - // Renegotiation: c.Renegotiation, - } -} - -func (c *Config) serverInit() { - if c.SessionTicketsDisabled || len(c.ticketKeys()) != 0 { - return - } - - var originalConfig *Config - c.mutex.Lock() - originalConfig, c.originalConfig = c.originalConfig, nil - c.mutex.Unlock() - - alreadySet := false - for _, b := range c.SessionTicketKey { - if b != 0 { - alreadySet = true - break - } - } - - if !alreadySet { - if originalConfig != nil { - copy(c.SessionTicketKey[:], originalConfig.SessionTicketKey[:]) - } else if _, err := io.ReadFull(c.rand(), c.SessionTicketKey[:]); err != nil { - c.SessionTicketsDisabled = true - return - } - } - - if originalConfig != nil { - originalConfig.mutex.RLock() - c.sessionTicketKeys = originalConfig.sessionTicketKeys - originalConfig.mutex.RUnlock() - } else { - c.sessionTicketKeys = []ticketKey{ticketKeyFromBytes(c.SessionTicketKey)} - } -} - -func (c *Config) ticketKeys() []ticketKey { - c.mutex.RLock() - // c.sessionTicketKeys is constant once created. SetSessionTicketKeys - // will only update it by replacing it with a new value. - ret := c.sessionTicketKeys - c.mutex.RUnlock() - return ret -} - -func (c *Config) rand() io.Reader { - r := c.Rand - if r == nil { - return rand.Reader - } - return r -} - -func (c *Config) time() time.Time { - t := c.Time - if t == nil { - t = time.Now - } - return t() -} - -func (c *Config) cipherSuites() []uint16 { - s := c.CipherSuites - if s == nil { - s = defaultCipherSuites() - } - return s -} - -func (c *Config) minVersion() uint16 { - if c == nil || c.MinVersion == 0 { - return minVersion - } - return c.MinVersion -} - -func (c *Config) maxVersion() uint16 { - if c == nil || c.MaxVersion == 0 { - return maxVersion - } - return c.MaxVersion -} - -var defaultCurvePreferences = []CurveID{CurveP256, CurveP384, CurveP521} - -func (c *Config) curvePreferences() []CurveID { - if c == nil || len(c.CurvePreferences) == 0 { - return defaultCurvePreferences - } - return c.CurvePreferences -} - -// mutualVersion returns the protocol version to use given the advertised -// version of the peer. -func (c *Config) mutualVersion(vers uint16) (uint16, bool) { - minVersion := c.minVersion() - maxVersion := c.maxVersion() - - if vers < minVersion { - return 0, false - } - if vers > maxVersion { - vers = maxVersion - } - return vers, true -} - -// SetSessionTicketKeys updates the session ticket keys for a server. The first -// key will be used when creating new tickets, while all keys can be used for -// decrypting tickets. It is safe to call this function while the server is -// running in order to rotate the session ticket keys. The function will panic -// if keys is empty. -func (c *Config) SetSessionTicketKeys(keys [][32]byte) { - if len(keys) == 0 { - panic("tls: keys must have at least one key") - } - - newKeys := make([]ticketKey, len(keys)) - for i, bytes := range keys { - newKeys[i] = ticketKeyFromBytes(bytes) - } - - c.mutex.Lock() - c.sessionTicketKeys = newKeys - c.mutex.Unlock() -} - -// getCertificateForName returns the best certificate for the given name, -// defaulting to the first element of c.Certificates if there are no good -// options. -func (c *Config) getCertificateForName(name string) *Certificate { - if len(c.Certificates) == 1 || c.NameToCertificate == nil { - // There's only one choice, so no point doing any work. - return &c.Certificates[0] - } - - name = strings.ToLower(name) - for len(name) > 0 && name[len(name)-1] == '.' { - name = name[:len(name)-1] - } - - if cert, ok := c.NameToCertificate[name]; ok { - return cert - } - - // try replacing labels in the name with wildcards until we get a - // match. - labels := strings.Split(name, ".") - for i := range labels { - labels[i] = "*" - candidate := strings.Join(labels, ".") - if cert, ok := c.NameToCertificate[candidate]; ok { - return cert - } - } - - // If nothing matches, return the first certificate. - return &c.Certificates[0] -} - -func (c *Config) signatureAndHashesForServer() []signatureAndHash { - /* - if c != nil && c.SignatureAndHashes != nil { - return c.SignatureAndHashes - } - */ - return supportedClientCertSignatureAlgorithms -} - -func (c *Config) signatureAndHashesForClient() []signatureAndHash { - /* - if c != nil && c.SignatureAndHashes != nil { - return c.SignatureAndHashes - } - */ - if c.ClientDSAEnabled { - return supportedSKXSignatureAlgorithms - } - return defaultSKXSignatureAlgorithms -} - -// BuildNameToCertificate parses c.Certificates and builds c.NameToCertificate -// from the CommonName and SubjectAlternateName fields of each of the leaf -// certificates. -func (c *Config) BuildNameToCertificate() { - c.NameToCertificate = make(map[string]*Certificate) - for i := range c.Certificates { - cert := &c.Certificates[i] - x509Cert, err := x509.ParseCertificate(cert.Certificate[0]) - if err != nil { - continue - } - if len(x509Cert.Subject.CommonName) > 0 { - c.NameToCertificate[x509Cert.Subject.CommonName] = cert - } - for _, san := range x509Cert.DNSNames { - c.NameToCertificate[san] = cert - } - } -} - -// A Certificate is a chain of one or more certificates, leaf first. -type Certificate struct { - Certificate [][]byte `json:"certificate_chain,omitempty"` - - // supported types: *rsa.PrivateKey, *ecdsa.PrivateKey - // OCSPStaple contains an optional OCSP response which will be served - // to clients that request it. - // Don't expose the private key by default (can be marshalled manually) - PrivateKey crypto.PrivateKey `json:"-"` - - OCSPStaple []byte `json:"ocsp_staple,omitempty"` - - // Leaf is the parsed form of the leaf certificate, which may be - // initialized using x509.ParseCertificate to reduce per-handshake - // processing for TLS clients doing client authentication. If nil, the - // leaf certificate will be parsed as needed. - Leaf *x509.Certificate `json:"leaf,omitempty"` -} - -// A TLS record. -type record struct { - contentType recordType - major, minor uint8 - payload []byte -} - -type handshakeMessage interface { - marshal() []byte - unmarshal([]byte) bool -} - -// lruSessionCache is a ClientSessionCache implementation that uses an LRU -// caching strategy. -type lruSessionCache struct { - sync.Mutex - - m map[string]*list.Element - q *list.List - capacity int -} - -type lruSessionCacheEntry struct { - sessionKey string - state *ClientSessionState -} - -// NewLRUClientSessionCache returns a ClientSessionCache with the given -// capacity that uses an LRU strategy. If capacity is < 1, a default capacity -// is used instead. -func NewLRUClientSessionCache(capacity int) ClientSessionCache { - const defaultSessionCacheCapacity = 64 - - if capacity < 1 { - capacity = defaultSessionCacheCapacity - } - return &lruSessionCache{ - m: make(map[string]*list.Element), - q: list.New(), - capacity: capacity, - } -} - -// Put adds the provided (sessionKey, cs) pair to the cache. -func (c *lruSessionCache) Put(sessionKey string, cs *ClientSessionState) { - c.Lock() - defer c.Unlock() - - if elem, ok := c.m[sessionKey]; ok { - entry := elem.Value.(*lruSessionCacheEntry) - entry.state = cs - c.q.MoveToFront(elem) - return - } - - if c.q.Len() < c.capacity { - entry := &lruSessionCacheEntry{sessionKey, cs} - c.m[sessionKey] = c.q.PushFront(entry) - return - } - - elem := c.q.Back() - entry := elem.Value.(*lruSessionCacheEntry) - delete(c.m, entry.sessionKey) - entry.sessionKey = sessionKey - entry.state = cs - c.q.MoveToFront(elem) - c.m[sessionKey] = elem -} - -// Get returns the ClientSessionState value associated with a given key. It -// returns (nil, false) if no value is found. -func (c *lruSessionCache) Get(sessionKey string) (*ClientSessionState, bool) { - c.Lock() - defer c.Unlock() - - if elem, ok := c.m[sessionKey]; ok { - c.q.MoveToFront(elem) - return elem.Value.(*lruSessionCacheEntry).state, true - } - return nil, false -} - -// TODO(jsing): Make these available to both crypto/x509 and crypto/tls. -type dsaSignature struct { - R, S *big.Int -} - -type ecdsaSignature dsaSignature - -var emptyConfig Config = Config{InsecureSkipVerify: true} - -func defaultConfig() *Config { - return &emptyConfig -} - -var ( - once sync.Once - varDefaultCipherSuites []uint16 -) - -func defaultCipherSuites() []uint16 { - once.Do(initDefaultCipherSuites) - return varDefaultCipherSuites -} - -func initDefaultCipherSuites() { - varDefaultCipherSuites = make([]uint16, len(stdlibCipherSuites)) - for i, suite := range stdlibCipherSuites { - varDefaultCipherSuites[i] = suite.id - } -} - -func unexpectedMessageError(wanted, got interface{}) error { - return fmt.Errorf("tls: received unexpected handshake message of type %T when waiting for %T", got, wanted) -} - -func isSupportedSignatureAndHash(sigHash signatureAndHash, sigHashes []signatureAndHash) bool { - for _, s := range sigHashes { - if s == sigHash { - return true - } - } - return false -} - -// SignatureScheme identifies a signature algorithm supported by TLS. See -// https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3. -type SignatureScheme uint16 - -const ( - PKCS1WithSHA1 SignatureScheme = 0x0201 - PKCS1WithSHA256 SignatureScheme = 0x0401 - PKCS1WithSHA384 SignatureScheme = 0x0501 - PKCS1WithSHA512 SignatureScheme = 0x0601 - - PSSWithSHA256 SignatureScheme = 0x0804 - PSSWithSHA384 SignatureScheme = 0x0805 - PSSWithSHA512 SignatureScheme = 0x0806 - - ECDSAWithP256AndSHA256 SignatureScheme = 0x0403 - ECDSAWithP384AndSHA384 SignatureScheme = 0x0503 - ECDSAWithP521AndSHA512 SignatureScheme = 0x0603 - - EdDSAWithEd25519 SignatureScheme = 0x0807 - EdDSAWithEd448 SignatureScheme = 0x0808 -) - -func (sigScheme *SignatureScheme) MarshalJSON() ([]byte, error) { - buf := sigScheme.Bytes() - enc := strings.ToUpper(hex.EncodeToString(buf)) - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint16 `json:"value"` - }{ - Hex: fmt.Sprintf("0x%s", enc), - Name: sigScheme.String(), - Value: uint16(*sigScheme), - } - - return json.Marshal(aux) -} - -func (sigScheme *SignatureScheme) UnmarshalJSON(b []byte) error { - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint16 `json:"value"` - }{} - if err := json.Unmarshal(b, &aux); err != nil { - return err - } - if expectedName := nameForSignatureScheme(aux.Value); expectedName != aux.Name { - return fmt.Errorf("mismatched signature scheme and name, signature scheme: %d, name: %s, expected name: %s", aux.Value, aux.Name, expectedName) - } - *sigScheme = SignatureScheme(aux.Value) - return nil -} - -// ClientHelloInfo contains information from a ClientHello message in order to -// guide certificate selection in the GetCertificate callback. -type ClientHelloInfo struct { - // CipherSuites lists the CipherSuites supported by the client (e.g. - // TLS_RSA_WITH_RC4_128_SHA). - CipherSuites []uint16 - - // ServerName indicates the name of the server requested by the client - // in order to support virtual hosting. ServerName is only set if the - // client is using SNI (see - // http://tools.ietf.org/html/rfc4366#section-3.1). - ServerName string - - // SupportedCurves lists the elliptic curves supported by the client. - // SupportedCurves is set only if the Supported Elliptic Curves - // Extension is being used (see - // http://tools.ietf.org/html/rfc4492#section-5.1.1). - SupportedCurves []CurveID - - // SupportedPoints lists the point formats supported by the client. - // SupportedPoints is set only if the Supported Point Formats Extension - // is being used (see - // http://tools.ietf.org/html/rfc4492#section-5.1.2). - SupportedPoints []uint8 - - // SignatureSchemes lists the signature and hash schemes that the client - // is willing to verify. SignatureSchemes is set only if the Signature - // Algorithms Extension is being used (see - // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1). - SignatureSchemes []SignatureScheme - - // SupportedProtos lists the application protocols supported by the client. - // SupportedProtos is set only if the Application-Layer Protocol - // Negotiation Extension is being used (see - // https://tools.ietf.org/html/rfc7301#section-3.1). - // - // Servers can select a protocol by setting Config.NextProtos in a - // GetConfigForClient return value. - SupportedProtos []string - - // SupportedVersions lists the TLS versions supported by the client. - // For TLS versions less than 1.3, this is extrapolated from the max - // version advertised by the client, so values other than the greatest - // might be rejected if used. - SupportedVersions []uint16 - - // Conn is the underlying net.Conn for the connection. Do not read - // from, or write to, this connection; that will cause the TLS - // connection to fail. - Conn net.Conn - - // Add a pointer to the entire ztls handshake structure so that it can - // be retrieved without hijacking the connection from higher-level - // packages - HandshakeLog *ServerHandshake -} - -func (info *ClientHelloInfo) MarshalJSON() ([]byte, error) { - aux := struct { - CipherSuites []CipherSuite `json:"cipher_suites"` - ServerName string `json:"server_name,omitempty"` - SupportedCurves []CurveID `json:"supported_curves,omitempty"` - SupportedPoints []PointFormat `json:"supported_point_formats,omitempty"` - SignatureSchemes []SignatureScheme `json:"signature_schemes,omitempty"` - SupportedProtos []string `json:"supported_protocols,omitempty"` - SupportedVersions []TLSVersion `json:"supported_versions,omitempty"` - LocalAddr string `json:"local_address,omitempty"` - RemoteAddr string `json:"remote_address,omitempty"` - }{ - ServerName: info.ServerName, - SupportedCurves: info.SupportedCurves, - SignatureSchemes: info.SignatureSchemes, - SupportedProtos: info.SupportedProtos, - // Do not marshal HandshakeLog IOT avoid duplication of data - // HandshakeLog can be marshalled manually from - // ClientHelloInfo.HandshakeLog or Conn.GetHandshakeLog() - } - - aux.CipherSuites = make([]CipherSuite, len(info.CipherSuites)) - for i, cipher := range info.CipherSuites { - aux.CipherSuites[i] = CipherSuite(cipher) - } - - aux.SupportedPoints = make([]PointFormat, len(info.SupportedPoints)) - for i, format := range info.SupportedPoints { - aux.SupportedPoints[i] = PointFormat(format) - } - - aux.SupportedVersions = make([]TLSVersion, len(info.SupportedVersions)) - for i, version := range info.SupportedVersions { - aux.SupportedVersions[i] = TLSVersion(version) - } - - aux.LocalAddr = fmt.Sprintf("%s+%s", info.Conn.LocalAddr().String(), info.Conn.LocalAddr().Network()) - aux.RemoteAddr = fmt.Sprintf("%s+%s", info.Conn.RemoteAddr().String(), info.Conn.RemoteAddr().Network()) - - return json.Marshal(aux) -} - -func (info *ClientHelloInfo) UnmarshalJSON(b []byte) error { - aux := struct { - CipherSuites []CipherSuite `json:"cipher_suites"` - ServerName string `json:"server_name,omitempty"` - SupportedCurves []CurveID `json:"supported_curves,omitempty"` - SupportedPoints []PointFormat `json:"supported_point_formats,omitempty"` - SignatureSchemes []SignatureScheme `json:"signature_schemes,omitempty"` - SupportedProtos []string `json:"supported_protocols,omitempty"` - SupportedVersions []TLSVersion `json:"supported_versions,omitempty"` - LocalAddr string `json:"local_address,omitempty"` - RemoteAddr string `json:"remote_address,omitempty"` - }{} - - err := json.Unmarshal(b, &aux) - if err != nil { - return err - } - - splitLocalAddr := strings.Split(aux.LocalAddr, "+") - if len(splitLocalAddr) != 2 { - return errors.New("local_address is not unmarshalable") - } - splitRemoteAddr := strings.Split(aux.RemoteAddr, "+") - if len(splitRemoteAddr) != 2 { - return errors.New("remote_address is not unmarshalable") - } - - info.Conn = FakeConn{ - localAddr: FakeAddr{ - stringStr: splitLocalAddr[0], - networkStr: splitLocalAddr[1], - }, - remoteAddr: FakeAddr{ - stringStr: splitRemoteAddr[0], - networkStr: splitLocalAddr[1], - }, - } - - info.ServerName = aux.ServerName - info.SupportedCurves = aux.SupportedCurves - info.SignatureSchemes = aux.SignatureSchemes - info.SupportedProtos = aux.SupportedProtos - - info.CipherSuites = make([]uint16, len(aux.CipherSuites)) - for i, cipher := range aux.CipherSuites { - info.CipherSuites[i] = uint16(cipher) - } - - info.SupportedPoints = make([]uint8, len(aux.SupportedPoints)) - for i, format := range aux.SupportedPoints { - info.SupportedPoints[i] = uint8(format) - } - - info.SupportedVersions = make([]uint16, len(aux.SupportedVersions)) - for i, version := range aux.SupportedVersions { - info.SupportedVersions[i] = uint16(version) - } - - return nil -} - -// FakeConn and FakeAddr are to allow unmarshaling of ztls objects that contain -// net.Conn objects -// With the exeption of recovering the net.Addr strings contained in the JSON, -// any attempt to use these objects will result in a runtime panic() -type FakeConn struct { - localAddr FakeAddr - remoteAddr FakeAddr -} - -func (fConn FakeConn) Read(b []byte) (int, error) { - panic("Read() on FakeConn") -} - -func (fConn FakeConn) Write(b []byte) (int, error) { - panic("Write() on FakeConn") -} - -func (fConn FakeConn) Close() error { - panic("Close() on FakeConn") -} - -func (fConn FakeConn) LocalAddr() net.Addr { - return fConn.localAddr -} - -func (fConn FakeConn) RemoteAddr() net.Addr { - return fConn.remoteAddr -} - -func (fConn FakeConn) SetDeadline(t time.Time) error { - panic("SetDeadline() on FakeConn") -} - -func (fConn FakeConn) SetReadDeadline(t time.Time) error { - panic("SetReadDeadline() on FakeConn") -} - -func (fConn FakeConn) SetWriteDeadline(t time.Time) error { - panic("SetWriteDeadline() on FakeConn") -} - -type FakeAddr struct { - networkStr string - stringStr string -} - -func (fAddr FakeAddr) String() string { - return fAddr.stringStr -} - -func (fAddr FakeAddr) Network() string { - return fAddr.networkStr -} - -type ConfigJSON struct { - Certificates []Certificate `json:"certificates,omitempty"` - RootCAs *x509.CertPool `json:"root_cas,omitempty"` - NextProtos []string `json:"next_protocols,omitempty"` - ServerName string `json:"server_name,omitempty"` - ClientAuth ClientAuthType `json:"client_auth_type"` - ClientCAs *x509.CertPool `json:"client_cas,omitempty"` - InsecureSkipVerify bool `json:"skip_verify"` - CipherSuites []CipherSuite `json:"cipher_suites,omitempty"` - PreferServerCipherSuites bool `json:"prefer_server_cipher_suites"` - SessionTicketsDisabled bool `json:"session_tickets_disabled"` - SessionTicketKey []byte `json:"session_ticket_key,omitempty"` - ClientSessionCache ClientSessionCache `json:"client_session_cache,omitempty"` - MinVersion TLSVersion `json:"min_tls_version,omitempty"` - MaxVersion TLSVersion `json:"max_tls_version,omitempty"` - CurvePreferences []CurveID `json:"curve_preferences,omitempty"` - ForceSuites bool `json:"force_cipher_suites"1` - ExportRSAKey *rsa.PrivateKey `json:"export_rsa_key,omitempty"` - HeartbeatEnabled bool `json:"heartbeat_enabled"` - ClientDSAEnabled bool `json:"client_dsa_enabled"` - ExtendedRandom bool `json:"extended_random_enabled"` - ForceSessionTicketExt bool `json:"session_ticket_ext_enabled"` - ExtendedMasterSecret bool `json:"extended_master_secret_enabled"` - SignedCertificateTimestampExt bool `json:"sct_ext_enabled"` - ClientRandom []byte `json:"client_random,omitempty"` - ExternalClientHello []byte `json:"external_client_hello,omitempty"` - ClientFingerprintConfiguration *ClientFingerprintConfiguration `json:"client_fingerprint_config,omitempty"` -} - -func (config *Config) MarshalJSON() ([]byte, error) { - aux := new(ConfigJSON) - - aux.Certificates = config.Certificates - aux.RootCAs = config.RootCAs - aux.NextProtos = config.NextProtos - aux.ServerName = config.ServerName - aux.ClientAuth = config.ClientAuth - aux.ClientCAs = config.ClientCAs - aux.InsecureSkipVerify = config.InsecureSkipVerify - - ciphers := config.cipherSuites() - aux.CipherSuites = make([]CipherSuite, len(ciphers)) - for i, aCipher := range ciphers { - aux.CipherSuites[i] = CipherSuite(aCipher) - } - - aux.PreferServerCipherSuites = config.PreferServerCipherSuites - aux.SessionTicketsDisabled = config.SessionTicketsDisabled - aux.SessionTicketKey = config.SessionTicketKey[:] - aux.ClientSessionCache = config.ClientSessionCache - aux.MinVersion = TLSVersion(config.minVersion()) - aux.MaxVersion = TLSVersion(config.maxVersion()) - aux.CurvePreferences = config.curvePreferences() - aux.ForceSuites = config.ForceSuites - aux.ExportRSAKey = config.ExportRSAKey - aux.HeartbeatEnabled = config.HeartbeatEnabled - aux.ClientDSAEnabled = config.ClientDSAEnabled - aux.ExtendedRandom = config.ExtendedRandom - aux.ForceSessionTicketExt = config.ForceSessionTicketExt - aux.ExtendedMasterSecret = config.ExtendedMasterSecret - aux.SignedCertificateTimestampExt = config.SignedCertificateTimestampExt - aux.ClientRandom = config.ClientRandom - aux.ExternalClientHello = config.ExternalClientHello - aux.ClientFingerprintConfiguration = config.ClientFingerprintConfiguration - - return json.Marshal(aux) -} - -func (config *Config) UnmarshalJSON(b []byte) error { - panic("unimplemented") -} diff --git a/ztools/ztls/conn.go b/ztools/ztls/conn.go deleted file mode 100644 index f1e7b31a..00000000 --- a/ztools/ztls/conn.go +++ /dev/null @@ -1,1097 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// TLS low level connection and record layer - -package ztls - -import ( - "bytes" - "crypto/cipher" - "crypto/subtle" - "errors" - "fmt" - "io" - "net" - "sync" - "time" - - "github.com/zmap/zgrab/ztools/x509" -) - -// A Conn represents a secured connection. -// It implements the net.Conn interface. -type Conn struct { - // constant - conn net.Conn - isClient bool - - // constant after handshake; protected by handshakeMutex - handshakeMutex sync.Mutex // handshakeMutex < in.Mutex, out.Mutex, errMutex - handshakeErr error // error resulting from handshake - vers uint16 // TLS version - haveVers bool // version has been negotiated - config *Config // configuration passed to constructor - handshakeComplete bool - didResume bool // whether this connection was a session resumption - extendedMasterSecret bool // whether this session used an extended master secret - cipherSuite uint16 - ocspResponse []byte // stapled OCSP response - peerCertificates []*x509.Certificate - // verifiedChains contains the certificate chains that we built, as - // opposed to the ones presented by the server. - verifiedChains [][]*x509.Certificate - // serverName contains the server name indicated by the client, if any. - serverName string - - clientProtocol string - clientProtocolFallback bool - - // input/output - in, out halfConn // in.Mutex < out.Mutex - rawInput *block // raw input, right off the wire - input *block // application data waiting to be read - hand bytes.Buffer // handshake data waiting to be read - - tmp [16]byte - - // ztls - heartbeat bool - handshakeLog *ServerHandshake - heartbleedLog *Heartbleed - - // Missing cipher - cipherError error - - // Client ciphers - clientCiphers []uint16 - - // Raw client hello - clientHelloRaw []byte -} - -func (c *Conn) ClientHelloRaw() []byte { - if c.clientHelloRaw == nil { - return []byte{} - } - return c.clientHelloRaw -} - -func (c *Conn) ClientCiphers() []CipherSuite { - if c.clientCiphers == nil { - return []CipherSuite{} - } - out := make([]CipherSuite, len(c.clientCiphers)) - for idx, val := range c.clientCiphers { - out[idx] = CipherSuite(val) - } - return out -} - -// Access to net.Conn methods. -// Cannot just embed net.Conn because that would -// export the struct field too. - -// LocalAddr returns the local network address. -func (c *Conn) LocalAddr() net.Addr { - return c.conn.LocalAddr() -} - -// RemoteAddr returns the remote network address. -func (c *Conn) RemoteAddr() net.Addr { - return c.conn.RemoteAddr() -} - -// SetDeadline sets the read and write deadlines associated with the connection. -// A zero value for t means Read and Write will not time out. -// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error. -func (c *Conn) SetDeadline(t time.Time) error { - return c.conn.SetDeadline(t) -} - -// SetReadDeadline sets the read deadline on the underlying connection. -// A zero value for t means Read will not time out. -func (c *Conn) SetReadDeadline(t time.Time) error { - return c.conn.SetReadDeadline(t) -} - -// SetWriteDeadline sets the write deadline on the underlying connection. -// A zero value for t means Write will not time out. -// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error. -func (c *Conn) SetWriteDeadline(t time.Time) error { - return c.conn.SetWriteDeadline(t) -} - -// A halfConn represents one direction of the record layer -// connection, either sending or receiving. -type halfConn struct { - sync.Mutex - - err error // first permanent error - version uint16 // protocol version - cipher interface{} // cipher algorithm - mac macFunction - seq [8]byte // 64-bit sequence number - bfree *block // list of free blocks - - nextCipher interface{} // next encryption state - nextMac macFunction // next MAC algorithm - - // used to save allocating a new buffer for each MAC. - inDigestBuf, outDigestBuf []byte -} - -func (hc *halfConn) setErrorLocked(err error) error { - hc.err = err - return err -} - -func (hc *halfConn) error() error { - hc.Lock() - err := hc.err - hc.Unlock() - return err -} - -// prepareCipherSpec sets the encryption and MAC states -// that a subsequent changeCipherSpec will use. -func (hc *halfConn) prepareCipherSpec(version uint16, cipher interface{}, mac macFunction) { - hc.version = version - hc.nextCipher = cipher - hc.nextMac = mac -} - -// changeCipherSpec changes the encryption and MAC states -// to the ones previously passed to prepareCipherSpec. -func (hc *halfConn) changeCipherSpec() error { - if hc.nextCipher == nil { - return alertInternalError - } - hc.cipher = hc.nextCipher - hc.mac = hc.nextMac - hc.nextCipher = nil - hc.nextMac = nil - for i := range hc.seq { - hc.seq[i] = 0 - } - return nil -} - -// incSeq increments the sequence number. -func (hc *halfConn) incSeq(isOutgoing bool) { - limit := 0 - increment := uint64(1) - for i := 7; i >= limit; i-- { - increment += uint64(hc.seq[i]) - hc.seq[i] = byte(increment) - increment >>= 8 - } - - // Not allowed to let sequence number wrap. - // Instead, must renegotiate before it does. - // Not likely enough to bother. - if increment != 0 { - panic("TLS: sequence number wraparound") - } -} - -// resetSeq resets the sequence number to zero. -func (hc *halfConn) resetSeq() { - for i := range hc.seq { - hc.seq[i] = 0 - } -} - -func (hc *halfConn) recordHeaderLen() int { - return tlsRecordHeaderLen -} - -// removePadding returns an unpadded slice, in constant time, which is a prefix -// of the input. It also returns a byte which is equal to 255 if the padding -// was valid and 0 otherwise. See RFC 2246, section 6.2.3.2 -func removePadding(payload []byte) ([]byte, byte) { - if len(payload) < 1 { - return payload, 0 - } - - paddingLen := payload[len(payload)-1] - t := uint(len(payload)-1) - uint(paddingLen) - // if len(payload) >= (paddingLen - 1) then the MSB of t is zero - good := byte(int32(^t) >> 31) - - toCheck := 255 // the maximum possible padding length - // The length of the padded data is public, so we can use an if here - if toCheck+1 > len(payload) { - toCheck = len(payload) - 1 - } - - for i := 0; i < toCheck; i++ { - t := uint(paddingLen) - uint(i) - // if i <= paddingLen then the MSB of t is zero - mask := byte(int32(^t) >> 31) - b := payload[len(payload)-1-i] - good &^= mask&paddingLen ^ mask&b - } - - // We AND together the bits of good and replicate the result across - // all the bits. - good &= good << 4 - good &= good << 2 - good &= good << 1 - good = uint8(int8(good) >> 7) - - toRemove := good&paddingLen + 1 - return payload[:len(payload)-int(toRemove)], good -} - -// removePaddingSSL30 is a replacement for removePadding in the case that the -// protocol version is SSLv3. In this version, the contents of the padding -// are random and cannot be checked. -func removePaddingSSL30(payload []byte) ([]byte, byte) { - if len(payload) < 1 { - return payload, 0 - } - - paddingLen := int(payload[len(payload)-1]) + 1 - if paddingLen > len(payload) { - return payload, 0 - } - - return payload[:len(payload)-paddingLen], 255 -} - -func roundUp(a, b int) int { - return a + (b-a%b)%b -} - -// cbcMode is an interface for block ciphers using cipher block chaining. -type cbcMode interface { - cipher.BlockMode - SetIV([]byte) -} - -// decrypt checks and strips the mac and decrypts the data in b. Returns a -// success boolean, the number of bytes to skip from the start of the record in -// order to get the application payload, and an optional alert value. -func (hc *halfConn) decrypt(b *block) (ok bool, prefixLen int, alertValue alert) { - recordHeaderLen := hc.recordHeaderLen() - - // pull out payload - payload := b.data[recordHeaderLen:] - - macSize := 0 - if hc.mac != nil { - macSize = hc.mac.Size() - } - - paddingGood := byte(255) - explicitIVLen := 0 - - seq := hc.seq[:] - - // decrypt - if hc.cipher != nil { - switch c := hc.cipher.(type) { - case cipher.Stream: - c.XORKeyStream(payload, payload) - case *tlsAead: - nonce := seq - if c.explicitNonce { - explicitIVLen = 8 - if len(payload) < explicitIVLen { - return false, 0, alertBadRecordMAC - } - nonce = payload[:8] - payload = payload[8:] - } - - var additionalData [13]byte - copy(additionalData[:], seq) - copy(additionalData[8:], b.data[:3]) - n := len(payload) - c.Overhead() - additionalData[11] = byte(n >> 8) - additionalData[12] = byte(n) - var err error - payload, err = c.Open(payload[:0], nonce, payload, additionalData[:]) - if err != nil { - return false, 0, alertBadRecordMAC - } - b.resize(recordHeaderLen + explicitIVLen + len(payload)) - case cbcMode: - blockSize := c.BlockSize() - if hc.version >= VersionTLS11 { - explicitIVLen = blockSize - } - - if len(payload)%blockSize != 0 || len(payload) < roundUp(explicitIVLen+macSize+1, blockSize) { - return false, 0, alertBadRecordMAC - } - - if explicitIVLen > 0 { - c.SetIV(payload[:explicitIVLen]) - payload = payload[explicitIVLen:] - } - c.CryptBlocks(payload, payload) - if hc.version == VersionSSL30 { - payload, paddingGood = removePaddingSSL30(payload) - } else { - payload, paddingGood = removePadding(payload) - } - b.resize(recordHeaderLen + explicitIVLen + len(payload)) - - // note that we still have a timing side-channel in the - // MAC check, below. An attacker can align the record - // so that a correct padding will cause one less hash - // block to be calculated. Then they can iteratively - // decrypt a record by breaking each byte. See - // "Password Interception in a SSL/TLS Channel", Brice - // Canvel et al. - // - // However, our behavior matches OpenSSL, so we leak - // only as much as they do. - default: - panic("unknown cipher type") - } - } - - // check, strip mac - if hc.mac != nil { - if len(payload) < macSize { - return false, 0, alertBadRecordMAC - } - - // strip mac off payload, b.data - n := len(payload) - macSize - b.data[recordHeaderLen-2] = byte(n >> 8) - b.data[recordHeaderLen-1] = byte(n) - b.resize(recordHeaderLen + explicitIVLen + n) - remoteMAC := payload[n:] - localMAC := hc.mac.MAC(hc.inDigestBuf, seq, b.data[:3], b.data[recordHeaderLen-2:recordHeaderLen], payload[:n]) - - if subtle.ConstantTimeCompare(localMAC, remoteMAC) != 1 || paddingGood != 255 { - return false, 0, alertBadRecordMAC - } - hc.inDigestBuf = localMAC - } - hc.incSeq(false) - - return true, recordHeaderLen + explicitIVLen, 0 -} - -// padToBlockSize calculates the needed padding block, if any, for a payload. -// On exit, prefix aliases payload and extends to the end of the last full -// block of payload. finalBlock is a fresh slice which contains the contents of -// any suffix of payload as well as the needed padding to make finalBlock a -// full block. -func padToBlockSize(payload []byte, blockSize int) (prefix, finalBlock []byte) { - overrun := len(payload) % blockSize - prefix = payload[:len(payload)-overrun] - - paddingLen := blockSize - overrun - finalSize := blockSize - finalBlock = make([]byte, finalSize) - for i := range finalBlock { - finalBlock[i] = byte(paddingLen - 1) - } - copy(finalBlock, payload[len(payload)-overrun:]) - return -} - -// encrypt encrypts and macs the data in b. -func (hc *halfConn) encrypt(b *block, explicitIVLen int) (bool, alert) { - recordHeaderLen := hc.recordHeaderLen() - - // mac - if hc.mac != nil { - mac := hc.mac.MAC(hc.outDigestBuf, hc.seq[0:], b.data[:3], b.data[recordHeaderLen-2:recordHeaderLen], b.data[recordHeaderLen+explicitIVLen:]) - - n := len(b.data) - b.resize(n + len(mac)) - copy(b.data[n:], mac) - hc.outDigestBuf = mac - } - - payload := b.data[recordHeaderLen:] - - // encrypt - if hc.cipher != nil { - switch c := hc.cipher.(type) { - case cipher.Stream: - c.XORKeyStream(payload, payload) - case *tlsAead: - payloadLen := len(b.data) - recordHeaderLen - explicitIVLen - b.resize(len(b.data) + c.Overhead()) - nonce := hc.seq[:] - if c.explicitNonce { - nonce = b.data[recordHeaderLen : recordHeaderLen+explicitIVLen] - } - payload := b.data[recordHeaderLen+explicitIVLen:] - payload = payload[:payloadLen] - - var additionalData [13]byte - copy(additionalData[:], hc.seq[:]) - copy(additionalData[8:], b.data[:3]) - additionalData[11] = byte(payloadLen >> 8) - additionalData[12] = byte(payloadLen) - - c.Seal(payload[:0], nonce, payload, additionalData[:]) - case cbcMode: - blockSize := c.BlockSize() - if explicitIVLen > 0 { - c.SetIV(payload[:explicitIVLen]) - payload = payload[explicitIVLen:] - } - prefix, finalBlock := padToBlockSize(payload, blockSize) - b.resize(recordHeaderLen + explicitIVLen + len(prefix) + len(finalBlock)) - c.CryptBlocks(b.data[recordHeaderLen+explicitIVLen:], prefix) - c.CryptBlocks(b.data[recordHeaderLen+explicitIVLen+len(prefix):], finalBlock) - default: - panic("unknown cipher type") - } - } - - // update length to include MAC and any block padding needed. - n := len(b.data) - recordHeaderLen - b.data[recordHeaderLen-2] = byte(n >> 8) - b.data[recordHeaderLen-1] = byte(n) - hc.incSeq(true) - - return true, 0 -} - -// A block is a simple data buffer. -type block struct { - data []byte - off int // index for Read - link *block -} - -// resize resizes block to be n bytes, growing if necessary. -func (b *block) resize(n int) { - if n > cap(b.data) { - b.reserve(n) - } - b.data = b.data[0:n] -} - -// reserve makes sure that block contains a capacity of at least n bytes. -func (b *block) reserve(n int) { - if cap(b.data) >= n { - return - } - m := cap(b.data) - if m == 0 { - m = 1024 - } - for m < n { - m *= 2 - } - data := make([]byte, len(b.data), m) - copy(data, b.data) - b.data = data -} - -// readFromUntil reads from r into b until b contains at least n bytes -// or else returns an error. -func (b *block) readFromUntil(r io.Reader, n int) error { - // quick case - if len(b.data) >= n { - return nil - } - - // read until have enough. - b.reserve(n) - for { - m, err := r.Read(b.data[len(b.data):cap(b.data)]) - b.data = b.data[0 : len(b.data)+m] - if len(b.data) >= n { - // TODO(bradfitz,agl): slightly suspicious - // that we're throwing away r.Read's err here. - break - } - if err != nil { - return err - } - } - return nil -} - -func (b *block) Read(p []byte) (n int, err error) { - n = copy(p, b.data[b.off:]) - b.off += n - return -} - -// newBlock allocates a new block, from hc's free list if possible. -func (hc *halfConn) newBlock() *block { - b := hc.bfree - if b == nil { - return new(block) - } - hc.bfree = b.link - b.link = nil - b.resize(0) - return b -} - -// freeBlock returns a block to hc's free list. -// The protocol is such that each side only has a block or two on -// its free list at a time, so there's no need to worry about -// trimming the list, etc. -func (hc *halfConn) freeBlock(b *block) { - b.link = hc.bfree - hc.bfree = b -} - -// splitBlock splits a block after the first n bytes, -// returning a block with those n bytes and a -// block with the remainder. the latter may be nil. -func (hc *halfConn) splitBlock(b *block, n int) (*block, *block) { - if len(b.data) <= n { - return b, nil - } - bb := hc.newBlock() - bb.resize(len(b.data) - n) - copy(bb.data, b.data[n:]) - b.data = b.data[0:n] - return b, bb -} - -// readRecord reads the next TLS record from the connection -// and updates the record layer state. -// c.in.Mutex <= L; c.input == nil. -func (c *Conn) readRecord(want recordType) error { - // Caller must be in sync with connection: - // handshake data if handshake not yet completed, - // else application data. (We don't support renegotiation.) - switch want { - default: - c.sendAlert(alertInternalError) - return c.in.setErrorLocked(errors.New("tls: unknown record type requested")) - case recordTypeHandshake, recordTypeChangeCipherSpec: - if c.handshakeComplete { - c.sendAlert(alertInternalError) - return c.in.setErrorLocked(errors.New("tls: handshake or ChangeCipherSpec requested after handshake complete")) - } - case recordTypeApplicationData, recordTypeHeartbeat: - if !c.handshakeComplete { - c.sendAlert(alertInternalError) - return c.in.setErrorLocked(errors.New("tls: application data record requested before handshake complete")) - } - } - -Again: - if c.rawInput == nil { - c.rawInput = c.in.newBlock() - } - b := c.rawInput - recordHeaderLen := c.in.recordHeaderLen() - // Read header, payload. - if err := b.readFromUntil(c.conn, recordHeaderLen); err != nil { - // RFC suggests that EOF without an alertCloseNotify is - // an error, but popular web sites seem to do this, - // so we can't make it an error. - // if err == io.EOF { - // err = io.ErrUnexpectedEOF - // } - if e, ok := err.(net.Error); !ok || !e.Temporary() { - c.in.setErrorLocked(err) - } - return err - } - typ := recordType(b.data[0]) - - // No valid TLS record has a type of 0x80, however SSLv2 handshakes - // start with a uint16 length where the MSB is set and the first record - // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests - // an SSLv2 client. - if want == recordTypeHandshake && typ == 0x80 { - c.sendAlert(alertProtocolVersion) - return c.in.setErrorLocked(errors.New("tls: unsupported SSLv2 handshake received")) - } - - vers := uint16(b.data[1])<<8 | uint16(b.data[2]) - n := int(b.data[3])<<8 | int(b.data[4]) - if c.haveVers && vers != c.vers { - c.sendAlert(alertProtocolVersion) - return c.in.setErrorLocked(fmt.Errorf("tls: received record with version %x when expecting version %x", vers, c.vers)) - } - if n > maxCiphertext { - c.sendAlert(alertRecordOverflow) - return c.in.setErrorLocked(fmt.Errorf("tls: oversized record received with length %d", n)) - } - if !c.haveVers { - // First message, be extra suspicious: - // this might not be a TLS client. - // Bail out before reading a full 'body', if possible. - // The current max version is 3.1. - // If the version is >= 16.0, it's probably not real. - // Similarly, a clientHello message encodes in - // well under a kilobyte. If the length is >= 12 kB, - // it's probably not real. - if (typ != recordTypeAlert && typ != want) || vers >= 0x1000 || n >= 0x3000 { - c.sendAlert(alertUnexpectedMessage) - return c.in.setErrorLocked(fmt.Errorf("tls: first record does not look like a TLS handshake")) - } - } - if err := b.readFromUntil(c.conn, recordHeaderLen+n); err != nil { - if err == io.EOF { - err = io.ErrUnexpectedEOF - } - if e, ok := err.(net.Error); !ok || !e.Temporary() { - c.in.setErrorLocked(err) - } - return err - } - - // Process message. - b, c.rawInput = c.in.splitBlock(b, recordHeaderLen+n) - ok, off, err := c.in.decrypt(b) - if !ok { - c.in.setErrorLocked(c.sendAlert(err)) - } - b.off = off - data := b.data[b.off:] - if len(data) > maxPlaintext { - err := c.sendAlert(alertRecordOverflow) - c.in.freeBlock(b) - return c.in.setErrorLocked(err) - } - - switch typ { - default: - c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - - case recordTypeAlert: - if len(data) != 2 { - c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - break - } - if alert(data[1]) == alertCloseNotify { - c.in.setErrorLocked(io.EOF) - break - } - switch data[0] { - case alertLevelWarning: - // drop on the floor - c.in.freeBlock(b) - goto Again - case alertLevelError: - c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])}) - default: - c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - } - - case recordTypeChangeCipherSpec: - if typ != want || len(data) != 1 || data[0] != 1 { - c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - break - } - err := c.in.changeCipherSpec() - if err != nil { - c.in.setErrorLocked(c.sendAlert(err.(alert))) - } - - case recordTypeApplicationData: - if typ != want { - c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - break - } - c.input = b - b = nil - - case recordTypeHandshake: - // TODO(rsc): Should at least pick off connection close. - if typ != want { - return c.in.setErrorLocked(c.sendAlert(alertNoRenegotiation)) - } - c.hand.Write(data) - case recordTypeHeartbeat: - if want != recordTypeHeartbeat { - return c.sendAlert(alertUnexpectedMessage) - } - c.heartbleedLog.Vulnerable = true - c.input = b - b = nil - } - - if b != nil { - c.in.freeBlock(b) - } - return c.in.err -} - -// sendAlert sends a TLS alert message. -// c.out.Mutex <= L. -func (c *Conn) sendAlertLocked(err alert) error { - switch err { - case alertNoRenegotiation, alertCloseNotify: - c.tmp[0] = alertLevelWarning - default: - c.tmp[0] = alertLevelError - } - c.tmp[1] = byte(err) - c.writeRecord(recordTypeAlert, c.tmp[0:2]) - // closeNotify is a special case in that it isn't an error: - if err != alertCloseNotify { - return c.out.setErrorLocked(&net.OpError{Op: "local error", Err: err}) - } - return nil -} - -// sendAlert sends a TLS alert message. -// L < c.out.Mutex. -func (c *Conn) sendAlert(err alert) error { - c.out.Lock() - defer c.out.Unlock() - return c.sendAlertLocked(err) -} - -// writeRecord writes a TLS record with the given type and payload -// to the connection and updates the record layer state. -// c.out.Mutex <= L. -func (c *Conn) writeRecord(typ recordType, data []byte) (n int, err error) { - - recordHeaderLen := tlsRecordHeaderLen - b := c.out.newBlock() - first := true - //isClientHello := typ == recordTypeHandshake && len(data) > 0 && data[0] == typeClientHello - for len(data) > 0 || first { - m := len(data) - if m > maxPlaintext { - m = maxPlaintext - } - explicitIVLen := 0 - explicitIVIsSeq := false - first = false - - var cbc cbcMode - if c.out.version >= VersionTLS11 { - var ok bool - if cbc, ok = c.out.cipher.(cbcMode); ok { - explicitIVLen = cbc.BlockSize() - } - } - if explicitIVLen == 0 { - if aead, ok := c.out.cipher.(*tlsAead); ok && aead.explicitNonce { - explicitIVLen = 8 - // The AES-GCM construction in TLS has an - // explicit nonce so that the nonce can be - // random. However, the nonce is only 8 bytes - // which is too small for a secure, random - // nonce. Therefore we use the sequence number - // as the nonce. - explicitIVIsSeq = true - } - } - b.resize(recordHeaderLen + explicitIVLen + m) - b.data[0] = byte(typ) - vers := c.vers - if vers == 0 { - // Some TLS servers fail if the record version is - // greater than TLS 1.0 for the initial ClientHello. - vers = VersionTLS10 - } - b.data[1] = byte(vers >> 8) - b.data[2] = byte(vers) - b.data[3] = byte(m >> 8) - b.data[4] = byte(m) - if explicitIVLen > 0 { - explicitIV := b.data[recordHeaderLen : recordHeaderLen+explicitIVLen] - if explicitIVIsSeq { - copy(explicitIV, c.out.seq[:]) - } else { - if _, err = io.ReadFull(c.config.rand(), explicitIV); err != nil { - break - } - } - } - copy(b.data[recordHeaderLen+explicitIVLen:], data) - c.out.encrypt(b, explicitIVLen) - _, err = c.conn.Write(b.data) - if err != nil { - break - } - n += m - data = data[m:] - } - c.out.freeBlock(b) - - if typ == recordTypeChangeCipherSpec { - err = c.out.changeCipherSpec() - if err != nil { - // Cannot call sendAlert directly, - // because we already hold c.out.Mutex. - c.tmp[0] = alertLevelError - c.tmp[1] = byte(err.(alert)) - c.writeRecord(recordTypeAlert, c.tmp[0:2]) - return n, c.out.setErrorLocked(&net.OpError{Op: "local error", Err: err}) - } - } - return -} - -// readHandshake reads the next handshake message from -// the record layer. -// c.in.Mutex < L; c.out.Mutex < L. -func (c *Conn) readHandshake() (interface{}, error) { - for c.hand.Len() < 4 { - if err := c.in.err; err != nil { - return nil, err - } - if err := c.readRecord(recordTypeHandshake); err != nil { - return nil, err - } - } - - data := c.hand.Bytes() - n := int(data[1])<<16 | int(data[2])<<8 | int(data[3]) - if n > maxHandshake { - return nil, c.in.setErrorLocked(c.sendAlert(alertInternalError)) - } - for c.hand.Len() < 4+n { - if err := c.in.err; err != nil { - return nil, err - } - if err := c.readRecord(recordTypeHandshake); err != nil { - return nil, err - } - } - data = c.hand.Next(4 + n) - var m handshakeMessage - switch data[0] { - case typeHelloRequest: - m = new(helloRequestMsg) - case typeClientHello: - m = new(clientHelloMsg) - case typeServerHello: - m = new(serverHelloMsg) - case typeNewSessionTicket: - m = new(newSessionTicketMsg) - case typeCertificate: - m = new(certificateMsg) - case typeCertificateRequest: - m = &certificateRequestMsg{ - hasSignatureAndHash: c.vers >= VersionTLS12, - } - case typeCertificateStatus: - m = new(certificateStatusMsg) - case typeServerKeyExchange: - m = new(serverKeyExchangeMsg) - case typeServerHelloDone: - m = new(serverHelloDoneMsg) - case typeClientKeyExchange: - m = new(clientKeyExchangeMsg) - case typeCertificateVerify: - m = &certificateVerifyMsg{ - hasSignatureAndHash: c.vers >= VersionTLS12, - } - case typeNextProtocol: - m = new(nextProtoMsg) - case typeFinished: - m = new(finishedMsg) - default: - return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - } - - // The handshake message unmarshallers - // expect to be able to keep references to data, - // so pass in a fresh copy that won't be overwritten. - data = append([]byte(nil), data...) - - if !m.unmarshal(data) { - return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) - } - return m, nil -} - -// Write writes data to the connection. -func (c *Conn) Write(b []byte) (int, error) { - if err := c.Handshake(); err != nil { - return 0, err - } - - c.out.Lock() - defer c.out.Unlock() - - if err := c.out.err; err != nil { - return 0, err - } - - if !c.handshakeComplete { - return 0, alertInternalError - } - - // SSL 3.0 and TLS 1.0 are susceptible to a chosen-plaintext - // attack when using block mode ciphers due to predictable IVs. - // This can be prevented by splitting each Application Data - // record into two records, effectively randomizing the IV. - // - // http://www.openssl.org/~bodo/tls-cbc.txt - // https://bugzilla.mozilla.org/show_bug.cgi?id=665814 - // http://www.imperialviolet.org/2012/01/15/beastfollowup.html - - var m int - if len(b) > 1 && c.vers <= VersionTLS10 { - if _, ok := c.out.cipher.(cipher.BlockMode); ok { - n, err := c.writeRecord(recordTypeApplicationData, b[:1]) - if err != nil { - return n, c.out.setErrorLocked(err) - } - m, b = 1, b[1:] - } - } - - n, err := c.writeRecord(recordTypeApplicationData, b) - return n + m, c.out.setErrorLocked(err) -} - -// Read can be made to time out and return a net.Error with Timeout() == true -// after a fixed time limit; see SetDeadline and SetReadDeadline. -func (c *Conn) Read(b []byte) (n int, err error) { - if err = c.Handshake(); err != nil { - return - } - if len(b) == 0 { - // Put this after Handshake, in case people were calling - // Read(nil) for the side effect of the Handshake. - return - } - - c.in.Lock() - defer c.in.Unlock() - - // Some OpenSSL servers send empty records in order to randomize the - // CBC IV. So this loop ignores a limited number of empty records. - const maxConsecutiveEmptyRecords = 100 - for emptyRecordCount := 0; emptyRecordCount <= maxConsecutiveEmptyRecords; emptyRecordCount++ { - for c.input == nil && c.in.err == nil { - if err := c.readRecord(recordTypeApplicationData); err != nil { - // Soft error, like EAGAIN - return 0, err - } - } - if err := c.in.err; err != nil { - return 0, err - } - - n, err = c.input.Read(b) - if c.input.off >= len(c.input.data) { - c.in.freeBlock(c.input) - c.input = nil - } - - // If a close-notify alert is waiting, read it so that - // we can return (n, EOF) instead of (n, nil), to signal - // to the HTTP response reading goroutine that the - // connection is now closed. This eliminates a race - // where the HTTP response reading goroutine would - // otherwise not observe the EOF until its next read, - // by which time a client goroutine might have already - // tried to reuse the HTTP connection for a new - // request. - // See https://codereview.appspot.com/76400046 - // and http://golang.org/issue/3514 - if ri := c.rawInput; ri != nil && - n != 0 && err == nil && - c.input == nil && len(ri.data) > 0 && recordType(ri.data[0]) == recordTypeAlert { - if recErr := c.readRecord(recordTypeApplicationData); recErr != nil { - err = recErr // will be io.EOF on closeNotify - } - } - - if n != 0 || err != nil { - return n, err - } - } - - return 0, io.ErrNoProgress -} - -// Close closes the connection. -func (c *Conn) Close() error { - var alertErr error - - c.handshakeMutex.Lock() - defer c.handshakeMutex.Unlock() - if c.handshakeComplete { - alertErr = c.sendAlert(alertCloseNotify) - } - - if err := c.conn.Close(); err != nil { - return err - } - return alertErr -} - -// Handshake runs the client or server handshake -// protocol if it has not yet been run. -// Most uses of this package need not call Handshake -// explicitly: the first Read or Write will call it automatically. -func (c *Conn) Handshake() error { - c.handshakeMutex.Lock() - defer c.handshakeMutex.Unlock() - if err := c.handshakeErr; err != nil { - return err - } - if c.handshakeComplete { - return nil - } - - if c.isClient { - c.handshakeErr = c.clientHandshake() - } else { - c.handshakeErr = c.serverHandshake() - } - return c.handshakeErr -} - -// ConnectionState returns basic TLS details about the connection. -func (c *Conn) ConnectionState() ConnectionState { - c.handshakeMutex.Lock() - defer c.handshakeMutex.Unlock() - - var state ConnectionState - state.HandshakeComplete = c.handshakeComplete - if c.handshakeComplete { - state.Version = c.vers - state.NegotiatedProtocol = c.clientProtocol - state.DidResume = c.didResume - state.NegotiatedProtocolIsMutual = !c.clientProtocolFallback - state.CipherSuite = c.cipherSuite - state.PeerCertificates = c.peerCertificates - state.VerifiedChains = c.verifiedChains - state.ServerName = c.serverName - } - - return state -} - -// OCSPResponse returns the stapled OCSP response from the TLS server, if -// any. (Only valid for client connections.) -func (c *Conn) OCSPResponse() []byte { - c.handshakeMutex.Lock() - defer c.handshakeMutex.Unlock() - - return c.ocspResponse -} - -// VerifyHostname checks that the peer certificate chain is valid for -// connecting to host. If so, it returns nil; if not, it returns an error -// describing the problem. -func (c *Conn) VerifyHostname(host string) error { - c.handshakeMutex.Lock() - defer c.handshakeMutex.Unlock() - if !c.isClient { - return errors.New("tls: VerifyHostname called on TLS server connection") - } - if !c.handshakeComplete { - return errors.New("tls: handshake has not yet been performed") - } - return c.peerCertificates[0].VerifyHostname(host) -} - -func (c *Conn) Config() *Config { - return c.config -} diff --git a/ztools/ztls/conn_test.go b/ztools/ztls/conn_test.go deleted file mode 100644 index 83cb7a05..00000000 --- a/ztools/ztls/conn_test.go +++ /dev/null @@ -1,106 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "testing" -) - -func TestRoundUp(t *testing.T) { - if roundUp(0, 16) != 0 || - roundUp(1, 16) != 16 || - roundUp(15, 16) != 16 || - roundUp(16, 16) != 16 || - roundUp(17, 16) != 32 { - t.Error("roundUp broken") - } -} - -var paddingTests = []struct { - in []byte - good bool - expectedLen int -}{ - {[]byte{1, 2, 3, 4, 0}, true, 4}, - {[]byte{1, 2, 3, 4, 0, 1}, false, 0}, - {[]byte{1, 2, 3, 4, 99, 99}, false, 0}, - {[]byte{1, 2, 3, 4, 1, 1}, true, 4}, - {[]byte{1, 2, 3, 2, 2, 2}, true, 3}, - {[]byte{1, 2, 3, 3, 3, 3}, true, 2}, - {[]byte{1, 2, 3, 4, 3, 3}, false, 0}, - {[]byte{1, 4, 4, 4, 4, 4}, true, 1}, - {[]byte{5, 5, 5, 5, 5, 5}, true, 0}, - {[]byte{6, 6, 6, 6, 6, 6}, false, 0}, -} - -func TestRemovePadding(t *testing.T) { - for i, test := range paddingTests { - payload, good := removePadding(test.in) - expectedGood := byte(255) - if !test.good { - expectedGood = 0 - } - if good != expectedGood { - t.Errorf("#%d: wrong validity, want:%d got:%d", i, expectedGood, good) - } - if good == 255 && len(payload) != test.expectedLen { - t.Errorf("#%d: got %d, want %d", i, len(payload), test.expectedLen) - } - } -} - -var certExampleCom = `308201403081eda003020102020101300b06092a864886f70d010105301e311c301a060355040a131354657374696e67204365727469666963617465301e170d3131313030313138353835325a170d3132303933303138353835325a301e311c301a060355040a131354657374696e67204365727469666963617465305a300b06092a864886f70d010101034b003048024100bced6e32368599eeddf18796bfd03958a154f87e5b084f96e85136a56b886733592f493f0fc68b0d6b3551781cb95e13c5de458b28d6fb60d20a9129313261410203010001a31a301830160603551d11040f300d820b6578616d706c652e636f6d300b06092a864886f70d0101050341001a0b419d2c74474c6450654e5f10b32bf426ffdf55cad1c52602e7a9151513a3424c70f5960dcd682db0c33769cc1daa3fcdd3db10809d2392ed4a1bf50ced18` - -var certWildcardExampleCom = `308201423081efa003020102020101300b06092a864886f70d010105301e311c301a060355040a131354657374696e67204365727469666963617465301e170d3131313030313139303034365a170d3132303933303139303034365a301e311c301a060355040a131354657374696e67204365727469666963617465305a300b06092a864886f70d010101034b003048024100bced6e32368599eeddf18796bfd03958a154f87e5b084f96e85136a56b886733592f493f0fc68b0d6b3551781cb95e13c5de458b28d6fb60d20a9129313261410203010001a31c301a30180603551d110411300f820d2a2e6578616d706c652e636f6d300b06092a864886f70d0101050341001676f0c9e7c33c1b656ed5a6476c4e2ee9ec8e62df7407accb1875272b2edd0a22096cb2c22598d11604104d604f810eb4b5987ca6bb319c7e6ce48725c54059` - -var certFooExampleCom = `308201443081f1a003020102020101300b06092a864886f70d010105301e311c301a060355040a131354657374696e67204365727469666963617465301e170d3131313030313139303131345a170d3132303933303139303131345a301e311c301a060355040a131354657374696e67204365727469666963617465305a300b06092a864886f70d010101034b003048024100bced6e32368599eeddf18796bfd03958a154f87e5b084f96e85136a56b886733592f493f0fc68b0d6b3551781cb95e13c5de458b28d6fb60d20a9129313261410203010001a31e301c301a0603551d1104133011820f666f6f2e6578616d706c652e636f6d300b06092a864886f70d010105034100646a2a51f2aa2477add854b462cf5207ba16d3213ffb5d3d0eed473fbf09935019192d1d5b8ca6a2407b424cf04d97c4cd9197c83ecf81f0eab9464a1109d09f` - -var certDoubleWildcardExampleCom = `308201443081f1a003020102020101300b06092a864886f70d010105301e311c301a060355040a131354657374696e67204365727469666963617465301e170d3131313030313139303134315a170d3132303933303139303134315a301e311c301a060355040a131354657374696e67204365727469666963617465305a300b06092a864886f70d010101034b003048024100bced6e32368599eeddf18796bfd03958a154f87e5b084f96e85136a56b886733592f493f0fc68b0d6b3551781cb95e13c5de458b28d6fb60d20a9129313261410203010001a31e301c301a0603551d1104133011820f2a2e2a2e6578616d706c652e636f6d300b06092a864886f70d0101050341001c3de267975f56ef57771c6218ef95ecc65102e57bd1defe6f7efea90d9b26cf40de5bd7ad75e46201c7f2a92aaa3e907451e9409f65e28ddb6db80d726290f6` - -func TestCertificateSelection(t *testing.T) { - config := Config{ - Certificates: []Certificate{ - { - Certificate: [][]byte{fromHex(certExampleCom)}, - }, - { - Certificate: [][]byte{fromHex(certWildcardExampleCom)}, - }, - { - Certificate: [][]byte{fromHex(certFooExampleCom)}, - }, - { - Certificate: [][]byte{fromHex(certDoubleWildcardExampleCom)}, - }, - }, - } - - config.BuildNameToCertificate() - - pointerToIndex := func(c *Certificate) int { - for i := range config.Certificates { - if c == &config.Certificates[i] { - return i - } - } - return -1 - } - - if n := pointerToIndex(config.getCertificateForName("example.com")); n != 0 { - t.Errorf("example.com returned certificate %d, not 0", n) - } - if n := pointerToIndex(config.getCertificateForName("bar.example.com")); n != 1 { - t.Errorf("bar.example.com returned certificate %d, not 1", n) - } - if n := pointerToIndex(config.getCertificateForName("foo.example.com")); n != 2 { - t.Errorf("foo.example.com returned certificate %d, not 2", n) - } - if n := pointerToIndex(config.getCertificateForName("foo.bar.example.com")); n != 3 { - t.Errorf("foo.bar.example.com returned certificate %d, not 3", n) - } - if n := pointerToIndex(config.getCertificateForName("foo.bar.baz.example.com")); n != 0 { - t.Errorf("foo.bar.baz.example.com returned certificate %d, not 0", n) - } -} diff --git a/ztools/ztls/example_test.go b/ztools/ztls/example_test.go deleted file mode 100644 index 80844162..00000000 --- a/ztools/ztls/example_test.go +++ /dev/null @@ -1,57 +0,0 @@ -// Copyright 2014 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls_test - -import ( - "github.com/zmap/zgrab/ztools/x509" - "github.com/zmap/zgrab/ztools/ztls" -) - -func ExampleDial() { - // Connecting with a custom root-certificate set. - - const rootPEM = ` ------BEGIN CERTIFICATE----- -MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG -EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy -bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP -VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv -h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE -ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ -EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC -DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7 -qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD -VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g -K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI -KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n -ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB -BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY -/iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/ -zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza -HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto -WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6 -yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx ------END CERTIFICATE-----` - - // First, create the set of root certificates. For this example we only - // have one. It's also possible to omit this in order to use the - // default root set of the current operating system. - roots := x509.NewCertPool() - ok := roots.AppendCertsFromPEM([]byte(rootPEM)) - if !ok { - panic("failed to parse root certificate") - } - - conn, err := ztls.Dial("tcp", "mail.google.com:443", &ztls.Config{ - RootCAs: roots, - }) - if err != nil { - panic("failed to connect: " + err.Error()) - } - conn.Close() -} diff --git a/ztools/ztls/generate_cert.go b/ztools/ztls/generate_cert.go deleted file mode 100644 index 02ca19ad..00000000 --- a/ztools/ztls/generate_cert.go +++ /dev/null @@ -1,117 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build ignore - -// Generate a self-signed X.509 certificate for a TLS server. Outputs to -// 'cert.pem' and 'key.pem' and will overwrite existing files. - -package main - -import ( - "crypto/rand" - "crypto/rsa" - - "github.com/zmap/ztools/x509" - "github.com/zmap/ztools/x509/pkix" - - "encoding/pem" - "flag" - "fmt" - "log" - "math/big" - "net" - "os" - "strings" - "time" -) - -var ( - host = flag.String("host", "", "Comma-separated hostnames and IPs to generate a certificate for") - validFrom = flag.String("start-date", "", "Creation date formatted as Jan 1 15:04:05 2011") - validFor = flag.Duration("duration", 365*24*time.Hour, "Duration that certificate is valid for") - isCA = flag.Bool("ca", false, "whether this cert should be its own Certificate Authority") - rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate") -) - -func main() { - flag.Parse() - - if len(*host) == 0 { - log.Fatalf("Missing required --host parameter") - } - - priv, err := rsa.GenerateKey(rand.Reader, *rsaBits) - if err != nil { - log.Fatalf("failed to generate private key: %s", err) - } - - var notBefore time.Time - if len(*validFrom) == 0 { - notBefore = time.Now() - } else { - notBefore, err = time.Parse("Jan 2 15:04:05 2006", *validFrom) - if err != nil { - fmt.Fprintf(os.Stderr, "Failed to parse creation date: %s\n", err) - os.Exit(1) - } - } - - notAfter := notBefore.Add(*validFor) - - serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) - serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) - if err != nil { - log.Fatalf("failed to generate serial number: %s", err) - } - - template := x509.Certificate{ - SerialNumber: serialNumber, - Subject: pkix.Name{ - Organization: []string{"Acme Co"}, - }, - NotBefore: notBefore, - NotAfter: notAfter, - - KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, - ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, - BasicConstraintsValid: true, - } - - hosts := strings.Split(*host, ",") - for _, h := range hosts { - if ip := net.ParseIP(h); ip != nil { - template.IPAddresses = append(template.IPAddresses, ip) - } else { - template.DNSNames = append(template.DNSNames, h) - } - } - - if *isCA { - template.IsCA = true - template.KeyUsage |= x509.KeyUsageCertSign - } - - derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv) - if err != nil { - log.Fatalf("Failed to create certificate: %s", err) - } - - certOut, err := os.Create("cert.pem") - if err != nil { - log.Fatalf("failed to open cert.pem for writing: %s", err) - } - pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) - certOut.Close() - log.Print("written cert.pem\n") - - keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) - if err != nil { - log.Print("failed to open key.pem for writing:", err) - return - } - pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)}) - keyOut.Close() - log.Print("written key.pem\n") -} diff --git a/ztools/ztls/handshake_client.go b/ztools/ztls/handshake_client.go deleted file mode 100644 index dda202aa..00000000 --- a/ztools/ztls/handshake_client.go +++ /dev/null @@ -1,1062 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "crypto/dsa" - "crypto/ecdsa" - "crypto/rsa" - "crypto/subtle" - "encoding/asn1" - "encoding/binary" - "errors" - "fmt" - "io" - "math/big" - "net" - "strconv" - "time" - - "github.com/zmap/zgrab/ztools/x509" -) - -type clientHandshakeState struct { - c *Conn - serverHello *serverHelloMsg - hello *clientHelloMsg - suite *cipherSuite - finishedHash finishedHash - masterSecret []byte - preMasterSecret []byte - session *ClientSessionState -} - -type CacheKeyGenerator interface { - Key(net.Addr) string -} - -type ClientFingerprintConfiguration struct { - // Version in the handshake header - HandshakeVersion uint16 - - // if len == 32, it will specify the client random. - // Otherwise, the field will be random - // except the top 4 bytes if InsertTimestamp is true - ClientRandom []byte - InsertTimestamp bool - - // if RandomSessionID > 0, will overwrite SessionID w/ that many - // random bytes when a session resumption occurs - RandomSessionID int - SessionID []byte - - // These fields will appear exactly in order in the ClientHello - CipherSuites []uint16 - CompressionMethods []uint8 - Extensions []ClientExtension - - // Optional, both must be non-nil, or neither. - // Custom Session cache implementations allowed - SessionCache ClientSessionCache - CacheKey CacheKeyGenerator -} - -type ClientExtension interface { - // Produce the bytes on the wire for this extension, type and length included - Marshal() []byte - - // Function will return an error if zTLS does not implement the necessary features for this extension - CheckImplemented() error - - // Modifies the config to reflect the state of the extension - WriteToConfig(*Config) error -} - -func (c *ClientFingerprintConfiguration) CheckImplementedExtensions() error { - for _, ext := range c.Extensions { - if err := ext.CheckImplemented(); err != nil { - return err - } - } - return nil -} - -func (c *ClientFingerprintConfiguration) WriteToConfig(config *Config) error { - config.NextProtos = []string{} - config.CipherSuites = c.CipherSuites - config.MaxVersion = c.HandshakeVersion - config.ClientRandom = c.ClientRandom - config.CurvePreferences = []CurveID{} - config.HeartbeatEnabled = false - config.ExtendedRandom = false - config.ForceSessionTicketExt = false - config.ExtendedMasterSecret = false - config.SignedCertificateTimestampExt = false - for _, ext := range c.Extensions { - if err := ext.WriteToConfig(config); err != nil { - return err - } - } - return nil -} - -func currentTimestamp() ([]byte, error) { - t := time.Now().Unix() - buf := new(bytes.Buffer) - err := binary.Write(buf, binary.BigEndian, t) - return buf.Bytes(), err -} - -func (c *ClientFingerprintConfiguration) marshal(config *Config) ([]byte, error) { - if err := c.CheckImplementedExtensions(); err != nil { - return nil, err - } - head := make([]byte, 38) - head[0] = 1 - head[4] = uint8(c.HandshakeVersion >> 8) - head[5] = uint8(c.HandshakeVersion) - if len(c.ClientRandom) == 32 { - copy(head[6:38], c.ClientRandom[0:32]) - } else { - start := 6 - if c.InsertTimestamp { - t, err := currentTimestamp() - if err != nil { - return nil, err - } - copy(head[start:start+4], t) - start = start + 4 - } - _, err := io.ReadFull(config.rand(), head[start:38]) - if err != nil { - return nil, errors.New("tls: short read from Rand: " + err.Error()) - } - } - - if len(c.SessionID) >= 256 { - return nil, errors.New("tls: SessionID too long") - } - sessionID := make([]byte, len(c.SessionID)+1) - sessionID[0] = uint8(len(c.SessionID)) - if len(c.SessionID) > 0 { - copy(sessionID[1:], c.SessionID) - } - - ciphers := make([]byte, 2+2*len(c.CipherSuites)) - ciphers[0] = uint8(len(c.CipherSuites) >> 7) - ciphers[1] = uint8(len(c.CipherSuites) << 1) - for i, suite := range c.CipherSuites { - if !config.ForceSuites { - found := false - for _, impl := range implementedCipherSuites { - if impl.id == suite { - found = true - } - } - if !found { - return nil, errors.New(fmt.Sprintf("tls: unimplemented cipher suite %d", suite)) - } - } - - ciphers[2+i*2] = uint8(suite >> 8) - ciphers[3+i*2] = uint8(suite) - } - - if len(c.CompressionMethods) >= 256 { - return nil, errors.New("tls: Too many compression methods") - } - compressions := make([]byte, len(c.CompressionMethods)+1) - compressions[0] = uint8(len(c.CompressionMethods)) - if len(c.CompressionMethods) > 0 { - copy(compressions[1:], c.CompressionMethods) - if c.CompressionMethods[0] != 0 { - return nil, errors.New(fmt.Sprintf("tls: unimplemented compression method %d", c.CompressionMethods[0])) - } - if len(c.CompressionMethods) > 1 { - return nil, errors.New(fmt.Sprintf("tls: unimplemented compression method %d", c.CompressionMethods[1])) - } - } else { - return nil, errors.New("tls: no compression method") - } - - var extensions []byte - for _, ext := range c.Extensions { - extensions = append(extensions, ext.Marshal()...) - } - if len(extensions) > 0 { - length := make([]byte, 2) - length[0] = uint8(len(extensions) >> 8) - length[1] = uint8(len(extensions)) - extensions = append(length, extensions...) - } - helloArray := [][]byte{head, sessionID, ciphers, compressions, extensions} - hello := []byte{} - for _, b := range helloArray { - hello = append(hello, b...) - } - lengthOnTheWire := len(hello) - 4 - if lengthOnTheWire >= 1<<24 { - return nil, errors.New("ClientHello message too long") - } - hello[1] = uint8(lengthOnTheWire >> 16) - hello[2] = uint8(lengthOnTheWire >> 8) - hello[3] = uint8(lengthOnTheWire) - - return hello, nil -} - -func (c *Conn) clientHandshake() error { - if c.config == nil { - c.config = defaultConfig() - } - var hello *clientHelloMsg - var helloBytes []byte - var session *ClientSessionState - var sessionCache ClientSessionCache - var cacheKey string - - // first, let's check if a ClientFingerprintConfiguration template was provided by the config - if c.config.ClientFingerprintConfiguration != nil { - if err := c.config.ClientFingerprintConfiguration.WriteToConfig(c.config); err != nil { - return err - } - session = nil - sessionCache = c.config.ClientFingerprintConfiguration.SessionCache - if sessionCache != nil { - if c.config.ClientFingerprintConfiguration.CacheKey == nil { - return errors.New("tls: must specify CacheKey if SessionCache is defined in Config.ClientFingerprintConfiguration") - } - cacheKey = c.config.ClientFingerprintConfiguration.CacheKey.Key(c.conn.RemoteAddr()) - candidateSession, ok := sessionCache.Get(cacheKey) - if ok { - cipherSuiteOk := false - for _, id := range c.config.ClientFingerprintConfiguration.CipherSuites { - if id == candidateSession.cipherSuite { - cipherSuiteOk = true - break - } - } - versOk := candidateSession.vers >= c.config.minVersion() && - candidateSession.vers <= c.config.ClientFingerprintConfiguration.HandshakeVersion - if versOk && cipherSuiteOk { - session = candidateSession - } - } - } - for i, ext := range c.config.ClientFingerprintConfiguration.Extensions { - switch casted := ext.