| // Copyright 2009 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package tls |
| |
| import ( |
| "crypto/rand" |
| "crypto/rsa" |
| "io" |
| "io/ioutil" |
| "sync" |
| "time" |
| ) |
| |
| const ( |
| maxPlaintext = 16384 // maximum plaintext payload length |
| maxCiphertext = 16384 + 2048 // maximum ciphertext payload length |
| recordHeaderLen = 5 // record header length |
| maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB) |
| |
| minVersion = 0x0301 // minimum supported version - TLS 1.0 |
| maxVersion = 0x0302 // maximum supported version - TLS 1.1 |
| ) |
| |
| // TLS record types. |
| type recordType uint8 |
| |
| const ( |
| recordTypeChangeCipherSpec recordType = 20 |
| recordTypeAlert recordType = 21 |
| recordTypeHandshake recordType = 22 |
| recordTypeApplicationData recordType = 23 |
| ) |
| |
| // TLS handshake message types. |
| const ( |
| typeClientHello uint8 = 1 |
| typeServerHello uint8 = 2 |
| typeCertificate uint8 = 11 |
| typeCertificateStatus uint8 = 22 |
| typeServerHelloDone uint8 = 14 |
| typeClientKeyExchange uint8 = 16 |
| typeFinished uint8 = 20 |
| typeNextProtocol uint8 = 67 // Not IANA assigned |
| ) |
| |
| // TLS cipher suites. |
| const ( |
| TLS_RSA_WITH_RC4_128_SHA uint16 = 5 |
| ) |
| |
| // TLS compression types. |
| const ( |
| compressionNone uint8 = 0 |
| ) |
| |
| // TLS extension numbers |
| var ( |
| extensionServerName uint16 = 0 |
| extensionStatusRequest uint16 = 5 |
| extensionNextProtoNeg uint16 = 13172 // not IANA assigned |
| ) |
| |
| // TLS CertificateStatusType (RFC 3546) |
| const ( |
| statusTypeOCSP uint8 = 1 |
| ) |
| |
| type ConnectionState struct { |
| HandshakeComplete bool |
| CipherSuite uint16 |
| NegotiatedProtocol string |
| } |
| |
| // A Config structure is used to configure a TLS client or server. After one |
| // has been passed to a TLS function it must not be modified. |
| type Config struct { |
| // Rand provides the source of entropy for nonces and RSA blinding. |
| Rand io.Reader |
| // Time returns the current time as the number of seconds since the epoch. |
| Time func() int64 |
| Certificates []Certificate |
| RootCAs *CASet |
| // NextProtos is a list of supported, application level protocols. |
| // Currently only server-side handling is supported. |
| NextProtos []string |
| // ServerName is included in the client's handshake to support virtual |
| // hosting. |
| ServerName string |
| } |
| |
| type Certificate struct { |
| Certificate [][]byte |
| PrivateKey *rsa.PrivateKey |
| } |
| |
| // A TLS record. |
| type record struct { |
| contentType recordType |
| major, minor uint8 |
| payload []byte |
| } |
| |
| type handshakeMessage interface { |
| marshal() []byte |
| unmarshal([]byte) bool |
| } |
| |
| type encryptor interface { |
| // XORKeyStream xors the contents of the slice with bytes from the key stream. |
| XORKeyStream(buf []byte) |
| } |
| |
| // mutualVersion returns the protocol version to use given the advertised |
| // version of the peer. |
| func mutualVersion(vers uint16) (uint16, bool) { |
| if vers < minVersion { |
| return 0, false |
| } |
| if vers > maxVersion { |
| vers = maxVersion |
| } |
| return vers, true |
| } |
| |
| // The defaultConfig is used in place of a nil *Config in the TLS server and client. |
| var varDefaultConfig *Config |
| |
| var once sync.Once |
| |
| func defaultConfig() *Config { |
| once.Do(initDefaultConfig) |
| return varDefaultConfig |
| } |
| |
| // Possible certificate files; stop after finding one. |
| // On OS X we should really be using the Directory Services keychain |
| // but that requires a lot of Mach goo to get at. Instead we use |
| // the same root set that curl uses. |
| var certFiles = []string{ |
| "/etc/ssl/certs/ca-certificates.crt", // Linux etc |
| "/usr/share/curl/curl-ca-bundle.crt", // OS X |
| } |
| |
| func initDefaultConfig() { |
| roots := NewCASet() |
| for _, file := range certFiles { |
| data, err := ioutil.ReadFile(file) |
| if err == nil { |
| roots.SetFromPEM(data) |
| break |
| } |
| } |
| |
| varDefaultConfig = &Config{ |
| Rand: rand.Reader, |
| Time: time.Seconds, |
| RootCAs: roots, |
| } |
| } |