src/pkg/crypto/tls/common.go - go - Git at Google

 // Copyright 2009 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package tls

 import (
 	"crypto/rsa";
 	"io";
 	"os";
 )

 const (
 	// maxTLSCiphertext is the maximum length of a plaintext payload.
 	maxTLSPlaintext	= 16384;
 	// maxTLSCiphertext is the maximum length payload after compression and encryption.
 	maxTLSCiphertext	= 16384 + 2048;
 	// maxHandshakeMsg is the largest single handshake message that we'll buffer.
 	maxHandshakeMsg	= 65536;
 	// defaultMajor and defaultMinor are the maximum TLS version that we support.
 	defaultMajor	= 3;
 	defaultMinor	= 2;
 )


 // TLS record types.
 type recordType uint8

 const (
 	recordTypeChangeCipherSpec	recordType	= 20;
 	recordTypeAlert			recordType	= 21;
 	recordTypeHandshake		recordType	= 22;
 	recordTypeApplicationData	recordType	= 23;
 )

 // TLS handshake message types.
 const (
 	typeClientHello		uint8	= 1;
 	typeServerHello		uint8	= 2;
 	typeCertificate		uint8	= 11;
 	typeServerHelloDone	uint8	= 14;
 	typeClientKeyExchange	uint8	= 16;
 	typeFinished		uint8	= 20;
 )

 // TLS cipher suites.
 var (
 	TLS_RSA_WITH_RC4_128_SHA uint16 = 5;
 )

 // TLS compression types.
 var (
 	compressionNone uint8 = 0;
 )

 type ConnectionState struct {
 	HandshakeComplete	bool;
 	CipherSuite		string;
 	Error			alertType;
 }

 // A Config structure is used to configure a TLS client or server. After one
 // has been passed to a TLS function it must not be modified.
 type Config struct {
 	// Rand provides the source of entropy for nonces and RSA blinding.
 	Rand	io.Reader;
 	// Time returns the current time as the number of seconds since the epoch.
 	Time		func() int64;
 	Certificates	[]Certificate;
 	RootCAs		*CASet;
 }

 type Certificate struct {
 	Certificate	[][]byte;
 	PrivateKey	*rsa.PrivateKey;
 }

 // A TLS record.
 type record struct {
 	contentType	recordType;
 	major, minor	uint8;
 	payload		[]byte;
 }

 type handshakeMessage interface {
 	marshal() []byte;
 }

 type encryptor interface {
 	// XORKeyStream xors the contents of the slice with bytes from the key stream.
 	XORKeyStream(buf []byte);
 }

 // mutualVersion returns the protocol version to use given the advertised
 // version of the peer.
 func mutualVersion(theirMajor, theirMinor uint8) (major, minor uint8, ok bool) {
 	// We don't deal with peers < TLS 1.0 (aka version 3.1).
 	if theirMajor < 3 || theirMajor == 3 && theirMinor < 1 {
 		return 0, 0, false
 	}
 	major = 3;
 	minor = 2;
 	if theirMinor < minor {
 		minor = theirMinor
 	}
 	ok = true;
 	return;
 }

 // A nop implements the NULL encryption and MAC algorithms.
 type nop struct{}

 func (nop) XORKeyStream(buf []byte)	{}

 func (nop) Write(buf []byte) (int, os.Error)	{ return len(buf), nil }

 func (nop) Sum() []byte	{ return nil }

 func (nop) Reset()	{}

 func (nop) Size() int	{ return 0 }
	// Copyright 2009 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package tls

	import (
	"crypto/rsa";
	"io";
	"os";
	)

	const (
	// maxTLSCiphertext is the maximum length of a plaintext payload.
	maxTLSPlaintext = 16384;
	// maxTLSCiphertext is the maximum length payload after compression and encryption.
	maxTLSCiphertext = 16384 + 2048;
	// maxHandshakeMsg is the largest single handshake message that we'll buffer.
	maxHandshakeMsg = 65536;
	// defaultMajor and defaultMinor are the maximum TLS version that we support.
	defaultMajor = 3;
	defaultMinor = 2;
	)


	// TLS record types.
	type recordType uint8

	const (
	recordTypeChangeCipherSpec recordType = 20;
	recordTypeAlert recordType = 21;
	recordTypeHandshake recordType = 22;
	recordTypeApplicationData recordType = 23;
	)

	// TLS handshake message types.
	const (
	typeClientHello uint8 = 1;
	typeServerHello uint8 = 2;
	typeCertificate uint8 = 11;
	typeServerHelloDone uint8 = 14;
	typeClientKeyExchange uint8 = 16;
	typeFinished uint8 = 20;
	)

	// TLS cipher suites.
	var (
	TLS_RSA_WITH_RC4_128_SHA uint16 = 5;
	)

	// TLS compression types.
	var (
	compressionNone uint8 = 0;
	)

	type ConnectionState struct {
	HandshakeComplete bool;
	CipherSuite string;
	Error alertType;
	}

	// A Config structure is used to configure a TLS client or server. After one
	// has been passed to a TLS function it must not be modified.
	type Config struct {
	// Rand provides the source of entropy for nonces and RSA blinding.
	Rand io.Reader;
	// Time returns the current time as the number of seconds since the epoch.
	Time func() int64;
	Certificates []Certificate;
	RootCAs *CASet;
	}

	type Certificate struct {
	Certificate [][]byte;
	PrivateKey *rsa.PrivateKey;
	}

	// A TLS record.
	type record struct {
	contentType recordType;
	major, minor uint8;
	payload []byte;
	}

	type handshakeMessage interface {
	marshal() []byte;
	}

	type encryptor interface {
	// XORKeyStream xors the contents of the slice with bytes from the key stream.
	XORKeyStream(buf []byte);
	}

	// mutualVersion returns the protocol version to use given the advertised
	// version of the peer.
	func mutualVersion(theirMajor, theirMinor uint8) (major, minor uint8, ok bool) {
	// We don't deal with peers < TLS 1.0 (aka version 3.1).
	if theirMajor < 3 \|\| theirMajor == 3 && theirMinor < 1 {
	return 0, 0, false
	}
	major = 3;
	minor = 2;
	if theirMinor < minor {
	minor = theirMinor
	}
	ok = true;
	return;
	}

	// A nop implements the NULL encryption and MAC algorithms.
	type nop struct{}

	func (nop) XORKeyStream(buf []byte) {}

	func (nop) Write(buf []byte) (int, os.Error) { return len(buf), nil }

	func (nop) Sum() []byte { return nil }

	func (nop) Reset() {}

	func (nop) Size() int { return 0 }