ParseSessionState parses a [SessionState] encoded by [SessionState.Bytes].
(data []byte)
| 185 | |
| 186 | // ParseSessionState parses a [SessionState] encoded by [SessionState.Bytes]. |
| 187 | func ParseSessionState(data []byte) (*SessionState, error) { |
| 188 | ss := &SessionState{} |
| 189 | s := cryptobyte.String(data) |
| 190 | var typ, extMasterSecret, earlyData uint8 |
| 191 | var cert Certificate |
| 192 | var extra cryptobyte.String |
| 193 | if !s.ReadUint16(&ss.version) || |
| 194 | !s.ReadUint8(&typ) || |
| 195 | !s.ReadUint16(&ss.cipherSuite) || |
| 196 | !readUint64(&s, &ss.createdAt) || |
| 197 | !readUint8LengthPrefixed(&s, &ss.secret) || |
| 198 | !s.ReadUint24LengthPrefixed(&extra) || |
| 199 | !s.ReadUint8(&extMasterSecret) || |
| 200 | !s.ReadUint8(&earlyData) || |
| 201 | len(ss.secret) == 0 || |
| 202 | !unmarshalCertificate(&s, &cert) { |
| 203 | return nil, errors.New("tls: invalid session encoding") |
| 204 | } |
| 205 | for !extra.Empty() { |
| 206 | var e []byte |
| 207 | if !readUint24LengthPrefixed(&extra, &e) { |
| 208 | return nil, errors.New("tls: invalid session encoding") |
| 209 | } |
| 210 | ss.Extra = append(ss.Extra, e) |
| 211 | } |
| 212 | switch typ { |
| 213 | case 1: |
| 214 | ss.isClient = false |
| 215 | case 2: |
| 216 | ss.isClient = true |
| 217 | default: |
| 218 | return nil, errors.New("tls: unknown session encoding") |
| 219 | } |
| 220 | switch extMasterSecret { |
| 221 | case 0: |
| 222 | ss.extMasterSecret = false |
| 223 | case 1: |
| 224 | ss.extMasterSecret = true |
| 225 | default: |
| 226 | return nil, errors.New("tls: invalid session encoding") |
| 227 | } |
| 228 | switch earlyData { |
| 229 | case 0: |
| 230 | ss.EarlyData = false |
| 231 | case 1: |
| 232 | ss.EarlyData = true |
| 233 | default: |
| 234 | return nil, errors.New("tls: invalid session encoding") |
| 235 | } |
| 236 | for _, cert := range cert.Certificate { |
| 237 | c, err := globalCertCache.newCert(cert) |
| 238 | if err != nil { |
| 239 | return nil, err |
| 240 | } |
| 241 | ss.peerCertificates = append(ss.peerCertificates, c) |
| 242 | } |
| 243 | if ss.isClient && len(ss.peerCertificates) == 0 { |
| 244 | return nil, errors.New("tls: no server certificates in client session") |
no test coverage detected
searching dependent graphs…