├── .gitignore
├── go.mod
├── tls
├── testdata
│ ├── example-key.pem
│ ├── example-cert.pem
│ ├── Server-TLSv11-FallbackSCSV
│ ├── Server-TLSv12-Resume
│ ├── Server-TLSv10-RSA-RC4
│ ├── Server-TLSv11-RSA-RC4
│ ├── Server-SSLv3-RSA-RC4
│ ├── Server-TLSv12-RSA-RC4
│ ├── Server-TLSv10-RSA-3DES
│ ├── Server-TLSv10-RSA-AES
│ ├── Server-SSLv3-RSA-3DES
│ ├── Server-TLSv12-RSA-3DES
│ ├── Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305
│ ├── Server-SSLv3-RSA-AES
│ ├── Client-TLSv10-RSA-RC4
│ ├── Client-TLSv11-RSA-RC4
│ ├── Client-TLSv12-RSA-RC4
│ ├── Server-TLSv10-ECDHE-ECDSA-AES
│ ├── Server-TLSv12-RSA-AES-GCM
│ ├── Server-TLSv12-RSA-AES256-GCM-SHA384
│ ├── Server-TLSv12-X25519-ECDHE-RSA-AES-GCM
│ └── Client-TLSv12-AES128-GCM-SHA256
├── main1_test.go
├── main_test.go
├── gm_handshake_messages.go
├── alert.go
├── auth.go
├── auth_test.go
├── ticket.go
└── example_test.go
├── x509
├── root_nacl.go
├── root_nocgo_darwin.go
├── root_solaris.go
├── root.go
├── sha2_windows_test.go
├── root_bsd.go
├── root_linux.go
├── root_plan9.go
├── pem_decrypt_test.go
├── x509_test_import.go
├── pkcs8.go
├── test-file.crt
├── root_darwin_test.go
├── sec1_test.go
├── root_unix.go
├── pkcs8_test.go
├── pkcs1.go
├── root_unix_test.go
├── cert_pool.go
├── root_darwin_arm_gen.go
├── sec1.go
└── example_test.go
├── .travis.yml
├── sm2
├── elliptic.go
├── sm2p256_arm64.go
└── external.go
├── .github
└── workflows
│ └── go.yml
├── azure-pipelines.yml
├── CHANGELOG.md
├── README.md
├── internal
├── randutil
│ └── randutil.go
└── subtle
│ ├── aliasing.go
│ ├── aliasing_appengine.go
│ └── aliasing_test.go
├── go.sum
├── utils
└── keys_test.go
├── sm3
├── sm3_test.go
├── sm3.go
└── sm3hash.go
└── sm4
└── sm4_test.go
/.gitignore:
--------------------------------------------------------------------------------
1 | .idea
2 | vendor
--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
1 | module github.com/Hyperledger-TWGC/ccs-gm
2 |
3 | go 1.16
4 |
5 |
6 | require (
7 | github.com/stretchr/testify v1.7.0
8 | golang.org/x/crypto v0.0.0-20220214200702-86341886e292
9 | )
10 |
--------------------------------------------------------------------------------
/tls/testdata/example-key.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN EC PRIVATE KEY-----
2 | MHcCAQEEIIrYSSNQFaA2Hwf1duRSxKtLYX5CB04fSeQ6tF1aY/PuoAoGCCqGSM49
3 | AwEHoUQDQgAEPR3tU2Fta9ktY+6P9G0cWO+0kETA6SFs38GecTyudlHz6xvCdz8q
4 | EKTcWGekdmdDPsHloRNtsiCa697B2O9IFA==
5 | -----END EC PRIVATE KEY-----
6 |
--------------------------------------------------------------------------------
/tls/main1_test.go:
--------------------------------------------------------------------------------
1 | package tls
2 |
3 | import (
4 | "testing"
5 | )
6 |
7 | func TestServer1(t *testing.T){
8 | _,err :=Dial("tcp", "www.baidu.com:443", nil)
9 | if err != nil{
10 | t.Errorf("failed to dail to www.baidu.com:443, ret:%s\n", err.Error())
11 | }
12 | }
13 |
14 |
--------------------------------------------------------------------------------
/x509/root_nacl.go:
--------------------------------------------------------------------------------
1 | // Copyright 2015 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | // Possible certificate files; stop after finding one.
8 | var certFiles = []string{}
9 |
--------------------------------------------------------------------------------
/x509/root_nocgo_darwin.go:
--------------------------------------------------------------------------------
1 | // Copyright 2013 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build !cgo
6 |
7 | package x509
8 |
9 | func loadSystemRoots() (*CertPool, error) {
10 | return execSecurityRoots()
11 | }
12 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: go
2 | dist: bionic
3 | arch:
4 | - amd64
5 | - arm64
6 | go:
7 | - 1.17.x
8 | - 1.16.x
9 | - 1.15.x
10 | - 1.14.x
11 | - 1.13.x
12 | install:
13 | - go mod vendor
14 | script:
15 | - go test -v ./sm2/... --bench=. -cover
16 | - go test -v ./sm3/... --bench=. -cover
17 | - go test -v ./sm4/... --bench=. -cover
18 | - go test -v ./utils/... --bench=. -cover
19 | - go test -v ./internal/... --bench=. -cover
20 |
--------------------------------------------------------------------------------
/x509/root_solaris.go:
--------------------------------------------------------------------------------
1 | // Copyright 2015 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | // Possible certificate files; stop after finding one.
8 | var certFiles = []string{
9 | "/etc/certs/ca-certificates.crt", // Solaris 11.2+
10 | "/etc/ssl/certs/ca-certificates.crt", // Joyent SmartOS
11 | "/etc/ssl/cacert.pem", // OmniOS
12 | }
13 |
--------------------------------------------------------------------------------
/x509/root.go:
--------------------------------------------------------------------------------
1 | // Copyright 2012 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import "sync"
8 |
9 | var (
10 | once sync.Once
11 | systemRoots *CertPool
12 | systemRootsErr error
13 | )
14 |
15 | func systemRootsPool() *CertPool {
16 | once.Do(initSystemRoots)
17 | return systemRoots
18 | }
19 |
20 | func initSystemRoots() {
21 | systemRoots, systemRootsErr = loadSystemRoots()
22 | }
23 |
--------------------------------------------------------------------------------
/x509/sha2_windows_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2015 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import "syscall"
8 |
9 | func init() {
10 | v, err := syscall.GetVersion()
11 | if err != nil {
12 | return
13 | }
14 | if major := byte(v); major < 6 {
15 | // Windows XP SP2 and Windows 2003 do not support SHA2.
16 | // http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx
17 | supportSHA2 = false
18 | }
19 | }
20 |
--------------------------------------------------------------------------------
/x509/root_bsd.go:
--------------------------------------------------------------------------------
1 | // Copyright 2015 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build dragonfly freebsd netbsd openbsd
6 |
7 | package x509
8 |
9 | // Possible certificate files; stop after finding one.
10 | var certFiles = []string{
11 | "/usr/local/etc/ssl/cert.pem", // FreeBSD
12 | "/etc/ssl/cert.pem", // OpenBSD
13 | "/usr/local/share/certs/ca-root-nss.crt", // DragonFly
14 | "/etc/openssl/certs/ca-certificates.crt", // NetBSD
15 | }
16 |
--------------------------------------------------------------------------------
/tls/testdata/example-cert.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw
3 | DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow
4 | EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d
5 | 7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B
6 | 5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr
7 | BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1
8 | NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l
9 | Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc
10 | 6MF9+Yw1Yy0t
11 | -----END CERTIFICATE-----
12 |
--------------------------------------------------------------------------------
/sm2/elliptic.go:
--------------------------------------------------------------------------------
1 | // Copyright 2010 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // Package elliptic implements several standard elliptic curves over prime
6 | // fields.
7 | package sm2
8 |
9 | import (
10 | "crypto/elliptic"
11 | "sync"
12 | )
13 |
14 | var initonce sync.Once
15 |
16 | func initAll() {
17 | initP256()
18 | }
19 |
20 | // P256 returns a Curve which implements sm2 curve.
21 | //
22 | // The cryptographic operations are implemented using constant-time algorithms.
23 | func P256() elliptic.Curve {
24 | initonce.Do(initAll)
25 | return p256
26 | }
--------------------------------------------------------------------------------
/x509/root_linux.go:
--------------------------------------------------------------------------------
1 | // Copyright 2015 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | // Possible certificate files; stop after finding one.
8 | var certFiles = []string{
9 | "/etc/ssl/certs/ca-certificates.crt", // Debian/Ubuntu/Gentoo etc.
10 | "/etc/pki/tls/certs/ca-bundle.crt", // Fedora/RHEL 6
11 | "/etc/ssl/ca-bundle.pem", // OpenSUSE
12 | "/etc/pki/tls/cacert.pem", // OpenELEC
13 | "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem", // CentOS/RHEL 7
14 | }
15 |
--------------------------------------------------------------------------------
/.github/workflows/go.yml:
--------------------------------------------------------------------------------
1 | name: Go
2 |
3 | on: [push, pull_request]
4 |
5 | jobs:
6 |
7 | build:
8 | name: Build
9 | strategy:
10 | matrix:
11 | os: [ubuntu-latest, self-hosted]
12 | runs-on: ${{ matrix.os }}
13 | steps:
14 |
15 | - name: Set up Go 1.x
16 | uses: actions/setup-go@v2
17 | with:
18 | go-version: 1.16
19 | id: go
20 |
21 | - name: Check out code into the Go module directory
22 | uses: actions/checkout@v2
23 |
24 | - name: Get dependencies
25 | run: go mod vendor
26 | - name: TestSm2
27 | run: go test -v ./sm2/
28 |
29 | - name: TestSm3
30 | run: go test -v ./sm3/
31 |
32 | - name: TestSm4
33 | run: go test -v ./sm4/
34 |
--------------------------------------------------------------------------------
/azure-pipelines.yml:
--------------------------------------------------------------------------------
1 | pool:
2 | vmImage: 'ubuntu-latest'
3 |
4 | steps:
5 | - checkout: self
6 | - task: GoTool@0
7 | inputs:
8 | version: '1.17'
9 | - script: go mod vendor
10 | displayName: import vendor
11 | # TODO: use go test -v ./... --bench=. -cover when
12 | - script: go test -v ./sm2/... --bench=. -cover
13 | - script: go test -v ./sm3/... --bench=. -cover
14 | - script: go test -v ./sm4/... --bench=. -cover
15 | - script: go test -v ./utils/... --bench=. -cover
16 | - script: go test -v ./internal/... --bench=. -cover
17 | # TODO: this lib has error
18 | #- script: go test -v ./x509/... --bench=. -cover
19 | # TODO: this lib testing hang up
20 | #- script: go test -v ./tls/... --bench=. -cover
21 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv11-FallbackSCSV:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 63 01 00 00 5f 03 02 6e 78 cc 6a ea |....c..._..nx.j.|
3 | 00000010 13 aa a8 20 76 7d 32 ca c7 3f be 88 36 ae fb c3 |... v}2..?..6...|
4 | 00000020 ca 95 35 70 54 20 3b 18 3b ba 82 00 00 14 c0 0a |..5pT ;.;.......|
5 | 00000030 c0 14 00 39 c0 09 c0 13 00 33 00 35 00 2f 00 ff |...9.....3.5./..|
6 | 00000040 56 00 01 00 00 22 00 0b 00 04 03 00 01 02 00 0a |V...."..........|
7 | 00000050 00 0a 00 08 00 1d 00 17 00 19 00 18 00 23 00 00 |.............#..|
8 | 00000060 00 16 00 00 00 17 00 00 |........|
9 | >>> Flow 2 (server to client)
10 | 00000000 15 03 02 00 02 02 56 |......V|
11 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | ## 更新日志
2 |
3 | ### master 更新(Sep 17, 2020)
4 | - 私钥新增Decrypt函数,实现crypto.Decrypter接口
5 |
6 | ### master 更新(Sep 11, 2020)
7 | - 新增导入导出接口
8 |
9 | | 接口名 | 接口功能 |
10 | | --- | --- |
11 | | PrivateKeyToPEM | 将私钥转为pem字节流 |
12 | | PEMtoPrivateKey 将pem字节流转成sm2私钥 |
13 | | PublicKeyToPEM | 将公钥转为pem字节流 |
14 | | PEMtoPublicKey | 将pem字节流转为sm2公钥 |
15 |
16 |
17 | ### master 更新 (Aug 20, 2020)
18 | - 新增性能测试数据
19 | 测试环境:
20 | - cpu:intel i7-7700 3.6GHz
21 | - 内存:16G
22 |
23 | 测试结果
24 |
25 | | 测试算法 | 签名速度(tps) | 验签速度(tps) |
26 | | --- | --- | --- |
27 | | sm2 | 47920 | 36792 |
28 | | ecdsa p256 | 48832 | 16779 |
29 |
30 |
31 | - 新增CHANGLOG文件
32 |
33 |
34 | ### master 更新(Aug 13, 2020)
35 | - 优化国密tls库,支持tls双国密证书通信。
36 |
37 | ### master 更新(Aug 7, 2020)
38 | - 将中国网安的两个底层密码库合并到一起。
39 |
40 | ### master 更新(Jul 17, 2020)
41 | - 上传中国网安国密密码库。
42 |
43 |
44 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/x509/root_plan9.go:
--------------------------------------------------------------------------------
1 | // Copyright 2012 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build plan9
6 |
7 | package x509
8 |
9 | import (
10 | "io/ioutil"
11 | "os"
12 | )
13 |
14 | // Possible certificate files; stop after finding one.
15 | var certFiles = []string{
16 | "/sys/lib/tls/ca.pem",
17 | }
18 |
19 | func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
20 | return nil, nil
21 | }
22 |
23 | func loadSystemRoots() (*CertPool, error) {
24 | roots := NewCertPool()
25 | var bestErr error
26 | for _, file := range certFiles {
27 | data, err := ioutil.ReadFile(file)
28 | if err == nil {
29 | roots.AppendCertsFromPEM(data)
30 | return roots, nil
31 | }
32 | if bestErr == nil || (os.IsNotExist(bestErr) && !os.IsNotExist(err)) {
33 | bestErr = err
34 | }
35 | }
36 | return nil, bestErr
37 | }
38 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # ccs-gm
2 | go语言国密密码库,实现了数据签名/验签、数据哈希、对称加密、非对称加密、x509证书管理、以及国密tls通信的功能。
3 |
4 | 
5 | [](https://dev.azure.com/Hyperledger/TWGC/_build/latest?definitionId=126&branchName=master)
6 |
7 | ## License
8 | Hyperledger Project source code files are made available under the Apache License, Version 2.0 (Apache-2.0), located in the [LICENSE](LICENSE) file.
9 |
10 | ## Feature 功能支持列表
11 |
12 | | SM2功能 | 支持范围 |
13 | | ---- | ---- |
14 | | Generate KeyPair | 是 |
15 | | Sign | 是 |
16 | | Verify | 是 |
17 | | PEM格式导出 | 私钥/公钥/证书|
18 | | PEM格式导入 | 私钥/公钥/证书 |
19 | | PEM文件加密 | RFC5958 |
20 |
21 | | SM4功能 | 支持范围 |
22 | | ---- | ---- |
23 | | Generate Key | 是 |
24 | | Encrypt, Decrypt | 是 |
25 | | PEM格式导出 | |
26 | | PEM文件加密 | golang: `x509.EncryptPEMBlock` |
27 | | 分组模式 | ECB/CBC |
28 |
29 |
30 | | SM3功能 | 支持范围 |
31 | | ---- | ---- |
32 | | 当前语言Hash接口兼容 | `是` |
33 |
34 |
--------------------------------------------------------------------------------
/internal/randutil/randutil.go:
--------------------------------------------------------------------------------
1 | // Copyright 2018 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // Package randutil contains internal randomness utilities for various
6 | // crypto packages.
7 | package randutil
8 |
9 | import (
10 | "io"
11 | "sync"
12 | )
13 |
14 | var (
15 | closedChanOnce sync.Once
16 | closedChan chan struct{}
17 | )
18 |
19 | // MaybeReadByte reads a single byte from r with ~50% probability. This is used
20 | // to ensure that callers do not depend on non-guaranteed behaviour, e.g.
21 | // assuming that rsa.GenerateKey is deterministic w.r.t. a given random stream.
22 | //
23 | // This does not affect tests that pass a stream of fixed bytes as the random
24 | // source (e.g. a zeroReader).
25 | func MaybeReadByte(r io.Reader) {
26 | closedChanOnce.Do(func() {
27 | closedChan = make(chan struct{})
28 | close(closedChan)
29 | })
30 |
31 | select {
32 | case <-closedChan:
33 | return
34 | case <-closedChan:
35 | var buf [1]byte
36 | r.Read(buf[:])
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/sm2/sm2p256_arm64.go:
--------------------------------------------------------------------------------
1 | //go:build arm64
2 | // +build arm64
3 |
4 | package sm2
5 |
6 | import (
7 | "crypto/elliptic"
8 | "math/big"
9 | )
10 |
11 | type (
12 | p256Curve struct {
13 | *elliptic.CurveParams
14 | }
15 | )
16 |
17 | var (
18 | p256 p256Curve
19 | SM2PARAM_A []byte
20 | )
21 |
22 | func initP256() {
23 |
24 | // See FIPS 186-3, section D.2.3
25 | p256.CurveParams = &elliptic.CurveParams{Name: "P-256"}
26 | p256.P, _ = new(big.Int).SetString("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", 16)
27 | p256.N, _ = new(big.Int).SetString("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", 16)
28 | p256.B, _ = new(big.Int).SetString("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", 16)
29 | p256.Gx, _ = new(big.Int).SetString("32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", 16)
30 | p256.Gy, _ = new(big.Int).SetString("BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0", 16)
31 | A, _ := new(big.Int).SetString("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", 16)
32 | SM2PARAM_A = A.Bytes()
33 | p256.BitSize = 256
34 | }
35 |
--------------------------------------------------------------------------------
/tls/main_test.go:
--------------------------------------------------------------------------------
1 | package tls
2 |
3 | import (
4 | "encoding/pem"
5 | "fmt"
6 | "testing"
7 |
8 | "github.com/Hyperledger-TWGC/ccs-gm/x509"
9 | )
10 |
11 | func TestServer(t *testing.T) {
12 | _, err := Dial("tcp", "www.baidu.com:443", nil)
13 | if err != nil {
14 | t.Errorf("failed to dail to www.baidu.com:443, ret:%s\n", err.Error())
15 | }
16 | }
17 |
18 | func TestParsePKCS8(t *testing.T) {
19 | var pemkey = `-----BEGIN EC PRIVATE KEY-----
20 | MHcCAQEEIFqMuzV7443wbxPvJddt4SsM0R5tPVKlYO6KJxZsUkW4oAoGCCqBHM9V
21 | AYItoUQDQgAEHe77T5o6nfpiXgDcAdJp0ypCMWQWtig8yZWSRX3lFGcf+/Tgm646
22 | XwhaYpM3rcEtTr8hFkIQQpztF70xXNdhIA==
23 | -----END EC PRIVATE KEY-----`
24 |
25 | keyBlock, _ := pem.Decode([]byte(pemkey))
26 | if keyBlock == nil {
27 | t.Errorf("failed to decode pem key")
28 | }
29 | derKey := keyBlock.Bytes
30 | privKey, err := x509.ParseECPrivateKey(derKey)
31 | if err != nil {
32 | t.Errorf("failed to parse ec private key, err : %s\n", err.Error())
33 | }
34 | fmt.Printf("%+v\n", privKey)
35 | }
36 |
37 | func TestHaha(t *testing.T) {
38 | a := 1
39 | fmt.Printf("asdfasdf")
40 | fmt.Printf("asdfasdf%d", a)
41 | fmt.Printf("asdfasdf")
42 | }
43 |
--------------------------------------------------------------------------------
/internal/subtle/aliasing.go:
--------------------------------------------------------------------------------
1 | // Copyright 2018 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build !appengine
6 |
7 | // Package subtle implements functions that are often useful in cryptographic
8 | // code but require careful thought to use correctly.
9 | //
10 | // This is a mirror of golang.org/x/crypto/internal/subtle.
11 | package subtle
12 |
13 | import "unsafe"
14 |
15 | // AnyOverlap reports whether x and y share memory at any (not necessarily
16 | // corresponding) index. The memory beyond the slice length is ignored.
17 | func AnyOverlap(x, y []byte) bool {
18 | return len(x) > 0 && len(y) > 0 &&
19 | uintptr(unsafe.Pointer(&x[0])) <= uintptr(unsafe.Pointer(&y[len(y)-1])) &&
20 | uintptr(unsafe.Pointer(&y[0])) <= uintptr(unsafe.Pointer(&x[len(x)-1]))
21 | }
22 |
23 | // InexactOverlap reports whether x and y share memory at any non-corresponding
24 | // index. The memory beyond the slice length is ignored. Note that x and y can
25 | // have different lengths and still not have any inexact overlap.
26 | //
27 | // InexactOverlap can be used to implement the requirements of the crypto/cipher
28 | // AEAD, Block, BlockMode and Stream interfaces.
29 | func InexactOverlap(x, y []byte) bool {
30 | if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] {
31 | return false
32 | }
33 | return AnyOverlap(x, y)
34 | }
35 |
--------------------------------------------------------------------------------
/x509/pem_decrypt_test.go:
--------------------------------------------------------------------------------
1 | package x509
2 |
3 | import (
4 | "bytes"
5 | "crypto/rand"
6 | "encoding/base64"
7 | "testing"
8 |
9 | "github.com/Hyperledger-TWGC/ccs-gm/sm2"
10 | )
11 |
12 | func TestEncAndDecPem(t *testing.T) {
13 | sm2Priv, err := sm2.GenerateKey(rand.Reader)
14 | if err != nil {
15 | t.Errorf("sm2 gen key err: %s", err)
16 | return
17 | }
18 | plainDer := base64.StdEncoding.EncodeToString(sm2Priv.D.Bytes())
19 | //encrypt pem block
20 | block, err := EncryptPEMBlock(rand.Reader, "ENCRYPTED PRIVATE KEY", []byte(plainDer), []byte("asdf"), PEMCipherAES256)
21 | if err != nil {
22 | t.Errorf("encrypt pem block err: %s", err)
23 | return
24 | }
25 | //decrypt
26 | privKey, err := DecryptPEMBlock(block, []byte("asdf"))
27 | if err != nil {
28 | t.Errorf("decrypt pem block err: %s", err)
29 | return
30 | }
31 | buf := make([]byte, len(plainDer))
32 | _, err = base64.StdEncoding.Decode(buf, privKey)
33 | if err != nil {
34 | t.Errorf("base64 decode err: %s", err)
35 | return
36 | }
37 | if !bytes.Equal([]byte(plainDer), privKey) {
38 | t.Error("decrypt pem invalid!")
39 | return
40 | }
41 | //decrypt with wrong passwd
42 | _, err = DecryptPEMBlock(block, []byte("abcd"))
43 | if err == nil {
44 | t.Error("decrypt couldn't success")
45 | return
46 | }
47 | if err.Error() != "padding info incorrect" {
48 | t.Errorf("unexpected error, expect \"padding info incorrect\",\n actually is \"%s\"", err)
49 | return
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/internal/subtle/aliasing_appengine.go:
--------------------------------------------------------------------------------
1 | // Copyright 2018 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build appengine
6 |
7 | // Package subtle implements functions that are often useful in cryptographic
8 | // code but require careful thought to use correctly.
9 | //
10 | // This is a mirror of golang.org/x/crypto/internal/subtle.
11 | package subtle // import "crypto/internal/subtle"
12 |
13 | // This is the Google App Engine standard variant based on reflect
14 | // because the unsafe package and cgo are disallowed.
15 |
16 | import "reflect"
17 |
18 | // AnyOverlap reports whether x and y share memory at any (not necessarily
19 | // corresponding) index. The memory beyond the slice length is ignored.
20 | func AnyOverlap(x, y []byte) bool {
21 | return len(x) > 0 && len(y) > 0 &&
22 | reflect.ValueOf(&x[0]).Pointer() <= reflect.ValueOf(&y[len(y)-1]).Pointer() &&
23 | reflect.ValueOf(&y[0]).Pointer() <= reflect.ValueOf(&x[len(x)-1]).Pointer()
24 | }
25 |
26 | // InexactOverlap reports whether x and y share memory at any non-corresponding
27 | // index. The memory beyond the slice length is ignored. Note that x and y can
28 | // have different lengths and still not have any inexact overlap.
29 | //
30 | // InexactOverlap can be used to implement the requirements of the crypto/cipher
31 | // AEAD, Block, BlockMode and Stream interfaces.
32 | func InexactOverlap(x, y []byte) bool {
33 | if len(x) == 0 || len(y) == 0 || &x[0] == &y[0] {
34 | return false
35 | }
36 | return AnyOverlap(x, y)
37 | }
38 |
--------------------------------------------------------------------------------
/internal/subtle/aliasing_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2018 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package subtle_test
6 |
7 | import (
8 | "testing"
9 |
10 | "github.com/Hyperledger-TWGC/ccs-gm/internal/subtle"
11 | )
12 |
13 | var a, b [100]byte
14 |
15 | var aliasingTests = []struct {
16 | x, y []byte
17 | anyOverlap, inexactOverlap bool
18 | }{
19 | {a[:], b[:], false, false},
20 | {a[:], b[:0], false, false},
21 | {a[:], b[:50], false, false},
22 | {a[40:50], a[50:60], false, false},
23 | {a[40:50], a[60:70], false, false},
24 | {a[:51], a[50:], true, true},
25 | {a[:], a[:], true, false},
26 | {a[:50], a[:60], true, false},
27 | {a[:], nil, false, false},
28 | {nil, nil, false, false},
29 | {a[:], a[:0], false, false},
30 | {a[:10], a[:10:20], true, false},
31 | {a[:10], a[5:10:20], true, true},
32 | }
33 |
34 | func testAliasing(t *testing.T, i int, x, y []byte, anyOverlap, inexactOverlap bool) {
35 | any := subtle.AnyOverlap(x, y)
36 | if any != anyOverlap {
37 | t.Errorf("%d: wrong AnyOverlap result, expected %v, got %v", i, anyOverlap, any)
38 | }
39 | inexact := subtle.InexactOverlap(x, y)
40 | if inexact != inexactOverlap {
41 | t.Errorf("%d: wrong InexactOverlap result, expected %v, got %v", i, inexactOverlap, any)
42 | }
43 | }
44 |
45 | func TestAliasing(t *testing.T) {
46 | for i, tt := range aliasingTests {
47 | testAliasing(t, i, tt.x, tt.y, tt.anyOverlap, tt.inexactOverlap)
48 | testAliasing(t, i, tt.y, tt.x, tt.anyOverlap, tt.inexactOverlap)
49 | }
50 | }
51 |
--------------------------------------------------------------------------------
/x509/x509_test_import.go:
--------------------------------------------------------------------------------
1 | // Copyright 2013 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build ignore
6 |
7 | // This file is run by the x509 tests to ensure that a program with minimal
8 | // imports can sign certificates without errors resulting from missing hash
9 | // functions.
