Documentation ¶
Overview ¶
Package handshake provides the DTLS wire protocol for handshakes
Index ¶
- Constants
- type Handshake
- type Header
- type Message
- type MessageCertificate
- type MessageCertificateRequest
- type MessageCertificateVerify
- type MessageClientHello
- type MessageClientKeyExchange
- type MessageFinished
- type MessageHelloVerifyRequest
- type MessageServerHello
- type MessageServerHelloDone
- type MessageServerKeyExchange
- type Random
- type Type
Constants ¶
const ( RandomBytesLength = 28 RandomLength = RandomBytesLength + 4 )
Consts for Random in Handshake
const HeaderLength = 12
HeaderLength msg_len for Handshake messages assumes an extra 12 bytes for sequence, fragment and version information vs TLS
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Handshake ¶
Handshake protocol is responsible for selecting a cipher spec and generating a master secret, which together comprise the primary cryptographic parameters associated with a secure session. The handshake protocol can also optionally authenticate parties who have certificates signed by a trusted certificate authority. https://tools.ietf.org/html/rfc5246#section-7.3
func (Handshake) ContentType ¶
func (h Handshake) ContentType() protocol.ContentType
ContentType returns what kind of content this message is carying
type Header ¶
type Header struct { Type Type Length uint32 // uint24 in spec MessageSequence uint16 FragmentOffset uint32 // uint24 in spec FragmentLength uint32 // uint24 in spec }
Header is the static first 12 bytes of each RecordLayer of type Handshake. These fields allow us to support message loss, reordering, and message fragmentation,
type MessageCertificate ¶
type MessageCertificate struct {
Certificate [][]byte
}
MessageCertificate is a DTLS Handshake Message it can contain either a Client or Server Certificate
https://tools.ietf.org/html/rfc5246#section-7.4.2
func (*MessageCertificate) Marshal ¶
func (m *MessageCertificate) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageCertificate) Type ¶
func (m MessageCertificate) Type() Type
Type returns the Handshake Type
func (*MessageCertificate) Unmarshal ¶
func (m *MessageCertificate) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageCertificateRequest ¶
type MessageCertificateRequest struct { CertificateTypes []clientcertificate.Type SignatureHashAlgorithms []signaturehash.Algorithm }
MessageCertificateRequest is so a non-anonymous server can optionally request a certificate from the client, if appropriate for the selected cipher suite. This message, if sent, will immediately follow the ServerKeyExchange message (if it is sent; otherwise, this message follows the server's Certificate message).
https://tools.ietf.org/html/rfc5246#section-7.4.4
func (*MessageCertificateRequest) Marshal ¶
func (m *MessageCertificateRequest) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageCertificateRequest) Type ¶
func (m MessageCertificateRequest) Type() Type
Type returns the Handshake Type
func (*MessageCertificateRequest) Unmarshal ¶
func (m *MessageCertificateRequest) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageCertificateVerify ¶
type MessageCertificateVerify struct { HashAlgorithm hash.Algorithm SignatureAlgorithm signature.Algorithm Signature []byte }
MessageCertificateVerify provide explicit verification of a client certificate.
https://tools.ietf.org/html/rfc5246#section-7.4.8
func (*MessageCertificateVerify) Marshal ¶
func (m *MessageCertificateVerify) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageCertificateVerify) Type ¶
func (m MessageCertificateVerify) Type() Type
Type returns the Handshake Type
func (*MessageCertificateVerify) Unmarshal ¶
func (m *MessageCertificateVerify) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageClientHello ¶
type MessageClientHello struct { Version protocol.Version Random Random Cookie []byte SessionID []byte CipherSuiteIDs []uint16 CompressionMethods []*protocol.CompressionMethod Extensions []extension.Extension }
MessageClientHello is for when a client first connects to a server it is required to send the client hello as its first message. The client can also send a client hello in response to a hello request or on its own initiative in order to renegotiate the security parameters in an existing connection.
func (*MessageClientHello) Marshal ¶
func (m *MessageClientHello) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageClientHello) Type ¶
func (m MessageClientHello) Type() Type
Type returns the Handshake Type
func (*MessageClientHello) Unmarshal ¶
func (m *MessageClientHello) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageClientKeyExchange ¶
MessageClientKeyExchange is a DTLS Handshake Message With this message, the premaster secret is set, either by direct transmission of the RSA-encrypted secret or by the transmission of Diffie-Hellman parameters that will allow each side to agree upon the same premaster secret.
https://tools.ietf.org/html/rfc5246#section-7.4.7
func (*MessageClientKeyExchange) Marshal ¶
func (m *MessageClientKeyExchange) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageClientKeyExchange) Type ¶
func (m MessageClientKeyExchange) Type() Type
Type returns the Handshake Type
func (*MessageClientKeyExchange) Unmarshal ¶
func (m *MessageClientKeyExchange) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageFinished ¶
type MessageFinished struct {
VerifyData []byte
}
MessageFinished is a DTLS Handshake Message this message is the first one protected with the just negotiated algorithms, keys, and secrets. Recipients of Finished messages MUST verify that the contents are correct.
