Cypherpunks.ru repositories - gostls13.git/commit

author	Filippo Valsorda <filippo@golang.org>
	Sun, 4 Nov 2018 23:41:37 +0000 (18:41 -0500)
committer	Filippo Valsorda <filippo@golang.org>
	Mon, 12 Nov 2018 20:43:23 +0000 (20:43 +0000)
commit	d669cc47ad8bfde5c0a525563803b3cc444fe897
tree	89672d2397df62ebdc3b6aa42f7306b8fb26f91e	tree
parent	dc0be727dc6182fb258f9f1048e9a9eef966c563	commit \| diff

crypto/tls: implement TLS 1.3 PSK authentication (client side)

Also check original certificate validity when resuming TLS 1.0–1.2. Will
refuse to resume a session if the certificate is expired or if the
original connection had InsecureSkipVerify and the resumed one doesn't.

Support only PSK+DHE to protect forward secrecy even with lack of a
strong session ticket rotation story.

Tested with NSS because s_server does not provide any way of getting the
same session ticket key across invocations. Will self-test like TLS
1.0–1.2 once server side is implemented.

Incorporates CL 128477 by @santoshankr.

Fixes #24919
Updates #9671

Change-Id: Id3eaa5b6c77544a1357668bf9ff255f3420ecc34
Reviewed-on: https://go-review.googlesource.com/c/147420
Reviewed-by: Adam Langley <agl@golang.org>

src/crypto/tls/cipher_suites.go		diff \| blob \| history
src/crypto/tls/common.go		diff \| blob \| history
src/crypto/tls/conn.go		diff \| blob \| history
src/crypto/tls/handshake_client.go		diff \| blob \| history
src/crypto/tls/handshake_client_test.go		diff \| blob \| history
src/crypto/tls/handshake_client_tls13.go		diff \| blob \| history
src/crypto/tls/handshake_messages.go		diff \| blob \| history
src/crypto/tls/handshake_server.go		diff \| blob \| history
src/crypto/tls/handshake_server_tls13.go		diff \| blob \| history
src/crypto/tls/key_schedule.go		diff \| blob \| history
src/crypto/tls/prf_test.go		diff \| blob \| history