(type) { - case *SessionTicketExtension: - if casted.Autopopulate { - if session == nil { - if !c.config.ForceSessionTicketExt { - c.config.ClientFingerprintConfiguration.Extensions[i] = &NullExtension{} - } - } else { - c.config.ClientFingerprintConfiguration.Extensions[i] = &SessionTicketExtension{session.sessionTicket, true} - if c.config.ClientFingerprintConfiguration.RandomSessionID > 0 { - c.config.ClientFingerprintConfiguration.SessionID = make([]byte, c.config.ClientFingerprintConfiguration.RandomSessionID) - if _, err := io.ReadFull(c.config.rand(), c.config.ClientFingerprintConfiguration.SessionID); err != nil { - c.sendAlert(alertInternalError) - return errors.New("tls: short read from Rand: " + err.Error()) - } - - } - } - } - } - } - var err error - helloBytes, err = c.config.ClientFingerprintConfiguration.marshal(c.config) - if err != nil { - return err - } - hello = &clientHelloMsg{} - if ok := hello.unmarshal(helloBytes); !ok { - return errors.New("tls: incompatible ClientFingerprintConfiguration") - } - - // next, let's check if a ClientHello template was provided by the user - } else if c.config.ExternalClientHello != nil { - - hello = new(clientHelloMsg) - - if !hello.unmarshal(c.config.ExternalClientHello) { - return errors.New("could not read the ClientHello provided") - } - - // update the SNI with one name, whether or not the extension was already there - hello.serverName = c.config.ServerName - - // then we update the 'raw' value of the message - hello.raw = nil - helloBytes = hello.marshal() - - session = nil - sessionCache = nil - } else { - if len(c.config.ServerName) == 0 && !c.config.InsecureSkipVerify { - return errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config") - } - - hello = &clientHelloMsg{ - vers: c.config.maxVersion(), - compressionMethods: []uint8{compressionNone}, - random: make([]byte, 32), - ocspStapling: true, - serverName: c.config.ServerName, - supportedCurves: c.config.curvePreferences(), - supportedPoints: []uint8{pointFormatUncompressed}, - nextProtoNeg: len(c.config.NextProtos) > 0, - secureRenegotiation: true, - alpnProtocols: c.config.NextProtos, - extendedMasterSecret: c.config.maxVersion() >= VersionTLS10 && c.config.ExtendedMasterSecret, - } - - if c.config.ForceSessionTicketExt { - hello.ticketSupported = true - } - if c.config.SignedCertificateTimestampExt { - hello.sctEnabled = true - } - - if c.config.HeartbeatEnabled && !c.config.ExtendedRandom { - hello.heartbeatEnabled = true - hello.heartbeatMode = heartbeatModePeerAllowed - } - - possibleCipherSuites := c.config.cipherSuites() - hello.cipherSuites = make([]uint16, 0, len(possibleCipherSuites)) - - if c.config.ForceSuites { - hello.cipherSuites = possibleCipherSuites - } else { - - NextCipherSuite: - for _, suiteId := range possibleCipherSuites { - for _, suite := range implementedCipherSuites { - if suite.id != suiteId { - continue - } - // Don't advertise TLS 1.2-only cipher suites unless - // we're attempting TLS 1.2. - if hello.vers < VersionTLS12 && suite.flags&suiteTLS12 != 0 { - continue - } - hello.cipherSuites = append(hello.cipherSuites, suiteId) - continue NextCipherSuite - } - } - } - - if len(c.config.ClientRandom) == 32 { - copy(hello.random, c.config.ClientRandom) - } else { - _, err := io.ReadFull(c.config.rand(), hello.random) - if err != nil { - c.sendAlert(alertInternalError) - return errors.New("tls: short read from Rand: " + err.Error()) - } - } - - if c.config.ExtendedRandom { - hello.extendedRandomEnabled = true - hello.extendedRandom = make([]byte, 32) - if _, err := io.ReadFull(c.config.rand(), hello.extendedRandom); err != nil { - return errors.New("tls: short read from Rand: " + err.Error()) - } - } - - if hello.vers >= VersionTLS12 { - hello.signatureAndHashes = c.config.signatureAndHashesForClient() - } - - sessionCache = c.config.ClientSessionCache - if c.config.SessionTicketsDisabled { - sessionCache = nil - } - if sessionCache != nil { - hello.ticketSupported = true - - // Try to resume a previously negotiated TLS session, if - // available. - cacheKey = clientSessionCacheKey(c.conn.RemoteAddr(), c.config) - candidateSession, ok := sessionCache.Get(cacheKey) - if ok { - // Check that the ciphersuite/version used for the - // previous session are still valid. - cipherSuiteOk := false - for _, id := range hello.cipherSuites { - if id == candidateSession.cipherSuite { - cipherSuiteOk = true - break - } - } - - versOk := candidateSession.vers >= c.config.minVersion() && - candidateSession.vers <= c.config.maxVersion() - if versOk && cipherSuiteOk { - session = candidateSession - } - } - } - - if session != nil { - hello.sessionTicket = session.sessionTicket - // A random session ID is used to detect when the - // server accepted the ticket and is resuming a session - // (see RFC 5077). - hello.sessionId = make([]byte, 16) - if _, err := io.ReadFull(c.config.rand(), hello.sessionId); err != nil { - c.sendAlert(alertInternalError) - return errors.New("tls: short read from Rand: " + err.Error()) - } - - } - - helloBytes = hello.marshal() - } - - c.handshakeLog = new(ServerHandshake) - c.heartbleedLog = new(Heartbleed) - c.writeRecord(recordTypeHandshake, helloBytes) - c.handshakeLog.ClientHello = hello.MakeLog() - - msg, err := c.readHandshake() - if err != nil { - return err - } - serverHello, ok := msg.(*serverHelloMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(serverHello, msg) - } - c.handshakeLog.ServerHello = serverHello.MakeLog() - - if serverHello.heartbeatEnabled { - c.heartbeat = true - c.heartbleedLog.HeartbeatEnabled = true - } - - vers, ok := c.config.mutualVersion(serverHello.vers) - if !ok { - c.sendAlert(alertProtocolVersion) - return fmt.Errorf("tls: server selected unsupported protocol version %x", serverHello.vers) - } - c.vers = vers - c.haveVers = true - - suite := mutualCipherSuite(c.config.cipherSuites(), serverHello.cipherSuite) - cipherImplemented := cipherIDInCipherList(serverHello.cipherSuite, implementedCipherSuites) - cipherShared := cipherIDInCipherIDList(serverHello.cipherSuite, c.config.cipherSuites()) - if suite == nil { - // c.sendAlert(alertHandshakeFailure) - if !cipherShared { - c.cipherError = ErrNoMutualCipher - } else if !cipherImplemented { - c.cipherError = ErrUnimplementedCipher - } - } - - hs := &clientHandshakeState{ - c: c, - serverHello: serverHello, - hello: hello, - suite: suite, - finishedHash: newFinishedHash(c.vers, suite), - session: session, - } - - hs.finishedHash.Write(helloBytes) - hs.finishedHash.Write(hs.serverHello.marshal()) - - isResume, err := hs.processServerHello() - if err != nil { - return err - } - - if isResume { - if c.cipherError != nil { - c.sendAlert(alertHandshakeFailure) - return c.cipherError - } - if err := hs.establishKeys(); err != nil { - return err - } - if err := hs.readSessionTicket(); err != nil { - return err - } - if err := hs.readFinished(); err != nil { - return err - } - if err := hs.sendFinished(); err != nil { - return err - } - } else { - if err := hs.doFullHandshake(); err != nil { - return err - } - if err := hs.establishKeys(); err != nil { - return err - } - if err := hs.sendFinished(); err != nil { - return err - } - if err := hs.readSessionTicket(); err != nil { - return err - } - if err := hs.readFinished(); err != nil { - return err - } - } - - if hs.session == nil { - c.handshakeLog.SessionTicket = nil - } else { - c.handshakeLog.SessionTicket = hs.session.MakeLog() - } - - c.handshakeLog.KeyMaterial = hs.MakeLog() - - if sessionCache != nil && hs.session != nil && session != hs.session { - sessionCache.Put(cacheKey, hs.session) - } - - c.didResume = isResume - c.handshakeComplete = true - c.cipherSuite = suite.id - return nil -} - -func (hs *clientHandshakeState) doFullHandshake() error { - c := hs.c - - msg, err := c.readHandshake() - if err != nil { - return err - } - - var serverCert *x509.Certificate - - isAnon := hs.suite != nil && (hs.suite.flags&suiteAnon > 0) - - if !isAnon { - - certMsg, ok := msg.(*certificateMsg) - if !ok || len(certMsg.certificates) == 0 { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(certMsg, msg) - } - hs.finishedHash.Write(certMsg.marshal()) - - certs := make([]*x509.Certificate, len(certMsg.certificates)) - invalidCert := false - var invalidCertErr error - for i, asn1Data := range certMsg.certificates { - cert, err := x509.ParseCertificate(asn1Data) - if err != nil { - invalidCert = true - invalidCertErr = err - break - } - certs[i] = cert - } - - c.handshakeLog.ServerCertificates = certMsg.MakeLog() - - if !invalidCert { - opts := x509.VerifyOptions{ - Roots: c.config.RootCAs, - CurrentTime: c.config.time(), - DNSName: c.config.ServerName, - Intermediates: x509.NewCertPool(), - } - - // Always check validity of the certificates - for _, cert := range certs { - /* - if i == 0 { - continue - } - */ - opts.Intermediates.AddCert(cert) - } - var validation *x509.Validation - c.verifiedChains, validation, err = certs[0].ValidateWithStupidDetail(opts) - c.handshakeLog.ServerCertificates.addParsed(certs, validation) - - // If actually verifying and invalid, reject - if !c.config.InsecureSkipVerify { - if err != nil { - c.sendAlert(alertBadCertificate) - return err - } - } - } - - if invalidCert { - c.sendAlert(alertBadCertificate) - return errors.New("tls: failed to parse certificate from server: " + invalidCertErr.Error()) - } - - c.peerCertificates = certs - - if hs.serverHello.ocspStapling { - msg, err = c.readHandshake() - if err != nil { - return err - } - cs, ok := msg.(*certificateStatusMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(cs, msg) - } - hs.finishedHash.Write(cs.marshal()) - - if cs.statusType == statusTypeOCSP { - c.ocspResponse = cs.response - } - } - - serverCert = certs[0] - - var supportedCertKeyType bool - switch serverCert.PublicKey.(type) { - case *rsa.PublicKey, *ecdsa.PublicKey, *x509.AugmentedECDSA: - supportedCertKeyType = true - break - case *dsa.PublicKey: - if c.config.ClientDSAEnabled { - supportedCertKeyType = true - } - default: - break - } - - if !supportedCertKeyType { - c.sendAlert(alertUnsupportedCertificate) - return fmt.Errorf("tls: server's certificate contains an unsupported type of public key: %T", serverCert.PublicKey) - } - - msg, err = c.readHandshake() - if err != nil { - return err - } - } - - // If we don't support the cipher, quit before we need to read the hs.suite - // variable - if c.cipherError != nil { - return c.cipherError - } - - skx, ok := msg.(*serverKeyExchangeMsg) - - keyAgreement := hs.suite.ka(c.vers) - - if ok { - hs.finishedHash.Write(skx.marshal()) - - err = keyAgreement.processServerKeyExchange(c.config, hs.hello, hs.serverHello, serverCert, skx) - c.handshakeLog.ServerKeyExchange = skx.MakeLog(keyAgreement) - if err != nil { - c.sendAlert(alertUnexpectedMessage) - return err - } - - msg, err = c.readHandshake() - if err != nil { - return err - } - } - - var chainToSend *Certificate - var certRequested bool - certReq, ok := msg.(*certificateRequestMsg) - if ok { - certRequested = true - - // RFC 4346 on the certificateAuthorities field: - // A list of the distinguished names of acceptable certificate - // authorities. These distinguished names may specify a desired - // distinguished name for a root CA or for a subordinate CA; - // thus, this message can be used to describe both known roots - // and a desired authorization space. If the - // certificate_authorities list is empty then the client MAY - // send any certificate of the appropriate - // ClientCertificateType, unless there is some external - // arrangement to the contrary. - - hs.finishedHash.Write(certReq.marshal()) - - var rsaAvail, ecdsaAvail bool - for _, certType := range certReq.certificateTypes { - switch certType { - case certTypeRSASign: - rsaAvail = true - case certTypeECDSASign: - ecdsaAvail = true - } - } - - // We need to search our list of client certs for one - // where SignatureAlgorithm is RSA and the Issuer is in - // certReq.certificateAuthorities - findCert: - for i, chain := range c.config.Certificates { - if !rsaAvail && !ecdsaAvail { - continue - } - - for j, cert := range chain.Certificate { - x509Cert := chain.Leaf - // parse the certificate if this isn't the leaf - // node, or if chain.Leaf was nil - if j != 0 || x509Cert == nil { - if x509Cert, err = x509.ParseCertificate(cert); err != nil { - c.sendAlert(alertInternalError) - return errors.New("tls: failed to parse client certificate #" + strconv.Itoa(i) + ": " + err.Error()) - } - } - - switch { - case rsaAvail && x509Cert.PublicKeyAlgorithm == x509.RSA: - case ecdsaAvail && x509Cert.PublicKeyAlgorithm == x509.ECDSA: - default: - continue findCert - } - - if len(certReq.certificateAuthorities) == 0 { - // they gave us an empty list, so just take the - // first RSA cert from c.config.Certificates - chainToSend = &chain - break findCert - } - - for _, ca := range certReq.certificateAuthorities { - if bytes.Equal(x509Cert.RawIssuer, ca) { - chainToSend = &chain - break findCert - } - } - } - } - - msg, err = c.readHandshake() - if err != nil { - return err - } - } - - shd, ok := msg.(*serverHelloDoneMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(shd, msg) - } - hs.finishedHash.Write(shd.marshal()) - - // If the server requested a certificate then we have to send a - // Certificate message, even if it's empty because we don't have a - // certificate to send. - if certRequested { - certMsg := new(certificateMsg) - if chainToSend != nil { - certMsg.certificates = chainToSend.Certificate - } - hs.finishedHash.Write(certMsg.marshal()) - c.writeRecord(recordTypeHandshake, certMsg.marshal()) - } - - preMasterSecret, ckx, err := keyAgreement.generateClientKeyExchange(c.config, hs.hello, serverCert) - if err != nil { - c.sendAlert(alertInternalError) - return err - } - - c.handshakeLog.ClientKeyExchange = ckx.MakeLog(keyAgreement) - - if ckx != nil { - hs.finishedHash.Write(ckx.marshal()) - c.writeRecord(recordTypeHandshake, ckx.marshal()) - } - - if chainToSend != nil { - var signed []byte - certVerify := &certificateVerifyMsg{ - hasSignatureAndHash: c.vers >= VersionTLS12, - } - - // Determine the hash to sign. - var signatureType uint8 - switch c.config.Certificates[0].PrivateKey.(type) { - case *ecdsa.PrivateKey: - signatureType = signatureECDSA - case *rsa.PrivateKey: - signatureType = signatureRSA - default: - c.sendAlert(alertInternalError) - return errors.New("unknown private key type") - } - certVerify.signatureAndHash, err = hs.finishedHash.selectClientCertSignatureAlgorithm(certReq.signatureAndHashes, c.config.signatureAndHashesForClient(), signatureType) - if err != nil { - c.sendAlert(alertInternalError) - return err - } - digest, hashFunc, err := hs.finishedHash.hashForClientCertificate(certVerify.signatureAndHash, hs.masterSecret) - if err != nil { - c.sendAlert(alertInternalError) - return err - } - - switch key := c.config.Certificates[0].PrivateKey.(type) { - case *ecdsa.PrivateKey: - var r, s *big.Int - r, s, err = ecdsa.Sign(c.config.rand(), key, digest) - if err == nil { - signed, err = asn1.Marshal(ecdsaSignature{r, s}) - } - case *rsa.PrivateKey: - signed, err = rsa.SignPKCS1v15(c.config.rand(), key, hashFunc, digest) - default: - err = errors.New("unknown private key type") - } - if err != nil { - c.sendAlert(alertInternalError) - return errors.New("tls: failed to sign handshake with client certificate: " + err.Error()) - } - certVerify.signature = signed - - hs.writeClientHash(certVerify.marshal()) - c.writeRecord(recordTypeHandshake, certVerify.marshal()) - } - - var cr, sr []byte - if hs.hello.extendedRandomEnabled { - helloRandomLen := len(hs.hello.random) - helloExtendedRandomLen := len(hs.hello.extendedRandom) - - cr = make([]byte, helloRandomLen+helloExtendedRandomLen) - copy(cr, hs.hello.random) - copy(cr[helloRandomLen:], hs.hello.extendedRandom) - } else { - cr = hs.hello.random - } - - if hs.serverHello.extendedRandomEnabled { - serverRandomLen := len(hs.serverHello.random) - serverExtendedRandomLen := len(hs.serverHello.extendedRandom) - - sr = make([]byte, serverRandomLen+serverExtendedRandomLen) - copy(sr, hs.serverHello.random) - copy(sr[serverRandomLen:], hs.serverHello.extendedRandom) - } else { - sr = hs.serverHello.random - } - - hs.preMasterSecret = make([]byte, len(preMasterSecret)) - copy(hs.preMasterSecret, preMasterSecret) - - if hs.serverHello.extendedMasterSecret && c.vers >= VersionTLS10 { - hs.masterSecret = extendedMasterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.finishedHash) - c.extendedMasterSecret = true - } else { - hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random) - } - - return nil -} - -func (hs *clientHandshakeState) establishKeys() error { - c := hs.c - - clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV := keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen) - var clientCipher, serverCipher interface{} - var clientHash, serverHash macFunction - if hs.suite.cipher != nil { - clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */) - clientHash = hs.suite.mac(c.vers, clientMAC) - serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */) - serverHash = hs.suite.mac(c.vers, serverMAC) - } else { - clientCipher = hs.suite.aead(clientKey, clientIV) - serverCipher = hs.suite.aead(serverKey, serverIV) - } - - c.in.prepareCipherSpec(c.vers, serverCipher, serverHash) - c.out.prepareCipherSpec(c.vers, clientCipher, clientHash) - return nil -} - -func (hs *clientHandshakeState) serverResumedSession() bool { - // If the server responded with the same sessionId then it means the - // sessionTicket is being used to resume a TLS session. - return hs.session != nil && hs.hello.sessionId != nil && - bytes.Equal(hs.serverHello.sessionId, hs.hello.sessionId) -} - -func (hs *clientHandshakeState) processServerHello() (bool, error) { - c := hs.c - - if hs.serverHello.compressionMethod != compressionNone { - c.sendAlert(alertUnexpectedMessage) - return false, errors.New("tls: server selected unsupported compression format") - } - - clientDidNPN := hs.hello.nextProtoNeg - clientDidALPN := len(hs.hello.alpnProtocols) > 0 - serverHasNPN := hs.serverHello.nextProtoNeg - serverHasALPN := len(hs.serverHello.alpnProtocol) > 0 - - if !clientDidNPN && serverHasNPN { - c.sendAlert(alertHandshakeFailure) - return false, errors.New("tls: server advertised unrequested NPN extension") - } - - if !clientDidALPN && serverHasALPN { - c.sendAlert(alertHandshakeFailure) - return false, errors.New("tls: server advertised unrequested ALPN extension") - } - - if serverHasNPN && serverHasALPN { - c.sendAlert(alertHandshakeFailure) - return false, errors.New("tls: server advertised both NPN and ALPN extensions") - } - - if serverHasALPN { - c.clientProtocol = hs.serverHello.alpnProtocol - c.clientProtocolFallback = false - } - - if hs.serverResumedSession() { - // Restore masterSecret and peerCerts from previous state - hs.masterSecret = hs.session.masterSecret - c.extendedMasterSecret = hs.session.extendedMasterSecret - c.peerCertificates = hs.session.serverCertificates - return true, nil - } - return false, nil -} - -func (hs *clientHandshakeState) readFinished() error { - c := hs.c - - c.readRecord(recordTypeChangeCipherSpec) - if err := c.in.error(); err != nil { - return err - } - - msg, err := c.readHandshake() - if err != nil { - return err - } - serverFinished, ok := msg.(*finishedMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(serverFinished, msg) - } - c.handshakeLog.ServerFinished = serverFinished.MakeLog() - - verify := hs.finishedHash.serverSum(hs.masterSecret) - if len(verify) != len(serverFinished.verifyData) || - subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 { - c.sendAlert(alertHandshakeFailure) - return errors.New("tls: server's Finished message was incorrect") - } - hs.finishedHash.Write(serverFinished.marshal()) - return nil -} - -func (hs *clientHandshakeState) readSessionTicket() error { - if !hs.serverHello.ticketSupported { - return nil - } - - c := hs.c - msg, err := c.readHandshake() - if err != nil { - return err - } - sessionTicketMsg, ok := msg.(*newSessionTicketMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(sessionTicketMsg, msg) - } - hs.finishedHash.Write(sessionTicketMsg.marshal()) - - hs.session = &ClientSessionState{ - sessionTicket: sessionTicketMsg.ticket, - vers: c.vers, - cipherSuite: hs.suite.id, - masterSecret: hs.masterSecret, - serverCertificates: c.peerCertificates, - lifetimeHint: sessionTicketMsg.lifetimeHint, - } - - return nil -} - -func (hs *clientHandshakeState) sendFinished() error { - c := hs.c - - c.writeRecord(recordTypeChangeCipherSpec, []byte{1}) - if hs.serverHello.nextProtoNeg { - nextProto := new(nextProtoMsg) - proto, fallback := mutualProtocol(c.config.NextProtos, hs.serverHello.nextProtos) - nextProto.proto = proto - c.clientProtocol = proto - c.clientProtocolFallback = fallback - - hs.finishedHash.Write(nextProto.marshal()) - c.writeRecord(recordTypeHandshake, nextProto.marshal()) - } - - finished := new(finishedMsg) - finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret) - hs.finishedHash.Write(finished.marshal()) - - c.handshakeLog.ClientFinished = finished.MakeLog() - - c.writeRecord(recordTypeHandshake, finished.marshal()) - return nil -} - -func (hs *clientHandshakeState) writeClientHash(msg []byte) { - // writeClientHash is called before writeRecord. - hs.writeHash(msg, 0) -} - -func (hs *clientHandshakeState) writeServerHash(msg []byte) { - // writeServerHash is called after readHandshake. - hs.writeHash(msg, 0) -} - -func (hs *clientHandshakeState) writeHash(msg []byte, seqno uint16) { - hs.finishedHash.Write(msg) -} - -// clientSessionCacheKey returns a key used to cache sessionTickets that could -// be used to resume previously negotiated TLS sessions with a server. -func clientSessionCacheKey(serverAddr net.Addr, config *Config) string { - if len(config.ServerName) > 0 { - return config.ServerName - } - return serverAddr.String() -} - -// mutualProtocol finds the mutual Next Protocol Negotiation or ALPN protocol -// given list of possible protocols and a list of the preference order. The -// first list must not be empty. It returns the resulting protocol and flag -// indicating if the fallback case was reached. -func mutualProtocol(protos, preferenceProtos []string) (string, bool) { - for _, s := range preferenceProtos { - for _, c := range protos { - if s == c { - return s, false - } - } - } - - return protos[0], true -} diff --git a/ztools/ztls/handshake_client_test.go b/ztools/ztls/handshake_client_test.go deleted file mode 100644 index 8c804f13..00000000 --- a/ztools/ztls/handshake_client_test.go +++ /dev/null @@ -1,503 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "crypto/ecdsa" - "crypto/rsa" - "encoding/pem" - "fmt" - "io" - "net" - "os" - "os/exec" - "path/filepath" - "strconv" - "testing" - "time" - - "github.com/zmap/zgrab/ztools/x509" -) - -// Note: see comment in handshake_test.go for details of how the reference -// tests work. - -// blockingSource is an io.Reader that blocks a Read call until it's closed. -type blockingSource chan bool - -func (b blockingSource) Read([]byte) (n int, err error) { - <-b - return 0, io.EOF -} - -// clientTest represents a test of the TLS client handshake against a reference -// implementation. -type clientTest struct { - // name is a freeform string identifying the test and the file in which - // the expected results will be stored. - name string - // command, if not empty, contains a series of arguments for the - // command to run for the reference server. - command []string - // config, if not nil, contains a custom Config to use for this test. - config *Config - // cert, if not empty, contains a DER-encoded certificate for the - // reference server. - cert []byte - // key, if not nil, contains either a *rsa.PrivateKey or - // *ecdsa.PrivateKey which is the private key for the reference server. - key interface{} -} - -var defaultServerCommand = []string{"openssl", "s_server"} - -// connFromCommand starts the reference server process, connects to it and -// returns a recordingConn for the connection. The stdin return value is a -// blockingSource for the stdin of the child process. It must be closed before -// Waiting for child. -func (test *clientTest) connFromCommand() (conn *recordingConn, child *exec.Cmd, stdin blockingSource, err error) { - cert := testRSACertificate - if len(test.cert) > 0 { - cert = test.cert - } - certPath := tempFile(string(cert)) - defer os.Remove(certPath) - - var key interface{} = testRSAPrivateKey - if test.key != nil { - key = test.key - } - var pemType string - var derBytes []byte - switch key := key.(type) { - case *rsa.PrivateKey: - pemType = "RSA" - derBytes = x509.MarshalPKCS1PrivateKey(key) - case *ecdsa.PrivateKey: - pemType = "EC" - var err error - derBytes, err = x509.MarshalECPrivateKey(key) - if err != nil { - panic(err) - } - default: - panic("unknown key type") - } - - var pemOut bytes.Buffer - pem.Encode(&pemOut, &pem.Block{Type: pemType + " PRIVATE KEY", Bytes: derBytes}) - - keyPath := tempFile(string(pemOut.Bytes())) - defer os.Remove(keyPath) - - var command []string - if len(test.command) > 0 { - command = append(command, test.command...) - } else { - command = append(command, defaultServerCommand...) - } - command = append(command, "-cert", certPath, "-certform", "DER", "-key", keyPath) - // serverPort contains the port that OpenSSL will listen on. OpenSSL - // can't take "0" as an argument here so we have to pick a number and - // hope that it's not in use on the machine. Since this only occurs - // when -update is given and thus when there's a human watching the - // test, this isn't too bad. - const serverPort = 24323 - command = append(command, "-accept", strconv.Itoa(serverPort)) - - cmd := exec.Command(command[0], command[1:]...) - stdin = blockingSource(make(chan bool)) - cmd.Stdin = stdin - var out bytes.Buffer - cmd.Stdout = &out - cmd.Stderr = &out - if err := cmd.Start(); err != nil { - return nil, nil, nil, err - } - - // OpenSSL does print an "ACCEPT" banner, but it does so *before* - // opening the listening socket, so we can't use that to wait until it - // has started listening. Thus we are forced to poll until we get a - // connection. - var tcpConn net.Conn - for i := uint(0); i < 5; i++ { - var err error - tcpConn, err = net.DialTCP("tcp", nil, &net.TCPAddr{ - IP: net.IPv4(127, 0, 0, 1), - Port: serverPort, - }) - if err == nil { - break - } - time.Sleep((1 << i) * 5 * time.Millisecond) - } - if tcpConn == nil { - close(stdin) - out.WriteTo(os.Stdout) - cmd.Process.Kill() - return nil, nil, nil, cmd.Wait() - } - - record := &recordingConn{ - Conn: tcpConn, - } - - return record, cmd, stdin, nil -} - -func (test *clientTest) dataPath() string { - return filepath.Join("testdata", "Client-"+test.name) -} - -func (test *clientTest) loadData() (flows [][]byte, err error) { - in, err := os.Open(test.dataPath()) - if err != nil { - return nil, err - } - defer in.Close() - return parseTestData(in) -} - -func (test *clientTest) run(t *testing.T, write bool) { - var clientConn, serverConn net.Conn - var recordingConn *recordingConn - var childProcess *exec.Cmd - var stdin blockingSource - - if write { - var err error - recordingConn, childProcess, stdin, err = test.connFromCommand() - if err != nil { - t.Fatalf("Failed to start subcommand: %s", err) - } - clientConn = recordingConn - } else { - clientConn, serverConn = net.Pipe() - } - - config := test.config - if config == nil { - config = testConfig - } - client := Client(clientConn, config) - - doneChan := make(chan bool) - go func() { - if _, err := client.Write([]byte("hello\n")); err != nil { - t.Logf("Client.Write failed: %s", err) - } - client.Close() - clientConn.Close() - doneChan <- true - }() - - if !write { - flows, err := test.loadData() - if err != nil { - t.Fatalf("%s: failed to load data from %s", test.name, test.dataPath()) - } - for i, b := range flows { - if i%2 == 1 { - serverConn.Write(b) - continue - } - bb := make([]byte, len(b)) - _, err := io.ReadFull(serverConn, bb) - if err != nil { - t.Fatalf("%s #%d: %s", test.name, i, err) - } - if !bytes.Equal(b, bb) { - t.Fatalf("%s #%d: mismatch on read: got:%x want:%x", test.name, i, bb, b) - } - } - serverConn.Close() - } - - <-doneChan - - if write { - path := test.dataPath() - out, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) - if err != nil { - t.Fatalf("Failed to create output file: %s", err) - } - defer out.Close() - recordingConn.Close() - close(stdin) - childProcess.Process.Kill() - childProcess.Wait() - if len(recordingConn.flows) < 3 { - childProcess.Stdout.(*bytes.Buffer).WriteTo(os.Stdout) - t.Fatalf("Client connection didn't work") - } - recordingConn.WriteTo(out) - fmt.Printf("Wrote %s\n", path) - } -} - -func runClientTestForVersion(t *testing.T, template *clientTest, prefix, option string) { - test := *template - test.name = prefix + test.name - if len(test.command) == 0 { - test.command = defaultClientCommand - } - test.command = append([]string(nil), test.command...) - test.command = append(test.command, option) - test.run(t, *update) -} - -func runClientTestTLS10(t *testing.T, template *clientTest) { - runClientTestForVersion(t, template, "TLSv10-", "-tls1") -} - -func runClientTestTLS11(t *testing.T, template *clientTest) { - runClientTestForVersion(t, template, "TLSv11-", "-tls1_1") -} - -func runClientTestTLS12(t *testing.T, template *clientTest) { - runClientTestForVersion(t, template, "TLSv12-", "-tls1_2") -} - -func TestHandshakeClientRSARC4(t *testing.T) { - test := &clientTest{ - name: "RSA-RC4", - command: []string{"openssl", "s_server", "-cipher", "RC4-SHA"}, - } - runClientTestTLS10(t, test) - runClientTestTLS11(t, test) - runClientTestTLS12(t, test) -} - -func TestHandshakeClientECDHERSAAES(t *testing.T) { - test := &clientTest{ - name: "ECDHE-RSA-AES", - command: []string{"openssl", "s_server", "-cipher", "ECDHE-RSA-AES128-SHA"}, - } - runClientTestTLS10(t, test) - runClientTestTLS11(t, test) - runClientTestTLS12(t, test) -} - -func TestHandshakeClientECDHEECDSAAES(t *testing.T) { - test := &clientTest{ - name: "ECDHE-ECDSA-AES", - command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA"}, - cert: testECDSACertificate, - key: testECDSAPrivateKey, - } - runClientTestTLS10(t, test) - runClientTestTLS11(t, test) - runClientTestTLS12(t, test) -} - -func TestHandshakeClientECDHEECDSAAESGCM(t *testing.T) { - test := &clientTest{ - name: "ECDHE-ECDSA-AES-GCM", - command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-GCM-SHA256"}, - cert: testECDSACertificate, - key: testECDSAPrivateKey, - } - runClientTestTLS12(t, test) -} - -func TestHandshakeClientCertRSA(t *testing.T) { - config := *testConfig - cert, _ := X509KeyPair([]byte(clientCertificatePEM), []byte(clientKeyPEM)) - config.Certificates = []Certificate{cert} - - test := &clientTest{ - name: "ClientCert-RSA-RSA", - command: []string{"openssl", "s_server", "-cipher", "RC4-SHA", "-verify", "1"}, - config: &config, - } - - runClientTestTLS10(t, test) - runClientTestTLS12(t, test) - - test = &clientTest{ - name: "ClientCert-RSA-ECDSA", - command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"}, - config: &config, - cert: testECDSACertificate, - key: testECDSAPrivateKey, - } - - runClientTestTLS10(t, test) - runClientTestTLS12(t, test) -} - -// TODO: figure out why this test is failing -//func TestHandshakeClientCertECDSA(t *testing.T) { -// config := *testConfig -// cert, _ := X509KeyPair([]byte(clientECDSACertificatePEM), []byte(clientECDSAKeyPEM)) -// config.Certificates = []Certificate{cert} -// -// test := &clientTest{ -// name: "ClientCert-ECDSA-RSA", -// command: []string{"openssl", "s_server", "-cipher", "RC4-SHA", "-verify", "1"}, -// config: &config, -// } -// -// runClientTestTLS10(t, test) -// runClientTestTLS12(t, test) -// -// test = &clientTest{ -// name: "ClientCert-ECDSA-ECDSA", -// command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES128-SHA", "-verify", "1"}, -// config: &config, -// cert: testECDSACertificate, -// key: testECDSAPrivateKey, -// } -// -// runClientTestTLS10(t, test) -// runClientTestTLS12(t, test) -//} - -func TestClientResumption(t *testing.T) { - serverConfig := &Config{ - CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, - Certificates: testConfig.Certificates, - } - clientConfig := &Config{ - CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, - InsecureSkipVerify: true, - ClientSessionCache: NewLRUClientSessionCache(32), - } - - testResumeState := func(test string, didResume bool) { - hs, err := testHandshake(clientConfig, serverConfig) - if err != nil { - t.Fatalf("%s: handshake failed: %s", test, err) - } - if hs.DidResume != didResume { - t.Fatalf("%s resumed: %v, expected: %v", test, hs.DidResume, didResume) - } - } - - testResumeState("Handshake", false) - testResumeState("Resume", true) - - if _, err := io.ReadFull(serverConfig.rand(), serverConfig.SessionTicketKey[:]); err != nil { - t.Fatalf("Failed to invalidate SessionTicketKey") - } - testResumeState("InvalidSessionTicketKey", false) - testResumeState("ResumeAfterInvalidSessionTicketKey", true) - - clientConfig.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_RC4_128_SHA} - testResumeState("DifferentCipherSuite", false) - testResumeState("DifferentCipherSuiteRecovers", true) - - clientConfig.ClientSessionCache = nil - testResumeState("WithoutSessionCache", false) -} - -func TestLRUClientSessionCache(t *testing.T) { - // Initialize cache of capacity 4. - cache := NewLRUClientSessionCache(4) - cs := make([]ClientSessionState, 6) - keys := []string{"0", "1", "2", "3", "4", "5", "6"} - - // Add 4 entries to the cache and look them up. - for i := 0; i < 4; i++ { - cache.Put(keys[i], &cs[i]) - } - for i := 0; i < 4; i++ { - if s, ok := cache.Get(keys[i]); !ok || s != &cs[i] { - t.Fatalf("session cache failed lookup for added key: %s", keys[i]) - } - } - - // Add 2 more entries to the cache. First 2 should be evicted. - for i := 4; i < 6; i++ { - cache.Put(keys[i], &cs[i]) - } - for i := 0; i < 2; i++ { - if s, ok := cache.Get(keys[i]); ok || s != nil { - t.Fatalf("session cache should have evicted key: %s", keys[i]) - } - } - - // Touch entry 2. LRU should evict 3 next. - cache.Get(keys[2]) - cache.Put(keys[0], &cs[0]) - if s, ok := cache.Get(keys[3]); ok || s != nil { - t.Fatalf("session cache should have evicted key 3") - } - - // Update entry 0 in place. - cache.Put(keys[0], &cs[3]) - if s, ok := cache.Get(keys[0]); !ok || s != &cs[3] { - t.Fatalf("session cache failed update for key 0") - } - - // Adding a nil entry is valid. - cache.Put(keys[0], nil) - if s, ok := cache.Get(keys[0]); !ok || s != nil { - t.Fatalf("failed to add nil entry to cache") - } -} - -// Test the custom client hello feature by imitating a Firefox ClientHello message -func TestHandshakeClientCustomHello(t *testing.T) { - hello := ClientFingerprintConfiguration{} - hello.HandshakeVersion = 0x0303 - - hello.CipherSuites = []uint16{ - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_AES_128_CBC_SHA, - TLS_RSA_WITH_AES_256_CBC_SHA, - TLS_RSA_WITH_3DES_EDE_CBC_SHA, - } - hello.CompressionMethods = []uint8{0} - sni := SNIExtension{[]string{}, true} - ec := SupportedCurvesExtension{[]CurveID{CurveP256, CurveP384, CurveP521}} - points := PointFormatExtension{[]uint8{0}} - st := SessionTicketExtension{[]byte{}, true} - alpn := ALPNExtension{[]string{"h2", "http/1.1"}} - sigs := SignatureAlgorithmExtension{[]uint16{0x0401, - 0x0501, - 0x0601, - 0x0201, - 0x0403, - 0x0503, - 0x0603, - 0x0203, - 0x0502, - 0x0402, - 0x0202, - }} - - hello.Extensions = []ClientExtension{&sni, - &ExtendedMasterSecretExtension{}, - &SecureRenegotiationExtension{}, - &ec, - &points, - &st, - &NextProtocolNegotiationExtension{}, - &alpn, - &StatusRequestExtension{}, - &sigs, - } - config := *testConfig - config.ClientFingerprintConfiguration = &hello - test := &clientTest{ - name: "ClientFingerprint", - command: []string{"openssl", "s_server"}, - config: &config, - } - runClientTestTLS12(t, test) -} diff --git a/ztools/ztls/handshake_extensions.go b/ztools/ztls/handshake_extensions.go deleted file mode 100644 index f8866bfd..00000000 --- a/ztools/ztls/handshake_extensions.go +++ /dev/null @@ -1,392 +0,0 @@ -package ztls - -import ( - "errors" - "fmt" -) - -type NullExtension struct { -} - -func (e *NullExtension) WriteToConfig(c *Config) error { - return nil -} - -func (e *NullExtension) CheckImplemented() error { - return nil -} - -func (e *NullExtension) Marshal() []byte { - return []byte{} -} - -type SNIExtension struct { - Domains []string - Autopopulate bool -} - -func (e *SNIExtension) WriteToConfig(c *Config) error { - if e.Autopopulate { - for i, ext := range c.ClientFingerprintConfiguration.Extensions { - switch ext.(type) { - case *SNIExtension: - if c.ServerName == "" { - c.ClientFingerprintConfiguration.Extensions[i] = &NullExtension{} - } else { - c.ClientFingerprintConfiguration.Extensions[i] = &SNIExtension{ - Domains: []string{c.ServerName}, - Autopopulate: true, - } - } - default: - continue - } - } - } - // If a server name is not specified in the config, but is available in the extensions - // we set it for certificate validation later on - if c.ServerName == "" && len(e.Domains) > 0 { - c.ServerName = e.Domains[0] - } - return nil -} - -func (e *SNIExtension) CheckImplemented() error { - return nil -} - -func (e *SNIExtension) Marshal() []byte { - result := []byte{} - for _, domain := range e.Domains { - current := make([]byte, 2+len(domain)) - copy(current[2:], []byte(domain)) - current[0] = uint8(len(domain) >> 8) - current[1] = uint8(len(domain)) - result = append(result, current...) - } - sniHeader := make([]byte, 3) - sniHeader[0] = uint8((len(result) + 1) >> 8) - sniHeader[1] = uint8((len(result) + 1)) - sniHeader[2] = 0 - result = append(sniHeader, result...) - - extHeader := make([]byte, 4) - extHeader[0] = 0 - extHeader[1] = 0 - extHeader[2] = uint8((len(result)) >> 8) - extHeader[3] = uint8((len(result))) - result = append(extHeader, result...) - - return result -} - -type ALPNExtension struct { - Protocols []string -} - -func (e *ALPNExtension) WriteToConfig(c *Config) error { - c.NextProtos = e.Protocols - return nil -} - -func (e *ALPNExtension) CheckImplemented() error { - return nil -} - -func (e *ALPNExtension) Marshal() []byte { - result := []byte{} - for _, protocol := range e.Protocols { - current := make([]byte, 1+len(protocol)) - copy(current[1:], []byte(protocol)) - current[0] = uint8(len(protocol)) - result = append(result, current...) - } - alpnHeader := make([]byte, 2) - alpnHeader[0] = uint8((len(result)) >> 8) - alpnHeader[1] = uint8((len(result))) - result = append(alpnHeader, result...) - - extHeader := make([]byte, 4) - extHeader[0] = byte(extensionALPN >> 8) - extHeader[1] = byte(extensionALPN & 0xff) - extHeader[2] = uint8((len(result)) >> 8) - extHeader[3] = uint8((len(result))) - result = append(extHeader, result...) - - return result -} - -type SecureRenegotiationExtension struct { -} - -func (e *SecureRenegotiationExtension) WriteToConfig(c *Config) error { - return nil -} - -func (e *SecureRenegotiationExtension) CheckImplemented() error { - return nil -} - -func (e *SecureRenegotiationExtension) Marshal() []byte { - result := make([]byte, 5) - result[0] = byte(extensionRenegotiationInfo >> 8) - result[1] = byte(extensionRenegotiationInfo & 0xff) - result[2] = 0 - result[3] = 1 - result[4] = 0 - return result -} - -type ExtendedMasterSecretExtension struct { -} - -func (e *ExtendedMasterSecretExtension) WriteToConfig(c *Config) error { - c.ExtendedMasterSecret = true - return nil -} - -func (e *ExtendedMasterSecretExtension) CheckImplemented() error { - return nil -} - -func (e *ExtendedMasterSecretExtension) Marshal() []byte { - result := make([]byte, 4) - result[0] = byte(extensionExtendedMasterSecret >> 8) - result[1] = byte(extensionExtendedMasterSecret & 0xff) - result[2] = 0 - result[3] = 0 - return result -} - -type NextProtocolNegotiationExtension struct { -} - -func (e *NextProtocolNegotiationExtension) WriteToConfig(c *Config) error { - return nil -} - -func (e *NextProtocolNegotiationExtension) CheckImplemented() error { - return nil -} - -func (e *NextProtocolNegotiationExtension) Marshal() []byte { - result := make([]byte, 4) - result[0] = byte(extensionNextProtoNeg >> 8) - result[1] = byte(extensionNextProtoNeg & 0xff) - result[2] = 0 - result[3] = 0 - return result -} - -type StatusRequestExtension struct { -} - -func (e *StatusRequestExtension) WriteToConfig(c *Config) error { - return nil -} - -func (e *StatusRequestExtension) CheckImplemented() error { - return nil -} - -func (e *StatusRequestExtension) Marshal() []byte { - result := make([]byte, 9) - result[0] = byte(extensionStatusRequest >> 8) - result[1] = byte(extensionStatusRequest & 0xff) - result[2] = 0 - result[3] = 5 - result[4] = 1 // OCSP type - result[5] = 0 - result[6] = 0 - result[7] = 0 - result[8] = 0 - return result -} - -type SCTExtension struct { -} - -func (e *SCTExtension) WriteToConfig(c *Config) error { - c.SignedCertificateTimestampExt = true - return nil -} - -func (e *SCTExtension) CheckImplemented() error { - return nil -} - -func (e *SCTExtension) Marshal() []byte { - result := make([]byte, 4) - result[0] = byte(extensionSCT >> 8) - result[1] = byte(extensionSCT & 0xff) - result[2] = 0 - result[3] = 0 - return result -} - -type SupportedCurvesExtension struct { - Curves []CurveID -} - -func (e *SupportedCurvesExtension) WriteToConfig(c *Config) error { - c.CurvePreferences = e.Curves - return nil -} - -func (e *SupportedCurvesExtension) CheckImplemented() error { - for _, curve := range e.Curves { - found := false - for _, supported := range defaultCurvePreferences { - if curve == supported { - found = true - } - } - if !found { - return fmt.Errorf("Unsupported CurveID %d", curve) - } - } - return nil -} - -func (e *SupportedCurvesExtension) Marshal() []byte { - result := make([]byte, 6+2*len(e.Curves)) - result[0] = byte(extensionSupportedCurves >> 8) - result[1] = byte(extensionSupportedCurves & 0xff) - result[2] = uint8((2 + 2*len(e.Curves)) >> 8) - result[3] = uint8((2 + 2*len(e.Curves))) - result[4] = uint8((2 * len(e.Curves)) >> 8) - result[5] = uint8((2 * len(e.Curves))) - for i, curve := range e.Curves { - result[6+2*i] = uint8(curve >> 8) - result[7+2*i] = uint8(curve) - } - return result -} - -type PointFormatExtension struct { - Formats []uint8 -} - -func (e *PointFormatExtension) WriteToConfig(c *Config) error { - return nil -} - -func (e *PointFormatExtension) CheckImplemented() error { - for _, format := range e.Formats { - if format != pointFormatUncompressed { - return fmt.Errorf("Unsupported EC Point Format %d", format) - } - } - return nil -} - -func (e *PointFormatExtension) Marshal() []byte { - result := make([]byte, 5+len(e.Formats)) - result[0] = byte(extensionSupportedPoints >> 8) - result[1] = byte(extensionSupportedPoints & 0xff) - result[2] = uint8((1 + len(e.Formats)) >> 8) - result[3] = uint8((1 + len(e.Formats))) - result[4] = uint8((len(e.Formats))) - for i, format := range e.Formats { - result[5+i] = format - } - return result -} - -type SessionTicketExtension struct { - Ticket []byte - Autopopulate bool -} - -func (e *SessionTicketExtension) WriteToConfig(c *Config) error { - c.ForceSessionTicketExt = true - return nil -} - -func (e *SessionTicketExtension) CheckImplemented() error { - return nil -} - -func (e *SessionTicketExtension) Marshal() []byte { - result := make([]byte, 4+len(e.Ticket)) - result[0] = byte(extensionSessionTicket >> 8) - result[1] = byte(extensionSessionTicket & 0xff) - result[2] = uint8(len(e.Ticket) >> 8) - result[3] = uint8(len(e.Ticket)) - if len(e.Ticket) > 0 { - copy(result[4:], e.Ticket) - } - return result -} - -type HeartbeatExtension struct { - Mode byte -} - -func (e *HeartbeatExtension) WriteToConfig(c *Config) error { - return nil -} - -func (e *HeartbeatExtension) CheckImplemented() error { - return nil -} - -func (e *HeartbeatExtension) Marshal() []byte { - result := make([]byte, 5) - result[0] = byte(extensionHeartbeat >> 8) - result[1] = byte(extensionHeartbeat & 0xff) - result[2] = uint8(1 >> 8) - result[3] = uint8(1) - result[4] = e.Mode - return result -} - -type SignatureAlgorithmExtension struct { - SignatureAndHashes []uint16 -} - -func (e *SignatureAlgorithmExtension) WriteToConfig(c *Config) error { - supportedSKXSignatureAlgorithms = e.getStructuredAlgorithms() - defaultSKXSignatureAlgorithms = e.getStructuredAlgorithms() - return nil -} - -func (e *SignatureAlgorithmExtension) CheckImplemented() error { - for _, algs := range e.getStructuredAlgorithms() { - found := false - for _, supported := range supportedSKXSignatureAlgorithms { - if algs.hash == supported.hash && algs.signature == supported.signature { - found = true - break - } - } - if !found { - return errors.New(fmt.Sprintf("Unsupported Hash and Signature Algorithm (%d, %d)", algs.hash, algs.signature)) - } - } - return nil -} - -func (e *SignatureAlgorithmExtension) getStructuredAlgorithms() []signatureAndHash { - result := make([]signatureAndHash, len(e.SignatureAndHashes)) - for i, alg := range e.SignatureAndHashes { - result[i].hash = uint8(alg >> 8) - result[i].signature = uint8(alg) - } - return result -} - -func (e *SignatureAlgorithmExtension) Marshal() []byte { - result := make([]byte, 6+2*len(e.SignatureAndHashes)) - result[0] = byte(extensionSignatureAlgorithms >> 8) - result[1] = byte(extensionSignatureAlgorithms & 0xff) - result[2] = uint8((2 + 2*len(e.SignatureAndHashes)) >> 8) - result[3] = uint8((2 + 2*len(e.SignatureAndHashes))) - result[4] = uint8((2 * len(e.SignatureAndHashes)) >> 8) - result[5] = uint8((2 * len(e.SignatureAndHashes))) - for i, pair := range e.getStructuredAlgorithms() { - result[6+2*i] = uint8(pair.hash) - result[7+2*i] = uint8(pair.signature) - } - return result -} diff --git a/ztools/ztls/handshake_messages.go b/ztools/ztls/handshake_messages.go deleted file mode 100644 index 4bb2904c..00000000 --- a/ztools/ztls/handshake_messages.go +++ /dev/null @@ -1,1718 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "reflect" -) - -type clientHelloMsg struct { - raw []byte - vers uint16 - random []byte - sessionId []byte - cipherSuites []uint16 - compressionMethods []uint8 - nextProtoNeg bool - serverName string - ocspStapling bool - scts bool - supportedCurves []CurveID - supportedPoints []uint8 - ticketSupported bool - sessionTicket []uint8 - signatureAndHashes []signatureAndHash - secureRenegotiation bool - heartbeatEnabled bool - heartbeatMode uint8 - extendedRandomEnabled bool - extendedRandom []byte - extendedMasterSecret bool - sctEnabled bool - alpnProtocols []string - unknownExtensions [][]byte -} - -func (m *clientHelloMsg) equal(i interface{}) bool { - m1, ok := i.(*clientHelloMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - m.vers == m1.vers && - bytes.Equal(m.random, m1.random) && - bytes.Equal(m.sessionId, m1.sessionId) && - eqUint16s(m.cipherSuites, m1.cipherSuites) && - bytes.Equal(m.compressionMethods, m1.compressionMethods) && - m.nextProtoNeg == m1.nextProtoNeg && - m.serverName == m1.serverName && - m.ocspStapling == m1.ocspStapling && - m.scts == m1.scts && - eqCurveIDs(m.supportedCurves, m1.supportedCurves) && - bytes.Equal(m.supportedPoints, m1.supportedPoints) && - m.ticketSupported == m1.ticketSupported && - bytes.Equal(m.sessionTicket, m1.sessionTicket) && - eqSignatureAndHashes(m.signatureAndHashes, m1.signatureAndHashes) && - m.secureRenegotiation == m1.secureRenegotiation && - m.heartbeatEnabled == m1.heartbeatEnabled && - m.heartbeatMode == m1.heartbeatMode && - m.extendedRandomEnabled == m1.extendedRandomEnabled && - bytes.Equal(m.extendedRandom, m1.extendedRandom) && - m.extendedMasterSecret == m1.extendedMasterSecret && - eqStrings(m.alpnProtocols, m1.alpnProtocols) && - reflect.DeepEqual(m.unknownExtensions, m1.unknownExtensions) -} - -func (m *clientHelloMsg) marshal() []byte { - if m.raw != nil { - return m.raw - } - - length := 2 + 32 + 1 + len(m.sessionId) + 2 + len(m.cipherSuites)*2 + 1 + len(m.compressionMethods) - numExtensions := 0 - extensionsLength := 0 - if m.nextProtoNeg { - numExtensions++ - } - if m.ocspStapling { - extensionsLength += 1 + 2 + 2 - numExtensions++ - } - if len(m.serverName) > 0 { - extensionsLength += 5 + len(m.serverName) - numExtensions++ - } - if len(m.supportedCurves) > 0 { - extensionsLength += 2 + 2*len(m.supportedCurves) - numExtensions++ - } - if len(m.supportedPoints) > 0 { - extensionsLength += 1 + len(m.supportedPoints) - numExtensions++ - } - if m.ticketSupported { - extensionsLength += len(m.sessionTicket) - numExtensions++ - } - if len(m.signatureAndHashes) > 0 { - extensionsLength += 2 + 2*len(m.signatureAndHashes) - numExtensions++ - } - if m.secureRenegotiation { - extensionsLength += 1 - numExtensions++ - } - if len(m.alpnProtocols) > 0 { - extensionsLength += 2 - for _, s := range m.alpnProtocols { - if l := len(s); l == 0 || l > 255 { - panic("invalid ALPN protocol") - } - extensionsLength++ - extensionsLength += len(s) - } - numExtensions++ - } - if m.heartbeatEnabled { - extensionsLength += 1 - numExtensions++ - } - if m.extendedRandomEnabled { - extensionsLength += 2 + len(m.extendedRandom) - numExtensions++ - } - if m.extendedMasterSecret { - numExtensions++ - } - if m.sctEnabled { - numExtensions++ - } - if len(m.unknownExtensions) > 0 { - // we do not update numExtensions because the extension code and length - // are already contained at the beginning of every 'ext' below - for _, ext := range m.unknownExtensions { - extensionsLength += len(ext) - } - } - if numExtensions > 0 { - extensionsLength += 4 * numExtensions - length += 2 + extensionsLength - } - - x := make([]byte, 4+length) - x[0] = typeClientHello - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - x[4] = uint8(m.vers >> 8) - x[5] = uint8(m.vers) - copy(x[6:38], m.random) - x[38] = uint8(len(m.sessionId)) - copy(x[39:39+len(m.sessionId)], m.sessionId) - y := x[39+len(m.sessionId):] - // This is a clever way to store the lower 16 bits of 2*len(m.cipherSuites) - y[0] = uint8(len(m.cipherSuites) >> 7) - y[1] = uint8(len(m.cipherSuites) << 1) - for i, suite := range m.cipherSuites { - y[2+i*2] = uint8(suite >> 8) - y[3+i*2] = uint8(suite) - } - z := y[2+len(m.cipherSuites)*2:] - z[0] = uint8(len(m.compressionMethods)) - copy(z[1:], m.compressionMethods) - - z = z[1+len(m.compressionMethods):] - if numExtensions > 0 || len(m.unknownExtensions) > 0 { - z[0] = byte(extensionsLength >> 8) - z[1] = byte(extensionsLength) - z = z[2:] - } - if m.nextProtoNeg { - z[0] = byte(extensionNextProtoNeg >> 8) - z[1] = byte(extensionNextProtoNeg & 0xff) - // The length is always 0 - z = z[4:] - } - if len(m.serverName) > 0 { - z[0] = byte(extensionServerName >> 8) - z[1] = byte(extensionServerName & 0xff) - l := len(m.serverName) + 5 - z[2] = byte(l >> 8) - z[3] = byte(l) - z = z[4:] - - // RFC 3546, section 3.1 - // - // struct { - // NameType name_type; - // select (name_type) { - // case host_name: HostName; - // } name; - // } ServerName; - // - // enum { - // host_name(0), (255) - // } NameType; - // - // opaque HostName<1..2^16-1>; - // - // struct { - // ServerName server_name_list<1..2^16-1> - // } ServerNameList; - - z[0] = byte((len(m.serverName) + 3) >> 8) - z[1] = byte(len(m.serverName) + 3) - z[3] = byte(len(m.serverName) >> 8) - z[4] = byte(len(m.serverName)) - copy(z[5:], []byte(m.serverName)) - z = z[l:] - } - if m.ocspStapling { - // RFC 4366, section 3.6 - z[0] = byte(extensionStatusRequest >> 8) - z[1] = byte(extensionStatusRequest) - z[2] = 0 - z[3] = 5 - z[4] = 1 // OCSP type - // Two zero valued uint16s for the two lengths. - z = z[9:] - } - if len(m.supportedCurves) > 0 { - // http://tools.ietf.org/html/rfc4492#section-5.5.1 - z[0] = byte(extensionSupportedCurves >> 8) - z[1] = byte(extensionSupportedCurves) - l := 2 + 2*len(m.supportedCurves) - z[2] = byte(l >> 8) - z[3] = byte(l) - l -= 2 - z[4] = byte(l >> 8) - z[5] = byte(l) - z = z[6:] - for _, curve := range m.supportedCurves { - z[0] = byte(curve >> 8) - z[1] = byte(curve) - z = z[2:] - } - } - if len(m.supportedPoints) > 0 { - // http://tools.ietf.org/html/rfc4492#section-5.5.2 - z[0] = byte(extensionSupportedPoints >> 8) - z[1] = byte(extensionSupportedPoints) - l := 1 + len(m.supportedPoints) - z[2] = byte(l >> 8) - z[3] = byte(l) - l-- - z[4] = byte(l) - z = z[5:] - for _, pointFormat := range m.supportedPoints { - z[0] = byte(pointFormat) - z = z[1:] - } - } - if m.ticketSupported { - // http://tools.ietf.org/html/rfc5077#section-3.2 - z[0] = byte(extensionSessionTicket >> 8) - z[1] = byte(extensionSessionTicket) - l := len(m.sessionTicket) - z[2] = byte(l >> 8) - z[3] = byte(l) - z = z[4:] - copy(z, m.sessionTicket) - z = z[len(m.sessionTicket):] - } - if len(m.signatureAndHashes) > 0 { - // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 - z[0] = byte(extensionSignatureAlgorithms >> 8) - z[1] = byte(extensionSignatureAlgorithms) - l := 2 + 2*len(m.signatureAndHashes) - z[2] = byte(l >> 8) - z[3] = byte(l) - z = z[4:] - - l -= 2 - z[0] = byte(l >> 8) - z[1] = byte(l) - z = z[2:] - for _, sigAndHash := range m.signatureAndHashes { - z[0] = sigAndHash.hash - z[1] = sigAndHash.signature - z = z[2:] - } - } - if m.secureRenegotiation { - z[0] = byte(extensionRenegotiationInfo >> 8) - z[1] = byte(extensionRenegotiationInfo & 0xff) - z[2] = 0 - z[3] = 1 - z = z[5:] - } - if len(m.alpnProtocols) > 0 { - z[0] = byte(extensionALPN >> 8) - z[1] = byte(extensionALPN & 0xff) - lengths := z[2:] - z = z[6:] - - stringsLength := 0 - for _, s := range m.alpnProtocols { - l := len(s) - z[0] = byte(l) - copy(z[1:], s) - z = z[1+l:] - stringsLength += 1 + l - } - - lengths[2] = byte(stringsLength >> 8) - lengths[3] = byte(stringsLength) - stringsLength += 2 - lengths[0] = byte(stringsLength >> 8) - lengths[1] = byte(stringsLength) - } - if m.heartbeatEnabled { - z[0] = byte(extensionHeartbeat >> 8) - z[1] = byte(extensionHeartbeat) - length := 1 - z[2] = byte(length >> 8) - z[3] = byte(length) - z[4] = m.heartbeatMode - z = z[5:] - } - if m.extendedRandomEnabled { - z[0] = byte(extensionExtendedRandom >> 8) - z[1] = byte(extensionExtendedRandom) - exLen := len(m.extendedRandom) - length := 2 + exLen - z[2] = byte(length >> 8) - z[3] = byte(length) - z[4] = byte(exLen >> 8) - z[5] = byte(exLen) - z = z[6:] - copy(z, m.extendedRandom) - z = z[exLen:] - } - if m.extendedMasterSecret { - // https://tools.ietf.org/html/draft-ietf-tls-session-hash-01 - z[0] = byte(extensionExtendedMasterSecret >> 8) - z[1] = byte(extensionExtendedMasterSecret & 0xff) - z = z[4:] - } - if m.sctEnabled { - // https://tools.ietf.org/html/rfc6962#section-3.3.1 - z[0] = byte(extensionSCT >> 8) - z[1] = byte(extensionSCT) - // zero uint16 for the zero-length extension_data - z = z[4:] - } - if len(m.unknownExtensions) > 0 { - for _, ext := range m.unknownExtensions { - copy(z, ext) - z = z[len(ext):] - } - } - - m.raw = x - - return x -} - -func (m *clientHelloMsg) unmarshal(data []byte) bool { - if len(data) < 42 { - return false - } - m.raw = data - m.vers = uint16(data[4])<<8 | uint16(data[5]) - m.random = data[6:38] - sessionIdLen := int(data[38]) - if sessionIdLen > 32 || len(data) < 39+sessionIdLen { - return false - } - m.sessionId = data[39 : 39+sessionIdLen] - data = data[39+sessionIdLen:] - if len(data) < 2 { - return false - } - // cipherSuiteLen is the number of bytes of cipher suite numbers. Since - // they are uint16s, the number must be even. - cipherSuiteLen := int(data[0])<<8 | int(data[1]) - if cipherSuiteLen%2 == 1 || len(data) < 2+cipherSuiteLen { - return false - } - numCipherSuites := cipherSuiteLen / 2 - m.cipherSuites = make([]uint16, numCipherSuites) - for i := 0; i < numCipherSuites; i++ { - m.cipherSuites[i] = uint16(data[2+2*i])<<8 | uint16(data[3+2*i]) - if m.cipherSuites[i] == scsvRenegotiation { - m.secureRenegotiation = true - } - } - data = data[2+cipherSuiteLen:] - if len(data) < 1 { - return false - } - compressionMethodsLen := int(data[0]) - if len(data) < 1+compressionMethodsLen { - return false - } - m.compressionMethods = data[1 : 1+compressionMethodsLen] - - data = data[1+compressionMethodsLen:] - - m.nextProtoNeg = false - m.serverName = "" - m.ocspStapling = false - m.ticketSupported = false - m.sessionTicket = nil - m.signatureAndHashes = nil - m.heartbeatEnabled = false - m.extendedMasterSecret = false - m.alpnProtocols = nil - m.scts = false - m.unknownExtensions = [][]byte(nil) - - if len(data) == 0 { - // ClientHello is optionally followed by extension data - return true - } - if len(data) < 2 { - return false - } - - extensionsLength := int(data[0])<<8 | int(data[1]) - data = data[2:] - if extensionsLength != len(data) { - return false - } - - for len(data) != 0 { - if len(data) < 4 { - return false - } - fullData := data - extension := uint16(data[0])<<8 | uint16(data[1]) - length := int(data[2])<<8 | int(data[3]) - data = data[4:] - if len(data) < length { - return false - } - - switch extension { - case extensionServerName: - // we keep only the last name for m.serverName - if length < 2 { - return false - } - numNames := int(data[0])<<8 | int(data[1]) - d := data[2:] - for i := 0; i < numNames; i++ { - if len(d) < 3 { - return false - } - nameType := d[0] - nameLen := int(d[1])<<8 | int(d[2]) - d = d[3:] - if len(d) < nameLen { - return false - } - if nameType == 0 { - m.serverName = string(d[0:nameLen]) - break - } - d = d[nameLen:] - } - case extensionNextProtoNeg: - if length > 0 { - return false - } - m.nextProtoNeg = true - case extensionStatusRequest: - m.ocspStapling = length > 0 && data[0] == statusTypeOCSP - case extensionSupportedCurves: - // http://tools.ietf.org/html/rfc4492#section-5.5.1 - if length < 2 { - return false - } - l := int(data[0])<<8 | int(data[1]) - if l%2 == 1 || length != l+2 { - return false - } - numCurves := l / 2 - m.supportedCurves = make([]CurveID, numCurves) - d := data[2:] - for i := 0; i < numCurves; i++ { - m.supportedCurves[i] = CurveID(d[0])<<8 | CurveID(d[1]) - d = d[2:] - } - case extensionSupportedPoints: - // http://tools.ietf.org/html/rfc4492#section-5.5.2 - if length < 1 { - return false - } - l := int(data[0]) - if length != l+1 { - return false - } - m.supportedPoints = make([]uint8, l) - copy(m.supportedPoints, data[1:]) - case extensionSessionTicket: - // http://tools.ietf.org/html/rfc5077#section-3.2 - m.ticketSupported = true - m.sessionTicket = data[:length] - case extensionSignatureAlgorithms: - // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 - if length < 2 || length&1 != 0 { - return false - } - l := int(data[0])<<8 | int(data[1]) - if l != length-2 { - return false - } - n := l / 2 - d := data[2:] - m.signatureAndHashes = make([]signatureAndHash, n) - for i := range m.signatureAndHashes { - m.signatureAndHashes[i].hash = d[0] - m.signatureAndHashes[i].signature = d[1] - d = d[2:] - } - case extensionRenegotiationInfo: - if length != 1 || data[0] != 0 { - return false - } - m.secureRenegotiation = true - case extensionALPN: - if length < 2 { - return false - } - l := int(data[0])<<8 | int(data[1]) - if l != length-2 { - return false - } - d := data[2:length] - for len(d) != 0 { - stringLen := int(d[0]) - d = d[1:] - if stringLen == 0 || stringLen > len(d) { - return false - } - m.alpnProtocols = append(m.alpnProtocols, string(d[:stringLen])) - d = d[stringLen:] - } - case extensionHeartbeat: - // https://tools.ietf.org/html/rfc6520 - if length != 1 { - return false - } - mode := data[0] - if mode != heartbeatModePeerAllowed && - mode != heartbeatModePeerNotAllowed { - return false - } - m.heartbeatEnabled = true - m.heartbeatMode = mode - case extensionExtendedRandom: - if length < 3 { - return false - } - exLen := int(data[0]<<8) | int(data[1]) - if length != exLen+2 { - return false - } - if exLen > len(data) { - return false - } - m.extendedRandomEnabled = true - m.extendedRandom = make([]byte, exLen) - copy(m.extendedRandom, data[2:]) - case extensionExtendedMasterSecret: - if length != 0 { - return false - } - m.extendedMasterSecret = true - case extensionSCT: - m.scts = true - if length != 0 { - return false - } - default: - fullExt := append(fullData[:4], data[:length]...) - m.unknownExtensions = append(m.unknownExtensions, fullExt) - } - data = data[length:] - } - - return true -} - -type serverHelloMsg struct { - raw []byte - vers uint16 - random []byte - sessionId []byte - cipherSuite uint16 - compressionMethod uint8 - nextProtoNeg bool - nextProtos []string - ocspStapling bool - scts [][]byte - ticketSupported bool - secureRenegotiation bool - heartbeatEnabled bool - heartbeatMode uint8 - extendedRandomEnabled bool - extendedRandom []byte - extendedMasterSecret bool - alpnProtocol string - unknownExtensions [][]byte -} - -func (m *serverHelloMsg) equal(i interface{}) bool { - m1, ok := i.(*serverHelloMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - m.vers == m1.vers && - bytes.Equal(m.random, m1.random) && - bytes.Equal(m.sessionId, m1.sessionId) && - m.cipherSuite == m1.cipherSuite && - m.compressionMethod == m1.compressionMethod && - m.nextProtoNeg == m1.nextProtoNeg && - eqStrings(m.nextProtos, m1.nextProtos) && - m.ocspStapling == m1.ocspStapling && - m.ticketSupported == m1.ticketSupported && - m.secureRenegotiation == m1.secureRenegotiation && - m.extendedMasterSecret == m1.extendedMasterSecret && - m.alpnProtocol == m1.alpnProtocol && - reflect.DeepEqual(m.unknownExtensions, m1.unknownExtensions) -} - -func (m *serverHelloMsg) marshal() []byte { - if m.raw != nil { - return m.raw - } - - length := 38 + len(m.sessionId) - numExtensions := 0 - extensionsLength := 0 - - nextProtoLen := 0 - if m.nextProtoNeg { - numExtensions++ - for _, v := range m.nextProtos { - nextProtoLen += len(v) - } - nextProtoLen += len(m.nextProtos) - extensionsLength += nextProtoLen - } - if m.ocspStapling { - numExtensions++ - } - if m.ticketSupported { - numExtensions++ - } - if m.secureRenegotiation { - extensionsLength += 1 - numExtensions++ - } - if alpnLen := len(m.alpnProtocol); alpnLen > 0 { - if alpnLen >= 256 { - panic("invalid ALPN protocol") - } - extensionsLength += 2 + 1 + alpnLen - numExtensions++ - } - if m.heartbeatEnabled { - extensionsLength += 1 - numExtensions++ - } - if m.extendedRandomEnabled { - extensionsLength += 2 + len(m.extendedRandom) - numExtensions++ - } - if m.extendedMasterSecret { - numExtensions++ - } - sctLen := 0 - if len(m.scts) > 0 { - for _, sct := range m.scts { - sctLen += len(sct) + 2 - } - extensionsLength += 2 + sctLen - numExtensions++ - } - if len(m.unknownExtensions) > 0 { - // we do not update numExtensions because the extension code and length - // are already contained at the beginning of every 'ext' below - for _, ext := range m.unknownExtensions { - extensionsLength += len(ext) - } - } - if numExtensions > 0 { - extensionsLength += 4 * numExtensions - length += 2 + extensionsLength - } - - x := make([]byte, 4+length) - x[0] = typeServerHello - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - x[4] = uint8(m.vers >> 8) - x[5] = uint8(m.vers) - copy(x[6:38], m.random) - x[38] = uint8(len(m.sessionId)) - copy(x[39:39+len(m.sessionId)], m.sessionId) - z := x[39+len(m.sessionId):] - z[0] = uint8(m.cipherSuite >> 8) - z[1] = uint8(m.cipherSuite) - z[2] = uint8(m.compressionMethod) - - z = z[3:] - if numExtensions > 0 || len(m.unknownExtensions) > 0 { - z[0] = byte(extensionsLength >> 8) - z[1] = byte(extensionsLength) - z = z[2:] - } - if m.nextProtoNeg { - z[0] = byte(extensionNextProtoNeg >> 8) - z[1] = byte(extensionNextProtoNeg & 0xff) - z[2] = byte(nextProtoLen >> 8) - z[3] = byte(nextProtoLen) - z = z[4:] - - for _, v := range m.nextProtos { - l := len(v) - if l > 255 { - l = 255 - } - z[0] = byte(l) - copy(z[1:], []byte(v[0:l])) - z = z[1+l:] - } - } - if m.ocspStapling { - z[0] = byte(extensionStatusRequest >> 8) - z[1] = byte(extensionStatusRequest) - z = z[4:] - } - if m.ticketSupported { - z[0] = byte(extensionSessionTicket >> 8) - z[1] = byte(extensionSessionTicket) - z = z[4:] - } - if m.secureRenegotiation { - z[0] = byte(extensionRenegotiationInfo >> 8) - z[1] = byte(extensionRenegotiationInfo & 0xff) - z[2] = 0 - z[3] = 1 - z = z[5:] - } - if alpnLen := len(m.alpnProtocol); alpnLen > 0 { - z[0] = byte(extensionALPN >> 8) - z[1] = byte(extensionALPN & 0xff) - l := 2 + 1 + alpnLen - z[2] = byte(l >> 8) - z[3] = byte(l) - l -= 2 - z[4] = byte(l >> 8) - z[5] = byte(l) - l -= 1 - z[6] = byte(l) - copy(z[7:], []byte(m.alpnProtocol)) - z = z[7+alpnLen:] - } - if m.heartbeatEnabled { - z[0] = byte(extensionHeartbeat >> 8) - z[1] = byte(extensionHeartbeat) - z[2] = byte(1 >> 8) - z[3] = byte(1) - z[4] = m.heartbeatMode - z = z[5:] - } - if m.extendedRandomEnabled { - z[0] = byte(extensionExtendedRandom >> 8) - z[1] = byte(extensionExtendedRandom) - exLen := len(m.extendedRandom) - fullLength := 2 + exLen - z[2] = byte(fullLength << 8) - z[3] = byte(fullLength) - z[4] = byte(exLen << 8) - z[5] = byte(exLen) - z = z[6:] - copy(z, m.extendedRandom) - z = z[exLen:] - } - if m.extendedMasterSecret { - z[0] = byte(extensionExtendedMasterSecret >> 8) - z[1] = byte(extensionExtendedMasterSecret & 0xff) - z = z[4:] - } - if sctLen > 0 { - z[0] = byte(extensionSCT >> 8) - z[1] = byte(extensionSCT) - l := sctLen + 2 - z[2] = byte(l >> 8) - z[3] = byte(l) - z[4] = byte(sctLen >> 8) - z[5] = byte(sctLen) - - z = z[6:] - for _, sct := range m.scts { - z[0] = byte(len(sct) >> 8) - z[1] = byte(len(sct)) - copy(z[2:], sct) - z = z[len(sct)+2:] - } - } - if len(m.unknownExtensions) > 0 { - for _, ext := range m.unknownExtensions { - copy(z, ext) - z = z[len(ext):] - } - } - m.raw = x - return x -} - -func (m *serverHelloMsg) unmarshal(data []byte) bool { - if len(data) < 42 { - return false - } - m.raw = data - m.vers = uint16(data[4])<<8 | uint16(data[5]) - m.random = data[6:38] - sessionIdLen := int(data[38]) - if sessionIdLen > 32 || len(data) < 39+sessionIdLen { - return false - } - m.sessionId = data[39 : 39+sessionIdLen] - data = data[39+sessionIdLen:] - if len(data) < 3 { - return false - } - m.cipherSuite = uint16(data[0])<<8 | uint16(data[1]) - m.compressionMethod = data[2] - data = data[3:] - - m.nextProtoNeg = false - m.nextProtos = nil - m.scts = nil - m.ocspStapling = false - m.ticketSupported = false - m.heartbeatEnabled = false - m.extendedRandomEnabled = false - m.extendedMasterSecret = false - m.alpnProtocol = "" - m.unknownExtensions = [][]byte(nil) - - if len(data) == 0 { - // ServerHello is optionally followed by extension data - return true - } - if len(data) < 2 { - return false - } - - extensionsLength := int(data[0])<<8 | int(data[1]) - data = data[2:] - if len(data) != extensionsLength { - return false - } - - for len(data) != 0 { - if len(data) < 4 { - return false - } - fullData := data - extension := uint16(data[0])<<8 | uint16(data[1]) - length := int(data[2])<<8 | int(data[3]) - data = data[4:] - if len(data) < length { - return false - } - - switch extension { - case extensionNextProtoNeg: - m.nextProtoNeg = true - d := data[:length] - for len(d) > 0 { - l := int(d[0]) - d = d[1:] - if l == 0 || l > len(d) { - return false - } - m.nextProtos = append(m.nextProtos, string(d[:l])) - d = d[l:] - } - case extensionStatusRequest: - if length > 0 { - return false - } - m.ocspStapling = true - case extensionSessionTicket: - if length > 0 { - return false - } - m.ticketSupported = true - case extensionRenegotiationInfo: - if length != 1 || data[0] != 0 { - return false - } - m.secureRenegotiation = true - case extensionALPN: - d := data[:length] - if len(d) < 3 { - return false - } - l := int(d[0])<<8 | int(d[1]) - if l != len(d)-2 { - return false - } - d = d[2:] - l = int(d[0]) - if l != len(d)-1 { - return false - } - d = d[1:] - if len(d) == 0 { - // ALPN protocols must not be empty. - return false - } - m.alpnProtocol = string(d) - case extensionHeartbeat: - m.heartbeatEnabled = true - m.heartbeatMode = data[0] - case extensionExtendedRandom: - m.extendedRandomEnabled = true - if length < 3 { - return false - } - exRandLen := int(data[0]<<8) | int(data[1]) - if length != exRandLen+2 { - return false - } - exRand := data[2:] - if len(exRand) < exRandLen { - return false - } - m.extendedRandom = make([]byte, exRandLen) - copy(m.extendedRandom, data[2:]) - case extensionExtendedMasterSecret: - if length != 0 { - return false - } - m.extendedMasterSecret = true - - case extensionSCT: - d := data[:length] - if len(d) < 2 { - return false - } - l := int(d[0])<<8 | int(d[1]) - d = d[2:] - if len(d) != l || l == 0 { - return false - } - m.scts = make([][]byte, 0, 3) - for len(d) != 0 { - if len(d) < 2 { - return false - } - sctLen := int(d[0])<<8 | int(d[1]) - d = d[2:] - if sctLen == 0 || len(d) < sctLen { - return false - } - m.scts = append(m.scts, d[:sctLen]) - d = d[sctLen:] - } - default: - fullExt := append(fullData[:4], data[:length]...) - m.unknownExtensions = append(m.unknownExtensions, fullExt) - } - data = data[length:] - } - - return true -} - -type certificateMsg struct { - raw []byte - certificates [][]byte -} - -func (m *certificateMsg) equal(i interface{}) bool { - m1, ok := i.