10 | package x509
11 |
12 | import (
13 | "crypto/rand"
14 | "crypto/x509"
15 | "crypto/x509/pkix"
16 | "encoding/pem"
17 | "math/big"
18 | "time"
19 | )
20 |
21 | func main() {
22 | block, _ := pem.Decode([]byte(pemPrivateKey))
23 | rsaPriv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
24 | if err != nil {
25 | panic("Failed to parse private key: " + err.Error())
26 | }
27 |
28 | template := x509.Certificate{
29 | SerialNumber: big.NewInt(1),
30 | Subject: pkix.Name{
31 | CommonName: "test",
32 | Organization: []string{"Σ Acme Co"},
33 | },
34 | NotBefore: time.Unix(1000, 0),
35 | NotAfter: time.Unix(100000, 0),
36 | KeyUsage: x509.KeyUsageCertSign,
37 | }
38 |
39 | if _, err = x509.CreateCertificate(rand.Reader, &template, &template, &rsaPriv.PublicKey, rsaPriv); err != nil {
40 | panic("failed to create certificate with basic imports: " + err.Error())
41 | }
42 | }
43 |
44 | var pemPrivateKey = `-----BEGIN RSA PRIVATE KEY-----
45 | MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0
46 | fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu
47 | /ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu
48 | RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/
49 | EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A
50 | IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS
51 | tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V
52 | -----END RSA PRIVATE KEY-----
53 | `
54 |
--------------------------------------------------------------------------------
/x509/pkcs8.go:
--------------------------------------------------------------------------------
1 | // Copyright 2011 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "crypto/x509/pkix"
9 | "encoding/asn1"
10 | "errors"
11 | "fmt"
12 | )
13 |
14 | // pkcs8 reflects an ASN.1, PKCS#8 PrivateKey. See
15 | // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-8/pkcs-8v1_2.asn
16 | // and RFC 5208.
17 | type pkcs8 struct {
18 | Version int
19 | Algo pkix.AlgorithmIdentifier
20 | PrivateKey []byte
21 | // optional attributes omitted.
22 | }
23 |
24 | // ParsePKCS8PrivateKey parses an unencrypted, PKCS#8 private key.
25 | // See RFC 5208.
26 | func ParsePKCS8PrivateKey(der []byte) (key interface{}, err error) {
27 | var privKey pkcs8
28 | if _, err := asn1.Unmarshal(der, &privKey); err != nil {
29 | return nil, err
30 | }
31 | switch {
32 |
33 | case privKey.Algo.Algorithm.Equal(oidPublicKeyRSA):
34 | key, err = ParsePKCS1PrivateKey(privKey.PrivateKey)
35 | if err != nil {
36 | return nil, errors.New("x509: failed to parse RSA private key embedded in PKCS#8: " + err.Error())
37 | }
38 | return key, nil
39 |
40 | case privKey.Algo.Algorithm.Equal(oidPublicKeyECDSA), privKey.Algo.Algorithm.Equal(oidPublicKeySM2):
41 | bytes := privKey.Algo.Parameters.FullBytes
42 | namedCurveOID := new(asn1.ObjectIdentifier)
43 | if _, err := asn1.Unmarshal(bytes, namedCurveOID); err != nil {
44 | namedCurveOID = nil
45 | }
46 | key, err = parseECPrivateKey(namedCurveOID, privKey.PrivateKey)
47 | if err != nil {
48 | return nil, errors.New("x509: failed to parse EC private key embedded in PKCS#8: " + err.Error())
49 | }
50 | return key, nil
51 |
52 | default:
53 | return nil, fmt.Errorf("x509: PKCS#8 wrapping contained private key with unknown algorithm: %v", privKey.Algo.Algorithm)
54 | }
55 | }
56 |
--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
1 | github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
2 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
3 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
4 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
5 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
6 | github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
7 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
8 | golang.org/x/crypto v0.0.0-20220214200702-86341886e292 h1:f+lwQ+GtmgoY+A2YaQxlSOnDjXcQ7ZRLWOHbC6HtRqE=
9 | golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
10 | golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
11 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
12 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
13 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4=
14 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
15 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
16 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
17 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
18 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
19 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
20 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
21 |
22 |
--------------------------------------------------------------------------------
/utils/keys_test.go:
--------------------------------------------------------------------------------
1 | package utils
2 |
3 | import (
4 | "bytes"
5 | "crypto/rand"
6 | "github.com/Hyperledger-TWGC/ccs-gm/sm2"
7 | "testing"
8 | )
9 |
10 | func TestPEM2Key(t *testing.T) {
11 | iniSk, _ := sm2.GenerateKey(rand.Reader)
12 | iniPk := iniSk.PublicKey
13 |
14 | pemSk, err := PrivateKeyToPEM(iniSk, nil)
15 | if err != nil {
16 | t.Errorf("private key to pem error %t", err)
17 | }
18 |
19 | pemPk, err := PublicKeyToPEM(&iniPk, nil)
20 | if err != nil {
21 | t.Errorf("public key to pem error %t", err)
22 | }
23 |
24 | normalSk, err := PEMtoPrivateKey(pemSk, nil)
25 | if err != nil {
26 | t.Errorf("pem to private key error %t", err)
27 | }
28 |
29 | normalPk, err := PEMtoPublicKey(pemPk, nil)
30 | if err != nil {
31 | t.Errorf("pem to public key error %t", err)
32 | }
33 | testMsg := []byte("123456")
34 | signedData, _ := normalSk.Sign(rand.Reader, testMsg, nil)
35 | ok := normalPk.Verify(testMsg, signedData)
36 | if !ok {
37 | t.Error("key verify error")
38 | }
39 | }
40 |
41 | func TestEncryptPEMBlock(t *testing.T) {
42 | sm2priv,err := sm2.GenerateKey(rand.Reader)
43 | if err != nil {
44 | t.Errorf("sm2 gen key err:%s",err)
45 | return
46 | }
47 |
48 | pem,err := PrivateKeyToEncryptedPEM(sm2priv,[]byte("123"))
49 | if err != nil {
50 | t.Errorf("priv to pem err :%s",err)
51 | return
52 | }
53 |
54 | priv,err := PEMtoPrivateKey(pem,[]byte("123"))
55 | if err != nil {
56 | t.Errorf("pem tp priv err: %s",err)
57 | return
58 | }
59 |
60 | if !bytes.Equal(sm2priv.D.Bytes(),priv.D.Bytes()) {
61 | t.Error("pem err")
62 | return
63 | }
64 |
65 | pubpem,err := PublicKeyToEncryptedPEM(&priv.PublicKey,[]byte("123"))
66 | if err != nil {
67 | t.Errorf("pubkey to pem err: %s",err)
68 | return
69 | }
70 |
71 | pk,err := PEMtoPublicKey(pubpem,[]byte("123"))
72 | if err != nil {
73 | t.Errorf("pem to pk err:%s",err)
74 | return
75 | }
76 |
77 | if !bytes.Equal(priv.X.Bytes(),pk.X.Bytes()) {
78 | t.Error("pk pem err")
79 | return
80 | }
81 |
82 | }
--------------------------------------------------------------------------------
/x509/test-file.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIFbTCCA1WgAwIBAgIJAN338vEmMtLsMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNV
3 | BAYTAlVLMRMwEQYDVQQIDApUZXN0LVN0YXRlMRUwEwYDVQQKDAxHb2xhbmcgVGVz
4 | dHMxEjAQBgNVBAMMCXRlc3QtZmlsZTAeFw0xNzAyMDEyMzUyMDhaFw0yNzAxMzAy
5 | MzUyMDhaME0xCzAJBgNVBAYTAlVLMRMwEQYDVQQIDApUZXN0LVN0YXRlMRUwEwYD
6 | VQQKDAxHb2xhbmcgVGVzdHMxEjAQBgNVBAMMCXRlc3QtZmlsZTCCAiIwDQYJKoZI
7 | hvcNAQEBBQADggIPADCCAgoCggIBAPMGiLjdiffQo3Xc8oUe7wsDhSaAJFOhO6Qs
8 | i0xYrYl7jmCuz9rGD2fdgk5cLqGazKuQ6fIFzHXFU2BKs4CWXt9KO0KFEhfvZeuW
9 | jG5d7C1ZUiuKOrPqjKVu8SZtFPc7y7Ke7msXzY+Z2LLyiJJ93LCMq4+cTSGNXVlI
10 | KqUxhxeoD5/QkUPyQy/ilu3GMYfx/YORhDP6Edcuskfj8wRh1UxBejP8YPMvI6St
11 | cE2GkxoEGqDWnQ/61F18te6WI3MD29tnKXOkXVhnSC+yvRLljotW2/tAhHKBG4tj
12 | iQWT5Ri4Wrw2tXxPKRLsVWc7e1/hdxhnuvYpXkWNhKsm002jzkFXlzfEwPd8nZdw
13 | 5aT6gPUBN2AAzdoqZI7E200i0orEF7WaSoMfjU1tbHvExp3vyAPOfJ5PS2MQ6W03
14 | Zsy5dTVH+OBH++rkRzQCFcnIv/OIhya5XZ9KX9nFPgBEP7Xq2A+IjH7B6VN/S/bv
15 | 8lhp2V+SQvlew9GttKC4hKuPsl5o7+CMbcqcNUdxm9gGkN8epGEKCuix97bpNlxN
16 | fHZxHE5+8GMzPXMkCD56y5TNKR6ut7JGHMPtGl5lPCLqzG/HzYyFgxsDfDUu2B0A
17 | GKj0lGpnLfGqwhs2/s3jpY7+pcvVQxEpvVTId5byDxu1ujP4HjO/VTQ2P72rE8Ft
18 | C6J2Av0tAgMBAAGjUDBOMB0GA1UdDgQWBBTLT/RbyfBB/Pa07oBnaM+QSJPO9TAf
19 | BgNVHSMEGDAWgBTLT/RbyfBB/Pa07oBnaM+QSJPO9TAMBgNVHRMEBTADAQH/MA0G
20 | CSqGSIb3DQEBCwUAA4ICAQB3sCntCcQwhMgRPPyvOCMyTcQ/Iv+cpfxz2Ck14nlx
21 | AkEAH2CH0ov5GWTt07/ur3aa5x+SAKi0J3wTD1cdiw4U/6Uin6jWGKKxvoo4IaeK
22 | SbM8w/6eKx6UbmHx7PA/eRABY9tTlpdPCVgw7/o3WDr03QM+IAtatzvaCPPczake
23 | pbdLwmBZB/v8V+6jUajy6jOgdSH0PyffGnt7MWgDETmNC6p/Xigp5eh+C8Fb4NGT
24 | xgHES5PBC+sruWp4u22bJGDKTvYNdZHsnw/CaKQWNsQqwisxa3/8N5v+PCff/pxl
25 | r05pE3PdHn9JrCl4iWdVlgtiI9BoPtQyDfa/OEFaScE8KYR8LxaAgdgp3zYncWls
26 | BpwQ6Y/A2wIkhlD9eEp5Ib2hz7isXOs9UwjdriKqrBXqcIAE5M+YIk3+KAQKxAtd
27 | 4YsK3CSJ010uphr12YKqlScj4vuKFjuOtd5RyyMIxUG3lrrhAu2AzCeKCLdVgA8+
28 | 75FrYMApUdvcjp4uzbBoED4XRQlx9kdFHVbYgmE/+yddBYJM8u4YlgAL0hW2/D8p
29 | z9JWIfxVmjJnBnXaKGBuiUyZ864A3PJndP6EMMo7TzS2CDnfCYuJjvI0KvDjFNmc
30 | rQA04+qfMSEz3nmKhbbZu4eYLzlADhfH8tT4GMtXf71WLA5AUHGf2Y4+HIHTsmHG
31 | vQ==
32 | -----END CERTIFICATE-----
33 |
--------------------------------------------------------------------------------
/sm3/sm3_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2009 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package sm3
6 |
7 | import (
8 | "fmt"
9 | "testing"
10 | )
11 |
12 | type sm3Test struct {
13 | out string
14 | in string
15 | }
16 |
17 | var testTable = []sm3Test{
18 | {"1ab21d8355cfa17f8e61194831e81a8f22bec8c728fefb747ed035eb5082aa2b", ""},
19 | {"623476ac18f65a2909e43c7fec61b49c7e764a91a18ccb82f1917a29c86c5e88", "a"},
20 | {"e07d8ee6e54586a459e30eb8d809e02194558e2b0b235a31f3226a3687faab88", "ab"},
21 | {"66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0", "abc"},
22 | {"44f0061e69fa6fdfc290c494654a05dc0c053da7e5c52b84ef93a9d67d3fff88", "hello world"},
23 | {"7c4b960e0fe034f670a8937636474b19b35724883b58da4dac37bb0675ec4d84", "sm3 test"},
24 | {"3c28cfd2e1861b8e479013a7d078fe8ef4f14fd1f8b549ca53d58fffdedd912c", "sm3 hash"},
25 | {"7a9a924ff292e09e72cd815b606357a796ac4351fe6de2ff59cd2967eb9a5c16", "sm3sm3sm3sm3sm3sm3sm3sm3sm3sm3sm3sm3"},
26 | }
27 |
28 | func TestSM3(t *testing.T) {
29 | for i := 0; i < len(testTable); i++ {
30 | table := testTable[i]
31 | s := fmt.Sprintf("%x", SumSM3([]byte(table.in)))
32 | if s != table.out {
33 | t.Fatalf("SumSM3 function: SM3(%s) = %s want %s", table.in, s, table.out)
34 | }
35 | }
36 | }
37 |
38 | func TestSize(t *testing.T) {
39 | c := New()
40 | if got := c.Size(); got != Size {
41 | t.Errorf("Size = %d; want %d", got, Size)
42 | }
43 | }
44 |
45 | func TestBlockSize(t *testing.T) {
46 | c := New()
47 | if got := c.BlockSize(); got != BlockSize {
48 | t.Errorf("BlockSize = %d want %d", got, BlockSize)
49 | }
50 | }
51 |
52 | var bench = New()
53 | var buf = make([]byte, 8192)
54 |
55 | func benchmarkSize(b *testing.B, size int) {
56 | b.SetBytes(int64(size))
57 | sum := make([]byte, bench.Size())
58 | b.ReportAllocs()
59 | b.ResetTimer()
60 | for i := 0; i < b.N; i++ {
61 | bench.Reset()
62 | bench.Write(buf[:size])
63 | bench.Sum(sum[:0])
64 | }
65 | }
66 |
67 | func BenchmarkHash8Bytes(b *testing.B) {
68 | benchmarkSize(b, 8)
69 | }
70 |
71 | func BenchmarkHash1K(b *testing.B) {
72 | benchmarkSize(b, 1024)
73 | }
74 |
75 | func BenchmarkHash8K(b *testing.B) {
76 | benchmarkSize(b, 8192)
77 | }
78 |
--------------------------------------------------------------------------------
/x509/root_darwin_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2013 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "runtime"
9 | "testing"
10 | "time"
11 | )
12 |
13 | func TestSystemRoots(t *testing.T) {
14 | switch runtime.GOARCH {
15 | case "arm", "arm64":
16 | t.Skipf("skipping on %s/%s, no system root", runtime.GOOS, runtime.GOARCH)
17 | }
18 |
19 | switch runtime.GOOS {
20 | case "darwin":
21 | t.Skipf("skipping on %s/%s until cgo part of golang.org/issue/16532 has been implemented.", runtime.GOOS, runtime.GOARCH)
22 | }
23 |
24 | t0 := time.Now()
25 | sysRoots := systemRootsPool() // actual system roots
26 | sysRootsDuration := time.Since(t0)
27 |
28 | t1 := time.Now()
29 | execRoots, err := execSecurityRoots() // non-cgo roots
30 | execSysRootsDuration := time.Since(t1)
31 |
32 | if err != nil {
33 | t.Fatalf("failed to read system roots: %v", err)
34 | }
35 |
36 | t.Logf(" cgo sys roots: %v", sysRootsDuration)
37 | t.Logf("non-cgo sys roots: %v", execSysRootsDuration)
38 |
39 | for _, tt := range []*CertPool{sysRoots, execRoots} {
40 | if tt == nil {
41 | t.Fatal("no system roots")
42 | }
43 | // On Mavericks, there are 212 bundled certs, at least
44 | // there was at one point in time on one machine.
45 | // (Maybe it was a corp laptop with extra certs?)
46 | // Other OS X users report
47 | // 135, 142, 145... Let's try requiring at least 100,
48 | // since this is just a sanity check.
49 | t.Logf("got %d roots", len(tt.certs))
50 | if want, have := 100, len(tt.certs); have < want {
51 | t.Fatalf("want at least %d system roots, have %d", want, have)
52 | }
53 | }
54 |
55 | // Check that the two cert pools are roughly the same;
56 | // |A∩B| > max(|A|, |B|) / 2 should be a reasonably robust check.
57 |
58 | isect := make(map[string]bool, len(sysRoots.certs))
59 | for _, c := range sysRoots.certs {
60 | isect[string(c.Raw)] = true
61 | }
62 |
63 | have := 0
64 | for _, c := range execRoots.certs {
65 | if isect[string(c.Raw)] {
66 | have++
67 | }
68 | }
69 |
70 | var want int
71 | if nsys, nexec := len(sysRoots.certs), len(execRoots.certs); nsys > nexec {
72 | want = nsys / 2
73 | } else {
74 | want = nexec / 2
75 | }
76 |
77 | if have < want {
78 | t.Errorf("insufficient overlap between cgo and non-cgo roots; want at least %d, have %d", want, have)
79 | }
80 | }
81 |
--------------------------------------------------------------------------------
/sm2/external.go:
--------------------------------------------------------------------------------
1 | // Copyright 2020 cetc-30. All rights reserved.
2 | // SPDX-License-Identifier: Apache-2.0
3 | // license that can be found in the LICENSE file.
4 |
5 | package sm2
6 |
7 | import (
8 | "crypto"
9 | "crypto/rand"
10 | "encoding/asn1"
11 | "io"
12 | "math/big"
13 | )
14 |
15 | type Sm2PrivateKey struct {
16 | D *big.Int //sk
17 | }
18 |
19 | type Sm2PublicKey struct {
20 | X *big.Int //pk.X
21 | Y *big.Int //pk.Y
22 | }
23 |
24 | type sm2Signature struct {
25 | R, S *big.Int
26 | }
27 |
28 | func (priv *PrivateKey) Sign(rand io.Reader, msg []byte, opt crypto.SignerOpts) ([]byte, error) {
29 | r, s, err := Sign(rand, priv, msg)
30 | if err != nil {
31 | return nil, err
32 | }
33 | return asn1.Marshal(sm2Signature{r, s})
34 | }
35 |
36 | func (pub *PublicKey) Verify(msg []byte, sign []byte) bool {
37 | var sm2Sign sm2Signature
38 | _, err := asn1.Unmarshal(sign, &sm2Sign)
39 | if err != nil {
40 | return false
41 | }
42 | return Verify(pub, msg, sm2Sign.R, sm2Sign.S)
43 | }
44 |
45 | func Sm2KeyGen(rand io.Reader) (sk, pk []byte, err error) {
46 | priv, _ := GenerateKey(rand)
47 | var sm2SK Sm2PrivateKey
48 | var sm2PK Sm2PublicKey
49 |
50 | sm2SK.D = priv.D
51 | sm2PK.X = priv.X
52 | sm2PK.Y = priv.Y
53 |
54 | sk, _ = asn1.Marshal(sm2SK)
55 | pk, _ = asn1.Marshal(sm2PK)
56 | return
57 | }
58 |
59 | func Sm2Sign(sk, pk, msg []byte) ([]byte, error) {
60 | var sm2SK Sm2PrivateKey
61 | var sm2PK Sm2PublicKey
62 | _, err := asn1.Unmarshal(sk, &sm2SK)
63 | if err != nil {
64 | return nil, err
65 | }
66 |
67 | _, err = asn1.Unmarshal(pk, &sm2PK)
68 | if err != nil {
69 | return nil, err
70 | }
71 |
72 | var priv PrivateKey
73 | priv.Curve = P256()
74 | priv.D = sm2SK.D
75 | priv.X = sm2PK.X
76 | priv.Y = sm2PK.Y
77 |
78 | r, s, err := Sign(rand.Reader, &priv, msg)
79 | if err != nil {
80 | return nil, err
81 | }
82 |
83 | return asn1.Marshal(sm2Signature{r, s})
84 | }
85 |
86 | func Sm2Verify(sign, pk, msg []byte) bool {
87 | var sm2Sign sm2Signature
88 | var sm2PK Sm2PublicKey
89 |
90 | _, err := asn1.Unmarshal(sign, &sm2Sign)
91 | if err != nil {
92 | return false
93 | }
94 |
95 | _, err = asn1.Unmarshal(pk, &sm2PK)
96 | if err != nil {
97 | return false
98 | }
99 |
100 | var PK PublicKey
101 | PK.Curve = P256()
102 | PK.X = sm2PK.X
103 | PK.Y = sm2PK.Y
104 |
105 | return PK.Verify(msg, sign)
106 | }
107 |
--------------------------------------------------------------------------------
/x509/sec1_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2012 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "bytes"
9 | "encoding/hex"
10 | "testing"
11 | )
12 |
13 | var ecKeyTests = []struct {
14 | derHex string
15 | shouldReserialize bool
16 | }{
17 | // Generated using:
18 | // openssl ecparam -genkey -name secp384r1 -outform PEM
19 | {"3081a40201010430bdb9839c08ee793d1157886a7a758a3c8b2a17a4df48f17ace57c72c56b4723cf21dcda21d4e1ad57ff034f19fcfd98ea00706052b81040022a16403620004feea808b5ee2429cfcce13c32160e1c960990bd050bb0fdf7222f3decd0a55008e32a6aa3c9062051c4cba92a7a3b178b24567412d43cdd2f882fa5addddd726fe3e208d2c26d733a773a597abb749714df7256ead5105fa6e7b3650de236b50", true},
20 | // This key was generated by GnuTLS and has illegal zero-padding of the
21 | // private key. See https://github.com/golang/go/issues/13699.
22 | {"3078020101042100f9f43a04b9bdc3ab01f53be6df80e7a7bc3eaf7b87fc24e630a4a0aa97633645a00a06082a8648ce3d030107a1440342000441a51bc318461b4c39a45048a16d4fc2a935b1ea7fe86e8c1fa219d6f2438f7c7fd62957d3442efb94b6a23eb0ea66dda663dc42f379cda6630b21b7888a5d3d", false},
23 | // This was generated using an old version of OpenSSL and is missing a
24 | // leading zero byte in the private key that should be present.
25 | {"3081db0201010441607b4f985774ac21e633999794542e09312073480baa69550914d6d43d8414441e61b36650567901da714f94dffb3ce0e2575c31928a0997d51df5c440e983ca17a00706052b81040023a181890381860004001661557afedd7ac8d6b70e038e576558c626eb62edda36d29c3a1310277c11f67a8c6f949e5430a37dcfb95d902c1b5b5379c389873b9dd17be3bdb088a4774a7401072f830fb9a08d93bfa50a03dd3292ea07928724ddb915d831917a338f6b0aecfbc3cf5352c4a1295d356890c41c34116d29eeb93779aab9d9d78e2613437740f6", false},
26 | }
27 |
28 | func TestParseECPrivateKey(t *testing.T) {
29 | for i, test := range ecKeyTests {
30 | derBytes, _ := hex.DecodeString(test.derHex)
31 | key, err := ParseECPrivateKey(derBytes)
32 | if err != nil {
33 | t.Fatalf("#%d: failed to decode EC private key: %s", i, err)
34 | }
35 | serialized, err := MarshalECPrivateKey(key)
36 | if err != nil {
37 | t.Fatalf("#%d: failed to encode EC private key: %s", i, err)
38 | }
39 | matches := bytes.Equal(serialized, derBytes)
40 | if matches != test.shouldReserialize {
41 | t.Fatalf("#%d: when serializing key: matches=%t, should match=%t: original %x, reserialized %x", i, matches, test.shouldReserialize, serialized, derBytes)
42 | }
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/x509/root_unix.go:
--------------------------------------------------------------------------------
1 | // Copyright 2011 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build dragonfly freebsd linux nacl netbsd openbsd solaris
6 |
7 | package x509
8 |
9 | import (
10 | "io/ioutil"
11 | "os"
12 | )
13 |
14 | // Possible directories with certificate files; stop after successfully
15 | // reading at least one file from a directory.
16 | var certDirectories = []string{
17 | "/etc/ssl/certs", // SLES10/SLES11, https://golang.org/issue/12139
18 | "/system/etc/security/cacerts", // Android
19 | "/usr/local/share/certs", // FreeBSD
20 | "/etc/pki/tls/certs", // Fedora/RHEL
21 | "/etc/openssl/certs", // NetBSD
22 | }
23 |
24 | const (
25 | // certFileEnv is the environment variable which identifies where to locate
26 | // the SSL certificate file. If set this overrides the system default.
27 | certFileEnv = "SSL_CERT_FILE"
28 |
29 | // certDirEnv is the environment variable which identifies which directory
30 | // to check for SSL certificate files. If set this overrides the system default.