https://tools.ietf.org/html/rfc5246#section-7.4.9
func (*MessageFinished) Marshal ¶
func (m *MessageFinished) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (*MessageFinished) Unmarshal ¶
func (m *MessageFinished) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageHelloVerifyRequest ¶
MessageHelloVerifyRequest is as follows:
struct { ProtocolVersion server_version; opaque cookie<0..2^8-1>; } HelloVerifyRequest; The HelloVerifyRequest message type is hello_verify_request(3). When the client sends its ClientHello message to the server, the server MAY respond with a HelloVerifyRequest message. This message contains a stateless cookie generated using the technique of [PHOTURIS]. The client MUST retransmit the ClientHello with the cookie added. https://tools.ietf.org/html/rfc6347#section-4.2.1
func (*MessageHelloVerifyRequest) Marshal ¶
func (m *MessageHelloVerifyRequest) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageHelloVerifyRequest) Type ¶
func (m MessageHelloVerifyRequest) Type() Type
Type returns the Handshake Type
func (*MessageHelloVerifyRequest) Unmarshal ¶
func (m *MessageHelloVerifyRequest) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageServerHello ¶
type MessageServerHello struct { Version protocol.Version Random Random SessionID []byte CipherSuiteID *uint16 CompressionMethod *protocol.CompressionMethod Extensions []extension.Extension }
MessageServerHello is sent in response to a ClientHello message when it was able to find an acceptable set of algorithms. If it cannot find such a match, it will respond with a handshake failure alert.
https://tools.ietf.org/html/rfc5246#section-7.4.1.3
func (*MessageServerHello) Marshal ¶
func (m *MessageServerHello) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageServerHello) Type ¶
func (m MessageServerHello) Type() Type
Type returns the Handshake Type
func (*MessageServerHello) Unmarshal ¶
func (m *MessageServerHello) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageServerHelloDone ¶
type MessageServerHelloDone struct{}
MessageServerHelloDone is final non-encrypted message from server this communicates server has sent all its handshake messages and next should be MessageFinished
func (*MessageServerHelloDone) Marshal ¶
func (m *MessageServerHelloDone) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageServerHelloDone) Type ¶
func (m MessageServerHelloDone) Type() Type
Type returns the Handshake Type
func (*MessageServerHelloDone) Unmarshal ¶
func (m *MessageServerHelloDone) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type MessageServerKeyExchange ¶
type MessageServerKeyExchange struct { IdentityHint []byte EllipticCurveType elliptic.CurveType NamedCurve elliptic.Curve PublicKey []byte HashAlgorithm hash.Algorithm SignatureAlgorithm signature.Algorithm Signature []byte }
MessageServerKeyExchange supports ECDH and PSK
func (*MessageServerKeyExchange) Marshal ¶
func (m *MessageServerKeyExchange) Marshal() ([]byte, error)
Marshal encodes the Handshake
func (MessageServerKeyExchange) Type ¶
func (m MessageServerKeyExchange) Type() Type
Type returns the Handshake Type
func (*MessageServerKeyExchange) Unmarshal ¶
func (m *MessageServerKeyExchange) Unmarshal(data []byte) error
Unmarshal populates the message from encoded data
type Random ¶
type Random struct { GMTUnixTime time.Time RandomBytes [RandomBytesLength]byte }
Random value that is used in ClientHello and ServerHello
https://tools.ietf.org/html/rfc4346#section-7.4.1.2
func (*Random) MarshalFixed ¶
func (r *Random) MarshalFixed() [RandomLength]byte
MarshalFixed encodes the Handshake
func (*Random) Populate ¶
Populate fills the handshakeRandom with random values may be called multiple times
func (*Random) UnmarshalFixed ¶
func (r *Random) UnmarshalFixed(data [RandomLength]byte)
UnmarshalFixed populates the message from encoded data
type Type ¶
type Type uint8
Type is the unique identifier for each handshake message https://tools.ietf.org/html/rfc5246#section-7.4
const ( TypeHelloRequest Type = 0 TypeClientHello Type = 1 TypeServerHello Type = 2 TypeHelloVerifyRequest Type = 3 TypeCertificate Type = 11 TypeServerKeyExchange Type = 12 TypeCertificateRequest Type = 13 TypeServerHelloDone Type = 14 TypeCertificateVerify Type = 15 TypeClientKeyExchange Type = 16 TypeFinished Type = 20 )
Types of DTLS Handshake messages we know about
Source Files ¶
- cipher_suite.go
- errors.go
- handshake.go
- header.go
- message_certificate.go
- message_certificate_request.go
- message_certificate_verify.go
- message_client_hello.go
- message_client_key_exchange.go
- message_finished.go
- message_hello_verify_request.go
- message_server_hello.go
- message_server_hello_done.go
- message_server_key_exchange.go
- random.go