(*certificateMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - eqByteSlices(m.certificates, m1.certificates) -} - -func (m *certificateMsg) marshal() (x []byte) { - if m.raw != nil { - return m.raw - } - - var i int - for _, slice := range m.certificates { - i += len(slice) - } - - length := 3 + 3*len(m.certificates) + i - x = make([]byte, 4+length) - x[0] = typeCertificate - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - - certificateOctets := length - 3 - x[4] = uint8(certificateOctets >> 16) - x[5] = uint8(certificateOctets >> 8) - x[6] = uint8(certificateOctets) - - y := x[7:] - for _, slice := range m.certificates { - y[0] = uint8(len(slice) >> 16) - y[1] = uint8(len(slice) >> 8) - y[2] = uint8(len(slice)) - copy(y[3:], slice) - y = y[3+len(slice):] - } - - m.raw = x - return -} - -func (m *certificateMsg) unmarshal(data []byte) bool { - if len(data) < 7 { - return false - } - - m.raw = data - certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6]) - if uint32(len(data)) != certsLen+7 { - return false - } - - numCerts := 0 - d := data[7:] - for certsLen > 0 { - if len(d) < 4 { - return false - } - certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2]) - if uint32(len(d)) < 3+certLen { - return false - } - d = d[3+certLen:] - certsLen -= 3 + certLen - numCerts++ - } - - m.certificates = make([][]byte, numCerts) - d = data[7:] - for i := 0; i < numCerts; i++ { - certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2]) - m.certificates[i] = d[3 : 3+certLen] - d = d[3+certLen:] - } - - return true -} - -type serverKeyExchangeMsg struct { - raw []byte - key []byte -} - -func (m *serverKeyExchangeMsg) equal(i interface{}) bool { - m1, ok := i.(*serverKeyExchangeMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - bytes.Equal(m.key, m1.key) -} - -func (m *serverKeyExchangeMsg) marshal() []byte { - if m.raw != nil { - return m.raw - } - length := len(m.key) - x := make([]byte, length+4) - x[0] = typeServerKeyExchange - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - copy(x[4:], m.key) - - m.raw = x - return x -} - -func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool { - m.raw = data - if len(data) < 4 { - return false - } - m.key = data[4:] - return true -} - -type certificateStatusMsg struct { - raw []byte - statusType uint8 - response []byte -} - -func (m *certificateStatusMsg) equal(i interface{}) bool { - m1, ok := i.(*certificateStatusMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - m.statusType == m1.statusType && - bytes.Equal(m.response, m1.response) -} - -func (m *certificateStatusMsg) marshal() []byte { - if m.raw != nil { - return m.raw - } - - var x []byte - if m.statusType == statusTypeOCSP { - x = make([]byte, 4+4+len(m.response)) - x[0] = typeCertificateStatus - l := len(m.response) + 4 - x[1] = byte(l >> 16) - x[2] = byte(l >> 8) - x[3] = byte(l) - x[4] = statusTypeOCSP - - l -= 4 - x[5] = byte(l >> 16) - x[6] = byte(l >> 8) - x[7] = byte(l) - copy(x[8:], m.response) - } else { - x = []byte{typeCertificateStatus, 0, 0, 1, m.statusType} - } - - m.raw = x - return x -} - -func (m *certificateStatusMsg) unmarshal(data []byte) bool { - m.raw = data - if len(data) < 5 { - return false - } - m.statusType = data[4] - - m.response = nil - if m.statusType == statusTypeOCSP { - if len(data) < 8 { - return false - } - respLen := uint32(data[5])<<16 | uint32(data[6])<<8 | uint32(data[7]) - if uint32(len(data)) != 4+4+respLen { - return false - } - m.response = data[8:] - } - return true -} - -type serverHelloDoneMsg struct{} - -func (m *serverHelloDoneMsg) equal(i interface{}) bool { - _, ok := i.(*serverHelloDoneMsg) - return ok -} - -func (m *serverHelloDoneMsg) marshal() []byte { - x := make([]byte, 4) - x[0] = typeServerHelloDone - return x -} - -func (m *serverHelloDoneMsg) unmarshal(data []byte) bool { - return len(data) == 4 -} - -type clientKeyExchangeMsg struct { - raw []byte - ciphertext []byte -} - -func (m *clientKeyExchangeMsg) equal(i interface{}) bool { - m1, ok := i.(*clientKeyExchangeMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - bytes.Equal(m.ciphertext, m1.ciphertext) -} - -func (m *clientKeyExchangeMsg) marshal() []byte { - if m.raw != nil { - return m.raw - } - length := len(m.ciphertext) - x := make([]byte, length+4) - x[0] = typeClientKeyExchange - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - copy(x[4:], m.ciphertext) - - m.raw = x - return x -} - -func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool { - m.raw = data - if len(data) < 4 { - return false - } - l := int(data[1])<<16 | int(data[2])<<8 | int(data[3]) - if l != len(data)-4 { - return false - } - m.ciphertext = data[4:] - return true -} - -type finishedMsg struct { - raw []byte - verifyData []byte -} - -func (m *finishedMsg) equal(i interface{}) bool { - m1, ok := i.(*finishedMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - bytes.Equal(m.verifyData, m1.verifyData) -} - -func (m *finishedMsg) marshal() (x []byte) { - if m.raw != nil { - return m.raw - } - - x = make([]byte, 4+len(m.verifyData)) - x[0] = typeFinished - x[3] = byte(len(m.verifyData)) - copy(x[4:], m.verifyData) - m.raw = x - return -} - -func (m *finishedMsg) unmarshal(data []byte) bool { - m.raw = data - if len(data) < 4 { - return false - } - m.verifyData = data[4:] - return true -} - -type nextProtoMsg struct { - raw []byte - proto string -} - -func (m *nextProtoMsg) equal(i interface{}) bool { - m1, ok := i.(*nextProtoMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - m.proto == m1.proto -} - -func (m *nextProtoMsg) marshal() []byte { - if m.raw != nil { - return m.raw - } - l := len(m.proto) - if l > 255 { - l = 255 - } - - padding := 32 - (l+2)%32 - length := l + padding + 2 - x := make([]byte, length+4) - x[0] = typeNextProtocol - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - - y := x[4:] - y[0] = byte(l) - copy(y[1:], []byte(m.proto[0:l])) - y = y[1+l:] - y[0] = byte(padding) - - m.raw = x - - return x -} - -func (m *nextProtoMsg) unmarshal(data []byte) bool { - m.raw = data - - if len(data) < 5 { - return false - } - data = data[4:] - protoLen := int(data[0]) - data = data[1:] - if len(data) < protoLen { - return false - } - m.proto = string(data[0:protoLen]) - data = data[protoLen:] - - if len(data) < 1 { - return false - } - paddingLen := int(data[0]) - data = data[1:] - if len(data) != paddingLen { - return false - } - - return true -} - -type certificateRequestMsg struct { - raw []byte - // hasSignatureAndHash indicates whether this message includes a list - // of signature and hash functions. This change was introduced with TLS - // 1.2. - hasSignatureAndHash bool - - certificateTypes []byte - signatureAndHashes []signatureAndHash - certificateAuthorities [][]byte -} - -func (m *certificateRequestMsg) equal(i interface{}) bool { - m1, ok := i.(*certificateRequestMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - bytes.Equal(m.certificateTypes, m1.certificateTypes) && - eqByteSlices(m.certificateAuthorities, m1.certificateAuthorities) && - eqSignatureAndHashes(m.signatureAndHashes, m1.signatureAndHashes) -} - -func (m *certificateRequestMsg) marshal() (x []byte) { - if m.raw != nil { - return m.raw - } - - // See http://tools.ietf.org/html/rfc4346#section-7.4.4 - length := 1 + len(m.certificateTypes) + 2 - casLength := 0 - for _, ca := range m.certificateAuthorities { - casLength += 2 + len(ca) - } - length += casLength - - if m.hasSignatureAndHash { - length += 2 + 2*len(m.signatureAndHashes) - } - - x = make([]byte, 4+length) - x[0] = typeCertificateRequest - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - - x[4] = uint8(len(m.certificateTypes)) - - copy(x[5:], m.certificateTypes) - y := x[5+len(m.certificateTypes):] - - if m.hasSignatureAndHash { - n := len(m.signatureAndHashes) * 2 - y[0] = uint8(n >> 8) - y[1] = uint8(n) - y = y[2:] - for _, sigAndHash := range m.signatureAndHashes { - y[0] = sigAndHash.hash - y[1] = sigAndHash.signature - y = y[2:] - } - } - - y[0] = uint8(casLength >> 8) - y[1] = uint8(casLength) - y = y[2:] - for _, ca := range m.certificateAuthorities { - y[0] = uint8(len(ca) >> 8) - y[1] = uint8(len(ca)) - y = y[2:] - copy(y, ca) - y = y[len(ca):] - } - - m.raw = x - return -} - -func (m *certificateRequestMsg) unmarshal(data []byte) bool { - m.raw = data - - if len(data) < 5 { - return false - } - - length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) - if uint32(len(data))-4 != length { - return false - } - - numCertTypes := int(data[4]) - data = data[5:] - if numCertTypes == 0 || len(data) <= numCertTypes { - return false - } - - m.certificateTypes = make([]byte, numCertTypes) - if copy(m.certificateTypes, data) != numCertTypes { - return false - } - - data = data[numCertTypes:] - - if m.hasSignatureAndHash { - if len(data) < 2 { - return false - } - sigAndHashLen := uint16(data[0])<<8 | uint16(data[1]) - data = data[2:] - if sigAndHashLen&1 != 0 { - return false - } - if len(data) < int(sigAndHashLen) { - return false - } - numSigAndHash := sigAndHashLen / 2 - m.signatureAndHashes = make([]signatureAndHash, numSigAndHash) - for i := range m.signatureAndHashes { - m.signatureAndHashes[i].hash = data[0] - m.signatureAndHashes[i].signature = data[1] - data = data[2:] - } - } - - if len(data) < 2 { - return false - } - casLength := uint16(data[0])<<8 | uint16(data[1]) - data = data[2:] - if len(data) < int(casLength) { - return false - } - cas := make([]byte, casLength) - copy(cas, data) - data = data[casLength:] - - m.certificateAuthorities = nil - for len(cas) > 0 { - if len(cas) < 2 { - return false - } - caLen := uint16(cas[0])<<8 | uint16(cas[1]) - cas = cas[2:] - - if len(cas) < int(caLen) { - return false - } - - m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen]) - cas = cas[caLen:] - } - if len(data) > 0 { - return false - } - - return true -} - -type certificateVerifyMsg struct { - raw []byte - hasSignatureAndHash bool - signatureAndHash signatureAndHash - signature []byte -} - -func (m *certificateVerifyMsg) equal(i interface{}) bool { - m1, ok := i.(*certificateVerifyMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - m.hasSignatureAndHash == m1.hasSignatureAndHash && - m.signatureAndHash.hash == m1.signatureAndHash.hash && - m.signatureAndHash.signature == m1.signatureAndHash.signature && - bytes.Equal(m.signature, m1.signature) -} - -func (m *certificateVerifyMsg) marshal() (x []byte) { - if m.raw != nil { - return m.raw - } - - // See http://tools.ietf.org/html/rfc4346#section-7.4.8 - siglength := len(m.signature) - length := 2 + siglength - if m.hasSignatureAndHash { - length += 2 - } - x = make([]byte, 4+length) - x[0] = typeCertificateVerify - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - y := x[4:] - if m.hasSignatureAndHash { - y[0] = m.signatureAndHash.hash - y[1] = m.signatureAndHash.signature - y = y[2:] - } - y[0] = uint8(siglength >> 8) - y[1] = uint8(siglength) - copy(y[2:], m.signature) - - m.raw = x - - return -} - -func (m *certificateVerifyMsg) unmarshal(data []byte) bool { - m.raw = data - - if len(data) < 6 { - return false - } - - length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) - if uint32(len(data))-4 != length { - return false - } - - data = data[4:] - if m.hasSignatureAndHash { - m.signatureAndHash.hash = data[0] - m.signatureAndHash.signature = data[1] - data = data[2:] - } - - if len(data) < 2 { - return false - } - siglength := int(data[0])<<8 + int(data[1]) - data = data[2:] - if len(data) != siglength { - return false - } - - m.signature = data - - return true -} - -type newSessionTicketMsg struct { - raw []byte - ticket []byte - lifetimeHint uint32 -} - -func (m *newSessionTicketMsg) equal(i interface{}) bool { - m1, ok := i.(*newSessionTicketMsg) - if !ok { - return false - } - - return bytes.Equal(m.raw, m1.raw) && - bytes.Equal(m.ticket, m1.ticket) -} - -func (m *newSessionTicketMsg) marshal() (x []byte) { - if m.raw != nil { - return m.raw - } - - // See http://tools.ietf.org/html/rfc5077#section-3.3 - ticketLen := len(m.ticket) - length := 2 + 4 + ticketLen - x = make([]byte, 4+length) - x[0] = typeNewSessionTicket - x[1] = uint8(length >> 16) - x[2] = uint8(length >> 8) - x[3] = uint8(length) - x[8] = uint8(ticketLen >> 8) - x[9] = uint8(ticketLen) - copy(x[10:], m.ticket) - - m.raw = x - - return -} - -func (m *newSessionTicketMsg) unmarshal(data []byte) bool { - m.raw = data - - if len(data) < 10 { - return false - } - - length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) - if uint32(len(data))-4 != length { - return false - } - - ticketLen := int(data[8])<<8 + int(data[9]) - if len(data)-10 != ticketLen { - return false - } - - m.lifetimeHint = uint32(data[4])<<24 | uint32(data[5])<<16 | uint32(data[6])<<8 | uint32(data[7]) - m.ticket = data[10:] - - return true -} - -type helloRequestMsg struct { -} - -func (*helloRequestMsg) marshal() []byte { - return []byte{typeHelloRequest, 0, 0, 0} -} - -func (*helloRequestMsg) unmarshal(data []byte) bool { - return len(data) == 4 -} - -func eqUint16s(x, y []uint16) bool { - if len(x) != len(y) { - return false - } - for i, v := range x { - if y[i] != v { - return false - } - } - return true -} - -func eqCurveIDs(x, y []CurveID) bool { - if len(x) != len(y) { - return false - } - for i, v := range x { - if y[i] != v { - return false - } - } - return true -} - -func eqStrings(x, y []string) bool { - if len(x) != len(y) { - return false - } - for i, v := range x { - if y[i] != v { - return false - } - } - return true -} - -func eqByteSlices(x, y [][]byte) bool { - if len(x) != len(y) { - return false - } - for i, v := range x { - if !bytes.Equal(v, y[i]) { - return false - } - } - return true -} - -func eqSignatureAndHashes(x, y []signatureAndHash) bool { - if len(x) != len(y) { - return false - } - for i, v := range x { - v2 := y[i] - if v.hash != v2.hash || v.signature != v2.signature { - return false - } - } - return true -} diff --git a/ztools/ztls/handshake_messages_test.go b/ztools/ztls/handshake_messages_test.go deleted file mode 100644 index 8ec64646..00000000 --- a/ztools/ztls/handshake_messages_test.go +++ /dev/null @@ -1,251 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "math/rand" - "reflect" - "testing" - "testing/quick" -) - -var tests = []interface{}{ - &clientHelloMsg{}, - &serverHelloMsg{}, - &finishedMsg{}, - - &certificateMsg{}, - &certificateRequestMsg{}, - &certificateVerifyMsg{}, - &certificateStatusMsg{}, - &clientKeyExchangeMsg{}, - &nextProtoMsg{}, - &newSessionTicketMsg{}, - &sessionState{}, -} - -type testMessage interface { - marshal() []byte - unmarshal([]byte) bool - equal(interface{}) bool -} - -func TestMarshalUnmarshal(t *testing.T) { - rand := rand.New(rand.NewSource(0)) - - for i, iface := range tests { - ty := reflect.ValueOf(iface).Type() - - n := 100 - if testing.Short() { - n = 5 - } - for j := 0; j < n; j++ { - v, ok := quick.Value(ty, rand) - if !ok { - t.Errorf("#%d: failed to create value", i) - break - } - - m1 := v.Interface().(testMessage) - marshaled := m1.marshal() - m2 := iface.(testMessage) - if !m2.unmarshal(marshaled) { - t.Errorf("#%d failed to unmarshal %#v %x", i, m1, marshaled) - break - } - m2.marshal() // to fill any marshal cache in the message - - if !m1.equal(m2) { - t.Errorf("#%d got:%#v want:%#v %x", i, m2, m1, marshaled) - break - } - - if i >= 3 { - // The first three message types (ClientHello, - // ServerHello and Finished) are allowed to - // have parsable prefixes because the extension - // data is optional and the length of the - // Finished varies across versions. - for j := 0; j < len(marshaled); j++ { - if m2.unmarshal(marshaled[0:j]) { - t.Errorf("#%d unmarshaled a prefix of length %d of %#v", i, j, m1) - break - } - } - } - } - } -} - -func TestFuzz(t *testing.T) { - rand := rand.New(rand.NewSource(0)) - for _, iface := range tests { - m := iface.(testMessage) - - for j := 0; j < 1000; j++ { - len := rand.Intn(100) - bytes := randomBytes(len, rand) - // This just looks for crashes due to bounds errors etc. - m.unmarshal(bytes) - } - } -} - -func randomBytes(n int, rand *rand.Rand) []byte { - r := make([]byte, n) - for i := 0; i < n; i++ { - r[i] = byte(rand.Int31()) - } - return r -} - -func randomString(n int, rand *rand.Rand) string { - b := randomBytes(n, rand) - return string(b) -} - -func (*clientHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &clientHelloMsg{} - m.vers = uint16(rand.Intn(65536)) - m.random = randomBytes(32, rand) - m.sessionId = randomBytes(rand.Intn(32), rand) - m.cipherSuites = make([]uint16, rand.Intn(63)+1) - for i := 0; i < len(m.cipherSuites); i++ { - m.cipherSuites[i] = uint16(rand.Int31()) - } - m.compressionMethods = randomBytes(rand.Intn(63)+1, rand) - if rand.Intn(10) > 5 { - m.nextProtoNeg = true - } - if rand.Intn(10) > 5 { - m.serverName = randomString(rand.Intn(255), rand) - } - m.ocspStapling = rand.Intn(10) > 5 - m.supportedPoints = randomBytes(rand.Intn(5)+1, rand) - m.supportedCurves = make([]CurveID, rand.Intn(5)+1) - for i := range m.supportedCurves { - m.supportedCurves[i] = CurveID(rand.Intn(30000)) - } - if rand.Intn(10) > 5 { - m.ticketSupported = true - if rand.Intn(10) > 5 { - m.sessionTicket = randomBytes(rand.Intn(300), rand) - } - } - if rand.Intn(10) > 5 { - m.signatureAndHashes = supportedSKXSignatureAlgorithms - } - m.alpnProtocols = make([]string, rand.Intn(5)) - for i := range m.alpnProtocols { - m.alpnProtocols[i] = randomString(rand.Intn(20)+1, rand) - } - - return reflect.ValueOf(m) -} - -func (*serverHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &serverHelloMsg{} - m.vers = uint16(rand.Intn(65536)) - m.random = randomBytes(32, rand) - m.sessionId = randomBytes(rand.Intn(32), rand) - m.cipherSuite = uint16(rand.Int31()) - m.compressionMethod = uint8(rand.Intn(256)) - - if rand.Intn(10) > 5 { - m.nextProtoNeg = true - - n := rand.Intn(10) - m.nextProtos = make([]string, n) - for i := 0; i < n; i++ { - m.nextProtos[i] = randomString(20, rand) - } - } - - if rand.Intn(10) > 5 { - m.ocspStapling = true - } - if rand.Intn(10) > 5 { - m.ticketSupported = true - } - m.alpnProtocol = randomString(rand.Intn(32)+1, rand) - - return reflect.ValueOf(m) -} - -func (*certificateMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &certificateMsg{} - numCerts := rand.Intn(20) - m.certificates = make([][]byte, numCerts) - for i := 0; i < numCerts; i++ { - m.certificates[i] = randomBytes(rand.Intn(10)+1, rand) - } - return reflect.ValueOf(m) -} - -func (*certificateRequestMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &certificateRequestMsg{} - m.certificateTypes = randomBytes(rand.Intn(5)+1, rand) - numCAs := rand.Intn(100) - m.certificateAuthorities = make([][]byte, numCAs) - for i := 0; i < numCAs; i++ { - m.certificateAuthorities[i] = randomBytes(rand.Intn(15)+1, rand) - } - return reflect.ValueOf(m) -} - -func (*certificateVerifyMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &certificateVerifyMsg{} - m.signature = randomBytes(rand.Intn(15)+1, rand) - return reflect.ValueOf(m) -} - -func (*certificateStatusMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &certificateStatusMsg{} - if rand.Intn(10) > 5 { - m.statusType = statusTypeOCSP - m.response = randomBytes(rand.Intn(10)+1, rand) - } else { - m.statusType = 42 - } - return reflect.ValueOf(m) -} - -func (*clientKeyExchangeMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &clientKeyExchangeMsg{} - m.ciphertext = randomBytes(rand.Intn(1000)+1, rand) - return reflect.ValueOf(m) -} - -func (*finishedMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &finishedMsg{} - m.verifyData = randomBytes(12, rand) - return reflect.ValueOf(m) -} - -func (*nextProtoMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &nextProtoMsg{} - m.proto = randomString(rand.Intn(255), rand) - return reflect.ValueOf(m) -} - -func (*newSessionTicketMsg) Generate(rand *rand.Rand, size int) reflect.Value { - m := &newSessionTicketMsg{} - m.ticket = randomBytes(rand.Intn(4), rand) - return reflect.ValueOf(m) -} - -func (*sessionState) Generate(rand *rand.Rand, size int) reflect.Value { - s := &sessionState{} - s.vers = uint16(rand.Intn(10000)) - s.cipherSuite = uint16(rand.Intn(10000)) - s.masterSecret = randomBytes(rand.Intn(100), rand) - numCerts := rand.Intn(20) - s.certificates = make([][]byte, numCerts) - for i := 0; i < numCerts; i++ { - s.certificates[i] = randomBytes(rand.Intn(10)+1, rand) - } - return reflect.ValueOf(s) -} diff --git a/ztools/ztls/handshake_server.go b/ztools/ztls/handshake_server.go deleted file mode 100644 index ece7ebdf..00000000 --- a/ztools/ztls/handshake_server.go +++ /dev/null @@ -1,809 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "crypto" - "crypto/ecdsa" - "crypto/rsa" - "crypto/subtle" - "encoding/asn1" - "errors" - "fmt" - "io" - - "github.com/zmap/zgrab/ztools/x509" -) - -// serverHandshakeState contains details of a server handshake in progress. -// It's discarded once the handshake has completed. -type serverHandshakeState struct { - c *Conn - clientHello *clientHelloMsg - hello *serverHelloMsg - suite *cipherSuite - ellipticOk bool - ecdsaOk bool - sessionState *sessionState - finishedHash finishedHash - masterSecret []byte - certsFromClient [][]byte - cert *Certificate - preMasterSecret []byte - cachedClientHelloInfo *ClientHelloInfo -} - -// serverHandshake performs a TLS handshake as a server. -func (c *Conn) serverHandshake() error { - // If this is the first server handshake, we generate a random key to - // encrypt the tickets with. - c.config.serverInitOnce.Do(c.config.serverInit) - - hs := serverHandshakeState{ - c: c, - } - isResume, err := hs.readClientHello() - if err != nil { - return err - } - - // For an overview of TLS handshaking, see https://tools.ietf.org/html/rfc5246#section-7.3 - if isResume { - // The client has included a session ticket and so we do an abbreviated handshake. - if err := hs.doResumeHandshake(); err != nil { - return err - } - if err := hs.establishKeys(); err != nil { - return err - } - if err := hs.sendFinished(); err != nil { - return err - } - if err := hs.readFinished(); err != nil { - return err - } - c.didResume = true - } else { - // The client didn't include a session ticket, or it wasn't - // valid so we do a full handshake. - if err := hs.doFullHandshake(); err != nil { - return err - } - if err := hs.establishKeys(); err != nil { - return err - } - if err := hs.readFinished(); err != nil { - return err - } - if err := hs.sendSessionTicket(); err != nil { - return err - } - if err := hs.sendFinished(); err != nil { - return err - } - } - - c.handshakeLog.KeyMaterial = hs.MakeLog() - - c.handshakeComplete = true - - return nil -} - -// readClientHello reads a ClientHello message from the client and decides -// whether we will perform session resumption. -func (hs *serverHandshakeState) readClientHello() (isResume bool, err error) { - c := hs.c - c.handshakeLog = new(ServerHandshake) - - msg, err := c.readHandshake() - if err != nil { - return false, err - } - var ok bool - hs.clientHello, ok = msg.(*clientHelloMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return false, unexpectedMessageError(hs.clientHello, msg) - } - c.clientHelloRaw = hs.clientHello.raw - c.clientCiphers = hs.clientHello.cipherSuites - c.handshakeLog.ClientHello = hs.clientHello.MakeLog() - - if c.config.GetConfigForClient != nil { - if newConfig, err := c.config.GetConfigForClient(hs.clientHelloInfo()); err != nil { - c.sendAlert(alertInternalError) - return false, err - } else if newConfig != nil { - newConfig.mutex.Lock() - newConfig.originalConfig = c.config - newConfig.mutex.Unlock() - - newConfig.serverInitOnce.Do(newConfig.serverInit) - c.config = newConfig - } - } - - c.vers, ok = c.config.mutualVersion(hs.clientHello.vers) - if !ok { - c.sendAlert(alertProtocolVersion) - return false, fmt.Errorf("tls: client offered an unsupported, maximum protocol version of %x", hs.clientHello.vers) - } - c.haveVers = true - - hs.finishedHash = newFinishedHash(c.vers, hs.suite) - hs.finishedHash.Write(hs.clientHello.marshal()) - - hs.hello = new(serverHelloMsg) - - supportedCurve := false - preferredCurves := c.config.curvePreferences() -Curves: - for _, curve := range hs.clientHello.supportedCurves { - for _, supported := range preferredCurves { - if supported == curve { - supportedCurve = true - break Curves - } - } - } - - supportedPointFormat := false - for _, pointFormat := range hs.clientHello.supportedPoints { - if pointFormat == pointFormatUncompressed { - supportedPointFormat = true - break - } - } - hs.ellipticOk = supportedCurve && supportedPointFormat - - foundCompression := false - // We only support null compression, so check that the client offered it. - for _, compression := range hs.clientHello.compressionMethods { - if compression == compressionNone { - foundCompression = true - break - } - } - - if !foundCompression { - c.sendAlert(alertHandshakeFailure) - return false, errors.New("tls: client does not support uncompressed connections") - } - - hs.hello.vers = c.vers - hs.hello.random = make([]byte, 32) - _, err = io.ReadFull(c.config.rand(), hs.hello.random) - if err != nil { - c.sendAlert(alertInternalError) - return false, err - } - hs.hello.secureRenegotiation = hs.clientHello.secureRenegotiation - hs.hello.compressionMethod = compressionNone - hs.hello.extendedMasterSecret = c.vers >= VersionTLS10 && hs.clientHello.extendedMasterSecret && c.config.ExtendedMasterSecret - if len(hs.clientHello.serverName) > 0 { - c.serverName = hs.clientHello.serverName - } - if len(hs.clientHello.alpnProtocols) > 0 { - if selectedProto, fallback := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); !fallback { - hs.hello.alpnProtocol = selectedProto - c.clientProtocol = selectedProto - } - } else { - // Although sending an empty NPN extension is reasonable, Firefox has - // had a bug around this. Best to send nothing at all if - // c.config.NextProtos is empty. See - // https://code.google.com/p/go/issues/detail?id=5445. - if hs.clientHello.nextProtoNeg && len(c.config.NextProtos) > 0 { - hs.hello.nextProtoNeg = true - hs.hello.nextProtos = c.config.NextProtos - } - } - - if len(c.config.Certificates) == 0 { - c.sendAlert(alertInternalError) - return false, errors.New("tls: no certificates configured") - } - hs.cert = &c.config.Certificates[0] - if len(hs.clientHello.serverName) > 0 { - hs.cert = c.config.getCertificateForName(hs.clientHello.serverName) - } - - _, hs.ecdsaOk = hs.cert.PrivateKey.(*ecdsa.PrivateKey) - - if hs.checkForResumption() { - return true, nil - } - - var preferenceList, supportedList []uint16 - if c.config.PreferServerCipherSuites { - preferenceList = c.config.cipherSuites() - supportedList = hs.clientHello.cipherSuites - } else { - preferenceList = hs.clientHello.cipherSuites - supportedList = c.config.cipherSuites() - } - - for _, id := range preferenceList { - if hs.suite = c.tryCipherSuite(id, supportedList, c.vers, hs.ellipticOk, hs.ecdsaOk); hs.suite != nil { - break - } - } - - if hs.suite == nil { - c.sendAlert(alertHandshakeFailure) - return false, errors.New("tls: no cipher suite supported by both client and server") - } - - return false, nil -} - -// checkForResumption returns true if we should perform resumption on this connection. -func (hs *serverHandshakeState) checkForResumption() bool { - c := hs.c - - if c.config.SessionTicketsDisabled { - return false - } - - var ok bool - if hs.sessionState, ok = c.decryptTicket(hs.clientHello.sessionTicket); !ok { - return false - } - - if hs.sessionState.vers > hs.clientHello.vers { - return false - } - if vers, ok := c.config.mutualVersion(hs.sessionState.vers); !ok || vers != hs.sessionState.vers { - return false - } - - cipherSuiteOk := false - // Check that the client is still offering the ciphersuite in the session. - for _, id := range hs.clientHello.cipherSuites { - if id == hs.sessionState.cipherSuite { - cipherSuiteOk = true - break - } - } - if !cipherSuiteOk { - return false - } - - // Check that we also support the ciphersuite from the session. - hs.suite = c.tryCipherSuite(hs.sessionState.cipherSuite, c.config.cipherSuites(), hs.sessionState.vers, hs.ellipticOk, hs.ecdsaOk) - if hs.suite == nil { - return false - } - - sessionHasClientCerts := len(hs.sessionState.certificates) != 0 - needClientCerts := c.config.ClientAuth == RequireAnyClientCert || c.config.ClientAuth == RequireAndVerifyClientCert - if needClientCerts && !sessionHasClientCerts { - return false - } - if sessionHasClientCerts && c.config.ClientAuth == NoClientCert { - return false - } - - return true -} - -func (hs *serverHandshakeState) doResumeHandshake() error { - c := hs.c - - hs.hello.cipherSuite = hs.suite.id - // We echo the client's session ID in the ServerHello to let it know - // that we're doing a resumption. - hs.hello.sessionId = hs.clientHello.sessionId - hs.finishedHash.Write(hs.hello.marshal()) - c.writeRecord(recordTypeHandshake, hs.hello.marshal()) - c.handshakeLog.ServerHello = hs.hello.MakeLog() - - if len(hs.sessionState.certificates) > 0 { - if _, err := hs.processCertsFromClient(hs.sessionState.certificates); err != nil { - return err - } - } - - hs.masterSecret = hs.sessionState.masterSecret - c.extendedMasterSecret = hs.sessionState.extendedMasterSecret - - return nil -} - -func (hs *serverHandshakeState) doFullHandshake() error { - c := hs.c - - if hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 { - hs.hello.ocspStapling = true - } - - hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled - hs.hello.cipherSuite = hs.suite.id - c.extendedMasterSecret = hs.hello.extendedMasterSecret - hs.finishedHash.Write(hs.hello.marshal()) - c.writeRecord(recordTypeHandshake, hs.hello.marshal()) - c.handshakeLog.ServerHello = hs.hello.MakeLog() - - certMsg := new(certificateMsg) - certMsg.certificates = hs.cert.Certificate - hs.finishedHash.Write(certMsg.marshal()) - c.writeRecord(recordTypeHandshake, certMsg.marshal()) - c.handshakeLog.ServerCertificates = certMsg.MakeLog() - - if hs.hello.ocspStapling { - certStatus := new(certificateStatusMsg) - certStatus.statusType = statusTypeOCSP - certStatus.response = hs.cert.OCSPStaple - hs.finishedHash.Write(certStatus.marshal()) - c.writeRecord(recordTypeHandshake, certStatus.marshal()) - } - - keyAgreement := hs.suite.ka(c.vers) - skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello) - if err != nil { - c.sendAlert(alertHandshakeFailure) - return err - } - if skx != nil { - hs.finishedHash.Write(skx.marshal()) - c.writeRecord(recordTypeHandshake, skx.marshal()) - c.handshakeLog.ServerKeyExchange = skx.MakeLog(keyAgreement) - } - - if c.config.ClientAuth >= RequestClientCert { - // Request a client certificate - certReq := new(certificateRequestMsg) - certReq.certificateTypes = []byte{ - byte(certTypeRSASign), - byte(certTypeECDSASign), - } - if c.vers >= VersionTLS12 { - certReq.hasSignatureAndHash = true - certReq.signatureAndHashes = supportedClientCertSignatureAlgorithms - } - - // An empty list of certificateAuthorities signals to - // the client that it may send any certificate in response - // to our request. When we know the CAs we trust, then - // we can send them down, so that the client can choose - // an appropriate certificate to give to us. - if c.config.ClientCAs != nil { - certReq.certificateAuthorities = c.config.ClientCAs.Subjects() - } - hs.finishedHash.Write(certReq.marshal()) - c.writeRecord(recordTypeHandshake, certReq.marshal()) - } - - helloDone := new(serverHelloDoneMsg) - hs.finishedHash.Write(helloDone.marshal()) - c.writeRecord(recordTypeHandshake, helloDone.marshal()) - - var pub crypto.PublicKey // public key for client auth, if any - - msg, err := c.readHandshake() - if err != nil { - return err - } - - var ok bool - // If we requested a client certificate, then the client must send a - // certificate message, even if it's empty. - if c.config.ClientAuth >= RequestClientCert { - if certMsg, ok = msg.(*certificateMsg); !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(certMsg, msg) - } - hs.finishedHash.Write(certMsg.marshal()) - - if len(certMsg.certificates) == 0 { - // The client didn't actually send a certificate - switch c.config.ClientAuth { - case RequireAnyClientCert, RequireAndVerifyClientCert: - c.sendAlert(alertBadCertificate) - return errors.New("tls: client didn't provide a certificate") - } - } - - pub, err = hs.processCertsFromClient(certMsg.certificates) - if err != nil { - return err - } - - msg, err = c.readHandshake() - if err != nil { - return err - } - } - - // Get client key exchange - ckx, ok := msg.(*clientKeyExchangeMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(ckx, msg) - } - hs.finishedHash.Write(ckx.marshal()) - - preMasterSecret, err := keyAgreement.processClientKeyExchange(c.config, hs.cert, ckx) - if err != nil { - c.sendAlert(alertHandshakeFailure) - return err - } - c.handshakeLog.ClientKeyExchange = ckx.MakeLog(keyAgreement) - - hs.preMasterSecret = make([]byte, len(preMasterSecret)) - copy(hs.preMasterSecret, preMasterSecret) - - if c.extendedMasterSecret { - hs.masterSecret = extendedMasterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.finishedHash) - } else { - hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.clientHello.random, hs.hello.random) - } - - // If we received a client cert in response to our certificate request message, - // the client will send us a certificateVerifyMsg immediately after the - // clientKeyExchangeMsg. This message is a digest of all preceding - // handshake-layer messages that is signed using the private key corresponding - // to the client's certificate. This allows us to verify that the client is in - // possession of the private key of the certificate. - if len(c.peerCertificates) > 0 { - msg, err = c.readHandshake() - if err != nil { - return err - } - certVerify, ok := msg.(*certificateVerifyMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(certVerify, msg) - } - - // Determine the signature type. - var signatureAndHash signatureAndHash - if certVerify.hasSignatureAndHash { - signatureAndHash = certVerify.signatureAndHash - if !isSupportedSignatureAndHash(signatureAndHash, c.config.signatureAndHashesForServer()) { - return errors.New("tls: unsupported hash function for client certificate") - } - } else { - // Before TLS 1.2 the signature algorithm was implicit - // from the key type, and only one hash per signature - // algorithm was possible. Leave the hash as zero. - switch pub.(type) { - case *ecdsa.PublicKey: - signatureAndHash.signature = signatureECDSA - case *rsa.PublicKey: - signatureAndHash.signature = signatureRSA - } - } - - switch key := pub.(type) { - case *x509.AugmentedECDSA: - if signatureAndHash.signature != signatureECDSA { - err = errors.New("tls: bad signature type for client's ECDSA certificate") - break - } - ecdsaSig := new(ecdsaSignature) - if _, err = asn1.Unmarshal(certVerify.signature, ecdsaSig); err != nil { - break - } - if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 { - err = errors.New("ECDSA signature contained zero or negative values") - break - } - var digest []byte - digest, _, err = hs.finishedHash.hashForClientCertificate(signatureAndHash, hs.masterSecret) - if err != nil { - break - } - if !ecdsa.Verify(key.Pub, digest, ecdsaSig.R, ecdsaSig.S) { - err = errors.New("ECDSA verification failure") - break - } - case *ecdsa.PublicKey: - if signatureAndHash.signature != signatureECDSA { - err = errors.New("tls: bad signature type for client's ECDSA certificate") - break - } - ecdsaSig := new(ecdsaSignature) - if _, err = asn1.Unmarshal(certVerify.signature, ecdsaSig); err != nil { - break - } - if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 { - err = errors.New("ECDSA signature contained zero or negative values") - break - } - var digest []byte - digest, _, err = hs.finishedHash.hashForClientCertificate(signatureAndHash, hs.masterSecret) - if err != nil { - break - } - if !ecdsa.Verify(key, digest, ecdsaSig.R, ecdsaSig.S) { - err = errors.New("ECDSA verification failure") - break - } - case *rsa.PublicKey: - if signatureAndHash.signature != signatureRSA { - err = errors.New("tls: bad signature type for client's RSA certificate") - break - } - var digest []byte - var hashFunc crypto.Hash - digest, hashFunc, err = hs.finishedHash.hashForClientCertificate(signatureAndHash, hs.masterSecret) - if err != nil { - break - } - err = rsa.VerifyPKCS1v15(key, hashFunc, digest, certVerify.signature) - } - if err != nil { - c.sendAlert(alertBadCertificate) - return errors.New("could not validate signature of connection nonces: " + err.Error()) - } - - hs.writeClientHash(certVerify.marshal()) - } - - return nil -} - -func (hs *serverHandshakeState) establishKeys() error { - c := hs.c - - clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV := - keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen) - - var clientCipher, serverCipher interface{} - var clientHash, serverHash macFunction - - if hs.suite.aead == nil { - clientCipher = hs.suite.cipher(clientKey, clientIV, true /* for reading */) - clientHash = hs.suite.mac(c.vers, clientMAC) - serverCipher = hs.suite.cipher(serverKey, serverIV, false /* not for reading */) - serverHash = hs.suite.mac(c.vers, serverMAC) - } else { - clientCipher = hs.suite.aead(clientKey, clientIV) - serverCipher = hs.suite.aead(serverKey, serverIV) - } - - c.in.prepareCipherSpec(c.vers, clientCipher, clientHash) - c.out.prepareCipherSpec(c.vers, serverCipher, serverHash) - - return nil -} - -func (hs *serverHandshakeState) readFinished() error { - c := hs.c - - c.readRecord(recordTypeChangeCipherSpec) - if err := c.in.error(); err != nil { - return err - } - - if hs.hello.nextProtoNeg { - msg, err := c.readHandshake() - if err != nil { - return err - } - nextProto, ok := msg.(*nextProtoMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(nextProto, msg) - } - hs.finishedHash.Write(nextProto.marshal()) - c.clientProtocol = nextProto.proto - } - - msg, err := c.readHandshake() - if err != nil { - return err - } - clientFinished, ok := msg.(*finishedMsg) - if !ok { - c.sendAlert(alertUnexpectedMessage) - return unexpectedMessageError(clientFinished, msg) - } - c.handshakeLog.ClientFinished = clientFinished.MakeLog() - - verify := hs.finishedHash.clientSum(hs.masterSecret) - if len(verify) != len(clientFinished.verifyData) || - subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 { - c.sendAlert(alertHandshakeFailure) - return errors.New("tls: client's Finished message is incorrect") - } - - hs.finishedHash.Write(clientFinished.marshal()) - return nil -} - -func (hs *serverHandshakeState) sendSessionTicket() error { - if !hs.hello.ticketSupported { - return nil - } - - c := hs.c - m := new(newSessionTicketMsg) - - var err error - state := sessionState{ - vers: c.vers, - cipherSuite: hs.suite.id, - masterSecret: hs.masterSecret, - certificates: hs.certsFromClient, - } - m.ticket, err = c.encryptTicket(&state) - if err != nil { - return err - } - - hs.finishedHash.Write(m.marshal()) - c.writeRecord(recordTypeHandshake, m.marshal()) - - return nil -} - -func (hs *serverHandshakeState) sendFinished() error { - c := hs.c - - c.writeRecord(recordTypeChangeCipherSpec, []byte{1}) - - finished := new(finishedMsg) - finished.verifyData = hs.finishedHash.serverSum(hs.masterSecret) - hs.finishedHash.Write(finished.marshal()) - c.writeRecord(recordTypeHandshake, finished.marshal()) - c.handshakeLog.ServerFinished = finished.MakeLog() - - c.cipherSuite = hs.suite.id - - return nil -} - -// processCertsFromClient takes a chain of client certificates either from a -// Certificates message or from a sessionState and verifies them. It returns -// the public key of the leaf certificate. -func (hs *serverHandshakeState) processCertsFromClient(certificates [][]byte) (crypto.PublicKey, error) { - c := hs.c - - hs.certsFromClient = certificates - certs := make([]*x509.Certificate, len(certificates)) - var err error - for i, asn1Data := range certificates { - if certs[i], err = x509.ParseCertificate(asn1Data); err != nil { - c.sendAlert(alertBadCertificate) - return nil, errors.New("tls: failed to parse client certificate: " + err.Error()) - } - } - - if c.config.ClientAuth >= VerifyClientCertIfGiven && len(certs) > 0 { - opts := x509.VerifyOptions{ - Roots: c.config.ClientCAs, - CurrentTime: c.config.time(), - Intermediates: x509.NewCertPool(), - KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, - } - - for _, cert := range certs[1:] { - opts.Intermediates.AddCert(cert) - } - - chains, err := certs[0].Verify(opts) - if err != nil { - c.sendAlert(alertBadCertificate) - return nil, errors.New("tls: failed to verify client's certificate: " + err.Error()) - } - - ok := false - for _, ku := range certs[0].ExtKeyUsage { - if ku == x509.ExtKeyUsageClientAuth { - ok = true - break - } - } - if !ok { - c.sendAlert(alertHandshakeFailure) - return nil, errors.New("tls: client's certificate's extended key usage doesn't permit it to be used for client authentication") - } - - c.verifiedChains = chains - } - - if len(certs) > 0 { - var pub crypto.PublicKey - switch key := certs[0].PublicKey.(type) { - case *ecdsa.PublicKey, *rsa.PublicKey: - pub = key - case *x509.AugmentedECDSA: - pub = key.Pub - default: - c.sendAlert(alertUnsupportedCertificate) - return nil, fmt.Errorf("tls: client's certificate contains an unsupported public key of type %T", certs[0].PublicKey) - } - c.peerCertificates = certs - return pub, nil - } - - return nil, nil -} - -func (hs *serverHandshakeState) writeServerHash(msg []byte) { - // writeServerHash is called before writeRecord. - hs.writeHash(msg, 0) -} - -func (hs *serverHandshakeState) writeClientHash(msg []byte) { - // writeClientHash is called after readHandshake. - hs.writeHash(msg, 0) -} - -func (hs *serverHandshakeState) writeHash(msg []byte, seqno uint16) { - hs.finishedHash.Write(msg) -} - -// tryCipherSuite returns a cipherSuite with the given id if that cipher suite -// is acceptable to use. -func (c *Conn) tryCipherSuite(id uint16, supportedCipherSuites []uint16, version uint16, ellipticOk, ecdsaOk bool) *cipherSuite { - for _, supported := range supportedCipherSuites { - if id == supported { - var candidate *cipherSuite - - for _, s := range implementedCipherSuites { - if s.id == id { - candidate = s - break - } - } - if candidate == nil { - continue - } - // Don't select a ciphersuite which we can't - // support for this client. - if (candidate.flags&suiteECDHE != 0) && !ellipticOk { - continue - } - if (candidate.flags&suiteECDSA != 0) != ecdsaOk { - continue - } - if version < VersionTLS12 && candidate.flags&suiteTLS12 != 0 { - continue - } - return candidate - } - } - - return nil -} - -// suppVersArray is the backing array of ClientHelloInfo.SupportedVersions -var suppVersArray = [...]uint16{VersionTLS12, VersionTLS11, VersionTLS10, VersionSSL30} - -func (hs *serverHandshakeState) clientHelloInfo() *ClientHelloInfo { - if hs.cachedClientHelloInfo != nil { - return hs.cachedClientHelloInfo - } - - var supportedVersions []uint16 - if hs.clientHello.vers > VersionTLS12 { - supportedVersions = suppVersArray[:] - } else if hs.clientHello.vers >= VersionSSL30 { - supportedVersions = suppVersArray[VersionTLS12-hs.clientHello.vers:] - } - - signatureSchemes := make([]SignatureScheme, 0, len(hs.clientHello.signatureAndHashes)) - for _, sah := range hs.clientHello.signatureAndHashes { - signatureSchemes = append(signatureSchemes, SignatureScheme(sah.hash)<<8+SignatureScheme(sah.signature)) - } - - hs.cachedClientHelloInfo = &ClientHelloInfo{ - CipherSuites: hs.clientHello.cipherSuites, - ServerName: hs.clientHello.serverName, - SupportedCurves: hs.clientHello.supportedCurves, - SupportedPoints: hs.clientHello.supportedPoints, - SignatureSchemes: signatureSchemes, - SupportedProtos: hs.clientHello.alpnProtocols, - SupportedVersions: supportedVersions, - Conn: hs.c.conn, - HandshakeLog: hs.c.handshakeLog, - } - - return hs.cachedClientHelloInfo -} diff --git a/ztools/ztls/handshake_server_test.go b/ztools/ztls/handshake_server_test.go deleted file mode 100644 index eca63758..00000000 --- a/ztools/ztls/handshake_server_test.go +++ /dev/null @@ -1,866 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rsa" - "encoding/hex" - "encoding/pem" - "errors" - "fmt" - "io" - "math/big" - "net" - "os" - "os/exec" - "path/filepath" - "strings" - "testing" - "time" - - "github.com/zmap/zgrab/ztools/x509" -) - -// zeroSource is an io.Reader that returns an unlimited number of zero bytes. -type zeroSource struct{} - -func (zeroSource) Read(b []byte) (n int, err error) { - for i := range b { - b[i] = 0 - } - - return len(b), nil -} - -var testConfig *Config - -func init() { - testConfig = &Config{ - Time: func() time.Time { return time.Unix(0, 0) }, - Rand: zeroSource{}, - Certificates: make([]Certificate, 2), - InsecureSkipVerify: true, - MinVersion: VersionSSL30, - MaxVersion: VersionTLS12, - } - testConfig.Certificates[0].Certificate = [][]byte{testRSACertificate} - testConfig.Certificates[0].PrivateKey = testRSAPrivateKey - testConfig.Certificates[1].Certificate = [][]byte{testSNICertificate} - testConfig.Certificates[1].PrivateKey = testRSAPrivateKey - testConfig.BuildNameToCertificate() -} - -func testClientHelloFailure(t *testing.T, m handshakeMessage, expectedSubStr string) { - // Create in-memory network connection, - // send message to server. Should return - // expected error. - c, s := net.Pipe() - go func() { - cli := Client(c, testConfig) - if ch, ok := m.(*clientHelloMsg); ok { - cli.vers = ch.vers - } - cli.writeRecord(recordTypeHandshake, m.marshal()) - c.Close() - }() - err := Server(s, testConfig).Handshake() - s.Close() - if err == nil || !strings.Contains(err.Error(), expectedSubStr) { - t.Errorf("Got error: %s; expected to match substring '%s'", err, expectedSubStr) - } -} - -func TestSimpleError(t *testing.T) { - testClientHelloFailure(t, &serverHelloDoneMsg{}, "unexpected handshake message") -} - -var badProtocolVersions = []uint16{0x0000, 0x0005, 0x0100, 0x0105, 0x0200, 0x0205} - -func TestRejectBadProtocolVersion(t *testing.T) { - for _, v := range badProtocolVersions { - testClientHelloFailure(t, &clientHelloMsg{vers: v}, "unsupported, maximum protocol version") - } -} - -func TestNoSuiteOverlap(t *testing.T) { - clientHello := &clientHelloMsg{ - vers: 0x0301, - cipherSuites: []uint16{0xff00}, - compressionMethods: []uint8{0}, - } - testClientHelloFailure(t, clientHello, "no cipher suite supported by both client and server") -} - -func TestNoCompressionOverlap(t *testing.T) { - clientHello := &clientHelloMsg{ - vers: 0x0301, - cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, - compressionMethods: []uint8{0xff}, - } - testClientHelloFailure(t, clientHello, "client does not support uncompressed connections") -} - -func TestTLS12OnlyCipherSuites(t *testing.T) { - // Test that a Server doesn't select a TLS 1.2-only cipher suite when - // the client negotiates TLS 1.1. - var zeros [32]byte - - clientHello := &clientHelloMsg{ - vers: VersionTLS11, - random: zeros[:], - cipherSuites: []uint16{ - // The Server, by default, will use the client's - // preference order. So the GCM cipher suite - // will be selected unless it's excluded because - // of the version in this ClientHello. - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - TLS_RSA_WITH_RC4_128_SHA, - }, - compressionMethods: []uint8{compressionNone}, - supportedCurves: []CurveID{CurveP256, CurveP384, CurveP521}, - supportedPoints: []uint8{pointFormatUncompressed}, - } - - c, s := net.Pipe() - var reply interface{} - var clientErr error - go func() { - cli := Client(c, testConfig) - cli.vers = clientHello.vers - cli.writeRecord(recordTypeHandshake, clientHello.marshal()) - reply, clientErr = cli.readHandshake() - c.Close() - }() - config := *testConfig - config.CipherSuites = clientHello.cipherSuites - Server(s, &config).Handshake() - s.Close() - if clientErr != nil { - t.Fatal(clientErr) - } - serverHello, ok := reply.(*serverHelloMsg) - if !ok { - t.Fatalf("didn't get ServerHello message in reply. Got %v\n", reply) - } - if s := serverHello.cipherSuite; s != TLS_RSA_WITH_RC4_128_SHA { - t.Fatalf("bad cipher suite from server: %x", s) - } -} - -func TestAlertForwarding(t *testing.T) { - c, s := net.Pipe() - go func() { - Client(c, testConfig).sendAlert(alertUnknownCA) - c.Close() - }() - - err := Server(s, testConfig).Handshake() - s.Close() - if e, ok := err.(*net.OpError); !ok || e.Err != error(alertUnknownCA) { - t.Errorf("Got error: %s; expected: %s", err, error(alertUnknownCA)) - } -} - -func TestClose(t *testing.T) { - c, s := net.Pipe() - go c.Close() - - err := Server(s, testConfig).Handshake() - s.Close() - if err != io.EOF { - t.Errorf("Got error: %s; expected: %s", err, io.EOF) - } -} - -func testHandshake(clientConfig, serverConfig *Config) (state ConnectionState, err error) { - c, s := net.Pipe() - done := make(chan bool) - go func() { - cli := Client(c, clientConfig) - cli.Handshake() - c.Close() - done <- true - }() - server := Server(s, serverConfig) - err = server.Handshake() - if err == nil { - state = server.ConnectionState() - } - s.Close() - <-done - return -} - -func TestVersion(t *testing.T) { - serverConfig := &Config{ - Certificates: testConfig.Certificates, - MaxVersion: VersionTLS11, - } - clientConfig := &Config{ - InsecureSkipVerify: true, - } - state, err := testHandshake(clientConfig, serverConfig) - if err != nil { - t.Fatalf("handshake failed: %s", err) - } - if state.Version != VersionTLS11 { - t.Fatalf("Incorrect version %x, should be %x", state.Version, VersionTLS11) - } -} - -func TestCipherSuitePreference(t *testing.T) { - serverConfig := &Config{ - CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, - Certificates: testConfig.Certificates, - MaxVersion: VersionTLS11, - } - clientConfig := &Config{ - CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_RC4_128_SHA}, - InsecureSkipVerify: true, - } - state, err := testHandshake(clientConfig, serverConfig) - if err != nil { - t.Fatalf("handshake failed: %s", err) - } - if state.CipherSuite != TLS_RSA_WITH_AES_128_CBC_SHA { - // By default the server should use the client's preference. - t.Fatalf("Client's preference was not used, got %x", state.CipherSuite) - } - - serverConfig.PreferServerCipherSuites = true - state, err = testHandshake(clientConfig, serverConfig) - if err != nil { - t.Fatalf("handshake failed: %s", err) - } - if state.CipherSuite != TLS_RSA_WITH_RC4_128_SHA { - t.Fatalf("Server's preference was not used, got %x", state.CipherSuite) - } -} - -// Note: see comment in handshake_test.go for details of how the reference -// tests work. - -// serverTest represents a test of the TLS server handshake against a reference -// implementation. -type serverTest struct { - // name is a freeform string identifying the test and the file in which - // the expected results will be stored. - name string - // command, if not empty, contains a series of arguments for the - // command to run for the reference server. - command []string - // expectedPeerCerts contains a list of PEM blocks of expected - // certificates from the client. - expectedPeerCerts []string - // config, if not nil, contains a custom Config to use for this test. - config *Config -} - -var defaultClientCommand = []string{"openssl", "s_client", "-no_ticket"} - -// connFromCommand starts opens a listening socket and starts the reference -// client to connect to it. It returns a recordingConn that wraps the resulting -// connection. -func (test *serverTest) connFromCommand() (conn *recordingConn, child *exec.Cmd, err error) { - l, err := net.ListenTCP("tcp", &net.TCPAddr{ - IP: net.IPv4(127, 0, 0, 1), - Port: 0, - }) - if err != nil { - return nil, nil, err - } - defer l.Close() - - port := l.Addr().(*net.TCPAddr).Port - - var command []string - command = append(command, test.command...) - if len(command) == 0 { - command = defaultClientCommand - } - command = append(command, "-connect") - command = append(command, fmt.Sprintf("127.0.0.1:%d", port)) - cmd := exec.Command(command[0], command[1:]...) - cmd.Stdin = nil - var output bytes.Buffer - cmd.Stdout = &output - cmd.Stderr = &output - if err := cmd.Start(); err != nil { - return nil, nil, err - } - - connChan := make(chan interface{}) - go func() { - tcpConn, err := l.Accept() - if err != nil { - connChan <- err - } - connChan <- tcpConn - }() - - var tcpConn net.Conn - select { - case connOrError := <-connChan: - if err, ok := connOrError.(error); ok { - return nil, nil, err - } - tcpConn = connOrError.(net.Conn) - case <-time.After(2 * time.Second): - output.WriteTo(os.Stdout) - return nil, nil, errors.New("timed out waiting for connection from child process") - } - - record := &recordingConn{ - Conn: tcpConn, - } - - return record, cmd, nil -} - -func (test *serverTest) dataPath() string { - return filepath.Join("testdata", "Server-"+test.name) -} - -func (test *serverTest) loadData() (flows [][]byte, err error) { - in, err := os.Open(test.dataPath()) - if err != nil { - return nil, err - } - defer in.Close() - return parseTestData(in) -} - -func (test *serverTest) run(t *testing.T, write bool) { - var clientConn, serverConn net.Conn - var recordingConn *recordingConn - var childProcess *exec.Cmd - - if write { - var err error - recordingConn, childProcess, err = test.connFromCommand() - if err != nil { - t.Fatalf("Failed to start subcommand: %s", err) - } - serverConn = recordingConn - } else { - clientConn, serverConn = net.Pipe() - } - config := test.config - if config == nil { - config = testConfig - } - server := Server(serverConn, config) - peerCertsChan := make(chan []*x509.Certificate, 1) - go func() { - if _, err := server.Write([]byte("hello, world\n")); err != nil { - t.Logf("Error from Server.Write: %s", err) - } - server.Close() - serverConn.Close() - peerCertsChan <- server.ConnectionState().PeerCertificates - }() - - if !write { - flows, err := test.loadData() - if err != nil { - t.Fatalf("%s: failed to load data from %s", test.name, test.dataPath()) - } - for i, b := range flows { - if i%2 == 0 { - clientConn.Write(b) - continue - } - bb := make([]byte, len(b)) - n, err := io.ReadFull(clientConn, bb) - if err != nil { - t.Fatalf("%s #%d: %s\nRead %d, wanted %d, got %x, wanted %x\n", test.name, i+1, err, n, len(bb), bb[:n], b) - } - if !bytes.Equal(b, bb) { - t.Fatalf("%s #%d: mismatch on read: got:%x want:%x", test.name, i+1, bb, b) - } - } - clientConn.Close() - } - - peerCerts := <-peerCertsChan - if len(peerCerts) == len(test.expectedPeerCerts) { - for i, peerCert := range peerCerts { - block, _ := pem.Decode([]byte(test.expectedPeerCerts[i])) - if !bytes.Equal(block.Bytes, peerCert.Raw) { - t.Fatalf("%s: mismatch on peer cert %d", test.name, i+1) - } - } - } else { - t.Fatalf("%s: mismatch on peer list length: %d (wanted) != %d (got)", test.name, len(test.expectedPeerCerts), len(peerCerts)) - } - - if write { - path := test.dataPath() - out, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) - if err != nil { - t.Fatalf("Failed to create output file: %s", err) - } - defer out.Close() - recordingConn.Close() - if len(recordingConn.flows) < 3 { - childProcess.Stdout.(*bytes.Buffer).WriteTo(os.Stdout) - t.Fatalf("Handshake failed") - } - recordingConn.WriteTo(out) - fmt.Printf("Wrote %s\n", path) - childProcess.Wait() - } -} - -func runServerTestForVersion(t *testing.T, template *serverTest, prefix, option string) { - test := *template - test.name = prefix + test.name - if len(test.command) == 0 { - test.command = defaultClientCommand - } - test.command = append([]string(nil), test.command...) - test.command = append(test.command, option) - test.run(t, *update) -} - -func runServerTestSSLv3(t *testing.T, template *serverTest) { - runServerTestForVersion(t, template, "SSLv3-", "-ssl3") -} - -func runServerTestTLS10(t *testing.T, template *serverTest) { - runServerTestForVersion(t, template, "TLSv10-", "-tls1") -} - -func runServerTestTLS11(t *testing.T, template *serverTest) { - runServerTestForVersion(t, template, "TLSv11-", "-tls1_1") -} - -func runServerTestTLS12(t *testing.T, template *serverTest) { - runServerTestForVersion(t, template, "TLSv12-", "-tls1_2") -} - -func TestHandshakeServerRSARC4(t *testing.T) { - test := &serverTest{ - name: "RSA-RC4", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "RC4-SHA"}, - } - runServerTestSSLv3(t, test) - runServerTestTLS10(t, test) - runServerTestTLS11(t, test) - runServerTestTLS12(t, test) -} - -func TestHandshakeServerRSA3DES(t *testing.T) { - test := &serverTest{ - name: "RSA-3DES", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "DES-CBC3-SHA"}, - } - runServerTestSSLv3(t, test) - runServerTestTLS10(t, test) - runServerTestTLS12(t, test) -} - -func TestHandshakeServerRSAAES(t *testing.T) { - test := &serverTest{ - name: "RSA-AES", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"}, - } - runServerTestSSLv3(t, test) - runServerTestTLS10(t, test) - runServerTestTLS12(t, test) -} - -func TestHandshakeServerAESGCM(t *testing.T) { - test := &serverTest{ - name: "RSA-AES-GCM", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256"}, - } - runServerTestTLS12(t, test) -} - -// TODO: figure out why this test is failing -//func TestHandshakeServerECDHEECDSAAES(t *testing.T) { -// config := *testConfig -// config.Certificates = make([]Certificate, 1) -// config.Certificates[0].Certificate = [][]byte{testECDSACertificate} -// config.Certificates[0].PrivateKey = testECDSAPrivateKey -// config.BuildNameToCertificate() -// -// test := &serverTest{ -// name: "ECDHE-ECDSA-AES", -// command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-ECDSA-AES256-SHA"}, -// config: &config, -// } -// runServerTestTLS10(t, test) -// runServerTestTLS12(t, test) -//} - -// TestHandshakeServerSNI involves a client sending an SNI extension of -// "snitest.com", which happens to match the CN of testSNICertificate. The test -// verifies that the server correctly selects that certificate. -func TestHandshakeServerSNI(t *testing.T) { - test := &serverTest{ - name: "SNI", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-servername", "snitest.com"}, - } - runServerTestTLS12(t, test) -} - -// TestCipherSuiteCertPreferance ensures that we select an RSA ciphersuite with -// an RSA certificate and an ECDSA ciphersuite with an ECDSA certificate. -// TODO: figure out why this test is failing -//func TestCipherSuiteCertPreferenceECDSA(t *testing.T) { -// config := *testConfig -// config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA} -// config.PreferServerCipherSuites = true -// -// test := &serverTest{ -// name: "CipherSuiteCertPreferenceRSA", -// config: &config, -// } -// runServerTestTLS12(t, test) -// -// config = *testConfig -// config.