31 | certDirEnv = "SSL_CERT_DIR"
32 | )
33 |
34 | func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
35 | return nil, nil
36 | }
37 |
38 | func loadSystemRoots() (*CertPool, error) {
39 | roots := NewCertPool()
40 |
41 | files := certFiles
42 | if f := os.Getenv(certFileEnv); f != "" {
43 | files = []string{f}
44 | }
45 |
46 | var firstErr error
47 | for _, file := range files {
48 | data, err := ioutil.ReadFile(file)
49 | if err == nil {
50 | roots.AppendCertsFromPEM(data)
51 | break
52 | }
53 | if firstErr == nil && !os.IsNotExist(err) {
54 | firstErr = err
55 | }
56 | }
57 |
58 | dirs := certDirectories
59 | if d := os.Getenv(certDirEnv); d != "" {
60 | dirs = []string{d}
61 | }
62 |
63 | for _, directory := range dirs {
64 | fis, err := ioutil.ReadDir(directory)
65 | if err != nil {
66 | if firstErr == nil && !os.IsNotExist(err) {
67 | firstErr = err
68 | }
69 | continue
70 | }
71 | rootsAdded := false
72 | for _, fi := range fis {
73 | data, err := ioutil.ReadFile(directory + "/" + fi.Name())
74 | if err == nil && roots.AppendCertsFromPEM(data) {
75 | rootsAdded = true
76 | }
77 | }
78 | if rootsAdded {
79 | return roots, nil
80 | }
81 | }
82 |
83 | if len(roots.certs) > 0 {
84 | return roots, nil
85 | }
86 |
87 | return nil, firstErr
88 | }
89 |
--------------------------------------------------------------------------------
/x509/pkcs8_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2011 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "encoding/hex"
9 | "testing"
10 | )
11 |
12 | var pkcs8RSAPrivateKeyHex = `30820278020100300d06092a864886f70d0101010500048202623082025e02010002818100cfb1b5bf9685ffa97b4f99df4ff122b70e59ac9b992f3bc2b3dde17d53c1a34928719b02e8fd17839499bfbd515bd6ef99c7a1c47a239718fe36bfd824c0d96060084b5f67f0273443007a24dfaf5634f7772c9346e10eb294c2306671a5a5e719ae24b4de467291bc571014b0e02dec04534d66a9bb171d644b66b091780e8d020301000102818100b595778383c4afdbab95d2bfed12b3f93bb0a73a7ad952f44d7185fd9ec6c34de8f03a48770f2009c8580bcd275e9632714e9a5e3f32f29dc55474b2329ff0ebc08b3ffcb35bc96e6516b483df80a4a59cceb71918cbabf91564e64a39d7e35dce21cb3031824fdbc845dba6458852ec16af5dddf51a8397a8797ae0337b1439024100ea0eb1b914158c70db39031dd8904d6f18f408c85fbbc592d7d20dee7986969efbda081fdf8bc40e1b1336d6b638110c836bfdc3f314560d2e49cd4fbde1e20b024100e32a4e793b574c9c4a94c8803db5152141e72d03de64e54ef2c8ed104988ca780cd11397bc359630d01b97ebd87067c5451ba777cf045ca23f5912f1031308c702406dfcdbbd5a57c9f85abc4edf9e9e29153507b07ce0a7ef6f52e60dcfebe1b8341babd8b789a837485da6c8d55b29bbb142ace3c24a1f5b54b454d01b51e2ad03024100bd6a2b60dee01e1b3bfcef6a2f09ed027c273cdbbaf6ba55a80f6dcc64e4509ee560f84b4f3e076bd03b11e42fe71a3fdd2dffe7e0902c8584f8cad877cdc945024100aa512fa4ada69881f1d8bb8ad6614f192b83200aef5edf4811313d5ef30a86cbd0a90f7b025c71ea06ec6b34db6306c86b1040670fd8654ad7291d066d06d031`
13 |
14 | // Generated using:
15 | // openssl ecparam -genkey -name secp521r1 | openssl pkcs8 -topk8 -nocrypt
16 | var pkcs8ECPrivateKeyHex = `3081ed020100301006072a8648ce3d020106052b810400230481d53081d20201010441850d81618c5da1aec74c2eed608ba816038506975e6427237c2def150c96a3b13efbfa1f89f1be15cdf4d0ac26422e680e65a0ddd4ad3541ad76165fbf54d6e34ba18189038186000400da97bcedba1eb6d30aeb93c9f9a1454598fa47278df27d6f60ea73eb672d8dc528a9b67885b5b5dcef93c9824f7449ab512ee6a27e76142f56b94b474cfd697e810046c8ca70419365245c1d7d44d0db82c334073835d002232714548abbae6e5700f5ef315ee08b929d8581383dcf2d1c98c2f8a9fccbf79c9579f7b2fd8a90115ac2`
17 |
18 | func TestPKCS8(t *testing.T) {
19 | derBytes, _ := hex.DecodeString(pkcs8RSAPrivateKeyHex)
20 | if _, err := ParsePKCS8PrivateKey(derBytes); err != nil {
21 | t.Errorf("failed to decode PKCS8 with RSA private key: %s", err)
22 | }
23 |
24 | derBytes, _ = hex.DecodeString(pkcs8ECPrivateKeyHex)
25 | if _, err := ParsePKCS8PrivateKey(derBytes); err != nil {
26 | t.Errorf("failed to decode PKCS8 with EC private key: %s", err)
27 | }
28 | }
29 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv12-Resume:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 f9 01 00 00 f5 03 03 23 77 58 99 0e |...........#wX..|
3 | 00000010 44 ed 63 44 e4 e4 eb d1 83 c3 9c d0 24 12 a3 b9 |D.cD........$...|
4 | 00000020 55 6b 4d da bf 84 9d 35 de 43 a0 20 7b 93 cb d3 |UkM....5.C. {...|
5 | 00000030 c5 ce 5e d5 aa 48 91 a4 b2 c2 d7 72 09 0d 21 78 |..^..H.....r..!x|
6 | 00000040 f0 ac 7a ed 9a a9 ad dd 51 8b b2 1c 00 04 00 2f |..z.....Q....../|
7 | 00000050 00 ff 01 00 00 a8 00 23 00 78 50 46 ad c1 db a8 |.......#.xPF....|
8 | 00000060 38 86 7b 2b bb fd d0 c3 42 3e 00 00 00 00 00 00 |8.{+....B>......|
9 | 00000070 00 00 00 00 00 00 00 00 00 00 94 6f 2c 9f 83 61 |...........o,..a|
10 | 00000080 0b b1 b7 9e 10 2d 0c 56 e8 70 66 ad de b1 15 74 |.....-.V.pf....t|
11 | 00000090 2f 8b 08 8c 96 bb 4b 1b 4e dd 81 0e bf 84 4d 43 |/.....K.N.....MC|
12 | 000000a0 8f c0 7e a0 7f be c0 59 bf 83 26 0f a2 22 52 2c |..~....Y..&.."R,|
13 | 000000b0 33 94 5a 77 54 f3 b5 f2 22 51 d5 24 c2 60 c3 2e |3.ZwT..."Q.$.`..|
14 | 000000c0 0f 9c 5e 33 3b e8 7c 52 2a 76 08 58 ac 47 98 bc |..^3;.|R*v.X.G..|
15 | 000000d0 36 b6 00 0d 00 20 00 1e 06 01 06 02 06 03 05 01 |6.... ..........|
16 | 000000e0 05 02 05 03 04 01 04 02 04 03 03 01 03 02 03 03 |................|
17 | 000000f0 02 01 02 02 02 03 00 16 00 00 00 17 00 00 |..............|
18 | >>> Flow 2 (server to client)
19 | 00000000 16 03 03 00 51 02 00 00 4d 03 03 00 00 00 00 00 |....Q...M.......|
20 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
21 | 00000020 00 00 00 00 00 00 00 00 00 00 00 20 7b 93 cb d3 |........... {...|
22 | 00000030 c5 ce 5e d5 aa 48 91 a4 b2 c2 d7 72 09 0d 21 78 |..^..H.....r..!x|
23 | 00000040 f0 ac 7a ed 9a a9 ad dd 51 8b b2 1c 00 2f 00 00 |..z.....Q..../..|
24 | 00000050 05 ff 01 00 01 00 14 03 03 00 01 01 16 03 03 00 |................|
25 | 00000060 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |@...............|
26 | 00000070 00 ac d9 95 88 c6 37 e8 3c 24 d8 d9 15 46 25 c6 |......7.<$...F%.|
27 | 00000080 32 0c 75 80 11 3d 89 53 1c 7a b1 78 6a c1 1a d7 |2.u..=.S.z.xj...|
28 | 00000090 91 6e c2 55 99 84 11 43 cd 62 99 3b 28 1b 2e 08 |.n.U...C.b.;(...|
29 | 000000a0 a8 |.|
30 | >>> Flow 3 (client to server)
31 | 00000000 14 03 03 00 01 01 16 03 03 00 40 67 fd 43 2a 0b |..........@g.C*.|
32 | 00000010 14 6b 89 53 84 a8 04 62 d6 30 af 68 eb 8e 2a de |.k.S...b.0.h..*.|
33 | 00000020 67 c9 40 af 8b ac dd 29 a4 20 e4 da b0 dd c3 05 |g.@....). ......|
34 | 00000030 82 83 8f 75 77 db 6c fe e7 20 54 e3 eb 51 31 68 |...uw.l.. T..Q1h|
35 | 00000040 da 11 a3 6d a1 34 d9 f5 d1 ef c9 |...m.4.....|
36 | >>> Flow 4 (server to client)
37 | 00000000 17 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........|
38 | 00000010 00 00 00 00 00 ee e2 75 6f 78 b0 88 1a 8b 9b 91 |.......uox......|
39 | 00000020 c9 8c 3b ae a5 93 71 12 55 66 f8 09 a5 1f 4b 1b |..;...q.Uf....K.|
40 | 00000030 c2 fe 65 8b 3d d9 dc fa af dc 29 1b 83 da e0 6a |..e.=.....)....j|
41 | 00000040 4b cd d0 dc 27 |K...'|
42 |
--------------------------------------------------------------------------------
/tls/gm_handshake_messages.go:
--------------------------------------------------------------------------------
1 | // Copyright 2009 The Go Authors. All rights reserved.
2 | // Copyright 2009 The Go Authors. All rights reserved.
3 | // Use of this source code is governed by a BSD-style
4 | // license that can be found in the LICENSE file.
5 |
6 | package tls
7 |
8 | import "bytes"
9 |
10 | type certificateRequestMsgGM struct {
11 | raw []byte
12 |
13 | certificateTypes []byte
14 | certificateAuthorities [][]byte
15 | }
16 |
17 | func (m *certificateRequestMsgGM) equal(i interface{}) bool {
18 | m1, ok := i.(*certificateRequestMsgGM)
19 | if !ok {
20 | return false
21 | }
22 |
23 | return bytes.Equal(m.raw, m1.raw) &&
24 | bytes.Equal(m.certificateTypes, m1.certificateTypes) &&
25 | eqByteSlices(m.certificateAuthorities, m1.certificateAuthorities)
26 | }
27 |
28 | func (m *certificateRequestMsgGM) marshal() (x []byte) {
29 | if m.raw != nil {
30 | return m.raw
31 | }
32 |
33 | // See https://tools.ietf.org/html/rfc4346#section-7.4.4
34 | length := 1 + len(m.certificateTypes) + 2
35 | casLength := 0
36 | for _, ca := range m.certificateAuthorities {
37 | casLength += 2 + len(ca)
38 | }
39 | length += casLength
40 |
41 | x = make([]byte, 4+length)
42 | x[0] = typeCertificateRequest
43 | x[1] = uint8(length >> 16)
44 | x[2] = uint8(length >> 8)
45 | x[3] = uint8(length)
46 |
47 | x[4] = uint8(len(m.certificateTypes))
48 |
49 | copy(x[5:], m.certificateTypes)
50 | y := x[5+len(m.certificateTypes):]
51 |
52 | y[0] = uint8(casLength >> 8)
53 | y[1] = uint8(casLength)
54 | y = y[2:]
55 | for _, ca := range m.certificateAuthorities {
56 | y[0] = uint8(len(ca) >> 8)
57 | y[1] = uint8(len(ca))
58 | y = y[2:]
59 | copy(y, ca)
60 | y = y[len(ca):]
61 | }
62 |
63 | m.raw = x
64 | return
65 | }
66 |
67 | func (m *certificateRequestMsgGM) unmarshal(data []byte) bool {
68 | m.raw = data
69 |
70 | if len(data) < 5 {
71 | return false
72 | }
73 |
74 | length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
75 | if uint32(len(data))-4 != length {
76 | return false
77 | }
78 |
79 | numCertTypes := int(data[4])
80 | data = data[5:]
81 | if numCertTypes == 0 || len(data) <= numCertTypes {
82 | return false
83 | }
84 |
85 | m.certificateTypes = make([]byte, numCertTypes)
86 | if copy(m.certificateTypes, data) != numCertTypes {
87 | return false
88 | }
89 |
90 | data = data[numCertTypes:]
91 |
92 | if len(data) < 2 {
93 | return false
94 | }
95 | casLength := uint16(data[0])<<8 | uint16(data[1])
96 | data = data[2:]
97 | if len(data) < int(casLength) {
98 | return false
99 | }
100 | cas := make([]byte, casLength)
101 | copy(cas, data)
102 | data = data[casLength:]
103 |
104 | m.certificateAuthorities = nil
105 | for len(cas) > 0 {
106 | if len(cas) < 2 {
107 | return false
108 | }
109 | caLen := uint16(cas[0])<<8 | uint16(cas[1])
110 | cas = cas[2:]
111 |
112 | if len(cas) < int(caLen) {
113 | return false
114 | }
115 |
116 | m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen])
117 | cas = cas[caLen:]
118 | }
119 |
120 | return len(data) == 0
121 | }
122 |
123 |
--------------------------------------------------------------------------------
/sm3/sm3.go:
--------------------------------------------------------------------------------
1 | // Copyright 2011 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // Package sm3 implements china crypto standards.
6 | package sm3
7 |
8 | import (
9 | "hash"
10 | )
11 |
12 | var hashFunc func() hash.Hash
13 |
14 | func init() {
15 | //crypto.RegisterHash(crypto.tjSM3, New)
16 | hashFunc = New
17 | }
18 |
19 | // The size of a SM2 checksum in bytes.
20 | const Size = 32
21 |
22 | // The blocksize of SHA256 and SHA224 in bytes.
23 | const BlockSize = 64
24 |
25 | const (
26 | chunk = 64
27 | init0 = 0x7380166f
28 | init1 = 0x4914b2b9
29 | init2 = 0x172442d7
30 | init3 = 0xda8a0600
31 | init4 = 0xa96f30bc
32 | init5 = 0x163138aa
33 | init6 = 0xe38dee4d
34 | init7 = 0xb0fb0e4e
35 | )
36 |
37 | // digest represents the partial evaluation of a checksum.
38 | type digest struct {
39 | h [8]uint32
40 | x [chunk]byte
41 | nx int
42 | len uint64
43 | }
44 |
45 | func (d *digest) Reset() {
46 | d.h[0] = init0
47 | d.h[1] = init1
48 | d.h[2] = init2
49 | d.h[3] = init3
50 | d.h[4] = init4
51 | d.h[5] = init5
52 | d.h[6] = init6
53 | d.h[7] = init7
54 | d.nx = 0
55 | d.len = 0
56 | }
57 |
58 | func GetFunc() (func() hash.Hash){
59 | return hashFunc
60 | }
61 |
62 | func New() hash.Hash {
63 | d := new(digest)
64 | d.Reset()
65 | return d
66 | }
67 |
68 | func (d *digest) Size() int {
69 | return Size
70 | }
71 |
72 | func (d *digest) BlockSize() int { return BlockSize }
73 |
74 | func (d *digest) Write(p []byte) (nn int, err error) {
75 | nn = len(p)
76 | d.len += uint64(nn)
77 | //var n int
78 | if d.nx > 0 {
79 | n := copy(d.x[d.nx:], p)
80 | d.nx += n
81 | if d.nx == chunk {
82 | Block(d, d.x[:])
83 | d.nx = 0
84 | }
85 | p = p[n:]
86 | }
87 |
88 | if len(p) >= chunk {
89 | n := len(p) &^ (chunk - 1)
90 | Block(d, p)
91 | p = p[n:]
92 | }
93 | if len(p) > 0 {
94 | d.nx = copy(d.x[:], p)
95 | }
96 | return
97 | }
98 |
99 | func (d0 *digest) Sum(in []byte) []byte {
100 | // Make a copy of d0 so that caller can keep writing and summing.
101 | d := *d0
102 | hash := d.checkSum()
103 | return append(in, hash[:]...)
104 | }
105 |
106 | func (d0 *digest)ConstantTimeSum(b []byte) []byte {
107 | return d0.Sum(b)
108 | }
109 |
110 | func (d *digest) checkSum() []byte {
111 | len := d.len
112 | // Padding. Add a 1 bit and 0 bits until 56 bytes mod 64.
113 | var tmp [64]byte
114 | tmp[0] = 0x80
115 | if len%64 < 56 {
116 | d.Write(tmp[0 : 56-len%64])
117 | } else {
118 | d.Write(tmp[0 : 64+56-len%64])
119 | }
120 |
121 | // Length in bits.
122 | len <<= 3
123 | for i := uint(0); i < 8; i++ {
124 | tmp[i] = byte(len >> (56 - 8*i))
125 | }
126 | d.Write(tmp[0:8])
127 |
128 | if d.nx != 0 {
129 | panic("d.nx != 0")
130 | }
131 |
132 | h := d.h[:]
133 |
134 | var digest []byte = make([]byte, Size)
135 | for i, s := range h {
136 | digest[i*4] = byte(s >> 24)
137 | digest[i*4+1] = byte(s >> 16)
138 | digest[i*4+2] = byte(s >> 8)
139 | digest[i*4+3] = byte(s)
140 | }
141 | return digest
142 | }
143 |
144 | func SumSM3(data []byte) []byte {
145 | var d digest
146 | d.Reset()
147 | d.Write(data)
148 | return d.checkSum()
149 | }
--------------------------------------------------------------------------------
/x509/pkcs1.go:
--------------------------------------------------------------------------------
1 | // Copyright 2011 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "crypto/rsa"
9 | "encoding/asn1"
10 | "errors"
11 | "math/big"
12 | )
13 |
14 | // pkcs1PrivateKey is a structure which mirrors the PKCS#1 ASN.1 for an RSA private key.
15 | type pkcs1PrivateKey struct {
16 | Version int
17 | N *big.Int
18 | E int
19 | D *big.Int
20 | P *big.Int
21 | Q *big.Int
22 | // We ignore these values, if present, because rsa will calculate them.
23 | Dp *big.Int `asn1:"optional"`
24 | Dq *big.Int `asn1:"optional"`
25 | Qinv *big.Int `asn1:"optional"`
26 |
27 | AdditionalPrimes []pkcs1AdditionalRSAPrime `asn1:"optional,omitempty"`
28 | }
29 |
30 | type pkcs1AdditionalRSAPrime struct {
31 | Prime *big.Int
32 |
33 | // We ignore these values because rsa will calculate them.
34 | Exp *big.Int
35 | Coeff *big.Int
36 | }
37 |
38 | // pkcs1PublicKey reflects the ASN.1 structure of a PKCS#1 public key.
39 | type pkcs1PublicKey struct {
40 | N *big.Int
41 | E int
42 | }
43 |
44 | // ParsePKCS1PrivateKey returns an RSA private key from its ASN.1 PKCS#1 DER encoded form.
45 | func ParsePKCS1PrivateKey(der []byte) (*rsa.PrivateKey, error) {
46 | var priv pkcs1PrivateKey
47 | rest, err := asn1.Unmarshal(der, &priv)
48 | if len(rest) > 0 {
49 | return nil, asn1.SyntaxError{Msg: "trailing data"}
50 | }
51 | if err != nil {
52 | return nil, err
53 | }
54 |
55 | if priv.Version > 1 {
56 | return nil, errors.New("x509: unsupported private key version")
57 | }
58 |
59 | if priv.N.Sign() <= 0 || priv.D.Sign() <= 0 || priv.P.Sign() <= 0 || priv.Q.Sign() <= 0 {
60 | return nil, errors.New("x509: private key contains zero or negative value")
61 | }
62 |
63 | key := new(rsa.PrivateKey)
64 | key.PublicKey = rsa.PublicKey{
65 | E: priv.E,
66 | N: priv.N,
67 | }
68 |
69 | key.D = priv.D
70 | key.Primes = make([]*big.Int, 2+len(priv.AdditionalPrimes))
71 | key.Primes[0] = priv.P
72 | key.Primes[1] = priv.Q
73 | for i, a := range priv.AdditionalPrimes {
74 | if a.Prime.Sign() <= 0 {
75 | return nil, errors.New("x509: private key contains zero or negative prime")
76 | }
77 | key.Primes[i+2] = a.Prime
78 | // We ignore the other two values because rsa will calculate
79 | // them as needed.
80 | }
81 |
82 | err = key.Validate()
83 | if err != nil {
84 | return nil, err
85 | }
86 | key.Precompute()
87 |
88 | return key, nil
89 | }
90 |
91 | // MarshalPKCS1PrivateKey converts a private key to ASN.1 DER encoded form.
92 | func MarshalPKCS1PrivateKey(key *rsa.PrivateKey) []byte {
93 | key.Precompute()
94 |
95 | version := 0
96 | if len(key.Primes) > 2 {
97 | version = 1
98 | }
99 |
100 | priv := pkcs1PrivateKey{
101 | Version: version,
102 | N: key.N,
103 | E: key.PublicKey.E,
104 | D: key.D,
105 | P: key.Primes[0],
106 | Q: key.Primes[1],
107 | Dp: key.Precomputed.Dp,
108 | Dq: key.Precomputed.Dq,
109 | Qinv: key.Precomputed.Qinv,
110 | }
111 |
112 | priv.AdditionalPrimes = make([]pkcs1AdditionalRSAPrime, len(key.Precomputed.CRTValues))
113 | for i, values := range key.Precomputed.CRTValues {
114 | priv.AdditionalPrimes[i].Prime = key.Primes[2+i]
115 | priv.AdditionalPrimes[i].Exp = values.Exp
116 | priv.AdditionalPrimes[i].Coeff = values.Coeff
117 | }
118 |
119 | b, _ := asn1.Marshal(priv)
120 | return b
121 | }
122 |
--------------------------------------------------------------------------------
/sm4/sm4_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2020 cetc-30. All rights reserved.
2 | // SPDX-License-Identifier: Apache-2.0
3 | // license that can be found in the LICENSE file.
4 | package sm4
5 |
6 | import (
7 | "bytes"
8 | "testing"
9 | )
10 |
11 | func TestSm4Ecb(t *testing.T) {
12 | key := []byte("0123456789abcdef")
13 | msg := []byte("0123456789abcdef012345678")
14 | encMsg, err := Sm4Ecb(key, msg, ENC)
15 | if err != nil {
16 | t.Errorf("sm4 enc error:%s", err)
17 | return
18 | }
19 | dec, err := Sm4Ecb(key, encMsg, DEC)
20 | if err != nil {
21 | t.Errorf("sm4 dec error:%s", err)
22 | return
23 | }
24 | if !bytes.Equal(msg, dec) {
25 | t.Errorf("sm4 self enc and dec failed")
26 | }
27 | }
28 |
29 | var buf = make([]byte, 8192)
30 |
31 | func benchmarkSizeEcb(b *testing.B, size int) {
32 | b.SetBytes(int64(size))
33 | key := []byte("1234567890abcdef")
34 | b.ReportAllocs()
35 | b.ResetTimer()
36 | for i := 0; i < b.N; i++ {
37 | Sm4Ecb(key, buf[:size], ENC)
38 | }
39 | }
40 |
41 | func BenchmarkSm4Ecb8Bytes(b *testing.B) {
42 | benchmarkSizeEcb(b, 8)
43 | }
44 |
45 | func BenchmarkSm4Ecb1K(b *testing.B) {
46 | benchmarkSizeEcb(b, 1024)
47 | }
48 |
49 | func BenchmarkSm4Ecb8K(b *testing.B) {
50 | benchmarkSizeEcb(b, 8192)
51 | }
52 |
53 | func TestSm4CipherEncAndDec(t *testing.T) {
54 | msg := []byte("0123456789abcdef")
55 | key := []byte("0123456789abcdef")
56 | c, err := NewCipher(key)
57 | if err != nil {
58 | t.Errorf("cipher error:%s", err)
59 | return
60 | }
61 |
62 | encMsg := make([]byte, 16)
63 | c.Encrypt(encMsg, msg)
64 |
65 | plain := make([]byte, 16)
66 | c.Decrypt(plain, encMsg)
67 |
68 | if !bytes.Equal(msg, plain) {
69 | t.Error("sm4 self enc and dec failed")
70 | }
71 | }
72 |
73 | func BenchmarkSm4Cipher_Encrypt(b *testing.B) {
74 | msg := []byte("0123456789abcdef")
75 | key := []byte("0123456789abcdef")
76 | c, _ := NewCipher(key)
77 | encMsg := make([]byte, 16)
78 |
79 | b.SetBytes(int64(len(msg)))
80 | b.ReportAllocs()
81 | b.ResetTimer()
82 | for i := 0; i < b.N; i++ {
83 | c.Encrypt(encMsg, msg)
84 | }
85 | }
86 |
87 | func BenchmarkSm4Cipher_Decrypt(b *testing.B) {
88 | msg := []byte("0123456789abcdef")
89 | key := []byte("0123456789abcdef")
90 | c, _ := NewCipher(key)
91 | encMsg := make([]byte, 16)
92 | plain := make([]byte, 16)
93 | c.Encrypt(encMsg, msg)
94 |
95 | b.SetBytes(int64(len(msg)))
96 | b.ReportAllocs()
97 | b.ResetTimer()
98 | for i := 0; i < b.N; i++ {
99 | c.Decrypt(plain, encMsg)
100 | }
101 | }
102 |
103 | func TestSm4Cbc(t *testing.T) {
104 | msg := []byte("0123456789abcdef012345678")
105 | key := []byte("0123456789abcdef")
106 |
107 | c, err := Sm4Cbc(key, msg, ENC)
108 | if err != nil {
109 | t.Errorf("sm4 cbc enc err:%s", err)
110 | return
111 | }
112 |
113 | plain, err := Sm4Cbc(key, c, DEC)
114 | if err != nil {
115 | t.Errorf("sm4 cbc dec err:%s", err)
116 | return
117 | }
118 |
119 | if !bytes.Equal(msg, plain) {
120 | t.Error("sm4 encryption is invalid")
121 | return
122 | }
123 | }
124 |
125 | func benchmarkSizeCbc(b *testing.B, size int) {
126 | b.SetBytes(int64(size))
127 | key := []byte("1234567890abcdef")
128 | b.ReportAllocs()
129 | b.ResetTimer()
130 | for i := 0; i < b.N; i++ {
131 | Sm4Cbc(key, buf[:size], ENC)
132 | }
133 | }
134 |
135 | func BenchmarkSm4Cbc8Bytes(b *testing.B) {
136 | benchmarkSizeCbc(b, 8)
137 | }
138 |
139 | func BenchmarkSm4Cbc1K(b *testing.B) {
140 | benchmarkSizeCbc(b, 1024)
141 | }
142 |
143 | func BenchmarkSm4Cbc8K(b *testing.B) {
144 | benchmarkSizeCbc(b, 8192)
145 | }
146 |
--------------------------------------------------------------------------------
/tls/alert.go:
--------------------------------------------------------------------------------
1 | // Copyright 2009 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package tls
6 |
7 | import "strconv"
8 |
9 | type alert uint8
10 |
11 | const (
12 | // alert level
13 | alertLevelWarning = 1
14 | alertLevelError = 2
15 | )
16 |
17 | const (
18 | alertCloseNotify alert = 0
19 | alertUnexpectedMessage alert = 10
20 | alertBadRecordMAC alert = 20
21 | alertDecryptionFailed alert = 21
22 | alertRecordOverflow alert = 22
23 | alertDecompressionFailure alert = 30
24 | alertHandshakeFailure alert = 40
25 | alertBadCertificate alert = 42
26 | alertUnsupportedCertificate alert = 43
27 | alertCertificateRevoked alert = 44
28 | alertCertificateExpired alert = 45
29 | alertCertificateUnknown alert = 46
30 | alertIllegalParameter alert = 47
31 | alertUnknownCA alert = 48
32 | alertAccessDenied alert = 49
33 | alertDecodeError alert = 50
34 | alertDecryptError alert = 51
35 | alertProtocolVersion alert = 70
36 | alertInsufficientSecurity alert = 71
37 | alertInternalError alert = 80
38 | alertInappropriateFallback alert = 86
39 | alertUserCanceled alert = 90
40 | alertNoRenegotiation alert = 100
41 | alertNoApplicationProtocol alert = 120
42 |
43 | // specific types for GMT0024
44 | alertUnspporttedSite2Site alert = 200
45 | alertNoArea alert = 201
46 | alertUnspportedAreaType alert = 202
47 | alertBadIBCParam alert = 203
48 | alertUnspportedIBCParam alert = 204
49 | alertIdentityNeed alert = 205
50 | )
51 |
52 | var alertText = map[alert]string{
53 | alertCloseNotify: "close notify",
54 | alertUnexpectedMessage: "unexpected message",
55 | alertBadRecordMAC: "bad record MAC",
56 | alertDecryptionFailed: "decryption failed",
57 | alertRecordOverflow: "record overflow",
58 | alertDecompressionFailure: "decompression failure",
59 | alertHandshakeFailure: "handshake failure",
60 | alertBadCertificate: "bad certificate",
61 | alertUnsupportedCertificate: "unsupported certificate",
62 | alertCertificateRevoked: "revoked certificate",
63 | alertCertificateExpired: "expired certificate",
64 | alertCertificateUnknown: "unknown certificate",
65 | alertIllegalParameter: "illegal parameter",
66 | alertUnknownCA: "unknown certificate authority",
67 | alertAccessDenied: "access denied",
68 | alertDecodeError: "error decoding message",
69 | alertDecryptError: "error decrypting message",
70 | alertProtocolVersion: "protocol version not supported",
71 | alertInsufficientSecurity: "insufficient security level",
72 | alertInternalError: "internal error",
73 | alertInappropriateFallback: "inappropriate fallback",
74 | alertUserCanceled: "user canceled",
75 | alertNoRenegotiation: "no renegotiation",
76 | alertNoApplicationProtocol: "no application protocol",
77 |
78 | //specific types for GM
79 | alertUnspporttedSite2Site: "不支持site2site",
80 | alertNoArea : "没有保护域",
81 | alertUnspportedAreaType : "不支持的保护域类型",
82 | alertBadIBCParam : "接收到一个无效的ibc公共参数",
83 | alertUnspportedIBCParam : "不支持ibc参数中定义的信息",
84 | alertIdentityNeed : "缺少对方的ibc标识",
85 | }
86 |
87 | func (e alert) String() string {
88 | s, ok := alertText[e]
89 | if ok {
90 | return "tls: " + s
91 | }
92 | return "tls: alert(" + strconv.Itoa(int(e)) + ")"
93 | }
94 |
95 | func (e alert) Error() string {
96 | return e.String()
97 | }
98 |
--------------------------------------------------------------------------------
/x509/root_unix_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2017 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build dragonfly freebsd linux netbsd openbsd solaris
6 |
7 | package x509
8 |
9 | import (
10 | "fmt"
11 | "os"
12 | "testing"
13 | )
14 |
15 | const (
16 | testDir = "testdata"
17 | testDirCN = "test-dir"
18 | testFile = "test-file.crt"
19 | testFileCN = "test-file"
20 | testMissing = "missing"
21 | )
22 |
23 | func TestEnvVars(t *testing.T) {
24 | testCases := []struct {
25 | name string
26 | fileEnv string
27 | dirEnv string
28 | files []string
29 | dirs []string
30 | cns []string
31 | }{
32 | {
33 | // Environment variables override the default locations preventing fall through.
