pax_global_header00006660000000000000000000000064137327766110014527gustar00rootroot0000000000000052 comment=b6a54022314aebf6c2a572cc8624930f6945a2fe golang-github-marten-seemann-qtls-0.10.0/000077500000000000000000000000001373277661100202255ustar00rootroot00000000000000golang-github-marten-seemann-qtls-0.10.0/.circleci/000077500000000000000000000000001373277661100220605ustar00rootroot00000000000000golang-github-marten-seemann-qtls-0.10.0/.circleci/config.yml000066400000000000000000000011651373277661100240530ustar00rootroot00000000000000version: 2.1 jobs: "test": &test docker: - image: "circleci/golang:1.14" working_directory: /go/src/github.com/marten-seemann/qtls steps: - checkout - run: name: "Setup build environment" command: | go get -t ./... - run: name: "Build infos" command: | echo $GOARCH go version - run: name: "Run tests" command: go test - run: name: "Run tests with race detector" command: go test -race go114: <<: *test workflows: workflow: jobs: - go114 golang-github-marten-seemann-qtls-0.10.0/LICENSE000066400000000000000000000027071373277661100212400ustar00rootroot00000000000000Copyright (c) 2009 The Go Authors. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Google Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. golang-github-marten-seemann-qtls-0.10.0/README.md000066400000000000000000000010161373277661100215020ustar00rootroot00000000000000# qtls [![Godoc Reference](https://img.shields.io/badge/godoc-reference-blue.svg?style=flat-square)](https://godoc.org/github.com/marten-seemann/qtls) [![CircleCI Build Status](https://img.shields.io/circleci/project/github/marten-seemann/qtls.svg?style=flat-square&label=CircleCI+build)](https://circleci.com/gh/marten-seemann/qtls) This repository contains a modified version of the standard library's TLS implementation, modified for the QUIC protocol. It is used by [quic-go](https://github.com/lucas-clemente/quic-go). golang-github-marten-seemann-qtls-0.10.0/alert.go000066400000000000000000000060171373277661100216670ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import "strconv" type alert uint8 // Alert is a TLS alert type Alert = alert const ( // alert level alertLevelWarning = 1 alertLevelError = 2 ) const ( alertCloseNotify alert = 0 alertUnexpectedMessage alert = 10 alertBadRecordMAC alert = 20 alertDecryptionFailed alert = 21 alertRecordOverflow alert = 22 alertDecompressionFailure alert = 30 alertHandshakeFailure alert = 40 alertBadCertificate alert = 42 alertUnsupportedCertificate alert = 43 alertCertificateRevoked alert = 44 alertCertificateExpired alert = 45 alertCertificateUnknown alert = 46 alertIllegalParameter alert = 47 alertUnknownCA alert = 48 alertAccessDenied alert = 49 alertDecodeError alert = 50 alertDecryptError alert = 51 alertProtocolVersion alert = 70 alertInsufficientSecurity alert = 71 alertInternalError alert = 80 alertInappropriateFallback alert = 86 alertUserCanceled alert = 90 alertNoRenegotiation alert = 100 alertMissingExtension alert = 109 alertUnsupportedExtension alert = 110 alertUnrecognizedName alert = 112 alertNoApplicationProtocol alert = 120 ) var alertText = map[alert]string{ alertCloseNotify: "close notify", alertUnexpectedMessage: "unexpected message", alertBadRecordMAC: "bad record MAC", alertDecryptionFailed: "decryption failed", alertRecordOverflow: "record overflow", alertDecompressionFailure: "decompression failure", alertHandshakeFailure: "handshake failure", alertBadCertificate: "bad certificate", alertUnsupportedCertificate: "unsupported certificate", alertCertificateRevoked: "revoked certificate", alertCertificateExpired: "expired certificate", alertCertificateUnknown: "unknown certificate", alertIllegalParameter: "illegal parameter", alertUnknownCA: "unknown certificate authority", alertAccessDenied: "access denied", alertDecodeError: "error decoding message", alertDecryptError: "error decrypting message", alertProtocolVersion: "protocol version not supported", alertInsufficientSecurity: "insufficient security level", alertInternalError: "internal error", alertInappropriateFallback: "inappropriate fallback", alertUserCanceled: "user canceled", alertNoRenegotiation: "no renegotiation", alertMissingExtension: "missing extension", alertUnsupportedExtension: "unsupported extension", alertUnrecognizedName: "unrecognized name", alertNoApplicationProtocol: "no application protocol", } func (e alert) String() string { s, ok := alertText[e] if ok { return "tls: " + s } return "tls: alert(" + strconv.Itoa(int(e)) + ")" } func (e alert) Error() string { return e.String() } golang-github-marten-seemann-qtls-0.10.0/auth.go000066400000000000000000000241141373277661100215170ustar00rootroot00000000000000// Copyright 2017 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto" "crypto/ecdsa" "crypto/ed25519" "crypto/elliptic" "crypto/rsa" "encoding/asn1" "errors" "fmt" "hash" "io" ) // verifyHandshakeSignature verifies a signature against pre-hashed // (if required) handshake contents. func verifyHandshakeSignature(sigType uint8, pubkey crypto.PublicKey, hashFunc crypto.Hash, signed, sig []byte) error { switch sigType { case signatureECDSA: pubKey, ok := pubkey.