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA} -// config.Certificates = []Certificate{ -// Certificate{ -// Certificate: [][]byte{testECDSACertificate}, -// PrivateKey: testECDSAPrivateKey, -// }, -// } -// config.BuildNameToCertificate() -// config.PreferServerCipherSuites = true -// -// test = &serverTest{ -// name: "CipherSuiteCertPreferenceECDSA", -// config: &config, -// } -// runServerTestTLS12(t, test) -//} - -func TestResumption(t *testing.T) { - sessionFilePath := tempFile("") - defer os.Remove(sessionFilePath) - - test := &serverTest{ - name: "IssueTicket", - command: []string{"openssl", "s_client", "-cipher", "RC4-SHA", "-sess_out", sessionFilePath}, - } - runServerTestTLS12(t, test) - - test = &serverTest{ - name: "Resume", - command: []string{"openssl", "s_client", "-cipher", "RC4-SHA", "-sess_in", sessionFilePath}, - } - runServerTestTLS12(t, test) -} - -func TestResumptionDisabled(t *testing.T) { - sessionFilePath := tempFile("") - defer os.Remove(sessionFilePath) - - config := *testConfig - - test := &serverTest{ - name: "IssueTicketPreDisable", - command: []string{"openssl", "s_client", "-cipher", "RC4-SHA", "-sess_out", sessionFilePath}, - config: &config, - } - runServerTestTLS12(t, test) - - config.SessionTicketsDisabled = true - - test = &serverTest{ - name: "ResumeDisabled", - command: []string{"openssl", "s_client", "-cipher", "RC4-SHA", "-sess_in", sessionFilePath}, - config: &config, - } - runServerTestTLS12(t, test) - - // One needs to manually confirm that the handshake in the golden data - // file for ResumeDisabled does not include a resumption handshake. -} - -// cert.pem and key.pem were generated with generate_cert.go -// Thus, they have no ExtKeyUsage fields and trigger an error -// when verification is turned on. - -const clientCertificatePEM = ` ------BEGIN CERTIFICATE----- -MIIB7TCCAVigAwIBAgIBADALBgkqhkiG9w0BAQUwJjEQMA4GA1UEChMHQWNtZSBD -bzESMBAGA1UEAxMJMTI3LjAuMC4xMB4XDTExMTIwODA3NTUxMloXDTEyMTIwNzA4 -MDAxMlowJjEQMA4GA1UEChMHQWNtZSBDbzESMBAGA1UEAxMJMTI3LjAuMC4xMIGc -MAsGCSqGSIb3DQEBAQOBjAAwgYgCgYBO0Hsx44Jk2VnAwoekXh6LczPHY1PfZpIG -hPZk1Y/kNqcdK+izIDZFI7Xjla7t4PUgnI2V339aEu+H5Fto5OkOdOwEin/ekyfE -ARl6vfLcPRSr0FTKIQzQTW6HLlzF0rtNS0/Otiz3fojsfNcCkXSmHgwa2uNKWi7e -E5xMQIhZkwIDAQABozIwMDAOBgNVHQ8BAf8EBAMCAKAwDQYDVR0OBAYEBAECAwQw -DwYDVR0jBAgwBoAEAQIDBDALBgkqhkiG9w0BAQUDgYEANh+zegx1yW43RmEr1b3A -p0vMRpqBWHyFeSnIyMZn3TJWRSt1tukkqVCavh9a+hoV2cxVlXIWg7nCto/9iIw4 -hB2rXZIxE0/9gzvGnfERYraL7KtnvshksBFQRlgXa5kc0x38BvEO5ZaoDPl4ILdE -GFGNEH5PlGffo05wc46QkYU= ------END CERTIFICATE-----` - -const clientKeyPEM = ` ------BEGIN RSA PRIVATE KEY----- -MIICWgIBAAKBgE7QezHjgmTZWcDCh6ReHotzM8djU99mkgaE9mTVj+Q2px0r6LMg -NkUjteOVru3g9SCcjZXff1oS74fkW2jk6Q507ASKf96TJ8QBGXq98tw9FKvQVMoh -DNBNbocuXMXSu01LT862LPd+iOx81wKRdKYeDBra40paLt4TnExAiFmTAgMBAAEC -gYBxvXd8yNteFTns8A/2yomEMC4yeosJJSpp1CsN3BJ7g8/qTnrVPxBy+RU+qr63 -t2WquaOu/cr5P8iEsa6lk20tf8pjKLNXeX0b1RTzK8rJLbS7nGzP3tvOhL096VtQ -dAo4ROEaro0TzYpHmpciSvxVIeEIAAdFDObDJPKqcJAxyQJBAJizfYgK8Gzx9fsx -hxp+VteCbVPg2euASH5Yv3K5LukRdKoSzHE2grUVQgN/LafC0eZibRanxHegYSr7 -7qaswKUCQQCEIWor/X4XTMdVj3Oj+vpiw75y/S9gh682+myZL+d/02IEkwnB098P -RkKVpenBHyrGg0oeN5La7URILWKj7CPXAkBKo6F+d+phNjwIFoN1Xb/RA32w/D1I -saG9sF+UEhRt9AxUfW/U/tIQ9V0ZHHcSg1XaCM5Nvp934brdKdvTOKnJAkBD5h/3 -Rybatlvg/fzBEaJFyq09zhngkxlZOUtBVTqzl17RVvY2orgH02U4HbCHy4phxOn7 -qTdQRYlHRftgnWK1AkANibn9PRYJ7mJyJ9Dyj2QeNcSkSTzrt0tPvUMf4+meJymN -1Ntu5+S1DLLzfxlaljWG6ylW6DNxujCyuXIV2rvA ------END RSA PRIVATE KEY-----` - -const clientECDSACertificatePEM = ` ------BEGIN CERTIFICATE----- -MIIB/DCCAV4CCQCaMIRsJjXZFzAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw -EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0 -eSBMdGQwHhcNMTIxMTE0MTMyNTUzWhcNMjIxMTEyMTMyNTUzWjBBMQswCQYDVQQG -EwJBVTEMMAoGA1UECBMDTlNXMRAwDgYDVQQHEwdQeXJtb250MRIwEAYDVQQDEwlK -b2VsIFNpbmcwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABACVjJF1FMBexFe01MNv -ja5oHt1vzobhfm6ySD6B5U7ixohLZNz1MLvT/2XMW/TdtWo+PtAd3kfDdq0Z9kUs -jLzYHQFMH3CQRnZIi4+DzEpcj0B22uCJ7B0rxE4wdihBsmKo+1vx+U56jb0JuK7q -ixgnTy5w/hOWusPTQBbNZU6sER7m8TAJBgcqhkjOPQQBA4GMADCBiAJCAOAUxGBg -C3JosDJdYUoCdFzCgbkWqD8pyDbHgf9stlvZcPE4O1BIKJTLCRpS8V3ujfK58PDa -2RU6+b0DeoeiIzXsAkIBo9SKeDUcSpoj0gq+KxAxnZxfvuiRs9oa9V2jI/Umi0Vw -jWVim34BmT0Y9hCaOGGbLlfk+syxis7iI6CH8OFnUes= ------END CERTIFICATE-----` - -const clientECDSAKeyPEM = ` ------BEGIN EC PARAMETERS----- -BgUrgQQAIw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MIHcAgEBBEIBkJN9X4IqZIguiEVKMqeBUP5xtRsEv4HJEtOpOGLELwO53SD78Ew8 -k+wLWoqizS3NpQyMtrU8JFdWfj+C57UNkOugBwYFK4EEACOhgYkDgYYABACVjJF1 -FMBexFe01MNvja5oHt1vzobhfm6ySD6B5U7ixohLZNz1MLvT/2XMW/TdtWo+PtAd -3kfDdq0Z9kUsjLzYHQFMH3CQRnZIi4+DzEpcj0B22uCJ7B0rxE4wdihBsmKo+1vx -+U56jb0JuK7qixgnTy5w/hOWusPTQBbNZU6sER7m8Q== ------END EC PRIVATE KEY-----` - -func TestClientAuth(t *testing.T) { - var certPath, keyPath, ecdsaCertPath, ecdsaKeyPath string - - if *update { - certPath = tempFile(clientCertificatePEM) - defer os.Remove(certPath) - keyPath = tempFile(clientKeyPEM) - defer os.Remove(keyPath) - ecdsaCertPath = tempFile(clientECDSACertificatePEM) - defer os.Remove(ecdsaCertPath) - ecdsaKeyPath = tempFile(clientECDSAKeyPEM) - defer os.Remove(ecdsaKeyPath) - } - - config := *testConfig - config.ClientAuth = RequestClientCert - - test := &serverTest{ - name: "ClientAuthRequestedNotGiven", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "RC4-SHA"}, - config: &config, - } - runServerTestTLS12(t, test) - - test = &serverTest{ - name: "ClientAuthRequestedAndGiven", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "RC4-SHA", "-cert", certPath, "-key", keyPath}, - config: &config, - expectedPeerCerts: []string{clientCertificatePEM}, - } - runServerTestTLS12(t, test) - - test = &serverTest{ - name: "ClientAuthRequestedAndECDSAGiven", - command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "RC4-SHA", "-cert", ecdsaCertPath, "-key", ecdsaKeyPath}, - config: &config, - expectedPeerCerts: []string{clientECDSACertificatePEM}, - } - runServerTestTLS12(t, test) -} - -var getConfigForClientTests = []struct { - setup func(config *Config) - callback func(clientHello *ClientHelloInfo) (*Config, error) - errorSubstring string - verify func(config *Config) error -}{ - { - nil, - func(clientHello *ClientHelloInfo) (*Config, error) { - return nil, nil - }, - "", - nil, - }, - { - nil, - func(clientHello *ClientHelloInfo) (*Config, error) { - return nil, errors.New("should bubble up") - }, - "should bubble up", - nil, - }, - /* TODO: Find out why this test hangs - { - nil, - func(clientHello *ClientHelloInfo) (*Config, error) { - config := testConfig.Clone() - // Setting a maximum version of TLS 1.1 should cause - // the handshake to fail. - config.MaxVersion = VersionTLS11 - return config, nil - }, - "version 301 when expecting version 302", - nil, - }, - */ - { - func(config *Config) { - for i := range config.SessionTicketKey { - config.SessionTicketKey[i] = byte(i) - } - config.sessionTicketKeys = nil - }, - func(clientHello *ClientHelloInfo) (*Config, error) { - config := testConfig.Clone() - for i := range config.SessionTicketKey { - config.SessionTicketKey[i] = 0 - } - config.sessionTicketKeys = nil - return config, nil - }, - "", - func(config *Config) error { - // The value of SessionTicketKey should have been - // duplicated into the per-connection Config. - for i := range config.SessionTicketKey { - if b := config.SessionTicketKey[i]; b != byte(i) { - return fmt.Errorf("SessionTicketKey was not duplicated from original Config: byte %d has value %d", i, b) - } - } - return nil - }, - }, - { - func(config *Config) { - var dummyKey [32]byte - for i := range dummyKey { - dummyKey[i] = byte(i) - } - - config.SetSessionTicketKeys([][32]byte{dummyKey}) - }, - func(clientHello *ClientHelloInfo) (*Config, error) { - config := testConfig.Clone() - config.sessionTicketKeys = nil - return config, nil - }, - "", - func(config *Config) error { - // The session ticket keys should have been duplicated - // into the per-connection Config. - if l := len(config.sessionTicketKeys); l != 1 { - return fmt.Errorf("got len(sessionTicketKeys) == %d, wanted 1", l) - } - return nil - }, - }, -} - -func TestGetConfigForClient(t *testing.T) { - serverConfig := testConfig.Clone() - clientConfig := testConfig.Clone() - clientConfig.MinVersion = VersionTLS12 - - for i, test := range getConfigForClientTests { - if test.setup != nil { - test.setup(serverConfig) - } - - var configReturned *Config - serverConfig.GetConfigForClient = func(clientHello *ClientHelloInfo) (*Config, error) { - config, err := test.callback(clientHello) - configReturned = config - return config, err - } - c, s := net.Pipe() - done := make(chan error) - - go func() { - defer s.Close() - done <- Server(s, serverConfig).Handshake() - }() - - clientErr := Client(c, clientConfig).Handshake() - c.Close() - - serverErr := <-done - - if len(test.errorSubstring) == 0 { - if serverErr != nil || clientErr != nil { - t.Errorf("test[%d]: expected no error but got serverErr: %q, clientErr: %q", i, serverErr, clientErr) - } - if test.verify != nil { - if err := test.verify(configReturned); err != nil { - t.Errorf("test[%d]: verify returned error: %v", i, err) - } - } - } else { - if serverErr == nil { - t.Errorf("test[%d]: expected error containing %q but got no error", i, test.errorSubstring) - } else if !strings.Contains(serverErr.Error(), test.errorSubstring) { - t.Errorf("test[%d]: expected error to contain %q but it was %q", i, test.errorSubstring, serverErr) - } - } - } -} - -func bigFromString(s string) *big.Int { - ret := new(big.Int) - ret.SetString(s, 10) - return ret -} - -func fromHex(s string) []byte { - b, _ := hex.DecodeString(s) - return b -} - -var testRSACertificate = fromHex("308202b030820219a00302010202090085b0bba48a7fb8ca300d06092a864886f70d01010505003045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c7464301e170d3130303432343039303933385a170d3131303432343039303933385a3045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746430819f300d06092a864886f70d010101050003818d0030818902818100bb79d6f517b5e5bf4610d0dc69bee62b07435ad0032d8a7a4385b71452e7a5654c2c78b8238cb5b482e5de1f953b7e62a52ca533d6fe125c7a56fcf506bffa587b263fb5cd04d3d0c921964ac7f4549f5abfef427100fe1899077f7e887d7df10439c4a22edb51c97ce3c04c3b326601cfafb11db8719a1ddbdb896baeda2d790203010001a381a73081a4301d0603551d0e04160414b1ade2855acfcb28db69ce2369ded3268e18883930750603551d23046e306c8014b1ade2855acfcb28db69ce2369ded3268e188839a149a4473045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746482090085b0bba48a7fb8ca300c0603551d13040530030101ff300d06092a864886f70d010105050003818100086c4524c76bb159ab0c52ccf2b014d7879d7a6475b55a9566e4c52b8eae12661feb4f38b36e60d392fdf74108b52513b1187a24fb301dbaed98b917ece7d73159db95d31d78ea50565cd5825a2d5a5f33c4b6d8c97590968c0f5298b5cd981f89205ff2a01ca31b9694dda9fd57e970e8266d71999b266e3850296c90a7bdd9") - -var testECDSACertificate = fromHex("3082020030820162020900b8bf2d47a0d2ebf4300906072a8648ce3d04013045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c7464301e170d3132313132323135303633325a170d3232313132303135303633325a3045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746430819b301006072a8648ce3d020106052b81040023038186000400c4a1edbe98f90b4873367ec316561122f23d53c33b4d213dcd6b75e6f6b0dc9adf26c1bcb287f072327cb3642f1c90bcea6823107efee325c0483a69e0286dd33700ef0462dd0da09c706283d881d36431aa9e9731bd96b068c09b23de76643f1a5c7fe9120e5858b65f70dd9bd8ead5d7f5d5ccb9b69f30665b669a20e227e5bffe3b300906072a8648ce3d040103818c0030818802420188a24febe245c5487d1bacf5ed989dae4770c05e1bb62fbdf1b64db76140d311a2ceee0b7e927eff769dc33b7ea53fcefa10e259ec472d7cacda4e970e15a06fd00242014dfcbe67139c2d050ebd3fa38c25c13313830d9406bbd4377af6ec7ac9862eddd711697f857c56defb31782be4c7780daecbbe9e4e3624317b6a0f399512078f2a") - -var testSNICertificate = fromHex("308201f23082015da003020102020100300b06092a864886f70d01010530283110300e060355040a130741636d6520436f311430120603550403130b736e69746573742e636f6d301e170d3132303431313137343033355a170d3133303431313137343533355a30283110300e060355040a130741636d6520436f311430120603550403130b736e69746573742e636f6d30819d300b06092a864886f70d01010103818d0030818902818100bb79d6f517b5e5bf4610d0dc69bee62b07435ad0032d8a7a4385b71452e7a5654c2c78b8238cb5b482e5de1f953b7e62a52ca533d6fe125c7a56fcf506bffa587b263fb5cd04d3d0c921964ac7f4549f5abfef427100fe1899077f7e887d7df10439c4a22edb51c97ce3c04c3b326601cfafb11db8719a1ddbdb896baeda2d790203010001a3323030300e0603551d0f0101ff0404030200a0300d0603551d0e0406040401020304300f0603551d2304083006800401020304300b06092a864886f70d0101050381810089c6455f1c1f5ef8eb1ab174ee2439059f5c4259bb1a8d86cdb1d056f56a717da40e95ab90f59e8deaf627c157995094db0802266eb34fc6842dea8a4b68d9c1389103ab84fb9e1f85d9b5d23ff2312c8670fbb540148245a4ebafe264d90c8a4cf4f85b0fac12ac2fc4a3154bad52462868af96c62c6525d652b6e31845bdcc") - -var testRSAPrivateKey = &rsa.PrivateKey{ - PublicKey: rsa.PublicKey{ - N: bigFromString("131650079503776001033793877885499001334664249354723305978524647182322416328664556247316495448366990052837680518067798333412266673813370895702118944398081598789828837447552603077848001020611640547221687072142537202428102790818451901395596882588063427854225330436740647715202971973145151161964464812406232198521"), - E: 65537, - }, - D: bigFromString("29354450337804273969007277378287027274721892607543397931919078829901848876371746653677097639302788129485893852488285045793268732234230875671682624082413996177431586734171663258657462237320300610850244186316880055243099640544518318093544057213190320837094958164973959123058337475052510833916491060913053867729"), - Primes: []*big.Int{ - bigFromString("11969277782311800166562047708379380720136961987713178380670422671426759650127150688426177829077494755200794297055316163155755835813760102405344560929062149"), - bigFromString("10998999429884441391899182616418192492905073053684657075974935218461686523870125521822756579792315215543092255516093840728890783887287417039645833477273829"), - }, -} - -var testECDSAPrivateKey = &ecdsa.PrivateKey{ - PublicKey: ecdsa.PublicKey{ - Curve: elliptic.P521(), - X: bigFromString("2636411247892461147287360222306590634450676461695221912739908880441342231985950069527906976759812296359387337367668045707086543273113073382714101597903639351"), - Y: bigFromString("3204695818431246682253994090650952614555094516658732116404513121125038617915183037601737180082382202488628239201196033284060130040574800684774115478859677243"), - }, - D: bigFromString("5477294338614160138026852784385529180817726002953041720191098180813046231640184669647735805135001309477695746518160084669446643325196003346204701381388769751"), -} diff --git a/ztools/ztls/handshake_test.go b/ztools/ztls/handshake_test.go deleted file mode 100644 index f6cb5d3c..00000000 --- a/ztools/ztls/handshake_test.go +++ /dev/null @@ -1,167 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bufio" - "encoding/hex" - "errors" - "flag" - "fmt" - "io" - "io/ioutil" - "net" - "strconv" - "strings" - "sync" -) - -// TLS reference tests run a connection against a reference implementation -// (OpenSSL) of TLS and record the bytes of the resulting connection. The Go -// code, during a test, is configured with deterministic randomness and so the -// reference test can be reproduced exactly in the future. -// -// In order to save everyone who wishes to run the tests from needing the -// reference implementation installed, the reference connections are saved in -// files in the testdata directory. Thus running the tests involves nothing -// external, but creating and updating them requires the reference -// implementation. -// -// Tests can be updated by running them with the -update flag. This will cause -// the test files. Generally one should combine the -update flag with -test.run -// to updated a specific test. Since the reference implementation will always -// generate fresh random numbers, large parts of the reference connection will -// always change. - -var update = flag.Bool("update", false, "update golden files on disk") - -// recordingConn is a net.Conn that records the traffic that passes through it. -// WriteTo can be used to produce output that can be later be loaded with -// ParseTestData. -type recordingConn struct { - net.Conn - sync.Mutex - flows [][]byte - reading bool -} - -func (r *recordingConn) Read(b []byte) (n int, err error) { - if n, err = r.Conn.Read(b); n == 0 { - return - } - b = b[:n] - - r.Lock() - defer r.Unlock() - - if l := len(r.flows); l == 0 || !r.reading { - buf := make([]byte, len(b)) - copy(buf, b) - r.flows = append(r.flows, buf) - } else { - r.flows[l-1] = append(r.flows[l-1], b[:n]...) - } - r.reading = true - return -} - -func (r *recordingConn) Write(b []byte) (n int, err error) { - if n, err = r.Conn.Write(b); n == 0 { - return - } - b = b[:n] - - r.Lock() - defer r.Unlock() - - if l := len(r.flows); l == 0 || r.reading { - buf := make([]byte, len(b)) - copy(buf, b) - r.flows = append(r.flows, buf) - } else { - r.flows[l-1] = append(r.flows[l-1], b[:n]...) - } - r.reading = false - return -} - -// WriteTo writes Go source code to w that contains the recorded traffic. -func (r *recordingConn) WriteTo(w io.Writer) { - // TLS always starts with a client to server flow. - clientToServer := true - - for i, flow := range r.flows { - source, dest := "client", "server" - if !clientToServer { - source, dest = dest, source - } - fmt.Fprintf(w, ">>> Flow %d (%s to %s)\n", i+1, source, dest) - dumper := hex.Dumper(w) - dumper.Write(flow) - dumper.Close() - clientToServer = !clientToServer - } -} - -func parseTestData(r io.Reader) (flows [][]byte, err error) { - var currentFlow []byte - - scanner := bufio.NewScanner(r) - for scanner.Scan() { - line := scanner.Text() - // If the line starts with ">>> " then it marks the beginning - // of a new flow. - if strings.HasPrefix(line, ">>> ") { - if len(currentFlow) > 0 || len(flows) > 0 { - flows = append(flows, currentFlow) - currentFlow = nil - } - continue - } - - // Otherwise the line is a line of hex dump that looks like: - // 00000170 fc f5 06 bf (...) |.....X{&?......!| - // (Some bytes have been omitted from the middle section.) - - if i := strings.IndexByte(line, ' '); i >= 0 { - line = line[i:] - } else { - return nil, errors.New("invalid test data") - } - - if i := strings.IndexByte(line, '|'); i >= 0 { - line = line[:i] - } else { - return nil, errors.New("invalid test data") - } - - hexBytes := strings.Fields(line) - for _, hexByte := range hexBytes { - val, err := strconv.ParseUint(hexByte, 16, 8) - if err != nil { - return nil, errors.New("invalid hex byte in test data: " + err.Error()) - } - currentFlow = append(currentFlow, byte(val)) - } - } - - if len(currentFlow) > 0 { - flows = append(flows, currentFlow) - } - - return flows, nil -} - -// tempFile creates a temp file containing contents and returns its path. -func tempFile(contents string) string { - file, err := ioutil.TempFile("", "go-tls-test") - if err != nil { - panic("failed to create temp file: " + err.Error()) - } - path := file.Name() - file.WriteString(contents) - file.Close() - return path -} diff --git a/ztools/ztls/key_agreement.go b/ztools/ztls/key_agreement.go deleted file mode 100644 index 5117b1bf..00000000 --- a/ztools/ztls/key_agreement.go +++ /dev/null @@ -1,740 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "crypto" - "crypto/dsa" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/md5" - "crypto/rand" - "crypto/rsa" - "crypto/sha1" - "crypto/sha256" - "encoding/asn1" - "errors" - "io" - "math/big" - - "github.com/zmap/zgrab/ztools/x509" -) - -var errClientKeyExchange = errors.New("tls: invalid ClientKeyExchange message") -var errServerKeyExchange = errors.New("tls: invalid ServerKeyExchange message") -var errUnexpectedServerKeyExchange = errors.New("tls: unexpected ServerKeyExchange message") - -// rsaKeyAgreement implements the standard TLS key agreement where the client -// encrypts the pre-master secret to the server's public key. -type rsaKeyAgreement struct { - auth keyAgreementAuthentication - version uint16 - clientVersion uint16 - ephemeral bool - privateKey *rsa.PrivateKey - publicKey *rsa.PublicKey - verifyError error -} - -func (ka *rsaKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { - // Only send a server key agreement when the cipher is an RSA export - // TODO: Make this a configuration parameter - ka.clientVersion = clientHello.vers - if !ka.ephemeral { - return nil, nil - } - - // Generate an ephemeral RSA key or use the one in the config - if config.ExportRSAKey != nil { - ka.privateKey = config.ExportRSAKey - } else { - key, err := rsa.GenerateKey(config.rand(), 512) - if err != nil { - return nil, err - } - ka.privateKey = key - } - - // Serialize the key parameters to a nice byte array. The byte array can be - // positioned later. - modulus := ka.privateKey.N.Bytes() - exponent := big.NewInt(int64(ka.privateKey.E)).Bytes() - serverRSAParams := make([]byte, 0, 2+len(modulus)+2+len(exponent)) - serverRSAParams = append(serverRSAParams, byte(len(modulus)>>8), byte(len(modulus))) - serverRSAParams = append(serverRSAParams, modulus...) - serverRSAParams = append(serverRSAParams, byte(len(exponent)>>8), byte(len(exponent))) - serverRSAParams = append(serverRSAParams, exponent...) - - return ka.auth.signParameters(config, cert, clientHello, hello, serverRSAParams) -} - -func (ka *rsaKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg) ([]byte, error) { - preMasterSecret := make([]byte, 48) - _, err := io.ReadFull(config.rand(), preMasterSecret[2:]) - if err != nil { - return nil, err - } - - if len(ckx.ciphertext) < 2 { - return nil, errClientKeyExchange - } - - ciphertext := ckx.ciphertext - if ka.version != VersionSSL30 { - ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1]) - if ciphertextLen != len(ckx.ciphertext)-2 { - return nil, errClientKeyExchange - } - ciphertext = ckx.ciphertext[2:] - } - - key := ka.privateKey - if key == nil { - key = cert.PrivateKey.(*rsa.PrivateKey) - } - - err = rsa.DecryptPKCS1v15SessionKey(config.rand(), key, ciphertext, preMasterSecret) - if err != nil { - return nil, err - } - // We don't check the version number in the premaster secret. For one, - // by checking it, we would leak information about the validity of the - // encrypted pre-master secret. Secondly, it provides only a small - // benefit against a downgrade attack and some implementations send the - // wrong version anyway. See the discussion at the end of section - // 7.4.7.1 of RFC 4346. - return preMasterSecret, nil -} - -func (ka *rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error { - if !ka.ephemeral { - return nil - } - - k := skx.key - // Read the modulus - if len(k) < 2 { - return errServerKeyExchange - } - modulusLen := (int(k[0]) << 8) | int(k[1]) - k = k[2:] - if len(k) < modulusLen { - return errServerKeyExchange - } - modulus := new(big.Int).SetBytes(k[:modulusLen]) - k = k[modulusLen:] - - // Read the exponent - if len(k) < 2 { - return errServerKeyExchange - } - exponentLength := (int(k[0]) << 8) | int(k[1]) - k = k[2:] - if len(k) < exponentLength || exponentLength > 4 { - return errServerKeyExchange - } - rawExponent := k[0:exponentLength] - k = k[exponentLength:] - exponent := 0 - for _, b := range rawExponent { - exponent <<= 8 - exponent |= int(b) - } - ka.publicKey = new(rsa.PublicKey) - ka.publicKey.E = exponent - ka.publicKey.N = modulus - - paramsLen := 2 + exponentLength + 2 + modulusLen - - serverRSAParams := skx.key[:paramsLen] - sig := skx.key[paramsLen:] - - ka.verifyError = ka.auth.verifyParameters(config, clientHello, serverHello, cert, serverRSAParams, sig) - if config.InsecureSkipVerify { - return nil - } - return ka.verifyError -} - -func (ka *rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) { - preMasterSecret := make([]byte, 48) - preMasterSecret[0] = byte(clientHello.vers >> 8) - preMasterSecret[1] = byte(clientHello.vers) - _, err := io.ReadFull(config.rand(), preMasterSecret[2:]) - if err != nil { - return nil, nil, err - } - var publicKey *rsa.PublicKey - if ka.publicKey != nil { - publicKey = ka.publicKey - } else { - var ok bool - publicKey, ok = cert.PublicKey.(*rsa.PublicKey) - if !ok { - return nil, nil, errClientKeyExchange - } - } - encrypted, err := rsa.EncryptPKCS1v15(config.rand(), publicKey, preMasterSecret) - if err != nil { - return nil, nil, err - } - ckx := new(clientKeyExchangeMsg) - var body []byte - if ka.version != VersionSSL30 { - ckx.ciphertext = make([]byte, len(encrypted)+2) - ckx.ciphertext[0] = byte(len(encrypted) >> 8) - ckx.ciphertext[1] = byte(len(encrypted)) - body = ckx.ciphertext[2:] - } else { - ckx.ciphertext = make([]byte, len(encrypted)) - body = ckx.ciphertext - } - copy(body, encrypted) - return preMasterSecret, ckx, nil -} - -// sha1Hash calculates a SHA1 hash over the given byte slices. -func sha1Hash(slices [][]byte) []byte { - hsha1 := sha1.New() - for _, slice := range slices { - hsha1.Write(slice) - } - return hsha1.Sum(nil) -} - -// md5SHA1Hash implements TLS 1.0's hybrid hash function which consists of the -// concatenation of an MD5 and SHA1 hash. -func md5SHA1Hash(slices [][]byte) []byte { - md5sha1 := make([]byte, md5.Size+sha1.Size) - hmd5 := md5.New() - for _, slice := range slices { - hmd5.Write(slice) - } - copy(md5sha1, hmd5.Sum(nil)) - copy(md5sha1[md5.Size:], sha1Hash(slices)) - return md5sha1 -} - -// sha256Hash implements TLS 1.2's hash function. -func sha256Hash(slices [][]byte) []byte { - h := sha256.New() - for _, slice := range slices { - h.Write(slice) - } - return h.Sum(nil) -} - -// hashForServerKeyExchange hashes the given slices and returns their digest -// and the identifier of the hash function used. The hashFunc argument is only -// used for >= TLS 1.2 and precisely identifies the hash function to use. -func hashForServerKeyExchange(sigType, hashFunc uint8, version uint16, slices ...[]byte) ([]byte, crypto.Hash, error) { - if version >= VersionTLS12 { - switch hashFunc { - case hashSHA256: - return sha256Hash(slices), crypto.SHA256, nil - case hashSHA1: - return sha1Hash(slices), crypto.SHA1, nil - default: - return nil, crypto.Hash(0), errors.New("tls: unknown hash function used by peer") - } - } - if sigType == signatureECDSA || sigType == signatureDSA { - return sha1Hash(slices), crypto.SHA1, nil - } - return md5SHA1Hash(slices), crypto.MD5SHA1, nil -} - -// pickTLS12HashForSignature returns a TLS 1.2 hash identifier for signing a -// ServerKeyExchange given the signature type being used and the client's -// advertised list of supported signature and hash combinations. -func pickTLS12HashForSignature(sigType uint8, clientList, serverList []signatureAndHash) (uint8, error) { - if len(clientList) == 0 { - // If the client didn't specify any signature_algorithms - // extension then we can assume that it supports SHA1. See - // http://tools.ietf.org/html/rfc5246#section-7.4.1.4.1 - return hashSHA1, nil - } - - for _, sigAndHash := range clientList { - if sigAndHash.signature != sigType { - continue - } - if isSupportedSignatureAndHash(sigAndHash, serverList) { - return sigAndHash.hash, nil - } - } - - return 0, errors.New("tls: client doesn't support any common hash functions") -} - -func curveForCurveID(id CurveID) (elliptic.Curve, bool) { - switch id { - case CurveP256: - return elliptic.P256(), true - case CurveP384: - return elliptic.P384(), true - case CurveP521: - return elliptic.P521(), true - default: - return nil, false - } -} - -// keyAgreementAuthentication is a helper interface that specifies how -// to authenticate the ServerKeyExchange parameters. -type keyAgreementAuthentication interface { - signParameters(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg, params []byte) (*serverKeyExchangeMsg, error) - verifyParameters(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, params []byte, sig []byte) error -} - -// nilKeyAgreementAuthentication does not authenticate the key -// agreement parameters. -type nilKeyAgreementAuthentication struct{} - -func (ka *nilKeyAgreementAuthentication) signParameters(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg, params []byte) (*serverKeyExchangeMsg, error) { - skx := new(serverKeyExchangeMsg) - skx.key = params - return skx, nil -} - -func (ka *nilKeyAgreementAuthentication) verifyParameters(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, params []byte, sig []byte) error { - return nil -} - -// signedKeyAgreement signs the ServerKeyExchange parameters with the -// server's private key. -type signedKeyAgreement struct { - version uint16 - sigType uint8 - raw []byte - valid bool - sh signatureAndHash -} - -func (ka *signedKeyAgreement) signParameters(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg, params []byte) (*serverKeyExchangeMsg, error) { - var tls12HashId uint8 - var err error - if ka.version >= VersionTLS12 { - if tls12HashId, err = pickTLS12HashForSignature(ka.sigType, clientHello.signatureAndHashes, config.signatureAndHashesForServer()); err != nil { - return nil, err - } - ka.sh.hash = tls12HashId - } - ka.sh.signature = ka.sigType - digest, hashFunc, err := hashForServerKeyExchange(ka.sigType, tls12HashId, ka.version, clientHello.random, hello.random, params) - if err != nil { - return nil, err - } - - var sig []byte - switch ka.sigType { - case signatureECDSA: - privKey, ok := cert.PrivateKey.(*ecdsa.PrivateKey) - if !ok { - return nil, errors.New("ECDHE ECDSA requires an ECDSA server private key") - } - r, s, err := ecdsa.Sign(config.rand(), privKey, digest) - if err != nil { - return nil, errors.New("failed to sign ECDHE parameters: " + err.Error()) - } - sig, err = asn1.Marshal(ecdsaSignature{r, s}) - case signatureRSA: - privKey, ok := cert.PrivateKey.(*rsa.PrivateKey) - if !ok { - return nil, errors.New("ECDHE RSA requires a RSA server private key") - } - sig, err = rsa.SignPKCS1v15(config.rand(), privKey, hashFunc, digest) - if err != nil { - return nil, errors.New("failed to sign ECDHE parameters: " + err.Error()) - } - default: - return nil, errors.New("unknown ECDHE signature algorithm") - } - - skx := new(serverKeyExchangeMsg) - sigAndHashLen := 0 - if ka.version >= VersionTLS12 { - sigAndHashLen = 2 - } - skx.key = make([]byte, len(params)+sigAndHashLen+2+len(sig)) - copy(skx.key, params) - k := skx.key[len(params):] - if ka.version >= VersionTLS12 { - k[0] = tls12HashId - k[1] = ka.sigType - k = k[2:] - } - k[0] = byte(len(sig) >> 8) - k[1] = byte(len(sig)) - copy(k[2:], sig) - ka.raw = sig - ka.valid = true // We (the server) signed - return skx, nil -} - -func (ka *signedKeyAgreement) verifyParameters(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, params []byte, sig []byte) error { - if len(sig) < 2 { - return errServerKeyExchange - } - - var tls12HashId uint8 - if ka.version >= VersionTLS12 { - // handle SignatureAndHashAlgorithm - var sigAndHash []uint8 - sigAndHash, sig = sig[:2], sig[2:] - tls12HashId = sigAndHash[0] - ka.sh.hash = tls12HashId - ka.sh.signature = sigAndHash[1] - if sigAndHash[1] != ka.sigType { - return errServerKeyExchange - } - if len(sig) < 2 { - return errServerKeyExchange - } - - if !isSupportedSignatureAndHash(signatureAndHash{ka.sigType, tls12HashId}, config.signatureAndHashesForClient()) { - return errors.New("tls: unsupported hash function for ServerKeyExchange") - } - } - sigLen := int(sig[0])<<8 | int(sig[1]) - if sigLen+2 != len(sig) { - return errServerKeyExchange - } - sig = sig[2:] - ka.raw = sig - - digest, hashFunc, err := hashForServerKeyExchange(ka.sigType, tls12HashId, ka.version, clientHello.random, serverHello.random, params) - if err != nil { - return err - } - - switch ka.sigType { - case signatureECDSA: - augECDSA, ok := cert.PublicKey.(*x509.AugmentedECDSA) - pubKey := augECDSA.Pub - if !ok { - return errors.New("ECDHE ECDSA: could not covert cert.PublicKey to x509.AugmentedECDSA") - } - ecdsaSig := new(ecdsaSignature) - if _, err := asn1.Unmarshal(sig, ecdsaSig); err != nil { - return err - } - if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 { - return errors.New("ECDSA signature contained zero or negative values") - } - if !ecdsa.Verify(pubKey, digest, ecdsaSig.R, ecdsaSig.S) { - return errors.New("ECDSA verification failure") - } - case signatureRSA: - pubKey, ok := cert.PublicKey.(*rsa.PublicKey) - if !ok { - return errors.New("ECDHE RSA requires a RSA server public key") - } - if err := rsa.VerifyPKCS1v15(pubKey, hashFunc, digest, sig); err != nil { - return err - } - case signatureDSA: - pubKey, ok := cert.PublicKey.(*dsa.PublicKey) - if !ok { - return errors.New("DSS ciphers require a DSA server public key") - } - dsaSig := new(dsaSignature) - if _, err := asn1.Unmarshal(sig, dsaSig); err != nil { - return err - } - if dsaSig.R.Sign() <= 0 || dsaSig.S.Sign() <= 0 { - return errors.New("DSA signature contained zero or negative values") - } - if !dsa.Verify(pubKey, digest, dsaSig.R, dsaSig.S) { - return errors.New("DSA verification failure") - } - default: - return errors.New("unknown ECDHE signature algorithm") - } - ka.valid = true - return nil -} - -// ecdheRSAKeyAgreement implements a TLS key agreement where the server -// generates a ephemeral EC public/private key pair and signs it. The -// pre-master secret is then calculated using ECDH. The signature may -// either be ECDSA or RSA. -type ecdheKeyAgreement struct { - auth keyAgreementAuthentication - privateKey []byte - curve elliptic.Curve - x, y *big.Int - verifyError error - curveID uint16 - clientPrivKey []byte - serverPrivKey []byte - clientX *big.Int - clientY *big.Int -} - -func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { - var curveid CurveID - preferredCurves := config.curvePreferences() - -NextCandidate: - for _, candidate := range preferredCurves { - for _, c := range clientHello.supportedCurves { - if candidate == c { - curveid = c - break NextCandidate - } - } - } - - if curveid == 0 { - return nil, errors.New("tls: no supported elliptic curves offered") - } - ka.curveID = uint16(curveid) - - var ok bool - if ka.curve, ok = curveForCurveID(curveid); !ok { - return nil, errors.New("tls: preferredCurves includes unsupported curve") - } - - var err error - ka.privateKey, ka.x, ka.y, err = elliptic.GenerateKey(ka.curve, config.rand()) - if err != nil { - return nil, err - } - ecdhePublic := elliptic.Marshal(ka.curve, ka.x, ka.y) - - ka.serverPrivKey = make([]byte, len(ka.privateKey)) - copy(ka.serverPrivKey, ka.privateKey) - - // http://tools.ietf.org/html/rfc4492#section-5.4 - serverECDHParams := make([]byte, 1+2+1+len(ecdhePublic)) - serverECDHParams[0] = 3 // named curve - serverECDHParams[1] = byte(curveid >> 8) - serverECDHParams[2] = byte(curveid) - serverECDHParams[3] = byte(len(ecdhePublic)) - copy(serverECDHParams[4:], ecdhePublic) - - return ka.auth.signParameters(config, cert, clientHello, hello, serverECDHParams) -} - -func (ka *ecdheKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg) ([]byte, error) { - if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 { - return nil, errClientKeyExchange - } - ka.clientX, ka.clientY = elliptic.Unmarshal(ka.curve, ckx.ciphertext[1:]) - if ka.clientX == nil { - return nil, errClientKeyExchange - } - - sharedX, _ := ka.curve.ScalarMult(ka.clientX, ka.clientY, ka.privateKey) - preMasterSecret := make([]byte, (ka.curve.Params().BitSize+7)>>3) - xBytes := sharedX.Bytes() - copy(preMasterSecret[len(preMasterSecret)-len(xBytes):], xBytes) - - return preMasterSecret, nil -} - -func (ka *ecdheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error { - if len(skx.key) < 4 { - return errServerKeyExchange - } - if skx.key[0] != 3 { // named curve - return errors.New("tls: server selected unsupported curve") - } - curveid := CurveID(skx.key[1])<<8 | CurveID(skx.key[2]) - ka.curveID = uint16(curveid) - - var ok bool - if ka.curve, ok = curveForCurveID(curveid); !ok { - return errors.New("tls: server selected unsupported curve") - } - - publicLen := int(skx.key[3]) - if publicLen+4 > len(skx.key) { - return errServerKeyExchange - } - ka.x, ka.y = elliptic.Unmarshal(ka.curve, skx.key[4:4+publicLen]) - if ka.x == nil { - return errServerKeyExchange - } - serverECDHParams := skx.key[:4+publicLen] - - sig := skx.key[4+publicLen:] - ka.verifyError = ka.auth.verifyParameters(config, clientHello, serverHello, cert, serverECDHParams, sig) - if config.InsecureSkipVerify { - return nil - } - return ka.verifyError -} - -func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) { - if ka.curve == nil { - return nil, nil, errors.New("missing ServerKeyExchange message") - } - priv, mx, my, err := elliptic.GenerateKey(ka.curve, config.rand()) - if err != nil { - return nil, nil, err - } - - ka.clientPrivKey = make([]byte, len(priv)) - copy(ka.clientPrivKey, priv) - ka.clientX = mx - ka.clientY = my - - x, _ := ka.curve.ScalarMult(ka.x, ka.y, priv) - preMasterSecret := make([]byte, (ka.curve.Params().BitSize+7)>>3) - xBytes := x.Bytes() - copy(preMasterSecret[len(preMasterSecret)-len(xBytes):], xBytes) - - serialized := elliptic.Marshal(ka.curve, mx, my) - - ckx := new(clientKeyExchangeMsg) - var body []byte - ckx.ciphertext = make([]byte, 1+len(serialized)) - ckx.ciphertext[0] = byte(len(serialized)) - body = ckx.ciphertext[1:] - copy(body, serialized) - - return preMasterSecret, ckx, nil -} - -// dheRSAKeyAgreement implements a TLS key agreement where the server generates -// an ephemeral Diffie-Hellman public/private key pair and signs it. The -// pre-master secret is then calculated using Diffie-Hellman. -type dheKeyAgreement struct { - auth keyAgreementAuthentication - p, g *big.Int - yTheirs *big.Int - yOurs *big.Int - xOurs *big.Int - yServer *big.Int - yClient *big.Int - verifyError error -} - -func (ka *dheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { - var q *big.Int - // 2048-bit MODP Group with 256-bit Prime Order Subgroup (RFC - // 5114, Section 2.3) - // TODO: Take a prime in the config - ka.p, _ = new(big.Int).SetString("87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F25D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA3016C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0EF13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D967E144E5140564251CCACB83E6B486F6B3CA3F7971506026C0B857F689962856DED4010ABD0BE621C3A3960A54E710C375F26375D7014103A4B54330C198AF126116D2276E11715F693877FAD7EF09CADB094AE91E1A1597", 16) - ka.g, _ = new(big.Int).SetString("3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF205407F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC831D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6184B523D1DB246C32F63078490F00EF8D647D148D47954515E2327CFEF98C582664B4C0F6CC41659", 16) - q, _ = new(big.Int).SetString("8CF83642A709A097B447997640129DA299B1A47D1EB3750BA308B0FE64F5FBD3", 16) - - var err error - ka.xOurs, err = rand.Int(config.rand(), q) - if err != nil { - return nil, err - } - yOurs := new(big.Int).Exp(ka.g, ka.xOurs, ka.p) - ka.yOurs = yOurs - ka.yServer = new(big.Int).Set(yOurs) - - // http://tools.ietf.org/html/rfc5246#section-7.4.3 - pBytes := ka.p.Bytes() - gBytes := ka.g.Bytes() - yBytes := yOurs.Bytes() - serverDHParams := make([]byte, 0, 2+len(pBytes)+2+len(gBytes)+2+len(yBytes)) - serverDHParams = append(serverDHParams, byte(len(pBytes)>>8), byte(len(pBytes))) - serverDHParams = append(serverDHParams, pBytes...) - serverDHParams = append(serverDHParams, byte(len(gBytes)>>8), byte(len(gBytes))) - serverDHParams = append(serverDHParams, gBytes...) - serverDHParams = append(serverDHParams, byte(len(yBytes)>>8), byte(len(yBytes))) - serverDHParams = append(serverDHParams, yBytes...) - - return ka.auth.signParameters(config, cert, clientHello, hello, serverDHParams) -} - -func (ka *dheKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg) ([]byte, error) { - if len(ckx.ciphertext) < 2 { - return nil, errClientKeyExchange - } - yLen := (int(ckx.ciphertext[0]) << 8) | int(ckx.ciphertext[1]) - if yLen != len(ckx.ciphertext)-2 { - return nil, errClientKeyExchange - } - yTheirs := new(big.Int).SetBytes(ckx.ciphertext[2:]) - ka.yClient = new(big.Int).Set(yTheirs) - if yTheirs.Sign() <= 0 || yTheirs.Cmp(ka.p) >= 0 { - return nil, errClientKeyExchange - } - return new(big.Int).Exp(yTheirs, ka.xOurs, ka.p).Bytes(), nil -} - -func (ka *dheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error { - // Read dh_p - k := skx.key - if len(k) < 2 { - return errServerKeyExchange - } - pLen := (int(k[0]) << 8) | int(k[1]) - k = k[2:] - if len(k) < pLen { - return errServerKeyExchange - } - ka.p = new(big.Int).SetBytes(k[:pLen]) - k = k[pLen:] - - // Read dh_g - if len(k) < 2 { - return errServerKeyExchange - } - gLen := (int(k[0]) << 8) | int(k[1]) - k = k[2:] - if len(k) < gLen { - return errServerKeyExchange - } - ka.g = new(big.Int).SetBytes(k[:gLen]) - k = k[gLen:] - - // Read dh_Ys - if len(k) < 2 { - return errServerKeyExchange - } - yLen := (int(k[0]) << 8) | int(k[1]) - k = k[2:] - if len(k) < yLen { - return errServerKeyExchange - } - ka.yTheirs = new(big.Int).SetBytes(k[:yLen]) - ka.yServer = new(big.Int).Set(ka.yTheirs) - k = k[yLen:] - if ka.yTheirs.Sign() <= 0 || ka.yTheirs.Cmp(ka.p) >= 0 { - return errServerKeyExchange - } - - sig := k - serverDHParams := skx.key[:len(skx.key)-len(sig)] - ka.verifyError = ka.auth.verifyParameters(config, clientHello, serverHello, cert, serverDHParams, sig) - if config.InsecureSkipVerify { - return nil - } - return ka.verifyError -} - -func (ka *dheKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) { - if ka.p == nil || ka.g == nil || ka.yTheirs == nil { - return nil, nil, errors.New("missing ServerKeyExchange message") - } - - xOurs, err := rand.Int(config.rand(), ka.p) - if err != nil { - return nil, nil, err - } - preMasterSecret := new(big.Int).Exp(ka.yTheirs, xOurs, ka.p).Bytes() - - yOurs := new(big.Int).Exp(ka.g, xOurs, ka.p) - ka.yOurs = yOurs - ka.xOurs = xOurs - ka.yClient = new(big.Int).Set(yOurs) - yBytes := yOurs.Bytes() - ckx := new(clientKeyExchangeMsg) - ckx.ciphertext = make([]byte, 2+len(yBytes)) - ckx.ciphertext[0] = byte(len(yBytes) >> 8) - ckx.ciphertext[1] = byte(len(yBytes)) - copy(ckx.ciphertext[2:], yBytes) - - return preMasterSecret, ckx, nil -} diff --git a/ztools/ztls/poly1305.go b/ztools/ztls/poly1305.go deleted file mode 100644 index 6bf1feee..00000000 --- a/ztools/ztls/poly1305.go +++ /dev/null @@ -1,1540 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -// Based on original, public domain implementation from NaCl by D. J. -// Bernstein. - -import ( - "crypto/subtle" - "math" -) - -const ( - alpham80 = 0.00000000558793544769287109375 - alpham48 = 24.0 - alpham16 = 103079215104.0 - alpha0 = 6755399441055744.0 - alpha18 = 1770887431076116955136.0 - alpha32 = 29014219670751100192948224.0 - alpha50 = 7605903601369376408980219232256.0 - alpha64 = 124615124604835863084731911901282304.0 - alpha82 = 32667107224410092492483962313449748299776.0 - alpha96 = 535217884764734955396857238543560676143529984.0 - alpha112 = 35076039295941670036888435985190792471742381031424.0 - alpha130 = 9194973245195333150150082162901855101712434733101613056.0 - scale = 0.0000000000000000000000000000000000000036734198463196484624023016788195177431833298649127735047148490821200539357960224151611328125 - offset0 = 6755408030990331.0 - offset1 = 29014256564239239022116864.0 - offset2 = 124615283061160854719918951570079744.0 - offset3 = 535219245894202480694386063513315216128475136.0 -) - -// poly1305Verify returns true if mac is a valid authenticator for m with the -// given key. -func poly1305Verify(mac *[16]byte, m []byte, key *[32]byte) bool { - var tmp [16]byte - poly1305Sum(&tmp, m, key) - return subtle.ConstantTimeCompare(tmp[:], mac[:]) == 1 -} - -// poly1305Sum generates an authenticator for m using a one-time key and puts -// the 16-byte result into out. Authenticating two different messages with the -// same key allows an attacker to forge messages at will. -func poly1305Sum(out *[16]byte, m []byte, key *[32]byte) { - r := key - s := key[16:] - var ( - y7 float64 - y6 float64 - y1 float64 - y0 float64 - y5 float64 - y4 float64 - x7 float64 - x6 float64 - x1 float64 - x0 float64 - y3 float64 - y2 float64 - x5 float64 - r3lowx0 float64 - x4 float64 - r0lowx6 float64 - x3 float64 - r3highx0 float64 - x2 float64 - r0highx6 float64 - r0lowx0 float64 - sr1lowx6 float64 - r0highx0 float64 - sr1highx6 float64 - sr3low float64 - r1lowx0 float64 - sr2lowx6 float64 - r1highx0 float64 - sr2highx6 float64 - r2lowx0 float64 - sr3lowx6 float64 - r2highx0 float64 - sr3highx6 float64 - r1highx4 float64 - r1lowx4 float64 - r0highx4 float64 - r0lowx4 float64 - sr3highx4 float64 - sr3lowx4 float64 - sr2highx4 float64 - sr2lowx4 float64 - r0lowx2 float64 - r0highx2 float64 - r1lowx2 float64 - r1highx2 float64 - r2lowx2 float64 - r2highx2 float64 - sr3lowx2 float64 - sr3highx2 float64 - z0 float64 - z1 float64 - z2 float64 - z3 float64 - m0 int64 - m1 int64 - m2 int64 - m3 int64 - m00 uint32 - m01 uint32 - m02 uint32 - m03 uint32 - m10 uint32 - m11 uint32 - m12 uint32 - m13 uint32 - m20 uint32 - m21 uint32 - m22 uint32 - m23 uint32 - m30 uint32 - m31 uint32 - m32 uint32 - m33 uint64 - lbelow2 int32 - lbelow3 int32 - lbelow4 int32 - lbelow5 int32 - lbelow6 int32 - lbelow7 int32 - lbelow8 int32 - lbelow9 int32 - lbelow10 int32 - lbelow11 int32 - lbelow12 int32 - lbelow13 int32 - lbelow14 int32 - lbelow15 int32 - s00 uint32 - s01 uint32 - s02 uint32 - s03 uint32 - s10 uint32 - s11 uint32 - s12 uint32 - s13 uint32 - s20 uint32 - s21 uint32 - s22 uint32 - s23 uint32 - s30 uint32 - s31 uint32 - s32 uint32 - s33 uint32 - bits32 uint64 - f uint64 - f0 uint64 - f1 uint64 - f2 uint64 - f3 uint64 - f4 uint64 - g uint64 - g0 uint64 - g1 uint64 - g2 uint64 - g3 uint64 - g4 uint64 - ) - - var p int32 - - l := int32(len(m)) - - r00 := uint32(r[0]) - - r01 := uint32(r[1]) - - r02 := uint32(r[2]) - r0 := int64(2151) - - r03 := uint32(r[3]) - r03 &= 15 - r0 <<= 51 - - r10 := uint32(r[4]) - r10 &= 252 - r01 <<= 8 - r0 += int64(r00) - - r11 := uint32(r[5]) - r02 <<= 16 - r0 += int64(r01) - - r12 := uint32(r[6]) - r03 <<= 24 - r0 += int64(r02) - - r13 := uint32(r[7]) - r13 &= 15 - r1 := int64(2215) - r0 += int64(r03) - - d0 := r0 - r1 <<= 51 - r2 := int64(2279) - - r20 := uint32(r[8]) - r20 &= 252 - r11 <<= 8 - r1 += int64(r10) - - r21 := uint32(r[9]) - r12 <<= 16 - r1 += int64(r11) - - r22 := uint32(r[10]) - r13 <<= 24 - r1 += int64(r12) - - r23 := uint32(r[11]) - r23 &= 15 - r2 <<= 51 - r1 += int64(r13) - - d1 := r1 - r21 <<= 8 - r2 += int64(r20) - - r30 := uint32(r[12]) - r30 &= 252 - r22 <<= 16 - r2 += int64(r21) - - r31 := uint32(r[13]) - r23 <<= 24 - r2 += int64(r22) - - r32 := uint32(r[14]) - r2 += int64(r23) - r3 := int64(2343) - - d2 := r2 - r3 <<= 51 - - r33 := uint32(r[15]) - r33 &= 15 - r31 <<= 8 - r3 += int64(r30) - - r32 <<= 16 - r3 += int64(r31) - - r33 <<= 24 - r3 += int64(r32) - - r3 += int64(r33) - h0 := alpha32 - alpha32 - - d3 := r3 - h1 := alpha32 - alpha32 - - h2 := alpha32 - alpha32 - - h3 := alpha32 - alpha32 - - h4 := alpha32 - alpha32 - - r0low := math.Float64frombits(uint64(d0)) - h5 := alpha32 - alpha32 - - r1low := math.Float64frombits(uint64(d1)) - h6 := alpha32 - alpha32 - - r2low := math.Float64frombits(uint64(d2)) - h7 := alpha32 - alpha32 - - r0low -= alpha0 - - r1low -= alpha32 - - r2low -= alpha64 - - r0high := r0low + alpha18 - - r3low := math.Float64frombits(uint64(d3)) - - r1high := r1low + alpha50 - sr1low := scale * r1low - - r2high := r2low + alpha82 - sr2low := scale * r2low - - r0high -= alpha18 - r0high_stack := r0high - - r3low -= alpha96 - - r1high -= alpha50 - r1high_stack := r1high - - sr1high := sr1low + alpham80 - - r0low -= r0high - - r2high -= alpha82 - sr3low = scale * r3low - - sr2high := sr2low + alpham48 - - r1low -= r1high - r1low_stack := r1low - - sr1high -= alpham80 - sr1high_stack := sr1high - - r2low -= r2high - r2low_stack := r2low - - sr2high -= alpham48 - sr2high_stack := sr2high - - r3high := r3low + alpha112 - r0low_stack := r0low - - sr1low -= sr1high - sr1low_stack := sr1low - - sr3high := sr3low + alpham16 - r2high_stack := r2high - - sr2low -= sr2high - sr2low_stack := sr2low - - r3high -= alpha112 - r3high_stack := r3high - - sr3high -= alpham16 - sr3high_stack := sr3high - - r3low -= r3high - r3low_stack := r3low - - sr3low -= sr3high - sr3low_stack := sr3low - - if l < 16 { - goto addatmost15bytes - } - - m00 = uint32(m[p+0]) - m0 = 2151 - - m0 <<= 51 - m1 = 2215 - m01 = uint32(m[p+1]) - - m1 <<= 51 - m2 = 2279 - m02 = uint32(m[p+2]) - - m2 <<= 51 - m3 = 2343 - m03 = uint32(m[p+3]) - - m10 = uint32(m[p+4]) - m01 <<= 8 - m0 += int64(m00) - - m11 = uint32(m[p+5]) - m02 <<= 16 - m0 += int64(m01) - - m12 = uint32(m[p+6]) - m03 <<= 24 - m0 += int64(m02) - - m13 = uint32(m[p+7]) - m3 <<= 51 - m0 += int64(m03) - - m20 = uint32(m[p+8]) - m11 <<= 8 - m1 += int64(m10) - - m21 = uint32(m[p+9]) - m12 <<= 16 - m1 += int64(m11) - - m22 = uint32(m[p+10]) - m13 <<= 24 - m1 += int64(m12) - - m23 = uint32(m[p+11]) - m1 += int64(m13) - - m30 = uint32(m[p+12]) - m21 <<= 8 - m2 += int64(m20) - - m31 = uint32(m[p+13]) - m22 <<= 16 - m2 += int64(m21) - - m32 = uint32(m[p+14]) - m23 <<= 24 - m2 += int64(m22) - - m33 = uint64(m[p+15]) - m2 += int64(m23) - - d0 = m0 - m31 <<= 8 - m3 += int64(m30) - - d1 = m1 - m32 <<= 16 - m3 += int64(m31) - - d2 = m2 - m33 += 256 - - m33 <<= 24 - m3 += int64(m32) - - m3 += int64(m33) - d3 = m3 - - p += 16 - l -= 16 - - z0 = math.Float64frombits(uint64(d0)) - - z1 = math.Float64frombits(uint64(d1)) - - z2 = math.Float64frombits(uint64(d2)) - - z3 = math.Float64frombits(uint64(d3)) - - z0 -= alpha0 - - z1 -= alpha32 - - z2 -= alpha64 - - z3 -= alpha96 - - h0 += z0 - - h1 += z1 - - h3 += z2 - - h5 += z3 - - if l < 16 { - goto multiplyaddatmost15bytes - } - -multiplyaddatleast16bytes: - - m2 = 2279 - m20 = uint32(m[p+8]) - y7 = h7 + alpha130 - - m2 <<= 51 - m3 = 2343 - m21 = uint32(m[p+9]) - y6 = h6 + alpha130 - - m3 <<= 51 - m0 = 2151 - m22 = uint32(m[p+10]) - y1 = h1 + alpha32 - - m0 <<= 51 - m1 = 2215 - m23 = uint32(m[p+11]) - y0 = h0 + alpha32 - - m1 <<= 51 - m30 = uint32(m[p+12]) - y7 -= alpha130 - - m21 <<= 8 - m2 += int64(m20) - m31 = uint32(m[p+13]) - y6 -= alpha130 - - m22 <<= 16 - m2 += int64(m21) - m32 = uint32(m[p+14]) - y1 -= alpha32 - - m23 <<= 24 - m2 += int64(m22) - m33 = uint64(m[p+15]) - y0 -= alpha32 - - m2 += int64(m23) - m00 = uint32(m[p+0]) - y5 = h5 + alpha96 - - m31 <<= 8 - m3 += int64(m30) - m01 = uint32(m[p+1]) - y4 = h4 + alpha96 - - m32 <<= 16 - m02 = uint32(m[p+2]) - x7 = h7 - y7 - y7 *= scale - - m33 += 256 - m03 = uint32(m[p+3]) - x6 = h6 - y6 - y6 *= scale - - m33 <<= 24 - m3 += int64(m31) - m10 = uint32(m[p+4]) - x1 = h1 - y1 - - m01 <<= 8 - m3 += int64(m32) - m11 = uint32(m[p+5]) - x0 = h0 - y0 - - m3 += int64(m33) - m0 += int64(m00) - m12 = uint32(m[p+6]) - y5 -= alpha96 - - m02 <<= 16 - m0 += int64(m01) - m13 = uint32(m[p+7]) - y4 -= alpha96 - - m03 <<= 24 - m0 += int64(m02) - d2 = m2 - x1 += y7 - - m0 += int64(m03) - d3 = m3 - x0 += y6 - - m11 <<= 8 - m1 += int64(m10) - d0 = m0 - x7 += y5 - - m12 <<= 16 - m1 += int64(m11) - x6 += y4 - - m13 <<= 24 - m1 += int64(m12) - y3 = h3 + alpha64 - - m1 += int64(m13) - d1 = m1 - y2 = h2 + alpha64 - - x0 += x1 - - x6 += x7 - - y3 -= alpha64 - r3low = r3low_stack - - y2 -= alpha64 - r0low = r0low_stack - - x5 = h5 - y5 - r3lowx0 = r3low * x0 - r3high = r3high_stack - - x4 = h4 - y4 - r0lowx6 = r0low * x6 - r0high = r0high_stack - - x3 = h3 - y3 - r3highx0 = r3high * x0 - sr1low = sr1low_stack - - x2 = h2 - y2 - r0highx6 = r0high * x6 - sr1high = sr1high_stack - - x5 += y3 - r0lowx0 = r0low * x0 - r1low = r1low_stack - - h6 = r3lowx0 + r0lowx6 - sr1lowx6 = sr1low * x6 - r1high = r1high_stack - - x4 += y2 - r0highx0 = r0high * x0 - sr2low = sr2low_stack - - h7 = r3highx0 + r0highx6 - sr1highx6 = sr1high * x6 - sr2high = sr2high_stack - - x3 += y1 - r1lowx0 = r1low * x0 - r2low = r2low_stack - - h0 = r0lowx0 + sr1lowx6 - sr2lowx6 = sr2low * x6 - r2high = r2high_stack - - x2 += y0 - r1highx0 = r1high * x0 - sr3low = sr3low_stack - - h1 = r0highx0 + sr1highx6 - sr2highx6 = sr2high * x6 - sr3high = sr3high_stack - - x4 += x5 - r2lowx0 = r2low * x0 - z2 = math.Float64frombits(uint64(d2)) - - h2 = r1lowx0 + sr2lowx6 - sr3lowx6 = sr3low * x6 - - x2 += x3 - r2highx0 = r2high * x0 - z3 = math.Float64frombits(uint64(d3)) - - h3 = r1highx0 + sr2highx6 - sr3highx6 = sr3high * x6 - - r1highx4 = r1high * x4 - z2 -= alpha64 - - h4 = r2lowx0 + sr3lowx6 - r1lowx4 = r1low * x4 - - r0highx4 = r0high * x4 - z3 -= alpha96 - - h5 = r2highx0 + sr3highx6 - r0lowx4 = r0low * x4 - - h7 += r1highx4 - sr3highx4 = sr3high * x4 - - h6 += r1lowx4 - sr3lowx4 = sr3low * x4 - - h5 += r0highx4 - sr2highx4 = sr2high * x4 - - h4 += r0lowx4 - sr2lowx4 = sr2low * x4 - - h3 += sr3highx4 - r0lowx2 = r0low * x2 - - h2 += sr3lowx4 - r0highx2 = r0high * x2 - - h1 += sr2highx4 - r1lowx2 = r1low * x2 - - h0 += sr2lowx4 - r1highx2 = r1high * x2 - - h2 += r0lowx2 - r2lowx2 = r2low * x2 - - h3 += r0highx2 - r2highx2 = r2high * x2 - - h4 += r1lowx2 - sr3lowx2 = sr3low * x2 - - h5 += r1highx2 - sr3highx2 = sr3high * x2 - - p += 16 - l -= 16 - h6 += r2lowx2 - - h7 += r2highx2 - - z1 = math.Float64frombits(uint64(d1)) - h0 += sr3lowx2 - - z0 = math.Float64frombits(uint64(d0)) - h1 += sr3highx2 - - z1 -= alpha32 - - z0 -= alpha0 - - h5 += z3 - - h3 += z2 - - h1 += z1 - - h0 += z0 - - if l >= 16 { - goto multiplyaddatleast16bytes - } - -multiplyaddatmost15bytes: - - y7 = h7 + alpha130 - - y6 = h6 + alpha130 - - y1 = h1 + alpha32 - - y0 = h0 + alpha32 - - y7 -= alpha130 - - y6 -= alpha130 - - y1 -= alpha32 - - y0 -= alpha32 - - y5 = h5 + alpha96 - - y4 = h4 + alpha96 - - x7 = h7 - y7 - y7 *= scale - - x6 = h6 - y6 - y6 *= scale - - x1 = h1 - y1 - - x0 = h0 - y0 - - y5 -= alpha96 - - y4 -= alpha96 - - x1 += y7 - - x0 += y6 - - x7 += y5 - - x6 += y4 - - y3 = h3 + alpha64 - - y2 = h2 + alpha64 - - x0 += x1 - - x6 += x7 - - y3 -= alpha64 - r3low = r3low_stack - - y2 -= alpha64 - r0low = r0low_stack - - x5 = h5 - y5 - r3lowx0 = r3low * x0 - r3high = r3high_stack - - x4 = h4 - y4 - r0lowx6 = r0low * x6 - r0high = r0high_stack - - x3 = h3 - y3 - r3highx0 = r3high * x0 - sr1low = sr1low_stack - - x2 = h2 - y2 - r0highx6 = r0high * x6 - sr1high = sr1high_stack - - x5 += y3 - r0lowx0 = r0low * x0 - r1low = r1low_stack - - h6 = r3lowx0 + r0lowx6 - sr1lowx6 = sr1low * x6 - r1high = r1high_stack - - x4 += y2 - r0highx0 = r0high * x0 - sr2low = sr2low_stack - - h7 = r3highx0 + r0highx6 - sr1highx6 = sr1high * x6 - sr2high = sr2high_stack - - x3 += y1 - r1lowx0 = r1low * x0 - r2low = r2low_stack - - h0 = r0lowx0 + sr1lowx6 - sr2lowx6 = sr2low * x6 - r2high = r2high_stack - - x2 += y0 - r1highx0 = r1high * x0 - sr3low = sr3low_stack - - h1 = r0highx0 + sr1highx6 - sr2highx6 = sr2high * x6 - sr3high = sr3high_stack - - x4 += x5 - r2lowx0 = r2low * x0 - - h2 = r1lowx0 + sr2lowx6 - sr3lowx6 = sr3low * x6 - - x2 += x3 - r2highx0 = r2high * x0 - - h3 = r1highx0 + sr2highx6 - sr3highx6 = sr3high * x6 - - r1highx4 = r1high * x4 - - h4 = r2lowx0 + sr3lowx6 - r1lowx4 = r1low * x4 - - r0highx4 = r0high * x4 - - h5 = r2highx0 + sr3highx6 - r0lowx4 = r0low * x4 - - h7 += r1highx4 - sr3highx4 = sr3high * x4 - - h6 += r1lowx4 - sr3lowx4 = sr3low * x4 - - h5 += r0highx4 - sr2highx4 = sr2high * x4 - - h4 += r0lowx4 - sr2lowx4 = sr2low * x4 - - h3 += sr3highx4 - r0lowx2 = r0low * x2 - - h2 += sr3lowx4 - r0highx2 = r0high * x2 - - h1 += sr2highx4 - r1lowx2 = r1low * x2 - - h0 += sr2lowx4 - r1highx2 = r1high * x2 - - h2 += r0lowx2 - r2lowx2 = r2low * x2 - - h3 += r0highx2 - r2highx2 = r2high * x2 - - h4 += r1lowx2 - sr3lowx2 = sr3low * x2 - - h5 += r1highx2 - sr3highx2 = sr3high * x2 - - h6 += r2lowx2 - - h7 += r2highx2 - - h0 += sr3lowx2 - - h1 += sr3highx2 - -addatmost15bytes: - - if l == 0 { - goto nomorebytes - } - - lbelow2 = l - 2 - - lbelow3 = l - 3 - - lbelow2 >>= 31 - lbelow4 = l - 4 - - m00 = uint32(m[p+0]) - lbelow3 >>= 31 - p += lbelow2 - - m01 = uint32(m[p+1]) - lbelow4 >>= 31 - p += lbelow3 - - m02 = uint32(m[p+2]) - p += lbelow4 - m0 = 2151 - - m03 = uint32(m[p+3]) - m0 <<= 51 - m1 = 2215 - - m0 += int64(m00) - m01 &^= uint32(lbelow2) - - m02 &^= uint32(lbelow3) - m01 -= uint32(lbelow2) - - m01 <<= 8 - m03 &^= uint32(lbelow4) - - m0 += int64(m01) - lbelow2 -= lbelow3 - - m02 += uint32(lbelow2) - lbelow3 -= lbelow4 - - m02 <<= 16 - m03 += uint32(lbelow3) - - m03 <<= 24 - m0 += int64(m02) - - m0 += int64(m03) - lbelow5 = l - 5 - - lbelow6 = l - 6 - lbelow7 = l - 7 - - lbelow5 >>= 31 - lbelow8 = l - 8 - - lbelow6 >>= 31 - p += lbelow5 - - m10 = uint32(m[p+4]) - lbelow7 >>= 31 - p += lbelow6 - - m11 = uint32(m[p+5]) - lbelow8 >>= 31 - p += lbelow7 - - m12 = uint32(m[p+6]) - m1 <<= 51 - p += lbelow8 - - m13 = uint32(m[p+7]) - m10 &^= uint32(lbelow5) - lbelow4 -= lbelow5 - - m10 += uint32(lbelow4) - lbelow5 -= lbelow6 - - m11 &^= uint32(lbelow6) - m11 += uint32(lbelow5) - - m11 <<= 8 - m1 += int64(m10) - - m1 += int64(m11) - m12 &^= uint32(lbelow7) - - lbelow6 -= lbelow7 - m13 &^= uint32(lbelow8) - - m12 += uint32(lbelow6) - lbelow7 -= lbelow8 - - m12 <<= 16 - m13 += uint32(lbelow7) - - m13 <<= 24 - m1 += int64(m12) - - m1 += int64(m13) - m2 = 2279 - - lbelow9 = l - 9 - m3 = 2343 - - lbelow10 = l - 10 - lbelow11 = l - 11 - - lbelow9 >>= 31 - lbelow12 = l - 12 - - lbelow10 >>= 31 - p += lbelow9 - - m20 = uint32(m[p+8]) - lbelow11 >>= 31 - p += lbelow10 - - m21 = uint32(m[p+9]) - lbelow12 >>= 31 - p += lbelow11 - - m22 = uint32(m[p+10]) - m2 <<= 51 - p += lbelow12 - - m23 = uint32(m[p+11]) - m20 &^= uint32(lbelow9) - lbelow8 -= lbelow9 - - m20 += uint32(lbelow8) - lbelow9 -= lbelow10 - - m21 &^= uint32(lbelow10) - m21 += uint32(lbelow9) - - m21 <<= 8 - m2 += int64(m20) - - m2 += int64(m21) - m22 &^= uint32(lbelow11) - - lbelow10 -= lbelow11 - m23 &^= uint32(lbelow12) - - m22 += uint32(lbelow10) - lbelow11 -= lbelow12 - - m22 <<= 16 - m23 += uint32(lbelow11) - - m23 <<= 24 - m2 += int64(m22) - - m3 <<= 51 - lbelow13 = l - 13 - - lbelow13 >>= 31 - lbelow14 = l - 14 - - lbelow14 >>= 31 - p += lbelow13 - lbelow15 = l - 15 - - m30 = uint32(m[p+12]) - lbelow15 >>= 31 - p += lbelow14 - - m31 = uint32(m[p+13]) - p += lbelow15 - m2 += int64(m23) - - m32 = uint32(m[p+14]) - m30 &^= uint32(lbelow13) - lbelow12 -= lbelow13 - - m30 += uint32(lbelow12) - lbelow13 -= lbelow14 - - m3 += int64(m30) - m31 &^= uint32(lbelow14) - - m31 += uint32(lbelow13) - m32 &^= uint32(lbelow15) - - m31 <<= 8 - lbelow14 -= lbelow15 - - m3 += int64(m31) - m32 += uint32(lbelow14) - d0 = m0 - - m32 <<= 16 - m33 = uint64(lbelow15 + 1) - d1 = m1 - - m33 <<= 24 - m3 += int64(m32) - d2 = m2 - - m3 += int64(m33) - d3 = m3 - - z3 = math.Float64frombits(uint64(d3)) - - z2 = math.Float64frombits(uint64(d2)) - - z1 = math.Float64frombits(uint64(d1)) - - z0 = math.Float64frombits(uint64(d0)) - - z3 -= alpha96 - - z2 -= alpha64 - - z1 -= alpha32 - - z0 -= alpha0 - - h5 += z3 - - h3 += z2 - - h1 += z1 - - h0 += z0 - - y7 = h7 + alpha130 - - y6 = h6 + alpha130 - - y1 = h1 + alpha32 - - y0 = h0 + alpha32 - - y7 -= alpha130 - - y6 -= alpha130 - - y1 -= alpha32 - - y0 -= alpha32 - - y5 = h5 + alpha96 - - y4 = h4 + alpha96 - - x7 = h7 - y7 - y7 *= scale - - x6 = h6 - y6 - y6 *= scale - - x1 = h1 - y1 - - x0 = h0 - y0 - - y5 -= alpha96 - - y4 -= alpha96 - - x1 += y7 - - x0 += y6 - - x7 += y5 - - x6 += y4 - - y3 = h3 + alpha64 - - y2 = h2 + alpha64 - - x0 += x1 - - x6 += x7 - - y3 -= alpha64 - r3low = r3low_stack - - y2 -= alpha64 - r0low = r0low_stack - - x5 = h5 - y5 - r3lowx0 = r3low * x0 - r3high = r3high_stack - - x4 = h4 - y4 - r0lowx6 = r0low * x6 - r0high = r0high_stack - - x3 = h3 - y3 - r3highx0 = r3high * x0 - sr1low = sr1low_stack - - x2 = h2 - y2 - r0highx6 = r0high * x6 - sr1high = sr1high_stack - - x5 += y3 - r0lowx0 = r0low * x0 - r1low = r1low_stack - - h6 = r3lowx0 + r0lowx6 - sr1lowx6 = sr1low * x6 - r1high = r1high_stack - - x4 += y2 - r0highx0 = r0high * x0 - sr2low = sr2low_stack - - h7 = r3highx0 + r0highx6 - sr1highx6 = sr1high * x6 - sr2high = sr2high_stack - - x3 += y1 - r1lowx0 = r1low * x0 - r2low = r2low_stack - - h0 = r0lowx0 + sr1lowx6 - sr2lowx6 = sr2low * x6 - r2high = r2high_stack - - x2 += y0 - r1highx0 = r1high * x0 - sr3low = sr3low_stack - - h1 = r0highx0 + sr1highx6 - sr2highx6 = sr2high * x6 - sr3high = sr3high_stack - - x4 += x5 - r2lowx0 = r2low * x0 - - h2 = r1lowx0 + sr2lowx6 - sr3lowx6 = sr3low * x6 - - x2 += x3 - r2highx0 = r2high * x0 - - h3 = r1highx0 + sr2highx6 - sr3highx6 = sr3high * x6 - - r1highx4 = r1high * x4 - - h4 = r2lowx0 + sr3lowx6 - r1lowx4 = r1low * x4 - - r0highx4 = r0high * x4 - - h5 = r2highx0 + sr3highx6 - r0lowx4 = r0low * x4 - - h7 += r1highx4 - sr3highx4 = sr3high * x4 - - h6 += r1lowx4 - sr3lowx4 = sr3low * x4 - - h5 += r0highx4 - sr2highx4 = sr2high * x4 - - h4 += r0lowx4 - sr2lowx4 = sr2low * x4 - - h3 += sr3highx4 - r0lowx2 = r0low * x2 - - h2 += sr3lowx4 - r0highx2 = r0high * x2 - - h1 += sr2highx4 - r1lowx2 = r1low * x2 - - h0 += sr2lowx4 - r1highx2 = r1high * x2 - - h2 += r0lowx2 - r2lowx2 = r2low * x2 - - h3 += r0highx2 - r2highx2 = r2high * x2 - - h4 += r1lowx2 - sr3lowx2 = sr3low * x2 - - h5 += r1highx2 - sr3highx2 = sr3high * x2 - - h6 += r2lowx2 - - h7 += r2highx2 - - h0 += sr3lowx2 - - h1 += sr3highx2 - -nomorebytes: - - y7 = h7 + alpha130 - - y0 = h0 + alpha32 - - y1 = h1 + alpha32 - - y2 = h2 + alpha64 - - y7 -= alpha130 - - y3 = h3 + alpha64 - - y4 = h4 + alpha96 - - y5 = h5 + alpha96 - - x7 = h7 - y7 - y7 *= scale - - y0 -= alpha32 - - y1 -= alpha32 - - y2 -= alpha64 - - h6 += x7 - - y3 -= alpha64 - - y4 -= alpha96 - - y5 -= alpha96 - - y6 = h6 + alpha130 - - x0 = h0 - y0 - - x1 = h1 - y1 - - x2 = h2 - y2 - - y6 -= alpha130 - - x0 += y7 - - x3 = h3 - y3 - - x4 = h4 - y4 - - x5 = h5 - y5 - - x6 = h6 - y6 - - y6 *= scale - - x2 += y0 - - x3 += y1 - - x4 += y2 - - x0 += y6 - - x5 += y3 - - x6 += y4 - - x2 += x3 - - x0 += x1 - - x4 += x5 - - x6 += y5 - - x2 += offset1 - d1 = int64(math.Float64bits(x2)) - - x0 += offset0 - d0 = int64(math.Float64bits(x0)) - - x4 += offset2 - d2 = int64(math.Float64bits(x4)) - - x6 += offset3 - d3 = int64(math.Float64bits(x6)) - - f0 = uint64(d0) - - f1 = uint64(d1) - bits32 = math.MaxUint64 - - f2 = uint64(d2) - bits32 >>= 32 - - f3 = uint64(d3) - f = f0 >> 32 - - f0 &= bits32 - f &= 255 - - f1 += f - g0 = f0 + 5 - - g = g0 >> 32 - g0 &= bits32 - - f = f1 >> 32 - f1 &= bits32 - - f &= 255 - g1 = f1 + g - - g = g1 >> 32 - f2 += f - - f = f2 >> 32 - g1 &= bits32 - - f2 &= bits32 - f &= 255 - - f3 += f - g2 = f2 + g - - g = g2 >> 32 - g2 &= bits32 - - f4 = f3 >> 32 - f3 &= bits32 - - f4 &= 255 - g3 = f3 + g - - g = g3 >> 32 - g3 &= bits32 - - g4 = f4 + g - - g4 = g4 - 4 - s00 = uint32(s[0]) - - f = uint64(int64(g4) >> 63) - s01 = uint32(s[1]) - - f0 &= f - g0 &^= f - s02 = uint32(s[2]) - - f1 &= f - f0 |= g0 - s03 = uint32(s[3]) - - g1 &^= f - f2 &= f - s10 = uint32(s[4]) - - f3 &= f - g2 &^= f - s11 = uint32(s[5]) - - g3 &^= f - f1 |= g1 - s12 = uint32(s[6]) - - f2 |= g2 - f3 |= g3 - s13 = uint32(s[7]) - - s01 <<= 8 - f0 += uint64(s00) - s20 = uint32(s[8]) - - s02 <<= 16 - f0 += uint64(s01) - s21 = uint32(s[9]) - - s03 <<= 24 - f0 += uint64(s02) - s22 = uint32(s[10]) - - s11 <<= 8 - f1 += uint64(s10) - s23 = uint32(s[11]) - - s12 <<= 16 - f1 += uint64(s11) - s30 = uint32(s[12]) - - s13 <<= 24 - f1 += uint64(s12) - s31 = uint32(s[13]) - - f0 += uint64(s03) - f1 += uint64(s13) - s32 = uint32(s[14]) - - s21 <<= 8 - f2 += uint64(s20) - s33 = uint32(s[15]) - - s22 <<= 16 - f2 += uint64(s21) - - s23 <<= 24 - f2 += uint64(s22) - - s31 <<= 8 - f3 += uint64(s30) - - s32 <<= 16 - f3 += uint64(s31) - - s33 <<= 24 - f3 += uint64(s32) - - f2 += uint64(s23) - f3 += uint64(s33) - - out[0] = byte(f0) - f0 >>= 8 - out[1] = byte(f0) - f0 >>= 8 - out[2] = byte(f0) - f0 >>= 8 - out[3] = byte(f0) - f0 >>= 8 - f1 += f0 - - out[4] = byte(f1) - f1 >>= 8 - out[5] = byte(f1) - f1 >>= 8 - out[6] = byte(f1) - f1 >>= 8 - out[7] = byte(f1) - f1 >>= 8 - f2 += f1 - - out[8] = byte(f2) - f2 >>= 8 - out[9] = byte(f2) - f2 >>= 8 - out[10] = byte(f2) - f2 >>= 8 - out[11] = byte(f2) - f2 >>= 8 - f3 += f2 - - out[12] = byte(f3) - f3 >>= 8 - out[13] = byte(f3) - f3 >>= 8 - out[14] = byte(f3) - f3 >>= 8 - out[15] = byte(f3) -} diff --git a/ztools/ztls/prf.go b/ztools/ztls/prf.go deleted file mode 100644 index 61b6c2ee..00000000 --- a/ztools/ztls/prf.go +++ /dev/null @@ -1,460 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "crypto" - "crypto/hmac" - "crypto/md5" - "crypto/sha1" - "crypto/sha256" - "crypto/sha512" - "errors" - "hash" -) - -// Split a premaster secret in two as specified in RFC 4346, section 5. -func splitPreMasterSecret(secret []byte) (s1, s2 []byte) { - s1 = secret[0 : (len(secret)+1)/2] - s2 = secret[len(secret)/2:] - return -} - -// pHash implements the P_hash function, as defined in RFC 4346, section 5. -func pHash(result, secret, seed []byte, hash func() hash.Hash) { - h := hmac.New(hash, secret) - h.Write(seed) - a := h.Sum(nil) - - j := 0 - for j < len(result) { - h.Reset() - h.Write(a) - h.Write(seed) - b := h.Sum(nil) - todo := len(b) - if j+todo > len(result) { - todo = len(result) - j - } - copy(result[j:j+todo], b) - j += todo - - h.Reset() - h.Write(a) - a = h.Sum(nil) - } -} - -// prf10 implements the TLS 1.0 pseudo-random function, as defined in RFC 2246, section 5. -func prf10(result, secret, label, seed []byte) { - hashSHA1 := sha1.New - hashMD5 := md5.New - - labelAndSeed := make([]byte, len(label)+len(seed)) - copy(labelAndSeed, label) - copy(labelAndSeed[len(label):], seed) - - s1, s2 := splitPreMasterSecret(secret) - pHash(result, s1, labelAndSeed, hashMD5) - result2 := make([]byte, len(result)) - pHash(result2, s2, labelAndSeed, hashSHA1) - - for i, b := range result2 { - result[i] ^= b - } -} - -// prf12 implements the TLS 1.2 pseudo-random function, as defined in RFC 5246, section 5. -func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) { - return func(result, secret, label, seed []byte) { - labelAndSeed := make([]byte, len(label)+len(seed)) - copy(labelAndSeed, label) - copy(labelAndSeed[len(label):], seed) - - pHash(result, secret, labelAndSeed, hashFunc) - } -} - -// prf30 implements the SSL 3.0 pseudo-random function, as defined in -// www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt section 6. -func prf30(result, secret, label, seed []byte) { - hashSHA1 := sha1.New() - hashMD5 := md5.New() - - done := 0 - i := 0 - // RFC5246 section 6.3 says that the largest PRF output needed is 128 - // bytes. Since no more ciphersuites will be added to SSLv3, this will - // remain true. Each iteration gives us 16 bytes so 10 iterations will - // be sufficient. - var b [11]byte - for done < len(result) { - for j := 0; j <= i; j++ { - b[j] = 'A' + byte(i) - } - - hashSHA1.Reset() - hashSHA1.Write(b[:i+1]) - hashSHA1.Write(secret) - hashSHA1.Write(seed) - digest := hashSHA1.Sum(nil) - - hashMD5.Reset() - hashMD5.Write(secret) - hashMD5.Write(digest) - - done += copy(result[done:], hashMD5.Sum(nil)) - i++ - } -} - -func exportPRF30(result, secret, label, seed []byte) { - hash := md5.New() - hash.Write(secret) - hash.Write(seed) - copy(result, hash.Sum(nil)) -} - -const ( - tlsRandomLength = 32 // Length of a random nonce in TLS 1.1. - masterSecretLength = 48 // Length of a master secret in TLS 1.1. - finishedVerifyLength = 12 // Length of verify_data in a Finished message. -) - -var masterSecretLabel = []byte("master secret") -var extendedMasterSecretLabel = []byte("extended master secret") -var keyExpansionLabel = []byte("key expansion") -var clientFinishedLabel = []byte("client finished") -var serverFinishedLabel = []byte("server finished") -var clientFinalKeyLabel = []byte("client write key") -var serverFinalKeyLabel = []byte("server write key") -var finalIVLabel = []byte("IV block") - -func prfForVersion(version uint16, suite *cipherSuite) func(result, secret, label, seed []byte) { - switch version { - case VersionSSL30: - return prf30 - case VersionTLS10, VersionTLS11: - return prf10 - case VersionTLS12: - if suite.flags&suiteSHA384 != 0 { - return prf12(sha512.New384) - } - return prf12(sha256.New) - default: - panic("unknown version") - } -} - -// masterFromPreMasterSecret generates the master secret from the pre-master -// secret. See http://tools.ietf.org/html/rfc5246#section-8.1 -func masterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret, clientRandom, serverRandom []byte) []byte { - seed := make([]byte, len(clientRandom)+len(serverRandom)) - copy(seed[0:len(clientRandom)], clientRandom) - copy(seed[len(clientRandom):], serverRandom) - masterSecret := make([]byte, masterSecretLength) - prfForVersion(version, suite)(masterSecret, preMasterSecret, masterSecretLabel, seed[0:]) - return masterSecret -} - -// extendedMasterFromPreMasterSecret generates the master secret from the -// pre-master secret when the Triple Handshake fix is in effect. See -// https://tools.ietf.org/html/draft-ietf-tls-session-hash-01 -func extendedMasterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret []byte, h finishedHash) []byte { - masterSecret := make([]byte, masterSecretLength) - prfForVersion(version, suite)(masterSecret, preMasterSecret, extendedMasterSecretLabel, h.Sum()) - return masterSecret -} - -// keysFromMasterSecret generates the connection keys from the master -// secret, given the lengths of the MAC key, cipher key and IV, as defined in -// RFC 2246, section 6.3. -func keysFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) { - if suite.flags&suiteExport > 0 { - return exportKeysFromMasterSecret(version, suite, masterSecret, clientRandom, serverRandom, macLen, keyLen, ivLen) - } - var seed [tlsRandomLength * 2]byte - copy(seed[0:len(clientRandom)], serverRandom) - copy(seed[len(serverRandom):], clientRandom) - - n := 2*macLen + 2*keyLen + 2*ivLen - keyMaterial := make([]byte, n) - prfForVersion(version, suite)(keyMaterial, masterSecret, keyExpansionLabel, seed[0:]) - clientMAC = keyMaterial[:macLen] - keyMaterial = keyMaterial[macLen:] - serverMAC = keyMaterial[:macLen] - keyMaterial = keyMaterial[macLen:] - clientKey = keyMaterial[:keyLen] - keyMaterial = keyMaterial[keyLen:] - serverKey = keyMaterial[:keyLen] - keyMaterial = keyMaterial[keyLen:] - clientIV = keyMaterial[:ivLen] - keyMaterial = keyMaterial[ivLen:] - serverIV = keyMaterial[:ivLen] - return -} - -// The crypto wars must have been the worst -func exportKeysFromMasterSecret30(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) { - var seed [tlsRandomLength * 2]byte - copy(seed[0:len(clientRandom)], serverRandom) - copy(seed[len(serverRandom):], clientRandom) - n := 2*macLen + 2*keyLen - keyMaterial := make([]byte, n) - prf30(keyMaterial, masterSecret, keyExpansionLabel, seed[0:]) - clientMAC = keyMaterial[:macLen] - keyMaterial = keyMaterial[macLen:] - serverMAC = keyMaterial[:macLen] - keyMaterial = keyMaterial[macLen:] - clientKey = keyMaterial[:keyLen] - keyMaterial = keyMaterial[keyLen:] - serverKey = keyMaterial[:keyLen] - keyMaterial = keyMaterial[keyLen:] - var exportSeed [tlsRandomLength * 2]byte - copy(exportSeed[0:len(serverRandom)], clientRandom) - copy(exportSeed[len(clientRandom):], serverRandom) - expandedKeyLen := suite.expandedKeyLen - finalKeyBlock := make([]byte, 2*expandedKeyLen) - exportPRF30(finalKeyBlock[:expandedKeyLen], clientKey, clientFinalKeyLabel, exportSeed[0:]) - clientKey = finalKeyBlock[:expandedKeyLen] - finalKeyBlock = finalKeyBlock[expandedKeyLen:] - exportPRF30(finalKeyBlock[:expandedKeyLen], serverKey, serverFinalKeyLabel, seed[0:]) - serverKey = finalKeyBlock[:expandedKeyLen] - ivBlock := make([]byte, 2*ivLen) - clientIV = ivBlock[:ivLen] - exportPRF30(clientIV, []byte{}, finalIVLabel, exportSeed[0:]) - ivBlock = ivBlock[ivLen:] - serverIV = ivBlock[:ivLen] - exportPRF30(serverIV, []byte{}, finalIVLabel, seed[0:]) - return -} - -// If a cryptographer kills me in the night, let it be known I was sorry -func exportKeysFromMasterSecretTLS(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) { - var seed [tlsRandomLength * 2]byte - copy(seed[0:len(clientRandom)], serverRandom) - copy(seed[len(serverRandom):], clientRandom) - n := 2*macLen + 2*keyLen - keyMaterial := make([]byte, n) - prf := prfForVersion(version, suite) - prf(keyMaterial, masterSecret, keyExpansionLabel, seed[0:]) - clientMAC = keyMaterial[:macLen] - keyMaterial = keyMaterial[macLen:] - serverMAC = keyMaterial[:macLen] - keyMaterial = keyMaterial[macLen:] - clientKey = keyMaterial[:keyLen] - keyMaterial = keyMaterial[keyLen:] - serverKey = keyMaterial[:keyLen] - keyMaterial = keyMaterial[keyLen:] - expandedKeyLen := suite.expandedKeyLen - finalKeyBlock := make([]byte, 2*expandedKeyLen) - var exportSeed [tlsRandomLength * 2]byte - copy(exportSeed[0:len(serverRandom)], clientRandom) - copy(exportSeed[len(clientRandom):], serverRandom) - prf(finalKeyBlock[:expandedKeyLen], clientKey, clientFinalKeyLabel, exportSeed[0:]) - clientKey = finalKeyBlock[:expandedKeyLen] - finalKeyBlock = finalKeyBlock[expandedKeyLen:] - prf(finalKeyBlock[:expandedKeyLen], serverKey, serverFinalKeyLabel, exportSeed[0:]) - serverKey = finalKeyBlock[:expandedKeyLen] - ivBlock := make([]byte, 2*ivLen) - prf(ivBlock, []byte{}, finalIVLabel, exportSeed[0:]) - clientIV = ivBlock[:ivLen] - ivBlock = ivBlock[ivLen:] - serverIV = ivBlock[:ivLen] - return -} - -func exportKeysFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) { - switch version { - case VersionSSL30: - return exportKeysFromMasterSecret30(version, suite, masterSecret, clientRandom, serverRandom, macLen, keyLen, ivLen) - case VersionTLS10, VersionTLS11, VersionTLS12: - return exportKeysFromMasterSecretTLS(version, suite, masterSecret, clientRandom, serverRandom, macLen, keyLen, ivLen) - default: - panic("unknown version") - } -} - -// lookupTLSHash looks up the corresponding crypto.Hash for a given -// TLS hash identifier. -func lookupTLSHash(hash uint8) (crypto.Hash, error) { - switch hash { - case hashMD5: - return crypto.MD5, nil - case hashSHA1: - return crypto.SHA1, nil - case hashSHA224: - return crypto.SHA224, nil - case hashSHA256: - return crypto.SHA256, nil - case hashSHA384: - return crypto.SHA384, nil - case hashSHA512: - return crypto.SHA512, nil - default: - return 0, errors.New("tls: unsupported hash algorithm") - } -} - -func newFinishedHash(version uint16, cipherSuite *cipherSuite) finishedHash { - if version >= VersionTLS12 { - newHash := sha256.New - if cipherSuite != nil && cipherSuite.flags&suiteSHA384 != 0 { - newHash = sha512.New384 - } - - return finishedHash{newHash(), newHash(), nil, nil, []byte{}, version, prf12(newHash)} - } - return finishedHash{sha1.New(), sha1.New(), md5.New(), md5.New(), []byte{}, version, prf10} -} - -// A finishedHash calculates the hash of a set of handshake messages suitable -// for including in a Finished message. -type finishedHash struct { - client hash.Hash - server hash.Hash - - // Prior to TLS 1.2, an additional MD5 hash is required. - clientMD5 hash.Hash - serverMD5 hash.Hash - - // In TLS 1.2 (and SSL 3 for implementation convenience), a - // full buffer is required. - buffer []byte - - version uint16 - prf func(result, secret, label, seed []byte) -} - -func (h *finishedHash) Write(msg []byte) (n int, err error) { - h.client.Write(msg) - h.server.Write(msg) - - if h.version < VersionTLS12 { - h.clientMD5.Write(msg) - h.serverMD5.Write(msg) - } - - if h.buffer != nil { - h.buffer = append(h.buffer, msg...) - } - - return len(msg), nil -} - -func (h finishedHash) Sum() []byte { - if h.version >= VersionTLS12 { - return h.client.Sum(nil) - } - - out := make([]byte, 0, md5.Size+sha1.Size) - out = h.clientMD5.Sum(out) - return h.client.Sum(out) -} - -// finishedSum30 calculates the contents of the verify_data member of a SSLv3 -// Finished message given the MD5 and SHA1 hashes of a set of handshake -// messages. -func finishedSum30(md5, sha1 hash.Hash, masterSecret []byte, magic []byte) []byte { - md5.Write(magic) - md5.Write(masterSecret) - md5.Write(ssl30Pad1[:]) - md5Digest := md5.Sum(nil) - - md5.Reset() - md5.Write(masterSecret) - md5.Write(ssl30Pad2[:]) - md5.Write(md5Digest) - md5Digest = md5.Sum(nil) - - sha1.Write(magic) - sha1.Write(masterSecret) - sha1.Write(ssl30Pad1[:40]) - sha1Digest := sha1.Sum(nil) - - sha1.Reset() - sha1.Write(masterSecret) - sha1.Write(ssl30Pad2[:40]) - sha1.Write(sha1Digest) - sha1Digest = sha1.Sum(nil) - - ret := make([]byte, len(md5Digest)+len(sha1Digest)) - copy(ret, md5Digest) - copy(ret[len(md5Digest):], sha1Digest) - return ret -} - -var ssl3ClientFinishedMagic = [4]byte{0x43, 0x4c, 0x4e, 0x54} -var ssl3ServerFinishedMagic = [4]byte{0x53, 0x52, 0x56, 0x52} - -// clientSum returns the contents of the verify_data member of a client's -// Finished message. -func (h finishedHash) clientSum(masterSecret []byte) []byte { - if h.version == VersionSSL30 { - return finishedSum30(h.clientMD5, h.client, masterSecret, ssl3ClientFinishedMagic[:]) - } - - out := make([]byte, finishedVerifyLength) - h.prf(out, masterSecret, clientFinishedLabel, h.Sum()) - return out -} - -// serverSum returns the contents of the verify_data member of a server's -// Finished message. -func (h finishedHash) serverSum(masterSecret []byte) []byte { - if h.version == VersionSSL30 { - return finishedSum30(h.serverMD5, h.server, masterSecret, ssl3ServerFinishedMagic[:]) - } - - out := make([]byte, finishedVerifyLength) - h.prf(out, masterSecret, serverFinishedLabel, h.Sum()) - return out -} - -// selectClientCertSignatureAlgorithm returns a signatureAndHash to sign a -// client's CertificateVerify with, or an error if none can be found. -func (h finishedHash) selectClientCertSignatureAlgorithm(serverList, clientList []signatureAndHash, sigType uint8) (signatureAndHash, error) { - if h.version < VersionTLS12 { - // Nothing to negotiate before TLS 1.2. - return signatureAndHash{signature: sigType}, nil - } - - for _, v := range serverList { - if v.signature == sigType && isSupportedSignatureAndHash(v, clientList) { - return v, nil - } - } - return signatureAndHash{}, errors.New("tls: no supported signature algorithm found for signing client certificate") -} - -// hashForClientCertificate returns a digest, hash function, and TLS 1.2 hash -// id suitable for signing by a TLS client certificate. -func (h finishedHash) hashForClientCertificate(signatureAndHash signatureAndHash, masterSecret []byte) ([]byte, crypto.Hash, error) { - if h.version == VersionSSL30 { - if signatureAndHash.signature != signatureRSA { - return nil, 0, errors.New("tls: unsupported signature type for client certificate") - } - - md5Hash := md5.New() - md5Hash.Write(h.buffer) - sha1Hash := sha1.New() - sha1Hash.Write(h.buffer) - return finishedSum30(md5Hash, sha1Hash, masterSecret, nil), crypto.MD5SHA1, nil - } - if h.version >= VersionTLS12 { - hashAlg, err := lookupTLSHash(signatureAndHash.hash) - if err != nil { - return nil, 0, err - } - hash := hashAlg.New() - hash.Write(h.buffer) - return hash.Sum(nil), hashAlg, nil - } - if signatureAndHash.signature == signatureECDSA { - return h.server.Sum(nil), crypto.SHA1, nil - } - - return h.Sum(), crypto.MD5SHA1, nil -} diff --git a/ztools/ztls/prf_test.go b/ztools/ztls/prf_test.go deleted file mode 100644 index 4d12590c..00000000 --- a/ztools/ztls/prf_test.go +++ /dev/null @@ -1,128 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "encoding/hex" - "testing" -) - -type testSplitPreMasterSecretTest struct { - in, out1, out2 string -} - -var testSplitPreMasterSecretTests = []testSplitPreMasterSecretTest{ - {"", "", ""}, - {"00", "00", "00"}, - {"0011", "00", "11"}, - {"001122", "0011", "1122"}, - {"00112233", "0011", "2233"}, -} - -func TestSplitPreMasterSecret(t *testing.T) { - for i, test := range testSplitPreMasterSecretTests { - in, _ := hex.DecodeString(test.in) - out1, out2 := splitPreMasterSecret(in) - s1 := hex.EncodeToString(out1) - s2 := hex.EncodeToString(out2) - if s1 != test.out1 || s2 != test.out2 { - t.Errorf("#%d: got: (%s, %s) want: (%s, %s)", i, s1, s2, test.out1, test.out2) - } - } -} - -type testKeysFromTest struct { - version uint16 - preMasterSecret string - clientRandom, serverRandom string - masterSecret string - clientMAC, serverMAC string - clientKey, serverKey string - macLen, keyLen int -} - -func TestKeysFromPreMasterSecret(t *testing.T) { - for i, test := range testKeysFromTests { - in, _ := hex.DecodeString(test.preMasterSecret) - clientRandom, _ := hex.DecodeString(test.clientRandom) - serverRandom, _ := hex.DecodeString(test.serverRandom) - - suite := mutualCipherSuite([]uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, TLS_RSA_WITH_AES_128_CBC_SHA) - - masterSecret := masterFromPreMasterSecret(test.version, suite, in, clientRandom, serverRandom) - if s := hex.EncodeToString(masterSecret); s != test.masterSecret { - t.Errorf("#%d: bad master secret %s, want %s", i, s, test.masterSecret) - continue - } - - clientMAC, serverMAC, clientKey, serverKey, _, _ := keysFromMasterSecret(test.version, suite, masterSecret, clientRandom, serverRandom, test.macLen, test.keyLen, 0) - clientMACString := hex.EncodeToString(clientMAC) - serverMACString := hex.EncodeToString(serverMAC) - clientKeyString := hex.EncodeToString(clientKey) - serverKeyString := hex.EncodeToString(serverKey) - if clientMACString != test.clientMAC || - serverMACString != test.serverMAC || - clientKeyString != test.clientKey || - serverKeyString != test.serverKey { - t.Errorf("#%d: got: (%s, %s, %s, %s) want: (%s, %s, %s, %s)", i, clientMACString, serverMACString, clientKeyString, serverKeyString, test.clientMAC, test.serverMAC, test.clientKey, test.serverKey) - } - } -} - -// These test vectors were generated from GnuTLS using `gnutls-cli --insecure -d 9 ` -var testKeysFromTests = []testKeysFromTest{ - { - VersionTLS10, - "0302cac83ad4b1db3b9ab49ad05957de2a504a634a386fc600889321e1a971f57479466830ac3e6f468e87f5385fa0c5", - "4ae66303755184a3917fcb44880605fcc53baa01912b22ed94473fc69cebd558", - "4ae663020ec16e6bb5130be918cfcafd4d765979a3136a5d50c593446e4e44db", - "3d851bab6e5556e959a16bc36d66cfae32f672bfa9ecdef6096cbb1b23472df1da63dbbd9827606413221d149ed08ceb", - "805aaa19b3d2c0a0759a4b6c9959890e08480119", - "2d22f9fe519c075c16448305ceee209fc24ad109", - "d50b5771244f850cd8117a9ccafe2cf1", - "e076e33206b30507a85c32855acd0919", - 20, - 16, - }, - { - VersionTLS10, - "03023f7527316bc12cbcd69e4b9e8275d62c028f27e65c745cfcddc7ce01bd3570a111378b63848127f1c36e5f9e4890", - "4ae66364b5ea56b20ce4e25555aed2d7e67f42788dd03f3fee4adae0459ab106", - "4ae66363ab815cbf6a248b87d6b556184e945e9b97fbdf247858b0bdafacfa1c", - "7d64be7c80c59b740200b4b9c26d0baaa1c5ae56705acbcf2307fe62beb4728c19392c83f20483801cce022c77645460", - "97742ed60a0554ca13f04f97ee193177b971e3b0", - "37068751700400e03a8477a5c7eec0813ab9e0dc", - "207cddbc600d2a200abac6502053ee5c", - "df3f94f6e1eacc753b815fe16055cd43", - 20, - 16, - }, - { - VersionTLS10, - "832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1", - "4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e", - "4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e", - "1aff2e7a2c4279d0126f57a65a77a8d9d0087cf2733366699bec27eb53d5740705a8574bb1acc2abbe90e44f0dd28d6c", - "3c7647c93c1379a31a609542aa44e7f117a70085", - "0d73102994be74a575a3ead8532590ca32a526d4", - "ac7581b0b6c10d85bbd905ffbf36c65e", - "ff07edde49682b45466bd2e39464b306", - 20, - 16, - }, - { - VersionSSL30, - "832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1", - "4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e", - "4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e", - "a614863e56299dcffeea2938f22c2ba023768dbe4b3f6877bc9c346c6ae529b51d9cb87ff9695ea4d01f2205584405b2", - "2c450d5b6f6e2013ac6bea6a0b32200d4e1ffb94", - "7a7a7438769536f2fb1ae49a61f0703b79b2dc53", - "f8f6b26c10f12855c9aafb1e0e839ccf", - "2b9d4b4a60cb7f396780ebff50650419", - 20, - 16, - }, -} diff --git a/ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA b/ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA deleted file mode 100644 index 00722cba..