34 | name: "override-defaults",
35 | fileEnv: testMissing,
36 | dirEnv: testMissing,
37 | files: []string{testFile},
38 | dirs: []string{testDir},
39 | cns: nil,
40 | },
41 | {
42 | // File environment overrides default file locations.
43 | name: "file",
44 | fileEnv: testFile,
45 | dirEnv: "",
46 | files: nil,
47 | dirs: nil,
48 | cns: []string{testFileCN},
49 | },
50 | {
51 | // Directory environment overrides default directory locations.
52 | name: "dir",
53 | fileEnv: "",
54 | dirEnv: testDir,
55 | files: nil,
56 | dirs: nil,
57 | cns: []string{testDirCN},
58 | },
59 | {
60 | // File & directory environment overrides both default locations.
61 | name: "file+dir",
62 | fileEnv: testFile,
63 | dirEnv: testDir,
64 | files: nil,
65 | dirs: nil,
66 | cns: []string{testFileCN, testDirCN},
67 | },
68 | {
69 | // Environment variable empty / unset uses default locations.
70 | name: "empty-fall-through",
71 | fileEnv: "",
72 | dirEnv: "",
73 | files: []string{testFile},
74 | dirs: []string{testDir},
75 | cns: []string{testFileCN, testDirCN},
76 | },
77 | }
78 |
79 | // Save old settings so we can restore before the test ends.
80 | origCertFiles, origCertDirectories := certFiles, certDirectories
81 | origFile, origDir := os.Getenv(certFileEnv), os.Getenv(certDirEnv)
82 | defer func() {
83 | certFiles = origCertFiles
84 | certDirectories = origCertDirectories
85 | os.Setenv(certFileEnv, origFile)
86 | os.Setenv(certDirEnv, origDir)
87 | }()
88 |
89 | for _, tc := range testCases {
90 | t.Run(tc.name, func(t *testing.T) {
91 | if err := os.Setenv(certFileEnv, tc.fileEnv); err != nil {
92 | t.Fatalf("setenv %q failed: %v", certFileEnv, err)
93 | }
94 | if err := os.Setenv(certDirEnv, tc.dirEnv); err != nil {
95 | t.Fatalf("setenv %q failed: %v", certDirEnv, err)
96 | }
97 |
98 | certFiles, certDirectories = tc.files, tc.dirs
99 |
100 | r, err := loadSystemRoots()
101 | if err != nil {
102 | t.Fatal("unexpected failure:", err)
103 | }
104 |
105 | if r == nil {
106 | if tc.cns == nil {
107 | // Expected nil
108 | return
109 | }
110 | t.Fatal("nil roots")
111 | }
112 |
113 | // Verify that the returned certs match, otherwise report where the mismatch is.
114 | for i, cn := range tc.cns {
115 | if i >= len(r.certs) {
116 | t.Errorf("missing cert %v @ %v", cn, i)
117 | } else if r.certs[i].Subject.CommonName != cn {
118 | fmt.Printf("%#v\n", r.certs[0].Subject)
119 | t.Errorf("unexpected cert common name %q, want %q", r.certs[i].Subject.CommonName, cn)
120 | }
121 | }
122 | if len(r.certs) > len(tc.cns) {
123 | t.Errorf("got %v certs, which is more than %v wanted", len(r.certs), len(tc.cns))
124 | }
125 | })
126 | }
127 | }
128 |
--------------------------------------------------------------------------------
/sm3/sm3hash.go:
--------------------------------------------------------------------------------
1 | /*
2 | Copyright IBM Corp. 2017 All Rights Reserved.
3 |
4 | Licensed under the Apache License, Version 2.0 (the "License");
5 | you may not use this file except in compliance with the License.
6 | You may obtain a copy of the License at
7 |
8 | SPDX-License-Identifier: Apache-2.0
9 |
10 | Unless required by applicable law or agreed to in writing, software
11 | distributed under the License is distributed on an "AS IS" BASIS,
12 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | See the License for the specific language governing permissions and
14 | limitations under the License.
15 | */
16 | package sm3
17 |
18 | func leftRotate(x uint32, r uint32) uint32 { return (x<<(r%32) | x>>(32-r%32)) }
19 |
20 | func ff0(X uint32, Y uint32, Z uint32) uint32 { return X ^ Y ^ Z }
21 | func ff1(X uint32, Y uint32, Z uint32) uint32 { return (X & Y) | (X & Z) | (Y & Z) }
22 |
23 | func gg0(X uint32, Y uint32, Z uint32) uint32 { return X ^ Y ^ Z }
24 | func gg1(X uint32, Y uint32, Z uint32) uint32 { return (X & Y) | ((^X) & Z) }
25 |
26 | func p0(X uint32) uint32 { return X ^ leftRotate(X, 9) ^ leftRotate(X, 17) }
27 |
28 | func p1(X uint32) uint32 { return X ^ leftRotate(X, 15) ^ leftRotate(X, 23) }
29 |
30 | func msgPadding(message []byte) []byte {
31 | // Pre-processing:
32 | chunk := message
33 |
34 | // Pre-processing: adding a single 1 bit
35 | chunk = append(chunk, byte(0x80))
36 |
37 | // Pre-processing: padding with zeros
38 | padding := 56 - len(chunk)%64
39 | for i := 0; i < padding; i++ {
40 | chunk = append(chunk, 0x00)
41 | }
42 | var l uint64
43 | l = uint64(len(message) * 8)
44 |
45 | // l := byte((len(message) * 8))()
46 | chunk = append(chunk, byte((l>>56)&0xff))
47 | chunk = append(chunk, byte((l>>48)&0xff))
48 | chunk = append(chunk, byte((l>>40)&0xff))
49 | chunk = append(chunk, byte((l>>32)&0xff))
50 | chunk = append(chunk, byte((l>>24)&0xff))
51 | chunk = append(chunk, byte((l>>16)&0xff))
52 | chunk = append(chunk, byte((l>>8)&0xff))
53 | chunk = append(chunk, byte(l&0xff))
54 |
55 | // hstr := biu.BytesToHexString(chunk)
56 | // fmt.Println(len(hstr))
57 | // fmt.Println("test" + hstr)
58 |
59 | // return hstr
60 | return chunk
61 | }
62 |
63 | type W struct {
64 | W1 [68]uint32
65 | W2 [64]uint32
66 | }
67 |
68 | func msgExp(x [16]uint32) W {
69 | var i int
70 | var wtmp W
71 | for i = 0; i < 16; i++ {
72 | wtmp.W1[i] = x[i]
73 | }
74 | for i = 16; i < 68; i++ {
75 | wtmp.W1[i] = p1(wtmp.W1[i-16]^wtmp.W1[i-9]^leftRotate(wtmp.W1[i-3], 15)) ^ leftRotate(wtmp.W1[i-13], 7) ^ wtmp.W1[i-6]
76 | }
77 | for i = 0; i < 64; i++ {
78 | wtmp.W2[i] = wtmp.W1[i] ^ wtmp.W1[i+4]
79 | }
80 | return wtmp
81 | }
82 |
83 | func cF(V [8]uint32, Bmsg [16]uint32) [8]uint32 {
84 | var j int
85 | var A, B, C, D, E, F, G, H uint32
86 | A = V[0]
87 | B = V[1]
88 | C = V[2]
89 | D = V[3]
90 | E = V[4]
91 | F = V[5]
92 | G = V[6]
93 | H = V[7]
94 | wtmp := msgExp(Bmsg)
95 | for j = 0; j < 16; j++ {
96 | var jj int
97 | if j < 33 {
98 | jj = j
99 | } else {
100 | jj = j - 32
101 | }
102 | SS1 := leftRotate(leftRotate(A, 12)+E+leftRotate(0x79cc4519, uint32(jj)), 7)
103 | SS2 := SS1 ^ leftRotate(A, 12)
104 | TT1 := ff0(A, B, C) + D + SS2 + wtmp.W2[j]
105 | TT2 := gg0(E, F, G) + H + SS1 + wtmp.W1[j]
106 | D = C
107 | C = leftRotate(B, 9)
108 | B = A
109 | A = TT1
110 | H = G
111 | G = leftRotate(F, 19)
112 | F = E
113 | E = p0(TT2)
114 | }
115 | for j = 16; j < 64; j++ {
116 | var jj int
117 | if j < 33 {
118 | jj = j
119 | } else {
120 | jj = j - 32
121 | }
122 | SS1 := leftRotate(leftRotate(A, 12)+E+leftRotate(0x7a879d8a, uint32(jj)), 7)
123 | SS2 := SS1 ^ leftRotate(A, 12)
124 | TT1 := ff1(A, B, C) + D + SS2 + wtmp.W2[j]
125 | TT2 := gg1(E, F, G) + H + SS1 + wtmp.W1[j]
126 | D = C
127 | C = leftRotate(B, 9)
128 | B = A
129 | A = TT1
130 | H = G
131 | G = leftRotate(F, 19)
132 | F = E
133 | E = p0(TT2)
134 | }
135 |
136 | V[0] = A ^ V[0]
137 | V[1] = B ^ V[1]
138 | V[2] = C ^ V[2]
139 | V[3] = D ^ V[3]
140 | V[4] = E ^ V[4]
141 | V[5] = F ^ V[5]
142 | V[6] = G ^ V[6]
143 | V[7] = H ^ V[7]
144 |
145 | return V
146 | }
147 |
148 | func Block(dig *digest, p []byte) {
149 | var V [8]uint32
150 | for i := 0; i < 8; i++ {
151 | V[i] = dig.h[i]
152 | }
153 | for len(p) >= 64 {
154 | m := [16]uint32{}
155 | x := p[:64]
156 | xi := 0
157 | mi := 0
158 | for mi < 16 {
159 | m[mi] = (uint32(x[xi+3]) |
160 | (uint32(x[xi+2]) << 8) |
161 | (uint32(x[xi+1]) << 16) |
162 | (uint32(x[xi]) << 24))
163 | mi += 1
164 | xi += 4
165 | }
166 | V = cF(V, m)
167 | p = p[64:]
168 | }
169 | for i := 0; i < 8; i++ {
170 | dig.h[i] = V[i]
171 | }
172 | }
--------------------------------------------------------------------------------
/tls/auth.go:
--------------------------------------------------------------------------------
1 | // Copyright 2017 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package tls
6 |
7 | import (
8 | "crypto"
9 | "crypto/ecdsa"
10 | "crypto/rsa"
11 | "encoding/asn1"
12 | "errors"
13 | "fmt"
14 |
15 | "github.com/Hyperledger-TWGC/ccs-gm/sm2"
16 | )
17 |
18 | // pickSignatureAlgorithm selects a signature algorithm that is compatible with
19 | // the given public key and the list of algorithms from the peer and this side.
20 | // The lists of signature algorithms (peerSigAlgs and ourSigAlgs) are ignored
21 | // for tlsVersion < VersionTLS12.
22 | //
23 | // The returned SignatureScheme codepoint is only meaningful for TLS 1.2,
24 | // previous TLS versions have a fixed hash function.
25 | func pickSignatureAlgorithm(pubkey crypto.PublicKey, peerSigAlgs, ourSigAlgs []SignatureScheme, tlsVersion uint16) (sigAlg SignatureScheme, sigType uint8, hashFunc crypto.Hash, err error) {
26 | if tlsVersion < VersionTLS12 || len(peerSigAlgs) == 0 {
27 | // For TLS 1.1 and before, the signature algorithm could not be
28 | // negotiated and the hash is fixed based on the signature type.
29 | // For TLS 1.2, if the client didn't send signature_algorithms
30 | // extension then we can assume that it supports SHA1. See
31 | // https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
32 | switch pubkey.(type) {
33 | case *rsa.PublicKey:
34 | if tlsVersion < VersionTLS12 {
35 | return 0, signaturePKCS1v15, crypto.MD5SHA1, nil
36 | } else {
37 | return PKCS1WithSHA1, signaturePKCS1v15, crypto.SHA1, nil
38 | }
39 | case *ecdsa.PublicKey:
40 | return ECDSAWithSHA1, signatureECDSA, crypto.SHA1, nil
41 | case *sm2.PublicKey:
42 | return SM2WITHSM3, signatureSM2, crypto.SHA1, nil
43 | default:
44 | return 0, 0, 0, fmt.Errorf("tls: unsupported public key: %T", pubkey)
45 | }
46 | }
47 | for _, sigAlg := range peerSigAlgs {
48 | if !isSupportedSignatureAlgorithm(sigAlg, ourSigAlgs) {
49 | continue
50 | }
51 | hashAlg, err := lookupTLSHash(sigAlg)
52 | if err != nil {
53 | panic("tls: supported signature algorithm has an unknown hash function")
54 | }
55 | sigType := signatureFromSignatureScheme(sigAlg)
56 | switch pubkey.(type) {
57 | case *rsa.PublicKey:
58 | if sigType == signaturePKCS1v15 || sigType == signatureRSAPSS {
59 | return sigAlg, sigType, hashAlg, nil
60 | }
61 | case *ecdsa.PublicKey:
62 | if sigType == signatureECDSA {
63 | return sigAlg, sigType, hashAlg, nil
64 | }
65 | case *sm2.PublicKey:
66 | if sigType == signatureECDSA {
67 | return sigAlg, sigType, hashAlg, nil
68 | }
69 | default:
70 | return 0, 0, 0, fmt.Errorf("tls: unsupported public key: %T", pubkey)
71 | }
72 | }
73 | return 0, 0, 0, errors.New("tls: peer doesn't support any common signature algorithms")
74 | }
75 |
76 | // verifyHandshakeSignature verifies a signature against pre-hashed handshake
77 | // contents.
78 | func verifyHandshakeSignature(sigType uint8, pubkey crypto.PublicKey, hashFunc crypto.Hash, digest, sig []byte) error {
79 | switch sigType {
80 | case signatureECDSA:
81 | pubKey, ok := pubkey.(*ecdsa.PublicKey)
82 | if !ok {
83 | return errors.New("tls: ECDSA signing requires a ECDSA public key")
84 | }
85 | ecdsaSig := new(ecdsaSignature)
86 | if _, err := asn1.Unmarshal(sig, ecdsaSig); err != nil {
87 | return err
88 | }
89 | if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 {
90 | return errors.New("tls: ECDSA signature contained zero or negative values")
91 | }
92 | if !ecdsa.Verify(pubKey, digest, ecdsaSig.R, ecdsaSig.S) {
93 | return errors.New("tls: ECDSA verification failure")
94 | }
95 | case signaturePKCS1v15:
96 | pubKey, ok := pubkey.(*rsa.PublicKey)
97 | if !ok {
98 | return errors.New("tls: RSA signing requires a RSA public key")
99 | }
100 | if err := rsa.VerifyPKCS1v15(pubKey, hashFunc, digest, sig); err != nil {
101 | return err
102 | }
103 | case signatureRSAPSS:
104 | pubKey, ok := pubkey.(*rsa.PublicKey)
105 | if !ok {
106 | return errors.New("tls: RSA signing requires a RSA public key")
107 | }
108 | signOpts := &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash}
109 | if err := rsa.VerifyPSS(pubKey, hashFunc, digest, sig, signOpts); err != nil {
110 | return err
111 | }
112 | case signatureSM2:
113 | pubKey, ok := pubkey.(*sm2.PublicKey)
114 | if !ok {
115 | return errors.New("tls: SM2 signing requires a SM2 public key")
116 | }
117 | if ok := pubKey.Verify(digest, sig); !ok {
118 | return errors.New("verify sm2 signature error")
119 | }
120 | default:
121 | return errors.New("tls: unknown signature algorithm")
122 | }
123 | return nil
124 | }
125 |
--------------------------------------------------------------------------------
/x509/cert_pool.go:
--------------------------------------------------------------------------------
1 | // Copyright 2011 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "encoding/pem"
9 | "errors"
10 | "runtime"
11 | )
12 |
13 | // CertPool is a set of certificates.
14 | type CertPool struct {
15 | bySubjectKeyId map[string][]int
16 | byName map[string][]int
17 | certs []*Certificate
18 | }
19 |
20 | // NewCertPool returns a new, empty CertPool.
21 | func NewCertPool() *CertPool {
22 | return &CertPool{
23 | bySubjectKeyId: make(map[string][]int),
24 | byName: make(map[string][]int),
25 | }
26 | }
27 |
28 | func (s *CertPool) copy() *CertPool {
29 | p := &CertPool{
30 | bySubjectKeyId: make(map[string][]int, len(s.bySubjectKeyId)),
31 | byName: make(map[string][]int, len(s.byName)),
32 | certs: make([]*Certificate, len(s.certs)),
33 | }
34 | for k, v := range s.bySubjectKeyId {
35 | indexes := make([]int, len(v))
36 | copy(indexes, v)
37 | p.bySubjectKeyId[k] = indexes
38 | }
39 | for k, v := range s.byName {
40 | indexes := make([]int, len(v))
41 | copy(indexes, v)
42 | p.byName[k] = indexes
43 | }
44 | copy(p.certs, s.certs)
45 | return p
46 | }
47 |
48 | func (s *CertPool) GetCerts() []*Certificate {
49 | return s.certs
50 | }
51 |
52 | // SystemCertPool returns a copy of the system cert pool.
53 | //
54 | // Any mutations to the returned pool are not written to disk and do
55 | // not affect any other pool.
56 | //
57 | // New changes in the the system cert pool might not be reflected
58 | // in subsequent calls.
59 | func SystemCertPool() (*CertPool, error) {
60 | if runtime.GOOS == "windows" {
61 | // Issue 16736, 18609:
62 | return nil, errors.New("crypto/x509: system root pool is not available on Windows")
63 | }
64 |
65 | if sysRoots := systemRootsPool(); sysRoots != nil {
66 | return sysRoots.copy(), nil
67 | }
68 |
69 | return loadSystemRoots()
70 | }
71 |
72 | // findVerifiedParents attempts to find certificates in s which have signed the
73 | // given certificate. If any candidates were rejected then errCert will be set
74 | // to one of them, arbitrarily, and err will contain the reason that it was
75 | // rejected.
76 | func (s *CertPool) findVerifiedParents(cert *Certificate) (parents []int, errCert *Certificate, err error) {
77 | if s == nil {
78 | return
79 | }
80 | var candidates []int
81 |
82 | if len(cert.AuthorityKeyId) > 0 {
83 | candidates = s.bySubjectKeyId[string(cert.AuthorityKeyId)]
84 | }
85 | if len(candidates) == 0 {
86 | candidates = s.byName[string(cert.RawIssuer)]
87 | }
88 |
89 | for _, c := range candidates {
90 | if err = cert.CheckSignatureFrom(s.certs[c]); err == nil {
91 | parents = append(parents, c)
92 | } else {
93 | errCert = s.certs[c]
94 | }
95 | }
96 |
97 | return
98 | }
99 |
100 | func (s *CertPool) contains(cert *Certificate) bool {
101 | if s == nil {
102 | return false
103 | }
104 |
105 | candidates := s.byName[string(cert.RawSubject)]
106 | for _, c := range candidates {
107 | if s.certs[c].Equal(cert) {
108 | return true
109 | }
110 | }
111 |
112 | return false
113 | }
114 |
115 | // AddCert adds a certificate to a pool.
116 | func (s *CertPool) AddCert(cert *Certificate) {
117 | if cert == nil {
118 | panic("adding nil Certificate to CertPool")
119 | }
120 |
121 | // Check that the certificate isn't being added twice.
122 | if s.contains(cert) {
123 | return
124 | }
125 |
126 | n := len(s.certs)
127 | s.certs = append(s.certs, cert)
128 |
129 | if len(cert.SubjectKeyId) > 0 {
130 | keyId := string(cert.SubjectKeyId)
131 | s.bySubjectKeyId[keyId] = append(s.bySubjectKeyId[keyId], n)
132 | }
133 | name := string(cert.RawSubject)
134 | s.byName[name] = append(s.byName[name], n)
135 | }
136 |
137 | // AppendCertsFromPEM attempts to parse a series of PEM encoded certificates.
138 | // It appends any certificates found to s and reports whether any certificates
139 | // were successfully parsed.
140 | //
141 | // On many Linux systems, /etc/ssl/cert.pem will contain the system wide set
142 | // of root CAs in a format suitable for this function.
143 | func (s *CertPool) AppendCertsFromPEM(pemCerts []byte) (ok bool) {
144 | for len(pemCerts) > 0 {
145 | var block *pem.Block
146 | block, pemCerts = pem.Decode(pemCerts)
147 | if block == nil {
148 | break
149 | }
150 | if block.Type != "CERTIFICATE" || len(block.Headers) != 0 {
151 | continue
152 | }
153 |
154 | cert, err := ParseCertificate(block.Bytes)
155 | if err != nil {
156 | continue
157 | }
158 |
159 | s.AddCert(cert)
160 | ok = true
161 | }
162 |
163 | return
164 | }
165 |
166 | // Subjects returns a list of the DER-encoded subjects of
167 | // all of the certificates in the pool.
168 | func (s *CertPool) Subjects() [][]byte {
169 | res := make([][]byte, len(s.certs))
170 | for i, c := range s.certs {
171 | res[i] = c.RawSubject
172 | }
173 | return res
174 | }
175 |
--------------------------------------------------------------------------------
/tls/auth_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2017 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package tls
6 |
7 | import (
8 | "crypto"
9 | "testing"
10 | )
11 |
12 | func TestSignatureSelection(t *testing.T) {
13 | rsaCert := &testRSAPrivateKey.PublicKey
14 | ecdsaCert := &testECDSAPrivateKey.PublicKey
15 | sigsPKCS1WithSHA := []SignatureScheme{PKCS1WithSHA256, PKCS1WithSHA1}
16 | sigsPSSWithSHA := []SignatureScheme{PSSWithSHA256, PSSWithSHA384}
17 | sigsECDSAWithSHA := []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}
18 |
19 | tests := []struct {
20 | pubkey crypto.PublicKey
21 | peerSigAlgs []SignatureScheme
22 | ourSigAlgs []SignatureScheme
23 | tlsVersion uint16
24 |
25 | expectedSigAlg SignatureScheme // or 0 if ignored
26 | expectedSigType uint8
27 | expectedHash crypto.Hash
28 | }{
29 | // Hash is fixed for RSA in TLS 1.1 and before.
30 | // https://tools.ietf.org/html/rfc4346#page-44
31 | {rsaCert, nil, nil, VersionTLS11, 0, signaturePKCS1v15, crypto.MD5SHA1},
32 | {rsaCert, nil, nil, VersionTLS10, 0, signaturePKCS1v15, crypto.MD5SHA1},
33 | {rsaCert, nil, nil, VersionSSL30, 0, signaturePKCS1v15, crypto.MD5SHA1},
34 |
35 | // Before TLS 1.2, there is no signature_algorithms extension
36 | // nor field in CertificateRequest and digitally-signed and thus
37 | // it should be ignored.
38 | {rsaCert, sigsPKCS1WithSHA, nil, VersionTLS11, 0, signaturePKCS1v15, crypto.MD5SHA1},
39 | {rsaCert, sigsPKCS1WithSHA, sigsPKCS1WithSHA, VersionTLS11, 0, signaturePKCS1v15, crypto.MD5SHA1},
40 | // Use SHA-1 for TLS 1.0 and 1.1 with ECDSA, see https://tools.ietf.org/html/rfc4492#page-20
41 | {ecdsaCert, sigsPKCS1WithSHA, sigsPKCS1WithSHA, VersionTLS11, 0, signatureECDSA, crypto.SHA1},
42 | {ecdsaCert, sigsPKCS1WithSHA, sigsPKCS1WithSHA, VersionTLS10, 0, signatureECDSA, crypto.SHA1},
43 |
44 | // TLS 1.2 without signature_algorithms extension
45 | // https://tools.ietf.org/html/rfc5246#page-47
46 | {rsaCert, nil, sigsPKCS1WithSHA, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, crypto.SHA1},
47 | {ecdsaCert, nil, sigsPKCS1WithSHA, VersionTLS12, ECDSAWithSHA1, signatureECDSA, crypto.SHA1},
48 |
49 | {rsaCert, []SignatureScheme{PKCS1WithSHA1}, sigsPKCS1WithSHA, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, crypto.SHA1},
50 | {rsaCert, []SignatureScheme{PKCS1WithSHA256}, sigsPKCS1WithSHA, VersionTLS12, PKCS1WithSHA256, signaturePKCS1v15, crypto.SHA256},
51 | // "sha_hash" may denote hashes other than SHA-1
52 | // https://tools.ietf.org/html/draft-ietf-tls-rfc4492bis-17#page-17
53 | {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, sigsECDSAWithSHA, VersionTLS12, ECDSAWithSHA1, signatureECDSA, crypto.SHA1},
54 | {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, sigsECDSAWithSHA, VersionTLS12, ECDSAWithP256AndSHA256, signatureECDSA, crypto.SHA256},
55 |
56 | // RSASSA-PSS is defined in TLS 1.3 for TLS 1.2
57 | // https://tools.ietf.org/html/draft-ietf-tls-tls13-21#page-45
58 | {rsaCert, []SignatureScheme{PSSWithSHA256}, sigsPSSWithSHA, VersionTLS12, PSSWithSHA256, signatureRSAPSS, crypto.SHA256},
59 | }
60 |
61 | for testNo, test := range tests {
62 | sigAlg, sigType, hashFunc, err := pickSignatureAlgorithm(test.pubkey, test.peerSigAlgs, test.ourSigAlgs, test.tlsVersion)
63 | if err != nil {
64 | t.Errorf("test[%d]: unexpected error: %v", testNo, err)
65 | }
66 | if test.expectedSigAlg != 0 && test.expectedSigAlg != sigAlg {
67 | t.Errorf("test[%d]: expected signature scheme %#x, got %#x", testNo, test.expectedSigAlg, sigAlg)
68 | }
69 | if test.expectedSigType != sigType {
70 | t.Errorf("test[%d]: expected signature algorithm %#x, got %#x", testNo, test.expectedSigType, sigType)
71 | }
72 | if test.expectedHash != hashFunc {
73 | t.Errorf("test[%d]: expected hash function %#x, got %#x", testNo, test.expectedHash, hashFunc)
74 | }
75 | }
76 |
77 | badTests := []struct {
78 | pubkey crypto.PublicKey
79 | peerSigAlgs []SignatureScheme
80 | ourSigAlgs []SignatureScheme
81 | tlsVersion uint16
82 | }{
83 | {rsaCert, sigsECDSAWithSHA, sigsPKCS1WithSHA, VersionTLS12},
84 | {ecdsaCert, sigsPKCS1WithSHA, sigsPKCS1WithSHA, VersionTLS12},
85 | {ecdsaCert, sigsECDSAWithSHA, sigsPKCS1WithSHA, VersionTLS12},
86 | {rsaCert, []SignatureScheme{0}, sigsPKCS1WithSHA, VersionTLS12},
87 |
88 | // ECDSA is unspecified for SSL 3.0 in RFC 4492.
