Bytes encodes the session, including any private fields, so that it can be parsed by [ParseSessionState]. The encoding contains secret values critical to the security of future and possibly past sessions. The specific encoding should be considered opaque and may change incompatibly between Go versi
()
| 109 | // The specific encoding should be considered opaque and may change incompatibly |
| 110 | // between Go versions. |
| 111 | func (s *SessionState) Bytes() ([]byte, error) { |
| 112 | var b cryptobyte.Builder |
| 113 | b.AddUint16(s.version) |
| 114 | if s.isClient { |
| 115 | b.AddUint8(2) // client |
| 116 | } else { |
| 117 | b.AddUint8(1) // server |
| 118 | } |
| 119 | b.AddUint16(s.cipherSuite) |
| 120 | addUint64(&b, s.createdAt) |
| 121 | b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { |
| 122 | b.AddBytes(s.secret) |
| 123 | }) |
| 124 | b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { |
| 125 | for _, extra := range s.Extra { |
| 126 | b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { |
| 127 | b.AddBytes(extra) |
| 128 | }) |
| 129 | } |
| 130 | }) |
| 131 | if s.extMasterSecret { |
| 132 | b.AddUint8(1) |
| 133 | } else { |
| 134 | b.AddUint8(0) |
| 135 | } |
| 136 | if s.EarlyData { |
| 137 | b.AddUint8(1) |
| 138 | } else { |
| 139 | b.AddUint8(0) |
| 140 | } |
| 141 | marshalCertificate(&b, Certificate{ |
| 142 | Certificate: certificatesToBytesSlice(s.peerCertificates), |
| 143 | OCSPStaple: s.ocspResponse, |
| 144 | SignedCertificateTimestamps: s.scts, |
| 145 | }) |
| 146 | b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { |
| 147 | for _, chain := range s.verifiedChains { |
| 148 | b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { |
| 149 | // We elide the first certificate because it's always the leaf. |
| 150 | if len(chain) == 0 { |
| 151 | b.SetError(errors.New("tls: internal error: empty verified chain")) |
| 152 | return |
| 153 | } |
| 154 | for _, cert := range chain[1:] { |
| 155 | b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { |
| 156 | b.AddBytes(cert.Raw) |
| 157 | }) |
| 158 | } |
| 159 | }) |
| 160 | } |
| 161 | }) |
| 162 | if s.EarlyData { |
| 163 | b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { |
| 164 | b.AddBytes([]byte(s.alpnProtocol)) |
| 165 | }) |
| 166 | } |
| 167 | if s.version >= VersionTLS13 { |
| 168 | if s.isClient { |
no test coverage detected