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA +++ /dev/null @@ -1,129 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 59 02 00 00 55 03 01 53 04 f1 03 46 |....Y...U..S...F| -00000010 0f 84 c4 cb 55 ef 85 f6 4f d7 0e e1 4b 10 d4 bb |....U...O...K...| -00000020 35 87 2d f3 d7 18 ec 4e 95 4b f4 20 28 82 94 d9 |5.-....N.K. (...| -00000030 df c4 fc ee 21 23 c1 e2 76 3e 7b 09 af 2c 39 23 |....!#..v>{..,9#| -00000040 f8 46 6c 31 88 42 f0 79 de 37 2b 00 c0 09 00 00 |.Fl1.B.y.7+.....| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 01 00 d5 0c 00 00 d1 03 00 17 41 04 4f |*............A.O| -00000280 47 16 72 98 9e 9f 2e 8e 78 e9 0f fe 95 83 7b aa |G.r.....x.....{.| -00000290 e5 3d c0 7d cf 83 bd 22 0b fd 48 f1 a7 49 a5 7d |.=.}..."..H..I.}| -000002a0 8e 0c 83 7f e1 2d 71 03 cc 90 09 ab f7 35 81 48 |.....-q......5.H| -000002b0 a4 1e 7d 87 21 23 12 58 2c 47 f3 af c7 6c 71 00 |..}.!#.X,G...lq.| -000002c0 8a 30 81 87 02 42 00 b4 03 38 60 43 d9 32 ef 64 |.0...B...8`C.2.d| -000002d0 5a 9c 91 95 0d 10 21 53 c7 78 f8 bf 50 ed 13 5d |Z.....!S.x..P..]| -000002e0 c3 e7 71 d6 11 04 f1 e4 9d ce 17 99 8d 1a 87 1f |..q.............| -000002f0 cb dd f8 1b ae cd bc 4a 77 ab 7c 50 bf 73 c3 ea |.......Jw.|P.s..| -00000300 d6 df 88 56 f6 b1 03 83 02 41 66 3d fb 4e 7e af |...V.....Af=.N~.| -00000310 4e c1 60 fe 09 fa 7e 74 99 66 7f de b4 b2 74 89 |N.`...~t.f....t.| -00000320 1c a4 cf 74 1a 55 a5 be 74 f9 36 21 3d ae c8 c3 |...t.U..t.6!=...| -00000330 24 8e ad db a3 26 67 8f 98 27 e3 93 ee d9 5c fb |$....&g..'....\.| -00000340 85 82 e2 13 c3 50 ab e9 f6 39 2b 16 03 01 00 0e |.....P...9+.....| -00000350 0d 00 00 06 03 01 02 40 00 00 0e 00 00 00 |.......@......| ->>> Flow 3 (client to server) -00000000 16 03 01 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| -00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| -00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| -00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| -00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| -00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| -00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| -00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| -00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| -00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| -000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| -000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| -000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| -000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| -000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| -000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| -00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| -00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| -00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| -00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| -00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| -00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| -00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| -00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| -00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| -00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| -000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| -000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| -000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| -000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| -000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| -000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| -00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| -00000210 03 01 00 46 10 00 00 42 41 04 1e 18 37 ef 0d 19 |...F...BA...7...| -00000220 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 |Q.5uq..T[....g..| -00000230 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 |$ >.V...(^.+-O..| -00000240 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 |..lK[.V.2B.X..I.| -00000250 b5 68 1a 41 03 56 6b dc 5a 89 16 03 01 00 90 0f |.h.A.Vk.Z.......| -00000260 00 00 8c 00 8a 30 81 87 02 42 00 c6 85 8e 06 b7 |.....0...B......| -00000270 04 04 e9 cd 9e 3e cb 66 23 95 b4 42 9c 64 81 39 |.....>.f#..B.d.9| -00000280 05 3f b5 21 f8 28 af 60 6b 4d 3d ba a1 4b 5e 77 |.?.!.(.`kM=..K^w| -00000290 ef e7 59 28 fe 1d c1 27 a2 ff a8 de 33 48 b3 c1 |..Y(...'....3H..| -000002a0 85 6a 42 9b f9 7e 7e 31 c2 e5 bd 66 02 41 4b 49 |.jB..~~1...f.AKI| -000002b0 c6 cd 02 e3 83 f7 03 50 18 6d b4 c9 51 02 c0 ab |.......P.m..Q...| -000002c0 87 bc e0 3e 4b 89 53 3a e2 65 89 97 02 c1 87 f1 |...>K.S:.e......| -000002d0 67 d0 f2 06 28 4e 51 4e fd f0 01 be 41 3c 52 42 |g...(NQN....AD$..w.wo...| -000002f0 03 01 00 01 01 16 03 01 00 30 a3 da 45 22 96 83 |.........0..E"..| -00000300 59 90 e9 6b ec 3b 77 50 05 89 e6 0c 61 d1 1d 2b |Y..k.;wP....a..+| -00000310 da d4 49 bf b9 c6 dd ad c3 9c 82 bd 53 62 e8 57 |..I.........Sb.W| -00000320 a4 6a e7 9f b1 d5 39 77 88 6d |.j....9w.m| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 30 a4 45 dd 99 df |..........0.E...| -00000010 66 ae f5 c7 bd 1a eb 6a ff ac a6 38 14 81 b5 07 |f......j...8....| -00000020 86 24 80 f1 09 59 ad 33 3d 43 ed 9e 43 b1 1e 9f |.$...Y.3=C..C...| -00000030 bd 8c b3 e0 41 83 a1 34 91 c5 a1 |....A..4...| ->>> Flow 5 (client to server) -00000000 17 03 01 00 20 ae e3 ae 7f 2d e3 a2 f7 1b 4e 69 |.... ....-....Ni| -00000010 cb 18 c6 68 42 f8 de 61 92 4c fa d6 19 7c 8c 09 |...hB..a.L...|..| -00000020 82 e2 f2 32 19 17 03 01 00 20 2a 77 65 1f c1 fd |...2..... *we...| -00000030 5e 37 b7 15 f6 1f 4c 7f 5f 89 52 b4 32 27 4d 17 |^7....L._.R.2'M.| -00000040 33 c6 e8 50 ac 70 c8 b9 2d 0a 15 03 01 00 20 e0 |3..P.p..-..... .| -00000050 cb ce 07 80 55 a0 46 ca a7 25 4c 5f 9d 7c 73 37 |....U.F..%L_.|s7| -00000060 de 72 6d 36 a8 e4 be fd 2a e7 f8 8d 14 80 b7 |.rm6....*......| diff --git a/ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-RSA b/ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-RSA deleted file mode 100644 index c0be8249..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-ClientCert-ECDSA-RSA +++ /dev/null @@ -1,125 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 51 02 00 00 4d 03 01 53 04 f1 02 ed |....Q...M..S....| -00000010 86 9c 56 84 5a d3 7d d7 f3 4e 6f 2c 69 0d f0 59 |..V.Z.}..No,i..Y| -00000020 a5 d1 de 2d 03 2f dd 63 c3 ab fa 20 30 d6 5a 24 |...-./.c... 0.Z$| -00000030 5c 31 67 36 8d 4c 43 e1 64 c4 8a 2c a5 fd 39 92 |\1g6.LC.d..,..9.| -00000040 c5 6f 58 47 a3 fe 63 14 98 92 11 90 00 05 00 00 |.oXG..c.........| -00000050 05 ff 01 00 01 00 16 03 01 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 01 00 0e 0d 00 |n8P)l...........| -00000320 00 06 03 01 02 40 00 00 0e 00 00 00 |.....@......| ->>> Flow 3 (client to server) -00000000 16 03 01 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| -00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| -00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| -00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| -00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| -00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| -00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| -00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| -00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| -00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| -000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| -000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| -000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| -000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| -000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| -000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| -00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| -00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| -00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| -00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| -00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| -00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| -00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| -00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| -00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| -00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| -000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| -000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| -000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| -000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| -000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| -000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| -00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| -00000210 03 01 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 3e |..........mQ...>| -00000220 fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c 8e |.u.A6..j.*.%.gL.| -00000230 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 1d |b/0......+.#....| -00000240 f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 0d |.;...'..$...[.f.| -00000250 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be c8 |j.....C.........| -00000260 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce e6 |.9L.....K.../...| -00000270 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 f1 |.w.o#......:..V.| -00000280 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 35 |.T^F..;3..(....5| -00000290 d4 1c 43 d1 30 6f 55 4e 0a 70 16 03 01 00 90 0f |..C.0oUN.p......| -000002a0 00 00 8c 00 8a 30 81 87 02 42 00 c6 85 8e 06 b7 |.....0...B......| -000002b0 04 04 e9 cd 9e 3e cb 66 23 95 b4 42 9c 64 81 39 |.....>.f#..B.d.9| -000002c0 05 3f b5 21 f8 28 af 60 6b 4d 3d ba a1 4b 5e 77 |.?.!.(.`kM=..K^w| -000002d0 ef e7 59 28 fe 1d c1 27 a2 ff a8 de 33 48 b3 c1 |..Y(...'....3H..| -000002e0 85 6a 42 9b f9 7e 7e 31 c2 e5 bd 66 02 41 4b 49 |.jB..~~1...f.AKI| -000002f0 c6 cd 02 e3 83 f7 03 50 18 6d b4 c9 51 02 c0 ab |.......P.m..Q...| -00000300 87 bc e0 3e 4b 89 53 3a e2 65 89 97 02 c1 87 f1 |...>K.S:.e......| -00000310 67 d0 f2 06 28 4e 51 4e fd f0 01 47 e7 c9 d9 23 |g...(NQN...G...#| -00000320 21 6b 87 d2 55 e3 c9 f7 eb 86 d5 1e 50 df d5 14 |!k..U.......P...| -00000330 03 01 00 01 01 16 03 01 00 24 95 62 42 be 90 39 |.........$.bB..9| -00000340 68 ae f5 77 47 21 14 b9 ac ee 81 2d e3 9e c7 34 |h..wG!.....-...4| -00000350 3a 00 5c c9 12 1d c0 5a 7c e7 ef e0 cd fd |:.\....Z|.....| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 24 ea 98 c0 fb 86 |..........$.....| -00000010 87 7a 2e e1 c7 68 61 3e 5b cc da 1f d6 7b ab 5a |.z...ha>[....{.Z| -00000020 a0 ae a2 cf d0 54 44 19 12 db 75 2b 8c 73 8c |.....TD...u+.s.| ->>> Flow 5 (client to server) -00000000 17 03 01 00 1a f3 28 77 31 33 4c b3 7c 4b 75 61 |......(w13L.|Kua| -00000010 38 69 6b ae c9 36 ab 2e 56 16 29 6a 9a 00 2f 15 |8ik..6..V.)j../.| -00000020 03 01 00 16 6b ed 68 18 ed ff 44 39 9b 4a e4 a2 |....k.h...D9.J..| -00000030 cd 79 ef 2a 3e 5a 4d b1 5d 56 |.y.*>ZM.]V| diff --git a/ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-ECDSA b/ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-ECDSA deleted file mode 100644 index 3e6dbc27..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-ECDSA +++ /dev/null @@ -1,128 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 59 02 00 00 55 03 01 53 04 f1 02 4f |....Y...U..S...O| -00000010 73 06 2d 72 41 36 a1 b2 d3 50 97 55 8c c5 f1 43 |s.-rA6...P.U...C| -00000020 37 1f 1a 2a fe 51 70 0b 2f 25 9e 20 50 61 86 80 |7..*.Qp./%. Pa..| -00000030 9a 9c 6d 6f c9 ea 5c ce 0c b7 7c ce e3 be d0 e5 |..mo..\...|.....| -00000040 be d0 c4 80 78 c3 c7 17 0c 2d 8e c8 c0 09 00 00 |....x....-......| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 01 00 d6 0c 00 00 d2 03 00 17 41 04 b1 |*............A..| -00000280 0f 0f 4a 18 ed 25 32 b3 a3 19 ed 4b 61 b6 eb e4 |..J..%2....Ka...| -00000290 d3 f7 77 13 ac 9f 60 c7 8d 6d cb f1 ee 99 1a 71 |..w...`..m.....q| -000002a0 68 aa d3 a7 70 7f 38 d0 f6 23 ab 9a f6 dd 19 4f |h...p.8..#.....O| -000002b0 ce 10 ef d5 cf 64 85 2f 75 f6 20 06 4b f0 b9 00 |.....d./u. .K...| -000002c0 8b 30 81 88 02 42 01 00 b9 6b 80 91 59 0a 48 3f |.0...B...k..Y.H?| -000002d0 72 16 96 8f 21 2c 28 e4 6d 03 74 66 35 16 7d ec |r...!,(.m.tf5.}.| -000002e0 c7 08 9b 52 b5 05 d9 38 d8 b7 51 42 a7 4a 9f 9b |...R...8..QB.J..| -000002f0 1a 37 14 de c5 f5 16 96 83 81 58 d3 a6 1e ce 8a |.7........X.....| -00000300 bc 19 47 30 fe c5 85 55 02 42 01 4f 61 59 68 85 |..G0...U.B.OaYh.| -00000310 c7 64 23 22 f6 83 53 cc 58 38 25 b5 ce 74 c1 68 |.d#"..S.X8%..t.h| -00000320 9f 32 72 33 ea c9 62 e0 26 63 92 e3 5f 34 10 0b |.2r3..b.&c.._4..| -00000330 3c d5 83 fe 9f 67 69 ef 33 6b 19 c1 ec d6 6c 35 |<....gi.3k....l5| -00000340 89 33 17 d3 9d 93 e2 e5 6e 89 9a a1 16 03 01 00 |.3......n.......| -00000350 0e 0d 00 00 06 03 01 02 40 00 00 0e 00 00 00 |........@......| ->>> Flow 3 (client to server) -00000000 16 03 01 01 fb 0b 00 01 f7 00 01 f4 00 01 f1 30 |...............0| -00000010 82 01 ed 30 82 01 58 a0 03 02 01 02 02 01 00 30 |...0..X........0| -00000020 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 26 31 10 |...*.H......0&1.| -00000030 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f |0...U....Acme Co| -00000040 31 12 30 10 06 03 55 04 03 13 09 31 32 37 2e 30 |1.0...U....127.0| -00000050 2e 30 2e 31 30 1e 17 0d 31 31 31 32 30 38 30 37 |.0.10...11120807| -00000060 35 35 31 32 5a 17 0d 31 32 31 32 30 37 30 38 30 |5512Z..121207080| -00000070 30 31 32 5a 30 26 31 10 30 0e 06 03 55 04 0a 13 |012Z0&1.0...U...| -00000080 07 41 63 6d 65 20 43 6f 31 12 30 10 06 03 55 04 |.Acme Co1.0...U.| -00000090 03 13 09 31 32 37 2e 30 2e 30 2e 31 30 81 9c 30 |...127.0.0.10..0| -000000a0 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 8c 00 |...*.H..........| -000000b0 30 81 88 02 81 80 4e d0 7b 31 e3 82 64 d9 59 c0 |0.....N.{1..d.Y.| -000000c0 c2 87 a4 5e 1e 8b 73 33 c7 63 53 df 66 92 06 84 |...^..s3.cS.f...| -000000d0 f6 64 d5 8f e4 36 a7 1d 2b e8 b3 20 36 45 23 b5 |.d...6..+.. 6E#.| -000000e0 e3 95 ae ed e0 f5 20 9c 8d 95 df 7f 5a 12 ef 87 |...... .....Z...| -000000f0 e4 5b 68 e4 e9 0e 74 ec 04 8a 7f de 93 27 c4 01 |.[h...t......'..| -00000100 19 7a bd f2 dc 3d 14 ab d0 54 ca 21 0c d0 4d 6e |.z...=...T.!..Mn| -00000110 87 2e 5c c5 d2 bb 4d 4b 4f ce b6 2c f7 7e 88 ec |..\...MKO..,.~..| -00000120 7c d7 02 91 74 a6 1e 0c 1a da e3 4a 5a 2e de 13 ||...t......JZ...| -00000130 9c 4c 40 88 59 93 02 03 01 00 01 a3 32 30 30 30 |.L@.Y.......2000| -00000140 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 00 a0 30 |...U...........0| -00000150 0d 06 03 55 1d 0e 04 06 04 04 01 02 03 04 30 0f |...U..........0.| -00000160 06 03 55 1d 23 04 08 30 06 80 04 01 02 03 04 30 |..U.#..0.......0| -00000170 0b 06 09 2a 86 48 86 f7 0d 01 01 05 03 81 81 00 |...*.H..........| -00000180 36 1f b3 7a 0c 75 c9 6e 37 46 61 2b d5 bd c0 a7 |6..z.u.n7Fa+....| -00000190 4b cc 46 9a 81 58 7c 85 79 29 c8 c8 c6 67 dd 32 |K.F..X|.y)...g.2| -000001a0 56 45 2b 75 b6 e9 24 a9 50 9a be 1f 5a fa 1a 15 |VE+u..$.P...Z...| -000001b0 d9 cc 55 95 72 16 83 b9 c2 b6 8f fd 88 8c 38 84 |..U.r.........8.| -000001c0 1d ab 5d 92 31 13 4f fd 83 3b c6 9d f1 11 62 b6 |..].1.O..;....b.| -000001d0 8b ec ab 67 be c8 64 b0 11 50 46 58 17 6b 99 1c |...g..d..PFX.k..| -000001e0 d3 1d fc 06 f1 0e e5 96 a8 0c f9 78 20 b7 44 18 |...........x .D.| -000001f0 51 8d 10 7e 4f 94 67 df a3 4e 70 73 8e 90 91 85 |Q..~O.g..Nps....| -00000200 16 03 01 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000210 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000220 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000230 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000240 a6 b5 68 1a 41 03 56 6b dc 5a 89 16 03 01 00 86 |..h.A.Vk.Z......| -00000250 0f 00 00 82 00 80 20 2c 5a 08 3a 00 33 50 19 b2 |...... ,Z.:.3P..| -00000260 0f ba 6c 76 7f 5c 92 e2 78 55 3e 32 32 bb 33 bc |..lv.\..xU>22.3.| -00000270 ab a9 34 e0 83 cf 82 cd 9e 6b 3f 9d e6 49 61 29 |..4......k?..Ia)| -00000280 8b b4 ed e8 12 cd a9 52 86 11 48 64 08 61 72 8d |.......R..Hd.ar.| -00000290 d6 6a ac 42 cc e4 07 5f 08 56 9f 2f c5 35 d3 9b |.j.B..._.V./.5..| -000002a0 e9 0d 91 82 c0 e9 bb 9f a9 8f df 96 85 08 9a 69 |...............i| -000002b0 a4 93 b3 72 37 ba f9 b1 a4 0b b0 9f 43 6a 15 ec |...r7.......Cj..| -000002c0 79 b8 fd 9c 1f 5f 0d 2c 56 33 c7 15 d5 4a b7 82 |y...._.,V3...J..| -000002d0 ea 44 80 20 c5 80 14 03 01 00 01 01 16 03 01 00 |.D. ............| -000002e0 30 c9 c0 7c d7 57 d3 00 ab 87 eb 78 56 6b a1 69 |0..|.W.....xVk.i| -000002f0 1d fa ec ae 38 f3 ef 5d 49 19 0d 4b f0 73 63 af |....8..]I..K.sc.| -00000300 89 b6 cb 76 cf fb b9 c1 99 98 06 0a 54 67 a0 6e |...v........Tg.n| -00000310 e7 |.| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 30 20 db fd ed ed |..........0 ....| -00000010 7c d5 bf 8f 06 3b 86 1b c1 60 7d a4 74 e9 a6 c9 ||....;...`}.t...| -00000020 f5 7c c7 f4 65 91 06 d5 53 88 d7 57 a4 22 b6 1f |.|..e...S..W."..| -00000030 f1 02 e9 79 36 e6 a1 22 51 3a 4c |...y6.."Q:L| ->>> Flow 5 (client to server) -00000000 17 03 01 00 20 00 66 51 6a 14 ca ea e2 21 48 74 |.... .fQj....!Ht| -00000010 c4 c1 6e b9 8b 23 af 7c 33 c9 00 f8 0b ec ab 35 |..n..#.|3......5| -00000020 e7 42 0a d1 ae 17 03 01 00 20 00 1c 6d 60 75 5d |.B....... ..m`u]| -00000030 b3 fb 40 2e e0 b7 0d 48 f4 87 ac d4 bf ea 01 0d |..@....H........| -00000040 fe 10 0d 05 04 43 6b 19 ed f2 15 03 01 00 20 f8 |.....Ck....... .| -00000050 03 ac 62 4b 1f db 2e d2 4e 00 c3 a4 57 3c 0a 62 |..bK....N...W<.b| -00000060 05 a0 ef bd 2b 9b 9a 63 27 72 d7 d8 f1 8d 84 |....+..c'r.....| diff --git a/ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-RSA b/ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-RSA deleted file mode 100644 index 94e68600..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-ClientCert-RSA-RSA +++ /dev/null @@ -1,124 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 51 02 00 00 4d 03 01 53 04 f1 02 73 |....Q...M..S...s| -00000010 ee 5f 70 a4 aa 0d be d7 46 a3 25 3f e3 5d ef 7b |._p.....F.%?.].{| -00000020 73 49 7c b6 82 4d 99 2f 31 fc 8b 20 2d a3 33 7c |sI|..M./1.. -.3|| -00000030 a5 c3 85 86 ba 61 4d 05 b0 5e d3 5e 88 6e c3 4b |.....aM..^.^.n.K| -00000040 95 d3 e9 67 f1 96 24 58 7a 6f e6 c5 00 05 00 00 |...g..$Xzo......| -00000050 05 ff 01 00 01 00 16 03 01 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 01 00 0e 0d 00 |n8P)l...........| -00000320 00 06 03 01 02 40 00 00 0e 00 00 00 |.....@......| ->>> Flow 3 (client to server) -00000000 16 03 01 01 fb 0b 00 01 f7 00 01 f4 00 01 f1 30 |...............0| -00000010 82 01 ed 30 82 01 58 a0 03 02 01 02 02 01 00 30 |...0..X........0| -00000020 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 26 31 10 |...*.H......0&1.| -00000030 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f |0...U....Acme Co| -00000040 31 12 30 10 06 03 55 04 03 13 09 31 32 37 2e 30 |1.0...U....127.0| -00000050 2e 30 2e 31 30 1e 17 0d 31 31 31 32 30 38 30 37 |.0.10...11120807| -00000060 35 35 31 32 5a 17 0d 31 32 31 32 30 37 30 38 30 |5512Z..121207080| -00000070 30 31 32 5a 30 26 31 10 30 0e 06 03 55 04 0a 13 |012Z0&1.0...U...| -00000080 07 41 63 6d 65 20 43 6f 31 12 30 10 06 03 55 04 |.Acme Co1.0...U.| -00000090 03 13 09 31 32 37 2e 30 2e 30 2e 31 30 81 9c 30 |...127.0.0.10..0| -000000a0 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 8c 00 |...*.H..........| -000000b0 30 81 88 02 81 80 4e d0 7b 31 e3 82 64 d9 59 c0 |0.....N.{1..d.Y.| -000000c0 c2 87 a4 5e 1e 8b 73 33 c7 63 53 df 66 92 06 84 |...^..s3.cS.f...| -000000d0 f6 64 d5 8f e4 36 a7 1d 2b e8 b3 20 36 45 23 b5 |.d...6..+.. 6E#.| -000000e0 e3 95 ae ed e0 f5 20 9c 8d 95 df 7f 5a 12 ef 87 |...... .....Z...| -000000f0 e4 5b 68 e4 e9 0e 74 ec 04 8a 7f de 93 27 c4 01 |.[h...t......'..| -00000100 19 7a bd f2 dc 3d 14 ab d0 54 ca 21 0c d0 4d 6e |.z...=...T.!..Mn| -00000110 87 2e 5c c5 d2 bb 4d 4b 4f ce b6 2c f7 7e 88 ec |..\...MKO..,.~..| -00000120 7c d7 02 91 74 a6 1e 0c 1a da e3 4a 5a 2e de 13 ||...t......JZ...| -00000130 9c 4c 40 88 59 93 02 03 01 00 01 a3 32 30 30 30 |.L@.Y.......2000| -00000140 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 00 a0 30 |...U...........0| -00000150 0d 06 03 55 1d 0e 04 06 04 04 01 02 03 04 30 0f |...U..........0.| -00000160 06 03 55 1d 23 04 08 30 06 80 04 01 02 03 04 30 |..U.#..0.......0| -00000170 0b 06 09 2a 86 48 86 f7 0d 01 01 05 03 81 81 00 |...*.H..........| -00000180 36 1f b3 7a 0c 75 c9 6e 37 46 61 2b d5 bd c0 a7 |6..z.u.n7Fa+....| -00000190 4b cc 46 9a 81 58 7c 85 79 29 c8 c8 c6 67 dd 32 |K.F..X|.y)...g.2| -000001a0 56 45 2b 75 b6 e9 24 a9 50 9a be 1f 5a fa 1a 15 |VE+u..$.P...Z...| -000001b0 d9 cc 55 95 72 16 83 b9 c2 b6 8f fd 88 8c 38 84 |..U.r.........8.| -000001c0 1d ab 5d 92 31 13 4f fd 83 3b c6 9d f1 11 62 b6 |..].1.O..;....b.| -000001d0 8b ec ab 67 be c8 64 b0 11 50 46 58 17 6b 99 1c |...g..d..PFX.k..| -000001e0 d3 1d fc 06 f1 0e e5 96 a8 0c f9 78 20 b7 44 18 |...........x .D.| -000001f0 51 8d 10 7e 4f 94 67 df a3 4e 70 73 8e 90 91 85 |Q..~O.g..Nps....| -00000200 16 03 01 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 |...........mQ...| -00000210 3e fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c |>.u.A6..j.*.%.gL| -00000220 8e 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 |.b/0......+.#...| -00000230 1d f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 |..;...'..$...[.f| -00000240 0d 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be |.j.....C........| -00000250 c8 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce |..9L.....K.../..| -00000260 e6 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 |..w.o#......:..V| -00000270 f1 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 |..T^F..;3..(....| -00000280 35 d4 1c 43 d1 30 6f 55 4e 0a 70 16 03 01 00 86 |5..C.0oUN.p.....| -00000290 0f 00 00 82 00 80 0f 4c d2 b2 f0 94 6d 61 d1 2c |.......L....ma.,| -000002a0 db 6f 79 03 bd 40 b2 d2 1d 61 ef 83 1b 4a 0c 7b |.oy..@...a...J.{| -000002b0 c5 73 1e 1a 81 e7 67 0a d6 aa 2d 04 04 cc 0e 4b |.s....g...-....K| -000002c0 2e da 96 7f 15 6c 05 ee c4 53 7e 33 89 28 7d db |.....l...S~3.(}.| -000002d0 a1 77 43 ba a3 51 a9 1c b9 f5 ec 9a 8d eb 2c 46 |.wC..Q........,F| -000002e0 5c 33 59 6b 16 af de f4 9b 80 76 a3 22 30 5d bb |\3Yk......v."0].| -000002f0 02 b9 77 96 8a db 36 9f 54 95 00 d8 58 e1 aa 04 |..w...6.T...X...| -00000300 98 c9 0c 32 ae 62 81 12 0c f6 1b 76 c6 58 a7 8c |...2.b.....v.X..| -00000310 0e d8 b7 8e ed 0f 14 03 01 00 01 01 16 03 01 00 |................| -00000320 24 1d c0 20 02 2d da 69 54 29 8c ff af 5c 56 a8 |$.. .-.iT)...\V.| -00000330 eb d0 09 95 29 8f 52 8c e2 7b 9f 36 3e 47 a0 33 |....).R..{.6>G.3| -00000340 2e 63 a2 24 93 |.c.$.| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 24 99 e8 fb 65 f4 |..........$...e.| -00000010 95 ae 8b 71 cc 5d a4 95 a7 27 98 fd 16 3f 7a 1a |...q.]...'...?z.| -00000020 b6 bd bf 0a 58 72 77 97 1f 8e b1 dd 4b 12 12 |....Xrw.....K..| ->>> Flow 5 (client to server) -00000000 17 03 01 00 1a 42 70 c0 89 78 12 5c 91 7e 88 2d |.....Bp..x.\.~.-| -00000010 2f 8f be f2 f2 12 9d 81 ae 78 08 38 5e 6d 1b 15 |/........x.8^m..| -00000020 03 01 00 16 1a 64 b1 6f 8a ff d3 63 6a c7 b8 95 |.....d.o...cj...| -00000030 3d b0 87 bc 62 e9 88 5b 26 bd |=...b..[&.| diff --git a/ztools/ztls/testdata/Client-TLSv10-ECDHE-ECDSA-AES b/ztools/ztls/testdata/Client-TLSv10-ECDHE-ECDSA-AES deleted file mode 100644 index 30c4c6b8..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-ECDHE-ECDSA-AES +++ /dev/null @@ -1,87 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 59 02 00 00 55 03 01 53 04 f1 02 b2 |....Y...U..S....| -00000010 e0 f6 f6 b5 c9 5b 28 d0 5d 58 1b 6f 4e 2b 9d 05 |.....[(.]X.oN+..| -00000020 2a b9 b4 da 45 cf f3 10 b2 23 44 20 f8 4d 59 05 |*...E....#D .MY.| -00000030 ad 27 f2 a0 ee 7f ec cc 20 dc e7 a2 1b 07 b3 a5 |.'...... .......| -00000040 37 7e 61 3d d6 5c 03 cf cc f5 9b ca c0 09 00 00 |7~a=.\..........| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 01 00 d5 0c 00 00 d1 03 00 17 41 04 da |*............A..| -00000280 5a fd 09 e5 d6 c0 70 41 5e 3a 87 eb df 0c ad 90 |Z.....pA^:......| -00000290 22 8a 2f 90 81 0c 24 00 68 92 f3 d5 95 2f 93 43 |"./...$.h..../.C| -000002a0 e9 58 2d 18 28 62 ee 33 5b 21 2e 49 87 21 4d 32 |.X-.(b.3[!.I.!M2| -000002b0 32 19 b3 ba fe 2d 9a 85 12 0e a1 77 08 06 75 00 |2....-.....w..u.| -000002c0 8a 30 81 87 02 42 01 91 14 fc 68 74 95 10 4b d4 |.0...B....ht..K.| -000002d0 67 60 12 46 bb b0 f6 98 77 a3 41 b8 01 5c 49 54 |g`.F....w.A..\IT| -000002e0 9e 3e 81 e7 97 a3 b9 73 6e 15 74 67 be e5 d9 eb |.>.....sn.tg....| -000002f0 8b 87 c5 22 ab ab 58 28 4f d1 b6 80 94 1b f5 f7 |..."..X(O.......| -00000300 12 43 ef 0a c7 3e 1a 76 02 41 7a 00 49 cb 9f 3b |.C...>.v.Az.I..;| -00000310 91 6e 38 58 0a d3 d0 d1 ee 67 f0 b6 5d cd fa 23 |.n8X.....g..]..#| -00000320 b6 98 43 af 9c 71 90 1e 1d 50 a2 6e 61 5b f2 92 |..C..q...P.na[..| -00000330 b4 69 73 f2 3b 54 bf 1c 9d 05 19 97 e4 4e 41 9e |.is.;T.......NA.| -00000340 f2 9a 76 77 9a 86 43 1f 1f 30 a2 16 03 01 00 04 |..vw..C..0......| -00000350 0e 00 00 00 |....| ->>> Flow 3 (client to server) -00000000 16 03 01 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 01 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 01 00 30 88 60 65 b2 d7 51 1f ad 96 56 |.....0.`e..Q...V| -00000060 4e 0a 20 eb b5 b0 1a dd 4c f6 1a cf d4 5c 47 c4 |N. .....L....\G.| -00000070 9c 7c a0 36 dd d1 1b 96 91 99 c0 a7 2d 9a 7c 42 |.|.6........-.|B| -00000080 51 d1 de 87 2b a4 |Q...+.| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 30 86 6c b5 94 69 |..........0.l..i| -00000010 2e e0 55 a2 4d a8 63 f2 5b 1f ae 34 21 c8 21 6a |..U.M.c.[..4!.!j| -00000020 00 b6 56 ed 4e 2a b0 ff 01 2f da ce a1 c0 41 03 |..V.N*.../....A.| -00000030 a9 1b 6e 2e e1 88 50 ba 62 14 88 |..n...P.b..| ->>> Flow 5 (client to server) -00000000 17 03 01 00 20 a6 63 0a 2f a5 dc e1 fb cb 7b 1f |.... .c./.....{.| -00000010 f2 da 74 c3 ff e9 f5 8b 9c 5f 0c d3 f7 1f 44 e6 |..t......_....D.| -00000020 90 13 5c 48 50 17 03 01 00 20 c7 75 b5 ff bc 09 |..\HP.... .u....| -00000030 34 f2 45 db 0d 22 08 8e f1 35 cd b6 0f b0 eb 2a |4.E.."...5.....*| -00000040 b7 1a d0 8e 14 a4 54 84 f9 dc 15 03 01 00 20 e0 |......T....... .| -00000050 36 3d aa b3 a9 b4 20 23 ca 9e 8c 5d fc a8 c8 b7 |6=.... #...]....| -00000060 f5 c2 b6 d0 5a e2 ce a5 7b 68 a0 48 86 95 6a |....Z...{h.H..j| diff --git a/ztools/ztls/testdata/Client-TLSv10-ECDHE-RSA-AES b/ztools/ztls/testdata/Client-TLSv10-ECDHE-RSA-AES deleted file mode 100644 index 868f0ceb..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-ECDHE-RSA-AES +++ /dev/null @@ -1,97 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 59 02 00 00 55 03 01 53 04 f1 02 21 |....Y...U..S...!| -00000010 67 b5 2b 34 fb 62 d7 36 4f cf 68 2e 29 39 d0 28 |g.+4.b.6O.h.)9.(| -00000020 3a 02 32 82 8f 95 de 62 d6 03 77 20 e6 98 56 cd |:.2....b..w ..V.| -00000030 96 24 d1 b9 4d eb 51 19 bb b7 71 f4 9c 29 32 d4 |.$..M.Q...q..)2.| -00000040 e5 c6 0a 54 e0 4a 20 29 3e bd 06 0d c0 13 00 00 |...T.J )>.......| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 01 02 be 0b 00 02 ba 00 02 b7 00 02 b4 30 82 02 |.............0..| -00000070 b0 30 82 02 19 a0 03 02 01 02 02 09 00 85 b0 bb |.0..............| -00000080 a4 8a 7f b8 ca 30 0d 06 09 2a 86 48 86 f7 0d 01 |.....0...*.H....| -00000090 01 05 05 00 30 45 31 0b 30 09 06 03 55 04 06 13 |....0E1.0...U...| -000000a0 02 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f |.AU1.0...U....So| -000000b0 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 |me-State1!0...U.| -000000c0 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 |...Internet Widg| -000000d0 69 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d 31 |its Pty Ltd0...1| -000000e0 30 30 34 32 34 30 39 30 39 33 38 5a 17 0d 31 31 |00424090938Z..11| -000000f0 30 34 32 34 30 39 30 39 33 38 5a 30 45 31 0b 30 |0424090938Z0E1.0| -00000100 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -00000110 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -00000120 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -00000130 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -00000140 74 64 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 |td0..0...*.H....| -00000150 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 bb |........0.......| -00000160 79 d6 f5 17 b5 e5 bf 46 10 d0 dc 69 be e6 2b 07 |y......F...i..+.| -00000170 43 5a d0 03 2d 8a 7a 43 85 b7 14 52 e7 a5 65 4c |CZ..-.zC...R..eL| -00000180 2c 78 b8 23 8c b5 b4 82 e5 de 1f 95 3b 7e 62 a5 |,x.#........;~b.| -00000190 2c a5 33 d6 fe 12 5c 7a 56 fc f5 06 bf fa 58 7b |,.3...\zV.....X{| -000001a0 26 3f b5 cd 04 d3 d0 c9 21 96 4a c7 f4 54 9f 5a |&?......!.J..T.Z| -000001b0 bf ef 42 71 00 fe 18 99 07 7f 7e 88 7d 7d f1 04 |..Bq......~.}}..| -000001c0 39 c4 a2 2e db 51 c9 7c e3 c0 4c 3b 32 66 01 cf |9....Q.|..L;2f..| -000001d0 af b1 1d b8 71 9a 1d db db 89 6b ae da 2d 79 02 |....q.....k..-y.| -000001e0 03 01 00 01 a3 81 a7 30 81 a4 30 1d 06 03 55 1d |.......0..0...U.| -000001f0 0e 04 16 04 14 b1 ad e2 85 5a cf cb 28 db 69 ce |.........Z..(.i.| -00000200 23 69 de d3 26 8e 18 88 39 30 75 06 03 55 1d 23 |#i..&...90u..U.#| -00000210 04 6e 30 6c 80 14 b1 ad e2 85 5a cf cb 28 db 69 |.n0l......Z..(.i| -00000220 ce 23 69 de d3 26 8e 18 88 39 a1 49 a4 47 30 45 |.#i..&...9.I.G0E| -00000230 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 |1.0...U....AU1.0| -00000240 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 |...U....Some-Sta| -00000250 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 |te1!0...U....Int| -00000260 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 |ernet Widgits Pt| -00000270 79 20 4c 74 64 82 09 00 85 b0 bb a4 8a 7f b8 ca |y Ltd...........| -00000280 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d |0...U....0....0.| -00000290 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 |..*.H...........| -000002a0 00 08 6c 45 24 c7 6b b1 59 ab 0c 52 cc f2 b0 14 |..lE$.k.Y..R....| -000002b0 d7 87 9d 7a 64 75 b5 5a 95 66 e4 c5 2b 8e ae 12 |...zdu.Z.f..+...| -000002c0 66 1f eb 4f 38 b3 6e 60 d3 92 fd f7 41 08 b5 25 |f..O8.n`....A..%| -000002d0 13 b1 18 7a 24 fb 30 1d ba ed 98 b9 17 ec e7 d7 |...z$.0.........| -000002e0 31 59 db 95 d3 1d 78 ea 50 56 5c d5 82 5a 2d 5a |1Y....x.PV\..Z-Z| -000002f0 5f 33 c4 b6 d8 c9 75 90 96 8c 0f 52 98 b5 cd 98 |_3....u....R....| -00000300 1f 89 20 5f f2 a0 1c a3 1b 96 94 dd a9 fd 57 e9 |.. _..........W.| -00000310 70 e8 26 6d 71 99 9b 26 6e 38 50 29 6c 90 a7 bd |p.&mq..&n8P)l...| -00000320 d9 16 03 01 00 cb 0c 00 00 c7 03 00 17 41 04 05 |.............A..| -00000330 45 33 f8 4b e9 96 0e 4a fd ec 54 76 21 9b 24 8a |E3.K...J..Tv!.$.| -00000340 75 0b 80 84 c7 30 2b 22 f0 85 57 a4 a9 79 d6 f6 |u....0+"..W..y..| -00000350 6d 80 b0 71 d9 66 c9 6c dd 76 fc 32 d0 c6 bc 52 |m..q.f.l.v.2...R| -00000360 2f f1 c9 62 17 53 76 ec be a6 1c 93 f2 b4 5d 00 |/..b.Sv.......].| -00000370 80 72 d9 20 52 70 7c 03 b1 33 fa 51 23 cd 05 97 |.r. Rp|..3.Q#...| -00000380 6f d6 89 2f 8d 2e 3a 17 32 eb f2 ff 6b 39 70 5e |o../..:.2...k9p^| -00000390 21 41 8d 69 02 c8 9a 17 19 e4 48 9b 51 c3 7f 9b |!A.i......H.Q...| -000003a0 8d 4a 83 97 07 0e 30 f1 8b 6b e9 92 12 01 d6 96 |.J....0..k......| -000003b0 f2 1a a2 10 7f 59 87 16 1a fb 55 67 68 fc 78 c6 |.....Y....Ugh.x.| -000003c0 57 ac 05 dd f3 6f 77 84 eb ae b0 33 2d 19 2c ba |W....ow....3-.,.| -000003d0 b8 ae 9f 95 69 85 95 45 5e 37 f4 17 17 9b 03 c1 |....i..E^7......| -000003e0 50 b1 36 42 bd 60 5c 8b d8 b6 f3 c8 34 c8 9d 9d |P.6B.`\.....4...| -000003f0 75 16 03 01 00 04 0e 00 00 00 |u.........| ->>> Flow 3 (client to server) -00000000 16 03 01 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 01 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 01 00 30 ca d1 1b 08 27 9b 44 e7 e9 b4 |.....0....'.D...| -00000060 90 16 4d 30 4e 65 5c 0d 47 ba 46 86 cf c9 80 e7 |..M0Ne\.G.F.....| -00000070 64 31 f5 a1 9e dc 39 15 d3 be 16 4f c7 90 b6 62 |d1....9....O...b| -00000080 5d 6d 7f 41 4e 3e |]m.AN>| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 30 98 81 24 8e cd |..........0..$..| -00000010 b6 48 2f 80 de 8e 24 3c cd 02 67 80 34 97 d7 92 |.H/...$<..g.4...| -00000020 78 c2 44 3d 5d 05 eb 88 76 79 46 7a c3 fa ca 73 |x.D=]...vyFz...s| -00000030 45 82 ad c1 81 00 ca 40 c1 2f 13 |E......@./.| ->>> Flow 5 (client to server) -00000000 17 03 01 00 20 ee 19 59 67 67 a9 8b db 99 87 50 |.... ..Ygg.....P| -00000010 01 e2 02 c1 d5 6d 36 79 af aa ec 1b 80 0e b6 5e |.....m6y.......^| -00000020 5f fa 03 01 cc 17 03 01 00 20 ec e2 04 b7 3b a5 |_........ ....;.| -00000030 f2 e0 13 1f 17 48 e7 6e d3 eb f0 fa 36 ef 6e 2e |.....H.n....6.n.| -00000040 fb ea c8 39 c4 5f 4b 28 d4 50 15 03 01 00 20 c7 |...9._K(.P.... .| -00000050 45 ff fb c7 07 0c d8 0e 35 a3 c5 31 47 b7 03 0e |E.......5..1G...| -00000060 14 c8 29 fd 53 70 5f 15 ac d2 1c 4c 69 fb d6 |..).Sp_....Li..| diff --git a/ztools/ztls/testdata/Client-TLSv10-RSA-RC4 b/ztools/ztls/testdata/Client-TLSv10-RSA-RC4 deleted file mode 100644 index 395d53bb..00000000 --- a/ztools/ztls/testdata/Client-TLSv10-RSA-RC4 +++ /dev/null @@ -1,83 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 51 02 00 00 4d 03 01 53 04 f1 02 76 |....Q...M..S...v| -00000010 e8 45 7f 57 f3 42 4b 33 0b 06 fa a6 fa c4 3d 84 |.E.W.BK3......=.| -00000020 5a 45 dc 93 41 a5 8d 79 6e 8f 11 20 e7 c6 29 2b |ZE..A..yn.. ..)+| -00000030 ff 4a 6e 63 67 a6 10 cb 49 19 46 1e 5e 0a d5 70 |.Jncg...I.F.^..p| -00000040 96 88 9a 32 48 ef c3 4a 45 4c 6d e0 00 05 00 00 |...2H..JELm.....| -00000050 05 ff 01 00 01 00 16 03 01 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 01 00 04 0e 00 |n8P)l...........| -00000320 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 01 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 |...........mQ...| -00000010 3e fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c |>.u.A6..j.*.%.gL| -00000020 8e 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 |.b/0......+.#...| -00000030 1d f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 |..;...'..$...[.f| -00000040 0d 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be |.j.....C........| -00000050 c8 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce |..9L.....K.../..| -00000060 e6 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 |..w.o#......:..V| -00000070 f1 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 |..T^F..;3..(....| -00000080 35 d4 1c 43 d1 30 6f 55 4e 0a 70 14 03 01 00 01 |5..C.0oUN.p.....| -00000090 01 16 03 01 00 24 cd c0 68 dc 2e 69 cc c7 5b c5 |.....$..h..i..[.| -000000a0 3f bd 40 cf a0 0f 41 34 ce 16 37 10 26 c8 3f d1 |?.@...A4..7.&.?.| -000000b0 46 3b ad 7b b0 31 f3 c5 36 e7 |F;.{.1..6.| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 24 ea 77 6f 3c 42 |..........$.wo....]| ->>> Flow 5 (client to server) -00000000 17 03 01 00 1a 9e ae ca 55 df c4 d9 47 04 55 dd |........U...G.U.| -00000010 3b 33 e1 a6 16 6f a1 94 b1 9b 4d 0d cb 6c 3b 15 |;3...o....M..l;.| -00000020 03 01 00 16 92 5d 76 07 e9 b7 31 29 09 c5 b1 09 |.....]v...1)....| -00000030 2d 64 3d 85 8d f1 d1 40 54 b8 |-d=....@T.| diff --git a/ztools/ztls/testdata/Client-TLSv11-ECDHE-ECDSA-AES b/ztools/ztls/testdata/Client-TLSv11-ECDHE-ECDSA-AES deleted file mode 100644 index 9f941f8e..00000000 --- a/ztools/ztls/testdata/Client-TLSv11-ECDHE-ECDSA-AES +++ /dev/null @@ -1,89 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 02 00 59 02 00 00 55 03 02 53 04 f1 02 1c |....Y...U..S....| -00000010 d1 1c 6a 5f 7a 5c 26 69 92 cd ee c3 57 ed 96 90 |..j_z\&i....W...| -00000020 e3 c5 f1 ee 8b ee 99 5f 46 2c e6 20 c8 50 6a a4 |......._F,. .Pj.| -00000030 4b 93 e6 da ba 6d d4 87 f6 75 a8 9d 44 db b5 43 |K....m...u..D..C| -00000040 df 12 57 de a4 f1 bc fb b8 7a 3f 6a c0 09 00 00 |..W......z?j....| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 02 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 02 00 d4 0c 00 00 d0 03 00 17 41 04 7b |*............A.{| -00000280 c4 00 37 35 51 de c3 f2 a4 95 2c 19 21 3e a6 94 |..75Q.....,.!>..| -00000290 7b fd 04 d7 b7 1c 56 e6 af 3c ee 36 cb 55 e6 f0 |{.....V..<.6.U..| -000002a0 e6 24 34 6b 8a 02 66 71 f9 e2 f5 a6 c9 d7 6c dc |.$4k..fq......l.| -000002b0 65 59 ff 1c c9 ec a9 8b 07 d6 52 2c 01 3c c3 00 |eY........R,.<..| -000002c0 89 30 81 86 02 41 74 89 1a 31 72 e6 8b c0 4a ce |.0...At..1r...J.| -000002d0 8f 5a 49 a7 52 2d 6d b9 8b 50 17 62 2a 99 d6 3b |.ZI.R-m..P.b*..;| -000002e0 02 85 41 4d 34 53 b5 09 bd e3 ac 16 c1 9b e9 83 |..AM4S..........| -000002f0 cc 83 e3 9c 23 34 67 71 72 d4 05 a2 34 f7 08 29 |....#4gqr...4..)| -00000300 62 43 2e cc bc 08 01 02 41 59 de 5a d0 dd d7 6b |bC......AY.Z...k| -00000310 db 9c 35 29 79 f8 96 91 56 74 1f 18 7b ee 25 83 |..5)y...Vt..{.%.| -00000320 f2 37 0e 77 ab 38 fb 5e 04 0b 09 d9 b4 1f 3f be |.7.w.8.^......?.| -00000330 2e e3 60 e3 96 f3 29 c1 6d 8f 56 1b fd 62 14 48 |..`...).m.V..b.H| -00000340 e3 d9 2a ea 2f be 93 d0 8b 31 16 03 02 00 04 0e |..*./....1......| -00000350 00 00 00 |...| ->>> Flow 3 (client to server) -00000000 16 03 02 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 02 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 02 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 b6 98 a2 a9 48 34 12 6b 0a 94 |..........H4.k..| -00000070 89 fc 38 04 63 5a 6f 63 36 3e d9 35 12 64 8c 28 |..8.cZoc6>.5.d.(| -00000080 99 a6 cf 2e 57 e3 14 6d 0a 8a ab f0 a6 58 37 7c |....W..m.....X7|| -00000090 96 04 d3 71 bc d4 |...q..| ->>> Flow 4 (server to client) -00000000 14 03 02 00 01 01 16 03 02 00 40 c5 01 c9 0a b0 |..........@.....| -00000010 d8 ca 5e c1 19 dc 37 6c 2e a0 b3 11 a8 87 65 5a |..^...7l......eZ| -00000020 09 41 b9 fe 53 c4 c9 76 97 6d 7f ac c0 be d2 07 |.A..S..v.m......| -00000030 84 e5 5b 78 37 34 ee da 3b cb 3e 82 52 79 91 44 |..[x74..;.>.Ry.D| -00000040 b4 e4 1c ec 3a c0 c0 9d cd ff 13 |....:......| ->>> Flow 5 (client to server) -00000000 17 03 02 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 46 60 13 39 2b 2f 72 95 ed 0e aa |.....F`.9+/r....| -00000020 69 6e b4 64 3e 83 43 d0 f9 7f 37 7c 1d b9 ce 11 |in.d>.C...7|....| -00000030 d9 41 66 60 6d 15 03 02 00 30 00 00 00 00 00 00 |.Af`m....0......| -00000040 00 00 00 00 00 00 00 00 00 00 b1 26 d0 5d 08 98 |...........&.]..| -00000050 eb 28 42 74 31 58 42 95 c5 ad 1a 92 0a f5 5f ed |.(Bt1XB......._.| -00000060 45 98 e0 90 e5 a3 b6 8b 8d 18 |E.........| diff --git a/ztools/ztls/testdata/Client-TLSv11-ECDHE-RSA-AES b/ztools/ztls/testdata/Client-TLSv11-ECDHE-RSA-AES deleted file mode 100644 index fc723396..00000000 --- a/ztools/ztls/testdata/Client-TLSv11-ECDHE-RSA-AES +++ /dev/null @@ -1,99 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 02 00 59 02 00 00 55 03 02 53 04 f1 02 fe |....Y...U..S....| -00000010 17 8b 79 ad 93 2e d3 89 66 9b 5d 9b b4 03 3e ba |..y.....f.]...>.| -00000020 65 2a f1 55 f9 3c 33 de 2c a7 47 20 fa 4f 82 11 |e*.U.<3.,.G .O..| -00000030 96 81 d0 70 2e 65 b3 68 2e 3a 6d d7 6c 74 22 33 |...p.e.h.:m.lt"3| -00000040 d4 ae 6c aa c8 f0 c7 20 8b 10 21 e7 c0 13 00 00 |..l.... ..!.....| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 02 02 be 0b 00 02 ba 00 02 b7 00 02 b4 30 82 02 |.............0..| -00000070 b0 30 82 02 19 a0 03 02 01 02 02 09 00 85 b0 bb |.0..............| -00000080 a4 8a 7f b8 ca 30 0d 06 09 2a 86 48 86 f7 0d 01 |.....0...*.H....| -00000090 01 05 05 00 30 45 31 0b 30 09 06 03 55 04 06 13 |....0E1.0...U...| -000000a0 02 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f |.AU1.0...U....So| -000000b0 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 |me-State1!0...U.| -000000c0 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 |...Internet Widg| -000000d0 69 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d 31 |its Pty Ltd0...1| -000000e0 30 30 34 32 34 30 39 30 39 33 38 5a 17 0d 31 31 |00424090938Z..11| -000000f0 30 34 32 34 30 39 30 39 33 38 5a 30 45 31 0b 30 |0424090938Z0E1.0| -00000100 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -00000110 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -00000120 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -00000130 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -00000140 74 64 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 |td0..0...*.H....| -00000150 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 bb |........0.......| -00000160 79 d6 f5 17 b5 e5 bf 46 10 d0 dc 69 be e6 2b 07 |y......F...i..+.| -00000170 43 5a d0 03 2d 8a 7a 43 85 b7 14 52 e7 a5 65 4c |CZ..-.zC...R..eL| -00000180 2c 78 b8 23 8c b5 b4 82 e5 de 1f 95 3b 7e 62 a5 |,x.#........;~b.| -00000190 2c a5 33 d6 fe 12 5c 7a 56 fc f5 06 bf fa 58 7b |,.3...\zV.....X{| -000001a0 26 3f b5 cd 04 d3 d0 c9 21 96 4a c7 f4 54 9f 5a |&?......!.J..T.Z| -000001b0 bf ef 42 71 00 fe 18 99 07 7f 7e 88 7d 7d f1 04 |..Bq......~.}}..| -000001c0 39 c4 a2 2e db 51 c9 7c e3 c0 4c 3b 32 66 01 cf |9....Q.|..L;2f..| -000001d0 af b1 1d b8 71 9a 1d db db 89 6b ae da 2d 79 02 |....q.....k..-y.| -000001e0 03 01 00 01 a3 81 a7 30 81 a4 30 1d 06 03 55 1d |.......0..0...U.| -000001f0 0e 04 16 04 14 b1 ad e2 85 5a cf cb 28 db 69 ce |.........Z..(.i.| -00000200 23 69 de d3 26 8e 18 88 39 30 75 06 03 55 1d 23 |#i..&...90u..U.#| -00000210 04 6e 30 6c 80 14 b1 ad e2 85 5a cf cb 28 db 69 |.n0l......Z..(.i| -00000220 ce 23 69 de d3 26 8e 18 88 39 a1 49 a4 47 30 45 |.#i..&...9.I.G0E| -00000230 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 |1.0...U....AU1.0| -00000240 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 |...U....Some-Sta| -00000250 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 |te1!0...U....Int| -00000260 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 |ernet Widgits Pt| -00000270 79 20 4c 74 64 82 09 00 85 b0 bb a4 8a 7f b8 ca |y Ltd...........| -00000280 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d |0...U....0....0.| -00000290 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 |..*.H...........| -000002a0 00 08 6c 45 24 c7 6b b1 59 ab 0c 52 cc f2 b0 14 |..lE$.k.Y..R....| -000002b0 d7 87 9d 7a 64 75 b5 5a 95 66 e4 c5 2b 8e ae 12 |...zdu.Z.f..+...| -000002c0 66 1f eb 4f 38 b3 6e 60 d3 92 fd f7 41 08 b5 25 |f..O8.n`....A..%| -000002d0 13 b1 18 7a 24 fb 30 1d ba ed 98 b9 17 ec e7 d7 |...z$.0.........| -000002e0 31 59 db 95 d3 1d 78 ea 50 56 5c d5 82 5a 2d 5a |1Y....x.PV\..Z-Z| -000002f0 5f 33 c4 b6 d8 c9 75 90 96 8c 0f 52 98 b5 cd 98 |_3....u....R....| -00000300 1f 89 20 5f f2 a0 1c a3 1b 96 94 dd a9 fd 57 e9 |.. _..........W.| -00000310 70 e8 26 6d 71 99 9b 26 6e 38 50 29 6c 90 a7 bd |p.&mq..&n8P)l...| -00000320 d9 16 03 02 00 cb 0c 00 00 c7 03 00 17 41 04 26 |.............A.&| -00000330 56 18 02 e5 66 d4 aa 24 7e ae 39 e5 ca 78 6c c1 |V...f..$~.9..xl.| -00000340 90 02 c3 c4 ad 79 2c 47 a8 bf 54 e2 8a 22 b6 ef |.....y,G..T.."..| -00000350 99 d4 7a 7f 8f 78 6a 78 4e 14 2a 16 0d bb 54 38 |..z..xjxN.*...T8| -00000360 59 1f 7a 53 1b c7 73 10 89 4b de c3 66 39 7a 00 |Y.zS..s..K..f9z.| -00000370 80 3a 88 38 c8 15 07 ab 2f 0f 0d cb 19 07 84 ac |.:.8..../.......| -00000380 24 fd 8b d2 9d 05 45 c6 11 c3 d6 84 58 95 5a 08 |$.....E.....X.Z.| -00000390 b9 a4 2c c0 41 4e 34 e0 b2 24 98 94 b7 67 27 50 |..,.AN4..$...g'P| -000003a0 ba 82 35 28 a9 bf 16 ee e3 7b 49 9c 4c 81 80 69 |..5(.....{I.L..i| -000003b0 d7 aa ed 46 ea 9a 68 c4 97 b7 11 d4 35 91 74 5e |...F..h.....5.t^| -000003c0 54 10 34 83 cd c4 06 18 49 7d 7a 28 c9 53 06 73 |T.4.....I}z(.S.s| -000003d0 00 7b 04 b6 d8 36 a7 4b 67 7f 81 30 94 de 40 4d |.{...6.Kg..0..@M| -000003e0 18 f8 c4 b7 02 00 44 8e bc 72 06 24 53 15 74 72 |......D..r.$S.tr| -000003f0 8d 16 03 02 00 04 0e 00 00 00 |..........| ->>> Flow 3 (client to server) -00000000 16 03 02 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 02 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 02 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 8a 87 81 38 35 c0 4c bb f8 12 |.........85.L...| -00000070 fa 75 04 cd 1e 3a 61 96 93 c8 fb 07 d1 6d b4 55 |.u...:a......m.U| -00000080 0f b5 0f 07 35 0a 96 ce 5c 6f 24 62 d3 68 e4 b0 |....5...\o$b.h..| -00000090 5d be 81 37 c2 9c |]..7..| ->>> Flow 4 (server to client) -00000000 14 03 02 00 01 01 16 03 02 00 40 66 36 8d f8 8c |..........@f6...| -00000010 7f db 38 e8 39 df f8 2f cb 88 9c 14 d9 89 10 b4 |..8.9../........| -00000020 be 59 88 d7 f3 73 62 af a3 42 66 6e 74 38 64 9f |.Y...sb..Bfnt8d.| -00000030 16 79 09 d7 14 7e 91 8a 70 73 63 28 30 58 fe cc |.y...~..psc(0X..| -00000040 42 45 d6 37 fb 9e 8c c1 01 af 34 |BE.7......4| ->>> Flow 5 (client to server) -00000000 17 03 02 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 31 0b e3 9d 2a 05 83 19 7d 10 36 |.....1...*...}.6| -00000020 23 dc da fe 00 ab d3 aa 8f ce 28 5f 08 fd b7 59 |#.........(_...Y| -00000030 1e 00 2e 25 5a 15 03 02 00 30 00 00 00 00 00 00 |...%Z....0......| -00000040 00 00 00 00 00 00 00 00 00 00 10 91 fd fa 59 07 |..............Y.| -00000050 df 2c 92 25 15 7b 7c 83 44 89 0d 4f 65 43 99 2e |.,.%.{|.D..OeC..| -00000060 41 5d 51 c9 09 89 ed 02 08 bc |A]Q.......| diff --git a/ztools/ztls/testdata/Client-TLSv11-RSA-RC4 b/ztools/ztls/testdata/Client-TLSv11-RSA-RC4 deleted file mode 100644 index f7be3f7e..00000000 --- a/ztools/ztls/testdata/Client-TLSv11-RSA-RC4 +++ /dev/null @@ -1,83 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 02 00 51 02 00 00 4d 03 02 53 04 f1 02 d4 |....Q...M..S....| -00000010 69 65 aa 96 3d 42 96 eb 9e 7d 8a 18 af 4c 7c 5d |ie..=B...}...L|]| -00000020 fb 97 5f da 94 62 13 69 1f 66 06 20 aa 52 e3 08 |.._..b.i.f. .R..| -00000030 35 0a 87 d5 ef 93 49 ab 1a 74 dd 90 bd 69 70 d1 |5.....I..t...ip.| -00000040 e9 f1 44 17 3a dc 33 98 f5 e5 ab 93 00 05 00 00 |..D.:.3.........| -00000050 05 ff 01 00 01 00 16 03 02 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 02 00 04 0e 00 |n8P)l...........| -00000320 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 02 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 |...........mQ...| -00000010 3e fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c |>.u.A6..j.*.%.gL| -00000020 8e 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 |.b/0......+.#...| -00000030 1d f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 |..;...'..$...[.f| -00000040 0d 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be |.j.....C........| -00000050 c8 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce |..9L.....K.../..| -00000060 e6 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 |..w.o#......:..V| -00000070 f1 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 |..T^F..;3..(....| -00000080 35 d4 1c 43 d1 30 6f 55 4e 0a 70 14 03 02 00 01 |5..C.0oUN.p.....| -00000090 01 16 03 02 00 24 07 9f dc df 2d c3 a6 88 06 28 |.....$....-....(| -000000a0 21 e0 e0 d3 31 99 fc 89 b8 82 6e 95 f4 4b 9e e2 |!...1.....n..K..| -000000b0 d9 36 5c 14 ce d7 db e2 78 4e |.6\.....xN| ->>> Flow 4 (server to client) -00000000 14 03 02 00 01 01 16 03 02 00 24 81 72 75 80 d4 |..........$.ru..| -00000010 1b 1a 32 00 89 bf 9e 79 30 b9 6b 67 e0 8e c7 eb |..2....y0.kg....| -00000020 73 f2 e4 93 51 65 9b 5f 91 b1 b4 b1 f7 44 76 |s...Qe._.....Dv| ->>> Flow 5 (client to server) -00000000 17 03 02 00 1a b2 91 39 63 c0 38 3c 4d 25 fd 14 |.......9c.8>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 59 02 00 00 55 03 03 53 04 f1 03 6f |....Y...U..S...o| -00000010 c6 4b 55 27 fe e8 fe 4d 7c 0e d4 20 98 b8 7c 81 |.KU'...M|.. ..|.| -00000020 3d 31 f8 35 66 2f 0a 0b f1 2c e3 20 86 4d 12 32 |=1.5f/...,. .M.2| -00000030 73 e3 ba be 25 50 a4 a2 a1 7b f1 9a 76 7a 75 fb |s...%P...{..vzu.| -00000040 e2 64 a2 12 ec f3 e7 9d 9a 24 6e 94 c0 09 00 00 |.d.......$n.....| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 03 00 d7 0c 00 00 d3 03 00 17 41 04 a3 |*............A..| -00000280 03 8c de d2 b0 68 c8 25 0e 85 ea d7 ae 13 0d 79 |.....h.%.......y| -00000290 ec 59 0d b5 4d 51 96 d9 7f 64 36 fb 4c d5 6a 26 |.Y..MQ...d6.L.j&| -000002a0 ae 0e 48 61 df 5c 2b d4 ff 09 41 15 c4 14 8e 1b |..Ha.\+...A.....| -000002b0 84 a8 c8 cd ef 10 97 95 66 67 85 dd fd dc 2a 04 |........fg....*.| -000002c0 03 00 8a 30 81 87 02 41 11 75 5d bc bd 08 28 d4 |...0...A.u]...(.| -000002d0 5b 1b 45 7f 9c d3 8d 0b 91 fa f6 82 ba 59 bd 3e |[.E..........Y.>| -000002e0 96 01 c6 1d 38 db fe 08 e7 56 89 fc 10 b0 37 6a |....8....V....7j| -000002f0 3d d6 c9 50 16 53 f7 c2 a2 60 67 82 1f 74 b8 d5 |=..P.S...`g..t..| -00000300 bc 02 ec 96 db 82 18 8c 87 02 42 01 0d df f7 b7 |..........B.....| -00000310 05 3c 8c 56 f0 1d 33 18 cf c5 4c 80 7e 0b d9 f9 |.<.V..3...L.~...| -00000320 f0 51 69 fe 5d b8 0b 64 c0 c7 0d f4 75 65 ae 07 |.Qi.]..d....ue..| -00000330 9d cf f4 4b ad 52 f6 b8 10 26 18 bd d6 e2 0d a8 |...K.R...&......| -00000340 80 10 50 34 15 cd 72 0b 7d a9 94 de 4c 16 03 03 |..P4..r.}...L...| -00000350 00 30 0d 00 00 28 03 01 02 40 00 20 06 01 06 02 |.0...(...@. ....| -00000360 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000370 03 02 03 03 02 01 02 02 02 03 01 01 00 00 0e 00 |................| -00000380 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 03 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| -00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| -00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| -00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| -00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| -00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| -00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| -00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| -00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| -00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| -000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| -000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| -000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| -000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| -000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| -000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| -00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| -00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| -00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| -00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| -00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| -00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| -00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| -00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| -00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| -00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| -000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| -000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| -000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| -000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| -000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| -000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| -00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| -00000210 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d 19 |...F...BA...7...| -00000220 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 |Q.5uq..T[....g..| -00000230 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 |$ >.V...(^.+-O..| -00000240 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 |..lK[.V.2B.X..I.| -00000250 b5 68 1a 41 03 56 6b dc 5a 89 16 03 03 00 92 0f |.h.A.Vk.Z.......| -00000260 00 00 8e 04 03 00 8a 30 81 87 02 42 00 c6 85 8e |.......0...B....| -00000270 06 b7 04 04 e9 cd 9e 3e cb 66 23 95 b4 42 9c 64 |.......>.f#..B.d| -00000280 81 39 05 3f b5 21 f8 28 af 60 6b 4d 3d ba a1 4b |.9.?.!.(.`kM=..K| -00000290 5e 77 ef e7 59 28 fe 1d c1 27 a2 ff a8 de 33 48 |^w..Y(...'....3H| -000002a0 b3 c1 85 6a 42 9b f9 7e 7e 31 c2 e5 bd 66 02 41 |...jB..~~1...f.A| -000002b0 4b 49 c6 cd 02 e3 83 f7 03 50 18 6d b4 c9 51 02 |KI.......P.m..Q.| -000002c0 c0 ab 87 bc e0 3e 4b 89 53 3a e2 65 89 97 02 c1 |.....>K.S:.e....| -000002d0 88 0d 64 db 8e 4f 73 4e ea 29 0b ed a0 f5 ce 3d |..d..OsN.).....=| -000002e0 5f cc 20 ef 0a 22 02 82 f2 14 2a b7 42 68 bd c7 |_. .."....*.Bh..| -000002f0 4d 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 |M..........@....| -00000300 00 00 00 00 00 00 00 00 00 00 00 00 f0 cc 4f c7 |..............O.| -00000310 b6 0f c9 38 4d 4b 97 2c 4f be 53 08 4c d6 5b 4e |...8MK.,O.S.L.[N| -00000320 24 70 30 81 82 3a 7f 62 95 03 4d fc 54 78 ec 13 |$p0..:.b..M.Tx..| -00000330 b2 a1 00 85 2b 04 e4 1d 7b 6e 87 60 |....+...{n.`| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 d5 2a 76 79 1c |..........@.*vy.| -00000010 e7 d5 b1 5c 65 6b d1 45 73 53 4c 05 3a 6c 5d 81 |...\ek.EsSL.:l].| -00000020 dd 2f f0 74 62 e4 8e f8 ed 21 99 c7 4f d6 28 40 |./.tb....!..O.(@| -00000030 63 d9 6d e5 b0 04 73 27 7a 1d 08 19 31 10 da ef |c.m...s'z...1...| -00000040 79 26 33 fb 45 23 be a4 7c 03 66 |y&3.E#..|.f| ->>> Flow 5 (client to server) -00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 e2 53 bd c0 ef 9e e6 44 94 ea 5d |......S.....D..]| -00000020 f5 c5 a9 4b ed eb 1c 49 9f 79 44 f9 cd d7 de 02 |...K...I.yD.....| -00000030 51 10 ae 87 7d 15 03 03 00 30 00 00 00 00 00 00 |Q...}....0......| -00000040 00 00 00 00 00 00 00 00 00 00 d3 95 13 7f 5f 58 |.............._X| -00000050 ab d6 17 ea 01 2c 2a ea 5d 7c 44 61 4a 27 97 52 |.....,*.]|DaJ'.R| -00000060 cc 9b 86 f6 37 42 2b 94 01 49 |....7B+..I| diff --git a/ztools/ztls/testdata/Client-TLSv12-ClientCert-ECDSA-RSA b/ztools/ztls/testdata/Client-TLSv12-ClientCert-ECDSA-RSA deleted file mode 100644 index c3b753a7..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ClientCert-ECDSA-RSA +++ /dev/null @@ -1,127 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 51 02 00 00 4d 03 03 53 04 f1 03 b0 |....Q...M..S....| -00000010 43 00 97 24 a7 a8 ea b2 24 fe 96 24 a1 49 64 fd |C..$....$..$.Id.| -00000020 1c a3 30 35 2d 85 a7 40 42 86 6b 20 af 27 7f ac |..05-..@B.k .'..| -00000030 8b 16 89 6c 78 b7 f5 29 02 58 a6 8b 61 43 c2 b0 |...lx..).X..aC..| -00000040 e0 a8 96 c8 fa 2b 26 ad 9a 5f 2d d6 00 05 00 00 |.....+&.._-.....| -00000050 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 30 0d 00 |n8P)l........0..| -00000320 00 28 03 01 02 40 00 20 06 01 06 02 06 03 05 01 |.(...@. ........| -00000330 05 02 05 03 04 01 04 02 04 03 03 01 03 02 03 03 |................| -00000340 02 01 02 02 02 03 01 01 00 00 0e 00 00 00 |..............| ->>> Flow 3 (client to server) -00000000 16 03 03 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| -00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| -00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| -00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| -00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| -00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| -00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| -00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| -00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| -00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| -000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| -000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| -000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| -000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| -000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| -000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| -00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| -00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| -00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| -00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| -00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| -00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| -00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| -00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| -00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| -00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| -000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| -000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| -000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| -000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| -000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| -000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| -00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| -00000210 03 03 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 3e |..........mQ...>| -00000220 fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c 8e |.u.A6..j.*.%.gL.| -00000230 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 1d |b/0......+.#....| -00000240 f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 0d |.;...'..$...[.f.| -00000250 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be c8 |j.....C.........| -00000260 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce e6 |.9L.....K.../...| -00000270 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 f1 |.w.o#......:..V.| -00000280 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 35 |.T^F..;3..(....5| -00000290 d4 1c 43 d1 30 6f 55 4e 0a 70 16 03 03 00 92 0f |..C.0oUN.p......| -000002a0 00 00 8e 04 03 00 8a 30 81 87 02 42 00 c6 85 8e |.......0...B....| -000002b0 06 b7 04 04 e9 cd 9e 3e cb 66 23 95 b4 42 9c 64 |.......>.f#..B.d| -000002c0 81 39 05 3f b5 21 f8 28 af 60 6b 4d 3d ba a1 4b |.9.?.!.(.`kM=..K| -000002d0 5e 77 ef e7 59 28 fe 1d c1 27 a2 ff a8 de 33 48 |^w..Y(...'....3H| -000002e0 b3 c1 85 6a 42 9b f9 7e 7e 31 c2 e5 bd 66 02 41 |...jB..~~1...f.A| -000002f0 4b 49 c6 cd 02 e3 83 f7 03 50 18 6d b4 c9 51 02 |KI.......P.m..Q.| -00000300 c0 ab 87 bc e0 3e 4b 89 53 3a e2 65 89 97 02 c1 |.....>K.S:.e....| -00000310 88 5a 97 82 3e 55 6b 7c d8 db b8 cc 1b 30 84 0a |.Z..>Uk|.....0..| -00000320 7a 97 71 e4 10 bb a4 39 8c 2a cf f5 88 c7 d1 95 |z.q....9.*......| -00000330 73 14 03 03 00 01 01 16 03 03 00 24 9f 1e f0 72 |s..........$...r| -00000340 92 ea dc f7 56 96 37 e4 69 db db 66 1d f6 94 c4 |....V.7.i..f....| -00000350 18 31 4f d0 5d c5 f4 53 21 aa 98 b1 dc 08 94 94 |.1O.]..S!.......| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 ee 68 c1 87 9f |..........$.h...| -00000010 d7 90 94 f1 3b 6d 26 0b 3d 89 7a 45 3b 52 5d 3c |....;m&.=.zE;R]<| -00000020 dd 7c c1 4e 57 3e a9 ee 91 be cf 2b a3 98 9d |.|.NW>.....+...| ->>> Flow 5 (client to server) -00000000 17 03 03 00 1a 88 33 3e 2b 22 6b 92 d0 bb 8a 1e |......3>+"k.....| -00000010 9b f4 9e aa 91 8b 2b 95 ea 53 c8 03 0a 93 58 15 |......+..S....X.| -00000020 03 03 00 16 c4 67 79 ba ec cf 90 b1 f9 ac ec 64 |.....gy........d| -00000030 72 01 08 8f 3a 98 aa 66 25 00 |r...:..f%.| diff --git a/ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA b/ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA deleted file mode 100644 index 0037af61..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-ECDSA +++ /dev/null @@ -1,133 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 59 02 00 00 55 03 03 53 04 f1 02 fd |....Y...U..S....| -00000010 41 bd ef ee f3 da fc 1a 31 8c 77 f2 e9 66 54 a0 |A.......1.w..fT.| -00000020 f4 15 b1 1c 84 0d 6d 74 87 ac 7d 20 78 17 8b 08 |......mt..} x...| -00000030 10 20 c9 44 e4 8a 43 af 4a c7 b8 3d 99 f2 f7 af |. .D..C.J..=....| -00000040 bb a3 21 2f 40 cc ed b6 da a8 a1 d5 c0 09 00 00 |..!/@...........| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 03 00 d8 0c 00 00 d4 03 00 17 41 04 a9 |*............A..| -00000280 19 8b d9 9b 5c 7c 6a 7d 85 d2 70 4e 89 7e 0b 5b |....\|j}..pN.~.[| -00000290 dd 5e a1 63 8d 15 bc 0b 0c 47 3d 4d e8 a7 56 88 |.^.c.....G=M..V.| -000002a0 2e f6 7f e2 4d fc ed cc 03 ed a1 2d ac ae 81 a5 |....M......-....| -000002b0 e2 6d 7f 9f a3 93 e9 10 c1 0e 48 1b f3 f4 38 04 |.m........H...8.| -000002c0 03 00 8b 30 81 88 02 42 00 87 fe 7e 63 82 14 57 |...0...B...~c..W| -000002d0 dc 7d e2 0f cc 97 2d ba 3c a7 56 4a 17 a8 09 6a |.}....-.<.VJ...j| -000002e0 28 2e f2 66 1a 3f 2d 48 2b 6f 79 a1 60 cd 5e 10 |(..f.?-H+oy.`.^.| -000002f0 0b 0a 28 f2 5f e4 3f 4f f9 c9 91 34 d9 dc bc fc |..(._.?O...4....| -00000300 98 ea 77 0b 99 f8 a2 11 c4 bd 02 42 01 a0 b0 dc |..w........B....| -00000310 db 5b c2 09 99 bd ee a0 b9 aa 31 b9 10 84 22 be |.[........1...".| -00000320 5a 63 12 5a 43 00 8e c1 33 cc 91 bb c2 70 7a 63 |Zc.ZC...3....pzc| -00000330 19 82 c0 74 48 a1 c7 3d 1f f1 6f 4a 6f 6a 8c 3f |...tH..=..oJoj.?| -00000340 28 31 a8 0c 65 19 26 62 4b 7a 7c 4b ea 1a 16 03 |(1..e.&bKz|K....| -00000350 03 00 30 0d 00 00 28 03 01 02 40 00 20 06 01 06 |..0...(...@. ...| -00000360 02 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 |................| -00000370 01 03 02 03 03 02 01 02 02 02 03 01 01 00 00 0e |................| -00000380 00 00 00 |...| ->>> Flow 3 (client to server) -00000000 16 03 03 01 fb 0b 00 01 f7 00 01 f4 00 01 f1 30 |...............0| -00000010 82 01 ed 30 82 01 58 a0 03 02 01 02 02 01 00 30 |...0..X........0| -00000020 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 26 31 10 |...*.H......0&1.| -00000030 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f |0...U....Acme Co| -00000040 31 12 30 10 06 03 55 04 03 13 09 31 32 37 2e 30 |1.0...U....127.0| -00000050 2e 30 2e 31 30 1e 17 0d 31 31 31 32 30 38 30 37 |.0.10...11120807| -00000060 35 35 31 32 5a 17 0d 31 32 31 32 30 37 30 38 30 |5512Z..121207080| -00000070 30 31 32 5a 30 26 31 10 30 0e 06 03 55 04 0a 13 |012Z0&1.0...U...| -00000080 07 41 63 6d 65 20 43 6f 31 12 30 10 06 03 55 04 |.Acme Co1.0...U.| -00000090 03 13 09 31 32 37 2e 30 2e 30 2e 31 30 81 9c 30 |...127.0.0.10..0| -000000a0 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 8c 00 |...*.H..........| -000000b0 30 81 88 02 81 80 4e d0 7b 31 e3 82 64 d9 59 c0 |0.....N.{1..d.Y.| -000000c0 c2 87 a4 5e 1e 8b 73 33 c7 63 53 df 66 92 06 84 |...^..s3.cS.f...| -000000d0 f6 64 d5 8f e4 36 a7 1d 2b e8 b3 20 36 45 23 b5 |.d...6..+.. 6E#.| -000000e0 e3 95 ae ed e0 f5 20 9c 8d 95 df 7f 5a 12 ef 87 |...... .....Z...| -000000f0 e4 5b 68 e4 e9 0e 74 ec 04 8a 7f de 93 27 c4 01 |.[h...t......'..| -00000100 19 7a bd f2 dc 3d 14 ab d0 54 ca 21 0c d0 4d 6e |.z...=...T.!..Mn| -00000110 87 2e 5c c5 d2 bb 4d 4b 4f ce b6 2c f7 7e 88 ec |..\...MKO..,.~..| -00000120 7c d7 02 91 74 a6 1e 0c 1a da e3 4a 5a 2e de 13 ||...t......JZ...| -00000130 9c 4c 40 88 59 93 02 03 01 00 01 a3 32 30 30 30 |.L@.Y.......2000| -00000140 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 00 a0 30 |...U...........0| -00000150 0d 06 03 55 1d 0e 04 06 04 04 01 02 03 04 30 0f |...U..........0.| -00000160 06 03 55 1d 23 04 08 30 06 80 04 01 02 03 04 30 |..U.#..0.......0| -00000170 0b 06 09 2a 86 48 86 f7 0d 01 01 05 03 81 81 00 |...*.H..........| -00000180 36 1f b3 7a 0c 75 c9 6e 37 46 61 2b d5 bd c0 a7 |6..z.u.n7Fa+....| -00000190 4b cc 46 9a 81 58 7c 85 79 29 c8 c8 c6 67 dd 32 |K.F..X|.y)...g.2| -000001a0 56 45 2b 75 b6 e9 24 a9 50 9a be 1f 5a fa 1a 15 |VE+u..