89 | // TODO a SSL 3.0 client cannot advertise signature_algorithms,
90 | // but if an application feeds an ECDSA certificate anyway, it
91 | // will be accepted rather than trigger a handshake failure. Ok?
92 | //{ecdsaCert, nil, nil, VersionSSL30},
93 | }
94 |
95 | for testNo, test := range badTests {
96 | sigAlg, sigType, hashFunc, err := pickSignatureAlgorithm(test.pubkey, test.peerSigAlgs, test.ourSigAlgs, test.tlsVersion)
97 | if err == nil {
98 | t.Errorf("test[%d]: unexpected success, got %#x %#x %#x", testNo, sigAlg, sigType, hashFunc)
99 | }
100 | }
101 | }
102 |
--------------------------------------------------------------------------------
/x509/root_darwin_arm_gen.go:
--------------------------------------------------------------------------------
1 | // Copyright 2015 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | // +build ignore
6 |
7 | // Generates root_darwin_armx.go.
8 | //
9 | // As of iOS 8, there is no API for querying the system trusted X.509 root
10 | // certificates. We could use SecTrustEvaluate to verify that a trust chain
11 | // exists for a certificate, but the x509 API requires returning the entire
12 | // chain.
13 | //
14 | // Apple publishes the list of trusted root certificates for iOS on
15 | // support.apple.com. So we parse the list and extract the certificates from
16 | // an OS X machine and embed them into the x509 package.
17 | package x509
18 |
19 | import (
20 | "bytes"
21 | "crypto/x509"
22 | "encoding/pem"
23 | "flag"
24 | "fmt"
25 | "go/format"
26 | "io/ioutil"
27 | "log"
28 | "math/big"
29 | "net/http"
30 | "os/exec"
31 | "strings"
32 | )
33 |
34 | var output = flag.String("output", "root_darwin_armx.go", "file name to write")
35 |
36 | func main() {
37 | certs, err := selectCerts()
38 | if err != nil {
39 | log.Fatal(err)
40 | }
41 |
42 | buf := new(bytes.Buffer)
43 |
44 | fmt.Fprintf(buf, "// Created by root_darwin_arm_gen --output %s; DO NOT EDIT\n", *output)
45 | fmt.Fprintf(buf, "%s", header)
46 |
47 | fmt.Fprintf(buf, "const systemRootsPEM = `\n")
48 | for _, cert := range certs {
49 | b := &pem.Block{
50 | Type: "CERTIFICATE",
51 | Bytes: cert.Raw,
52 | }
53 | if err := pem.Encode(buf, b); err != nil {
54 | log.Fatal(err)
55 | }
56 | }
57 | fmt.Fprintf(buf, "`")
58 |
59 | source, err := format.Source(buf.Bytes())
60 | if err != nil {
61 | log.Fatal("source format error:", err)
62 | }
63 | if err := ioutil.WriteFile(*output, source, 0644); err != nil {
64 | log.Fatal(err)
65 | }
66 | }
67 |
68 | func selectCerts() ([]*x509.Certificate, error) {
69 | ids, err := fetchCertIDs()
70 | if err != nil {
71 | return nil, err
72 | }
73 |
74 | scerts, err := sysCerts()
75 | if err != nil {
76 | return nil, err
77 | }
78 |
79 | var certs []*x509.Certificate
80 | for _, id := range ids {
81 | sn, ok := big.NewInt(0).SetString(id.serialNumber, 0) // 0x prefix selects hex
82 | if !ok {
83 | return nil, fmt.Errorf("invalid serial number: %q", id.serialNumber)
84 | }
85 | ski, ok := big.NewInt(0).SetString(id.subjectKeyID, 0)
86 | if !ok {
87 | return nil, fmt.Errorf("invalid Subject Key ID: %q", id.subjectKeyID)
88 | }
89 |
90 | for _, cert := range scerts {
91 | if sn.Cmp(cert.SerialNumber) != 0 {
92 | continue
93 | }
94 | cski := big.NewInt(0).SetBytes(cert.SubjectKeyId)
95 | if ski.Cmp(cski) != 0 {
96 | continue
97 | }
98 | certs = append(certs, cert)
99 | break
100 | }
101 | }
102 | return certs, nil
103 | }
104 |
105 | func sysCerts() (certs []*x509.Certificate, err error) {
106 | cmd := exec.Command("/usr/bin/security", "find-certificate", "-a", "-p", "/System/Library/Keychains/SystemRootCertificates.keychain")
107 | data, err := cmd.Output()
108 | if err != nil {
109 | return nil, err
110 | }
111 | for len(data) > 0 {
112 | var block *pem.Block
113 | block, data = pem.Decode(data)
114 | if block == nil {
115 | break
116 | }
117 | if block.Type != "CERTIFICATE" || len(block.Headers) != 0 {
118 | continue
119 | }
120 |
121 | cert, err := x509.ParseCertificate(block.Bytes)
122 | if err != nil {
123 | continue
124 | }
125 | certs = append(certs, cert)
126 | }
127 | return certs, nil
128 | }
129 |
130 | type certID struct {
131 | serialNumber string
132 | subjectKeyID string
133 | }
134 |
135 | // fetchCertIDs fetches IDs of iOS X509 certificates from apple.com.
136 | func fetchCertIDs() ([]certID, error) {
137 | resp, err := http.Get("https://support.apple.com/en-us/HT204132")
138 | if err != nil {
139 | return nil, err
140 | }
141 | defer resp.Body.Close()
142 | body, err := ioutil.ReadAll(resp.Body)
143 | if err != nil {
144 | return nil, err
145 | }
146 | text := string(body)
147 | text = text[strings.Index(text, "")]
149 |
150 | lines := strings.Split(text, "\n")
151 | var ids []certID
152 | var id certID
153 | for i, ln := range lines {
154 | if i == len(lines)-1 {
155 | break
156 | }
157 | const sn = "Serial Number:"
158 | if ln == sn {
159 | id.serialNumber = "0x" + strings.Replace(strings.TrimSpace(lines[i+1]), ":", "", -1)
160 | continue
161 | }
162 | if strings.HasPrefix(ln, sn) {
163 | // extract hex value from parentheses.
164 | id.serialNumber = ln[strings.Index(ln, "(")+1 : len(ln)-1]
165 | continue
166 | }
167 | if strings.TrimSpace(ln) == "X509v3 Subject Key Identifier:" {
168 | id.subjectKeyID = "0x" + strings.Replace(strings.TrimSpace(lines[i+1]), ":", "", -1)
169 | ids = append(ids, id)
170 | id = certID{}
171 | }
172 | }
173 | return ids, nil
174 | }
175 |
176 | const header = `
177 | // Copyright 2015 The Go Authors. All rights reserved.
178 | // Use of this source code is governed by a BSD-style
179 | // license that can be found in the LICENSE file.
180 |
181 | // +build cgo
182 | // +build darwin
183 | // +build arm arm64
184 |
185 | package x509
186 |
187 | func loadSystemRoots() (*CertPool, error) {
188 | p := NewCertPool()
189 | p.AppendCertsFromPEM([]byte(systemRootsPEM))
190 | return p, nil
191 | }
192 | `
193 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv10-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 39 01 00 00 35 03 01 71 34 00 f7 c4 |....9...5..q4...|
3 | 00000010 e6 94 b4 ca f2 af d5 0a 82 ce d4 f6 b7 4a a7 d1 |.............J..|
4 | 00000020 1a 88 65 b2 3c b2 6c ec f7 eb 4a 00 00 04 00 05 |..e.<.l...J.....|
5 | 00000030 00 ff 01 00 00 08 00 16 00 00 00 17 00 00 |..............|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................|
10 | 00000030 05 ff 01 00 01 00 16 03 01 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 01 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 01 00 86 10 00 00 82 00 80 a5 75 5a 20 2c |............uZ ,|
51 | 00000010 31 f7 61 dc 73 c7 f6 4c 06 d2 b9 c0 e8 5f cc 0c |1.a.s..L....._..|
52 | 00000020 51 70 0a 30 b2 8a bb 3b 4c 37 f6 d3 38 da 13 48 |Qp.0...;L7..8..H|
53 | 00000030 90 4f fe 41 ec 53 3c fb 07 26 77 68 07 a0 fb 71 |.O.A.S<..&wh...q|
54 | 00000040 b6 cc 3c cd b4 64 03 08 3a 76 97 6e 6c f1 b4 a9 |..<..d..:v.nl...|
55 | 00000050 af f4 e0 ce bf 36 b9 8e 37 12 de 5b ac 24 06 63 |.....6..7..[.$.c|
56 | 00000060 e2 fb 13 33 be 3b 8d 93 e3 10 95 29 21 b2 22 77 |...3.;.....)!."w|
57 | 00000070 cb 95 b2 13 b3 76 47 98 13 1b a8 cc 50 47 ed 50 |.....vG.....PG.P|
58 | 00000080 f0 cc ca 5a c6 a0 1e c9 9c 97 58 14 03 01 00 01 |...Z......X.....|
59 | 00000090 01 16 03 01 00 24 e7 fd a2 7e fd 6f 53 da 29 68 |.....$...~.oS.)h|
60 | 000000a0 c3 49 2e e9 69 a1 94 b9 e4 a0 cb a2 94 14 a6 42 |.I..i..........B|
61 | 000000b0 df 75 1e da 95 e5 60 e3 35 f1 |.u....`.5.|
62 | >>> Flow 4 (server to client)
63 | 00000000 14 03 01 00 01 01 16 03 01 00 24 44 a6 c8 7b 5f |..........$D..{_|
64 | 00000010 b9 4e c2 62 2d e0 c3 9f 76 0f b3 e5 f5 07 b7 c0 |.N.b-...v.......|
65 | 00000020 93 cd 1f 32 3c 0a 7a 83 57 4a 24 59 ac 95 f9 17 |...2<.z.WJ$Y....|
66 | 00000030 03 01 00 21 6f 02 76 2e 70 82 a0 6c 11 ce 3c b8 |...!o.v.p..l..<.|
67 | 00000040 dd d3 9e 2a ee ce d7 7f 63 1a 5b 35 d0 46 68 7d |...*....c.[5.Fh}|
68 | 00000050 21 6e 5b 64 fc 15 03 01 00 16 81 56 32 7d 51 e4 |!n[d.......V2}Q.|
69 | 00000060 08 53 85 45 65 c3 87 ac b0 58 70 4f 6f f7 64 4e |.S.Ee....XpOo.dN|
70 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv11-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 39 01 00 00 35 03 02 15 67 73 bf 3f |....9...5...gs.?|
3 | 00000010 6f 15 30 c2 34 2e c6 1b 23 3a 42 45 4d d9 87 a2 |o.0.4...#:BEM...|
4 | 00000020 e7 b8 de 1c b8 2b cc 21 7a 0b a1 00 00 04 00 05 |.....+.!z.......|
5 | 00000030 00 ff 01 00 00 08 00 16 00 00 00 17 00 00 |..............|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 02 00 31 02 00 00 2d 03 02 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................|
10 | 00000030 05 ff 01 00 01 00 16 03 02 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 02 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 02 00 86 10 00 00 82 00 80 75 8e 85 93 be |...........u....|
51 | 00000010 53 df e0 4f 65 92 ed 3d 58 34 f8 06 fd 36 e4 5a |S..Oe..=X4...6.Z|
52 | 00000020 f7 7a 59 88 f6 ac bd de 21 ed c4 04 0d 35 19 cd |.zY.....!....5..|
53 | 00000030 ff 3b 9f c4 bc 93 4f 21 2a 36 a3 99 a4 6f eb 1e |.;....O!*6...o..|
54 | 00000040 7b b4 a8 a7 6d 69 a5 93 b6 e3 d2 2d be 7a c8 f3 |{...mi.....-.z..|
55 | 00000050 9f 25 9e f9 51 75 d9 4f 05 41 0e 17 56 31 4e 3f |.%..Qu.O.A..V1N?|
56 | 00000060 c0 15 d8 c4 29 4d e5 92 f9 ed 50 b6 88 f1 41 ea |....)M....P...A.|
57 | 00000070 cb 5a 8c 50 12 78 16 e7 21 b6 11 ca 2c 49 cf b6 |.Z.P.x..!...,I..|
58 | 00000080 d2 1a 16 28 f7 08 b5 c9 61 e0 18 14 03 02 00 01 |...(....a.......|
59 | 00000090 01 16 03 02 00 24 a1 cf 1b 5d dc 4c 9c 2c d7 39 |.....$...].L.,.9|
60 | 000000a0 af 13 e9 04 48 c0 2a aa 6f 3a 9c fb 9e 0a 25 55 |....H.*.o:....%U|
61 | 000000b0 7e 82 3d 1b 78 d1 e3 e0 f5 30 |~.=.x....0|
62 | >>> Flow 4 (server to client)
63 | 00000000 14 03 02 00 01 01 16 03 02 00 24 7b 68 71 56 0f |..........${hqV.|
64 | 00000010 a5 46 1c 13 34 81 b5 b6 ba 29 fb 41 46 dc fe 78 |.F..4....).AF..x|
65 | 00000020 cc 0b 2d 75 bd fe c1 55 45 b1 fc 04 28 5e b1 17 |..-u...UE...(^..|
66 | 00000030 03 02 00 21 0b fa a9 2f 9e 82 5b 77 30 c2 27 88 |...!.../..[w0.'.|
67 | 00000040 f5 f3 50 47 7b 62 4c 7a d4 07 71 74 46 da 24 de |..PG{bLz..qtF.$.|
68 | 00000050 bf 3f 56 a7 9b 15 03 02 00 16 85 26 8a 89 33 21 |.?V........&..3!|
69 | 00000060 36 ce 69 83 84 50 fc 8f 99 b3 43 ad 6b 14 1e b2 |6.i..P....C.k...|
70 |
--------------------------------------------------------------------------------
/tls/testdata/Server-SSLv3-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 00 00 2f 01 00 00 2b 03 00 3f cc 8d 3f f0 |..../...+..?..?.|
3 | 00000010 c9 36 6f 43 43 c1 46 45 cd bf e5 ba 02 e6 55 2c |.6oCC.FE......U,|
4 | 00000020 3a 24 4a db cb a8 f2 1d 26 3e ef 00 00 04 00 05 |:$J.....&>......|
5 | 00000030 00 ff 01 00 |....|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 00 00 31 02 00 00 2d 03 00 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................|
10 | 00000030 05 ff 01 00 01 00 16 03 00 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 00 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 00 00 84 10 00 00 80 13 5d 75 f0 6d 24 54 |..........]u.m$T|
51 | 00000010 f5 a1 f0 13 86 61 ce ea 66 86 06 eb c8 27 78 9f |.....a..f....'x.|
52 | 00000020 10 0d ef 94 3f 1b fb 8c 11 14 67 2a 0e 2a 1b cf |....?.....g*.*..|
53 | 00000030 ae 5a cb ac b8 b2 ea a8 70 85 ee fd 88 a9 61 a4 |.Z......p.....a.|
54 | 00000040 75 66 86 a5 88 96 a0 0d 6f 77 fe 63 5e 88 60 4d |uf......ow.c^.`M|
55 | 00000050 f6 b7 93 28 99 72 e8 60 ed 64 9a 3f e6 12 ea ee |...(.r.`.d.?....|
56 | 00000060 83 58 d4 0c 19 e0 2b ce b0 b4 fa 73 9f 78 d9 09 |.X....+....s.x..|
57 | 00000070 8c 17 b8 f5 04 e1 de c4 fe a9 1a aa ba 0d be f3 |................|
58 | 00000080 c8 e1 e4 e8 cc 39 4c f0 b9 14 03 00 00 01 01 16 |.....9L.........|
59 | 00000090 03 00 00 3c 1b 70 07 7f ad 8f a7 78 fd e8 eb b2 |...<.p.....x....|
60 | 000000a0 9a 54 86 a2 dd bc fa b6 0a 52 48 24 79 6a 04 f6 |.T.......RH$yj..|
61 | 000000b0 28 80 1f b7 b1 c6 4e 07 a3 52 60 5a 5a 81 14 11 |(.....N..R`ZZ...|
62 | 000000c0 d2 ee 33 71 e7 d3 ba 3e 4b 31 81 f2 f0 49 ee e4 |..3q...>K1...I..|
63 | >>> Flow 4 (server to client)
64 | 00000000 14 03 00 00 01 01 16 03 00 00 3c 47 20 7c b9 0d |............Ht...........|
71 | 00000070 00 16 67 0d 6d 69 53 87 92 23 21 51 72 f6 31 73 |..g.miS..#!Qr.1s|
72 | 00000080 db bd 3c e6 f4 12 4c 69 |..<...Li|
73 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv12-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 5d 01 00 00 59 03 03 55 3e 1a 3f cc |....]...Y..U>.?.|
3 | 00000010 14 18 07 db 5e 97 15 33 62 9d de 56 7b ea 52 bf |....^..3b..V{.R.|
4 | 00000020 a3 ce c2 75 3f 52 0a 2f 3e 99 07 00 00 04 00 05 |...u?R./>.......|
5 | 00000030 00 ff 01 00 00 2c 00 0d 00 20 00 1e 06 01 06 02 |.....,... ......|
6 | 00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................|
7 | 00000050 03 02 03 03 02 01 02 02 02 03 00 16 00 00 00 17 |................|
8 | 00000060 00 00 |..|
9 | >>> Flow 2 (server to client)
10 | 00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
11 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
12 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 |................|
13 | 00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
14 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
15 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
16 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
17 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
18 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
19 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
20 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
21 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
22 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
23 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
24 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
25 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
26 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
27 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
28 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
29 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
30 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
31 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
32 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
33 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
34 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
35 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
36 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
37 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
38 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
39 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
40 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
41 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
42 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
43 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
44 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
45 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
46 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
47 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
48 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
49 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
50 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
51 | 00000290 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............|
52 | >>> Flow 3 (client to server)
53 | 00000000 16 03 03 00 86 10 00 00 82 00 80 a7 55 0a e7 33 |............U..3|
54 | 00000010 8e be 5a 3a b4 f4 06 6e fc 0e 42 6e f3 0c 01 5a |..Z:...n..Bn...Z|
55 | 00000020 65 73 36 bd cd be 0f 65 2f d2 88 1a f0 5e f8 07 |es6....e/....^..|
56 | 00000030 c1 fe 5f 5f d6 f5 fa 79 24 44 0d 33 4f e6 74 88 |..__...y$D.3O.t.|
57 | 00000040 86 f1 76 84 29 b4 f2 ae eb 9b 00 a2 6a e4 97 58 |..v.).......j..X|
58 | 00000050 8b 2e 04 8f 8f 5e fe b4 9d 38 1d 8d 40 a4 9b a2 |.....^...8..@...|
59 | 00000060 17 50 8a e5 39 c9 e9 41 3e 0d 9c 42 2c 7a 88 bf |.P..9..A>..B,z..|
60 | 00000070 f7 09 4e 27 0b fe cc 53 13 07 d5 7e 0e e6 02 3c |..N'...S...~...<|
61 | 00000080 8a 3f f9 03 df b6 65 a0 77 ee 50 14 03 03 00 01 |.?....e.w.P.....|
62 | 00000090 01 16 03 03 00 24 5f 41 3e 38 05 08 74 62 5b 4e |.....$_A>8..tb[N|
63 | 000000a0 94 55 98 74 5c 65 1a 4c 49 08 1d 77 d7 f0 12 47 |.U.t\e.LI..w...G|
64 | 000000b0 d2 ef a6 31 5c 36 03 b5 b5 9d |...1\6....|
65 | >>> Flow 4 (server to client)
66 | 00000000 14 03 03 00 01 01 16 03 03 00 24 6f 68 a2 c0 4d |..........$oh..M|
67 | 00000010 f4 cb c0 e5 8b 19 f9 2e 46 c3 3b 92 eb a9 42 8b |........F.;...B.|
68 | 00000020 03 4a e2 62 9d f1 c0 39 b1 63 61 08 15 b0 ca 17 |.J.b...9.ca.....|
69 | 00000030 03 03 00 21 50 9e 16 ce 7e af 8f 43 d1 1c 30 37 |...!P...~..C..07|
70 | 00000040 85 e9 68 3a 9c 7e 26 90 dc 14 b1 ec 91 20 2b 4a |..h:.~&...... +J|
71 | 00000050 24 b4 fa b1 50 15 03 03 00 16 59 74 08 41 73 01 |$...P.....Yt.As.|
72 | 00000060 22 19 0b 35 6b 4d ee d2 15 50 42 de cc cf cc 09 |"..5kM...PB.....|
73 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv10-RSA-3DES:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 39 01 00 00 35 03 01 58 71 a3 0c c4 |....9...5..Xq...|
3 | 00000010 b6 b0 33 0a 66 3c eb c6 f4 d9 0e 99 75 d4 9e b6 |..3.f<......u...|
4 | 00000020 03 b4 ae ae ad bc a8 ab 64 a0 27 00 00 04 00 0a |........d.'.....|
5 | 00000030 00 ff 01 00 00 08 00 16 00 00 00 17 00 00 |..............|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 |................|
10 | 00000030 05 ff 01 00 01 00 16 03 01 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 01 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 01 00 86 10 00 00 82 00 80 ab 50 cd 04 9e |............P...|
51 | 00000010 db 19 e4 18 26 ff 59 41 20 02 a5 a2 20 a3 1c 44 |....&.YA ... ..D|
52 | 00000020 02 bc 9a 1c d9 d7 5d 5b 55 fc 2a 4d 2b 03 22 b1 |......][U.*M+.".|
53 | 00000030 de 96 10 84 6f e3 f2 22 2d 6f cb 29 07 43 a6 6e |....o.."-o.).C.n|
54 | 00000040 ce 23 64 f7 72 2b dc 9b c0 6f 7f bd 8e cf e2 7f |.#d.r+...o......|
55 | 00000050 75 12 24 72 23 6b 26 08 69 76 17 c0 21 91 c0 7d |u.$r#k&.iv..!..}|
56 | 00000060 8c 8f 20 83 08 02 0d 73 27 23 91 35 5f 3f e6 56 |.. ....s'#.5_?.V|
57 | 00000070 1d 69 d3 1d 3b 0e fa 60 86 8b 40 ad c0 48 59 60 |.i..;..`..@..HY`|
58 | 00000080 45 eb b0 77 2c 91 94 75 fd 6a d3 14 03 01 00 01 |E..w,..u.j......|
59 | 00000090 01 16 03 01 00 28 8b 25 c1 8f 25 32 b5 cb 74 6d |.....(.%..%2..tm|
60 | 000000a0 08 67 59 a3 ae ae 16 f9 fa 03 f6 54 42 f4 56 3f |.gY........TB.V?|
61 | 000000b0 c4 12 66 f3 1a b0 48 95 24 79 fe 41 a5 d1 |..f...H.$y.A..|
62 | >>> Flow 4 (server to client)
63 | 00000000 14 03 01 00 01 01 16 03 01 00 28 ff 69 ed 0f 20 |..........(.i.. |
64 | 00000010 ff e1 42 78 b9 bc a8 61 48 82 08 a0 01 a5 98 91 |..Bx...aH.......|
65 | 00000020 3e 39 d4 6d 17 38 a2 04 18 ed 90 3c f0 cf 6a 9a |>9.m.8.....<..j.|
66 | 00000030 ea c5 45 17 03 01 00 18 b5 76 2c 0e f1 34 51 e5 |..E......v,..4Q.|
67 | 00000040 f5 38 d3 9f c9 c5 d5 19 35 c3 2e ec 18 df 8e c8 |.8......5.......|
68 | 00000050 17 03 01 00 28 47 6f e9 c0 fa b3 21 ec 6c 16 e7 |....(Go....!.l..|
69 | 00000060 71 a8 09 15 17 86 68 1c cf fa ea 37 68 d3 33 ef |q.....h....7h.3.|
70 | 00000070 4a b1 95 46 5b 16 d7 95 f8 13 65 2f 93 15 03 01 |J..F[.....e/....|
71 | 00000080 00 18 1b 0c 09 81 ff fc 6d 82 84 ab 83 98 fc 72 |........m......r|
72 | 00000090 f5 4a a0 eb 08 96 79 01 76 26 |.J....y.v&|
73 |
--------------------------------------------------------------------------------
/tls/ticket.go:
--------------------------------------------------------------------------------
1 | // Copyright 2012 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package tls
6 |
7 | import (
8 | "bytes"
9 | "crypto/aes"
10 | "crypto/cipher"
11 | "crypto/hmac"
12 | "crypto/sha256"
13 | "crypto/subtle"
14 | "errors"
15 | "io"
16 | )
17 |
18 | // sessionState contains the information that is serialized into a session
19 | // ticket in order to later resume a connection.
20 | type sessionState struct {
21 | vers uint16
22 | cipherSuite uint16
23 | masterSecret []byte
24 | certificates [][]byte
25 | // usedOldKey is true if the ticket from which this session came from
26 | // was encrypted with an older key and thus should be refreshed.
