MCPcopy
hub / github.com/XTLS/REALITY / ticketKeyFromBytes

Method ticketKeyFromBytes

common.go:948–958  ·  view source on GitHub ↗

ticketKeyFromBytes converts from the external representation of a session ticket key to a ticketKey. Externally, session ticket keys are 32 random bytes and this function expands that into sufficient name and key material.

(b [32]byte)

Source from the content-addressed store, hash-verified

946// ticket key to a ticketKey. Externally, session ticket keys are 32 random
947// bytes and this function expands that into sufficient name and key material.
948func (c *Config) ticketKeyFromBytes(b [32]byte) (key ticketKey) {
949 hashed := sha512.Sum512(b[:])
950 // The first 16 bytes of the hash used to be exposed on the wire as a ticket
951 // prefix. They MUST NOT be used as a secret. In the future, it would make
952 // sense to use a proper KDF here, like HKDF with a fixed salt.
953 const legacyTicketKeyNameLen = 16
954 copy(key.aesKey[:], hashed[legacyTicketKeyNameLen:])
955 copy(key.hmacKey[:], hashed[legacyTicketKeyNameLen+len(key.aesKey):])
956 key.created = c.time()
957 return key
958}
959
960// maxSessionTicketLifetime is the maximum allowed lifetime of a TLS 1.3 session
961// ticket, and the lifetime we set for all tickets we send.

Callers 3

ticketKeysMethod · 0.95
SetSessionTicketKeysMethod · 0.95

Calls 1

timeMethod · 0.95

Tested by

no test coverage detected