$.P...Z...| -000001b0 d9 cc 55 95 72 16 83 b9 c2 b6 8f fd 88 8c 38 84 |..U.r.........8.| -000001c0 1d ab 5d 92 31 13 4f fd 83 3b c6 9d f1 11 62 b6 |..].1.O..;....b.| -000001d0 8b ec ab 67 be c8 64 b0 11 50 46 58 17 6b 99 1c |...g..d..PFX.k..| -000001e0 d3 1d fc 06 f1 0e e5 96 a8 0c f9 78 20 b7 44 18 |...........x .D.| -000001f0 51 8d 10 7e 4f 94 67 df a3 4e 70 73 8e 90 91 85 |Q..~O.g..Nps....| -00000200 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000210 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000220 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000230 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000240 a6 b5 68 1a 41 03 56 6b dc 5a 89 16 03 03 00 88 |..h.A.Vk.Z......| -00000250 0f 00 00 84 04 01 00 80 38 f2 16 e5 b5 86 16 62 |........8......b| -00000260 86 e1 7d 01 f1 a8 e1 f7 e7 85 b1 a0 17 ee 84 25 |..}............%| -00000270 cb 3c 46 61 1a 78 7b 1e ee 32 bc d9 6c fa 6b 76 |.>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 ee a8 82 bc 3f |..........@....?| -00000010 bf ab a6 e4 30 e0 3d f1 2f 19 a2 ac 7a 81 57 f1 |....0.=./...z.W.| -00000020 ee 67 3f 55 2b 30 fa 72 b5 10 03 ec 8d 0a 8f bb |.g?U+0.r........| -00000030 24 f5 45 f5 4e 53 4b 93 a5 0d 42 6c 46 69 98 fb |$.E.NSK...BlFi..| -00000040 63 c5 9f 95 65 d1 b6 f0 a4 15 bd |c...e......| ->>> Flow 5 (client to server) -00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 cb 4e bc d1 a9 58 ef c8 39 a9 36 |......N...X..9.6| -00000020 f4 35 05 96 8e a4 50 bc f4 15 06 f9 fd 41 6d 1e |.5....P......Am.| -00000030 5e 7c 82 63 94 15 03 03 00 30 00 00 00 00 00 00 |^|.c.....0......| -00000040 00 00 00 00 00 00 00 00 00 00 bd 77 87 a5 5a d4 |...........w..Z.| -00000050 b8 59 e6 6b 0f dd ea f9 ed 18 b2 9f a9 61 b4 3a |.Y.k.........a.:| -00000060 47 15 15 3b 83 ef e1 6d db a8 |G..;...m..| diff --git a/ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-RSA b/ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-RSA deleted file mode 100644 index df3eaa44..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ClientCert-RSA-RSA +++ /dev/null @@ -1,126 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 51 02 00 00 4d 03 03 53 04 f1 02 1d |....Q...M..S....| -00000010 0e dc 86 e5 a9 07 71 46 15 34 af 47 15 3f 03 9c |......qF.4.G.?..| -00000020 fc d6 fd 44 7c f4 f1 c7 8d 6f f8 20 28 ea 3c dc |...D|....o. (.<.| -00000030 b2 4c b7 ba 20 88 c4 db a5 73 ea 93 ab 3a 85 a6 |.L.. ....s...:..| -00000040 8f 59 49 d9 a9 31 14 d5 a6 2b 4f d1 00 05 00 00 |.YI..1...+O.....| -00000050 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 30 0d 00 |n8P)l........0..| -00000320 00 28 03 01 02 40 00 20 06 01 06 02 06 03 05 01 |.(...@. ........| -00000330 05 02 05 03 04 01 04 02 04 03 03 01 03 02 03 03 |................| -00000340 02 01 02 02 02 03 01 01 00 00 0e 00 00 00 |..............| ->>> Flow 3 (client to server) -00000000 16 03 03 01 fb 0b 00 01 f7 00 01 f4 00 01 f1 30 |...............0| -00000010 82 01 ed 30 82 01 58 a0 03 02 01 02 02 01 00 30 |...0..X........0| -00000020 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 26 31 10 |...*.H......0&1.| -00000030 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f |0...U....Acme Co| -00000040 31 12 30 10 06 03 55 04 03 13 09 31 32 37 2e 30 |1.0...U....127.0| -00000050 2e 30 2e 31 30 1e 17 0d 31 31 31 32 30 38 30 37 |.0.10...11120807| -00000060 35 35 31 32 5a 17 0d 31 32 31 32 30 37 30 38 30 |5512Z..121207080| -00000070 30 31 32 5a 30 26 31 10 30 0e 06 03 55 04 0a 13 |012Z0&1.0...U...| -00000080 07 41 63 6d 65 20 43 6f 31 12 30 10 06 03 55 04 |.Acme Co1.0...U.| -00000090 03 13 09 31 32 37 2e 30 2e 30 2e 31 30 81 9c 30 |...127.0.0.10..0| -000000a0 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 8c 00 |...*.H..........| -000000b0 30 81 88 02 81 80 4e d0 7b 31 e3 82 64 d9 59 c0 |0.....N.{1..d.Y.| -000000c0 c2 87 a4 5e 1e 8b 73 33 c7 63 53 df 66 92 06 84 |...^..s3.cS.f...| -000000d0 f6 64 d5 8f e4 36 a7 1d 2b e8 b3 20 36 45 23 b5 |.d...6..+.. 6E#.| -000000e0 e3 95 ae ed e0 f5 20 9c 8d 95 df 7f 5a 12 ef 87 |...... .....Z...| -000000f0 e4 5b 68 e4 e9 0e 74 ec 04 8a 7f de 93 27 c4 01 |.[h...t......'..| -00000100 19 7a bd f2 dc 3d 14 ab d0 54 ca 21 0c d0 4d 6e |.z...=...T.!..Mn| -00000110 87 2e 5c c5 d2 bb 4d 4b 4f ce b6 2c f7 7e 88 ec |..\...MKO..,.~..| -00000120 7c d7 02 91 74 a6 1e 0c 1a da e3 4a 5a 2e de 13 ||...t......JZ...| -00000130 9c 4c 40 88 59 93 02 03 01 00 01 a3 32 30 30 30 |.L@.Y.......2000| -00000140 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 00 a0 30 |...U...........0| -00000150 0d 06 03 55 1d 0e 04 06 04 04 01 02 03 04 30 0f |...U..........0.| -00000160 06 03 55 1d 23 04 08 30 06 80 04 01 02 03 04 30 |..U.#..0.......0| -00000170 0b 06 09 2a 86 48 86 f7 0d 01 01 05 03 81 81 00 |...*.H..........| -00000180 36 1f b3 7a 0c 75 c9 6e 37 46 61 2b d5 bd c0 a7 |6..z.u.n7Fa+....| -00000190 4b cc 46 9a 81 58 7c 85 79 29 c8 c8 c6 67 dd 32 |K.F..X|.y)...g.2| -000001a0 56 45 2b 75 b6 e9 24 a9 50 9a be 1f 5a fa 1a 15 |VE+u..$.P...Z...| -000001b0 d9 cc 55 95 72 16 83 b9 c2 b6 8f fd 88 8c 38 84 |..U.r.........8.| -000001c0 1d ab 5d 92 31 13 4f fd 83 3b c6 9d f1 11 62 b6 |..].1.O..;....b.| -000001d0 8b ec ab 67 be c8 64 b0 11 50 46 58 17 6b 99 1c |...g..d..PFX.k..| -000001e0 d3 1d fc 06 f1 0e e5 96 a8 0c f9 78 20 b7 44 18 |...........x .D.| -000001f0 51 8d 10 7e 4f 94 67 df a3 4e 70 73 8e 90 91 85 |Q..~O.g..Nps....| -00000200 16 03 03 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 |...........mQ...| -00000210 3e fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c |>.u.A6..j.*.%.gL| -00000220 8e 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 |.b/0......+.#...| -00000230 1d f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 |..;...'..$...[.f| -00000240 0d 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be |.j.....C........| -00000250 c8 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce |..9L.....K.../..| -00000260 e6 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 |..w.o#......:..V| -00000270 f1 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 |..T^F..;3..(....| -00000280 35 d4 1c 43 d1 30 6f 55 4e 0a 70 16 03 03 00 88 |5..C.0oUN.p.....| -00000290 0f 00 00 84 04 01 00 80 2a 1f ae 48 9f 86 16 dc |........*..H....| -000002a0 c2 55 1f 5f 95 81 ed 56 00 5d 35 46 e5 b6 57 d5 |.U._...V.]5F..W.| -000002b0 a6 3e 32 38 8b e2 c6 1c b9 b1 38 b2 da 66 45 ed |.>28......8..fE.| -000002c0 58 6a 7f 43 41 93 a5 09 da b9 04 ce 3f 13 8a 19 |Xj.CA.......?...| -000002d0 13 e9 2c 1f c5 e7 35 b4 2d ea 7c 81 90 33 c0 66 |..,...5.-.|..3.f| -000002e0 dc 41 8b 23 08 8f 69 d4 d6 a2 5f c1 bd 26 e6 2e |.A.#..i..._..&..| -000002f0 7f c8 7c a8 2d d4 08 95 ce 6e 58 54 04 a2 a6 63 |..|.-....nXT...c| -00000300 54 72 67 f2 7f 61 0a 6b 58 46 d4 88 95 38 37 f2 |Trg..a.kXF...87.| -00000310 93 95 48 56 14 a7 b9 7c 14 03 03 00 01 01 16 03 |..HV...|........| -00000320 03 00 24 64 bb 41 3a cb a2 2f 95 53 5c 2f f7 83 |..$d.A:../.S\/..| -00000330 a2 35 18 f6 d0 8d 6f e2 54 ed 2f 07 10 f4 36 e2 |.5....o.T./...6.| -00000340 3d e5 30 1d e3 63 01 |=.0..c.| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 0a 22 b6 bc da |..........$."...| -00000010 34 38 53 8e 80 e2 25 7b 31 2f 70 8e 3a db e8 a3 |48S...%{1/p.:...| -00000020 70 0e 88 22 b4 a8 be d4 a3 e3 cc 13 94 ef 47 |p.."..........G| ->>> Flow 5 (client to server) -00000000 17 03 03 00 1a b4 9c b1 57 ea 01 03 fe 01 e7 1e |........W.......| -00000010 c4 a7 0f 25 14 99 00 4f 88 51 c1 98 6e 99 01 15 |...%...O.Q..n...| -00000020 03 03 00 16 2e c4 11 8b 1a fc 37 81 18 33 e4 9f |..........7..3..| -00000030 48 a3 29 e3 ad 9b 9b ec 9f 99 |H.).......| diff --git a/ztools/ztls/testdata/Client-TLSv12-ClientFingerprint b/ztools/ztls/testdata/Client-TLSv12-ClientFingerprint deleted file mode 100644 index 4de00c7e..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ClientFingerprint +++ /dev/null @@ -1,106 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 a5 01 00 00 a1 03 03 00 00 00 00 00 |................| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1e c0 2b |...............+| -00000030 c0 2f cc a9 cc a8 c0 2c c0 30 c0 0a c0 09 c0 13 |./.....,.0......| -00000040 c0 14 00 33 00 39 00 2f 00 35 00 0a 01 00 00 5a |...3.9./.5.....Z| -00000050 00 17 00 00 ff 01 00 01 00 00 0a 00 08 00 06 00 |................| -00000060 17 00 18 00 19 00 0b 00 02 01 00 00 23 00 00 33 |............#..3| -00000070 74 00 00 00 10 00 0e 00 0c 02 68 32 08 68 74 74 |t.........h2.htt| -00000080 70 2f 31 2e 31 00 05 00 05 01 00 00 00 00 00 0d |p/1.1...........| -00000090 00 18 00 16 04 01 05 01 06 01 02 01 04 03 05 03 |................| -000000a0 06 03 02 03 05 02 04 02 02 02 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 3d 02 00 00 39 03 03 8b 28 19 a4 d5 |....=...9...(...| -00000010 f2 25 35 04 10 17 2d 74 b8 80 23 c2 5c 4d 8d 58 |.%5...-t..#.\M.X| -00000020 3b 9d f8 f0 38 bd c3 bd 07 e3 a1 00 c0 2f 00 00 |;...8......../..| -00000030 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 23 |...............#| -00000040 00 00 16 03 03 02 be 0b 00 02 ba 00 02 b7 00 02 |................| -00000050 b4 30 82 02 b0 30 82 02 19 a0 03 02 01 02 02 09 |.0...0..........| -00000060 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 09 2a 86 48 |.........0...*.H| -00000070 86 f7 0d 01 01 05 05 00 30 45 31 0b 30 09 06 03 |........0E1.0...| -00000080 55 04 06 13 02 41 55 31 13 30 11 06 03 55 04 08 |U....AU1.0...U..| -00000090 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f |..Some-State1!0.| -000000a0 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 |..U....Internet | -000000b0 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 64 30 |Widgits Pty Ltd0| -000000c0 1e 17 0d 31 30 30 34 32 34 30 39 30 39 33 38 5a |...100424090938Z| -000000d0 17 0d 31 31 30 34 32 34 30 39 30 39 33 38 5a 30 |..110424090938Z0| -000000e0 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 |E1.0...U....AU1.| -000000f0 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 |0...U....Some-St| -00000100 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e |ate1!0...U....In| -00000110 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 |ternet Widgits P| -00000120 74 79 20 4c 74 64 30 81 9f 30 0d 06 09 2a 86 48 |ty Ltd0..0...*.H| -00000130 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 |............0...| -00000140 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 10 d0 dc 69 |....y......F...i| -00000150 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 85 b7 14 52 |..+.CZ..-.zC...R| -00000160 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 e5 de 1f 95 |..eL,x.#........| -00000170 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a 56 fc f5 06 |;~b.,.3...\zV...| -00000180 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 21 96 4a c7 |..X{&?......!.J.| -00000190 f4 54 9f 5a bf ef 42 71 00 fe 18 99 07 7f 7e 88 |.T.Z..Bq......~.| -000001a0 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c e3 c0 4c 3b |}}..9....Q.|..L;| -000001b0 32 66 01 cf af b1 1d b8 71 9a 1d db db 89 6b ae |2f......q.....k.| -000001c0 da 2d 79 02 03 01 00 01 a3 81 a7 30 81 a4 30 1d |.-y........0..0.| -000001d0 06 03 55 1d 0e 04 16 04 14 b1 ad e2 85 5a cf cb |..U..........Z..| -000001e0 28 db 69 ce 23 69 de d3 26 8e 18 88 39 30 75 06 |(.i.#i..&...90u.| -000001f0 03 55 1d 23 04 6e 30 6c 80 14 b1 ad e2 85 5a cf |.U.#.n0l......Z.| -00000200 cb 28 db 69 ce 23 69 de d3 26 8e 18 88 39 a1 49 |.(.i.#i..&...9.I| -00000210 a4 47 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |.G0E1.0...U....A| -00000220 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000230 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000240 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000250 73 20 50 74 79 20 4c 74 64 82 09 00 85 b0 bb a4 |s Pty Ltd.......| -00000260 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 05 30 03 01 |....0...U....0..| -00000270 01 ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 |..0...*.H.......| -00000280 00 03 81 81 00 08 6c 45 24 c7 6b b1 59 ab 0c 52 |......lE$.k.Y..R| -00000290 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a 95 66 e4 c5 |.......zdu.Z.f..| -000002a0 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 d3 92 fd f7 |+...f..O8.n`....| -000002b0 41 08 b5 25 13 b1 18 7a 24 fb 30 1d ba ed 98 b9 |A..%...z$.0.....| -000002c0 17 ec e7 d7 31 59 db 95 d3 1d 78 ea 50 56 5c d5 |....1Y....x.PV\.| -000002d0 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 96 8c 0f 52 |.Z-Z_3....u....R| -000002e0 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 1b 96 94 dd |...... _........| -000002f0 a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 6e 38 50 29 |..W.p.&mq..&n8P)| -00000300 6c 90 a7 bd d9 16 03 03 00 cd 0c 00 00 c9 03 00 |l...............| -00000310 17 41 04 d3 c4 af de c3 4b ff 78 fa 5f 9a fc 67 |.A......K.x._..g| -00000320 8d 52 4e 31 d9 92 60 ce 67 5d fe b3 fa f0 26 49 |.RN1..`.g]....&I| -00000330 07 5c 4b ca cb 24 35 07 a8 08 74 cc 8d 91 23 03 |.\K..$5...t...#.| -00000340 3b 40 d2 ea 7f f2 9a fd fb cf 7d 7d 8c f0 0f 6a |;@........}}...j| -00000350 35 b8 55 04 01 00 80 73 45 c5 02 37 6d a3 16 cd |5.U....sE..7m...| -00000360 6f 5e f5 1a 9e 3c b8 a6 d0 24 c6 ea 01 08 05 52 |o^...<...$.....R| -00000370 37 0b 6e 47 80 89 9f 5e 36 8d 5d a2 6a 2d 74 bb |7.nG...^6.].j-t.| -00000380 58 dc de ce 4e 44 80 f5 f7 d3 19 22 79 9b 0c b8 |X...ND....."y...| -00000390 e1 9a 7f 3f 1b 43 92 1a 1e 99 e9 14 f9 66 a9 ee |...?.C.......f..| -000003a0 87 90 79 f7 34 9d dc 26 74 25 78 fb 76 54 f9 05 |..y.4..&t%x.vT..| -000003b0 4a b1 f2 cc 41 cb f5 7b 78 ea d7 ec 72 d8 55 fa |J...A..{x...r.U.| -000003c0 b0 f1 e3 49 dd ae 58 bf d6 94 93 24 3a a8 ec 15 |...I..X....$:...| -000003d0 32 76 a4 19 48 54 da 16 03 03 00 04 0e 00 00 00 |2v..HT..........| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 f1 4d |.....(.........M| -00000060 79 8b da 18 73 ff 1b 3a 84 21 bf ce 1c d1 18 0d |y...s..:.!......| -00000070 30 64 32 cf f3 f4 c9 1b ff f8 38 64 50 26 |0d2.......8dP&| ->>> Flow 4 (server to client) -00000000 16 03 03 00 aa 04 00 00 a6 00 00 1c 20 00 a0 08 |............ ...| -00000010 5c 81 24 bf 70 db 80 27 4f 05 3a aa 6f f5 3d c8 |\.$.p..'O.:.o.=.| -00000020 8e 60 10 00 71 94 42 3e 2d ee 55 15 e7 75 50 f9 |.`..q.B>-.U..uP.| -00000030 70 e7 36 41 66 3f e9 45 b3 3b 8e c2 96 d4 bb 4b |p.6Af?.E.;.....K| -00000040 f1 a8 9c ae be 26 a0 05 f9 7f 0e 75 f9 d8 dc de |.....&.....u....| -00000050 65 cb 86 05 2f 6b 6e a6 99 3d d6 ac d0 c6 53 e8 |e.../kn..=....S.| -00000060 f4 8d 83 b5 f1 83 4e a9 fc 81 b7 82 c4 88 c9 1e |......N.........| -00000070 65 52 35 21 42 d4 e8 3d 77 8f 71 e0 80 05 3b c4 |eR5!B..=w.q...;.| -00000080 7d a8 40 2e b4 c5 0a f1 1e d4 9e ca 5b 35 eb ff |}.@.........[5..| -00000090 32 fa 20 6c d8 76 4a 8d d1 91 54 46 66 d7 8d eb |2. l.vJ...TFf...| -000000a0 55 dc 12 44 0b 61 45 08 c2 20 9a 87 cd 36 a8 14 |U..D.aE.. ...6..| -000000b0 03 03 00 01 01 16 03 03 00 28 96 96 bd 4f 90 1f |.........(...O..| -000000c0 ec c0 c9 57 f2 3f 3f 78 f9 ab 8d dd 98 bd f3 2a |...W.??x.......*| -000000d0 b4 d5 be 6e 30 60 a6 90 75 18 39 ac c2 65 1e 56 |...n0`..u.9..e.V| -000000e0 bc 81 |..| ->>> Flow 5 (client to server) -00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 ff c5 7b |...............{| -00000010 63 b3 48 38 71 25 6a 8f 09 e6 2a 9d 88 00 15 aa |c.H8q%j...*.....| -00000020 b9 cd 1d 15 03 03 00 1a 00 00 00 00 00 00 00 02 |................| -00000030 68 d0 ea 7f 4c b7 c3 47 5c bc 37 f9 95 af 3a 02 |h...L..G\.7...:.| -00000040 26 04 |&.| diff --git a/ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES b/ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES deleted file mode 100644 index 76445903..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES +++ /dev/null @@ -1,89 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 59 02 00 00 55 03 03 53 04 f1 02 a0 |....Y...U..S....| -00000010 5f bd a4 8d 98 93 b8 da 08 86 9f b2 be 9a a4 91 |_...............| -00000020 2b 3c 1f 18 f0 75 7c a9 a8 a0 f7 20 4a 89 9a d2 |+<...u|.... J...| -00000030 34 3b d9 b1 c2 fd 61 bd 97 19 22 ce b9 d1 5b a7 |4;....a..."...[.| -00000040 83 80 9c 19 d0 f5 a0 aa 4c ac 06 20 c0 09 00 00 |........L.. ....| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 03 00 d7 0c 00 00 d3 03 00 17 41 04 3c |*............A.<| -00000280 8f 35 1e 47 5d 7b ad 13 0c e9 5c c0 97 c7 83 06 |.5.G]{....\.....| -00000290 49 0f 6c cf e5 4d 3b ed f7 1b c6 96 8d ba 54 35 |I.l..M;.......T5| -000002a0 7f df 35 e3 6e 28 e9 71 f2 24 b5 ab 17 2b 4b 2b |..5.n(.q.$...+K+| -000002b0 0c 8f 9f 48 89 73 8f 09 69 84 af 7f ec 43 7a 04 |...H.s..i....Cz.| -000002c0 03 00 8a 30 81 87 02 41 79 84 43 0c 78 fa 7e e2 |...0...Ay.C.x.~.| -000002d0 c5 51 c1 60 88 c4 4a 59 7d 02 fa dc 19 68 33 ed |.Q.`..JY}....h3.| -000002e0 19 ef a1 df ef 6b 21 a6 98 aa ba a9 13 70 91 0f |.....k!......p..| -000002f0 cc 6c 5c 1e 99 53 1b 42 51 6c 06 a7 3c c4 04 22 |.l\..S.BQl..<.."| -00000300 5d 0d c1 30 ab e3 ec b4 54 02 42 01 15 15 1a 6e |]..0....T.B....n| -00000310 6f f1 c6 b1 10 84 2c c8 04 de 2b 52 d5 b4 f7 c9 |o.....,...+R....| -00000320 4f 6d 0e 0e 26 45 1d 7a 28 59 2b 8b f6 92 3a 23 |Om..&E.z(Y+...:#| -00000330 7a 39 9c d5 4e cc 5d c5 45 92 9c d0 5f 33 12 e3 |z9..N.].E..._3..| -00000340 2b 29 39 52 bb 16 aa e1 72 9e b5 fe 99 16 03 03 |+)9R....r.......| -00000350 00 04 0e 00 00 00 |......| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 20 a3 f8 5a e2 ea f3 09 19 3e |...... ..Z.....>| -00000070 4a 54 69 70 06 5b 17 35 0f ed e7 30 3b 6f eb a1 |JTip.[.5...0;o..| -00000080 cb 9c 35 81 10 2e 34 f7 12 a5 e4 63 20 b2 65 31 |..5...4....c .e1| -00000090 19 da 30 43 39 59 |..0C9Y| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 8d 4d 31 07 df |..........@.M1..| -00000010 ab 41 f5 19 9c 1a 57 fc 33 ab 5f e6 bd 45 b9 fa |.A....W.3._..E..| -00000020 7f db c0 df 72 f2 3b ef aa d4 5e 34 e6 3d 44 7c |....r.;...^4.=D|| -00000030 12 05 c7 57 da 54 b1 e3 66 f0 0a ab cd 15 a5 bf |...W.T..f.......| -00000040 c5 c2 07 a9 d9 a7 2e 5e 29 da da |.......^)..| ->>> Flow 5 (client to server) -00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 dc 03 7b 29 2c 49 64 58 2d dc f7 |.......{),IdX-..| -00000020 26 a1 3b ec 2d e8 30 c4 6c a3 ff e2 bc b5 a4 a6 |&.;.-.0.l.......| -00000030 93 ce 14 bd da 15 03 03 00 30 00 00 00 00 00 00 |.........0......| -00000040 00 00 00 00 00 00 00 00 00 00 a6 77 10 30 15 eb |...........w.0..| -00000050 ed cf 73 5b 74 5d 09 52 4a 5b e2 f0 e4 67 f8 7a |..s[t].RJ[...g.z| -00000060 5e 5e fc ba 7f 80 0a d2 f4 fb |^^........| diff --git a/ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM b/ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM deleted file mode 100644 index fb5af17f..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM +++ /dev/null @@ -1,84 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 59 02 00 00 55 03 03 53 04 f1 02 48 |....Y...U..S...H| -00000010 03 36 01 05 56 6f f0 54 d2 c3 d3 41 c2 e2 69 7b |.6..Vo.T...A..i{| -00000020 50 f8 03 ef 3f 5d 7c e6 9c cb fe 20 82 a0 81 fd |P...?]|.... ....| -00000030 72 4b b8 e6 29 76 3b 0f 1d 0a b7 82 9d 0b cf a0 |rK..)v;.........| -00000040 65 b1 56 53 c9 d5 58 7b f0 b6 2d cf c0 2b 00 00 |e.VS..X{..-..+..| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| -00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| -00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| -00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| -000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| -000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| -00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| -00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| -00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| -00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| -00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| -00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| -00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| -00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| -00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| -00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| -000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| -000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| -000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| -000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| -000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| -000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| -00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| -00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| -00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| -00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| -00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| -00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| -00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| -00000270 2a 16 03 03 00 d7 0c 00 00 d3 03 00 17 41 04 86 |*............A..| -00000280 36 b4 78 76 87 70 ed ae 0d 34 70 3d 16 e5 a4 db |6.xv.p...4p=....| -00000290 ae 28 58 4c 01 5a 56 73 a7 0d 34 59 a7 04 75 69 |.(XL.ZVs..4Y..ui| -000002a0 f2 55 24 40 b0 33 c6 93 ff ae e0 14 f5 4b ce a8 |.U$@.3.......K..| -000002b0 e2 e6 9a 67 1d 66 fb 8f fd 56 59 e7 73 f2 2c 04 |...g.f...VY.s.,.| -000002c0 03 00 8a 30 81 87 02 41 73 ab a8 3c 64 17 69 9f |...0...As..>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 87 7a |.....(.........z| -00000060 82 d7 46 25 1d a6 bb c2 a8 a8 4e a5 d1 f8 02 db |..F%......N.....| -00000070 33 33 ca 78 b6 d3 bd 77 8a 33 23 a7 95 fb |33.x...w.3#...| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 28 ce a1 9d 01 c0 |..........(.....| -00000010 31 e5 d5 57 16 e1 a6 b3 8b 25 58 0f fa 2a de 3e |1..W.....%X..*.>| -00000020 0c d9 06 11 a6 b0 d7 b0 33 ad 31 73 5b 26 b4 d2 |........3.1s[&..| -00000030 12 56 c8 |.V.| ->>> Flow 5 (client to server) -00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 d5 04 4c |...............L| -00000010 7b 35 b4 d7 90 ae fe 00 d2 f2 4b 76 f1 36 5e 24 |{5........Kv.6^$| -00000020 4a aa 94 15 03 03 00 1a 00 00 00 00 00 00 00 02 |J...............| -00000030 d3 1c 41 37 ab f6 17 79 f0 01 a4 19 a5 75 7a 8e |..A7...y.....uz.| -00000040 a3 b2 |..| diff --git a/ztools/ztls/testdata/Client-TLSv12-ECDHE-RSA-AES b/ztools/ztls/testdata/Client-TLSv12-ECDHE-RSA-AES deleted file mode 100644 index 5336bbba..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-ECDHE-RSA-AES +++ /dev/null @@ -1,99 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 59 02 00 00 55 03 03 53 04 f1 02 41 |....Y...U..S...A| -00000010 95 cc 56 30 65 46 24 75 d5 9e 3c a7 5b 6c 99 fe |..V0eF$u..<.[l..| -00000020 86 35 23 42 3a 8f 4d 4c b9 98 7d 20 a7 46 43 72 |.5#B:.ML..} .FCr| -00000030 66 bb b6 ad ff ad cf 63 37 fe 6b b4 78 94 08 49 |f......c7.k.x..I| -00000040 54 06 ed f4 85 73 38 4a c6 fe b6 98 c0 13 00 00 |T....s8J........| -00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| -00000060 03 02 be 0b 00 02 ba 00 02 b7 00 02 b4 30 82 02 |.............0..| -00000070 b0 30 82 02 19 a0 03 02 01 02 02 09 00 85 b0 bb |.0..............| -00000080 a4 8a 7f b8 ca 30 0d 06 09 2a 86 48 86 f7 0d 01 |.....0...*.H....| -00000090 01 05 05 00 30 45 31 0b 30 09 06 03 55 04 06 13 |....0E1.0...U...| -000000a0 02 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f |.AU1.0...U....So| -000000b0 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 |me-State1!0...U.| -000000c0 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 |...Internet Widg| -000000d0 69 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d 31 |its Pty Ltd0...1| -000000e0 30 30 34 32 34 30 39 30 39 33 38 5a 17 0d 31 31 |00424090938Z..11| -000000f0 30 34 32 34 30 39 30 39 33 38 5a 30 45 31 0b 30 |0424090938Z0E1.0| -00000100 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| -00000110 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| -00000120 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| -00000130 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| -00000140 74 64 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 |td0..0...*.H....| -00000150 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 bb |........0.......| -00000160 79 d6 f5 17 b5 e5 bf 46 10 d0 dc 69 be e6 2b 07 |y......F...i..+.| -00000170 43 5a d0 03 2d 8a 7a 43 85 b7 14 52 e7 a5 65 4c |CZ..-.zC...R..eL| -00000180 2c 78 b8 23 8c b5 b4 82 e5 de 1f 95 3b 7e 62 a5 |,x.#........;~b.| -00000190 2c a5 33 d6 fe 12 5c 7a 56 fc f5 06 bf fa 58 7b |,.3...\zV.....X{| -000001a0 26 3f b5 cd 04 d3 d0 c9 21 96 4a c7 f4 54 9f 5a |&?......!.J..T.Z| -000001b0 bf ef 42 71 00 fe 18 99 07 7f 7e 88 7d 7d f1 04 |..Bq......~.}}..| -000001c0 39 c4 a2 2e db 51 c9 7c e3 c0 4c 3b 32 66 01 cf |9....Q.|..L;2f..| -000001d0 af b1 1d b8 71 9a 1d db db 89 6b ae da 2d 79 02 |....q.....k..-y.| -000001e0 03 01 00 01 a3 81 a7 30 81 a4 30 1d 06 03 55 1d |.......0..0...U.| -000001f0 0e 04 16 04 14 b1 ad e2 85 5a cf cb 28 db 69 ce |.........Z..(.i.| -00000200 23 69 de d3 26 8e 18 88 39 30 75 06 03 55 1d 23 |#i..&...90u..U.#| -00000210 04 6e 30 6c 80 14 b1 ad e2 85 5a cf cb 28 db 69 |.n0l......Z..(.i| -00000220 ce 23 69 de d3 26 8e 18 88 39 a1 49 a4 47 30 45 |.#i..&...9.I.G0E| -00000230 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 |1.0...U....AU1.0| -00000240 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 |...U....Some-Sta| -00000250 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 |te1!0...U....Int| -00000260 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 |ernet Widgits Pt| -00000270 79 20 4c 74 64 82 09 00 85 b0 bb a4 8a 7f b8 ca |y Ltd...........| -00000280 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d |0...U....0....0.| -00000290 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 |..*.H...........| -000002a0 00 08 6c 45 24 c7 6b b1 59 ab 0c 52 cc f2 b0 14 |..lE$.k.Y..R....| -000002b0 d7 87 9d 7a 64 75 b5 5a 95 66 e4 c5 2b 8e ae 12 |...zdu.Z.f..+...| -000002c0 66 1f eb 4f 38 b3 6e 60 d3 92 fd f7 41 08 b5 25 |f..O8.n`....A..%| -000002d0 13 b1 18 7a 24 fb 30 1d ba ed 98 b9 17 ec e7 d7 |...z$.0.........| -000002e0 31 59 db 95 d3 1d 78 ea 50 56 5c d5 82 5a 2d 5a |1Y....x.PV\..Z-Z| -000002f0 5f 33 c4 b6 d8 c9 75 90 96 8c 0f 52 98 b5 cd 98 |_3....u....R....| -00000300 1f 89 20 5f f2 a0 1c a3 1b 96 94 dd a9 fd 57 e9 |.. _..........W.| -00000310 70 e8 26 6d 71 99 9b 26 6e 38 50 29 6c 90 a7 bd |p.&mq..&n8P)l...| -00000320 d9 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 48 |.............A.H| -00000330 68 d8 8a 10 b4 bf eb 8d d1 98 b0 a6 f4 47 5d 91 |h............G].| -00000340 61 da 50 d9 85 7b 5d 90 02 2c 38 c9 af 81 d3 55 |a.P..{]..,8....U| -00000350 07 62 b1 62 58 7f 39 94 d7 91 96 a8 1f 47 60 a5 |.b.bX.9......G`.| -00000360 c0 04 f2 fb cb 15 75 a6 16 3f 94 53 7c ff dd 04 |......u..?.S|...| -00000370 01 00 80 b9 82 fa 0b f8 8c 94 2c 6e 05 81 7d 80 |..........,n..}.| -00000380 5d 9a 77 78 af c8 33 5d 89 7e 2e 3c e5 72 66 a8 |].wx..3].~.<.rf.| -00000390 f1 5c 02 04 02 70 76 7b 45 ff 0d 29 a0 cb 0d db |.\...pv{E..)....| -000003a0 7a 4c c4 13 19 cd 47 b2 f1 c9 43 4f 95 d2 f1 c6 |zL....G...CO....| -000003b0 bc ae 31 4a 9d de 80 b2 a4 b7 b6 dd 8c 03 3e 2a |..1J..........>*| -000003c0 46 5e d1 e7 5b c5 9e 06 58 f3 55 b2 77 09 f3 98 |F^..[...X.U.w...| -000003d0 d5 7f 5a 74 64 7e 48 22 8f 7d a8 68 b6 1d 90 df |..Ztd~H".}.h....| -000003e0 2c 91 d7 c5 07 3d d1 6f e9 c1 91 03 3c 23 5a 56 |,....=.o....<#ZV| -000003f0 3b b2 c2 16 03 03 00 04 0e 00 00 00 |;...........| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| -00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| -00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| -00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| -00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| -00000050 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 |.....@..........| -00000060 00 00 00 00 00 00 59 e6 92 05 27 ec 09 2c b0 a5 |......Y...'..,..| -00000070 2a fb 7e f1 03 53 16 63 68 a1 86 13 bb da 98 27 |*.~..S.ch......'| -00000080 6d 42 08 35 6a ec 58 61 2a 4d 44 ec ae c5 b9 d2 |mB.5j.Xa*MD.....| -00000090 76 57 1f 75 9f 8d |vW.u..| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 6e 03 d0 e6 98 |..........@n....| -00000010 1f f5 39 7b 06 9f 95 f0 7a 88 35 7c 55 db c3 2f |..9{....z.5|U../| -00000020 00 ef 5b d3 62 87 a2 94 da 2f f6 4a 89 c9 a8 3d |..[.b..../.J...=| -00000030 3a 92 db 77 35 92 01 4b f5 c5 6b 95 09 9f cd 79 |:..w5..K..k....y| -00000040 3c af 37 5b 27 bf 93 3e 04 55 71 |<.7['..>.Uq| ->>> Flow 5 (client to server) -00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -00000010 00 00 00 00 00 bc c9 d0 8e 80 14 de 32 18 49 e8 |............2.I.| -00000020 20 dc 5e 6c e4 6d 14 00 df 51 71 fb 86 95 16 4c | .^l.m...Qq....L| -00000030 04 8e 71 e1 48 15 03 03 00 30 00 00 00 00 00 00 |..q.H....0......| -00000040 00 00 00 00 00 00 00 00 00 00 b7 6d 30 72 61 53 |...........m0raS| -00000050 d8 0a d4 1d ae e5 d4 22 46 c9 d5 4e 4a 86 f5 ac |......."F..NJ...| -00000060 72 98 c6 db 38 29 97 2c 84 0b |r...8).,..| diff --git a/ztools/ztls/testdata/Client-TLSv12-RSA-RC4 b/ztools/ztls/testdata/Client-TLSv12-RSA-RC4 deleted file mode 100644 index 0377f052..00000000 --- a/ztools/ztls/testdata/Client-TLSv12-RSA-RC4 +++ /dev/null @@ -1,83 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 75 01 00 00 71 03 03 00 00 00 00 00 |....u...q.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 1a c0 2f |.............../| -00000030 c0 2b c0 11 c0 07 c0 13 c0 09 c0 14 c0 0a 00 05 |.+..............| -00000040 00 2f 00 35 c0 12 00 0a 01 00 00 2e 00 05 00 05 |./.5............| -00000050 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 18 00 |................| -00000060 19 00 0b 00 02 01 00 00 0d 00 0a 00 08 04 01 04 |................| -00000070 03 02 01 02 03 ff 01 00 01 00 |..........| ->>> Flow 2 (server to client) -00000000 16 03 03 00 51 02 00 00 4d 03 03 53 04 f1 02 9d |....Q...M..S....| -00000010 2e 4e d9 17 4a 35 fa 9d 94 f6 45 0a f6 6b 5d 1c |.N..J5....E..k].| -00000020 1e 15 19 8d 6d 94 cc 90 d9 39 94 20 8b 4b de 76 |....m....9. .K.v| -00000030 d5 64 5d b7 19 df e7 eb 7e a0 22 c4 09 38 a0 12 |.d].....~."..8..| -00000040 d5 59 10 c8 31 06 dc fc e4 9d d1 80 00 05 00 00 |.Y..1...........| -00000050 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000060 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000070 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000080 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000090 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000a0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000b0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000c0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000d0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000e0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000f0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -00000100 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000110 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000120 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000130 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000140 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000150 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000160 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000170 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000180 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000190 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -000001a0 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -000001b0 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001c0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001d0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001e0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001f0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -00000200 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -00000210 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000220 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000230 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000240 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000250 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000260 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000270 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000280 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000290 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -000002a0 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -000002b0 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002c0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002d0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002e0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002f0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -00000300 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -00000310 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 04 0e 00 |n8P)l...........| -00000320 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 6d 51 f3 7f f9 |...........mQ...| -00000010 3e fb 75 82 41 36 83 e8 6a ee 2a 2e 25 90 67 4c |>.u.A6..j.*.%.gL| -00000020 8e 62 2f 30 81 17 e0 85 09 0c 2b b7 23 d7 b0 e2 |.b/0......+.#...| -00000030 1d f7 3b d7 f5 a1 27 b6 ee 24 b6 1b cc 5b ea 66 |..;...'..$...[.f| -00000040 0d 6a f4 e5 85 f9 da 43 b4 0e 86 85 e1 f5 aa be |.j.....C........| -00000050 c8 ce 39 4c 9c 86 00 08 c2 4b e2 c6 ec 2f f7 ce |..9L.....K.../..| -00000060 e6 bd 77 82 6f 23 b6 e0 bd a2 92 b7 3a ac e8 56 |..w.o#......:..V| -00000070 f1 af 54 5e 46 87 e9 3b 33 e7 b8 28 b7 d6 c8 90 |..T^F..;3..(....| -00000080 35 d4 1c 43 d1 30 6f 55 4e 0a 70 14 03 03 00 01 |5..C.0oUN.p.....| -00000090 01 16 03 03 00 24 37 14 b2 97 7b b5 f0 9a 38 05 |.....$7...{...8.| -000000a0 22 35 69 9c 95 2f 86 4b 37 98 22 db 4e 9a 46 9c |"5i../.K7.".N.F.| -000000b0 b9 81 74 72 58 18 53 0c 5c 3c |..trX.S.\<| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 3c b3 e7 77 5a |..........$<..wZ| -00000010 7c 36 5a 74 74 26 8d 5b 5a 09 96 60 e8 24 45 2f ||6Ztt&.[Z..`.$E/| -00000020 c2 39 14 5e db 58 12 49 ad a8 b6 ea ef 58 16 |.9.^.X.I.....X.| ->>> Flow 5 (client to server) -00000000 17 03 03 00 1a 6d 29 d7 ba 2f 85 02 b6 f0 82 64 |.....m)../.....d| -00000010 6c 55 ae ab f6 fd 14 ff b8 38 f0 f8 a6 ea cc 15 |lU.......8......| -00000020 03 03 00 16 10 c5 d9 41 7b e2 89 67 dc 29 8e f8 |.......A{..g.)..| -00000030 b5 ab 32 91 44 2c 27 84 49 f7 |..2.D,'.I.| diff --git a/ztools/ztls/testdata/Server-SSLv3-RSA-3DES b/ztools/ztls/testdata/Server-SSLv3-RSA-3DES deleted file mode 100644 index a6c7a419..00000000 --- a/ztools/ztls/testdata/Server-SSLv3-RSA-3DES +++ /dev/null @@ -1,83 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 00 00 2f 01 00 00 2b 03 00 52 cc 57 59 d8 |..../...+..R.WY.| -00000010 86 d6 07 ae e0 8d 63 b7 1e cb aa c6 67 32 c8 dd |......c.....g2..| -00000020 68 03 d8 3d 37 18 72 c3 c0 f1 9d 00 00 04 00 0a |h..=7.r.........| -00000030 00 ff 01 00 |....| ->>> Flow 2 (server to client) -00000000 16 03 00 00 31 02 00 00 2d 03 00 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 00 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 00 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 00 00 84 10 00 00 80 75 e0 c9 76 d6 e9 34 |.........u..v..4| -00000010 1d e3 31 9e db 3b 03 41 93 e8 db 73 7c e9 3f 6a |..1..;.A...s|.?j| -00000020 d8 2a 7b 25 83 4f 45 de 3f 78 3f b6 53 a7 b4 6c |.*{%.OE.?x?.S..l| -00000030 e3 87 c4 c3 70 55 71 79 55 dc 74 98 84 21 19 13 |....pUqyU.t..!..| -00000040 be d5 8e 0a ff 2f 9f 7a 6b d4 6c ef 78 d1 cb 65 |...../.zk.l.x..e| -00000050 32 4c 0c c5 29 b9 60 94 c6 79 56 a2 aa 2d d9 ad |2L..).`..yV..-..| -00000060 51 2c 54 1b 28 23 33 54 cd 48 cb 80 13 45 3d 4a |Q,T.(#3T.H...E=J| -00000070 8e 2f f2 da bd 68 3e 1b eb 73 f9 2d 35 6b b1 40 |./...h>..s.-5k.@| -00000080 2e 6d 9d 1c e9 c1 02 80 37 14 03 00 00 01 01 16 |.m......7.......| -00000090 03 00 00 40 f7 c3 dd a4 64 3d 81 24 de a2 81 7d |...@....d=.$...}| -000000a0 e4 df 78 46 e7 ba 93 6c 36 43 05 96 fc 75 ef ec |..xF...l6C...u..| -000000b0 a5 46 6d 47 a5 be 74 ad 15 93 d9 87 4f 1d e2 b3 |.FmG..t.....O...| -000000c0 03 ff 2e 89 6e 50 f4 d6 a6 e2 b3 54 cb 74 07 f7 |....nP.....T.t..| -000000d0 ca 1b 8c 0a |....| ->>> Flow 4 (server to client) -00000000 14 03 00 00 01 01 16 03 00 00 40 6d 3d d8 d5 cf |..........@m=...| -00000010 05 7d 98 8c 28 28 e2 43 ab ad 4a fa ae bf ec c3 |.}..((.C..J.....| -00000020 9c 0a 13 4d 28 a4 45 c4 b9 f2 bc c5 12 a2 68 91 |...M(.E.......h.| -00000030 77 fa 72 f8 9e 4e b7 1f b4 02 02 e3 5d 57 b0 8b |w.r..N......]W..| -00000040 d8 90 0c 9d e6 df 5b 90 92 a1 0d 17 03 00 00 18 |......[.........| -00000050 91 48 8a e1 d6 bf 79 1c d5 0a 70 d5 94 20 25 78 |.H....y...p.. %x| -00000060 d8 84 c8 6e 54 f0 99 01 17 03 00 00 28 74 19 90 |...nT.......(t..| -00000070 41 44 53 27 bb fb 1f fd 71 34 20 61 a0 eb a4 7c |ADS'....q4 a...|| -00000080 fe 36 f8 4b d7 b0 27 d3 b9 36 e1 67 af 2d 0e 23 |.6.K..'..6.g.-.#| -00000090 2b 76 a7 2f c3 15 03 00 00 18 db fc e9 fd 87 5f |+v./..........._| -000000a0 92 a8 3d 4b 35 f5 c6 48 2c b4 42 50 c3 81 28 f0 |..=K5..H,.BP..(.| -000000b0 2b 41 |+A| diff --git a/ztools/ztls/testdata/Server-SSLv3-RSA-AES b/ztools/ztls/testdata/Server-SSLv3-RSA-AES deleted file mode 100644 index 4885b267..00000000 --- a/ztools/ztls/testdata/Server-SSLv3-RSA-AES +++ /dev/null @@ -1,84 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 00 00 2f 01 00 00 2b 03 00 52 cc 57 59 30 |..../...+..R.WY0| -00000010 e1 ee 8c 60 5b 40 dd 95 bd b4 84 87 2f 01 15 e7 |...`[@....../...| -00000020 50 88 4c 82 6b 6d 93 8a 57 d0 27 00 00 04 00 2f |P.L.km..W.'..../| -00000030 00 ff 01 00 |....| ->>> Flow 2 (server to client) -00000000 16 03 00 00 31 02 00 00 2d 03 00 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 |............./..| -00000030 05 ff 01 00 01 00 16 03 00 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 00 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 00 00 84 10 00 00 80 74 50 05 6f f5 83 c9 |.........tP.o...| -00000010 f5 0c 5a 65 c7 4e c6 f3 87 96 d7 5d 3e 88 27 32 |..Ze.N.....]>.'2| -00000020 89 12 ba ec db ef c0 85 70 84 ed b6 83 03 8f 44 |........p......D| -00000030 f5 6f fa fa d0 1f 95 30 d1 ae a7 71 cf ee e9 b1 |.o.....0...q....| -00000040 80 7b 34 a9 ea 1b 5e e5 71 40 3f e8 7d 30 d1 8b |.{4...^.q@?.}0..| -00000050 11 f1 68 1f c8 25 f0 77 c5 af b3 92 6e d9 81 cc |..h..%.w....n...| -00000060 f8 fd 82 95 cc 1f 4a b1 05 15 7a b3 a1 22 33 09 |......J...z.."3.| -00000070 e7 a5 c2 89 7f 03 e0 91 b6 61 a3 a0 4e 17 0d 7a |.........a..N..z| -00000080 13 01 c4 b6 50 c7 d9 81 15 14 03 00 00 01 01 16 |....P...........| -00000090 03 00 00 40 56 da 56 ab e6 26 98 58 53 1f 36 b5 |...@V.V..&.XS.6.| -000000a0 03 14 bd 42 29 ee 9c 7c e4 48 26 82 68 ae fd fe |...B)..|.H&.h...| -000000b0 5e a4 43 22 75 95 7b c8 77 88 fd d6 d4 9b c9 b5 |^.C"u.{.w.......| -000000c0 ee 3e a6 e8 c5 04 90 63 3f ac be 56 67 da 30 d4 |.>.....c?..Vg.0.| -000000d0 64 fb a8 a0 |d...| ->>> Flow 4 (server to client) -00000000 14 03 00 00 01 01 16 03 00 00 40 96 af fb 79 96 |..........@...y.| -00000010 92 97 2d d0 67 46 1e 08 b5 35 65 ef dc bc 8e 57 |..-.gF...5e....W| -00000020 53 b7 36 58 74 d7 88 b1 55 fc eb fa 2e f3 17 b7 |S.6Xt...U.......| -00000030 62 58 a0 9d 99 e1 85 d4 33 e0 b4 1f 1d 94 f2 88 |bX......3.......| -00000040 d5 9a 34 5b 74 cd d2 ff 87 bd 52 17 03 00 00 20 |..4[t.....R.... | -00000050 c6 61 c2 28 ac d2 0c 08 7f f1 c2 62 af 37 7e 78 |.a.(.......b.7~x| -00000060 e8 e2 a1 54 f2 3a 80 97 f8 47 64 f2 cd 94 dd 0b |...T.:...Gd.....| -00000070 17 03 00 00 30 b8 40 8f a3 18 ff 03 84 d4 1c 28 |....0.@........(| -00000080 82 ce d8 9a 81 3a dd 23 7c 65 d8 ca f7 f1 46 1b |.....:.#|e....F.| -00000090 70 f0 d7 d9 54 a7 71 e6 4d d4 25 61 5a e4 30 d3 |p...T.q.M.%aZ.0.| -000000a0 4a 42 ae 26 a5 15 03 00 00 20 c4 e8 ed 40 57 00 |JB.&..... ...@W.| -000000b0 dc a5 0e 82 90 47 92 08 dd 7e 50 6b 30 66 5e 90 |.....G...~Pk0f^.| -000000c0 73 7c 81 93 8d 24 b1 06 e7 39 |s|...$...9| diff --git a/ztools/ztls/testdata/Server-SSLv3-RSA-RC4 b/ztools/ztls/testdata/Server-SSLv3-RSA-RC4 deleted file mode 100644 index 1314b659..00000000 --- a/ztools/ztls/testdata/Server-SSLv3-RSA-RC4 +++ /dev/null @@ -1,79 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 00 00 2f 01 00 00 2b 03 00 52 cc 57 59 79 |..../...+..R.WYy| -00000010 b9 3b ef df 53 fb 09 f6 01 e5 18 0a fc 3d 65 bb |.;..S........=e.| -00000020 cf 9c 4c 77 b1 e8 6b 4f 5f c7 94 00 00 04 00 05 |..Lw..kO_.......| -00000030 00 ff 01 00 |....| ->>> Flow 2 (server to client) -00000000 16 03 00 00 31 02 00 00 2d 03 00 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 00 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 00 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 00 00 84 10 00 00 80 4d 66 7a f3 f8 ab 86 |.........Mfz....| -00000010 43 4c 5f 7c 52 ca e7 3f ba 62 b3 82 88 16 7d ca |CL_|R..?.b....}.| -00000020 3a 66 15 c0 36 55 2c ab bf 30 6b cd 9c d8 b9 48 |:f..6U,..0k....H| -00000030 03 c9 d0 98 ab 0b a6 5b 39 c8 fe 82 8e bb f0 16 |.......[9.......| -00000040 6f 96 62 81 f2 dc 52 02 c9 de e4 47 73 21 6e 1e |o.b...R....Gs!n.| -00000050 3a 11 89 7a e2 6b 9e 04 64 72 15 ba 2d 10 a2 69 |:..z.k..dr..-..i| -00000060 07 e6 ba 17 cf 54 d6 4e 5f 99 e8 59 8b 54 ce 8e |.....T.N_..Y.T..| -00000070 6b 58 ba 83 68 46 4a 5f 43 3e 9b e1 32 a2 19 42 |kX..hFJ_C>..2..B| -00000080 46 0f e4 47 1a 3b 16 5f e1 14 03 00 00 01 01 16 |F..G.;._........| -00000090 03 00 00 3c 78 7e ee da 0d 38 0b 1a d6 d4 8e d5 |...>> Flow 4 (server to client) -00000000 14 03 00 00 01 01 16 03 00 00 3c 23 29 64 62 23 |..........<#)db#| -00000010 19 20 f8 2e 15 07 ee c8 f4 ab f0 3e 66 c3 ed 7b |. .........>f..{| -00000020 7c a7 c2 7e c3 25 3c 8f f3 04 dc 37 e8 fc 0a 1d ||..~.%<....7....| -00000030 fa 7a 09 d4 21 11 e3 24 21 4b 37 d1 85 cc 40 bf |.z..!..$!K7...@.| -00000040 bd bd f8 59 6b cd 73 17 03 00 00 21 47 1d ac 54 |...Yk.s....!G..T| -00000050 bd 58 a6 c0 04 e2 0c 6b 66 64 5a 85 09 0e 47 fc |.X.....kfdZ...G.| -00000060 0b 57 ee f1 24 b6 89 57 46 be 6b 0d f2 15 03 00 |.W..$..WF.k.....| -00000070 00 16 b4 f7 34 99 19 43 b6 b3 5a 8b c3 d2 67 2f |....4..C..Z...g/| -00000080 3b 19 1c 31 d4 f9 bd 96 |;..1....| diff --git a/ztools/ztls/testdata/Server-TLSv10-ECDHE-ECDSA-AES b/ztools/ztls/testdata/Server-TLSv10-ECDHE-ECDSA-AES deleted file mode 100644 index 9b8cb4d9..00000000 --- a/ztools/ztls/testdata/Server-TLSv10-ECDHE-ECDSA-AES +++ /dev/null @@ -1,84 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 76 01 00 00 72 03 01 53 04 f0 f9 4b |....v...r..S...K| -00000010 30 a8 68 d0 79 13 14 69 ee 3b 5d 05 cb 71 63 43 |0.h.y..i.;]..qcC| -00000020 4a 55 6b 05 25 53 19 ba e0 2f b1 00 00 04 c0 0a |JUk.%S.../......| -00000030 00 ff 01 00 00 45 00 0b 00 04 03 00 01 02 00 0a |.....E..........| -00000040 00 34 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 |.4.2............| -00000050 00 09 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 |................| -00000060 00 15 00 04 00 05 00 12 00 13 00 01 00 02 00 03 |................| -00000070 00 0f 00 10 00 11 00 0f 00 01 01 |...........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 0a 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 01 02 0e 0b 00 02 0a 00 |................| -00000040 02 07 00 02 04 30 82 02 00 30 82 01 62 02 09 00 |.....0...0..b...| -00000050 b8 bf 2d 47 a0 d2 eb f4 30 09 06 07 2a 86 48 ce |..-G....0...*.H.| -00000060 3d 04 01 30 45 31 0b 30 09 06 03 55 04 06 13 02 |=..0E1.0...U....| -00000070 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000080 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000090 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -000000a0 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d 31 32 |ts Pty Ltd0...12| -000000b0 31 31 32 32 31 35 30 36 33 32 5a 17 0d 32 32 31 |1122150632Z..221| -000000c0 31 32 30 31 35 30 36 33 32 5a 30 45 31 0b 30 09 |120150632Z0E1.0.| -000000d0 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 |..U....AU1.0...U| -000000e0 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 |....Some-State1!| -000000f0 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 |0...U....Interne| -00000100 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 |t Widgits Pty Lt| -00000110 64 30 81 9b 30 10 06 07 2a 86 48 ce 3d 02 01 06 |d0..0...*.H.=...| -00000120 05 2b 81 04 00 23 03 81 86 00 04 00 c4 a1 ed be |.+...#..........| -00000130 98 f9 0b 48 73 36 7e c3 16 56 11 22 f2 3d 53 c3 |...Hs6~..V.".=S.| -00000140 3b 4d 21 3d cd 6b 75 e6 f6 b0 dc 9a df 26 c1 bc |;M!=.ku......&..| -00000150 b2 87 f0 72 32 7c b3 64 2f 1c 90 bc ea 68 23 10 |...r2|.d/....h#.| -00000160 7e fe e3 25 c0 48 3a 69 e0 28 6d d3 37 00 ef 04 |~..%.H:i.(m.7...| -00000170 62 dd 0d a0 9c 70 62 83 d8 81 d3 64 31 aa 9e 97 |b....pb....d1...| -00000180 31 bd 96 b0 68 c0 9b 23 de 76 64 3f 1a 5c 7f e9 |1...h..#.vd?.\..| -00000190 12 0e 58 58 b6 5f 70 dd 9b d8 ea d5 d7 f5 d5 cc |..XX._p.........| -000001a0 b9 b6 9f 30 66 5b 66 9a 20 e2 27 e5 bf fe 3b 30 |...0f[f. .'...;0| -000001b0 09 06 07 2a 86 48 ce 3d 04 01 03 81 8c 00 30 81 |...*.H.=......0.| -000001c0 88 02 42 01 88 a2 4f eb e2 45 c5 48 7d 1b ac f5 |..B...O..E.H}...| -000001d0 ed 98 9d ae 47 70 c0 5e 1b b6 2f bd f1 b6 4d b7 |....Gp.^../...M.| -000001e0 61 40 d3 11 a2 ce ee 0b 7e 92 7e ff 76 9d c3 3b |a@......~.~.v..;| -000001f0 7e a5 3f ce fa 10 e2 59 ec 47 2d 7c ac da 4e 97 |~.?....Y.G-|..N.| -00000200 0e 15 a0 6f d0 02 42 01 4d fc be 67 13 9c 2d 05 |...o..B.M..g..-.| -00000210 0e bd 3f a3 8c 25 c1 33 13 83 0d 94 06 bb d4 37 |..?..%.3.......7| -00000220 7a f6 ec 7a c9 86 2e dd d7 11 69 7f 85 7c 56 de |z..z......i..|V.| -00000230 fb 31 78 2b e4 c7 78 0d ae cb be 9e 4e 36 24 31 |.1x+..x.....N6$1| -00000240 7b 6a 0f 39 95 12 07 8f 2a 16 03 01 00 d6 0c 00 |{j.9....*.......| -00000250 00 d2 03 00 17 41 04 1e 18 37 ef 0d 19 51 88 35 |.....A...7...Q.5| -00000260 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 24 20 3e |uq..T[....g..$ >| -00000270 b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 07 9f 6c |.V...(^.+-O....l| -00000280 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 b5 68 1a |K[.V.2B.X..I..h.| -00000290 41 03 56 6b dc 5a 89 00 8b 30 81 88 02 42 00 c6 |A.Vk.Z...0...B..| -000002a0 85 8e 06 b7 04 04 e9 cd 9e 3e cb 66 23 95 b4 42 |.........>.f#..B| -000002b0 9c 64 81 39 05 3f b5 21 f8 28 af 60 6b 4d 3d ba |.d.9.?.!.(.`kM=.| -000002c0 a1 4b 5e 77 ef e7 59 28 fe 1d c1 27 a2 ff a8 de |.K^w..Y(...'....| -000002d0 33 48 b3 c1 85 6a 42 9b f9 7e 7e 31 c2 e5 bd 66 |3H...jB..~~1...f| -000002e0 02 42 00 ad 7d 06 35 ab ec 8d ac d4 ba 1b 49 5e |.B..}.5.......I^| -000002f0 05 5f f0 97 93 82 b8 2b 8d 91 98 63 8e b4 14 62 |._.....+...c...b| -00000300 db 1e c9 2b 30 f8 41 9b a6 e6 bc de 0e 68 30 21 |...+0.A......h0!| -00000310 d8 ef 2f 05 42 da f2 e0 2c 06 33 1d 0d 9a 1a 75 |../.B...,.3....u| -00000320 59 a7 3a bc 16 03 01 00 04 0e 00 00 00 |Y.:..........| ->>> Flow 3 (client to server) -00000000 16 03 01 00 46 10 00 00 42 41 04 08 28 cf bd 3c |....F...BA..(..<| -00000010 3c cc 98 9e 73 3f 92 a7 cb 22 83 3b c7 61 46 0e |<...s?...".;.aF.| -00000020 4d 7c 30 b5 06 85 2f 01 be b5 40 e2 64 1e 45 c1 |M|0.../...@.d.E.| -00000030 9d 73 95 d5 65 92 0b 9b e7 6f c6 91 ab b6 fa be |.s..e....o......| -00000040 61 83 a7 f2 eb f5 65 31 fe 24 7b 14 03 01 00 01 |a.....e1.${.....| -00000050 01 16 03 01 00 30 15 d1 c4 ca 0b 01 84 13 5a ba |.....0........Z.| -00000060 89 04 87 73 7c bb d8 89 7e 10 27 ba 6f 5d dc d3 |...s|...~.'.o]..| -00000070 b5 ef 32 86 58 cc fb eb 5c 32 9e 95 ef 01 1c ac |..2.X...\2......| -00000080 dc 8e df 7f fe 0a |......| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 30 e8 48 86 81 3c |..........0.H..<| -00000010 f5 25 5c 94 a9 06 c4 5c 71 62 b1 43 76 ec 2c 44 |.%\....\qb.Cv.,D| -00000020 95 b5 8c 95 d2 ff 82 92 b6 fc 52 75 03 c6 a1 f0 |..........Ru....| -00000030 99 6d b1 ed ec 68 6c d7 9f 18 50 17 03 01 00 20 |.m...hl...P.... | -00000040 32 d9 26 8a 81 b8 9d a5 7b fd d5 4e 7a db 2e 29 |2.&.....{..Nz..)| -00000050 58 9a 4f 6a 27 18 bc dc c2 49 b8 65 cb 8e 16 5a |X.Oj'....I.e...Z| -00000060 17 03 01 00 30 c4 56 0a ad 9a 82 cb 3e 32 f1 7c |....0.V.....>2.|| -00000070 95 6e dd cd e9 4d f0 e5 2d c9 a3 f7 de bb d7 fd |.n...M..-.......| -00000080 84 bb df 34 8c 64 1f 03 58 64 19 4a 5b 7a a8 81 |...4.d..Xd.J[z..| -00000090 52 bb 51 0a 43 15 03 01 00 20 89 18 7a 40 ec 49 |R.Q.C.... ..z@.I| -000000a0 52 d5 d3 20 ac 07 eb e9 4a 78 23 cf e7 21 32 74 |R.. ....Jx#..!2t| -000000b0 ec 40 8d a8 f4 33 1c ae 93 cf |.@...3....| diff --git a/ztools/ztls/testdata/Server-TLSv10-RSA-3DES b/ztools/ztls/testdata/Server-TLSv10-RSA-3DES deleted file mode 100644 index c0e6241c..00000000 --- a/ztools/ztls/testdata/Server-TLSv10-RSA-3DES +++ /dev/null @@ -1,79 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 36 01 00 00 32 03 01 52 cc 57 59 13 |....6...2..R.WY.| -00000010 8b e6 5b a3 1d cb 94 ef 48 e4 59 7e 20 6d 07 67 |..[.....H.Y~ m.g| -00000020 1e 28 6d 31 a2 e7 96 b3 7d 32 cc 00 00 04 00 0a |.(m1....}2......| -00000030 00 ff 01 00 00 05 00 0f 00 01 01 |...........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 01 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 01 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 01 00 86 10 00 00 82 00 80 2e af d2 61 f6 |..............a.| -00000010 e2 b8 24 da 28 17 55 99 fd 11 bd 7a ab 98 dd f2 |..$.(.U....z....| -00000020 f6 5f e0 11 6b 12 61 6f 86 48 b2 6e db f0 dd d5 |._..k.ao.H.n....| -00000030 07 88 e5 95 f4 2d 6b 0c d0 09 1a 5e 5f 50 1f dc |.....-k....^_P..| -00000040 f2 e7 02 7d 5e a0 70 29 80 ef 87 aa cc 95 3f 2e |...}^.p)......?.| -00000050 24 d1 40 b6 62 53 1d 25 31 87 1e 2f 77 d3 e1 1c |$.@.bS.%1../w...| -00000060 c4 99 89 bc 99 09 e9 ad 1f ce 09 e6 36 1c 3e 97 |............6.>.| -00000070 be 62 69 a0 4e 14 20 9c 82 2a 3e fc 7e 9b c4 7a |.bi.N. ..*>.~..z| -00000080 5a f7 ad 1a 03 17 2a f8 7a 5f 44 14 03 01 00 01 |Z.....*.z_D.....| -00000090 01 16 03 01 00 28 49 6b da 73 07 ad 85 9a 0e fb |.....(Ik.s......| -000000a0 dd e0 69 ef c9 22 2d 86 91 51 26 63 d0 24 7d 16 |..i.."-..Q&c.$}.| -000000b0 3c db 9b 00 c9 7e 64 e2 69 02 85 7d f7 47 |<....~d.i..}.G| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 28 dc 60 83 43 6c |..........(.`.Cl| -00000010 37 79 ab 6e 92 1f 66 d0 b1 12 ce c1 64 9d 2b 68 |7y.n..f.....d.+h| -00000020 c7 1a e5 1f 8c 80 08 d2 86 3e a1 2c e3 7e f4 64 |.........>.,.~.d| -00000030 e7 96 b2 17 03 01 00 18 8d b5 7c 03 78 cf dc 09 |..........|.x...| -00000040 95 06 4b a6 82 f9 30 d2 6b 26 cb 0a 9a 9d 47 9f |..K...0.k&....G.| -00000050 17 03 01 00 28 30 a9 55 dd b9 4d 6a 76 00 39 96 |....(0.U..Mjv.9.| -00000060 a3 94 6a df e5 af 1e a2 eb bb e4 ac 95 2c f7 93 |..j..........,..| -00000070 ef d1 b5 13 d8 e2 06 1a ad 5c 00 dd 0c 15 03 01 |.........\......| -00000080 00 18 a5 62 e4 8b 51 1d 28 46 bc 8a c8 50 a3 32 |...b..Q.(F...P.2| -00000090 6b 7b f1 b6 19 43 63 1f 7d 38 |k{...Cc.}8| diff --git a/ztools/ztls/testdata/Server-TLSv10-RSA-AES b/ztools/ztls/testdata/Server-TLSv10-RSA-AES deleted file mode 100644 index 1670997b..00000000 --- a/ztools/ztls/testdata/Server-TLSv10-RSA-AES +++ /dev/null @@ -1,82 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 36 01 00 00 32 03 01 52 cc 57 59 5d |....6...2..R.WY]| -00000010 0d 77 24 3e b3 32 3d ba 0f b0 aa 1d e3 13 06 f6 |.w$>.2=.........| -00000020 0f be 3c 92 ba 93 bd a6 6d 69 53 00 00 04 00 2f |..<.....miS..../| -00000030 00 ff 01 00 00 05 00 0f 00 01 01 |...........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 |............./..| -00000030 05 ff 01 00 01 00 16 03 01 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 01 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 01 00 86 10 00 00 82 00 80 20 e6 80 f7 48 |........... ...H| -00000010 7e 7d 08 08 54 e1 b4 e3 98 27 5f 90 9d 3b e3 c2 |~}..T....'_..;..| -00000020 c8 8b dc 9e ff 75 fa fc 60 e1 9e 67 7c c4 08 27 |.....u..`..g|..'| -00000030 cc 6f 15 6c bc 7c 96 de 83 8f 98 6d 4a c7 b7 20 |.o.l.|.....mJ.. | -00000040 8c 19 47 5a ff 76 92 0a df df 66 d2 b6 9d 2d 06 |..GZ.v....f...-.| -00000050 fb ac 07 cf 38 08 f1 fd 0d fe 07 d7 69 3e 8a 79 |....8.......i>.y| -00000060 dc 2d ab bb f7 18 3c 51 14 6e c6 70 95 a2 59 b1 |.-........0| -000000c0 ed c6 bc c2 38 b6 |....8.| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 30 5d 0c a2 18 13 |..........0]....| -00000010 40 a1 84 ce c5 d8 4e fc a4 8a 14 b5 94 18 b1 86 |@.....N.........| -00000020 da 6a 7d 26 08 d6 a0 f8 78 5b 42 7e f8 83 54 56 |.j}&....x[B~..TV| -00000030 36 a4 91 37 67 5a d7 68 37 c4 4f 17 03 01 00 20 |6..7gZ.h7.O.... | -00000040 fd aa 5e cf 4b 12 c5 be a4 a2 65 5d 6e 65 46 5f |..^.K.....e]neF_| -00000050 d2 fe 46 e7 77 2d 9c 1e 0b 39 40 48 c2 2f be 21 |..F.w-...9@H./.!| -00000060 17 03 01 00 30 03 af 9e 6b d6 76 ed 9e 1d 8b 8b |....0...k.v.....| -00000070 2e 2a 5d da c4 73 95 ac 0e 6f 69 cb 63 df 50 27 |.*]..s...oi.c.P'| -00000080 30 de 2e 55 86 85 ad 3e 33 22 49 72 f2 e2 9f 8f |0..U...>3"Ir....| -00000090 ba cf 4e 30 34 15 03 01 00 20 4c 4c 97 61 70 ea |..N04.... LL.ap.| -000000a0 ae fc a2 e9 c6 c2 b6 2e 4d 85 f6 ae 2b 56 46 82 |........M...+VF.| -000000b0 9d d8 a5 82 17 fa 3e 62 67 7e |......>bg~| diff --git a/ztools/ztls/testdata/Server-TLSv10-RSA-RC4 b/ztools/ztls/testdata/Server-TLSv10-RSA-RC4 deleted file mode 100644 index d653561f..00000000 --- a/ztools/ztls/testdata/Server-TLSv10-RSA-RC4 +++ /dev/null @@ -1,76 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 36 01 00 00 32 03 01 52 cc 57 59 cf |....6...2..R.WY.| -00000010 00 a1 49 a4 37 69 74 d8 a7 93 ea 8d e7 50 b7 b3 |..I.7it......P..| -00000020 8c ec e5 56 fb dc 5f 1a 2e ab 18 00 00 04 00 05 |...V.._.........| -00000030 00 ff 01 00 00 05 00 0f 00 01 01 |...........| ->>> Flow 2 (server to client) -00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 01 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 01 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 01 00 86 10 00 00 82 00 80 b1 96 7b 6f f5 |.............{o.| -00000010 a0 cb 0d 60 9b 64 d3 f5 17 76 47 7b bc a5 0e 96 |...`.d...vG{....| -00000020 53 af 68 0c 96 22 f7 28 0c 24 37 9c 51 69 ed b2 |S.h..".(.$7.Qi..| -00000030 47 14 ba 33 c5 79 6b 96 f2 ab 3c 02 5c 37 a4 97 |G..3.yk...<.\7..| -00000040 23 fc 7f d3 95 2d 85 99 1a 10 1b 38 e5 f1 83 55 |#....-.....8...U| -00000050 4a ab 60 f8 89 0a 6a c4 eb 45 f5 b0 f4 f8 09 31 |J.`...j..E.....1| -00000060 6e f0 25 30 fd 5e 68 61 bc cb 0d 9e 05 73 0a f4 |n.%0.^ha.....s..| -00000070 a5 2e d9 d5 4e 08 f6 3b 8d 2d 21 f5 79 b6 97 55 |....N..;.-!.y..U| -00000080 b9 99 03 49 ea 96 36 49 21 56 bf 14 03 01 00 01 |...I..6I!V......| -00000090 01 16 03 01 00 24 f0 4f 30 06 c3 25 01 93 34 ab |.....$.O0..%..4.| -000000a0 93 8f 59 26 83 6e 8a fd 5a a6 cf af ad b1 a2 83 |..Y&.n..Z.......| -000000b0 28 ff c2 66 5f ac e5 a5 a5 03 |(..f_.....| ->>> Flow 4 (server to client) -00000000 14 03 01 00 01 01 16 03 01 00 24 9d b4 ea d8 be |..........$.....| -00000010 b5 9f 00 fd b5 99 04 12 6b 7a 3f b8 52 d7 52 a9 |........kz?.R.R.| -00000020 e9 bd 5b 63 ad b0 53 ac 46 80 be 48 6e dd ee 17 |..[c..S.F..Hn...| -00000030 03 01 00 21 07 ac c4 fb 21 e4 b8 6b 64 3b b5 27 |...!....!..kd;.'| -00000040 29 67 a1 10 2e d2 71 d5 59 5e fc 1d 84 31 15 6e |)g....q.Y^...1.n| -00000050 4d 4b dc a9 3a 15 03 01 00 16 25 22 a5 78 23 5a |MK..:.....%".x#Z| -00000060 69 6f 99 a1 b3 1c 8d bf f3 bd 1b c8 1c 57 15 75 |io...........W.u| diff --git a/ztools/ztls/testdata/Server-TLSv11-RSA-RC4 b/ztools/ztls/testdata/Server-TLSv11-RSA-RC4 deleted file mode 100644 index 9237db07..00000000 --- a/ztools/ztls/testdata/Server-TLSv11-RSA-RC4 +++ /dev/null @@ -1,76 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 36 01 00 00 32 03 02 52 cc 57 59 bd |....6...2..R.WY.| -00000010 cd 9d 1e 17 38 43 a5 e3 e7 30 e4 2b 2a ef f7 5b |....8C...0.+*..[| -00000020 81 91 0c 0b 52 f8 2d 2c 61 d3 13 00 00 04 00 05 |....R.-,a.......| -00000030 00 ff 01 00 00 05 00 0f 00 01 01 |...........| ->>> Flow 2 (server to client) -00000000 16 03 02 00 31 02 00 00 2d 03 02 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 02 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 02 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 02 00 86 10 00 00 82 00 80 71 2b 19 25 86 |...........q+.%.| -00000010 a0 ff ba d5 1c a6 0c 8b 6b 0a b8 e9 42 93 2f 55 |........k...B./U| -00000020 a8 ee 62 fa ed bc 6d e2 9d e3 76 a6 73 d7 99 58 |..b...m...v.s..X| -00000030 cc 0b 14 42 96 7c b6 c7 8f 21 16 cf 71 9b 2b b9 |...B.|...!..q.+.| -00000040 e0 34 57 76 22 d5 87 8a ce 1f ea 26 6e 1e e6 ca |.4Wv"......&n...| -00000050 55 3b 20 cd cf 42 26 b1 51 3e 8c 1d a2 ae c4 63 |U; ..B&.Q>.....c| -00000060 f5 ce 27 3c 1e c3 e0 e3 b1 16 c1 8a 62 bd 21 7f |..'<........b.!.| -00000070 38 b5 b7 3a 3c bb 03 37 e1 a5 ff f1 29 e2 21 0a |8..:<..7....).!.| -00000080 8c 20 02 e0 c0 82 97 9d 18 6d f8 14 03 02 00 01 |. .......m......| -00000090 01 16 03 02 00 24 bc 19 16 6e fd 0b db 9e d5 1d |.....$...n......| -000000a0 65 b6 57 1c 58 b5 6a ac f7 4f f0 cd a1 a9 0c c0 |e.W.X.j..O......| -000000b0 df e6 eb d5 00 f7 fd 43 bb 27 |.......C.'| ->>> Flow 4 (server to client) -00000000 14 03 02 00 01 01 16 03 02 00 24 cf 4f e4 27 b0 |..........$.O.'.| -00000010 3d 17 34 b1 3c 37 6e c5 2b 3d 4a c3 46 50 44 b4 |=.4.<7n.+=J.FPD.| -00000020 de 77 18 10 4f 60 b3 4e dc 06 fd 25 ec 05 15 17 |.w..O`.N...%....| -00000030 03 02 00 21 a5 c9 32 f2 21 fb 94 7e 0d 15 65 fd |...!..2.!..~..e.| -00000040 3e fe e4 c1 a5 e9 88 72 b2 f1 26 39 a6 48 59 97 |>......r..&9.HY.| -00000050 65 e3 f0 cb 46 15 03 02 00 16 4b 02 ec cd ca 30 |e...F.....K....0| -00000060 42 cf 3d a0 4a fa 8e 79 bb ed b0 59 40 9b 2c 1a |B.=.J..y...Y@.,.| diff --git a/ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceECDSA b/ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceECDSA deleted file mode 100644 index 0ab8b8d7..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceECDSA +++ /dev/null @@ -1,91 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 ca 01 00 00 c6 03 03 53 04 f1 3f 5f |...........S..?_| -00000010 f4 ef 1f b3 41 0b 54 e4 4d 56 0a 31 22 b8 5c 73 |....A.T.MV.1".\s| -00000020 a3 cb b5 b2 9d 43 f1 83 bc d3 bd 00 00 32 c0 30 |.....C.......2.0| -00000030 c0 2c c0 28 c0 24 c0 14 c0 0a c0 22 c0 21 00 a3 |.,.(.$.....".!..| -00000040 00 9f 00 6b 00 6a 00 39 00 38 00 88 00 87 c0 32 |...k.j.9.8.....2| -00000050 c0 2e c0 2a c0 26 c0 0f c0 05 00 9d 00 3d 00 35 |...*.&.......=.5| -00000060 01 00 00 6b 00 0b 00 04 03 00 01 02 00 0a 00 34 |...k...........4| -00000070 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00 09 |.2..............| -00000080 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 00 15 |................| -00000090 00 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0f |................| -000000a0 00 10 00 11 00 0d 00 22 00 20 06 01 06 02 06 03 |.......". ......| -000000b0 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03 02 |................| -000000c0 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 01 |...............| ->>> Flow 2 (server to client) -00000000 16 03 03 00 2a 02 00 00 26 03 03 00 00 00 00 00 |....*...&.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 0a 00 16 |................| -00000030 03 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 |..............0.| -00000040 02 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb |..0..b.....-G...| -00000050 f4 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b |.0...*.H.=..0E1.| -00000060 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000070 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000080 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -00000090 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000a0 4c 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 |Ltd0...121122150| -000000b0 36 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 |632Z..2211201506| -000000c0 33 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |32Z0E1.0...U....| -000000d0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000e0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -000000f0 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000100 74 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 |ts Pty Ltd0..0..| -00000110 07 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 |.*.H.=....+...#.| -00000120 81 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e |............Hs6~| -00000130 c3 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 |..V.".=S.;M!=.ku| -00000140 e6 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 |......&.....r2|.| -00000150 64 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a |d/....h#.~..%.H:| -00000160 69 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 |i.(m.7...b....pb| -00000170 83 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b |....d1...1...h..| -00000180 23 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 |#.vd?.\....XX._p| -00000190 dd 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 |............0f[f| -000001a0 9a 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce |. .'...;0...*.H.| -000001b0 3d 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f |=......0...B...O| -000001c0 eb e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 |..E.H}.......Gp.| -000001d0 5e 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee |^../...M.a@.....| -000001e0 0b 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 |.~.~.v..;~.?....| -000001f0 59 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 |Y.G-|..N....o..B| -00000200 01 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 |.M..g..-...?..%.| -00000210 33 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e |3.......7z..z...| -00000220 dd d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 |...i..|V..1x+..x| -00000230 0d ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 |.....N6$1{j.9...| -00000240 8f 2a 16 03 03 00 d8 0c 00 00 d4 03 00 17 41 04 |.*............A.| -00000250 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 5b 12 |..7...Q.5uq..T[.| -00000260 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 28 5e |...g..$ >.V...(^| -00000270 f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 32 42 |.+-O....lK[.V.2B| -00000280 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc 5a 89 |.X..I..h.A.Vk.Z.| -00000290 04 03 00 8b 30 81 88 02 42 00 c6 85 8e 06 b7 04 |....0...B.......| -000002a0 04 e9 cd 9e 3e cb 66 23 95 b4 42 9c 64 81 39 05 |....>.f#..B.d.9.| -000002b0 3f b5 21 f8 28 af 60 6b 4d 3d ba a1 4b 5e 77 ef |?.!.(.`kM=..K^w.| -000002c0 e7 59 28 fe 1d c1 27 a2 ff a8 de 33 48 b3 c1 85 |.Y(...'....3H...| -000002d0 6a 42 9b f9 7e 7e 31 c2 e5 bd 66 02 42 00 ad 7d |jB..~~1...f.B..}| -000002e0 06 35 ab ec 8d ac d4 ba 1b 49 5e 05 5f f0 97 93 |.5.......I^._...| -000002f0 82 b8 2b 8d 91 98 63 8e b4 14 62 db 1e c9 2b 64 |..+...c...b...+d| -00000300 e9 e6 bf 15 5b 67 c2 40 90 c6 1f b7 92 db 4b f6 |....[g.@......K.| -00000310 f4 db ae 82 f1 4f 02 75 52 40 38 10 ff 35 f0 16 |.....O.uR@8..5..| -00000320 03 03 00 04 0e 00 00 00 |........| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 d8 94 c4 05 26 |....F...BA.....&| -00000010 76 29 2d 0e ec 47 b6 50 d5 a3 da 2a ba 02 11 37 |v)-..G.P...*...7| -00000020 3d ef e6 2a db d0 47 47 a7 9a 5f 43 2d 98 78 26 |=..*..GG.._C-.x&| -00000030 81 e2 f1 ba fe f7 66 c6 61 cb c1 b7 60 62 34 a5 |......f.a...`b4.| -00000040 78 67 50 3d 9a 0e 4a 8c 8f d7 10 14 03 03 00 01 |xgP=..J.........| -00000050 01 16 03 03 00 40 5e 46 b0 5d 30 f6 da 8f 9e 67 |.....@^F.]0....g| -00000060 f5 3e bd fe c9 b8 53 b2 10 d5 7c 0e 34 e3 93 6d |.>....S...|.4..m| -00000070 0e 8e 8a 2b df fb 9a 0f a5 23 55 e7 0a 4b e2 d3 |...+.....#U..K..| -00000080 db 15 e8 52 74 26 78 b3 b0 56 65 63 ac ae 1e c0 |...Rt&x..Vec....| -00000090 0b f4 92 56 a9 04 |...V..| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| -00000010 00 00 00 00 00 00 00 00 00 00 00 16 a9 63 0a 99 |.............c..| -00000020 21 8a fc 5c b3 ee 05 71 4e 75 c0 d9 40 54 0d 3e |!..\...qNu..@T.>| -00000030 4e 5d 44 b7 4b 5d a9 e7 5a 30 ed b6 d5 08 50 b1 |N]D.K]..Z0....P.| -00000040 e8 8c 54 eb 1b 39 7a f9 3b ac 2e 17 03 03 00 40 |..T..9z.;......@| -00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000060 96 03 20 2b 20 c4 c1 9a 76 7b f3 96 bd 33 ed e6 |.. + ...v{...3..| -00000070 38 48 ea 53 d5 e0 62 b5 7e 1a 36 a8 dd 9f 2d 4b |8H.S..b.~.6...-K| -00000080 06 0d ae f6 bc 99 14 b3 93 14 27 63 e2 a0 c8 76 |..........'c...v| -00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -000000a0 00 00 00 00 00 48 af e1 e4 11 e1 b7 03 19 b0 e3 |.....H..........| -000000b0 e6 a9 66 d8 ac af aa 03 f6 0d 51 df 9a 27 78 3a |..f.......Q..'x:| -000000c0 56 5a 03 1a 4c |VZ..L| diff --git a/ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceRSA b/ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceRSA deleted file mode 100644 index 88abb15a..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-CipherSuiteCertPreferenceRSA +++ /dev/null @@ -1,101 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 ca 01 00 00 c6 03 03 53 04 f1 3f cc |...........S..?.| -00000010 41 74 00 07 cb ae 3b 30 79 48 51 60 41 a3 8c ab |At....;0yHQ`A...| -00000020 dc 76 f9 74 52 1e c5 fb a9 69 c2 00 00 32 c0 30 |.v.tR....i...2.0| -00000030 c0 2c c0 28 c0 24 c0 14 c0 0a c0 22 c0 21 00 a3 |.,.(.$.....".!..| -00000040 00 9f 00 6b 00 6a 00 39 00 38 00 88 00 87 c0 32 |...k.j.9.8.....2| -00000050 c0 2e c0 2a c0 26 c0 0f c0 05 00 9d 00 3d 00 35 |...*.&.......=.5| -00000060 01 00 00 6b 00 0b 00 04 03 00 01 02 00 0a 00 34 |...k...........4| -00000070 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 00 09 |.2..............| -00000080 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 00 15 |................| -00000090 00 04 00 05 00 12 00 13 00 01 00 02 00 03 00 0f |................| -000000a0 00 10 00 11 00 0d 00 22 00 20 06 01 06 02 06 03 |.......". ......| -000000b0 05 01 05 02 05 03 04 01 04 02 04 03 03 01 03 02 |................| -000000c0 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 01 |...............| ->>> Flow 2 (server to client) -00000000 16 03 03 00 2a 02 00 00 26 03 03 00 00 00 00 00 |....*...&.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 14 00 16 |................| -00000030 03 03 02 be 0b 00 02 ba 00 02 b7 00 02 b4 30 82 |..............0.| -00000040 02 b0 30 82 02 19 a0 03 02 01 02 02 09 00 85 b0 |..0.............| -00000050 bb a4 8a 7f b8 ca 30 0d 06 09 2a 86 48 86 f7 0d |......0...*.H...| -00000060 01 01 05 05 00 30 45 31 0b 30 09 06 03 55 04 06 |.....0E1.0...U..| -00000070 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 |..AU1.0...U....S| -00000080 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 |ome-State1!0...U| -00000090 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 |....Internet Wid| -000000a0 67 69 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d |gits Pty Ltd0...| -000000b0 31 30 30 34 32 34 30 39 30 39 33 38 5a 17 0d 31 |100424090938Z..1| -000000c0 31 30 34 32 34 30 39 30 39 33 38 5a 30 45 31 0b |10424090938Z0E1.| -000000d0 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -000000e0 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -000000f0 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -00000100 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -00000110 4c 74 64 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d |Ltd0..0...*.H...| -00000120 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 |.........0......| -00000130 bb 79 d6 f5 17 b5 e5 bf 46 10 d0 dc 69 be e6 2b |.y......F...i..+| -00000140 07 43 5a d0 03 2d 8a 7a 43 85 b7 14 52 e7 a5 65 |.CZ..-.zC...R..e| -00000150 4c 2c 78 b8 23 8c b5 b4 82 e5 de 1f 95 3b 7e 62 |L,x.#........;~b| -00000160 a5 2c a5 33 d6 fe 12 5c 7a 56 fc f5 06 bf fa 58 |.,.3...\zV.....X| -00000170 7b 26 3f b5 cd 04 d3 d0 c9 21 96 4a c7 f4 54 9f |{&?......!.J..T.| -00000180 5a bf ef 42 71 00 fe 18 99 07 7f 7e 88 7d 7d f1 |Z..Bq......~.}}.| -00000190 04 39 c4 a2 2e db 51 c9 7c e3 c0 4c 3b 32 66 01 |.9....Q.|..L;2f.| -000001a0 cf af b1 1d b8 71 9a 1d db db 89 6b ae da 2d 79 |.....q.....k..-y| -000001b0 02 03 01 00 01 a3 81 a7 30 81 a4 30 1d 06 03 55 |........0..0...U| -000001c0 1d 0e 04 16 04 14 b1 ad e2 85 5a cf cb 28 db 69 |..........Z..(.i| -000001d0 ce 23 69 de d3 26 8e 18 88 39 30 75 06 03 55 1d |.#i..&...90u..U.| -000001e0 23 04 6e 30 6c 80 14 b1 ad e2 85 5a cf cb 28 db |#.n0l......Z..(.| -000001f0 69 ce 23 69 de d3 26 8e 18 88 39 a1 49 a4 47 30 |i.#i..&...9.I.G0| -00000200 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 |E1.0...U....AU1.| -00000210 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 |0...U....Some-St| -00000220 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e |ate1!0...U....In| -00000230 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 |ternet Widgits P| -00000240 74 79 20 4c 74 64 82 09 00 85 b0 bb a4 8a 7f b8 |ty Ltd..........| -00000250 ca 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 |.0...U....0....0| -00000260 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 |...*.H..........| -00000270 81 00 08 6c 45 24 c7 6b b1 59 ab 0c 52 cc f2 b0 |...lE$.k.Y..R...| -00000280 14 d7 87 9d 7a 64 75 b5 5a 95 66 e4 c5 2b 8e ae |....zdu.Z.f..