27 | usedOldKey bool
28 | }
29 |
30 | func (s *sessionState) equal(i interface{}) bool {
31 | s1, ok := i.(*sessionState)
32 | if !ok {
33 | return false
34 | }
35 |
36 | if s.vers != s1.vers ||
37 | s.cipherSuite != s1.cipherSuite ||
38 | !bytes.Equal(s.masterSecret, s1.masterSecret) {
39 | return false
40 | }
41 |
42 | if len(s.certificates) != len(s1.certificates) {
43 | return false
44 | }
45 |
46 | for i := range s.certificates {
47 | if !bytes.Equal(s.certificates[i], s1.certificates[i]) {
48 | return false
49 | }
50 | }
51 |
52 | return true
53 | }
54 |
55 | func (s *sessionState) marshal() []byte {
56 | length := 2 + 2 + 2 + len(s.masterSecret) + 2
57 | for _, cert := range s.certificates {
58 | length += 4 + len(cert)
59 | }
60 |
61 | ret := make([]byte, length)
62 | x := ret
63 | x[0] = byte(s.vers >> 8)
64 | x[1] = byte(s.vers)
65 | x[2] = byte(s.cipherSuite >> 8)
66 | x[3] = byte(s.cipherSuite)
67 | x[4] = byte(len(s.masterSecret) >> 8)
68 | x[5] = byte(len(s.masterSecret))
69 | x = x[6:]
70 | copy(x, s.masterSecret)
71 | x = x[len(s.masterSecret):]
72 |
73 | x[0] = byte(len(s.certificates) >> 8)
74 | x[1] = byte(len(s.certificates))
75 | x = x[2:]
76 |
77 | for _, cert := range s.certificates {
78 | x[0] = byte(len(cert) >> 24)
79 | x[1] = byte(len(cert) >> 16)
80 | x[2] = byte(len(cert) >> 8)
81 | x[3] = byte(len(cert))
82 | copy(x[4:], cert)
83 | x = x[4+len(cert):]
84 | }
85 |
86 | return ret
87 | }
88 |
89 | func (s *sessionState) unmarshal(data []byte) bool {
90 | if len(data) < 8 {
91 | return false
92 | }
93 |
94 | s.vers = uint16(data[0])<<8 | uint16(data[1])
95 | s.cipherSuite = uint16(data[2])<<8 | uint16(data[3])
96 | masterSecretLen := int(data[4])<<8 | int(data[5])
97 | data = data[6:]
98 | if len(data) < masterSecretLen {
99 | return false
100 | }
101 |
102 | s.masterSecret = data[:masterSecretLen]
103 | data = data[masterSecretLen:]
104 |
105 | if len(data) < 2 {
106 | return false
107 | }
108 |
109 | numCerts := int(data[0])<<8 | int(data[1])
110 | data = data[2:]
111 |
112 | s.certificates = make([][]byte, numCerts)
113 | for i := range s.certificates {
114 | if len(data) < 4 {
115 | return false
116 | }
117 | certLen := int(data[0])<<24 | int(data[1])<<16 | int(data[2])<<8 | int(data[3])
118 | data = data[4:]
119 | if certLen < 0 {
120 | return false
121 | }
122 | if len(data) < certLen {
123 | return false
124 | }
125 | s.certificates[i] = data[:certLen]
126 | data = data[certLen:]
127 | }
128 |
129 | return len(data) == 0
130 | }
131 |
132 | func (c *Conn) encryptTicket(state *sessionState) ([]byte, error) {
133 | serialized := state.marshal()
134 | encrypted := make([]byte, ticketKeyNameLen+aes.BlockSize+len(serialized)+sha256.Size)
135 | keyName := encrypted[:ticketKeyNameLen]
136 | iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
137 | macBytes := encrypted[len(encrypted)-sha256.Size:]
138 |
139 | if _, err := io.ReadFull(c.config.rand(), iv); err != nil {
140 | return nil, err
141 | }
142 | key := c.config.ticketKeys()[0]
143 | copy(keyName, key.keyName[:])
144 | block, err := aes.NewCipher(key.aesKey[:])
145 | if err != nil {
146 | return nil, errors.New("tls: failed to create cipher while encrypting ticket: " + err.Error())
147 | }
148 | cipher.NewCTR(block, iv).XORKeyStream(encrypted[ticketKeyNameLen+aes.BlockSize:], serialized)
149 |
150 | mac := hmac.New(sha256.New, key.hmacKey[:])
151 | mac.Write(encrypted[:len(encrypted)-sha256.Size])
152 | mac.Sum(macBytes[:0])
153 |
154 | return encrypted, nil
155 | }
156 |
157 | func (c *Conn) decryptTicket(encrypted []byte) (*sessionState, bool) {
158 | if c.config.SessionTicketsDisabled ||
159 | len(encrypted) < ticketKeyNameLen+aes.BlockSize+sha256.Size {
160 | return nil, false
161 | }
162 |
163 | keyName := encrypted[:ticketKeyNameLen]
164 | iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
165 | macBytes := encrypted[len(encrypted)-sha256.Size:]
166 |
167 | keys := c.config.ticketKeys()
168 | keyIndex := -1
169 | for i, candidateKey := range keys {
170 | if bytes.Equal(keyName, candidateKey.keyName[:]) {
171 | keyIndex = i
172 | break
173 | }
174 | }
175 |
176 | if keyIndex == -1 {
177 | return nil, false
178 | }
179 | key := &keys[keyIndex]
180 |
181 | mac := hmac.New(sha256.New, key.hmacKey[:])
182 | mac.Write(encrypted[:len(encrypted)-sha256.Size])
183 | expected := mac.Sum(nil)
184 |
185 | if subtle.ConstantTimeCompare(macBytes, expected) != 1 {
186 | return nil, false
187 | }
188 |
189 | block, err := aes.NewCipher(key.aesKey[:])
190 | if err != nil {
191 | return nil, false
192 | }
193 | ciphertext := encrypted[ticketKeyNameLen+aes.BlockSize : len(encrypted)-sha256.Size]
194 | plaintext := ciphertext
195 | cipher.NewCTR(block, iv).XORKeyStream(plaintext, ciphertext)
196 |
197 | state := &sessionState{usedOldKey: keyIndex > 0}
198 | ok := state.unmarshal(plaintext)
199 | return state, ok
200 | }
201 |
--------------------------------------------------------------------------------
/x509/sec1.go:
--------------------------------------------------------------------------------
1 | // Copyright 2012 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "crypto/ecdsa"
9 | "crypto/elliptic"
10 | "encoding/asn1"
11 | "errors"
12 | "fmt"
13 | "github.com/Hyperledger-TWGC/ccs-gm/sm2"
14 | "math/big"
15 | )
16 |
17 | const ecPrivKeyVersion = 1
18 |
19 | // ecPrivateKey reflects an ASN.1 Elliptic Curve Private Key Structure.
20 | // References:
21 | // RFC 5915
22 | // SEC1 - http://www.secg.org/sec1-v2.pdf
23 | // Per RFC 5915 the NamedCurveOID is marked as ASN.1 OPTIONAL, however in
24 | // most cases it is not.
25 | type ecPrivateKey struct {
26 | Version int
27 | PrivateKey []byte
28 | NamedCurveOID asn1.ObjectIdentifier `asn1:"optional,explicit,tag:0"`
29 | PublicKey asn1.BitString `asn1:"optional,explicit,tag:1"`
30 | }
31 |
32 | // ParseECPrivateKey parses an ASN.1 Elliptic Curve Private Key Structure.
33 | func ParseECPrivateKey(der []byte) (interface{}, error) {
34 | return parseECPrivateKey(nil, der)
35 | }
36 |
37 | // MarshalECPrivateKey marshals an EC private key into ASN.1, DER format.
38 | func MarshalECPrivateKey(key interface{}) ([]byte, error) {
39 | var curve elliptic.Curve
40 | var x, y *big.Int
41 | var privateKeyBytes []byte
42 |
43 | switch key := key.(type) {
44 | case *ecdsa.PrivateKey:
45 | privateKeyBytes = key.D.Bytes()
46 | curve = key.Curve
47 | x = key.X
48 | y = key.Y
49 | case *sm2.PrivateKey:
50 | privateKeyBytes = key.D.Bytes()
51 | curve = key.Curve
52 | x = key.X
53 | y = key.Y
54 | }
55 | oid, ok := oidFromNamedCurve(curve)
56 | if !ok {
57 | return nil, errors.New("x509: unknown elliptic curve")
58 | }
59 |
60 | //privateKeyBytes := key.D.Bytes()
61 | paddedPrivateKey := make([]byte, (curve.Params().N.BitLen()+7)/8)
62 | copy(paddedPrivateKey[len(paddedPrivateKey)-len(privateKeyBytes):], privateKeyBytes)
63 |
64 | return asn1.Marshal(ecPrivateKey{
65 | Version: 1,
66 | PrivateKey: paddedPrivateKey,
67 | NamedCurveOID: oid,
68 | PublicKey: asn1.BitString{Bytes: elliptic.Marshal(curve, x, y)},
69 | })
70 | }
71 |
72 | // parseECPrivateKey parses an ASN.1 Elliptic Curve Private Key Structure.
73 | // The OID for the named curve may be provided from another source (such as
74 | // the PKCS8 container) - if it is provided then use this instead of the OID
75 | // that may exist in the EC private key structure.
76 | func parseECPrivateKey(namedCurveOID *asn1.ObjectIdentifier, der []byte) (key interface{}, err error) {
77 | var privKey ecPrivateKey
78 | if _, err := asn1.Unmarshal(der, &privKey); err != nil {
79 | return nil, errors.New("x509: failed to parse EC private key: " + err.Error())
80 | }
81 | if privKey.Version != ecPrivKeyVersion {
82 | return nil, fmt.Errorf("x509: unknown EC private key version %d", privKey.Version)
83 | }
84 |
85 | var curve elliptic.Curve
86 | if namedCurveOID != nil {
87 | curve = namedCurveFromOID(*namedCurveOID)
88 | } else {
89 | curve = namedCurveFromOID(privKey.NamedCurveOID)
90 | }
91 | if curve == nil {
92 | return nil, errors.New("x509: unknown elliptic curve")
93 | }
94 |
95 | k := new(big.Int).SetBytes(privKey.PrivateKey)
96 | curveOrder := curve.Params().N
97 | if k.Cmp(curveOrder) >= 0 {
98 | return nil, errors.New("x509: invalid elliptic curve private key value")
99 | }
100 |
101 | switch curve {
102 | case sm2.P256():
103 | k := new(big.Int).SetBytes(privKey.PrivateKey)
104 | curveOrder := curve.Params().N
105 | if k.Cmp(curveOrder) >= 0 {
106 | return nil, errors.New("x509: invalid elliptic curve private key value")
107 | }
108 | priv := new(sm2.PrivateKey)
109 | priv.Curve = curve
110 | priv.D = k
111 |
112 | privateKey := make([]byte, (curveOrder.BitLen()+7)/8)
113 |
114 | // Some private keys have leading zero padding. This is invalid
115 | // according to [SEC1], but this code will ignore it.
116 | for len(privKey.PrivateKey) > len(privateKey) {
117 | if privKey.PrivateKey[0] != 0 {
118 | return nil, errors.New("x509: invalid private key length")
119 | }
120 | privKey.PrivateKey = privKey.PrivateKey[1:]
121 | }
122 |
123 | // Some private keys remove all leading zeros, this is also invalid
124 | // according to [SEC1] but since OpenSSL used to do this, we ignore
125 | // this too.
126 | copy(privateKey[len(privateKey)-len(privKey.PrivateKey):], privKey.PrivateKey)
127 | priv.X, priv.Y = curve.ScalarBaseMult(privateKey)
128 |
129 | return priv, nil
130 |
131 | case elliptic.P224(), elliptic.P256(), elliptic.P384(), elliptic.P521():
132 | k := new(big.Int).SetBytes(privKey.PrivateKey)
133 | curveOrder := curve.Params().N
134 | if k.Cmp(curveOrder) >= 0 {
135 | return nil, errors.New("x509: invalid elliptic curve private key value")
136 | }
137 | priv := new(ecdsa.PrivateKey)
138 | priv.Curve = curve
139 | priv.D = k
140 |
141 | privateKey := make([]byte, (curveOrder.BitLen()+7)/8)
142 |
143 | // Some private keys have leading zero padding. This is invalid
144 | // according to [SEC1], but this code will ignore it.
145 | for len(privKey.PrivateKey) > len(privateKey) {
146 | if privKey.PrivateKey[0] != 0 {
147 | return nil, errors.New("x509: invalid private key length")
148 | }
149 | privKey.PrivateKey = privKey.PrivateKey[1:]
150 | }
151 |
152 | // Some private keys remove all leading zeros, this is also invalid
153 | // according to [SEC1] but since OpenSSL used to do this, we ignore
154 | // this too.
155 | copy(privateKey[len(privateKey)-len(privKey.PrivateKey):], privKey.PrivateKey)
156 | priv.X, priv.Y = curve.ScalarBaseMult(privateKey)
157 |
158 | return priv, nil
159 | default:
160 | return nil, errors.New("x509: invalid private key curve param")
161 | }
162 | }
163 |
--------------------------------------------------------------------------------
/tls/example_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2014 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package tls_test
6 |
7 | import (
8 | "github.com/Hyperledger-TWGC/ccs-gm/tls"
9 | "github.com/Hyperledger-TWGC/ccs-gm/x509"
10 | "log"
11 | )
12 |
13 | // zeroSource is an io.Reader that returns an unlimited number of zero bytes.
14 | type zeroSource struct{}
15 |
16 | func (zeroSource) Read(b []byte) (n int, err error) {
17 | for i := range b {
18 | b[i] = 0
19 | }
20 |
21 | return len(b), nil
22 | }
23 |
24 | func ExampleDial() {
25 | // Connecting with a custom root-certificate set.
26 |
27 | const rootPEM = `
28 | -----BEGIN CERTIFICATE-----
29 | MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
30 | MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
31 | YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG
32 | EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
33 | bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
34 | AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
35 | VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
36 | h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
37 | ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
38 | EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
39 | DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7
40 | qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD
41 | VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g
42 | K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI
43 | KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n
44 | ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB
45 | BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY
46 | /iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/
47 | zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza
48 | HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto
49 | WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6
50 | yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx
51 | -----END CERTIFICATE-----`
52 |
53 | // First, create the set of root certificates. For this example we only
54 | // have one. It's also possible to omit this in order to use the
55 | // default root set of the current operating system.
56 | roots := x509.NewCertPool()
57 | ok := roots.AppendCertsFromPEM([]byte(rootPEM))
58 | if !ok {
59 | panic("failed to parse root certificate")
60 | }
61 |
62 | conn, err := tls.Dial("tcp", "mail.google.com:443", &tls.Config{
63 | RootCAs: roots,
64 | })
65 | if err != nil {
66 | panic("failed to connect: " + err.Error())
67 | }
68 | conn.Close()
69 | }
70 |
71 | func ExampleLoadX509KeyPair() {
72 | cert, err := tls.LoadX509KeyPair("testdata/example-cert.pem", "testdata/example-key.pem")
73 | if err != nil {
74 | log.Fatal(err)
75 | }
76 | cfg := &tls.Config{Certificates: []tls.Certificate{cert}}
77 | listener, err := tls.Listen("tcp", ":2000", cfg)
78 | if err != nil {
79 | log.Fatal(err)
80 | }
81 | _ = listener
82 | }
83 |
84 | func ExampleX509KeyPair() {
85 | certPem := []byte(`-----BEGIN CERTIFICATE-----
86 | MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw
87 | DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow
88 | EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d
89 | 7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B
90 | 5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr
91 | BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1
92 | NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l
93 | Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc
94 | 6MF9+Yw1Yy0t
95 | -----END CERTIFICATE-----`)
96 | keyPem := []byte(`-----BEGIN EC PRIVATE KEY-----
97 | MHcCAQEEIIrYSSNQFaA2Hwf1duRSxKtLYX5CB04fSeQ6tF1aY/PuoAoGCCqGSM49
98 | AwEHoUQDQgAEPR3tU2Fta9ktY+6P9G0cWO+0kETA6SFs38GecTyudlHz6xvCdz8q
99 | EKTcWGekdmdDPsHloRNtsiCa697B2O9IFA==
100 | -----END EC PRIVATE KEY-----`)
101 | cert, err := tls.X509KeyPair(certPem, keyPem)
102 | if err != nil {
103 | log.Fatal(err)
104 | }
105 | cfg := &tls.Config{Certificates: []tls.Certificate{cert}}
106 | listener, err := tls.Listen("tcp", ":2000", cfg)
107 | if err != nil {
108 | log.Fatal(err)
109 | }
110 | _ = listener
111 | }
112 |
113 | //func ExampleX509KeyPair_httpServer() {
114 | // certPem := []byte(`-----BEGIN CERTIFICATE-----
115 | //MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw
116 | //DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow
117 | //EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d
118 | //7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B
119 | //5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr
120 | //BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1
121 | //NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l
122 | //Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc
123 | //6MF9+Yw1Yy0t
124 | //-----END CERTIFICATE-----`)
125 | // keyPem := []byte(`-----BEGIN EC PRIVATE KEY-----
126 | //MHcCAQEEIIrYSSNQFaA2Hwf1duRSxKtLYX5CB04fSeQ6tF1aY/PuoAoGCCqGSM49
127 | //AwEHoUQDQgAEPR3tU2Fta9ktY+6P9G0cWO+0kETA6SFs38GecTyudlHz6xvCdz8q
128 | //EKTcWGekdmdDPsHloRNtsiCa697B2O9IFA==
129 | //-----END EC PRIVATE KEY-----`)
130 | // cert, err := tls.X509KeyPair(certPem, keyPem)
131 | // if err != nil {
132 | // log.Fatal(err)
133 | // }
134 | // cfg := &tls.Config{Certificates: []tls.Certificate{cert}}
135 | // srv := &http.Server{
136 | // TLSConfig: cfg,
137 | // ReadTimeout: time.Minute,
138 | // WriteTimeout: time.Minute,
139 | // }
140 | // log.Fatal(srv.ListenAndServeTLS("", ""))
141 | //}
142 |
--------------------------------------------------------------------------------
/x509/example_test.go:
--------------------------------------------------------------------------------
1 | // Copyright 2014 The Go Authors. All rights reserved.
2 | // Use of this source code is governed by a BSD-style
3 | // license that can be found in the LICENSE file.
4 |
5 | package x509
6 |
7 | import (
8 | "crypto/dsa"
9 | "crypto/ecdsa"
10 | "crypto/rsa"
11 | "crypto/x509"
12 | "encoding/pem"
13 | "fmt"
14 | )
15 |
16 | func ExampleCertificate_Verify() {
17 | // Verifying with a custom list of root certificates.
18 |
19 | const rootPEM = `
20 | -----BEGIN CERTIFICATE-----
21 | MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
22 | MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
23 | YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG
24 | EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy
25 | bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
26 | AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP
27 | VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv
28 | h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE
29 | ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ
30 | EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC
31 | DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7
32 | qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD
33 | VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g
34 | K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI
35 | KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n
36 | ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB
37 | BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY
38 | /iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/
39 | zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza
40 | HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto
41 | WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6
42 | yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx
43 | -----END CERTIFICATE-----`
44 |
45 | const certPEM = `
46 | -----BEGIN CERTIFICATE-----
47 | MIIDujCCAqKgAwIBAgIIE31FZVaPXTUwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
48 | BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
49 | cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwMTI5MTMyNzQzWhcNMTQwNTI5MDAwMDAw
50 | WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
51 | TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEYMBYGA1UEAwwPbWFp
52 | bC5nb29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfRrObuSW5T7q
53 | 5CnSEqefEmtH4CCv6+5EckuriNr1CjfVvqzwfAhopXkLrq45EQm8vkmf7W96XJhC
54 | 7ZM0dYi1/qOCAU8wggFLMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAa
55 | BgNVHREEEzARgg9tYWlsLmdvb2dsZS5jb20wCwYDVR0PBAQDAgeAMGgGCCsGAQUF
56 | BwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29tL0dJQUcy
57 | LmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5jb20vb2Nz
58 | cDAdBgNVHQ4EFgQUiJxtimAuTfwb+aUtBn5UYKreKvMwDAYDVR0TAQH/BAIwADAf
59 | BgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAOMAwGCisG
60 | AQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29nbGUuY29t
61 | L0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAH6RYHxHdcGpMpFE3oxDoFnP+
62 | gtuBCHan2yE2GRbJ2Cw8Lw0MmuKqHlf9RSeYfd3BXeKkj1qO6TVKwCh+0HdZk283
63 | TZZyzmEOyclm3UGFYe82P/iDFt+CeQ3NpmBg+GoaVCuWAARJN/KfglbLyyYygcQq
64 | 0SgeDh8dRKUiaW3HQSoYvTvdTuqzwK4CXsr3b5/dAOY8uMuG/IAR3FgwTbZ1dtoW
65 | RvOTa8hYiU6A475WuZKyEHcwnGYe57u2I2KbMgcKjPniocj4QzgYsVAVKW3IwaOh
66 | yE+vPxsiUkvQHdO2fojCkY8jg70jxM+gu59tPDNbw3Uh/2Ij310FgTHsnGQMyA==
67 | -----END CERTIFICATE-----`
68 |
69 | // First, create the set of root certificates. For this example we only
70 | // have one. It's also possible to omit this in order to use the
71 | // default root set of the current operating system.
72 | roots := x509.NewCertPool()
73 | ok := roots.AppendCertsFromPEM([]byte(rootPEM))
74 | if !ok {
75 | panic("failed to parse root certificate")
76 | }
77 |
78 | block, _ := pem.Decode([]byte(certPEM))
79 | if block == nil {
80 | panic("failed to parse certificate PEM")
81 | }
82 | cert, err := x509.ParseCertificate(block.Bytes)
83 | if err != nil {
84 | panic("failed to parse certificate: " + err.Error())
85 | }
86 |
87 | opts := x509.VerifyOptions{
88 | DNSName: "mail.google.com",
89 | Roots: roots,
90 | }
91 |
92 | if _, err := cert.Verify(opts); err != nil {
93 | panic("failed to verify certificate: " + err.Error())
94 | }
95 | }
96 |
97 | func ExampleParsePKIXPublicKey() {
98 | const pubPEM = `
99 | -----BEGIN PUBLIC KEY-----
100 | MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlRuRnThUjU8/prwYxbty
101 | WPT9pURI3lbsKMiB6Fn/VHOKE13p4D8xgOCADpdRagdT6n4etr9atzDKUSvpMtR3
102 | CP5noNc97WiNCggBjVWhs7szEe8ugyqF23XwpHQ6uV1LKH50m92MbOWfCtjU9p/x
103 | qhNpQQ1AZhqNy5Gevap5k8XzRmjSldNAFZMY7Yv3Gi+nyCwGwpVtBUwhuLzgNFK/
104 | yDtw2WcWmUU7NuC8Q6MWvPebxVtCfVp/iQU6q60yyt6aGOBkhAX0LpKAEhKidixY
105 | nP9PNVBvxgu3XZ4P36gZV6+ummKdBVnc3NqwBLu5+CcdRdusmHPHd5pHf4/38Z3/
106 | 6qU2a/fPvWzceVTEgZ47QjFMTCTmCwNt29cvi7zZeQzjtwQgn4ipN9NibRH/Ax/q
107 | TbIzHfrJ1xa2RteWSdFjwtxi9C20HUkjXSeI4YlzQMH0fPX6KCE7aVePTOnB69I/
108 | a9/q96DiXZajwlpq3wFctrs1oXqBp5DVrCIj8hU2wNgB7LtQ1mCtsYz//heai0K9
109 | PhE4X6hiE0YmeAZjR0uHl8M/5aW9xCoJ72+12kKpWAa0SFRWLy6FejNYCYpkupVJ
110 | yecLk/4L1W0l6jQQZnWErXZYe0PNFcmwGXy1Rep83kfBRNKRy5tvocalLlwXLdUk
111 | AIU+2GKjyT3iMuzZxxFxPFMCAwEAAQ==
112 | -----END PUBLIC KEY-----`
113 |
114 | block, _ := pem.Decode([]byte(pubPEM))
115 | if block == nil {
116 | panic("failed to parse PEM block containing the public key")
117 | }
118 |
119 | pub, err := x509.ParsePKIXPublicKey(block.Bytes)
120 | if err != nil {
121 | panic("failed to parse DER encoded public key: " + err.Error())
122 | }
123 |
124 | switch pub := pub.(type) {
125 | case *rsa.PublicKey:
126 | fmt.Println("pub is of type RSA:", pub)
127 | case *dsa.PublicKey:
128 | fmt.Println("pub is of type DSA:", pub)
129 | case *ecdsa.PublicKey:
130 | fmt.Println("pub is of type ECDSA:", pub)
131 | default:
132 | panic("unknown type of public key")
133 | }
134 | }
135 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv10-RSA-AES:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 39 01 00 00 35 03 01 82 f3 04 d5 71 |....9...5......q|
3 | 00000010 d8 65 69 36 46 cb 45 77 b2 ef 00 75 98 e4 16 d2 |.ei6F.Ew...u....|
4 | 00000020 70 f7 3c 97 84 49 ef da 5d cd 64 00 00 04 00 2f |p.<..I..].d..../|
5 | 00000030 00 ff 01 00 00 08 00 16 00 00 00 17 00 00 |..............|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 |............./..|
10 | 00000030 05 ff 01 00 01 00 16 03 01 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 01 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 01 00 86 10 00 00 82 00 80 9c a1 18 77 22 |..............w"|
51 | 00000010 f5 a1 cf 4d cc df 27 7c c5 7e 98 24 24 be 2f b2 |...M..'|.~.$$./.|
52 | 00000020 1d d7 b8 2f fe 90 73 d0 fc f6 88 3c 91 a4 bc dc |.../..s....<....|
53 | 00000030 b9 0b 48 0d 55 e5 9f c1 8a 6c 1c 7d 4d a9 12 d5 |..H.U....l.}M...|
54 | 00000040 87 4b 9a 77 74 3d 33 8c c7 17 fb 32 09 df 86 f1 |.K.wt=3....2....|
55 | 00000050 93 cc 17 f9 08 bd bc 0e 38 df 9d 82 ad cc 70 0c |........8.....p.|
56 | 00000060 f5 8b 8d 99 e8 5f 3e e5 a6 c7 c2 6a 67 02 90 82 |....._>....jg...|
57 | 00000070 28 9a 72 e1 3e 77 51 10 84 29 21 09 56 36 f2 6a |(.r.>wQ..)!.V6.j|
58 | 00000080 1d 15 08 7b 44 41 43 59 55 8d 52 14 03 01 00 01 |...{DACYU.R.....|
59 | 00000090 01 16 03 01 00 30 06 5b 20 42 7e 7b 1f 4b 7c 36 |.....0.[ B~{.K|6|
60 | 000000a0 99 bb c6 b4 ea a1 19 3e 02 0c 3b 3a 38 be 80 11 |.......>..;:8...|
61 | 000000b0 29 72 a8 12 92 ad 24 9d bf 01 3e ef 9a f1 db 33 |)r....$...>....3|
62 | 000000c0 3e c1 dc d2 51 b1 |>...Q.|
63 | >>> Flow 4 (server to client)
64 | 00000000 14 03 01 00 01 01 16 03 01 00 30 2e d5 04 91 6d |..........0....m|
65 | 00000010 32 12 8b 41 4a 46 2c f3 7f d4 16 0a 21 c2 ac 88 |2..AJF,.....!...|
66 | 00000020 09 a0 b5 0d 65 4e 44 e1 92 5a ae b8 3f 61 1f 35 |....eND..Z..?a.5|
67 | 00000030 ab 3a fe bd f8 3c 2c 42 dd 68 0f 17 03 01 00 20 |.:...<,B.h..... |
68 | 00000040 6e d4 08 98 bf b7 18 84 ee 68 f8 17 88 c5 13 7a |n........h.....z|
69 | 00000050 73 e0 c6 ca 0d 21 4d 6b 44 dc 94 36 6c e4 a0 2f |s....!MkD..6l../|
70 | 00000060 17 03 01 00 30 a0 45 d0 88 5d 96 48 26 46 37 33 |....0.E..].H&F73|
71 | 00000070 f6 48 f3 38 2e 38 d7 b6 ef d5 25 bf f3 1b b6 78 |.H.8.8....%....x|
72 | 00000080 32 a7 9c fe be 55 35 f2 07 5b b7 14 87 89 80 f2 |2....U5..[......|
73 | 00000090 cc d5 cb c8 57 15 03 01 00 20 80 2a 8e 6c b8 5a |....W.... .*.l.Z|
74 | 000000a0 41 b4 ae 56 ca 3f 8b a2 e1 ea a0 55 64 b5 60 44 |A..V.?.....Ud.`D|
75 | 000000b0 8f de 33 c6 37 f7 df b5 d9 c3 |..3.7.....|
76 |
--------------------------------------------------------------------------------
/tls/testdata/Server-SSLv3-RSA-3DES:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 00 00 2f 01 00 00 2b 03 00 47 b4 bd 36 64 |..../...+..G..6d|
3 | 00000010 0a 7d 37 1d 99 ac fd 1c 7a 3f d5 0f 9d 90 e3 59 |.}7.....z?.....Y|
4 | 00000020 64 e4 fb 59 3a 4a 5f 53 d2 af 88 00 00 04 00 0a |d..Y:J_S........|
5 | 00000030 00 ff 01 00 |....|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 00 00 31 02 00 00 2d 03 00 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 |................|
10 | 00000030 05 ff 01 00 01 00 16 03 00 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 00 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 00 00 84 10 00 00 80 43 4d 76 6b 7f b3 e6 |.........CMvk...|
51 | 00000010 82 18 f9 8a a5 cd 45 ab 8f 1a 1d d4 9a 0a 1d 50 |......E........P|
52 | 00000020 96 f2 08 14 a7 6b e3 ef d1 31 6b 18 d2 f5 ee e3 |.....k...1k.....|
53 | 00000030 cd df 67 23 3d ec 70 09 07 df 32 c2 cd 60 6c 2b |..g#=.p...2..`l+|
54 | 00000040 7f 04 cd b3 77 87 78 e5 90 60 41 0c fc 22 1a 3a |....w.x..`A..".:|
55 | 00000050 82 29 28 92 9c f8 33 3a 72 ee 08 58 55 d5 ea 9c |.)(...3:r..XU...|
56 | 00000060 37 96 a4 92 75 e0 29 8a 18 ad 5a c1 1f 4c aa c7 |7...u.)...Z..L..|
57 | 00000070 49 89 6e ff 29 32 a3 c8 51 e8 50 3f 41 10 36 27 |I.n.)2..Q.P?A.6'|
58 | 00000080 0b 60 a2 96 4b 82 a9 c6 52 14 03 00 00 01 01 16 |.`..K...R.......|
59 | 00000090 03 00 00 40 b3 59 d0 de d1 47 8e 9e 1a 27 16 41 |...@.Y...G...'.A|
60 | 000000a0 f7 38 4e 91 12 a0 71 89 1c 68 29 dc 60 7e 2c 39 |.8N...q..h).`~,9|
61 | 000000b0 45 cb e6 98 8d 43 5e 76 34 ca 5b 86 24 9d 77 0a |E....C^v4.[.$.w.|
62 | 000000c0 90 60 19 75 67 74 3d 95 1d e7 82 ee a8 9f 3a 60 |.`.ugt=.......:`|
63 | 000000d0 8e ac 28 74 |..(t|
64 | >>> Flow 4 (server to client)
65 | 00000000 14 03 00 00 01 01 16 03 00 00 40 e8 3e 89 b5 10 |..........@.>...|
66 | 00000010 e4 c9 eb f7 3f 83 e5 6a 7c 04 fd e6 96 69 25 fb |....?..j|....i%.|
67 | 00000020 0b 0b 0e f7 13 4e 99 45 d2 0e 13 22 6b d1 0e 32 |.....N.E..."k..2|
68 | 00000030 30 b5 c4 a2 03 cf 22 59 68 5c cc 63 96 f5 01 f3 |0....."Yh\.c....|
69 | 00000040 2c b3 b5 13 e1 9d 19 45 c0 4f 28 17 03 00 00 18 |,......E.O(.....|
70 | 00000050 2e cb 8c b3 d4 d5 c2 18 fd 6e dc 72 7b b3 4b b8 |.........n.r{.K.|
71 | 00000060 10 56 0a 01 af 55 e8 5a 17 03 00 00 28 3f df 74 |.V...U.Z....(?.t|
72 | 00000070 2f b9 5b a4 43 ec 24 68 ad ff 6c 52 b5 6a 91 0c |/.[.C.$h..lR.j..|
73 | 00000080 be 3b 25 c9 e4 40 59 66 17 cb f0 e7 6b 6e cd 43 |.;%..@Yf....kn.C|
74 | 00000090 ac be b7 62 d0 15 03 00 00 18 43 4d 3c fd 83 6e |...b......CM<..n|
