MCPcopy
hub / github.com/XTLS/REALITY / Bytes

Method Bytes

ticket.go:111–176  ·  view source on GitHub ↗

Bytes encodes the session, including any private fields, so that it can be parsed by [ParseSessionState]. The encoding contains secret values critical to the security of future and possibly past sessions. The specific encoding should be considered opaque and may change incompatibly between Go versi

()

Source from the content-addressed store, hash-verified

109// The specific encoding should be considered opaque and may change incompatibly
110// between Go versions.
111func (s *SessionState) Bytes() ([]byte, error) {
112 var b cryptobyte.Builder
113 b.AddUint16(s.version)
114 if s.isClient {
115 b.AddUint8(2) // client
116 } else {
117 b.AddUint8(1) // server
118 }
119 b.AddUint16(s.cipherSuite)
120 addUint64(&b, s.createdAt)
121 b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
122 b.AddBytes(s.secret)
123 })
124 b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
125 for _, extra := range s.Extra {
126 b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
127 b.AddBytes(extra)
128 })
129 }
130 })
131 if s.extMasterSecret {
132 b.AddUint8(1)
133 } else {
134 b.AddUint8(0)
135 }
136 if s.EarlyData {
137 b.AddUint8(1)
138 } else {
139 b.AddUint8(0)
140 }
141 marshalCertificate(&b, Certificate{
142 Certificate: certificatesToBytesSlice(s.peerCertificates),
143 OCSPStaple: s.ocspResponse,
144 SignedCertificateTimestamps: s.scts,
145 })
146 b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
147 for _, chain := range s.verifiedChains {
148 b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
149 // We elide the first certificate because it's always the leaf.
150 if len(chain) == 0 {
151 b.SetError(errors.New("tls: internal error: empty verified chain"))
152 return
153 }
154 for _, cert := range chain[1:] {
155 b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
156 b.AddBytes(cert.Raw)
157 })
158 }
159 })
160 }
161 })
162 if s.EarlyData {
163 b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
164 b.AddBytes([]byte(s.alpnProtocol))
165 })
166 }
167 if s.version >= VersionTLS13 {
168 if s.isClient {

Callers 15

marshalMsgMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80
marshalMethod · 0.80

Calls 3

addUint64Function · 0.85
marshalCertificateFunction · 0.85
certificatesToBytesSliceFunction · 0.85

Tested by

no test coverage detected