+..| -00000290 12 66 1f eb 4f 38 b3 6e 60 d3 92 fd f7 41 08 b5 |.f..O8.n`....A..| -000002a0 25 13 b1 18 7a 24 fb 30 1d ba ed 98 b9 17 ec e7 |%...z$.0........| -000002b0 d7 31 59 db 95 d3 1d 78 ea 50 56 5c d5 82 5a 2d |.1Y....x.PV\..Z-| -000002c0 5a 5f 33 c4 b6 d8 c9 75 90 96 8c 0f 52 98 b5 cd |Z_3....u....R...| -000002d0 98 1f 89 20 5f f2 a0 1c a3 1b 96 94 dd a9 fd 57 |... _..........W| -000002e0 e9 70 e8 26 6d 71 99 9b 26 6e 38 50 29 6c 90 a7 |.p.&mq..&n8P)l..| -000002f0 bd d9 16 03 03 00 cd 0c 00 00 c9 03 00 17 41 04 |..............A.| -00000300 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 5b 12 |..7...Q.5uq..T[.| -00000310 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 28 5e |...g..$ >.V...(^| -00000320 f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 32 42 |.+-O....lK[.V.2B| -00000330 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc 5a 89 |.X..I..h.A.Vk.Z.| -00000340 04 01 00 80 9d 84 09 35 73 fb f6 ea 94 7b 49 fb |.......5s....{I.| -00000350 c2 70 b1 11 64 5b 93 9f d9 8c f5 56 98 f6 d3 66 |.p..d[.....V...f| -00000360 a6 1d 18 56 88 87 71 3f b0 38 9d 44 1f ad 2c 0d |...V..q?.8.D..,.| -00000370 3a a7 e8 d4 3e 33 3c 41 20 f3 3f 5c e5 fb e3 23 |:...>36as.d...mP| -000003b0 33 55 c7 e1 c5 a5 4c 32 5c 95 dc 07 43 60 49 11 |3U....L2\...C`I.| -000003c0 e9 98 cc ba 16 03 03 00 04 0e 00 00 00 |.............| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 28 02 84 d5 b4 |....F...BA.(....| -00000010 58 07 47 d5 a0 d6 0b 1d 37 91 e6 34 a4 ad 0b ad |X.G.....7..4....| -00000020 22 01 82 77 a7 32 86 78 83 3a da 75 2f e5 68 7a |"..w.2.x.:.u/.hz| -00000030 de e4 05 e0 02 47 40 4e 38 d2 2c c3 7b da 53 73 |.....G@N8.,.{.Ss| -00000040 19 cb 8b 73 34 72 4d 33 71 39 c8 14 03 03 00 01 |...s4rM3q9......| -00000050 01 16 03 03 00 40 10 63 43 76 83 bd 36 e4 1e 4d |.....@.cCv..6..M| -00000060 7e 13 b0 ac aa c8 ec 90 31 df 84 46 49 68 39 5a |~.......1..FIh9Z| -00000070 05 8b 73 32 86 15 3a 18 57 d8 e2 2c 2d 05 89 93 |..s2..:.W..,-...| -00000080 37 b8 dd 73 33 92 ff a7 b2 53 27 94 b7 25 56 64 |7..s3....S'..%Vd| -00000090 a1 d3 2c f7 6b 71 |..,.kq| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| -00000010 00 00 00 00 00 00 00 00 00 00 00 21 5c 31 b1 4b |...........!\1.K| -00000020 96 96 30 8f 79 35 3a 3a 2d 26 67 d0 70 48 be 30 |..0.y5::-&g.pH.0| -00000030 f8 3e e8 c1 cb 1d d5 89 f6 9c 72 bb 1c f9 4d 90 |.>........r...M.| -00000040 9c d7 c6 fa 40 76 a5 61 46 61 24 17 03 03 00 40 |....@v.aFa$....@| -00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000060 94 8a 14 04 06 b9 30 a0 67 fd b2 4c 84 f4 10 93 |......0.g..L....| -00000070 7d d4 2b 23 f0 e9 62 93 c2 20 a2 f2 7c 07 21 4b |}.+#..b.. ..|.!K| -00000080 94 ba 7b 7d cb 77 da 85 93 bd 53 ee ca db 9b 3e |..{}.w....S....>| -00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -000000a0 00 00 00 00 00 17 3f 53 8d b3 35 b4 84 ed bb 12 |......?S..5.....| -000000b0 cf 73 25 25 7c c3 d3 bb 1f 5a 6b 73 9a 8a b1 a2 |.s%%|....Zks....| -000000c0 ba 99 f8 0e 43 |....C| diff --git a/ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven b/ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven deleted file mode 100644 index 547f7983..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven +++ /dev/null @@ -1,122 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 5c 01 00 00 58 03 03 52 cc 57 59 65 |....\...X..R.WYe| -00000010 ae b3 ec a4 7a 05 f7 ec 39 22 7d 8c 91 96 6b e0 |....z...9"}...k.| -00000020 69 81 ff 88 28 17 60 ac 94 19 ff 00 00 04 00 05 |i...(.`.........| -00000030 00 ff 01 00 00 2b 00 0d 00 22 00 20 06 01 06 02 |.....+...". ....| -00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000050 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -00000060 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 0f 0d 00 |n8P)l...........| -00000300 00 0b 02 01 40 00 04 04 01 04 03 00 00 16 03 03 |....@...........| -00000310 00 04 0e 00 00 00 |......| ->>> Flow 3 (client to server) -00000000 16 03 03 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| -00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| -00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| -00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| -00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| -00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| -00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| -00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| -00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| -00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| -000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| -000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| -000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| -000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| -000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| -000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| -00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| -00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| -00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| -00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| -00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| -00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| -00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| -00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| -00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| -00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| -000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| -000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| -000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| -000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| -000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| -000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| -00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| -00000210 03 03 00 86 10 00 00 82 00 80 47 5a 2f b8 78 46 |..........GZ/.xF| -00000220 9f 3c fc ab 8b 35 c9 77 da c3 96 78 31 7c 2b 4f |.<...5.w...x1|+O| -00000230 56 be 0f 33 bd 17 bc 1c 86 5a ae b3 0f 8b 18 2f |V..3.....Z...../| -00000240 48 0d e0 0a 20 d3 53 96 88 d2 8a 7d b6 58 13 44 |H... .S....}.X.D| -00000250 a5 e8 19 6d 02 df a6 1b 79 c5 54 c2 ef 4d 41 4f |...m....y.T..MAO| -00000260 04 1c eb 37 55 b7 2b f4 7c 6d 37 9c f1 89 a0 2c |...7U.+.|m7....,| -00000270 0f ba 10 09 e4 a1 ee 0a 7e 9a fd 2c 32 63 1c 55 |........~..,2c.U| -00000280 85 38 de d0 7b 5f 46 03 1f cc 4d 69 51 97 d8 d7 |.8..{_F...MiQ...| -00000290 88 6f ba 43 04 b0 42 09 61 5e 16 03 03 00 92 0f |.o.C..B.a^......| -000002a0 00 00 8e 04 03 00 8a 30 81 87 02 41 14 3d 4c 71 |.......0...A.=Lq| -000002b0 c2 32 4a 20 ee b7 69 17 55 e8 99 55 11 76 51 7a |.2J ..i.U..U.vQz| -000002c0 74 55 e7 e8 c3 3b b3 70 db 1c 8e f6 8a d4 99 40 |tU...;.p.......@| -000002d0 6e da 04 fd 7a 47 41 d6 ae c0 63 ad fd 91 a8 58 |n...zGA...c....X| -000002e0 24 b9 ac 2f 7a 4c bf 5b 24 12 cb 3a f3 02 42 00 |$../zL.[$..:..B.| -000002f0 90 f9 48 97 0e d4 33 99 09 9f 1d a8 97 16 60 82 |..H...3.......`.| -00000300 85 cc 5a 5d 79 f7 2f 03 2a c0 b8 12 61 ac 9f 88 |..Z]y./.*...a...| -00000310 1d 0d 9e 0a ee 28 a8 5a e2 42 b7 94 e2 e6 0e 13 |.....(.Z.B......| -00000320 c8 64 dc 4e d3 6b 10 d6 83 41 9c dc d4 53 c3 08 |.d.N.k...A...S..| -00000330 19 14 03 03 00 01 01 16 03 03 00 24 ef bd e3 23 |...........$...#| -00000340 10 23 ae 6e b5 12 eb 9c 21 78 db 36 fd bf 7f ee |.#.n....!x.6....| -00000350 6f c8 00 2d b6 35 cc 2f 38 73 ae a4 34 cf 0d df |o..-.5./8s..4...| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 a7 50 0f 50 b4 |..........$.P.P.| -00000010 1c c3 4d f3 7a 64 df 65 ac 35 22 13 46 cc ec 36 |..M.zd.e.5".F..6| -00000020 e6 d2 f3 67 94 6a 18 85 9f 4a 3c 44 a3 58 b0 17 |...g.j...J>> Flow 1 (client to server) -00000000 16 03 01 00 5c 01 00 00 58 03 03 52 cc 57 59 6b |....\...X..R.WYk| -00000010 11 07 04 39 77 20 c2 b4 3f cb 0a c9 53 fe 5b 3e |...9w ..?...S.[>| -00000020 5f 58 2c 7e 30 69 e1 8e 6c 9d c8 00 00 04 00 05 |_X,~0i..l.......| -00000030 00 ff 01 00 00 2b 00 0d 00 22 00 20 06 01 06 02 |.....+...". ....| -00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000050 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -00000060 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 0f 0d 00 |n8P)l...........| -00000300 00 0b 02 01 40 00 04 04 01 04 03 00 00 16 03 03 |....@...........| -00000310 00 04 0e 00 00 00 |......| ->>> Flow 3 (client to server) -00000000 16 03 03 01 fb 0b 00 01 f7 00 01 f4 00 01 f1 30 |...............0| -00000010 82 01 ed 30 82 01 58 a0 03 02 01 02 02 01 00 30 |...0..X........0| -00000020 0b 06 09 2a 86 48 86 f7 0d 01 01 05 30 26 31 10 |...*.H......0&1.| -00000030 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f |0...U....Acme Co| -00000040 31 12 30 10 06 03 55 04 03 13 09 31 32 37 2e 30 |1.0...U....127.0| -00000050 2e 30 2e 31 30 1e 17 0d 31 31 31 32 30 38 30 37 |.0.10...11120807| -00000060 35 35 31 32 5a 17 0d 31 32 31 32 30 37 30 38 30 |5512Z..121207080| -00000070 30 31 32 5a 30 26 31 10 30 0e 06 03 55 04 0a 13 |012Z0&1.0...U...| -00000080 07 41 63 6d 65 20 43 6f 31 12 30 10 06 03 55 04 |.Acme Co1.0...U.| -00000090 03 13 09 31 32 37 2e 30 2e 30 2e 31 30 81 9c 30 |...127.0.0.10..0| -000000a0 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 8c 00 |...*.H..........| -000000b0 30 81 88 02 81 80 4e d0 7b 31 e3 82 64 d9 59 c0 |0.....N.{1..d.Y.| -000000c0 c2 87 a4 5e 1e 8b 73 33 c7 63 53 df 66 92 06 84 |...^..s3.cS.f...| -000000d0 f6 64 d5 8f e4 36 a7 1d 2b e8 b3 20 36 45 23 b5 |.d...6..+.. 6E#.| -000000e0 e3 95 ae ed e0 f5 20 9c 8d 95 df 7f 5a 12 ef 87 |...... .....Z...| -000000f0 e4 5b 68 e4 e9 0e 74 ec 04 8a 7f de 93 27 c4 01 |.[h...t......'..| -00000100 19 7a bd f2 dc 3d 14 ab d0 54 ca 21 0c d0 4d 6e |.z...=...T.!..Mn| -00000110 87 2e 5c c5 d2 bb 4d 4b 4f ce b6 2c f7 7e 88 ec |..\...MKO..,.~..| -00000120 7c d7 02 91 74 a6 1e 0c 1a da e3 4a 5a 2e de 13 ||...t......JZ...| -00000130 9c 4c 40 88 59 93 02 03 01 00 01 a3 32 30 30 30 |.L@.Y.......2000| -00000140 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 00 a0 30 |...U...........0| -00000150 0d 06 03 55 1d 0e 04 06 04 04 01 02 03 04 30 0f |...U..........0.| -00000160 06 03 55 1d 23 04 08 30 06 80 04 01 02 03 04 30 |..U.#..0.......0| -00000170 0b 06 09 2a 86 48 86 f7 0d 01 01 05 03 81 81 00 |...*.H..........| -00000180 36 1f b3 7a 0c 75 c9 6e 37 46 61 2b d5 bd c0 a7 |6..z.u.n7Fa+....| -00000190 4b cc 46 9a 81 58 7c 85 79 29 c8 c8 c6 67 dd 32 |K.F..X|.y)...g.2| -000001a0 56 45 2b 75 b6 e9 24 a9 50 9a be 1f 5a fa 1a 15 |VE+u..$.P...Z...| -000001b0 d9 cc 55 95 72 16 83 b9 c2 b6 8f fd 88 8c 38 84 |..U.r.........8.| -000001c0 1d ab 5d 92 31 13 4f fd 83 3b c6 9d f1 11 62 b6 |..].1.O..;....b.| -000001d0 8b ec ab 67 be c8 64 b0 11 50 46 58 17 6b 99 1c |...g..d..PFX.k..| -000001e0 d3 1d fc 06 f1 0e e5 96 a8 0c f9 78 20 b7 44 18 |...........x .D.| -000001f0 51 8d 10 7e 4f 94 67 df a3 4e 70 73 8e 90 91 85 |Q..~O.g..Nps....| -00000200 16 03 03 00 86 10 00 00 82 00 80 44 89 7d aa 26 |...........D.}.&| -00000210 30 ce 6b db 25 70 b0 1e 16 fa 5b 3a dd 4a 4b bd |0.k.%p....[:.JK.| -00000220 ec ee 50 9d 21 ba 52 b5 51 4f a8 65 d8 2e 41 e2 |..P.!.R.QO.e..A.| -00000230 e1 dc f3 1a df 58 4f 87 7a d3 e1 e1 1c 13 b2 0b |.....XO.z.......| -00000240 b7 43 b7 92 f2 df 19 bb 79 71 e0 71 44 ab 19 2f |.C......yq.qD../| -00000250 37 11 ac 62 50 b6 f1 53 fe aa b4 bc 29 8e 0b 4c |7..bP..S....)..L| -00000260 0b 12 8d d5 84 a9 fa a9 ea 16 aa c3 0d da 32 c8 |..............2.| -00000270 e0 4c 9f 99 f8 69 cd a8 c3 b1 76 42 67 f3 ff 15 |.L...i....vBg...| -00000280 52 95 43 66 da 49 43 25 9d e5 eb 16 03 03 00 88 |R.Cf.IC%........| -00000290 0f 00 00 84 04 01 00 80 01 d5 0e 1c 75 97 89 52 |............u..R| -000002a0 1a f0 cc ef 93 6e 71 b2 b1 38 8c 50 11 f7 a3 02 |.....nq..8.P....| -000002b0 71 c4 d5 6f 8d 01 83 06 2e ea 5a 10 8a 0d d0 fc |q..o......Z.....| -000002c0 b6 a2 63 af 4f 99 b5 eb ab fd 01 c2 fb 26 fc fd |..c.O........&..| -000002d0 ad 2c b3 63 b3 87 a6 f5 14 ea 7d e7 fe a8 e7 7e |.,.c......}....~| -000002e0 20 ab b9 f6 c3 58 bd c0 f3 96 eb 83 dc 42 6c 0d | ....X.......Bl.| -000002f0 5e e8 09 55 c7 b8 24 05 dd e1 7c af 9f 2c 22 6c |^..U..$...|..,"l| -00000300 fa b8 94 13 3b f1 09 e1 38 59 fc a1 8c cb aa ca |....;...8Y......| -00000310 f8 e0 2a 9c 36 f9 c3 2b 14 03 03 00 01 01 16 03 |..*.6..+........| -00000320 03 00 24 d0 12 7c cc d2 3e 37 1f f4 7d b4 c0 fc |..$..|..>7..}...| -00000330 19 f6 c8 ea 62 12 e0 0d af 62 d4 69 f7 96 5a c0 |....b....b.i..Z.| -00000340 97 d3 bb b0 a3 f7 3f |......?| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 cd 20 85 1e 74 |..........$. ..t| -00000010 18 b2 71 48 d5 10 61 c6 b0 18 26 83 c2 7f f1 b1 |..qH..a...&.....| -00000020 2f b5 35 d0 47 a8 99 9a 9a a5 62 64 fb f9 29 17 |/.5.G.....bd..).| -00000030 03 03 00 21 22 7b ed 61 e3 9b 6d 98 b9 23 98 e3 |...!"{.a..m..#..| -00000040 55 11 b8 0f 7e 2b e1 c1 d4 f1 83 79 c3 f8 03 f0 |U...~+.....y....| -00000050 02 5c 61 24 d7 15 03 03 00 16 14 2b a3 5a 56 f0 |.\a$.......+.ZV.| -00000060 92 da d0 e6 32 91 d8 30 7a b4 d0 a2 93 f5 01 ea |....2..0z.......| diff --git a/ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven b/ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven deleted file mode 100644 index 562fe1aa..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven +++ /dev/null @@ -1,81 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 5c 01 00 00 58 03 03 52 cc 57 59 1b |....\...X..R.WY.| -00000010 08 fe f7 8a bf 07 84 2b 60 a6 13 2d 15 13 f8 b6 |.......+`..-....| -00000020 d4 b6 3b f2 7a 98 ff 32 a0 68 7c 00 00 04 00 05 |..;.z..2.h|.....| -00000030 00 ff 01 00 00 2b 00 0d 00 22 00 20 06 01 06 02 |.....+...". ....| -00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000050 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -00000060 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 0f 0d 00 |n8P)l...........| -00000300 00 0b 02 01 40 00 04 04 01 04 03 00 00 16 03 03 |....@...........| -00000310 00 04 0e 00 00 00 |......| ->>> Flow 3 (client to server) -00000000 16 03 03 00 07 0b 00 00 03 00 00 00 16 03 03 00 |................| -00000010 86 10 00 00 82 00 80 6b 51 48 d3 18 7d 30 e0 0c |.......kQH..}0..| -00000020 20 8d f3 e4 39 47 30 0e a5 85 79 f9 8b 11 50 9e | ...9G0...y...P.| -00000030 81 71 5c 26 c6 bb cb aa d5 00 d1 89 79 b1 77 2d |.q\&........y.w-| -00000040 eb 9b 86 7c 52 c6 f7 b7 10 b0 b6 94 22 51 b8 12 |...|R......."Q..| -00000050 3c 09 35 8e 1b cc f4 3b b7 b8 78 ab 89 59 41 49 |<.5....;..x..YAI| -00000060 21 31 eb f0 f8 94 63 3d e6 96 8f b6 63 95 05 dd |!1....c=....c...| -00000070 46 b3 00 8a d6 83 75 99 1b 5a 48 0a 23 b5 10 c1 |F.....u..ZH.#...| -00000080 95 b5 bc 15 72 b5 f5 a0 62 e2 1d c0 ff d2 87 a5 |....r...b.......| -00000090 97 5c 33 49 a7 26 35 14 03 03 00 01 01 16 03 03 |.\3I.&5.........| -000000a0 00 24 61 38 1f 9d fb d9 65 2e 02 07 fb be f9 85 |.$a8....e.......| -000000b0 8d 15 34 c0 d1 0e 4e 10 3c 25 60 2f ac 04 21 66 |..4...N.<%`/..!f| -000000c0 04 9d 9a 60 31 72 |...`1r| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 fe 0e 3e 84 af |..........$..>..| -00000010 e5 6b 10 ed 41 9c 2b e0 ba e0 2b 53 61 36 1b 40 |.k..A.+...+Sa6.@| -00000020 35 de 3a c7 c3 5c df 74 67 f7 05 74 84 f5 e1 17 |5.:..\.tg..t....| -00000030 03 03 00 21 d3 8d 81 85 b7 1f 30 bd 89 33 f9 81 |...!......0..3..| -00000040 89 f7 af d1 be b0 c1 46 e3 df 32 f6 dc 2f 4d 82 |.......F..2../M.| -00000050 0a 84 9f 5b 03 15 03 03 00 16 13 af 37 91 82 67 |...[........7..g| -00000060 b0 7c 5e 0e ec 8e cc 31 a0 ea a5 72 a4 2b 0b 73 |.|^....1...r.+.s| diff --git a/ztools/ztls/testdata/Server-TLSv12-ECDHE-ECDSA-AES b/ztools/ztls/testdata/Server-TLSv12-ECDHE-ECDSA-AES deleted file mode 100644 index aacbb867..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-ECDHE-ECDSA-AES +++ /dev/null @@ -1,89 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 9c 01 00 00 98 03 03 53 04 f0 f9 09 |...........S....| -00000010 13 56 01 37 84 b1 32 59 4c 73 b1 8e bb 02 1a 32 |.V.7..2YLs.....2| -00000020 db ab 8c e6 ed ad 7f 52 9a 59 39 00 00 04 c0 0a |.......R.Y9.....| -00000030 00 ff 01 00 00 6b 00 0b 00 04 03 00 01 02 00 0a |.....k..........| -00000040 00 34 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 |.4.2............| -00000050 00 09 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 |................| -00000060 00 15 00 04 00 05 00 12 00 13 00 01 00 02 00 03 |................| -00000070 00 0f 00 10 00 11 00 0d 00 22 00 20 06 01 06 02 |.........". ....| -00000080 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000090 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -000000a0 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 0a 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 0e 0b 00 02 0a 00 |................| -00000040 02 07 00 02 04 30 82 02 00 30 82 01 62 02 09 00 |.....0...0..b...| -00000050 b8 bf 2d 47 a0 d2 eb f4 30 09 06 07 2a 86 48 ce |..-G....0...*.H.| -00000060 3d 04 01 30 45 31 0b 30 09 06 03 55 04 06 13 02 |=..0E1.0...U....| -00000070 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -00000080 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000090 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -000000a0 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d 31 32 |ts Pty Ltd0...12| -000000b0 31 31 32 32 31 35 30 36 33 32 5a 17 0d 32 32 31 |1122150632Z..221| -000000c0 31 32 30 31 35 30 36 33 32 5a 30 45 31 0b 30 09 |120150632Z0E1.0.| -000000d0 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 |..U....AU1.0...U| -000000e0 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 |....Some-State1!| -000000f0 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 |0...U....Interne| -00000100 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 |t Widgits Pty Lt| -00000110 64 30 81 9b 30 10 06 07 2a 86 48 ce 3d 02 01 06 |d0..0...*.H.=...| -00000120 05 2b 81 04 00 23 03 81 86 00 04 00 c4 a1 ed be |.+...#..........| -00000130 98 f9 0b 48 73 36 7e c3 16 56 11 22 f2 3d 53 c3 |...Hs6~..V.".=S.| -00000140 3b 4d 21 3d cd 6b 75 e6 f6 b0 dc 9a df 26 c1 bc |;M!=.ku......&..| -00000150 b2 87 f0 72 32 7c b3 64 2f 1c 90 bc ea 68 23 10 |...r2|.d/....h#.| -00000160 7e fe e3 25 c0 48 3a 69 e0 28 6d d3 37 00 ef 04 |~..%.H:i.(m.7...| -00000170 62 dd 0d a0 9c 70 62 83 d8 81 d3 64 31 aa 9e 97 |b....pb....d1...| -00000180 31 bd 96 b0 68 c0 9b 23 de 76 64 3f 1a 5c 7f e9 |1...h..#.vd?.\..| -00000190 12 0e 58 58 b6 5f 70 dd 9b d8 ea d5 d7 f5 d5 cc |..XX._p.........| -000001a0 b9 b6 9f 30 66 5b 66 9a 20 e2 27 e5 bf fe 3b 30 |...0f[f. .'...;0| -000001b0 09 06 07 2a 86 48 ce 3d 04 01 03 81 8c 00 30 81 |...*.H.=......0.| -000001c0 88 02 42 01 88 a2 4f eb e2 45 c5 48 7d 1b ac f5 |..B...O..E.H}...| -000001d0 ed 98 9d ae 47 70 c0 5e 1b b6 2f bd f1 b6 4d b7 |....Gp.^../...M.| -000001e0 61 40 d3 11 a2 ce ee 0b 7e 92 7e ff 76 9d c3 3b |a@......~.~.v..;| -000001f0 7e a5 3f ce fa 10 e2 59 ec 47 2d 7c ac da 4e 97 |~.?....Y.G-|..N.| -00000200 0e 15 a0 6f d0 02 42 01 4d fc be 67 13 9c 2d 05 |...o..B.M..g..-.| -00000210 0e bd 3f a3 8c 25 c1 33 13 83 0d 94 06 bb d4 37 |..?..%.3.......7| -00000220 7a f6 ec 7a c9 86 2e dd d7 11 69 7f 85 7c 56 de |z..z......i..|V.| -00000230 fb 31 78 2b e4 c7 78 0d ae cb be 9e 4e 36 24 31 |.1x+..x.....N6$1| -00000240 7b 6a 0f 39 95 12 07 8f 2a 16 03 03 00 d8 0c 00 |{j.9....*.......| -00000250 00 d4 03 00 17 41 04 1e 18 37 ef 0d 19 51 88 35 |.....A...7...Q.5| -00000260 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 24 20 3e |uq..T[....g..$ >| -00000270 b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 07 9f 6c |.V...(^.+-O....l| -00000280 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 b5 68 1a |K[.V.2B.X..I..h.| -00000290 41 03 56 6b dc 5a 89 04 03 00 8b 30 81 88 02 42 |A.Vk.Z.....0...B| -000002a0 00 c6 85 8e 06 b7 04 04 e9 cd 9e 3e cb 66 23 95 |...........>.f#.| -000002b0 b4 42 9c 64 81 39 05 3f b5 21 f8 28 af 60 6b 4d |.B.d.9.?.!.(.`kM| -000002c0 3d ba a1 4b 5e 77 ef e7 59 28 fe 1d c1 27 a2 ff |=..K^w..Y(...'..| -000002d0 a8 de 33 48 b3 c1 85 6a 42 9b f9 7e 7e 31 c2 e5 |..3H...jB..~~1..| -000002e0 bd 66 02 42 00 ad 7d 06 35 ab ec 8d ac d4 ba 1b |.f.B..}.5.......| -000002f0 49 5e 05 5f f0 97 93 82 b8 2b 8d 91 98 63 8e b4 |I^._.....+...c..| -00000300 14 62 db 1e c9 2c 13 ae b7 d3 17 38 23 2f f6 7f |.b...,.....8#/..| -00000310 0c 4d d3 33 d2 79 d1 77 ee cb b1 c2 fc 34 b8 69 |.M.3.y.w.....4.i| -00000320 f9 10 8b 61 89 85 16 03 03 00 04 0e 00 00 00 |...a...........| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 dd 22 68 a1 4e |....F...BA.."h.N| -00000010 04 1b 47 f9 c5 7d 04 1d d8 fe 84 fa be 31 2e a7 |..G..}.......1..| -00000020 f8 e5 b8 14 92 44 99 11 0e 34 97 fc e5 b1 91 cf |.....D...4......| -00000030 a4 d1 3f b4 71 94 c6 06 16 f0 98 c0 3e 05 f9 2f |..?.q.......>../| -00000040 0a 97 78 3d ef dc fa a2 d7 ee 7d 14 03 03 00 01 |..x=......}.....| -00000050 01 16 03 03 00 40 90 bf 7f e9 c9 6e d1 80 f5 12 |.....@.....n....| -00000060 6d c5 b7 c5 15 4b 18 a5 d3 18 1e f8 8c 4d 7e 6d |m....K.......M~m| -00000070 03 60 29 7c 45 7c b2 ca 8c 07 71 70 aa 23 fa 6e |.`)|E|....qp.#.n| -00000080 d9 0b 0a 32 4c 9e e5 00 f9 19 9b b6 8d dc d3 67 |...2L..........g| -00000090 3d 0f bb b8 4b 9e |=...K.| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| -00000010 00 00 00 00 00 00 00 00 00 00 00 a1 6e e5 d1 ca |............n...| -00000020 03 f4 77 dc ec ee 5d f0 22 5e 7f 55 1a 8d ad 45 |..w...]."^.U...E| -00000030 09 f1 3b b2 61 36 dc 3d 2a 1e 1f e5 a7 84 76 a9 |..;.a6.=*.....v.| -00000040 41 5b 86 03 ac 22 18 20 9b a9 29 17 03 03 00 40 |A[...". ..)....@| -00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000060 f5 cb 28 1e b5 bc 82 7f 82 38 54 14 e8 b9 6d 3b |..(......8T...m;| -00000070 bc 99 d6 0e f9 00 96 99 a8 92 2e 86 9d 62 4e 90 |.............bN.| -00000080 27 52 58 45 20 93 90 a1 f3 a8 89 2b e7 21 24 16 |'RXE ......+.!$.| -00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -000000a0 00 00 00 00 00 a8 2a ab 8f b0 ce 49 8b fd a5 c9 |......*....I....| -000000b0 11 b2 04 83 18 f3 1d 6c 82 34 1d df dd 2f 45 3b |.......l.4.../E;| -000000c0 27 8a 0f 16 69 |'...i| diff --git a/ztools/ztls/testdata/Server-TLSv12-IssueTicket b/ztools/ztls/testdata/Server-TLSv12-IssueTicket deleted file mode 100644 index e3e62f22..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-IssueTicket +++ /dev/null @@ -1,87 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 60 01 00 00 5c 03 03 52 cc 57 59 7e |....`...\..R.WY~| -00000010 43 5c 3b fd 50 ab 61 3f 64 a4 f9 bd ba 8c 28 e1 |C\;.P.a?d.....(.| -00000020 f9 a1 45 7e 48 9e 62 af 25 de 0e 00 00 04 00 05 |..E~H.b.%.......| -00000030 00 ff 01 00 00 2f 00 23 00 00 00 0d 00 22 00 20 |...../.#.....". | -00000040 06 01 06 02 06 03 05 01 05 02 05 03 04 01 04 02 |................| -00000050 04 03 03 01 03 02 03 03 02 01 02 02 02 03 01 01 |................| -00000060 00 0f 00 01 01 |.....| ->>> Flow 2 (server to client) -00000000 16 03 03 00 35 02 00 00 31 03 03 00 00 00 00 00 |....5...1.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 09 00 23 00 00 ff 01 00 01 00 16 03 03 02 be 0b |..#.............| -00000040 00 02 ba 00 02 b7 00 02 b4 30 82 02 b0 30 82 02 |.........0...0..| -00000050 19 a0 03 02 01 02 02 09 00 85 b0 bb a4 8a 7f b8 |................| -00000060 ca 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 |.0...*.H........| -00000070 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 |0E1.0...U....AU1| -00000080 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 |.0...U....Some-S| -00000090 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 |tate1!0...U....I| -000000a0 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 |nternet Widgits | -000000b0 50 74 79 20 4c 74 64 30 1e 17 0d 31 30 30 34 32 |Pty Ltd0...10042| -000000c0 34 30 39 30 39 33 38 5a 17 0d 31 31 30 34 32 34 |4090938Z..110424| -000000d0 30 39 30 39 33 38 5a 30 45 31 0b 30 09 06 03 55 |090938Z0E1.0...U| -000000e0 04 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 |....AU1.0...U...| -000000f0 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 |.Some-State1!0..| -00000100 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 |.U....Internet W| -00000110 69 64 67 69 74 73 20 50 74 79 20 4c 74 64 30 81 |idgits Pty Ltd0.| -00000120 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 |.0...*.H........| -00000130 03 81 8d 00 30 81 89 02 81 81 00 bb 79 d6 f5 17 |....0.......y...| -00000140 b5 e5 bf 46 10 d0 dc 69 be e6 2b 07 43 5a d0 03 |...F...i..+.CZ..| -00000150 2d 8a 7a 43 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 |-.zC...R..eL,x.#| -00000160 8c b5 b4 82 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 |........;~b.,.3.| -00000170 fe 12 5c 7a 56 fc f5 06 bf fa 58 7b 26 3f b5 cd |..\zV.....X{&?..| -00000180 04 d3 d0 c9 21 96 4a c7 f4 54 9f 5a bf ef 42 71 |....!.J..T.Z..Bq| -00000190 00 fe 18 99 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e |......~.}}..9...| -000001a0 db 51 c9 7c e3 c0 4c 3b 32 66 01 cf af b1 1d b8 |.Q.|..L;2f......| -000001b0 71 9a 1d db db 89 6b ae da 2d 79 02 03 01 00 01 |q.....k..-y.....| -000001c0 a3 81 a7 30 81 a4 30 1d 06 03 55 1d 0e 04 16 04 |...0..0...U.....| -000001d0 14 b1 ad e2 85 5a cf cb 28 db 69 ce 23 69 de d3 |.....Z..(.i.#i..| -000001e0 26 8e 18 88 39 30 75 06 03 55 1d 23 04 6e 30 6c |&...90u..U.#.n0l| -000001f0 80 14 b1 ad e2 85 5a cf cb 28 db 69 ce 23 69 de |......Z..(.i.#i.| -00000200 d3 26 8e 18 88 39 a1 49 a4 47 30 45 31 0b 30 09 |.&...9.I.G0E1.0.| -00000210 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 |..U....AU1.0...U| -00000220 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 |....Some-State1!| -00000230 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 |0...U....Interne| -00000240 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 |t Widgits Pty Lt| -00000250 64 82 09 00 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 |d...........0...| -00000260 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 |U....0....0...*.| -00000270 48 86 f7 0d 01 01 05 05 00 03 81 81 00 08 6c 45 |H.............lE| -00000280 24 c7 6b b1 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a |$.k.Y..R.......z| -00000290 64 75 b5 5a 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f |du.Z.f..+...f..O| -000002a0 38 b3 6e 60 d3 92 fd f7 41 08 b5 25 13 b1 18 7a |8.n`....A..%...z| -000002b0 24 fb 30 1d ba ed 98 b9 17 ec e7 d7 31 59 db 95 |$.0.........1Y..| -000002c0 d3 1d 78 ea 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 |..x.PV\..Z-Z_3..| -000002d0 d8 c9 75 90 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f |..u....R...... _| -000002e0 f2 a0 1c a3 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d |..........W.p.&m| -000002f0 71 99 9b 26 6e 38 50 29 6c 90 a7 bd d9 16 03 03 |q..&n8P)l.......| -00000300 00 04 0e 00 00 00 |......| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 6e 2e 79 82 3a |...........n.y.:| -00000010 c4 68 72 f5 a2 42 3d 71 f9 ec 22 8c 0b fa f0 82 |.hr..B=q..".....| -00000020 82 c0 cb fc 52 0a 51 03 04 8c eb 4a 4e 4f b6 49 |....R.Q....JNO.I| -00000030 ef 94 65 21 3c f7 9d 46 85 6e 35 d5 17 6b ff a3 |..e!<..F.n5..k..| -00000040 5e 4d c1 36 1a 2f 68 f5 06 d4 2d 73 4f 1c 3b 7b |^M.6./h...-sO.;{| -00000050 c1 fa 4e 7e 7c f9 6c 13 a6 f4 3a 43 e9 aa be 22 |..N~|.l...:C..."| -00000060 85 6f 2f 7c 5b b0 08 e2 86 b2 ae cb a9 12 d8 32 |.o/|[..........2| -00000070 80 1d e4 2e 5d c3 66 d1 19 e5 89 33 2a 88 24 40 |....].f....3*.$@| -00000080 2a 6d 6b b5 f1 92 4b 66 06 b8 49 14 03 03 00 01 |*mk...Kf..I.....| -00000090 01 16 03 03 00 24 16 49 e2 a0 67 31 cf 0d 72 cb |.....$.I..g1..r.| -000000a0 ac 16 2c 80 37 71 69 f7 5f c4 d3 00 19 b7 4b fb |..,.7qi._.....K.| -000000b0 e5 e9 74 8e 30 b3 1c c5 ae e6 |..t.0.....| ->>> Flow 4 (server to client) -00000000 16 03 03 00 72 04 00 00 6e 00 00 00 00 00 68 00 |....r...n.....h.| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 65 |...............e| -00000020 ea 4b d1 ef ba 06 38 1e e1 88 82 3a cd 03 ac 3b |.K....8....:...;| -00000030 39 0a e0 19 fd af 6c 57 30 df 31 6e f7 92 38 4b |9.....lW0.1n..8K| -00000040 5d 77 90 39 ff 32 51 f5 ed 12 d7 b0 7c 4d 6c c5 |]w.9.2Q.....|Ml.| -00000050 76 e4 72 48 3e 59 23 fe 0d 15 df f4 ba ea b9 67 |v.rH>Y#........g| -00000060 16 23 8f 7d 15 b6 11 f1 ab d7 d4 cd a3 21 82 92 |.#.}.........!..| -00000070 2a 12 cf 95 f3 60 b2 14 03 03 00 01 01 16 03 03 |*....`..........| -00000080 00 24 89 ad 87 04 4f 08 dc 2a 71 37 fb f1 95 d1 |.$....O..*q7....| -00000090 2e 3c c2 6e 0f 38 5d e4 0e c3 f7 27 d0 46 a3 c1 |.<.n.8]....'.F..| -000000a0 a8 3b 06 ed 96 ec 17 03 03 00 21 30 d4 9f 0b 49 |.;........!0...I| -000000b0 9f a2 a8 a1 2c 0a 79 93 56 2d 8a ee 85 ed 62 42 |....,.y.V-....bB| -000000c0 8c 18 fe 7a 09 3a 24 c4 5e ed 7d 2a 15 03 03 00 |...z.:$.^.}*....| -000000d0 16 a0 24 0a 8b 90 4c fc 99 ba 67 bb 04 1e 59 69 |..$...L...g...Yi| -000000e0 c2 98 49 b5 00 0b e0 |..I....| diff --git a/ztools/ztls/testdata/Server-TLSv12-IssueTicketPreDisable b/ztools/ztls/testdata/Server-TLSv12-IssueTicketPreDisable deleted file mode 100644 index 30f00268..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-IssueTicketPreDisable +++ /dev/null @@ -1,87 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 60 01 00 00 5c 03 03 54 23 54 02 17 |....`...\..T#T..| -00000010 f3 53 13 3d 48 88 c3 19 b9 d1 3d 33 7f f5 99 56 |.S.=H.....=3...V| -00000020 04 71 1b d9 d5 64 8a 0d 4a 54 00 00 00 04 00 05 |.q...d..JT......| -00000030 00 ff 01 00 00 2f 00 23 00 00 00 0d 00 22 00 20 |...../.#.....". | -00000040 06 01 06 02 06 03 05 01 05 02 05 03 04 01 04 02 |................| -00000050 04 03 03 01 03 02 03 03 02 01 02 02 02 03 01 01 |................| -00000060 00 0f 00 01 01 |.....| ->>> Flow 2 (server to client) -00000000 16 03 03 00 35 02 00 00 31 03 03 00 00 00 00 00 |....5...1.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 09 00 23 00 00 ff 01 00 01 00 16 03 03 02 be 0b |..#.............| -00000040 00 02 ba 00 02 b7 00 02 b4 30 82 02 b0 30 82 02 |.........0...0..| -00000050 19 a0 03 02 01 02 02 09 00 85 b0 bb a4 8a 7f b8 |................| -00000060 ca 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 |.0...*.H........| -00000070 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 |0E1.0...U....AU1| -00000080 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 |.0...U....Some-S| -00000090 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 |tate1!0...U....I| -000000a0 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 |nternet Widgits | -000000b0 50 74 79 20 4c 74 64 30 1e 17 0d 31 30 30 34 32 |Pty Ltd0...10042| -000000c0 34 30 39 30 39 33 38 5a 17 0d 31 31 30 34 32 34 |4090938Z..110424| -000000d0 30 39 30 39 33 38 5a 30 45 31 0b 30 09 06 03 55 |090938Z0E1.0...U| -000000e0 04 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 |....AU1.0...U...| -000000f0 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 |.Some-State1!0..| -00000100 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 |.U....Internet W| -00000110 69 64 67 69 74 73 20 50 74 79 20 4c 74 64 30 81 |idgits Pty Ltd0.| -00000120 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 |.0...*.H........| -00000130 03 81 8d 00 30 81 89 02 81 81 00 bb 79 d6 f5 17 |....0.......y...| -00000140 b5 e5 bf 46 10 d0 dc 69 be e6 2b 07 43 5a d0 03 |...F...i..+.CZ..| -00000150 2d 8a 7a 43 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 |-.zC...R..eL,x.#| -00000160 8c b5 b4 82 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 |........;~b.,.3.| -00000170 fe 12 5c 7a 56 fc f5 06 bf fa 58 7b 26 3f b5 cd |..\zV.....X{&?..| -00000180 04 d3 d0 c9 21 96 4a c7 f4 54 9f 5a bf ef 42 71 |....!.J..T.Z..Bq| -00000190 00 fe 18 99 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e |......~.}}..9...| -000001a0 db 51 c9 7c e3 c0 4c 3b 32 66 01 cf af b1 1d b8 |.Q.|..L;2f......| -000001b0 71 9a 1d db db 89 6b ae da 2d 79 02 03 01 00 01 |q.....k..-y.....| -000001c0 a3 81 a7 30 81 a4 30 1d 06 03 55 1d 0e 04 16 04 |...0..0...U.....| -000001d0 14 b1 ad e2 85 5a cf cb 28 db 69 ce 23 69 de d3 |.....Z..(.i.#i..| -000001e0 26 8e 18 88 39 30 75 06 03 55 1d 23 04 6e 30 6c |&...90u..U.#.n0l| -000001f0 80 14 b1 ad e2 85 5a cf cb 28 db 69 ce 23 69 de |......Z..(.i.#i.| -00000200 d3 26 8e 18 88 39 a1 49 a4 47 30 45 31 0b 30 09 |.&...9.I.G0E1.0.| -00000210 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 |..U....AU1.0...U| -00000220 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 |....Some-State1!| -00000230 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 |0...U....Interne| -00000240 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 |t Widgits Pty Lt| -00000250 64 82 09 00 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 |d...........0...| -00000260 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 |U....0....0...*.| -00000270 48 86 f7 0d 01 01 05 05 00 03 81 81 00 08 6c 45 |H.............lE| -00000280 24 c7 6b b1 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a |$.k.Y..R.......z| -00000290 64 75 b5 5a 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f |du.Z.f..+...f..O| -000002a0 38 b3 6e 60 d3 92 fd f7 41 08 b5 25 13 b1 18 7a |8.n`....A..%...z| -000002b0 24 fb 30 1d ba ed 98 b9 17 ec e7 d7 31 59 db 95 |$.0.........1Y..| -000002c0 d3 1d 78 ea 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 |..x.PV\..Z-Z_3..| -000002d0 d8 c9 75 90 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f |..u....R...... _| -000002e0 f2 a0 1c a3 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d |..........W.p.&m| -000002f0 71 99 9b 26 6e 38 50 29 6c 90 a7 bd d9 16 03 03 |q..&n8P)l.......| -00000300 00 04 0e 00 00 00 |......| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 27 e9 a4 f7 e7 |...........'....| -00000010 df 25 de 84 8c 1f d6 e6 c3 11 28 55 9a c1 91 37 |.%........(U...7| -00000020 84 f5 ba f8 80 0d ca 50 cb 1e 72 f7 97 6f c2 b2 |.......P..r..o..| -00000030 04 4d 13 7c e0 6e a0 1f 91 e1 38 1b a2 c0 55 16 |.M.|.n....8...U.| -00000040 7f 29 fc ed 1c 1a cf 72 14 c3 00 c1 dd 36 36 af |.).....r.....66.| -00000050 a6 e4 a8 be ba ec 13 d0 1e d0 1d fd e1 5b 27 fd |.............['.| -00000060 9a da 2e 12 c8 b0 b9 c2 b9 76 ec 7f 3c 98 b6 63 |.........v..<..c| -00000070 bc da f0 07 7a 3d e7 61 f4 2f 12 80 3b f9 3b cc |....z=.a./..;.;.| -00000080 05 c8 2f 7e 28 b2 73 bf 97 61 29 14 03 03 00 01 |../~(.s..a).....| -00000090 01 16 03 03 00 24 17 59 a9 45 53 46 33 96 50 dd |.....$.Y.ESF3.P.| -000000a0 3e 23 aa 91 38 f8 56 4a 2f 1a f2 b1 44 9b ce 17 |>#..8.VJ/...D...| -000000b0 6b 8a 89 76 bc 67 b8 8b ba 90 |k..v.g....| ->>> Flow 4 (server to client) -00000000 16 03 03 00 72 04 00 00 6e 00 00 00 00 00 68 00 |....r...n.....h.| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 65 |...............e| -00000020 ea 4b d1 ef ba 2d db 0c ba 9a d4 20 76 57 c8 ec |.K...-..... vW..| -00000030 dc 2d 77 fb fb 3b 93 5f 53 e0 14 4f 90 fb d6 55 |.-w..;._S..O...U| -00000040 57 8c 8d 0d 25 ea 5d 0d f2 91 e5 12 22 12 ec 7b |W...%.]....."..{| -00000050 5f b6 6e fd 07 59 23 24 fc b1 97 ca ea 56 a5 c2 |_.n..Y#$.....V..| -00000060 a0 e4 9e 99 64 f2 64 d0 75 7a 46 63 e3 dc 21 ed |....d.d.uzFc..!.| -00000070 78 56 e9 e1 ab 66 80 14 03 03 00 01 01 16 03 03 |xV...f..........| -00000080 00 24 fc 14 68 07 17 1f df b7 84 cb fd c1 e0 e4 |.$..h...........| -00000090 f2 1a ea 34 b5 00 7f 70 be c8 1c 0a d6 55 e3 57 |...4...p.....U.W| -000000a0 50 4e 6d 7d 8a 5d 17 03 03 00 21 24 27 50 40 c1 |PNm}.]....!$'P@.| -000000b0 c5 bd c7 9f 95 d9 ba 2e 7b 0e db ea a7 31 81 05 |........{....1..| -000000c0 75 43 b1 63 cf b8 55 92 ef 76 98 a9 15 03 03 00 |uC.c..U..v......| -000000d0 16 d7 ea 3c 79 e7 a6 2f 61 39 ec 4e 95 86 48 5e |...>> Flow 1 (client to server) -00000000 16 03 01 00 5c 01 00 00 58 03 03 52 cc 57 59 68 |....\...X..R.WYh| -00000010 11 72 a6 ec 6b 0a 47 1d 10 06 ec 75 af 07 38 a0 |.r..k.G....u..8.| -00000020 30 9e 91 12 e1 9b 19 46 0d d4 45 00 00 04 00 0a |0......F..E.....| -00000030 00 ff 01 00 00 2b 00 0d 00 22 00 20 06 01 06 02 |.....+...". ....| -00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000050 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -00000060 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 7a c0 73 ec cb |...........z.s..| -00000010 cf c2 a8 86 c0 7e 03 63 57 a1 ce 42 37 6d 78 54 |.....~.cW..B7mxT| -00000020 29 f5 3e cc 57 c7 0d d9 69 e1 52 5c 3b 6b c4 c7 |).>.W...i.R\;k..| -00000030 20 6d 59 ee c0 07 81 74 74 9f 62 41 64 f0 4d c8 | mY....tt.bAd.M.| -00000040 9b aa 1a b9 da 56 07 f5 6c 1c 59 8c d3 f9 08 d9 |.....V..l.Y.....| -00000050 08 f4 16 93 5d 9a e5 6f fb 9f ba 3d 3c d6 81 ad |....]..o...=<...| -00000060 02 12 a7 28 b6 81 6a 77 c3 e9 d7 c7 54 d6 77 83 |...(..jw....T.w.| -00000070 77 de 71 fb b3 f3 2d c4 a5 b1 e5 de aa 0e 21 bd |w.q...-.......!.| -00000080 91 a2 dc 7f f7 6f 90 82 54 b1 e7 14 03 03 00 01 |.....o..T.......| -00000090 01 16 03 03 00 30 8f ee bf fb c8 5c 54 f5 29 23 |.....0.....\T.)#| -000000a0 d4 55 f6 98 a1 6e d5 43 e7 81 b2 36 f2 98 d8 1b |.U...n.C...6....| -000000b0 0d 76 cb 14 ba 32 d7 36 30 e6 ab 42 80 95 f6 8a |.v...2.60..B....| -000000c0 60 64 a0 6b 90 81 |`d.k..| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 30 00 00 00 00 00 |..........0.....| -00000010 00 00 00 2c 21 52 34 63 ac e3 a3 66 45 00 41 0c |...,!R4c...fE.A.| -00000020 93 5d 6a 74 5a 25 dc 69 1d 76 73 0c f4 42 6a 18 |.]jtZ%.i.vs..Bj.| -00000030 5b 62 23 e7 fe 41 cf d4 9b 86 35 17 03 03 00 30 |[b#..A....5....0| -00000040 00 00 00 00 00 00 00 00 7d 5d ce 43 85 5c 6b 89 |........}].C.\k.| -00000050 c9 a5 0e 22 69 8e b9 4a 77 4c c0 4e cc 79 d9 7e |..."i..JwL.N.y.~| -00000060 a3 c8 d3 db 5c 53 f8 92 4d c4 5a 88 72 58 05 11 |....\S..M.Z.rX..| -00000070 15 03 03 00 20 00 00 00 00 00 00 00 00 1d 63 8b |.... .........c.| -00000080 a7 74 fb 76 1d 47 31 93 1f ec 8c e2 18 8e 21 dd |.t.v.G1.......!.| -00000090 87 97 9f 1c ca |.....| diff --git a/ztools/ztls/testdata/Server-TLSv12-RSA-AES b/ztools/ztls/testdata/Server-TLSv12-RSA-AES deleted file mode 100644 index a152a96a..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-RSA-AES +++ /dev/null @@ -1,87 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 5c 01 00 00 58 03 03 52 cc 57 59 d0 |....\...X..R.WY.| -00000010 38 05 36 7e e3 1e 93 2a 5a bf dc c2 f8 0a 03 6f |8.6~...*Z......o| -00000020 1a fc 21 74 e5 8b 2a c3 9e 2c 26 00 00 04 00 2f |..!t..*..,&..../| -00000030 00 ff 01 00 00 2b 00 0d 00 22 00 20 06 01 06 02 |.....+...". ....| -00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000050 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -00000060 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 |............./..| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 4b b4 28 bc 78 |...........K.(.x| -00000010 41 34 f3 49 e8 74 07 74 42 ae 2e 55 9e 9a ce e5 |A4.I.t.tB..U....| -00000020 4a 1b e7 55 c7 64 c4 9c b3 dd 20 d6 f8 8e 67 b3 |J..U.d.... ...g.| -00000030 7a 5c 3b 34 e4 1a f6 bd 65 fc 21 cd 9a de 64 77 |z\;4....e.!...dw| -00000040 09 a5 92 e5 a4 f5 18 7b 23 5b 8b c1 95 23 97 6f |.......{#[...#.o| -00000050 76 55 04 34 22 7d 43 71 db cd eb f8 36 36 44 4b |vU.4"}Cq....66DK| -00000060 ae e3 cc ec 64 88 7b e1 ea d6 ab 49 35 94 a5 04 |....d.{....I5...| -00000070 1e 83 c5 cf 21 bb ca 33 5f d4 bf 1d d3 4d 07 59 |....!..3_....M.Y| -00000080 b4 39 b2 4b 7b 05 43 70 0d ba 7a 14 03 03 00 01 |.9.K{.Cp..z.....| -00000090 01 16 03 03 00 40 74 4b 7d b2 53 49 ea 86 90 c3 |.....@tK}.SI....| -000000a0 64 6b 64 31 1a 2a 3f 1a 37 1e 56 b8 dd 12 6d 56 |dkd1.*?.7.V...mV| -000000b0 2a 61 92 5b 39 e7 e1 be 71 70 4b 9b b3 f0 71 e7 |*a.[9...qpK...q.| -000000c0 47 2e 2e 17 c3 0a 66 9f 69 74 30 2d f0 a0 7f 84 |G.....f.it0-....| -000000d0 25 db c1 81 ee cf |%.....| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| -00000010 00 00 00 00 00 00 00 00 00 00 00 f3 4d 5a fc 21 |............MZ.!| -00000020 30 b5 a1 86 9d e2 ea 38 ac 54 57 fa 5a 54 97 b8 |0......8.TW.ZT..| -00000030 bb 4d 64 09 ef ce a1 75 0c 50 8d ff 5c c2 e9 47 |.Md....u.P..\..G| -00000040 95 93 53 c0 bd dc c5 9c e0 59 17 17 03 03 00 40 |..S......Y.....@| -00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000060 69 c5 48 6e 45 cf 98 1b 2c 23 40 d1 ab a3 c2 e2 |i.HnE...,#@.....| -00000070 10 7b b1 c8 21 3c f0 eb 96 bd 4f 78 b2 4a 7b 18 |.{..!<....Ox.J{.| -00000080 4c b1 a6 67 bf 06 40 01 d0 8d 91 be 17 d8 0c 71 |L..g..@........q| -00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -000000a0 00 00 00 00 00 20 84 80 3d 70 fe ae ee d7 2f e9 |..... ..=p..../.| -000000b0 bf 65 30 bf 0b dd 98 ea bb ba 12 14 98 53 7f d5 |.e0..........S..| -000000c0 56 ce 06 3c d0 |V..<.| diff --git a/ztools/ztls/testdata/Server-TLSv12-RSA-AES-GCM b/ztools/ztls/testdata/Server-TLSv12-RSA-AES-GCM deleted file mode 100644 index 0ddfe022..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-RSA-AES-GCM +++ /dev/null @@ -1,93 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 9c 01 00 00 98 03 03 53 04 f1 30 73 |...........S..0s| -00000010 a1 ea 8c d2 90 1c c6 d6 0d 3c af 58 21 65 90 25 |.........<.X!e.%| -00000020 5e fa f4 27 22 65 c9 68 90 b9 04 00 00 04 c0 2f |^..'"e.h......./| -00000030 00 ff 01 00 00 6b 00 0b 00 04 03 00 01 02 00 0a |.....k..........| -00000040 00 34 00 32 00 0e 00 0d 00 19 00 0b 00 0c 00 18 |.4.2............| -00000050 00 09 00 0a 00 16 00 17 00 08 00 06 00 07 00 14 |................| -00000060 00 15 00 04 00 05 00 12 00 13 00 01 00 02 00 03 |................| -00000070 00 0f 00 10 00 11 00 0d 00 22 00 20 06 01 06 02 |.........". ....| -00000080 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000090 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -000000a0 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 2f 00 00 |............./..| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 cd 0c 00 |n8P)l...........| -00000300 00 c9 03 00 17 41 04 1e 18 37 ef 0d 19 51 88 35 |.....A...7...Q.5| -00000310 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 24 20 3e |uq..T[....g..$ >| -00000320 b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 07 9f 6c |.V...(^.+-O....l| -00000330 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 b5 68 1a |K[.V.2B.X..I..h.| -00000340 41 03 56 6b dc 5a 89 04 01 00 80 a2 54 61 84 29 |A.Vk.Z......Ta.)| -00000350 3e 97 4b 97 9a 9f 5c c0 49 6d 86 d2 79 8e 95 a1 |>.K...\.Im..y...| -00000360 0a 5a 36 73 34 bb 05 73 35 47 e1 2b 5d f3 ef 36 |.Z6s4..s5G.+]..6| -00000370 a8 32 e2 7e ef aa 3f 1f b3 64 60 d4 06 2e 98 e3 |.2.~..?..d`.....| -00000380 11 e2 60 3c d6 20 17 63 b2 6f a0 cd 21 01 2b 4e |..`<. .c.o..!.+N| -00000390 b2 a8 55 04 39 37 5c 6c 71 66 4d a3 eb 1b 83 67 |..U.97\lqfM....g| -000003a0 6b 15 a0 56 9a f1 a2 79 92 29 ce 58 3c 10 4d 65 |k..V...y.).X<.Me| -000003b0 1f 22 e3 ea d8 74 aa 01 7e ca f3 89 23 41 4d bd |."...t..~...#AM.| -000003c0 df 77 4e 59 54 97 74 ad 07 ea c0 16 03 03 00 04 |.wNYT.t.........| -000003d0 0e 00 00 00 |....| ->>> Flow 3 (client to server) -00000000 16 03 03 00 46 10 00 00 42 41 04 45 65 ce f7 b9 |....F...BA.Ee...| -00000010 52 e3 fb 13 db 91 f2 65 43 84 57 f5 1a 19 a0 e6 |R......eC.W.....| -00000020 89 2d bb 2c 83 6b 62 f6 6f 1f 26 ae 59 67 bd dc |.-.,.kb.o.&.Yg..| -00000030 c4 9e 0b dc 7d 6e f8 6b 95 8c 61 47 3d cd d1 df |....}n.k..aG=...| -00000040 82 45 30 81 c3 a3 49 5d 85 59 70 14 03 03 00 01 |.E0...I].Yp.....| -00000050 01 16 03 03 00 28 3f aa 85 33 f9 c6 95 a0 56 ff |.....(?..3....V.| -00000060 1c f1 5a ba 6e 41 50 0c ab 92 e1 e2 8e 89 1c f1 |..Z.nAP.........| -00000070 fa 54 1b f1 f5 00 01 12 6d c4 96 78 b6 87 |.T......m..x..| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| -00000010 00 00 00 94 5c be 46 05 d6 d0 b0 3a 56 dc 2c 10 |....\.F....:V.,.| -00000020 0f 6f 5d 33 33 7f a5 4e 74 84 bf 63 87 c4 f4 49 |.o]33..Nt..c...I| -00000030 bc 6b ab 17 03 03 00 25 00 00 00 00 00 00 00 01 |.k.....%........| -00000040 7e 4f f9 ae ae fe 6b a0 4a f8 0f 0b b4 b6 65 b6 |~O....k.J.....e.| -00000050 be 24 5f 94 6d d1 db 54 11 07 b9 ce 01 15 03 03 |.$_.m..T........| -00000060 00 1a 00 00 00 00 00 00 00 02 a8 1c d6 62 ac fd |.............b..| -00000070 77 ba 23 92 5d 34 f1 17 c7 e1 1c 99 |w.#.]4......| diff --git a/ztools/ztls/testdata/Server-TLSv12-RSA-RC4 b/ztools/ztls/testdata/Server-TLSv12-RSA-RC4 deleted file mode 100644 index b703a8f7..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-RSA-RC4 +++ /dev/null @@ -1,79 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 5c 01 00 00 58 03 03 52 cc 57 59 c9 |....\...X..R.WY.| -00000010 c3 13 fc 18 8a ee c2 0e 88 ff fb 4a 16 f2 eb eb |...........J....| -00000020 d4 f8 b3 5b cd bb 25 0e 0b cb 48 00 00 04 00 05 |...[..%...H.....| -00000030 00 ff 01 00 00 2b 00 0d 00 22 00 20 06 01 06 02 |.....+...". ....| -00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................| -00000050 03 02 03 03 02 01 02 02 02 03 01 01 00 0f 00 01 |................| -00000060 01 |.| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 35 b3 60 ba 14 |...........5.`..| -00000010 5f 19 24 a0 24 de 4e 85 a9 64 78 3a 51 24 64 70 |_.$.$.N..dx:Q$dp| -00000020 88 55 6d c3 11 b8 d3 9f bc 7a 33 f8 3c 48 93 2f |.Um......z3..|.| -00000070 44 82 f4 24 03 22 40 00 64 27 53 15 41 8c 01 e9 |D..$."@.d'S.A...| -00000080 39 32 fa 8e 2d f9 b4 89 34 15 d6 14 03 03 00 01 |92..-...4.......| -00000090 01 16 03 03 00 24 f5 61 8b 24 bf b4 82 3a cf 49 |.....$.a.$...:.I| -000000a0 99 a0 b1 1b a7 a7 a3 92 7c 84 85 e0 64 a3 3d bd |........|...d.=.| -000000b0 38 98 7d 97 a8 b9 2a 35 a9 09 |8.}...*5..| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 c9 0b 84 e6 39 |..........$....9| -00000010 f2 e0 f3 ac 9f 0f 17 92 5f 6d de 94 18 c4 60 d9 |........_m....`.| -00000020 66 c3 0d 1a ae c2 8f 46 8f 7f f0 58 0e 4a 9b 17 |f......F...X.J..| -00000030 03 03 00 21 8b 73 a1 6a 7e d9 7e 4f 1d cc b2 7d |...!.s.j~.~O...}| -00000040 3c 83 3f 52 f8 08 77 01 4c 65 11 6d 50 25 9a cc |<.?R..w.Le.mP%..| -00000050 e3 54 27 72 59 15 03 03 00 16 3d c8 ab 14 51 fa |.T'rY.....=...Q.| -00000060 97 f1 ef 5f b4 4f 44 58 d4 93 3b ae e5 61 1f a3 |..._.ODX..;..a..| diff --git a/ztools/ztls/testdata/Server-TLSv12-Resume b/ztools/ztls/testdata/Server-TLSv12-Resume deleted file mode 100644 index c495d4ad..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-Resume +++ /dev/null @@ -1,36 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 e8 01 00 00 e4 03 03 52 cc 57 59 c3 |...........R.WY.| -00000010 8b df 97 05 d8 5f 16 22 b4 b1 e7 cb 7d 2f 9b 58 |....._."....}/.X| -00000020 a3 f4 d7 2c a4 c1 9d 49 ed 4b ba 20 90 da 90 3e |...,...I.K. ...>| -00000030 36 19 7a db 56 43 26 f7 dc 42 57 33 22 ed 9d a4 |6.z.VC&..BW3"...| -00000040 9d 53 da f8 9d 4e 60 66 71 a0 2e 2e 00 04 00 05 |.S...N`fq.......| -00000050 00 ff 01 00 00 97 00 23 00 68 00 00 00 00 00 00 |.......#.h......| -00000060 00 00 00 00 00 00 00 00 00 00 65 ea 4b d1 ef ba |..........e.K...| -00000070 06 38 1e e1 88 82 3a cd 03 ac 3b 39 0a e0 19 fd |.8....:...;9....| -00000080 af 6c 57 30 df 31 6e f7 92 38 4b 5d 77 90 39 ff |.lW0.1n..8K]w.9.| -00000090 32 51 f5 ed 12 d7 b0 7c 4d 6c c5 76 e4 72 48 3e |2Q.....|Ml.v.rH>| -000000a0 59 23 fe 0d 15 df f4 ba ea b9 67 16 23 8f 7d 15 |Y#........g.#.}.| -000000b0 b6 11 f1 ab d7 d4 cd a3 21 82 92 2a 12 cf 95 f3 |........!..*....| -000000c0 60 b2 00 0d 00 22 00 20 06 01 06 02 06 03 05 01 |`....". ........| -000000d0 05 02 05 03 04 01 04 02 04 03 03 01 03 02 03 03 |................| -000000e0 02 01 02 02 02 03 01 01 00 0f 00 01 01 |.............| ->>> Flow 2 (server to client) -00000000 16 03 03 00 51 02 00 00 4d 03 03 00 00 00 00 00 |....Q...M.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 20 90 da 90 3e |........... ...>| -00000030 36 19 7a db 56 43 26 f7 dc 42 57 33 22 ed 9d a4 |6.z.VC&..BW3"...| -00000040 9d 53 da f8 9d 4e 60 66 71 a0 2e 2e 00 05 00 00 |.S...N`fq.......| -00000050 05 ff 01 00 01 00 14 03 03 00 01 01 16 03 03 00 |................| -00000060 24 11 12 ff 28 10 14 4c e5 0e ad a7 fa f3 92 fb |$...(..L........| -00000070 13 7d ae f2 b2 4a 6b a1 9e 67 cf a8 f7 8c 6f a0 |.}...Jk..g....o.| -00000080 6c 30 0e 18 55 |l0..U| ->>> Flow 3 (client to server) -00000000 14 03 03 00 01 01 16 03 03 00 24 0d 46 41 8b 24 |..........$.FA.$| -00000010 36 01 a9 fd 8b ec fc e6 b1 83 96 df 0d 3e 53 54 |6............>ST| -00000020 58 b8 43 f2 a6 25 5e 1a ae 19 9e d2 28 44 92 |X.C..%^.....(D.| ->>> Flow 4 (server to client) -00000000 17 03 03 00 21 c4 fb f6 53 bb 3e 04 cc 0b a0 03 |....!...S.>.....| -00000010 fa 49 96 da b5 8d b2 f2 e5 d8 f3 5c 27 57 4f 9c |.I.........\'WO.| -00000020 30 00 34 fc 52 92 15 03 03 00 16 a3 02 7a 50 d2 |0.4.R........zP.| -00000030 c6 b3 fc 69 8f e4 94 ae ab 22 ad 05 1d 15 69 b9 |...i....."....i.| -00000040 a5 |.| diff --git a/ztools/ztls/testdata/Server-TLSv12-ResumeDisabled b/ztools/ztls/testdata/Server-TLSv12-ResumeDisabled deleted file mode 100644 index db833f65..00000000 --- a/ztools/ztls/testdata/Server-TLSv12-ResumeDisabled +++ /dev/null @@ -1,87 +0,0 @@ ->>> Flow 1 (client to server) -00000000 16 03 01 00 e8 01 00 00 e4 03 03 54 23 54 02 a5 |...........T#T..| -00000010 10 11 0f 6d e5 2d 2f e8 bb 52 b1 38 3f 65 01 43 |...m.-/..R.8?e.C| -00000020 36 cc 48 f6 09 22 a1 85 20 28 3c 20 35 8b fe 7a |6.H..".. (< 5..z| -00000030 41 3b 59 3a 5d b9 b3 21 f0 62 e9 0d 7b af f5 5d |A;Y:]..!.b..{..]| -00000040 fa 65 1a 40 c8 ca cd 74 8c ef d2 fb 00 04 00 05 |.e.@...t........| -00000050 00 ff 01 00 00 97 00 23 00 68 00 00 00 00 00 00 |.......#.h......| -00000060 00 00 00 00 00 00 00 00 00 00 65 ea 4b d1 ef ba |..........e.K...| -00000070 2d db 0c ba 9a d4 20 76 57 c8 ec dc 2d 77 fb fb |-..... vW...-w..| -00000080 3b 93 5f 53 e0 14 4f 90 fb d6 55 57 8c 8d 0d 25 |;._S..O...UW...%| -00000090 ea 5d 0d f2 91 e5 12 22 12 ec 7b 5f b6 6e fd 07 |.]....."..{_.n..| -000000a0 59 23 24 fc b1 97 ca ea 56 a5 c2 a0 e4 9e 99 64 |Y#$.....V......d| -000000b0 f2 64 d0 75 7a 46 63 e3 dc 21 ed 78 56 e9 e1 ab |.d.uzFc..!.xV...| -000000c0 66 80 00 0d 00 22 00 20 06 01 06 02 06 03 05 01 |f....". ........| -000000d0 05 02 05 03 04 01 04 02 04 03 03 01 03 02 03 03 |................| -000000e0 02 01 02 02 02 03 01 01 00 0f 00 01 01 |.............| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................| -00000030 05 ff 01 00 01 00 16 03 03 02 be 0b 00 02 ba 00 |................| -00000040 02 b7 00 02 b4 30 82 02 b0 30 82 02 19 a0 03 02 |.....0...0......| -00000050 01 02 02 09 00 85 b0 bb a4 8a 7f b8 ca 30 0d 06 |.............0..| -00000060 09 2a 86 48 86 f7 0d 01 01 05 05 00 30 45 31 0b |.*.H........0E1.| -00000070 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 |0...U....AU1.0..| -00000080 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 |.U....Some-State| -00000090 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 |1!0...U....Inter| -000000a0 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 |net Widgits Pty | -000000b0 4c 74 64 30 1e 17 0d 31 30 30 34 32 34 30 39 30 |Ltd0...100424090| -000000c0 39 33 38 5a 17 0d 31 31 30 34 32 34 30 39 30 39 |938Z..1104240909| -000000d0 33 38 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 |38Z0E1.0...U....| -000000e0 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som| -000000f0 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..| -00000100 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi| -00000110 74 73 20 50 74 79 20 4c 74 64 30 81 9f 30 0d 06 |ts Pty Ltd0..0..| -00000120 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| -00000130 30 81 89 02 81 81 00 bb 79 d6 f5 17 b5 e5 bf 46 |0.......y......F| -00000140 10 d0 dc 69 be e6 2b 07 43 5a d0 03 2d 8a 7a 43 |...i..+.CZ..-.zC| -00000150 85 b7 14 52 e7 a5 65 4c 2c 78 b8 23 8c b5 b4 82 |...R..eL,x.#....| -00000160 e5 de 1f 95 3b 7e 62 a5 2c a5 33 d6 fe 12 5c 7a |....;~b.,.3...\z| -00000170 56 fc f5 06 bf fa 58 7b 26 3f b5 cd 04 d3 d0 c9 |V.....X{&?......| -00000180 21 96 4a c7 f4 54 9f 5a bf ef 42 71 00 fe 18 99 |!.J..T.Z..Bq....| -00000190 07 7f 7e 88 7d 7d f1 04 39 c4 a2 2e db 51 c9 7c |..~.}}..9....Q.|| -000001a0 e3 c0 4c 3b 32 66 01 cf af b1 1d b8 71 9a 1d db |..L;2f......q...| -000001b0 db 89 6b ae da 2d 79 02 03 01 00 01 a3 81 a7 30 |..k..-y........0| -000001c0 81 a4 30 1d 06 03 55 1d 0e 04 16 04 14 b1 ad e2 |..0...U.........| -000001d0 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 88 |.Z..(.i.#i..&...| -000001e0 39 30 75 06 03 55 1d 23 04 6e 30 6c 80 14 b1 ad |90u..U.#.n0l....| -000001f0 e2 85 5a cf cb 28 db 69 ce 23 69 de d3 26 8e 18 |..Z..(.i.#i..&..| -00000200 88 39 a1 49 a4 47 30 45 31 0b 30 09 06 03 55 04 |.9.I.G0E1.0...U.| -00000210 06 13 02 41 55 31 13 30 11 06 03 55 04 08 13 0a |...AU1.0...U....| -00000220 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 1f 06 03 |Some-State1!0...| -00000230 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 20 57 69 |U....Internet Wi| -00000240 64 67 69 74 73 20 50 74 79 20 4c 74 64 82 09 00 |dgits Pty Ltd...| -00000250 85 b0 bb a4 8a 7f b8 ca 30 0c 06 03 55 1d 13 04 |........0...U...| -00000260 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d |.0....0...*.H...| -00000270 01 01 05 05 00 03 81 81 00 08 6c 45 24 c7 6b b1 |..........lE$.k.| -00000280 59 ab 0c 52 cc f2 b0 14 d7 87 9d 7a 64 75 b5 5a |Y..R.......zdu.Z| -00000290 95 66 e4 c5 2b 8e ae 12 66 1f eb 4f 38 b3 6e 60 |.f..+...f..O8.n`| -000002a0 d3 92 fd f7 41 08 b5 25 13 b1 18 7a 24 fb 30 1d |....A..%...z$.0.| -000002b0 ba ed 98 b9 17 ec e7 d7 31 59 db 95 d3 1d 78 ea |........1Y....x.| -000002c0 50 56 5c d5 82 5a 2d 5a 5f 33 c4 b6 d8 c9 75 90 |PV\..Z-Z_3....u.| -000002d0 96 8c 0f 52 98 b5 cd 98 1f 89 20 5f f2 a0 1c a3 |...R...... _....| -000002e0 1b 96 94 dd a9 fd 57 e9 70 e8 26 6d 71 99 9b 26 |......W.p.&mq..&| -000002f0 6e 38 50 29 6c 90 a7 bd d9 16 03 03 00 04 0e 00 |n8P)l...........| -00000300 00 00 |..| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 ae 02 dd 1f 1a |................| -00000010 86 83 f5 2f 82 46 4b 29 58 aa a1 b3 56 8b 4e 40 |.../.FK)X...V.N@| -00000020 ef 23 65 67 ad 48 e5 e1 fd ae dd bf 68 fd bd a6 |.#eg.H......h...| -00000030 13 a0 7e 05 ab f7 20 e1 6a 4e d1 37 93 08 1d c9 |..~... .jN.7....| -00000040 37 e0 b5 34 28 bf 20 45 45 da 0f 7e 51 a7 c6 ae |7..4(. EE..~Q...| -00000050 61 6c 07 1b 73 ef da 6e 25 c4 ed be e3 3f da ae |al..s..n%....?..| -00000060 cd 3c 17 9c 2e ee fb 47 9d b3 a1 b2 c3 5d e0 83 |.<.....G.....]..| -00000070 74 20 37 2d 72 d6 d0 4d 58 0e 26 1c 50 22 95 08 |t 7-r..MX.&.P"..| -00000080 7d e0 5f 86 99 9e 2c 2e a7 a0 7f 14 03 03 00 01 |}._...,.........| -00000090 01 16 03 03 00 24 a2 ab 41 25 a5 cf 04 18 1d 98 |.....$..A%......| -000000a0 88 6c 59 21 86 33 54 f4 35 b4 21 6e a5 29 d5 6e |.lY!.3T.5.!n.).n| -000000b0 3d 08 72 b0 af 46 b5 8f 6b 86 |=.r..F..k.| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 24 59 20 4d c2 17 |..........$Y M..| -00000010 8b 3c 9b 33 d9 f9 ef fb 80 18 1f 67 a7 58 12 89 |.<.3.......g.X..| -00000020 4e 73 0f 2d 7b e6 c4 a6 79 73 01 da 22 e8 54 17 |Ns.-{...ys..".T.| -00000030 03 03 00 21 36 ca 64 0f 4a 12 a5 50 3d 97 bb 39 |...!6.d.J..P=..9| -00000040 02 fc ed d1 82 6a 9a 2e 21 79 f6 e1 b3 cc 32 db |.....j..!y....2.| -00000050 0f 5d b3 fb a5 15 03 03 00 16 51 f4 be 57 7a df |.]........Q..Wz.| -00000060 f1 f2 bd b5 51 5e 45 80 be 0b 9a 0c d1 19 3c 79 |....Q^E.......>> Flow 1 (client to server) -00000000 16 03 01 00 70 01 00 00 6c 03 03 52 cc 57 59 2d |....p...l..R.WY-| -00000010 77 aa 75 35 fa ff 2a a2 bf 91 5e e3 7f 38 7d 7a |w.u5..*...^..8}z| -00000020 e3 93 d3 e8 8b 09 bb 06 c8 6d 91 00 00 04 00 2f |.........m...../| -00000030 00 ff 01 00 00 3f 00 00 00 10 00 0e 00 00 0b 73 |.....?.........s| -00000040 6e 69 74 65 73 74 2e 63 6f 6d 00 0d 00 22 00 20 |nitest.com...". | -00000050 06 01 06 02 06 03 05 01 05 02 05 03 04 01 04 02 |................| -00000060 04 03 03 01 03 02 03 03 02 01 02 02 02 03 01 01 |................| -00000070 00 0f 00 01 01 |.....| ->>> Flow 2 (server to client) -00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......| -00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 |............./..| -00000030 05 ff 01 00 01 00 16 03 03 02 00 0b 00 01 fc 00 |................| -00000040 01 f9 00 01 f6 30 82 01 f2 30 82 01 5d a0 03 02 |.....0...0..]...| -00000050 01 02 02 01 00 30 0b 06 09 2a 86 48 86 f7 0d 01 |.....0...*.H....| -00000060 01 05 30 28 31 10 30 0e 06 03 55 04 0a 13 07 41 |..0(1.0...U....A| -00000070 63 6d 65 20 43 6f 31 14 30 12 06 03 55 04 03 13 |cme Co1.0...U...| -00000080 0b 73 6e 69 74 65 73 74 2e 63 6f 6d 30 1e 17 0d |.snitest.com0...| -00000090 31 32 30 34 31 31 31 37 34 30 33 35 5a 17 0d 31 |120411174035Z..1| -000000a0 33 30 34 31 31 31 37 34 35 33 35 5a 30 28 31 10 |30411174535Z0(1.| -000000b0 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 6f |0...U....Acme Co| -000000c0 31 14 30 12 06 03 55 04 03 13 0b 73 6e 69 74 65 |1.0...U....snite| -000000d0 73 74 2e 63 6f 6d 30 81 9d 30 0b 06 09 2a 86 48 |st.com0..0...*.H| -000000e0 86 f7 0d 01 01 01 03 81 8d 00 30 81 89 02 81 81 |..........0.....| -000000f0 00 bb 79 d6 f5 17 b5 e5 bf 46 10 d0 dc 69 be e6 |..y......F...i..| -00000100 2b 07 43 5a d0 03 2d 8a 7a 43 85 b7 14 52 e7 a5 |+.CZ..-.zC...R..| -00000110 65 4c 2c 78 b8 23 8c b5 b4 82 e5 de 1f 95 3b 7e |eL,x.#........;~| -00000120 62 a5 2c a5 33 d6 fe 12 5c 7a 56 fc f5 06 bf fa |b.,.3...\zV.....| -00000130 58 7b 26 3f b5 cd 04 d3 d0 c9 21 96 4a c7 f4 54 |X{&?......!.J..T| -00000140 9f 5a bf ef 42 71 00 fe 18 99 07 7f 7e 88 7d 7d |.Z..Bq......~.}}| -00000150 f1 04 39 c4 a2 2e db 51 c9 7c e3 c0 4c 3b 32 66 |..9....Q.|..L;2f| -00000160 01 cf af b1 1d b8 71 9a 1d db db 89 6b ae da 2d |......q.....k..-| -00000170 79 02 03 01 00 01 a3 32 30 30 30 0e 06 03 55 1d |y......2000...U.| -00000180 0f 01 01 ff 04 04 03 02 00 a0 30 0d 06 03 55 1d |..........0...U.| -00000190 0e 04 06 04 04 01 02 03 04 30 0f 06 03 55 1d 23 |.........0...U.#| -000001a0 04 08 30 06 80 04 01 02 03 04 30 0b 06 09 2a 86 |..0.......0...*.| -000001b0 48 86 f7 0d 01 01 05 03 81 81 00 89 c6 45 5f 1c |H............E_.| -000001c0 1f 5e f8 eb 1a b1 74 ee 24 39 05 9f 5c 42 59 bb |.^....t.$9..\BY.| -000001d0 1a 8d 86 cd b1 d0 56 f5 6a 71 7d a4 0e 95 ab 90 |......V.jq}.....| -000001e0 f5 9e 8d ea f6 27 c1 57 99 50 94 db 08 02 26 6e |.....'.W.P....&n| -000001f0 b3 4f c6 84 2d ea 8a 4b 68 d9 c1 38 91 03 ab 84 |.O..-..Kh..8....| -00000200 fb 9e 1f 85 d9 b5 d2 3f f2 31 2c 86 70 fb b5 40 |.......?.1,.p..@| -00000210 14 82 45 a4 eb af e2 64 d9 0c 8a 4c f4 f8 5b 0f |..E....d...L..[.| -00000220 ac 12 ac 2f c4 a3 15 4b ad 52 46 28 68 af 96 c6 |.../...K.RF(h...| -00000230 2c 65 25 d6 52 b6 e3 18 45 bd cc 16 03 03 00 04 |,e%.R...E.......| -00000240 0e 00 00 00 |....| ->>> Flow 3 (client to server) -00000000 16 03 03 00 86 10 00 00 82 00 80 0d f2 bf 75 a9 |..............u.| -00000010 aa db f3 25 55 d4 20 59 63 54 d1 70 82 f9 61 c5 |...%U. YcT.p..a.| -00000020 b7 ae 3f 75 71 75 9d c5 01 a1 ed b1 07 66 9f 3f |..?uqu.......f.?| -00000030 cf c6 e6 ad 44 03 fd 18 6f 53 24 ce 76 01 bd fe |....D...oS$.v...| -00000040 e2 51 f7 df 8a 23 3a 21 c4 00 15 ff d0 e0 ff c8 |.Q...#:!........| -00000050 8b 89 33 c6 8e e0 ce 97 ef b4 c6 f9 b0 ea 38 89 |..3...........8.| -00000060 79 98 34 9e f7 bc c6 fd d2 5d 56 84 5c d2 9a ce |y.4......]V.\...| -00000070 ae de 09 bc 24 25 fc 09 0c bc 0e 91 0d 6b 36 ae |....$%.......k6.| -00000080 ce 6b cd 14 ec b6 3c fa d6 df fc 14 03 03 00 01 |.k....<.........| -00000090 01 16 03 03 00 40 ad 21 13 2b 33 7a 4a 0d fb 0f |.....@.!.+3zJ...| -000000a0 eb d2 b6 85 29 1f 59 79 ba 86 53 5c 68 b4 c7 e3 |....).Yy..S\h...| -000000b0 8a 6c 5c 18 04 4d e4 76 19 30 ba 92 b4 79 8c 64 |.l\..M.v.0...y.d| -000000c0 00 a0 2e 13 96 45 9f e7 a9 e4 23 9e 9f 89 23 26 |.....E....#...#&| -000000d0 36 20 82 fc 75 fe |6 ..u.| ->>> Flow 4 (server to client) -00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| -00000010 00 00 00 00 00 00 00 00 00 00 00 b7 87 61 10 03 |.............a..| -00000020 b8 a4 42 d4 8b 49 bc 40 80 70 92 c8 25 b0 c6 7f |..B..I.@.p..%...| -00000030 b3 87 76 50 5a 59 b3 3c d8 3e 23 24 aa 1a f3 36 |..vPZY.<.>#$...6| -00000040 c9 2c 87 c1 22 d2 94 f8 2c fd ef 17 03 03 00 40 |.,.."...,......@| -00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| -00000060 e5 7f bd 3e ff 9f d4 1b 91 02 f8 69 6f 70 9d 51 |...>.......iop.Q| -00000070 a5 ec ef 5b 10 3f 4e 3f 44 e5 9a 39 68 7c 3a b9 |...[.?N?D..9h|:.| -00000080 69 38 31 ec 9c 45 bf 19 d1 5c 5e 2e 06 00 ca 19 |i81..E...\^.....| -00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| -000000a0 00 00 00 00 00 63 5e 79 2c f2 05 dc 2b d7 5b ac |.....c^y,...+.[.| -000000b0 9d fc 75 94 03 16 ca 1f b2 75 58 2d f1 2f f1 1e |..u......uX-./..| -000000c0 d2 f6 84 8f 2e |.....| diff --git a/ztools/ztls/ticket.go b/ztools/ztls/ticket.go deleted file mode 100644 index d631219a..00000000 --- a/ztools/ztls/ticket.go +++ /dev/null @@ -1,189 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "crypto/aes" - "crypto/cipher" - "crypto/hmac" - "crypto/sha256" - "crypto/subtle" - "errors" - "io" -) - -// sessionState contains the information that is serialized into a session -// ticket in order to later resume a connection. -type sessionState struct { - vers uint16 - cipherSuite uint16 - masterSecret []byte - certificates [][]byte - extendedMasterSecret bool -} - -func (s *sessionState) equal(i interface{}) bool { - s1, ok := i.(*sessionState) - if !ok { - return false - } - - if s.vers != s1.vers || - s.cipherSuite != s1.cipherSuite || - !bytes.Equal(s.masterSecret, s1.masterSecret) || - s.extendedMasterSecret != s1.extendedMasterSecret { - return false - } - - if len(s.certificates) != len(s1.certificates) { - return false - } - - for i := range s.certificates { - if !bytes.Equal(s.certificates[i], s1.certificates[i]) { - return false - } - } - - return true -} - -func (s *sessionState) marshal() []byte { - length := 2 + 2 + 2 + len(s.masterSecret) + 2 - for _, cert := range s.certificates { - length += 4 + len(cert) - } - - ret := make([]byte, length) - x := ret - x[0] = byte(s.vers >> 8) - x[1] = byte(s.vers) - x[2] = byte(s.cipherSuite >> 8) - x[3] = byte(s.cipherSuite) - x[4] = byte(len(s.masterSecret) >> 8) - x[5] = byte(len(s.masterSecret)) - x = x[6:] - copy(x, s.masterSecret) - x = x[len(s.masterSecret):] - - x[0] = byte(len(s.certificates) >> 8) - x[1] = byte(len(s.certificates)) - x = x[2:] - - for _, cert := range s.certificates { - x[0] = byte(len(cert) >> 24) - x[1] = byte(len(cert) >> 16) - x[2] = byte(len(cert) >> 8) - x[3] = byte(len(cert)) - copy(x[4:], cert) - x = x[4+len(cert):] - } - - if s.extendedMasterSecret { - x[0] = 1 - } - - return ret -} - -func (s *sessionState) unmarshal(data []byte) bool { - if len(data) < 8 { - return false - } - - s.vers = uint16(data[0])<<8 | uint16(data[1]) - s.cipherSuite = uint16(data[2])<<8 | uint16(data[3]) - masterSecretLen := int(data[4])<<8 | int(data[5]) - data = data[6:] - if len(data) < masterSecretLen { - return false - } - - s.masterSecret = data[:masterSecretLen] - data = data[masterSecretLen:] - - if len(data) < 2 { - return false - } - - numCerts := int(data[0])<<8 | int(data[1]) - data = data[2:] - - s.certificates = make([][]byte, numCerts) - for i := range s.certificates { - if len(data) < 4 { - return false - } - certLen := int(data[0])<<24 | int(data[1])<<16 | int(data[2])<<8 | int(data[3]) - data = data[4:] - if certLen < 0 { - return false - } - if len(data) < certLen { - return false - } - s.certificates[i] = data[:certLen] - data = data[certLen:] - } - - if len(data) > 0 { - return false - } - - return true -} - -func (c *Conn) encryptTicket(state *sessionState) ([]byte, error) { - serialized := state.marshal() - encrypted := make([]byte, aes.BlockSize+len(serialized)+sha256.Size) - iv := encrypted[:aes.BlockSize] - macBytes := encrypted[len(encrypted)-sha256.Size:] - - if _, err := io.ReadFull(c.config.rand(), iv); err != nil { - return nil, err - } - block, err := aes.NewCipher(c.config.SessionTicketKey[:16]) - if err != nil { - return nil, errors.New("tls: failed to create cipher while encrypting ticket: " + err.Error()) - } - cipher.NewCTR(block, iv).XORKeyStream(encrypted[aes.BlockSize:], serialized) - - mac := hmac.New(sha256.New, c.config.SessionTicketKey[16:32]) - mac.Write(encrypted[:len(encrypted)-sha256.Size]) - mac.Sum(macBytes[:0]) - - return encrypted, nil -} - -func (c *Conn) decryptTicket(encrypted []byte) (*sessionState, bool) { - if c.config.SessionTicketsDisabled || - len(encrypted) < aes.BlockSize+sha256.Size { - return nil, false - } - - iv := encrypted[:aes.BlockSize] - macBytes := encrypted[len(encrypted)-sha256.Size:] - - mac := hmac.New(sha256.New, c.config.SessionTicketKey[16:32]) - mac.Write(encrypted[:len(encrypted)-sha256.Size]) - expected := mac.Sum(nil) - - if subtle.ConstantTimeCompare(macBytes, expected) != 1 { - return nil, false - } - - block, err := aes.NewCipher(c.config.SessionTicketKey[:16]) - if err != nil { - return nil, false - } - ciphertext := encrypted[aes.BlockSize : len(encrypted)-sha256.Size] - plaintext := ciphertext - cipher.NewCTR(block, iv).XORKeyStream(plaintext, ciphertext) - - state := new(sessionState) - ok := state.unmarshal(plaintext) - return state, ok -} diff --git a/ztools/ztls/tls.go b/ztools/ztls/tls.go deleted file mode 100644 index 47005ae8..00000000 --- a/ztools/ztls/tls.go +++ /dev/null @@ -1,287 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package tls partially implements TLS 1.2, as specified in RFC 5246. -package ztls - -import ( - "crypto" - "crypto/ecdsa" - "crypto/rsa" - "encoding/pem" - "errors" - "io/ioutil" - "net" - "strings" - "time" - - "github.com/zmap/zgrab/ztools/x509" -) - -// Server returns a new TLS server side connection -// using conn as the underlying transport. -// The configuration config must be non-nil and must have -// at least one certificate. -func Server(conn net.Conn, config *Config) *Conn { - return &Conn{conn: conn, config: config} -} - -// Client returns a new TLS client side connection -// using conn as the underlying transport. -// The config cannot be nil: users must set either ServerName or -// InsecureSkipVerify in the config. -func Client(conn net.Conn, config *Config) *Conn { - return &Conn{conn: conn, config: config, isClient: true} -} - -// A listener implements a network listener (net.Listener) for TLS connections. -type listener struct { - net.Listener - config *Config -} - -// Accept waits for and returns the next incoming TLS connection. -// The returned connection c is a *tls.Conn. -func (l *listener) Accept() (c net.Conn, err error) { - c, err = l.Listener.Accept() - if err != nil { - return - } - c = Server(c, l.config) - return -} - -// NewListener creates a Listener which accepts connections from an inner -// Listener and wraps each connection with Server. -// The configuration config must be non-nil and must have -// at least one certificate. -func NewListener(inner net.Listener, config *Config) net.Listener { - l := new(listener) - l.Listener = inner - l.config = config - return l -} - -// Listen creates a TLS listener accepting connections on the -// given network address using net.Listen. -// The configuration config must be non-nil and must have -// at least one certificate. -func Listen(network, laddr string, config *Config) (net.Listener, error) { - if config == nil || len(config.Certificates) == 0 { - return nil, errors.New("tls.Listen: no certificates in configuration") - } - l, err := net.Listen(network, laddr) - if err != nil { - return nil, err - } - return NewListener(l, config), nil -} - -type timeoutError struct{} - -func (timeoutError) Error() string { return "tls: DialWithDialer timed out" } -func (timeoutError) Timeout() bool { return true } -func (timeoutError) Temporary() bool { return true } - -// DialWithDialer connects to the given network address using dialer.Dial and -// then initiates a TLS handshake, returning the resulting TLS connection. Any -// timeout or deadline given in the dialer apply to connection and TLS -// handshake as a whole. -// -// DialWithDialer interprets a nil configuration as equivalent to the zero -// configuration; see the documentation of Config for the defaults. -func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*Conn, error) { - // We want the Timeout and Deadline values from dialer to cover the - // whole process: TCP connection and TLS handshake. This means that we - // also need to start our own timers now. - timeout := dialer.Timeout - - if !dialer.Deadline.IsZero() { - deadlineTimeout := dialer.Deadline.Sub(time.Now()) - if timeout == 0 || deadlineTimeout < timeout { - timeout = deadlineTimeout - } - } - - var errChannel chan error - - if timeout != 0 { - errChannel = make(chan error, 2) - time.AfterFunc(timeout, func() { - errChannel <- timeoutError{} - }) - } - - rawConn, err := dialer.Dial(network, addr) - if err != nil { - return nil, err - } - - colonPos := strings.LastIndex(addr, ":") - if colonPos == -1 { - colonPos = len(addr) - } - hostname := addr[:colonPos] - - if config == nil { - config = defaultConfig() - } - // If no ServerName is set, infer the ServerName - // from the hostname we're connecting to. - if config.ServerName == "" { - // Make a copy to avoid polluting argument or default. - c := *config - c.ServerName = hostname - config = &c - } - - conn := Client(rawConn, config) - - if timeout == 0 { - err = conn.Handshake() - } else { - go func() { - errChannel <- conn.Handshake() - }() - - err = <-errChannel - } - - if err != nil { - rawConn.Close() - return nil, err - } - - return conn, nil -} - -// Dial connects to the given network address using net.Dial -// and then initiates a TLS handshake, returning the resulting -// TLS connection. -// Dial interprets a nil configuration as equivalent to -// the zero configuration; see the documentation of Config -// for the defaults. -func Dial(network, addr string, config *Config) (*Conn, error) { - return DialWithDialer(new(net.Dialer), network, addr, config) -} - -// LoadX509KeyPair reads and parses a public/private key pair from a pair of -// files. The files must contain PEM encoded data. -func LoadX509KeyPair(certFile, keyFile string) (cert Certificate, err error) { - certPEMBlock, err := ioutil.ReadFile(certFile) - if err != nil { - return - } - keyPEMBlock, err := ioutil.ReadFile(keyFile) - if err != nil { - return - } - return X509KeyPair(certPEMBlock, keyPEMBlock) -} - -// X509KeyPair parses a public/private key pair from a pair of -// PEM encoded data. -func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (cert Certificate, err error) { - var certDERBlock *pem.Block - for { - certDERBlock, certPEMBlock = pem.Decode(certPEMBlock) - if certDERBlock == nil { - break - } - if certDERBlock.Type == "CERTIFICATE" { - cert.Certificate = append(cert.Certificate, certDERBlock.Bytes) - } - } - - if len(cert.Certificate) == 0 { - err = errors.New("crypto/tls: failed to parse certificate PEM data") - return - } - - var keyDERBlock *pem.Block - for { - keyDERBlock, keyPEMBlock = pem.Decode(keyPEMBlock) - if keyDERBlock == nil { - err = errors.New("crypto/tls: failed to parse key PEM data") - return - } - if keyDERBlock.Type == "PRIVATE KEY" || strings.HasSuffix(keyDERBlock.Type, " PRIVATE KEY") { - break - } - } - - cert.PrivateKey, err = parsePrivateKey(keyDERBlock.Bytes) - if err != nil { - return - } - - // We don't need to parse the public key for TLS, but we so do anyway - // to check that it looks sane and matches the private key. - x509Cert, err := x509.ParseCertificate(cert.Certificate[0]) - if err != nil { - return - } - - switch pub := x509Cert.PublicKey.