75 | 000000a0 e0 3f ae 40 0c 8a a1 08 d2 74 e2 60 7b d0 97 d5 |.?.@.....t.`{...|
76 | 000000b0 e8 a5 |..|
77 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv12-RSA-3DES:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 5d 01 00 00 59 03 03 0c fb 72 82 e5 |....]...Y....r..|
3 | 00000010 9a 04 90 c8 0d 73 25 9a 3f 88 e3 48 71 a2 33 3e |.....s%.?..Hq.3>|
4 | 00000020 90 32 74 bc 12 38 d6 3a d3 11 1d 00 00 04 00 0a |.2t..8.:........|
5 | 00000030 00 ff 01 00 00 2c 00 0d 00 20 00 1e 06 01 06 02 |.....,... ......|
6 | 00000040 06 03 05 01 05 02 05 03 04 01 04 02 04 03 03 01 |................|
7 | 00000050 03 02 03 03 02 01 02 02 02 03 00 16 00 00 00 17 |................|
8 | 00000060 00 00 |..|
9 | >>> Flow 2 (server to client)
10 | 00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
11 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
12 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 0a 00 00 |................|
13 | 00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
14 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
15 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
16 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
17 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
18 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
19 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
20 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
21 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
22 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
23 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
24 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
25 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
26 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
27 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
28 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
29 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
30 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
31 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
32 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
33 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
34 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
35 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
36 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
37 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
38 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
39 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
40 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
41 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
42 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
43 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
44 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
45 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
46 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
47 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
48 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
49 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
50 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
51 | 00000290 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............|
52 | >>> Flow 3 (client to server)
53 | 00000000 16 03 03 00 86 10 00 00 82 00 80 04 90 54 41 b9 |.............TA.|
54 | 00000010 22 12 39 d9 1d 0b b8 6c d4 b3 8a ec 78 42 80 a5 |".9....l....xB..|
55 | 00000020 03 c9 2a 9e 95 6f a0 28 3a 5c e9 59 28 ba 49 9b |..*..o.(:\.Y(.I.|
56 | 00000030 37 63 61 3f c4 ac ba 55 6b 85 a5 27 ed 37 b9 25 |7ca?...Uk..'.7.%|
57 | 00000040 04 cf 84 ad 43 6b ab 13 fa 72 29 b8 01 d9 aa 0c |....Ck...r).....|
58 | 00000050 be b1 9a c4 5a 05 3d 2d 71 b4 72 f5 3a 77 fb 6b |....Z.=-q.r.:w.k|
59 | 00000060 45 b0 5b 00 f8 1e f9 70 7f a4 64 c9 1e 35 56 0b |E.[....p..d..5V.|
60 | 00000070 68 07 4c 04 95 f4 ca b1 0a b3 25 2b 93 2d be 80 |h.L.......%+.-..|
61 | 00000080 76 15 75 07 23 ee 25 f3 1b a8 2f 14 03 03 00 01 |v.u.#.%.../.....|
62 | 00000090 01 16 03 03 00 30 e5 cd 56 75 e6 a4 58 e5 33 cc |.....0..Vu..X.3.|
63 | 000000a0 95 23 e0 7f 01 f2 45 21 bb 7d 7c 17 1f 59 7c f9 |.#....E!.}|..Y|.|
64 | 000000b0 38 05 a3 95 4d 9b f2 3f 9d 84 2c 31 15 8b 4d d4 |8...M..?..,1..M.|
65 | 000000c0 17 3c 62 2b f6 71 |.>> Flow 4 (server to client)
67 | 00000000 14 03 03 00 01 01 16 03 03 00 30 00 00 00 00 00 |..........0.....|
68 | 00000010 00 00 00 b3 85 c2 1b ac 9e c2 01 f7 0f 76 6d 09 |.............vm.|
69 | 00000020 5c 4f 9f a6 89 1b 56 e3 05 0b 7e 0d 9d 6b 36 35 |\O....V...~..k65|
70 | 00000030 49 99 aa 4c 14 3b 69 2a 87 71 7d 17 03 03 00 30 |I..L.;i*.q}....0|
71 | 00000040 00 00 00 00 00 00 00 00 15 65 d4 be e5 1b c9 29 |.........e.....)|
72 | 00000050 e9 3a c4 22 72 f8 0c 40 c7 f5 45 a1 a3 c8 a8 64 |.:."r..@..E....d|
73 | 00000060 22 4c 6c 79 3f 32 66 d4 05 09 a8 d4 d8 a8 f3 c7 |"Lly?2f.........|
74 | 00000070 15 03 03 00 20 00 00 00 00 00 00 00 00 fc 8d c6 |.... ...........|
75 | 00000080 3d b1 c4 9f 30 26 e3 b9 46 8f ce 9f 7e 5b 1e a3 |=...0&..F...~[..|
76 | 00000090 d0 98 64 3c 0d |..d<.|
77 |
--------------------------------------------------------------------------------
/tls/testdata/Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 6b 01 00 00 67 03 03 00 00 00 00 00 |....k...g.......|
3 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
4 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 02 cc a9 |................|
5 | 00000030 01 00 00 3c 00 05 00 05 01 00 00 00 00 00 0a 00 |...<............|
6 | 00000040 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................|
7 | 00000050 00 00 0d 00 12 00 10 04 01 04 03 05 01 05 03 06 |................|
8 | 00000060 01 06 03 02 01 02 03 ff 01 00 01 00 00 12 00 00 |................|
9 | >>> Flow 2 (server to client)
10 | 00000000 16 03 03 00 59 02 00 00 55 03 03 3c 9c e9 fb 22 |....Y...U..<..."|
11 | 00000010 8b 32 cb 0d 56 1d a7 a2 c7 c5 d4 41 3d 9f 84 1b |.2..V......A=...|
12 | 00000020 26 50 b6 a3 fa f2 c5 20 0d f9 a6 20 38 86 ba 26 |&P..... ... 8..&|
13 | 00000030 db 6e d9 ab 3c 73 ec d8 34 56 d1 f2 d3 60 42 9a |.n..>> Flow 3 (client to server)
63 | 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.|
64 | 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....|
65 | 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......|
66 | 00000030 16 03 03 00 20 6e 2a ec f4 3a e8 88 99 f1 77 94 |.... n*..:....w.|
67 | 00000040 b3 a2 c5 3a 59 c2 9a f5 4a fb 89 e4 51 1a 54 a4 |...:Y...J...Q.T.|
68 | 00000050 72 d9 54 99 c3 |r.T..|
69 | >>> Flow 4 (server to client)
70 | 00000000 14 03 03 00 01 01 16 03 03 00 20 be 1a 60 4e 4a |.......... ..`NJ|
71 | 00000010 2d 81 19 6b 7c f2 80 15 18 9c 38 70 6d a3 49 88 |-..k|.....8pm.I.|
72 | 00000020 93 4b e8 cc 9f b2 0e cc ed 29 64 |.K.......)d|
73 | >>> Flow 5 (client to server)
74 | 00000000 17 03 03 00 16 bd 4c d9 d3 ea d0 d3 4e db dc ea |......L.....N...|
75 | 00000010 ad e7 20 17 ec 36 04 29 a5 7c ab 15 03 03 00 12 |.. ..6.).|......|
76 | 00000020 7b e1 b6 9b fc f9 18 83 87 31 b3 02 e7 b2 e3 c6 |{........1......|
77 | 00000030 37 d8 |7.|
78 |
--------------------------------------------------------------------------------
/tls/testdata/Server-SSLv3-RSA-AES:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 00 00 2f 01 00 00 2b 03 00 26 1e 06 cd 27 |..../...+..&...'|
3 | 00000010 f5 2a b4 8d 00 07 47 16 02 23 aa 5e 92 02 95 4a |.*....G..#.^...J|
4 | 00000020 1a 0b a8 51 8a 6f 4a 31 3c e9 a2 00 00 04 00 2f |...Q.oJ1<....../|
5 | 00000030 00 ff 01 00 |....|
6 | >>> Flow 2 (server to client)
7 | 00000000 16 03 00 00 31 02 00 00 2d 03 00 00 00 00 00 00 |....1...-.......|
8 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
9 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2f 00 00 |............./..|
10 | 00000030 05 ff 01 00 01 00 16 03 00 02 59 0b 00 02 55 00 |..........Y...U.|
11 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
12 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
13 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
14 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
15 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
16 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
17 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
18 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
19 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
20 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
21 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
22 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
23 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
24 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
25 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
26 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
27 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
28 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
29 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
30 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
31 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
32 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
33 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
34 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
35 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
36 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
37 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
38 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
39 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
40 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
41 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
42 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
43 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
44 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
45 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
46 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
47 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
48 | 00000290 3b e9 fa e7 16 03 00 00 04 0e 00 00 00 |;............|
49 | >>> Flow 3 (client to server)
50 | 00000000 16 03 00 00 84 10 00 00 80 66 67 59 2f 21 b9 e3 |.........fgY/!..|
51 | 00000010 0d a9 78 0c 6b fc dc 6f 69 4e f9 00 8b 40 a2 0f |..x.k..oiN...@..|
52 | 00000020 5a d8 8c d2 59 ab 33 78 f6 42 2f fa cf d6 48 7a |Z...Y.3x.B/...Hz|
53 | 00000030 59 30 94 1c 10 49 30 69 4a 6c a2 e5 ce 59 6d e3 |Y0...I0iJl...Ym.|
54 | 00000040 49 0c a7 0a ab 17 8b c6 48 82 71 44 d5 7d 80 e5 |I.......H.qD.}..|
55 | 00000050 6d 45 6c 10 12 01 85 71 ee dc c5 e3 19 41 ed 22 |mEl....q.....A."|
56 | 00000060 11 5c c4 25 c6 90 ad c8 4c 48 45 8d ad 6c f4 ef |.\.%....LHE..l..|
57 | 00000070 fb b4 2b 53 90 cc 78 b0 9e 22 e7 2c 1a 64 0e 8b |..+S..x..".,.d..|
58 | 00000080 d8 57 54 74 c5 33 20 3f 42 14 03 00 00 01 01 16 |.WTt.3 ?B.......|
59 | 00000090 03 00 00 40 18 b6 0a d4 9e 4d fa 8a 67 ce 8e d5 |...@.....M..g...|
60 | 000000a0 51 31 75 65 f1 ff 54 a2 1b 80 c5 c3 a0 fc d2 78 |Q1ue..T........x|
61 | 000000b0 0b 99 3b 65 6c 1d 52 6d a9 9f 64 13 97 d5 2e b1 |..;el.Rm..d.....|
62 | 000000c0 76 0b a0 fb f6 16 f7 72 28 a5 8a 11 a7 46 d5 59 |v......r(....F.Y|
63 | 000000d0 e1 f4 f3 6f |...o|
64 | >>> Flow 4 (server to client)
65 | 00000000 14 03 00 00 01 01 16 03 00 00 40 6c 5b 64 b5 f9 |..........@l[d..|
66 | 00000010 76 cc 7e 51 72 46 ab 21 17 b3 fb 2b 48 c5 5a 9f |v.~QrF.!...+H.Z.|
67 | 00000020 e6 35 14 ff df c7 a7 4b 5e 5a 9b 82 57 b5 bf 4d |.5.....K^Z..W..M|
68 | 00000030 5f 7c a5 be 67 96 71 3a 63 ad 76 86 66 06 e9 a2 |_|..g.q:c.v.f...|
69 | 00000040 35 39 6f 79 13 21 4b 19 c1 83 0e 17 03 00 00 20 |59oy.!K........ |
70 | 00000050 1a 80 c5 d1 8b 33 79 89 39 fc 11 44 80 33 1a f7 |.....3y.9..D.3..|
71 | 00000060 9f 63 96 5d c9 1a d4 56 2a ee 68 24 68 83 5d ca |.c.]...V*.h$h.].|
72 | 00000070 17 03 00 00 30 7c d4 88 17 d0 10 66 6a b3 61 ed |....0|.....fj.a.|
73 | 00000080 0a b5 72 55 ca fb c4 ec e2 f2 e2 bf 67 dd 3d c9 |..rU........g.=.|
74 | 00000090 01 3b 50 5c 35 ce 28 2d e6 9c 1f 5c 70 14 46 2a |.;P\5.(-...\p.F*|
75 | 000000a0 d8 9e ef 6a 66 15 03 00 00 20 c7 af e1 86 10 30 |...jf.... .....0|
76 | 000000b0 41 73 88 b2 86 02 a8 60 38 61 92 32 11 22 2d 47 |As.....`8a.2."-G|
77 | 000000c0 76 fe 22 9c 76 c2 00 ee e9 03 |v.".v.....|
78 |
--------------------------------------------------------------------------------
/tls/testdata/Client-TLSv10-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 95 01 00 00 91 03 03 00 00 00 00 00 |................|
3 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
4 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2c cc a8 |.............,..|
5 | 00000030 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
6 | 00000040 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
7 | 00000050 c0 12 00 0a 00 05 c0 11 c0 07 01 00 00 3c 00 05 |.............<..|
8 | 00000060 00 05 01 00 00 00 00 00 0a 00 0a 00 08 00 1d 00 |................|
9 | 00000070 17 00 18 00 19 00 0b 00 02 01 00 00 0d 00 12 00 |................|
10 | 00000080 10 04 01 04 03 05 01 05 03 06 01 06 03 02 01 02 |................|
11 | 00000090 03 ff 01 00 01 00 00 12 00 00 |..........|
12 | >>> Flow 2 (server to client)
13 | 00000000 16 03 01 00 51 02 00 00 4d 03 01 ba 66 88 b5 b3 |....Q...M...f...|
14 | 00000010 17 e1 9a c1 b6 27 e0 3f 1c 80 73 b6 6c 16 c9 4e |.....'.?..s.l..N|
15 | 00000020 33 c4 8c 75 26 46 01 1b 31 dc a3 20 e3 57 4f 91 |3..u&F..1.. .WO.|
16 | 00000030 3e 5b 91 cf 75 77 71 66 2f be 84 20 1c 7f 02 dd |>[..uwqf/.. ....|
17 | 00000040 8b 63 43 6c 4d 1d a4 7a da 89 35 5a 00 05 00 00 |.cClM..z..5Z....|
18 | 00000050 05 ff 01 00 01 00 16 03 01 02 59 0b 00 02 55 00 |..........Y...U.|
19 | 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
20 | 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
21 | 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
22 | 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
23 | 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
24 | 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
25 | 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
26 | 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
27 | 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
28 | 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
29 | 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
30 | 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
31 | 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
32 | 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
33 | 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
34 | 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
35 | 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
36 | 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
37 | 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
38 | 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
39 | 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
40 | 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
41 | 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
42 | 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
43 | 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
44 | 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
45 | 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
46 | 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
47 | 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
48 | 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
49 | 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
50 | 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
51 | 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
52 | 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
53 | 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
54 | 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
55 | 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
56 | 000002b0 3b e9 fa e7 16 03 01 00 04 0e 00 00 00 |;............|
57 | >>> Flow 3 (client to server)
58 | 00000000 16 03 01 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...|
59 | 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..|
60 | 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.|
61 | 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h|
62 | 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...|
63 | 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........|
64 | 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..|
65 | 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..|
66 | 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 01 00 01 |.Y(.....ia5.....|
67 | 00000090 01 16 03 01 00 24 b6 4b 4c 75 2d d9 8d 1c 85 df |.....$.KLu-.....|
68 | 000000a0 f1 8d ff 7a 24 6b 02 3f fa 80 d7 f4 71 76 77 97 |...z$k.?....qvw.|
69 | 000000b0 fd b3 59 d7 91 9f 3a e9 ec 3b |..Y...:..;|
70 | >>> Flow 4 (server to client)
71 | 00000000 14 03 01 00 01 01 16 03 01 00 24 b6 51 7e 95 65 |..........$.Q~.e|
72 | 00000010 c5 85 08 c3 31 5c ae 2e e9 9e 6e bb 3d e8 68 c5 |....1\....n.=.h.|
73 | 00000020 26 a0 8c 61 a8 96 09 3c ec c7 9a 80 ff a2 5d |&..a...<......]|
74 | >>> Flow 5 (client to server)
75 | 00000000 17 03 01 00 1a 0b 83 3a 24 a0 b4 7f cc 86 6c 4f |.......:$.....lO|
76 | 00000010 db 19 1b 09 23 77 a6 91 c6 09 db aa 3c 1a f3 15 |....#w......<...|
77 | 00000020 03 01 00 16 80 dc 14 9b a7 ff 08 af 25 5e 67 8c |............%^g.|
78 | 00000030 2d 2a 8e c9 bc 17 5a 29 48 99 |-*....Z)H.|
79 |
--------------------------------------------------------------------------------
/tls/testdata/Client-TLSv11-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 95 01 00 00 91 03 03 00 00 00 00 00 |................|
3 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
4 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2c cc a8 |.............,..|
5 | 00000030 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
6 | 00000040 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
7 | 00000050 c0 12 00 0a 00 05 c0 11 c0 07 01 00 00 3c 00 05 |.............<..|
8 | 00000060 00 05 01 00 00 00 00 00 0a 00 0a 00 08 00 1d 00 |................|
9 | 00000070 17 00 18 00 19 00 0b 00 02 01 00 00 0d 00 12 00 |................|
10 | 00000080 10 04 01 04 03 05 01 05 03 06 01 06 03 02 01 02 |................|
11 | 00000090 03 ff 01 00 01 00 00 12 00 00 |..........|
12 | >>> Flow 2 (server to client)
13 | 00000000 16 03 02 00 51 02 00 00 4d 03 02 17 49 a0 13 8a |....Q...M...I...|
14 | 00000010 1d 7a e5 dd dd f3 ba 71 8c 9f b9 16 55 98 4e 56 |.z.....q....U.NV|
15 | 00000020 74 da 97 99 09 b7 5a cb 16 17 a8 20 b4 67 96 70 |t.....Z.... .g.p|
16 | 00000030 f5 7c 25 f3 5e 47 6b 38 fb 2a 18 67 a7 35 b6 93 |.|%.^Gk8.*.g.5..|
17 | 00000040 88 26 c7 da 67 7c d7 d9 4d 23 46 15 00 05 00 00 |.&..g|..M#F.....|
18 | 00000050 05 ff 01 00 01 00 16 03 02 02 59 0b 00 02 55 00 |..........Y...U.|
19 | 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
20 | 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
21 | 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
22 | 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
23 | 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
24 | 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
25 | 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
26 | 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
27 | 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
28 | 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
29 | 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
30 | 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
31 | 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
32 | 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
33 | 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
34 | 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
35 | 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
36 | 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
37 | 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
38 | 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
39 | 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
40 | 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
41 | 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
42 | 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
43 | 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
44 | 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
45 | 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
46 | 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
47 | 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
48 | 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
49 | 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
50 | 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
51 | 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
52 | 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
53 | 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
54 | 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
55 | 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
56 | 000002b0 3b e9 fa e7 16 03 02 00 04 0e 00 00 00 |;............|
57 | >>> Flow 3 (client to server)
58 | 00000000 16 03 02 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...|
59 | 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..|
60 | 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.|
61 | 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h|
62 | 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...|
63 | 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........|
64 | 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..|
65 | 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..|
66 | 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 02 00 01 |.Y(.....ia5.....|
67 | 00000090 01 16 03 02 00 24 57 25 f5 73 5b e7 e4 e5 41 29 |.....$W%.s[...A)|
68 | 000000a0 0f 6f c5 92 93 17 17 fe 3f 84 cb 62 c0 69 ef ae |.o......?..b.i..|
69 | 000000b0 c4 96 c7 32 76 b9 fb 2a 01 03 |...2v..*..|
70 | >>> Flow 4 (server to client)
71 | 00000000 14 03 02 00 01 01 16 03 02 00 24 74 40 46 d2 01 |..........$t@F..|
72 | 00000010 85 de 99 2e 04 b7 c4 a6 50 61 22 01 23 fd 77 be |........Pa".#.w.|
73 | 00000020 55 6a 6d 1a 79 17 c7 3d 75 64 99 fc bb 42 a7 |Ujm.y..=ud...B.|
74 | >>> Flow 5 (client to server)
75 | 00000000 17 03 02 00 1a d0 cc 3e 2e f5 09 1d 14 b6 ec f4 |.......>........|
76 | 00000010 19 64 30 40 eb 86 31 8b 61 fd 94 b5 3a 0c d5 15 |.d0@..1.a...:...|
77 | 00000020 03 02 00 16 f2 d9 24 a4 f7 65 0e 26 1e c0 c9 7d |......$..e.&...}|
78 | 00000030 5c 57 59 fb 80 fd ab ab 83 e4 |\WY.......|
79 |
--------------------------------------------------------------------------------
/tls/testdata/Client-TLSv12-RSA-RC4:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 95 01 00 00 91 03 03 00 00 00 00 00 |................|
3 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
4 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2c cc a8 |.............,..|
5 | 00000030 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
6 | 00000040 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
7 | 00000050 c0 12 00 0a 00 05 c0 11 c0 07 01 00 00 3c 00 05 |.............<..|
8 | 00000060 00 05 01 00 00 00 00 00 0a 00 0a 00 08 00 1d 00 |................|
9 | 00000070 17 00 18 00 19 00 0b 00 02 01 00 00 0d 00 12 00 |................|
10 | 00000080 10 04 01 04 03 05 01 05 03 06 01 06 03 02 01 02 |................|
11 | 00000090 03 ff 01 00 01 00 00 12 00 00 |..........|
12 | >>> Flow 2 (server to client)
13 | 00000000 16 03 03 00 51 02 00 00 4d 03 03 90 26 c2 6e 52 |....Q...M...&.nR|
14 | 00000010 59 b2 e8 f1 c5 fc 4d 59 13 76 43 4e a4 ab 0b 33 |Y.....MY.vCN...3|
15 | 00000020 96 d0 4e 89 bd 1e bd 89 f6 2b d7 20 39 94 41 68 |..N......+. 9.Ah|
16 | 00000030 81 74 78 60 e1 5f f7 7d e3 9d 81 f1 62 bd 45 67 |.tx`._.}....b.Eg|
17 | 00000040 51 50 bd 84 76 70 52 c3 ce 32 90 51 00 05 00 00 |QP..vpR..2.Q....|
18 | 00000050 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
19 | 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
20 | 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
21 | 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
22 | 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
23 | 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
24 | 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
25 | 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
26 | 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
27 | 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
28 | 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
29 | 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
30 | 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
31 | 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
32 | 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
33 | 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
34 | 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
35 | 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
36 | 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
37 | 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
38 | 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
39 | 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
40 | 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
41 | 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
42 | 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
43 | 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
44 | 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
45 | 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
46 | 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
47 | 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
48 | 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
49 | 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
50 | 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
51 | 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
52 | 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
53 | 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
54 | 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
55 | 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
56 | 000002b0 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............|
57 | >>> Flow 3 (client to server)
58 | 00000000 16 03 03 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...|
59 | 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..|
60 | 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.|
61 | 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h|
62 | 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...|
63 | 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........|
64 | 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..|
65 | 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..|
66 | 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....|
67 | 00000090 01 16 03 03 00 24 4b 7c 05 1b 5d ed 28 c0 ce db |.....$K|..].(...|
68 | 000000a0 c9 1d bb e8 a1 94 d7 30 ac aa 54 08 2a 82 a2 a0 |.......0..T.*...|
69 | 000000b0 52 e7 cb 32 0f c2 f8 ad f3 c9 |R..2......|
70 | >>> Flow 4 (server to client)
71 | 00000000 14 03 03 00 01 01 16 03 03 00 24 ad ef e3 a0 c4 |..........$.....|
72 | 00000010 2c a0 ca 82 a6 f0 eb 8f 73 f3 48 11 0f 1f cc 6f |,.......s.H....o|
73 | 00000020 6f 63 fa d8 9d 47 6b b2 ab 3e fe bc 0e 44 ce |oc...Gk..>...D.|
74 | >>> Flow 5 (client to server)
75 | 00000000 17 03 03 00 1a e7 90 92 8b a5 a6 4f 22 97 2f 23 |...........O"./#|
76 | 00000010 f1 3c 54 65 2c 14 7e fd 1d 8f c7 76 97 e8 f8 15 |.>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 4f 01 00 00 4b 03 01 f1 86 d0 c8 69 |....O...K......i|
3 | 00000010 46 0b 0b 89 08 c0 82 c0 f7 f1 9a b6 d2 2b e1 46 |F............+.F|
4 | 00000020 e6 e1 44 65 de 39 0a 68 a8 d5 1c 00 00 04 c0 0a |..De.9.h........|