(type) { - case *rsa.PublicKey: - priv, ok := cert.PrivateKey.(*rsa.PrivateKey) - if !ok { - err = errors.New("crypto/tls: private key type does not match public key type") - return - } - if pub.N.Cmp(priv.N) != 0 { - err = errors.New("crypto/tls: private key does not match public key") - return - } - case *x509.AugmentedECDSA: - priv, ok := cert.PrivateKey.(*ecdsa.PrivateKey) - if !ok { - err = errors.New("crypto/tls: private key type does not match pub.Public key type") - return - - } - if pub.Pub.X.Cmp(priv.X) != 0 || pub.Pub.Y.Cmp(priv.Y) != 0 { - err = errors.New("crypto/tls: private key does not match pub.Public key") - return - } - case *ecdsa.PublicKey: - priv, ok := cert.PrivateKey.(*ecdsa.PrivateKey) - if !ok { - err = errors.New("crypto/tls: private key type does not match public key type") - return - - } - if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 { - err = errors.New("crypto/tls: private key does not match public key") - return - } - default: - err = errors.New("crypto/tls: unknown public key algorithm") - return - } - - return -} - -// Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates -// PKCS#1 private keys by default, while OpenSSL 1.0.0 generates PKCS#8 keys. -// OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three. -func parsePrivateKey(der []byte) (crypto.PrivateKey, error) { - if key, err := x509.ParsePKCS1PrivateKey(der); err == nil { - return key, nil - } - if key, err := x509.ParsePKCS8PrivateKey(der); err == nil { - switch key := key.(type) { - case *rsa.PrivateKey, *ecdsa.PrivateKey: - return key, nil - default: - return nil, errors.New("crypto/tls: found unknown private key type in PKCS#8 wrapping") - } - } - if key, err := x509.ParseECPrivateKey(der); err == nil { - return key, nil - } - - return nil, errors.New("crypto/tls: failed to parse private key") -} diff --git a/ztools/ztls/tls_test.go b/ztools/ztls/tls_test.go deleted file mode 100644 index 1a9c9cc5..00000000 --- a/ztools/ztls/tls_test.go +++ /dev/null @@ -1,237 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "fmt" - "io" - "net" - "strings" - "testing" - "time" -) - -var rsaCertPEM = `-----BEGIN CERTIFICATE----- -MIIB0zCCAX2gAwIBAgIJAI/M7BYjwB+uMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQwHhcNMTIwOTEyMjE1MjAyWhcNMTUwOTEyMjE1MjAyWjBF -MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 -ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANLJ -hPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wok/4xIA+ui35/MmNa -rtNuC+BdZ1tMuVCPFZcCAwEAAaNQME4wHQYDVR0OBBYEFJvKs8RfJaXTH08W+SGv -zQyKn0H8MB8GA1UdIwQYMBaAFJvKs8RfJaXTH08W+SGvzQyKn0H8MAwGA1UdEwQF -MAMBAf8wDQYJKoZIhvcNAQEFBQADQQBJlffJHybjDGxRMqaRmDhX0+6v02TUKZsW -r5QuVbpQhH6u+0UgcW0jp9QwpxoPTLTWGXEWBBBurxFwiCBhkQ+V ------END CERTIFICATE----- -` - -var rsaKeyPEM = `-----BEGIN RSA PRIVATE KEY----- -MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo -k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G -6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N -MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW -SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T -xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi -D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g== ------END RSA PRIVATE KEY----- -` - -// keyPEM is the same as rsaKeyPEM, but declares itself as just -// "PRIVATE KEY", not "RSA PRIVATE KEY". http://golang.org/issue/4477 -var keyPEM = `-----BEGIN PRIVATE KEY----- -MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo -k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G -6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N -MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW -SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T -xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi -D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g== ------END PRIVATE KEY----- -` - -var ecdsaCertPEM = `-----BEGIN CERTIFICATE----- -MIIB/jCCAWICCQDscdUxw16XFDAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw -EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0 -eSBMdGQwHhcNMTIxMTE0MTI0MDQ4WhcNMTUxMTE0MTI0MDQ4WjBFMQswCQYDVQQG -EwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lk -Z2l0cyBQdHkgTHRkMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBY9+my9OoeSUR -lDQdV/x8LsOuLilthhiS1Tz4aGDHIPwC1mlvnf7fg5lecYpMCrLLhauAc1UJXcgl -01xoLuzgtAEAgv2P/jgytzRSpUYvgLBt1UA0leLYBy6mQQbrNEuqT3INapKIcUv8 -XxYP0xMEUksLPq6Ca+CRSqTtrd/23uTnapkwCQYHKoZIzj0EAQOBigAwgYYCQXJo -A7Sl2nLVf+4Iu/tAX/IF4MavARKC4PPHK3zfuGfPR3oCCcsAoz3kAzOeijvd0iXb -H5jBImIxPL4WxQNiBTexAkF8D1EtpYuWdlVQ80/h/f4pBcGiXPqX5h2PQSQY7hP1 -+jwM1FGS4fREIOvlBYr/SzzQRtwrvrzGYxDEDbsC0ZGRnA== ------END CERTIFICATE----- -` - -var ecdsaKeyPEM = `-----BEGIN EC PARAMETERS----- -BgUrgQQAIw== ------END EC PARAMETERS----- ------BEGIN EC PRIVATE KEY----- -MIHcAgEBBEIBrsoKp0oqcv6/JovJJDoDVSGWdirrkgCWxrprGlzB9o0X8fV675X0 -NwuBenXFfeZvVcwluO7/Q9wkYoPd/t3jGImgBwYFK4EEACOhgYkDgYYABAFj36bL -06h5JRGUNB1X/Hwuw64uKW2GGJLVPPhoYMcg/ALWaW+d/t+DmV5xikwKssuFq4Bz -VQldyCXTXGgu7OC0AQCC/Y/+ODK3NFKlRi+AsG3VQDSV4tgHLqZBBus0S6pPcg1q -kohxS/xfFg/TEwRSSws+roJr4JFKpO2t3/be5OdqmQ== ------END EC PRIVATE KEY----- -` - -var keyPairTests = []struct { - algo string - cert string - key string -}{ - {"ECDSA", ecdsaCertPEM, ecdsaKeyPEM}, - {"RSA", rsaCertPEM, rsaKeyPEM}, - {"RSA-untyped", rsaCertPEM, keyPEM}, // golang.org/issue/4477 -} - -func TestX509KeyPair(t *testing.T) { - var pem []byte - for _, test := range keyPairTests { - pem = []byte(test.cert + test.key) - if _, err := X509KeyPair(pem, pem); err != nil { - t.Errorf("Failed to load %s cert followed by %s key: %s", test.algo, test.algo, err) - } - pem = []byte(test.key + test.cert) - if _, err := X509KeyPair(pem, pem); err != nil { - t.Errorf("Failed to load %s key followed by %s cert: %s", test.algo, test.algo, err) - } - } -} - -func TestX509MixedKeyPair(t *testing.T) { - if _, err := X509KeyPair([]byte(rsaCertPEM), []byte(ecdsaKeyPEM)); err == nil { - t.Error("Load of RSA certificate succeeded with ECDSA private key") - } - if _, err := X509KeyPair([]byte(ecdsaCertPEM), []byte(rsaKeyPEM)); err == nil { - t.Error("Load of ECDSA certificate succeeded with RSA private key") - } -} - -func newLocalListener(t *testing.T) net.Listener { - ln, err := net.Listen("tcp", "127.0.0.1:0") - if err != nil { - ln, err = net.Listen("tcp6", "[::1]:0") - } - if err != nil { - t.Fatal(err) - } - return ln -} - -func TestDialTimeout(t *testing.T) { - if testing.Short() { - t.Skip("skipping in short mode") - } - listener := newLocalListener(t) - - addr := listener.Addr().String() - defer listener.Close() - - complete := make(chan bool) - defer close(complete) - - go func() { - conn, err := listener.Accept() - if err != nil { - t.Error(err) - return - } - <-complete - conn.Close() - }() - - dialer := &net.Dialer{ - Timeout: 10 * time.Millisecond, - } - - var err error - if _, err = DialWithDialer(dialer, "tcp", addr, nil); err == nil { - t.Fatal("DialWithTimeout completed successfully") - } - - if !strings.Contains(err.Error(), "timed out") { - t.Errorf("resulting error not a timeout: %s", err) - } -} - -// tests that Conn.Read returns (non-zero, io.EOF) instead of -// (non-zero, nil) when a Close (alertCloseNotify) is sitting right -// behind the application data in the buffer. -func TestConnReadNonzeroAndEOF(t *testing.T) { - // This test is racy: it assumes that after a write to a - // localhost TCP connection, the peer TCP connection can - // immediately read it. Because it's racy, we skip this test - // in short mode, and then retry it several times with an - // increasing sleep in between our final write (via srv.Close - // below) and the following read. - if testing.Short() { - t.Skip("skipping in short mode") - } - var err error - for delay := time.Millisecond; delay <= 64*time.Millisecond; delay *= 2 { - if err = testConnReadNonzeroAndEOF(t, delay); err == nil { - return - } - } - t.Error(err) -} - -func testConnReadNonzeroAndEOF(t *testing.T, delay time.Duration) error { - ln := newLocalListener(t) - defer ln.Close() - - srvCh := make(chan *Conn, 1) - var serr error - go func() { - sconn, err := ln.Accept() - if err != nil { - serr = err - srvCh <- nil - return - } - serverConfig := *testConfig - srv := Server(sconn, &serverConfig) - if err := srv.Handshake(); err != nil { - serr = fmt.Errorf("handshake: %v", err) - srvCh <- nil - return - } - srvCh <- srv - }() - - clientConfig := *testConfig - conn, err := Dial("tcp", ln.Addr().String(), &clientConfig) - if err != nil { - t.Fatal(err) - } - defer conn.Close() - - srv := <-srvCh - if srv == nil { - return serr - } - - buf := make([]byte, 6) - - srv.Write([]byte("foobar")) - n, err := conn.Read(buf) - if n != 6 || err != nil || string(buf) != "foobar" { - return fmt.Errorf("Read = %d, %v, data %q; want 6, nil, foobar", n, err, buf) - } - - srv.Write([]byte("abcdef")) - srv.Close() - time.Sleep(delay) - n, err = conn.Read(buf) - if n != 6 || string(buf) != "abcdef" { - return fmt.Errorf("Read = %d, buf= %q; want 6, abcdef", n, buf) - } - if err != io.EOF { - return fmt.Errorf("Second Read error = %v; want io.EOF", err) - } - return nil -} diff --git a/ztools/ztls/ztls_handshake.go b/ztools/ztls/ztls_handshake.go deleted file mode 100644 index 6e51ef73..00000000 --- a/ztools/ztls/ztls_handshake.go +++ /dev/null @@ -1,510 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "bytes" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "strings" - - "github.com/zmap/zgrab/ztools/keys" - "github.com/zmap/zgrab/ztools/x509" - "github.com/zmap/zgrab/ztools/zct" -) - -var ErrUnimplementedCipher error = errors.New("unimplemented cipher suite") -var ErrNoMutualCipher error = errors.New("no mutual cipher suite") - -type TLSVersion uint16 - -type CipherSuite uint16 - -type ClientHello struct { - Version TLSVersion `json:"version"` - Random []byte `json:"random"` - SessionID []byte `json:"session_id,omitempty"` - CipherSuites []CipherSuite `json:"cipher_suites"` - CompressionMethods []CompressionMethod `json:"compression_methods"` - OcspStapling bool `json:"ocsp_stapling"` - TicketSupported bool `json:"ticket"` - SecureRenegotiation bool `json:"secure_renegotiation"` - HeartbeatSupported bool `json:"heartbeat"` - ExtendedRandom []byte `json:"extended_random,omitempty"` - ExtendedMasterSecret bool `json:"extended_master_secret"` - NextProtoNeg bool `json:"next_protocol_negotiation"` - ServerName string `json:"server_name,omitempty"` - Scts bool `json:"scts"` - SupportedCurves []CurveID `json:"supported_curves,omitempty"` - SupportedPoints []PointFormat `json:"supported_point_formats,omitempty"` - SessionTicket *SessionTicket `json:"session_ticket,omitempty"` - SignatureAndHashes []SignatureAndHash `json:"signature_and_hashes,omitempty"` - SctEnabled bool `json:"sct_enabled"` - AlpnProtocols []string `json:"alpn_protocols,omitempty"` - UnknownExtensions [][]byte `json:"unknown_extensions,omitempty"` -} - -type ParsedAndRawSCT struct { - Raw []byte `json:"raw,omitempty"` - Parsed *ct.SignedCertificateTimestamp `json:"parsed,omitempty"` -} - -type ServerHello struct { - Version TLSVersion `json:"version"` - Random []byte `json:"random"` - SessionID []byte `json:"session_id"` - CipherSuite CipherSuite `json:"cipher_suite"` - CompressionMethod uint8 `json:"compression_method"` - OcspStapling bool `json:"ocsp_stapling"` - TicketSupported bool `json:"ticket"` - SecureRenegotiation bool `json:"secure_renegotiation"` - HeartbeatSupported bool `json:"heartbeat"` - ExtendedRandom []byte `json:"extended_random,omitempty"` - ExtendedMasterSecret bool `json:"extended_master_secret"` - SignedCertificateTimestamps []ParsedAndRawSCT `json:"scts,omitempty"` -} - -// SimpleCertificate holds a *x509.Certificate and a []byte for the certificate -type SimpleCertificate struct { - Raw []byte `json:"raw,omitempty"` - Parsed *x509.Certificate `json:"parsed,omitempty"` -} - -// Certificates represents a TLS certificates message in a format friendly to the golang JSON library. -// ValidationError should be non-nil whenever Valid is false. -type Certificates struct { - Certificate SimpleCertificate `json:"certificate,omitempty"` - Chain []SimpleCertificate `json:"chain,omitempty"` - Validation *x509.Validation `json:"validation,omitempty"` -} - -// ServerKeyExchange represents the raw key data sent by the server in TLS key exchange message -type ServerKeyExchange struct { - Raw []byte `json:"-"` - RSAParams *keys.RSAPublicKey `json:"rsa_params,omitempty"` - DHParams *keys.DHParams `json:"dh_params,omitempty"` - ECDHParams *keys.ECDHParams `json:"ecdh_params,omitempty"` - Signature *DigitalSignature `json:"signature,omitempty"` - SignatureError string `json:"signature_error,omitempty"` -} - -// ClientKeyExchange represents the raw key data sent by the client in TLS key exchange message -type ClientKeyExchange struct { - Raw []byte `json:"-"` - RSAParams *keys.RSAClientParams `json:"rsa_params,omitempty"` - DHParams *keys.DHParams `json:"dh_params,omitempty"` - ECDHParams *keys.ECDHParams `json:"ecdh_params,omitempty"` -} - -// Finished represents a TLS Finished message -type Finished struct { - VerifyData []byte `json:"verify_data"` -} - -// SessionTicket represents the new session ticket sent by the server to the -// client -type SessionTicket struct { - Value []uint8 `json:"value,omitempty"` - Length int `json:"length,omitempty"` - LifetimeHint uint32 `json:"lifetime_hint,omitempty"` -} - -type MasterSecret struct { - Value []byte `json:"value,omitempty"` - Length int `json:"length,omitempty"` -} - -type PreMasterSecret struct { - Value []byte `json:"value,omitempty"` - Length int `json:"length,omitempty"` -} - -// KeyMaterial explicitly represent the cryptographic values negotiated by -// the client and server -type KeyMaterial struct { - MasterSecret *MasterSecret `json:"master_secret,omitempty"` - PreMasterSecret *PreMasterSecret `json:"pre_master_secret,omitempty"` -} - -// ServerHandshake stores all of the messages sent by the server during a standard TLS Handshake. -// It implements zgrab.EventData interface -type ServerHandshake struct { - ClientHello *ClientHello `json:"client_hello,omitempty"` - ServerHello *ServerHello `json:"server_hello,omitempty"` - ServerCertificates *Certificates `json:"server_certificates,omitempty"` - ServerKeyExchange *ServerKeyExchange `json:"server_key_exchange,omitempty"` - ClientKeyExchange *ClientKeyExchange `json:"client_key_exchange,omitempty"` - ClientFinished *Finished `json:"client_finished,omitempty"` - SessionTicket *SessionTicket `json:"session_ticket,omitempty"` - ServerFinished *Finished `json:"server_finished,omitempty"` - KeyMaterial *KeyMaterial `json:"key_material,omitempty"` -} - -// MarshalJSON implements the json.Marshler interface -func (v *TLSVersion) MarshalJSON() ([]byte, error) { - aux := struct { - Name string `json:"name"` - Value int `json:"value"` - }{ - Name: v.String(), - Value: int(*v), - } - return json.Marshal(&aux) -} - -// UnmarshalJSON implements the json.Unmarshaler interface -func (v *TLSVersion) UnmarshalJSON(b []byte) error { - aux := struct { - Name string `json:"name"` - Value int `json:"value"` - }{} - if err := json.Unmarshal(b, &aux); err != nil { - return err - } - *v = TLSVersion(aux.Value) - if expectedName := v.String(); expectedName != aux.Name { - return fmt.Errorf("mismatched tls version and name: version: %d, name: %s, expected name: %s", aux.Value, aux.Name, expectedName) - } - return nil -} - -// MarshalJSON implements the json.Marshler interface -func (cs *CipherSuite) MarshalJSON() ([]byte, error) { - buf := make([]byte, 2) - buf[0] = byte(*cs >> 8) - buf[1] = byte(*cs) - enc := strings.ToUpper(hex.EncodeToString(buf)) - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value int `json:"value"` - }{ - Hex: fmt.Sprintf("0x%s", enc), - Name: cs.String(), - Value: int(*cs), - } - return json.Marshal(&aux) -} - -// UnmarshalJSON implements the json.Unmarshaler interface -func (cs *CipherSuite) UnmarshalJSON(b []byte) error { - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint16 `json:"value"` - }{} - if err := json.Unmarshal(b, &aux); err != nil { - return err - } - if expectedName := nameForSuite(aux.Value); expectedName != aux.Name { - return fmt.Errorf("mismatched cipher suite and name, suite: %d, name: %s, expected name: %s", aux.Value, aux.Name, expectedName) - } - *cs = CipherSuite(aux.Value) - return nil -} - -type CompressionMethod uint8 - -func (cm *CompressionMethod) MarshalJSON() ([]byte, error) { - buf := make([]byte, 1) - buf[0] = byte(*cm) - enc := strings.ToUpper(hex.EncodeToString(buf)) - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint8 `json:"value"` - }{ - Hex: fmt.Sprintf("0x%s", enc), - Name: cm.String(), - Value: uint8(*cm), - } - - return json.Marshal(aux) -} - -func (cm *CompressionMethod) UnmarshalJSON(b []byte) error { - aux := struct { - Hex string `json:"hex"` - Name string `json:"name"` - Value uint8 `json:"value"` - }{} - if err := json.Unmarshal(b, &aux); err != nil { - return err - } - if expectedName := nameForCompressionMethod(aux.Value); expectedName != aux.Name { - return fmt.Errorf("mismatched compression method and name, compression method: %d, name: %s, expected name: %s", aux.Value, aux.Name, expectedName) - } - *cm = CompressionMethod(aux.Value) - return nil -} - -func (c *Conn) GetHandshakeLog() *ServerHandshake { - return c.handshakeLog -} - -func (c *Conn) InCipher() (cipher interface{}) { - return c.in.cipher -} - -func (c *Conn) InSeq() []byte { - return c.in.seq[:] -} - -func (c *Conn) OutCipher() (cipher interface{}) { - return c.out.cipher -} - -func (c *Conn) OutSeq() []byte { - return c.out.seq[:] -} - -func (m *clientHelloMsg) MakeLog() *ClientHello { - ch := new(ClientHello) - - ch.Version = TLSVersion(m.vers) - - ch.Random = make([]byte, len(m.random)) - copy(ch.Random, m.random) - - ch.SessionID = make([]byte, len(m.sessionId)) - copy(ch.SessionID, m.sessionId) - - ch.CipherSuites = make([]CipherSuite, len(m.cipherSuites)) - for i, aCipher := range m.cipherSuites { - ch.CipherSuites[i] = CipherSuite(aCipher) - } - - ch.CompressionMethods = make([]CompressionMethod, len(m.compressionMethods)) - for i, aCompressMethod := range m.compressionMethods { - ch.CompressionMethods[i] = CompressionMethod(aCompressMethod) - } - - ch.OcspStapling = m.ocspStapling - ch.TicketSupported = m.ticketSupported - ch.SecureRenegotiation = m.secureRenegotiation - ch.HeartbeatSupported = m.heartbeatEnabled - - if len(m.extendedRandom) > 0 { - ch.ExtendedRandom = make([]byte, len(m.extendedRandom)) - copy(ch.ExtendedRandom, m.extendedRandom) - } - - ch.NextProtoNeg = m.nextProtoNeg - ch.ServerName = m.serverName - ch.Scts = m.scts - - ch.SupportedCurves = make([]CurveID, len(m.supportedCurves)) - copy(ch.SupportedCurves, m.supportedCurves) - - ch.SupportedPoints = make([]PointFormat, len(m.supportedPoints)) - for i, aFormat := range m.supportedPoints { - ch.SupportedPoints[i] = PointFormat(aFormat) - } - - if len(m.sessionTicket) > 0 { - ch.SessionTicket = new(SessionTicket) - copy(ch.SessionTicket.Value, m.sessionTicket) - ch.SessionTicket.Length = len(m.sessionTicket) - ch.SessionTicket.LifetimeHint = 0 // Clients don't send - } - - ch.SignatureAndHashes = make([]SignatureAndHash, len(m.signatureAndHashes)) - for i, aGroup := range m.signatureAndHashes { - ch.SignatureAndHashes[i] = SignatureAndHash(aGroup) - } - - ch.SctEnabled = m.sctEnabled - - ch.AlpnProtocols = make([]string, len(m.alpnProtocols)) - copy(ch.AlpnProtocols, m.alpnProtocols) - - ch.UnknownExtensions = make([][]byte, len(m.unknownExtensions)) - for i, extBytes := range m.unknownExtensions { - tempBytes := make([]byte, len(extBytes)) - copy(tempBytes, extBytes) - ch.UnknownExtensions[i] = tempBytes - } - return ch -} - -func (m *serverHelloMsg) MakeLog() *ServerHello { - sh := new(ServerHello) - sh.Version = TLSVersion(m.vers) - sh.Random = make([]byte, len(m.random)) - copy(sh.Random, m.random) - sh.SessionID = make([]byte, len(m.sessionId)) - copy(sh.SessionID, m.sessionId) - sh.CipherSuite = CipherSuite(m.cipherSuite) - sh.CompressionMethod = m.compressionMethod - sh.OcspStapling = m.ocspStapling - sh.TicketSupported = m.ticketSupported - sh.SecureRenegotiation = m.secureRenegotiation - sh.HeartbeatSupported = m.heartbeatEnabled - if len(m.extendedRandom) > 0 { - sh.ExtendedRandom = make([]byte, len(m.extendedRandom)) - copy(sh.ExtendedRandom, m.extendedRandom) - } - if len(m.scts) > 0 { - for _, rawSCT := range m.scts { - var out ParsedAndRawSCT - out.Raw = make([]byte, len(rawSCT)) - copy(out.Raw, rawSCT) - sct, err := ct.DeserializeSCT(bytes.NewReader(rawSCT)) - if err == nil { - out.Parsed = sct - } - sh.SignedCertificateTimestamps = append(sh.SignedCertificateTimestamps, out) - } - } - sh.ExtendedMasterSecret = m.extendedMasterSecret - return sh -} - -func (m *certificateMsg) MakeLog() *Certificates { - sc := new(Certificates) - if len(m.certificates) >= 1 { - cert := m.certificates[0] - sc.Certificate.Raw = make([]byte, len(cert)) - copy(sc.Certificate.Raw, cert) - } - if len(m.certificates) >= 2 { - chain := m.certificates[1:] - sc.Chain = make([]SimpleCertificate, len(chain)) - for idx, cert := range chain { - sc.Chain[idx].Raw = make([]byte, len(cert)) - copy(sc.Chain[idx].Raw, cert) - } - } - return sc -} - -// addParsed sets the parsed certificates and the validation. It assumes the -// chain slice has already been allocated. -func (c *Certificates) addParsed(certs []*x509.Certificate, validation *x509.Validation) { - if len(certs) >= 1 { - c.Certificate.Parsed = certs[0] - } - if len(certs) >= 2 { - chain := certs[1:] - for idx, cert := range chain { - c.Chain[idx].Parsed = cert - } - } - c.Validation = validation -} - -func (m *serverKeyExchangeMsg) MakeLog(ka keyAgreement) *ServerKeyExchange { - skx := new(ServerKeyExchange) - skx.Raw = make([]byte, len(m.key)) - var auth keyAgreementAuthentication - var errAuth error - copy(skx.Raw, m.key) - - // Write out parameters - switch ka := ka.(type) { - case *rsaKeyAgreement: - skx.RSAParams = ka.RSAParams() - auth = ka.auth - errAuth = ka.verifyError - case *dheKeyAgreement: - skx.DHParams = ka.DHParams() - auth = ka.auth - errAuth = ka.verifyError - case *ecdheKeyAgreement: - skx.ECDHParams = ka.ECDHParams() - auth = ka.auth - errAuth = ka.verifyError - default: - break - } - - // Write out signature - switch auth := auth.(type) { - case *signedKeyAgreement: - skx.Signature = auth.Signature() - default: - break - } - - // Write the signature validation error - if errAuth != nil { - skx.SignatureError = errAuth.Error() - } - - return skx -} - -func (m *finishedMsg) MakeLog() *Finished { - sf := new(Finished) - sf.VerifyData = make([]byte, len(m.verifyData)) - copy(sf.VerifyData, m.verifyData) - return sf -} - -func (m *ClientSessionState) MakeLog() *SessionTicket { - st := new(SessionTicket) - st.Length = len(m.sessionTicket) - st.Value = make([]uint8, st.Length) - copy(st.Value, m.sessionTicket) - st.LifetimeHint = m.lifetimeHint - return st -} - -func (m *clientHandshakeState) MakeLog() *KeyMaterial { - keymat := new(KeyMaterial) - - keymat.MasterSecret = new(MasterSecret) - keymat.MasterSecret.Length = len(m.masterSecret) - keymat.MasterSecret.Value = make([]byte, len(m.masterSecret)) - copy(keymat.MasterSecret.Value, m.masterSecret) - - keymat.PreMasterSecret = new(PreMasterSecret) - keymat.PreMasterSecret.Length = len(m.preMasterSecret) - keymat.PreMasterSecret.Value = make([]byte, len(m.preMasterSecret)) - copy(keymat.PreMasterSecret.Value, m.preMasterSecret) - - return keymat -} - -func (m *serverHandshakeState) MakeLog() *KeyMaterial { - keymat := new(KeyMaterial) - - keymat.MasterSecret = new(MasterSecret) - keymat.MasterSecret.Length = len(m.masterSecret) - keymat.MasterSecret.Value = make([]byte, len(m.masterSecret)) - copy(keymat.MasterSecret.Value, m.masterSecret) - - keymat.PreMasterSecret = new(PreMasterSecret) - keymat.PreMasterSecret.Length = len(m.preMasterSecret) - keymat.PreMasterSecret.Value = make([]byte, len(m.preMasterSecret)) - copy(keymat.PreMasterSecret.Value, m.preMasterSecret) - - return keymat -} - -func (m *clientKeyExchangeMsg) MakeLog(ka keyAgreement) *ClientKeyExchange { - ckx := new(ClientKeyExchange) - ckx.Raw = make([]byte, len(m.raw)) - copy(ckx.Raw, m.raw) - - switch ka := ka.(type) { - case *rsaKeyAgreement: - ckx.RSAParams = new(keys.RSAClientParams) - ckx.RSAParams.Length = uint16(len(m.ciphertext) - 2) // First 2 bytes are length - ckx.RSAParams.EncryptedPMS = make([]byte, len(m.ciphertext)-2) - copy(ckx.RSAParams.EncryptedPMS, m.ciphertext[2:]) - // Premaster-Secret is available in KeyMaterial record - case *dheKeyAgreement: - ckx.DHParams = ka.ClientDHParams() - case *ecdheKeyAgreement: - ckx.ECDHParams = ka.ClientECDHParams() - default: - break - } - - return ckx -} diff --git a/ztools/ztls/ztls_handshake_test.go b/ztools/ztls/ztls_handshake_test.go deleted file mode 100644 index 105bdf93..00000000 --- a/ztools/ztls/ztls_handshake_test.go +++ /dev/null @@ -1,50 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "encoding/json" - "reflect" - "testing" -) - -type ZTLSHandshakeSuite struct{} - -func marshalAndUnmarshal(original interface{}, target interface{}) error { - var b []byte - var err error - if b, err = json.Marshal(original); err != nil { - return err - } - if err = json.Unmarshal(b, target); err != nil { - return err - } - return nil -} - -func marshalAndUnmarshalAndCheckEquality(original interface{}, target interface{}, t *testing.T) { - if err := marshalAndUnmarshal(original, target); err != nil { - t.Fatalf("unable to marshalAndUnmarshal: %s", err.Error()) - } - if eq := reflect.DeepEqual(original, target); eq != true { - t.Errorf("expected %+v to equal %+v", original, target) - } -} - -func TestTLSVersionEncodeDecode(t *testing.T) { - v := TLSVersion(VersionTLS12) - var dec TLSVersion - marshalAndUnmarshalAndCheckEquality(&v, &dec, t) -} - -func TestCipherSuiteEncodeDecode(t *testing.T) { - v := CipherSuite(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) - var dec CipherSuite - marshalAndUnmarshalAndCheckEquality(&v, &dec, t) - expectedName := nameForSuite(TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256) - if decodedName := dec.String(); decodedName != expectedName { - t.Errorf("decoded wrong name, got %s, expected %s", decodedName, expectedName) - } -} diff --git a/ztools/ztls/ztls_heartbeat.go b/ztools/ztls/ztls_heartbeat.go deleted file mode 100644 index beb3f512..00000000 --- a/ztools/ztls/ztls_heartbeat.go +++ /dev/null @@ -1,89 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "errors" -) - -const ( - // Record Type - recordTypeHeartbeat recordType = 24 - - // Extension Number - extensionHeartbeat uint16 = 15 - - // Heartbeat Mode - heartbeatModePeerAllowed uint8 = 1 - heartbeatModePeerNotAllowed uint8 = 2 - - // Heartbeat Message Types - heartbeatTypeRequest uint8 = 1 - heartbeatTypeResponse uint8 = 2 -) - -var ( - HeartbleedError = errors.New("Error after Heartbleed") -) - -type Heartbleed struct { - HeartbeatEnabled bool `json:"heartbeat_enabled"` - Vulnerable bool `json:"heartbleed_vulnerable"` -} - -type heartbleedMessage struct { - raw []byte -} - -func (m *heartbleedMessage) marshal() []byte { - x := make([]byte, 3) - x[0] = 1 - x[1] = byte(0x00) - x[2] = byte(0x00) - m.raw = x - return x -} - -func (c *Conn) CheckHeartbleed(b []byte) (n int, err error) { - if err = c.Handshake(); err != nil { - return - } - if !c.heartbeat { - return - } - c.in.Lock() - defer c.in.Unlock() - - hb := heartbleedMessage{} - hb.marshal() - - if _, err = c.writeRecord(recordTypeHeartbeat, hb.raw); err != nil { - return 0, err - } - - if err = c.readRecord(recordTypeHeartbeat); err != nil { - return 0, HeartbleedError - } - if c.in.err != nil { - return 0, HeartbleedError - } - n, err = c.input.Read(b) - if c.input.off >= len(c.input.data) { - c.in.freeBlock(c.input) - c.input = nil - } - - if n != 0 { - return n, HeartbleedError - } - if err != nil { - return 0, HeartbleedError - } - return 0, HeartbleedError -} - -func (c *Conn) GetHeartbleedLog() *Heartbleed { - return c.heartbleedLog -} diff --git a/ztools/ztls/ztls_ka.go b/ztools/ztls/ztls_ka.go deleted file mode 100644 index 6ec664a5..00000000 --- a/ztools/ztls/ztls_ka.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import ( - "encoding/json" - "math/big" - "regexp" - "strconv" - - "github.com/zmap/zgrab/ztools/keys" -) - -// SignatureAndHash is a signatureAndHash that implements json.Marshaler and -// json.Unmarshaler -type SignatureAndHash signatureAndHash - -type auxSignatureAndHash struct { - SignatureAlgorithm string `json:"signature_algorithm"` - HashAlgorithm string `json:"hash_algorithm"` -} - -// MarshalJSON implements the json.Marshaler interface -func (sh *SignatureAndHash) MarshalJSON() ([]byte, error) { - aux := auxSignatureAndHash{ - SignatureAlgorithm: nameForSignature(sh.signature), - HashAlgorithm: nameForHash(sh.hash), - } - return json.Marshal(&aux) -} - -var unknownAlgorithmRegex = regexp.MustCompile(`unknown\.(\d+)`) - -// UnmarshalJSON implements the json.Unmarshaler interface -func (sh *SignatureAndHash) UnmarshalJSON(b []byte) error { - aux := new(auxSignatureAndHash) - if err := json.Unmarshal(b, aux); err != nil { - return err - } - // TODO implement - panic("unimplemented") -} - -func (ka *rsaKeyAgreement) RSAParams() *keys.RSAPublicKey { - out := new(keys.RSAPublicKey) - out.PublicKey = ka.publicKey - return out -} - -func (ka *ecdheKeyAgreement) ECDHParams() *keys.ECDHParams { - out := new(keys.ECDHParams) - out.TLSCurveID = keys.TLSCurveID(ka.curveID) - out.ServerPublic = &keys.ECPoint{} - if ka.x != nil { - out.ServerPublic.X = new(big.Int) - out.ServerPublic.X.Set(ka.x) - } - if ka.y != nil { - out.ServerPublic.Y = new(big.Int) - out.ServerPublic.Y.Set(ka.y) - } - if len(ka.serverPrivKey) > 0 { - out.ServerPrivate = new(keys.ECDHPrivateParams) - out.ServerPrivate.Length = len(ka.serverPrivKey) - out.ServerPrivate.Value = make([]byte, len(ka.serverPrivKey)) - copy(out.ServerPrivate.Value, ka.serverPrivKey) - } - return out -} - -func (ka *ecdheKeyAgreement) ClientECDHParams() *keys.ECDHParams { - out := new(keys.ECDHParams) - out.TLSCurveID = keys.TLSCurveID(ka.curveID) - out.ClientPublic = &keys.ECPoint{} - if ka.clientX != nil { - out.ClientPublic.X = new(big.Int) - out.ClientPublic.X.Set(ka.clientX) - } - if ka.clientY != nil { - out.ClientPublic.Y = new(big.Int) - out.ClientPublic.Y.Set(ka.clientY) - } - - if len(ka.clientPrivKey) > 0 { - out.ClientPrivate = new(keys.ECDHPrivateParams) - out.ClientPrivate.Length = len(ka.clientPrivKey) - out.ClientPrivate.Value = make([]byte, len(ka.clientPrivKey)) - copy(out.ClientPrivate.Value, ka.clientPrivKey) - } - return out -} - -func (ka *dheKeyAgreement) DHParams() *keys.DHParams { - out := new(keys.DHParams) - if ka.p != nil { - out.Prime = new(big.Int).Set(ka.p) - } - if ka.g != nil { - out.Generator = new(big.Int).Set(ka.g) - } - if ka.yServer != nil { - out.ServerPublic = new(big.Int).Set(ka.yServer) - } - if ka.yServer.Cmp(ka.yOurs) == 0 && ka.xOurs != nil { - out.ServerPrivate = new(big.Int).Set(ka.xOurs) - } - return out -} - -func (ka *dheKeyAgreement) ClientDHParams() *keys.DHParams { - out := new(keys.DHParams) - if ka.p != nil { - out.Prime = new(big.Int).Set(ka.p) - } - if ka.g != nil { - out.Generator = new(big.Int).Set(ka.g) - } - if ka.yClient != nil { - out.ClientPublic = new(big.Int).Set(ka.yClient) - } - if ka.yClient.Cmp(ka.yOurs) == 0 && ka.xOurs != nil { - out.ClientPrivate = new(big.Int).Set(ka.xOurs) - } - return out -} - -// DigitalSignature represents a signature for a digitally-signed-struct in the -// TLS record protocol. It is dependent on the version of TLS in use. In TLS -// 1.2, the first two bytes of the signature specify the signature and hash -// algorithms. These are contained the TLSSignature.Raw field, but also parsed -// out into TLSSignature.SigHashExtension. In older versions of TLS, the -// signature and hash extension is not used, and so -// TLSSignature.SigHashExtension will be empty. The version string is stored in -// TLSSignature.TLSVersion. -type DigitalSignature struct { - Raw []byte `json:"raw"` - Type string `json:"type,omitempty"` - Valid bool `json:"valid"` - SigHashExtension *SignatureAndHash `json:"signature_and_hash_type,omitempty"` - Version TLSVersion `json:"tls_version"` -} - -func signatureTypeToName(sigType uint8) string { - switch sigType { - case signatureRSA: - return "rsa" - case signatureDSA: - return "dsa" - case signatureECDSA: - return "ecdsa" - default: - break - } - return "unknown." + strconv.Itoa(int(sigType)) -} - -func (ka *signedKeyAgreement) Signature() *DigitalSignature { - out := DigitalSignature{ - Raw: ka.raw, - Type: signatureTypeToName(ka.sigType), - Valid: ka.valid, - Version: TLSVersion(ka.version), - } - if ka.version >= VersionTLS12 { - out.SigHashExtension = new(SignatureAndHash) - *out.SigHashExtension = SignatureAndHash(ka.sh) - } - return &out -} diff --git a/ztools/ztls/ztls_names.go b/ztools/ztls/ztls_names.go deleted file mode 100644 index fcce2b96..00000000 --- a/ztools/ztls/ztls_names.go +++ /dev/null @@ -1,565 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package ztls - -import "strconv" - -var signatureNames map[uint8]string -var hashNames map[uint8]string -var cipherSuiteNames map[int]string -var compressionNames map[uint8]string -var curveNames map[uint16]string -var pointFormatNames map[uint8]string -var clientAuthTypeNames map[int]string -var signatureSchemeNames map[uint16]string - -func init() { - signatureNames = make(map[uint8]string, 8) - signatureNames[signatureRSA] = "rsa" - signatureNames[signatureDSA] = "dsa" - signatureNames[signatureECDSA] = "ecdsa" - - hashNames = make(map[uint8]string, 16) - hashNames[hashMD5] = "md5" - hashNames[hashSHA1] = "sha1" - hashNames[hashSHA224] = "sha224" - hashNames[hashSHA256] = "sha256" - hashNames[hashSHA384] = "sha384" - hashNames[hashSHA512] = "sha512" - - cipherSuiteNames = make(map[int]string, 512) - cipherSuiteNames[0x0000] = "TLS_NULL_WITH_NULL_NULL" - cipherSuiteNames[0x0001] = "TLS_RSA_WITH_NULL_MD5" - cipherSuiteNames[0x0002] = "TLS_RSA_WITH_NULL_SHA" - cipherSuiteNames[0x0003] = "TLS_RSA_EXPORT_WITH_RC4_40_MD5" - cipherSuiteNames[0x0004] = "TLS_RSA_WITH_RC4_128_MD5" - cipherSuiteNames[0x0005] = "TLS_RSA_WITH_RC4_128_SHA" - cipherSuiteNames[0x0006] = "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5" - cipherSuiteNames[0x0007] = "TLS_RSA_WITH_IDEA_CBC_SHA" - cipherSuiteNames[0x0008] = "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA" - cipherSuiteNames[0x0009] = "TLS_RSA_WITH_DES_CBC_SHA" - cipherSuiteNames[0x000A] = "TLS_RSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x000B] = "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA" - cipherSuiteNames[0x000C] = "TLS_DH_DSS_WITH_DES_CBC_SHA" - cipherSuiteNames[0x000D] = "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x000E] = "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA" - cipherSuiteNames[0x000F] = "TLS_DH_RSA_WITH_DES_CBC_SHA" - cipherSuiteNames[0x0010] = "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x0011] = "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA" - cipherSuiteNames[0x0012] = "TLS_DHE_DSS_WITH_DES_CBC_SHA" - cipherSuiteNames[0x0013] = "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x0014] = "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA" - cipherSuiteNames[0x0015] = "TLS_DHE_RSA_WITH_DES_CBC_SHA" - cipherSuiteNames[0x0016] = "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x0017] = "TLS_DH_ANON_EXPORT_WITH_RC4_40_MD5" - cipherSuiteNames[0x0018] = "TLS_DH_ANON_WITH_RC4_128_MD5" - cipherSuiteNames[0x0019] = "TLS_DH_ANON_EXPORT_WITH_DES40_CBC_SHA" - cipherSuiteNames[0x001A] = "TLS_DH_ANON_WITH_DES_CBC_SHA" - cipherSuiteNames[0x001B] = "TLS_DH_ANON_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x001C] = "SSL_FORTEZZA_KEA_WITH_NULL_SHA" - cipherSuiteNames[0x001D] = "SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA" - cipherSuiteNames[0x001E] = "TLS_KRB5_WITH_DES_CBC_SHA" - cipherSuiteNames[0x001F] = "TLS_KRB5_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x0020] = "TLS_KRB5_WITH_RC4_128_SHA" - cipherSuiteNames[0x0021] = "TLS_KRB5_WITH_IDEA_CBC_SHA" - cipherSuiteNames[0x0022] = "TLS_KRB5_WITH_DES_CBC_MD5" - cipherSuiteNames[0x0023] = "TLS_KRB5_WITH_3DES_EDE_CBC_MD5" - cipherSuiteNames[0x0024] = "TLS_KRB5_WITH_RC4_128_MD5" - cipherSuiteNames[0x0025] = "TLS_KRB5_WITH_IDEA_CBC_MD5" - cipherSuiteNames[0x0026] = "TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA" - cipherSuiteNames[0x0027] = "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA" - cipherSuiteNames[0x0028] = "TLS_KRB5_EXPORT_WITH_RC4_40_SHA" - cipherSuiteNames[0x0029] = "TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5" - cipherSuiteNames[0x002A] = "TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5" - cipherSuiteNames[0x002B] = "TLS_KRB5_EXPORT_WITH_RC4_40_MD5" - cipherSuiteNames[0x002C] = "TLS_PSK_WITH_NULL_SHA" - cipherSuiteNames[0x002D] = "TLS_DHE_PSK_WITH_NULL_SHA" - cipherSuiteNames[0x002E] = "TLS_RSA_PSK_WITH_NULL_SHA" - cipherSuiteNames[0x002F] = "TLS_RSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0030] = "TLS_DH_DSS_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0031] = "TLS_DH_RSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0032] = "TLS_DHE_DSS_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0033] = "TLS_DHE_RSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0034] = "TLS_DH_ANON_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0035] = "TLS_RSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0036] = "TLS_DH_DSS_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0037] = "TLS_DH_RSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0038] = "TLS_DHE_DSS_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0039] = "TLS_DHE_RSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x003A] = "TLS_DH_ANON_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x003B] = "TLS_RSA_WITH_NULL_SHA256" - cipherSuiteNames[0x003C] = "TLS_RSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x003D] = "TLS_RSA_WITH_AES_256_CBC_SHA256" - cipherSuiteNames[0x003E] = "TLS_DH_DSS_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x003F] = "TLS_DH_RSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x0040] = "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x0041] = "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA" - cipherSuiteNames[0x0042] = "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA" - cipherSuiteNames[0x0043] = "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA" - cipherSuiteNames[0x0044] = "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA" - cipherSuiteNames[0x0045] = "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA" - cipherSuiteNames[0x0046] = "TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA" - cipherSuiteNames[0x0047] = "TLS_ECDH_ECDSA_WITH_NULL_SHA" - cipherSuiteNames[0x0048] = "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" - cipherSuiteNames[0x0049] = "TLS_ECDH_ECDSA_WITH_DES_CBC_SHA" - cipherSuiteNames[0x004A] = "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x004B] = "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x004C] = "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0060] = "TLS_RSA_EXPORT1024_WITH_RC4_56_MD5" - cipherSuiteNames[0x0061] = "TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5" - cipherSuiteNames[0x0062] = "TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA" - cipherSuiteNames[0x0063] = "TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA" - cipherSuiteNames[0x0064] = "TLS_RSA_EXPORT1024_WITH_RC4_56_SHA" - cipherSuiteNames[0x0065] = "TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA" - cipherSuiteNames[0x0066] = "TLS_DHE_DSS_WITH_RC4_128_SHA" - cipherSuiteNames[0x0067] = "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x0068] = "TLS_DH_DSS_WITH_AES_256_CBC_SHA256" - cipherSuiteNames[0x0069] = "TLS_DH_RSA_WITH_AES_256_CBC_SHA256" - cipherSuiteNames[0x006A] = "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256" - cipherSuiteNames[0x006B] = "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" - cipherSuiteNames[0x006C] = "TLS_DH_ANON_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x006D] = "TLS_DH_ANON_WITH_AES_256_CBC_SHA256" - cipherSuiteNames[0x0080] = "TLS_GOSTR341094_WITH_28147_CNT_IMIT" - cipherSuiteNames[0x0081] = "TLS_GOSTR341001_WITH_28147_CNT_IMIT" - cipherSuiteNames[0x0082] = "TLS_GOSTR341094_WITH_NULL_GOSTR3411" - cipherSuiteNames[0x0083] = "TLS_GOSTR341001_WITH_NULL_GOSTR3411" - cipherSuiteNames[0x0084] = "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA" - cipherSuiteNames[0x0085] = "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA" - cipherSuiteNames[0x0086] = "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA" - cipherSuiteNames[0x0087] = "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA" - cipherSuiteNames[0x0088] = "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA" - cipherSuiteNames[0x0089] = "TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA" - cipherSuiteNames[0x008A] = "TLS_PSK_WITH_RC4_128_SHA" - cipherSuiteNames[0x008B] = "TLS_PSK_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x008C] = "TLS_PSK_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x008D] = "TLS_PSK_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x008E] = "TLS_DHE_PSK_WITH_RC4_128_SHA" - cipherSuiteNames[0x008F] = "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x0090] = "TLS_DHE_PSK_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0091] = "TLS_DHE_PSK_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0092] = "TLS_RSA_PSK_WITH_RC4_128_SHA" - cipherSuiteNames[0x0093] = "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0x0094] = "TLS_RSA_PSK_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0x0095] = "TLS_RSA_PSK_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0x0096] = "TLS_RSA_WITH_SEED_CBC_SHA" - cipherSuiteNames[0x0097] = "TLS_DH_DSS_WITH_SEED_CBC_SHA" - cipherSuiteNames[0x0098] = "TLS_DH_RSA_WITH_SEED_CBC_SHA" - cipherSuiteNames[0x0099] = "TLS_DHE_DSS_WITH_SEED_CBC_SHA" - cipherSuiteNames[0x009A] = "TLS_DHE_RSA_WITH_SEED_CBC_SHA" - cipherSuiteNames[0x009B] = "TLS_DH_ANON_WITH_SEED_CBC_SHA" - cipherSuiteNames[0x009C] = "TLS_RSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x009D] = "TLS_RSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x009E] = "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x009F] = "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00A0] = "TLS_DH_RSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00A1] = "TLS_DH_RSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00A2] = "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00A3] = "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00A4] = "TLS_DH_DSS_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00A5] = "TLS_DH_DSS_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00A6] = "TLS_DH_ANON_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00A7] = "TLS_DH_ANON_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00A8] = "TLS_PSK_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00A9] = "TLS_PSK_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00AA] = "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00AB] = "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00AC] = "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0x00AD] = "TLS_RSA_PSK_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0x00AE] = "TLS_PSK_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x00AF] = "TLS_PSK_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0x00B0] = "TLS_PSK_WITH_NULL_SHA256" - cipherSuiteNames[0x00B1] = "TLS_PSK_WITH_NULL_SHA384" - cipherSuiteNames[0x00B2] = "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x00B3] = "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0x00B4] = "TLS_DHE_PSK_WITH_NULL_SHA256" - cipherSuiteNames[0x00B5] = "TLS_DHE_PSK_WITH_NULL_SHA384" - cipherSuiteNames[0x00B6] = "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0x00B7] = "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0x00B8] = "TLS_RSA_PSK_WITH_NULL_SHA256" - cipherSuiteNames[0x00B9] = "TLS_RSA_PSK_WITH_NULL_SHA384" - cipherSuiteNames[0x00BA] = "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0x00BB] = "TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0x00BC] = "TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0x00BD] = "TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0x00BE] = "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0x00BF] = "TLS_DH_ANON_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0x00C0] = "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256" - cipherSuiteNames[0x00C1] = "TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256" - cipherSuiteNames[0x00C2] = "TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256" - cipherSuiteNames[0x00C3] = "TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256" - cipherSuiteNames[0x00C4] = "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256" - cipherSuiteNames[0x00C5] = "TLS_DH_ANON_WITH_CAMELLIA_256_CBC_SHA256" - cipherSuiteNames[0x00FF] = "TLS_RENEGO_PROTECTION_REQUEST" - cipherSuiteNames[0x5600] = "TLS_FALLBACK_SCSV" - cipherSuiteNames[0xC001] = "TLS_ECDH_ECDSA_WITH_NULL_SHA" - cipherSuiteNames[0xC002] = "TLS_ECDH_ECDSA_WITH_RC4_128_SHA" - cipherSuiteNames[0xC003] = "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC004] = "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC005] = "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC006] = "TLS_ECDHE_ECDSA_WITH_NULL_SHA" - cipherSuiteNames[0xC007] = "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA" - cipherSuiteNames[0xC008] = "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC009] = "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC00A] = "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC00B] = "TLS_ECDH_RSA_WITH_NULL_SHA" - cipherSuiteNames[0xC00C] = "TLS_ECDH_RSA_WITH_RC4_128_SHA" - cipherSuiteNames[0xC00D] = "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC00E] = "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC00F] = "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC010] = "TLS_ECDHE_RSA_WITH_NULL_SHA" - cipherSuiteNames[0xC011] = "TLS_ECDHE_RSA_WITH_RC4_128_SHA" - cipherSuiteNames[0xC012] = "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC013] = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC014] = "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC015] = "TLS_ECDH_ANON_WITH_NULL_SHA" - cipherSuiteNames[0xC016] = "TLS_ECDH_ANON_WITH_RC4_128_SHA" - cipherSuiteNames[0xC017] = "TLS_ECDH_ANON_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC018] = "TLS_ECDH_ANON_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC019] = "TLS_ECDH_ANON_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC01A] = "TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC01B] = "TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC01C] = "TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC01D] = "TLS_SRP_SHA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC01E] = "TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC01F] = "TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC020] = "TLS_SRP_SHA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC021] = "TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC022] = "TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC023] = "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0xC024] = "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0xC025] = "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0xC026] = "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0xC027] = "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0xC028] = "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0xC029] = "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0xC02A] = "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0xC02B] = "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0xC02C] = "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0xC02D] = "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0xC02E] = "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0xC02F] = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0xC030] = "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0xC031] = "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0xC032] = "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384" - cipherSuiteNames[0xC033] = "TLS_ECDHE_PSK_WITH_RC4_128_SHA" - cipherSuiteNames[0xC034] = "TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xC035] = "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA" - cipherSuiteNames[0xC036] = "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA" - cipherSuiteNames[0xC037] = "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256" - cipherSuiteNames[0xC038] = "TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384" - cipherSuiteNames[0xC039] = "TLS_ECDHE_PSK_WITH_NULL_SHA" - cipherSuiteNames[0xC03A] = "TLS_ECDHE_PSK_WITH_NULL_SHA256" - cipherSuiteNames[0xC03B] = "TLS_ECDHE_PSK_WITH_NULL_SHA384" - cipherSuiteNames[0xC03C] = "TLS_RSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC03D] = "TLS_RSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC03E] = "TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC03F] = "TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC040] = "TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC041] = "TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC042] = "TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC043] = "TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC044] = "TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC045] = "TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC046] = "TLS_DH_ANON_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC047] = "TLS_DH_ANON_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC048] = "TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC049] = "TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC04A] = "TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC04B] = "TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC04C] = "TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC04D] = "TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC04E] = "TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC04F] = "TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC050] = "TLS_RSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC051] = "TLS_RSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC052] = "TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC053] = "TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC054] = "TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC055] = "TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC056] = "TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC057] = "TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC058] = "TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC059] = "TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC05A] = "TLS_DH_ANON_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC05B] = "TLS_DH_ANON_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC05C] = "TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC05D] = "TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC05E] = "TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC05F] = "TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC060] = "TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC061] = "TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC062] = "TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC063] = "TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC064] = "TLS_PSK_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC065] = "TLS_PSK_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC066] = "TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC067] = "TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC068] = "TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC069] = "TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC06A] = "TLS_PSK_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC06B] = "TLS_PSK_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC06C] = "TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC06D] = "TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC06E] = "TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256" - cipherSuiteNames[0xC06F] = "TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384" - cipherSuiteNames[0xC070] = "TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256" - cipherSuiteNames[0xC071] = "TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384" - cipherSuiteNames[0xC072] = "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC073] = "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC074] = "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC075] = "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC076] = "TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC077] = "TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC078] = "TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC079] = "TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC07A] = "TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC07B] = "TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC07C] = "TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC07D] = "TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC07E] = "TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC07F] = "TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC080] = "TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC081] = "TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC082] = "TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC083] = "TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC084] = "TLS_DH_ANON_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC085] = "TLS_DH_ANON_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC086] = "TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC087] = "TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC088] = "TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC089] = "TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC08A] = "TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC08B] = "TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC08C] = "TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC08D] = "TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC08E] = "TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC08F] = "TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC090] = "TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC091] = "TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC092] = "TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256" - cipherSuiteNames[0xC093] = "TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384" - cipherSuiteNames[0xC094] = "TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC095] = "TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC096] = "TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC097] = "TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC098] = "TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC099] = "TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC09A] = "TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256" - cipherSuiteNames[0xC09B] = "TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384" - cipherSuiteNames[0xC09C] = "TLS_RSA_WITH_AES_128_CCM" - cipherSuiteNames[0xC09D] = "TLS_RSA_WITH_AES_256_CCM" - cipherSuiteNames[0xC09E] = "TLS_DHE_RSA_WITH_AES_128_CCM" - cipherSuiteNames[0xC09F] = "TLS_DHE_RSA_WITH_AES_256_CCM" - cipherSuiteNames[0xC0A0] = "TLS_RSA_WITH_AES_128_CCM_8" - cipherSuiteNames[0xC0A1] = "TLS_RSA_WITH_AES_256_CCM_8" - cipherSuiteNames[0xC0A2] = "TLS_DHE_RSA_WITH_AES_128_CCM_8" - cipherSuiteNames[0xC0A3] = "TLS_DHE_RSA_WITH_AES_256_CCM_8" - cipherSuiteNames[0xC0A4] = "TLS_PSK_WITH_AES_128_CCM" - cipherSuiteNames[0xC0A5] = "TLS_PSK_WITH_AES_256_CCM" - cipherSuiteNames[0xC0A6] = "TLS_DHE_PSK_WITH_AES_128_CCM" - cipherSuiteNames[0xC0A7] = "TLS_DHE_PSK_WITH_AES_256_CCM" - cipherSuiteNames[0xC0A8] = "TLS_PSK_WITH_AES_128_CCM_8" - cipherSuiteNames[0xC0A9] = "TLS_PSK_WITH_AES_256_CCM_8" - cipherSuiteNames[0xC0AA] = "TLS_PSK_DHE_WITH_AES_128_CCM_8" - cipherSuiteNames[0xC0AB] = "TLS_PSK_DHE_WITH_AES_256_CCM_8" - cipherSuiteNames[0xC0AC] = "TLS_ECDHE_ECDSA_WITH_AES_128_CCM" - cipherSuiteNames[0xC0AD] = "TLS_ECDHE_ECDSA_WITH_AES_256_CCM" - cipherSuiteNames[0xC0AE] = "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8" - cipherSuiteNames[0xC0AF] = "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8" - cipherSuiteNames[0xCAFE] = "TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256" - cipherSuiteNames[0xCC13] = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD" - cipherSuiteNames[0xCC14] = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256_OLD" - cipherSuiteNames[0xCC15] = "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256_OLD" - cipherSuiteNames[0xCCA8] = "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256" - cipherSuiteNames[0xCCA9] = "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" - cipherSuiteNames[0xCCAA] = "TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256" - cipherSuiteNames[0xFEFE] = "SSL_RSA_FIPS_WITH_DES_CBC_SHA" - cipherSuiteNames[0xFEFF] = "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xFFE0] = "SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA" - cipherSuiteNames[0xFFE1] = "SSL_RSA_FIPS_WITH_DES_CBC_SHA" - cipherSuiteNames[0xFF80] = "SSL_RSA_WITH_RC2_CBC_MD5" - cipherSuiteNames[0xFF81] = "SSL_RSA_WITH_IDEA_CBC_MD5" - cipherSuiteNames[0xFF82] = "SSL_RSA_WITH_DES_CBC_MD5" - cipherSuiteNames[0xFF83] = "SSL_RSA_WITH_3DES_EDE_CBC_MD5" - cipherSuiteNames[0xFF03] = "SSL_EN_RC2_128_CBC_WITH_MD5" - cipherSuiteNames[0xFF85] = "OP_PCL_TLS10_AES_128_CBC_SHA512" - - // https://www.iana.org/assignments/comp-meth-ids/comp-meth-ids.xhtml#comp-meth-ids-2 - compressionNames = make(map[uint8]string) - compressionNames[0] = "NULL" - compressionNames[1] = "DEFLATE" - compressionNames[64] = "LZS" - - // https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8 - curveNames = make(map[uint16]string) - curveNames[1] = "sect163k1" - curveNames[2] = "sect163r1" - curveNames[3] = "sect163r2" - curveNames[4] = "sect193r1" - curveNames[5] = "sect193r2" - curveNames[6] = "sect233k1" - curveNames[7] = "sect233r1" - curveNames[8] = "sect239k1" - curveNames[9] = "sect283k1" - curveNames[10] = "sect283r1" - curveNames[11] = "sect409k1" - curveNames[12] = "sect409r1" - curveNames[13] = "sect571k1" - curveNames[14] = "sect571r1" - curveNames[15] = "secp160k1" - curveNames[16] = "secp160r1" - curveNames[17] = "secp160r2" - curveNames[18] = "secp192k1" - curveNames[19] = "secp192r1" - curveNames[20] = "secp224k1" - curveNames[21] = "secp224r1" - curveNames[22] = "secp256k1" - curveNames[23] = "secp256r1" - curveNames[24] = "secp384r1" - curveNames[25] = "secp521r1" - curveNames[26] = "brainpoolP256r1" - curveNames[27] = "brainpoolP384r1" - curveNames[28] = "brainpoolP512r1" - curveNames[29] = "ecdh_x25519" // TEMPORARY -- expires 1Mar2018 - curveNames[30] = "ecdh_x448" // TEMPORARY -- expires 1Mar2018 - curveNames[256] = "ffdhe2048" - curveNames[257] = "ffdhe3072" - curveNames[258] = "ffdhe4096" - curveNames[259] = "ffdhe6144" - curveNames[260] = "ffdhe8192" - curveNames[65281] = "arbitrary_explicit_prime_curves" - curveNames[65282] = "arbitrary_explicit_char2_curves" - - // https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9 - pointFormatNames = make(map[uint8]string) - pointFormatNames[0] = "uncompressed" - pointFormatNames[1] = "ansiX962_compressed_prime" - pointFormatNames[2] = "ansiX962_compressed_char2" - - // Name-value paires *are* not standardized, only dereferenced for JSON output - clientAuthTypeNames = make(map[int]string) - clientAuthTypeNames[0] = "NoClientCert" - clientAuthTypeNames[1] = "RequestClientCert" - clientAuthTypeNames[2] = "RequireAnyClientCert" - clientAuthTypeNames[3] = "VerifyClientCertIfGiven" - clientAuthTypeNames[4] = "RequireAndVerifyClientCert" - - // https://tools.ietf.org/html/draft-ietf-tls-tls13-18#section-4.2.3 - signatureSchemeNames = make(map[uint16]string) - signatureSchemeNames[uint16(PKCS1WithSHA1)] = "rsa_pkcs1_sha1" - signatureSchemeNames[uint16(PKCS1WithSHA256)] = "rsa_pkcs1_sha256" - signatureSchemeNames[uint16(PKCS1WithSHA384)] = "rsa_pkcs1_sha384" - signatureSchemeNames[uint16(PKCS1WithSHA512)] = "rsa_pkcs1_sha512" - signatureSchemeNames[uint16(PSSWithSHA256)] = "rsa_pss_sha256" - signatureSchemeNames[uint16(PSSWithSHA384)] = "rsa_pss_sha384" - signatureSchemeNames[uint16(PSSWithSHA512)] = "rsa_pss_sha512" - signatureSchemeNames[uint16(ECDSAWithP256AndSHA256)] = "ecdsa_secp256r1_sha256" - signatureSchemeNames[uint16(ECDSAWithP384AndSHA384)] = "ecdsa_secp384r1_sha384" - signatureSchemeNames[uint16(ECDSAWithP521AndSHA512)] = "ecdsa_secp521r1_sha512" - signatureSchemeNames[uint16(EdDSAWithEd25519)] = "ed25519" - signatureSchemeNames[uint16(EdDSAWithEd448)] = "ed448" -} - -func nameForSignature(s uint8) string { - if name, ok := signatureNames[s]; ok { - return name - } - return "unknown." + strconv.Itoa(int(s)) -} - -func nameForHash(h uint8) string { - if name, ok := hashNames[h]; ok { - return name - } - num := strconv.Itoa(int(h)) - return "unknown." + num -} - -func nameForSuite(cs uint16) string { - cipher := CipherSuite(cs) - return cipher.String() -} - -func (cs CipherSuite) Bytes() []byte { - return []byte{uint8(cs >> 8), uint8(cs)} -} - -func (cs CipherSuite) String() string { - if name, ok := cipherSuiteNames[int(cs)]; ok { - return name - } - return "unknown" -} - -func (cm CompressionMethod) String() string { - if name, ok := compressionNames[uint8(cm)]; ok { - return name - } - return "unknown" -} - -func (curveID CurveID) String() string { - if name, ok := curveNames[uint16(curveID)]; ok { - return name - } - return "unknown" -} - -func (pFormat PointFormat) String() string { - if name, ok := pointFormatNames[uint8(pFormat)]; ok { - return name - } - return "unknown" -} - -func nameForCompressionMethod(cm uint8) string { - compressionMethod := CompressionMethod(cm) - return compressionMethod.String() -} - -func nameForCurve(curveID uint16) string { - curve := CurveID(curveID) - return curve.String() -} - -func nameForPointFormat(pFormat uint8) string { - format := PointFormat(pFormat) - return format.String() -} - -func (v TLSVersion) Bytes() []byte { - return []byte{uint8(v >> 8), uint8(v)} -} - -func (v TLSVersion) String() string { - switch v { - case 0x0300: - return "SSLv3" - case 0x0301: - return "TLSv1.0" - case 0x0302: - return "TLSv1.1" - case 0x0303: - return "TLSv1.2" - default: - return "unknown" - } -} - -func nameForSignatureScheme(scheme uint16) string { - sigScheme := SignatureScheme(scheme) - return sigScheme.String() -} - -func (sigScheme *SignatureScheme) String() string { - if name, ok := signatureSchemeNames[uint16(*sigScheme)]; ok { - return name - } - return "unknown" -} - -func (sigScheme *SignatureScheme) Bytes() []byte { - return []byte{byte(*sigScheme >> 8), byte(*sigScheme)} -} From 2050c4e14e805bd6bb09de4946d471cdbc331f2a Mon Sep 17 00:00:00 2001 From: Alex Holland Date: Sat, 4 Mar 2017 15:37:39 -0500 Subject: [PATCH 2/2] final mod of references --- main.go | 2 +- zlib/conn.go | 2 +- zlib/grabber.go | 2 +- zlib/grabber_test.go | 2 +- zlib/zgrab.go | 2 +- ztools/http/client_test.go | 2 +- ztools/http/request.go | 2 +- ztools/http/transport.go | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/main.go b/main.go index ca5a8cd3..4034aceb 100644 --- a/main.go +++ b/main.go @@ -31,7 +31,7 @@ import ( "github.com/zmap/zgrab/ztools/processing" "github.com/zmap/zgrab/ztools/x509" "github.com/zmap/zgrab/ztools/zlog" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" ) // Command-line flags diff --git a/zlib/conn.go b/zlib/conn.go index 6a7ad030..d3922f3d 100644 --- a/zlib/conn.go +++ b/zlib/conn.go @@ -33,7 +33,7 @@ import ( "github.com/zmap/zgrab/ztools/ssh" "github.com/zmap/zgrab/ztools/util" "github.com/zmap/zgrab/ztools/x509" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" ) var smtpEndRegex = regexp.MustCompile(`(?:^\d\d\d\s.*\r\n$)|(?:^\d\d\d-[\s\S]*\r\n\d\d\d\s.*\r\n$)`) diff --git a/zlib/grabber.go b/zlib/grabber.go index 6b39815e..3f97906e 100644 --- a/zlib/grabber.go +++ b/zlib/grabber.go @@ -37,7 +37,7 @@ import ( "github.com/zmap/zgrab/ztools/telnet" "github.com/zmap/zgrab/ztools/xssh" "github.com/zmap/zgrab/ztools/zlog" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" ) type GrabTarget struct { diff --git a/zlib/grabber_test.go b/zlib/grabber_test.go index 95e64111..a52e955b 100644 --- a/zlib/grabber_test.go +++ b/zlib/grabber_test.go @@ -6,7 +6,7 @@ import ( . "github.com/zmap/zgrab/ztools/http" "github.com/zmap/zgrab/ztools/http/httptest" "github.com/zmap/zgrab/ztools/zlog" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" "net" "net/url" "os" diff --git a/zlib/zgrab.go b/zlib/zgrab.go index 5e8071e3..6353049f 100644 --- a/zlib/zgrab.go +++ b/zlib/zgrab.go @@ -27,7 +27,7 @@ import ( "github.com/zmap/zgrab/ztools/ssh" "github.com/zmap/zgrab/ztools/telnet" "github.com/zmap/zgrab/ztools/xssh" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" ) type Grab struct { diff --git a/ztools/http/client_test.go b/ztools/http/client_test.go index d571c2fe..99fc8f4f 100644 --- a/ztools/http/client_test.go +++ b/ztools/http/client_test.go @@ -11,7 +11,7 @@ import ( "fmt" . "github.com/zmap/zgrab/ztools/http" "github.com/zmap/zgrab/ztools/http/httptest" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" "io" "io/ioutil" "net" diff --git a/ztools/http/request.go b/ztools/http/request.go index 7cebffd4..0ca219cf 100644 --- a/ztools/http/request.go +++ b/ztools/http/request.go @@ -14,7 +14,7 @@ import ( "encoding/json" "errors" "fmt" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" "io" "io/ioutil" "mime" diff --git a/ztools/http/transport.go b/ztools/http/transport.go index 9800bb99..52fe0d00 100644 --- a/ztools/http/transport.go +++ b/ztools/http/transport.go @@ -15,7 +15,7 @@ import ( "encoding/base64" "errors" "fmt" - "github.com/zmap/ztls/ztls" + "github.com/zmap/ztls" "io" "io/ioutil" "net"