5 | 00000030 00 ff 01 00 00 1e 00 0b 00 04 03 00 01 02 00 0a |................|
6 | 00000040 00 0a 00 08 00 1d 00 17 00 19 00 18 00 16 00 00 |................|
7 | 00000050 00 17 00 00 |....|
8 | >>> Flow 2 (server to client)
9 | 00000000 16 03 01 00 31 02 00 00 2d 03 01 00 00 00 00 00 |....1...-.......|
10 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
11 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 0a 00 00 |................|
12 | 00000030 05 ff 01 00 01 00 16 03 01 02 0e 0b 00 02 0a 00 |................|
13 | 00000040 02 07 00 02 04 30 82 02 00 30 82 01 62 02 09 00 |.....0...0..b...|
14 | 00000050 b8 bf 2d 47 a0 d2 eb f4 30 09 06 07 2a 86 48 ce |..-G....0...*.H.|
15 | 00000060 3d 04 01 30 45 31 0b 30 09 06 03 55 04 06 13 02 |=..0E1.0...U....|
16 | 00000070 41 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d |AU1.0...U....Som|
17 | 00000080 65 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a |e-State1!0...U..|
18 | 00000090 13 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 |..Internet Widgi|
19 | 000000a0 74 73 20 50 74 79 20 4c 74 64 30 1e 17 0d 31 32 |ts Pty Ltd0...12|
20 | 000000b0 31 31 32 32 31 35 30 36 33 32 5a 17 0d 32 32 31 |1122150632Z..221|
21 | 000000c0 31 32 30 31 35 30 36 33 32 5a 30 45 31 0b 30 09 |120150632Z0E1.0.|
22 | 000000d0 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 |..U....AU1.0...U|
23 | 000000e0 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 |....Some-State1!|
24 | 000000f0 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 |0...U....Interne|
25 | 00000100 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 |t Widgits Pty Lt|
26 | 00000110 64 30 81 9b 30 10 06 07 2a 86 48 ce 3d 02 01 06 |d0..0...*.H.=...|
27 | 00000120 05 2b 81 04 00 23 03 81 86 00 04 00 c4 a1 ed be |.+...#..........|
28 | 00000130 98 f9 0b 48 73 36 7e c3 16 56 11 22 f2 3d 53 c3 |...Hs6~..V.".=S.|
29 | 00000140 3b 4d 21 3d cd 6b 75 e6 f6 b0 dc 9a df 26 c1 bc |;M!=.ku......&..|
30 | 00000150 b2 87 f0 72 32 7c b3 64 2f 1c 90 bc ea 68 23 10 |...r2|.d/....h#.|
31 | 00000160 7e fe e3 25 c0 48 3a 69 e0 28 6d d3 37 00 ef 04 |~..%.H:i.(m.7...|
32 | 00000170 62 dd 0d a0 9c 70 62 83 d8 81 d3 64 31 aa 9e 97 |b....pb....d1...|
33 | 00000180 31 bd 96 b0 68 c0 9b 23 de 76 64 3f 1a 5c 7f e9 |1...h..#.vd?.\..|
34 | 00000190 12 0e 58 58 b6 5f 70 dd 9b d8 ea d5 d7 f5 d5 cc |..XX._p.........|
35 | 000001a0 b9 b6 9f 30 66 5b 66 9a 20 e2 27 e5 bf fe 3b 30 |...0f[f. .'...;0|
36 | 000001b0 09 06 07 2a 86 48 ce 3d 04 01 03 81 8c 00 30 81 |...*.H.=......0.|
37 | 000001c0 88 02 42 01 88 a2 4f eb e2 45 c5 48 7d 1b ac f5 |..B...O..E.H}...|
38 | 000001d0 ed 98 9d ae 47 70 c0 5e 1b b6 2f bd f1 b6 4d b7 |....Gp.^../...M.|
39 | 000001e0 61 40 d3 11 a2 ce ee 0b 7e 92 7e ff 76 9d c3 3b |a@......~.~.v..;|
40 | 000001f0 7e a5 3f ce fa 10 e2 59 ec 47 2d 7c ac da 4e 97 |~.?....Y.G-|..N.|
41 | 00000200 0e 15 a0 6f d0 02 42 01 4d fc be 67 13 9c 2d 05 |...o..B.M..g..-.|
42 | 00000210 0e bd 3f a3 8c 25 c1 33 13 83 0d 94 06 bb d4 37 |..?..%.3.......7|
43 | 00000220 7a f6 ec 7a c9 86 2e dd d7 11 69 7f 85 7c 56 de |z..z......i..|V.|
44 | 00000230 fb 31 78 2b e4 c7 78 0d ae cb be 9e 4e 36 24 31 |.1x+..x.....N6$1|
45 | 00000240 7b 6a 0f 39 95 12 07 8f 2a 16 03 01 00 b5 0c 00 |{j.9....*.......|
46 | 00000250 00 b1 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 28 |..... /.}.G.bC.(|
47 | 00000260 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 |.._.).0.........|
48 | 00000270 99 5f 58 cb 3b 74 00 8b 30 81 88 02 42 00 ad 93 |._X.;t..0...B...|
49 | 00000280 e2 c2 3d 7e 95 63 17 5d 45 cf cd 27 af d2 db b3 |..=~.c.]E..'....|
50 | 00000290 d0 bc 13 1e 6f 0a 61 3a fb 3c b3 03 61 2c 36 ae |....o.a:.<..a,6.|
51 | 000002a0 4f be 27 e9 43 3c cf 57 9b 82 5e 7d 54 36 ed 7e |O.'.C<.W..^}T6.~|
52 | 000002b0 0b 34 68 26 90 00 20 02 0f c1 18 bc 79 1b 90 02 |.4h&.. .....y...|
53 | 000002c0 42 01 6b 66 9d 56 48 8e 5e 38 93 48 03 6b b9 d7 |B.kf.VH.^8.H.k..|
54 | 000002d0 bd 14 a0 3e 8a 27 81 7f fe 4d e5 8a 12 4d 95 16 |...>.'...M...M..|
55 | 000002e0 ef c7 8d 60 07 1d 22 f8 5d 72 0d cc be c3 51 69 |...`..".]r....Qi|
56 | 000002f0 7a 04 e3 84 e5 ba dd 04 1d d4 4c 6f 9f 6b 12 e0 |z.........Lo.k..|
57 | 00000300 2f 83 3c 16 03 01 00 04 0e 00 00 00 |/.<.........|
58 | >>> Flow 3 (client to server)
59 | 00000000 16 03 01 00 25 10 00 00 21 20 18 40 ea d1 e1 17 |....%...! .@....|
60 | 00000010 b6 a2 a5 db 20 13 70 81 90 fc ac e8 96 7c b1 e1 |.... .p......|..|
61 | 00000020 ff 6f 57 1f c1 64 72 94 f7 05 14 03 01 00 01 01 |.oW..dr.........|
62 | 00000030 16 03 01 00 30 05 33 48 f0 2a 3a df df 1d c4 3d |....0.3H.*:....=|
63 | 00000040 87 ea 9d 04 04 eb 84 bf a0 ed bc 56 2f ab 36 52 |...........V/.6R|
64 | 00000050 d5 b2 2c 6f 8c 58 49 51 33 d5 fc df 5d 09 df e9 |..,o.XIQ3...]...|
65 | 00000060 be 20 30 9a 37 |. 0.7|
66 | >>> Flow 4 (server to client)
67 | 00000000 14 03 01 00 01 01 16 03 01 00 30 8c b6 5b 83 03 |..........0..[..|
68 | 00000010 c0 d8 83 f7 1d 24 2e ec 39 68 00 91 73 d2 5a 15 |.....$..9h..s.Z.|
69 | 00000020 3f 83 aa e3 6d fd cc 31 58 90 e9 a9 e3 e4 78 5d |?...m..1X.....x]|
70 | 00000030 ce 8e b3 ba cd 71 aa a2 fd f4 7c 17 03 01 00 20 |.....q....|.... |
71 | 00000040 62 98 34 9d 01 13 13 2d 1b 27 3a 4f 10 28 48 d6 |b.4....-.':O.(H.|
72 | 00000050 32 8c 99 2a c8 64 14 6e dc f5 7c 6d 16 59 45 8e |2..*.d.n..|m.YE.|
73 | 00000060 17 03 01 00 30 1e ed f9 40 ad 5c 5d f6 94 c9 fd |....0...@.\]....|
74 | 00000070 a1 ac fc 00 7b 48 9a 59 6d f5 b7 06 a4 66 25 04 |....{H.Ym....f%.|
75 | 00000080 61 33 08 f3 66 86 21 00 fb f3 03 78 83 4c b6 c8 |a3..f.!....x.L..|
76 | 00000090 9d 5e ea f5 7e 15 03 01 00 20 98 d8 f6 2a 79 60 |.^..~.... ...*y`|
77 | 000000a0 8d fb c9 45 2f 27 59 17 a9 79 eb e7 b9 46 f1 57 |...E/'Y..y...F.W|
78 | 000000b0 a6 fa ea e1 d0 23 8c 03 4f 72 |.....#..Or|
79 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv12-RSA-AES-GCM:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 73 01 00 00 6f 03 03 38 2b d9 54 15 |....s...o..8+.T.|
3 | 00000010 60 c3 a7 88 e6 c3 73 8f b0 76 4f d0 10 72 2c d6 |`.....s..vO..r,.|
4 | 00000020 55 fc c2 f0 ab 0f 62 43 f1 86 f8 00 00 04 c0 2f |U.....bC......./|
5 | 00000030 00 ff 01 00 00 42 00 0b 00 04 03 00 01 02 00 0a |.....B..........|
6 | 00000040 00 0a 00 08 00 1d 00 17 00 19 00 18 00 0d 00 20 |............... |
7 | 00000050 00 1e 06 01 06 02 06 03 05 01 05 02 05 03 04 01 |................|
8 | 00000060 04 02 04 03 03 01 03 02 03 03 02 01 02 02 02 03 |................|
9 | 00000070 00 16 00 00 00 17 00 00 |........|
10 | >>> Flow 2 (server to client)
11 | 00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
12 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
13 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 2f 00 00 |............./..|
14 | 00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
15 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
16 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
17 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
18 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
19 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
20 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
21 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
22 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
23 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
24 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
25 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
26 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
27 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
28 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
29 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
30 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
31 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
32 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
33 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
34 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
35 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
36 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
37 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
38 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
39 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
40 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
41 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
42 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
43 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
44 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
45 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
46 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
47 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
48 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
49 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
50 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
51 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
52 | 00000290 3b e9 fa e7 16 03 03 00 ac 0c 00 00 a8 03 00 1d |;...............|
53 | 000002a0 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 | /.}.G.bC.(.._.)|
54 | 000002b0 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b |.0.........._X.;|
55 | 000002c0 74 06 01 00 80 65 4e 5d 69 d6 97 39 e8 dc 13 58 |t....eN]i..9...X|
56 | 000002d0 c1 2a cf 72 12 42 34 8c 4a c1 b5 94 44 0c f2 97 |.*.r.B4.J...D...|
57 | 000002e0 46 ba 59 20 1c f2 9d 23 d7 2e 9f 7c 52 ac 08 fe |F.Y ...#...|R...|
58 | 000002f0 02 23 e3 ee ec 21 1f bd 08 8a 50 48 aa 21 b7 ed |.#...!....PH.!..|
59 | 00000300 be 30 be ac ff 8f e8 71 c9 bc d8 b8 56 63 8a fc |.0.....q....Vc..|
60 | 00000310 52 0e 3d e1 4e ce cc 53 d4 f8 36 70 1f 4e 16 61 |R.=.N..S..6p.N.a|
61 | 00000320 14 4d dd fe 17 08 f5 09 53 9b c6 24 7d de af dc |.M......S..$}...|
62 | 00000330 1b 84 23 c2 72 9c 25 73 1a 4f 42 27 b5 95 b1 06 |..#.r.%s.OB'....|
63 | 00000340 dd 36 de 0c 76 16 03 03 00 04 0e 00 00 00 |.6..v.........|
64 | >>> Flow 3 (client to server)
65 | 00000000 16 03 03 00 25 10 00 00 21 20 95 a4 0d a1 cd 3a |....%...! .....:|
66 | 00000010 5e 81 bb e3 77 39 f0 6b 37 fe 35 e2 dc 29 6c b0 |^...w9.k7.5..)l.|
67 | 00000020 2b e9 b9 84 1d 65 b1 63 d7 0e 14 03 03 00 01 01 |+....e.c........|
68 | 00000030 16 03 03 00 28 13 84 cb 17 e5 aa c8 09 43 ed 1a |....(........C..|
69 | 00000040 08 92 55 3c e1 b8 5a c0 05 00 30 ae 63 6f 4c 78 |..U<..Z...0.coLx|
70 | 00000050 22 42 66 18 91 85 9c 2b c6 88 76 7d bd |"Bf....+..v}.|
71 | >>> Flow 4 (server to client)
72 | 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....|
73 | 00000010 00 00 00 fb 80 e0 2e 22 3e 45 98 c2 64 a1 0d 0a |.......">E..d...|
74 | 00000020 0c 55 40 6e 1b a9 de 29 e3 c8 1a b3 36 ba 5d 88 |.U@n...)....6.].|
75 | 00000030 c0 c9 d6 17 03 03 00 25 00 00 00 00 00 00 00 01 |.......%........|
76 | 00000040 ef 6a 01 41 ec 78 94 2d d5 c3 48 b8 5e 57 93 34 |.j.A.x.-..H.^W.4|
77 | 00000050 82 03 33 ae 03 22 69 9b 32 8f 71 73 6c 15 03 03 |..3.."i.2.qsl...|
78 | 00000060 00 1a 00 00 00 00 00 00 00 02 31 37 35 60 f8 01 |..........175`..|
79 | 00000070 5d 1f ab be 0d 79 ac c8 34 f0 14 f9 |]....y..4...|
80 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv12-RSA-AES256-GCM-SHA384:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 73 01 00 00 6f 03 03 7c 43 b4 7c 36 |....s...o..|C.|6|
3 | 00000010 56 e5 d4 47 83 a7 ae 17 cb 5e 7d 5f b7 ef 41 dd |V..G.....^}_..A.|
4 | 00000020 63 d3 e6 a0 62 f7 af 91 25 75 15 00 00 04 c0 30 |c...b...%u.....0|
5 | 00000030 00 ff 01 00 00 42 00 0b 00 04 03 00 01 02 00 0a |.....B..........|
6 | 00000040 00 0a 00 08 00 1d 00 17 00 19 00 18 00 0d 00 20 |............... |
7 | 00000050 00 1e 06 01 06 02 06 03 05 01 05 02 05 03 04 01 |................|
8 | 00000060 04 02 04 03 03 01 03 02 03 03 02 01 02 02 02 03 |................|
9 | 00000070 00 16 00 00 00 17 00 00 |........|
10 | >>> Flow 2 (server to client)
11 | 00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
12 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
13 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 30 00 00 |.............0..|
14 | 00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
15 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
16 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
17 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
18 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
19 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
20 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
21 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
22 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
23 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
24 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
25 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
26 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
27 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
28 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
29 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
30 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
31 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
32 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
33 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
34 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
35 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
36 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
37 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
38 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
39 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
40 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
41 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
42 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
43 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
44 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
45 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
46 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
47 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
48 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
49 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
50 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
51 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
52 | 00000290 3b e9 fa e7 16 03 03 00 ac 0c 00 00 a8 03 00 1d |;...............|
53 | 000002a0 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 | /.}.G.bC.(.._.)|
54 | 000002b0 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b |.0.........._X.;|
55 | 000002c0 74 06 01 00 80 8b b6 3e 52 d2 87 bf 9f 82 6d 0e |t......>R.....m.|
56 | 000002d0 8f de 69 34 58 71 9e 36 46 35 7e 73 ad f0 ee 30 |..i4Xq.6F5~s...0|
57 | 000002e0 0c 95 dc cc 28 ce 9b ee e6 44 3d ab ab 60 13 7c |....(....D=..`.||
58 | 000002f0 3d 37 2d d0 36 95 04 74 df 5a a5 ef 9b 68 7c 58 |=7-.6..t.Z...h|X|
59 | 00000300 b4 22 e9 5d 15 aa 18 cc fc 8d 35 f4 ad aa dc 0d |.".]......5.....|
60 | 00000310 86 b6 e5 ac e3 8f ea c7 63 c6 a5 1e 2a 7e e2 9b |........c...*~..|
61 | 00000320 05 33 81 04 d4 87 ad 15 2d 7f 91 fd ca 85 a8 cb |.3......-.......|
62 | 00000330 66 56 e3 7a 4a 90 8c dc 7d 8f d0 af 6e 5e 88 7b |fV.zJ...}...n^.{|
63 | 00000340 34 2e 2f a0 2e 16 03 03 00 04 0e 00 00 00 |4./...........|
64 | >>> Flow 3 (client to server)
65 | 00000000 16 03 03 00 25 10 00 00 21 20 a5 ce 37 03 eb 08 |....%...! ..7...|
66 | 00000010 67 8e 6b f8 37 b6 f8 cd c6 62 59 c1 8f 46 22 0d |g.k.7....bY..F".|
67 | 00000020 d8 e1 85 2e 26 dc 40 d3 f0 60 14 03 03 00 01 01 |....&.@..`......|
68 | 00000030 16 03 03 00 28 7d cf e0 cb 63 b3 22 fb b2 94 82 |....(}...c."....|
69 | 00000040 a7 1e 8d 71 15 a8 ba 14 b6 4b 67 37 f9 78 c4 33 |...q.....Kg7.x.3|
70 | 00000050 1b 7d 6c 8b 56 8f 85 d1 3e d3 9c 9f 95 |.}l.V...>....|
71 | >>> Flow 4 (server to client)
72 | 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....|
73 | 00000010 00 00 00 3e cd 20 97 7b b3 2c 24 f2 cc ac 70 a4 |...>. .{.,$...p.|
74 | 00000020 4f f5 db 05 51 52 a8 ff 6e 01 98 c3 ec c7 2c 97 |O...QR..n.....,.|
75 | 00000030 6f f9 2c 17 03 03 00 25 00 00 00 00 00 00 00 01 |o.,....%........|
76 | 00000040 67 b8 c3 d5 7e 02 18 6f b8 db 10 5c 28 29 3d f6 |g...~..o...\()=.|
77 | 00000050 d0 69 a1 4f e8 a4 ce 22 81 65 10 7e d1 15 03 03 |.i.O...".e.~....|
78 | 00000060 00 1a 00 00 00 00 00 00 00 02 b0 df 28 f8 b8 f2 |............(...|
79 | 00000070 32 43 c3 d0 01 55 8f 47 c1 52 8d e3 |2C...U.G.R..|
80 |
--------------------------------------------------------------------------------
/tls/testdata/Server-TLSv12-X25519-ECDHE-RSA-AES-GCM:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 73 01 00 00 6f 03 03 c3 5c 1e ad 54 |....s...o...\..T|
3 | 00000010 5b 03 af 49 42 dd cc 76 83 21 fe b4 4f 15 84 81 |[..IB..v.!..O...|
4 | 00000020 e5 07 5c 7d 58 3d 37 5a 3a ae f8 00 00 04 c0 2f |..\}X=7Z:....../|
5 | 00000030 00 ff 01 00 00 42 00 0b 00 04 03 00 01 02 00 0a |.....B..........|
6 | 00000040 00 0a 00 08 00 1d 00 17 00 19 00 18 00 0d 00 20 |............... |
7 | 00000050 00 1e 06 01 06 02 06 03 05 01 05 02 05 03 04 01 |................|
8 | 00000060 04 02 04 03 03 01 03 02 03 03 02 01 02 02 02 03 |................|
9 | 00000070 00 16 00 00 00 17 00 00 |........|
10 | >>> Flow 2 (server to client)
11 | 00000000 16 03 03 00 31 02 00 00 2d 03 03 00 00 00 00 00 |....1...-.......|
12 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
13 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 c0 2f 00 00 |............./..|
14 | 00000030 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
15 | 00000040 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
16 | 00000050 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
17 | 00000060 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
18 | 00000070 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
19 | 00000080 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
20 | 00000090 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
21 | 000000a0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
22 | 000000b0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
23 | 000000c0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
24 | 000000d0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
25 | 000000e0 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
26 | 000000f0 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
27 | 00000100 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
28 | 00000110 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
29 | 00000120 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
30 | 00000130 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
31 | 00000140 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
32 | 00000150 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
33 | 00000160 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
34 | 00000170 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
35 | 00000180 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
36 | 00000190 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
37 | 000001a0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
38 | 000001b0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
39 | 000001c0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
40 | 000001d0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
41 | 000001e0 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
42 | 000001f0 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
43 | 00000200 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
44 | 00000210 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
45 | 00000220 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
46 | 00000230 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
47 | 00000240 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
48 | 00000250 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
49 | 00000260 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
50 | 00000270 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
51 | 00000280 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
52 | 00000290 3b e9 fa e7 16 03 03 00 ac 0c 00 00 a8 03 00 1d |;...............|
53 | 000002a0 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 | /.}.G.bC.(.._.)|
54 | 000002b0 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b |.0.........._X.;|
55 | 000002c0 74 06 01 00 80 d1 1b d9 90 1c 69 ef 70 d8 76 10 |t.........i.p.v.|
56 | 000002d0 fe ea ce c5 42 ea e7 da 1a 45 83 11 75 51 e9 a4 |....B....E..uQ..|
57 | 000002e0 fe 4c c6 b2 76 62 35 83 ae 45 08 80 07 76 0c d2 |.L..vb5..E...v..|
58 | 000002f0 b6 a7 7d b4 ca 5d a0 70 88 2c ad 03 44 30 14 d7 |..}..].p.,..D0..|
59 | 00000300 0b 9e 19 77 5f 2f 95 83 8a 5e 07 3e 7f 22 ca 86 |...w_/...^.>."..|
60 | 00000310 b9 ae 0d eb b8 0e ce ec 5d 1f 72 95 cf a5 3f 2c |........].r...?,|
61 | 00000320 82 2f 17 f7 63 07 cd 01 d1 50 31 49 e4 d1 2c 75 |./..c....P1I..,u|
62 | 00000330 1a 18 b9 76 51 33 f4 ff 74 37 cc bd 18 f9 3a 09 |...vQ3..t7....:.|
63 | 00000340 25 38 56 a4 7b 16 03 03 00 04 0e 00 00 00 |%8V.{.........|
64 | >>> Flow 3 (client to server)
65 | 00000000 16 03 03 00 25 10 00 00 21 20 71 94 86 30 e3 73 |....%...! q..0.s|
66 | 00000010 65 46 cb e3 ea 30 0b 32 77 f5 52 28 6f 98 a2 ed |eF...0.2w.R(o...|
67 | 00000020 52 6e 14 eb 5f 89 33 98 13 4a 14 03 03 00 01 01 |Rn.._.3..J......|
68 | 00000030 16 03 03 00 28 31 f7 9a 7d 84 21 17 7f c4 6e 9e |....(1..}.!...n.|
69 | 00000040 78 59 64 d1 d0 e7 74 fb 77 1b 7a b9 d5 e0 a6 c6 |xYd...t.w.z.....|
70 | 00000050 ec a4 9f 64 38 dd 24 8c d8 13 71 69 4f |...d8.$...qiO|
71 | >>> Flow 4 (server to client)
72 | 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....|
73 | 00000010 00 00 00 65 fc d6 aa c0 c7 6d 5e 94 bb cb 7c 19 |...e.....m^...|.|
74 | 00000020 f4 4f 4b 0e d5 b1 66 cc fb 7b d0 bb bc d3 de 55 |.OK...f..{.....U|
75 | 00000030 79 d5 57 17 03 03 00 25 00 00 00 00 00 00 00 01 |y.W....%........|
76 | 00000040 bf d0 4a cb ab f0 86 9a ec 92 19 5e 51 6e 63 4e |..J........^QncN|
77 | 00000050 00 c6 1f e8 af 15 ec e7 29 45 f5 54 dd 15 03 03 |........)E.T....|
78 | 00000060 00 1a 00 00 00 00 00 00 00 02 7e 20 a1 70 fa b9 |..........~ .p..|
79 | 00000070 6f b3 3b b0 65 b5 96 15 b0 f6 db 8a |o.;.e.......|
80 |
--------------------------------------------------------------------------------
/tls/testdata/Client-TLSv12-AES128-GCM-SHA256:
--------------------------------------------------------------------------------
1 | >>> Flow 1 (client to server)
2 | 00000000 16 03 01 00 95 01 00 00 91 03 03 00 00 00 00 00 |................|
3 | 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
4 | 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 2c cc a8 |.............,..|
5 | 00000030 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#|
6 | 00000040 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5|
7 | 00000050 c0 12 00 0a 00 05 c0 11 c0 07 01 00 00 3c 00 05 |.............<..|
8 | 00000060 00 05 01 00 00 00 00 00 0a 00 0a 00 08 00 1d 00 |................|
9 | 00000070 17 00 18 00 19 00 0b 00 02 01 00 00 0d 00 12 00 |................|
10 | 00000080 10 04 01 04 03 05 01 05 03 06 01 06 03 02 01 02 |................|
11 | 00000090 03 ff 01 00 01 00 00 12 00 00 |..........|
12 | >>> Flow 2 (server to client)
13 | 00000000 16 03 03 00 51 02 00 00 4d 03 03 49 4c e7 e2 d1 |....Q...M..IL...|
14 | 00000010 f6 48 5a 9c 53 86 a7 b4 43 a2 35 a1 6a cd 40 8d |.HZ.S...C.5.j.@.|
15 | 00000020 db 5a 93 d2 66 1a 9e b3 cd ab 8b 20 52 21 cc 8d |.Z..f...... R!..|
16 | 00000030 24 23 ed 26 f1 c0 44 17 74 1a ef 01 5c c5 8e 79 |$#.&..D.t...\..y|
17 | 00000040 f6 e5 00 e8 b3 71 72 99 a5 2d 4d cf 00 9c 00 00 |.....qr..-M.....|
18 | 00000050 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.|
19 | 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......|
20 | 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..|
21 | 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.|
22 | 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..|
23 | 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..|
24 | 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..|
25 | 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1|
26 | 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.|
27 | 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...|
28 | 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0|
29 | 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.|
30 | 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6|
31 | 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.|
32 | 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....|
33 | 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......|
34 | 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$|
35 | 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..|
36 | 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u|
37 | 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.|
38 | 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........|
39 | 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.|
40 | 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......|
41 | 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.|
42 | 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>|
43 | 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#|
44 | 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..|
45 | 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0|
46 | 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan|
47 | 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........|
48 | 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...|
49 | 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1|
50 | 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d|
51 | 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..|
52 | 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....|
53 | 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......|
54 | 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..|
55 | 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.|
56 | 000002b0 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............|
57 | >>> Flow 3 (client to server)
58 | 00000000 16 03 03 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...|
59 | 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..|
60 | 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.|
61 | 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h|
62 | 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...|
63 | 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........|
64 | 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..|
65 | 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..|
66 | 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....|
67 | 00000090 01 16 03 03 00 28 00 00 00 00 00 00 00 00 c5 41 |.....(.........A|
68 | 000000a0 79 78 69 d0 e6 8f 11 e0 19 7a a2 51 0f b4 1f 8f |yxi......z.Q....|
69 | 000000b0 8a a5 d9 48 1a b8 cd 2f ea e2 04 9b e8 9f |...H.../......|
70 | >>> Flow 4 (server to client)
71 | 00000000 14 03 03 00 01 01 16 03 03 00 28 f3 72 0c 34 0f |..........(.r.4.|
72 | 00000010 59 fa 8d 0f d1 37 6d 3b 9c e6 41 66 8b 30 4a d0 |Y....7m;..Af.0J.|
73 | 00000020 ef 21 f1 42 79 f0 55 0e a1 43 d5 d7 b1 d6 45 aa |.!.By.U..C....E.|
74 | 00000030 5a 3a 69 |Z:i|
75 | >>> Flow 5 (client to server)
76 | 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 7d bd ac |.............}..|
77 | 00000010 69 1a 3c b3 4d 0f 1b 25 40 95 34 f0 b1 97 60 39 |i.<.M..%@.4...`9|
78 | 00000020 93 42 10 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.B..............|
79 | 00000030 a0 65 f5 b0 94 a5 2e 1a c4 a5 97 76 12 8f 82 70 |.e.........v...p|
80 | 00000040 49 0c |I.|
81 |
--------------------------------------------------------------------------------