(*ecdsa.PublicKey) if !ok { return fmt.Errorf("expected an ECDSA public key, got %T", pubkey) } ecdsaSig := new(ecdsaSignature) if _, err := asn1.Unmarshal(sig, ecdsaSig); err != nil { return err } if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 { return errors.New("ECDSA signature contained zero or negative values") } if !ecdsa.Verify(pubKey, signed, ecdsaSig.R, ecdsaSig.S) { return errors.New("ECDSA verification failure") } case signatureEd25519: pubKey, ok := pubkey.(ed25519.PublicKey) if !ok { return fmt.Errorf("expected an Ed25519 public key, got %T", pubkey) } if !ed25519.Verify(pubKey, signed, sig) { return errors.New("Ed25519 verification failure") } case signaturePKCS1v15: pubKey, ok := pubkey.(*rsa.PublicKey) if !ok { return fmt.Errorf("expected an RSA public key, got %T", pubkey) } if err := rsa.VerifyPKCS1v15(pubKey, hashFunc, signed, sig); err != nil { return err } case signatureRSAPSS: pubKey, ok := pubkey.(*rsa.PublicKey) if !ok { return fmt.Errorf("expected an RSA public key, got %T", pubkey) } signOpts := &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash} if err := rsa.VerifyPSS(pubKey, hashFunc, signed, sig, signOpts); err != nil { return err } default: return errors.New("internal error: unknown signature type") } return nil } const ( serverSignatureContext = "TLS 1.3, server CertificateVerify\x00" clientSignatureContext = "TLS 1.3, client CertificateVerify\x00" ) var signaturePadding = []byte{ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, } // signedMessage returns the pre-hashed (if necessary) message to be signed by // certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3. func signedMessage(sigHash crypto.Hash, context string, transcript hash.Hash) []byte { if sigHash == directSigning { b := &bytes.Buffer{} b.Write(signaturePadding) io.WriteString(b, context) b.Write(transcript.Sum(nil)) return b.Bytes() } h := sigHash.New() h.Write(signaturePadding) io.WriteString(h, context) h.Write(transcript.Sum(nil)) return h.Sum(nil) } // typeAndHashFromSignatureScheme returns the corresponding signature type and // crypto.Hash for a given TLS SignatureScheme. func typeAndHashFromSignatureScheme(signatureAlgorithm SignatureScheme) (sigType uint8, hash crypto.Hash, err error) { switch signatureAlgorithm { case PKCS1WithSHA1, PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512: sigType = signaturePKCS1v15 case PSSWithSHA256, PSSWithSHA384, PSSWithSHA512: sigType = signatureRSAPSS case ECDSAWithSHA1, ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512: sigType = signatureECDSA case Ed25519: sigType = signatureEd25519 default: return 0, 0, fmt.Errorf("unsupported signature algorithm: %#04x", signatureAlgorithm) } switch signatureAlgorithm { case PKCS1WithSHA1, ECDSAWithSHA1: hash = crypto.SHA1 case PKCS1WithSHA256, PSSWithSHA256, ECDSAWithP256AndSHA256: hash = crypto.SHA256 case PKCS1WithSHA384, PSSWithSHA384, ECDSAWithP384AndSHA384: hash = crypto.SHA384 case PKCS1WithSHA512, PSSWithSHA512, ECDSAWithP521AndSHA512: hash = crypto.SHA512 case Ed25519: hash = directSigning default: return 0, 0, fmt.Errorf("unsupported signature algorithm: %#04x", signatureAlgorithm) } return sigType, hash, nil } // legacyTypeAndHashFromPublicKey returns the fixed signature type and crypto.Hash for // a given public key used with TLS 1.0 and 1.1, before the introduction of // signature algorithm negotiation. func legacyTypeAndHashFromPublicKey(pub crypto.PublicKey) (sigType uint8, hash crypto.Hash, err error) { switch pub.(type) { case *rsa.PublicKey: return signaturePKCS1v15, crypto.MD5SHA1, nil case *ecdsa.PublicKey: return signatureECDSA, crypto.SHA1, nil case ed25519.PublicKey: // RFC 8422 specifies support for Ed25519 in TLS 1.0 and 1.1, // but it requires holding on to a handshake transcript to do a // full signature, and not even OpenSSL bothers with the // complexity, so we can't even test it properly. return 0, 0, fmt.Errorf("tls: Ed25519 public keys are not supported before TLS 1.2") default: return 0, 0, fmt.Errorf("tls: unsupported public key: %T", pub) } } var rsaSignatureSchemes = []struct { scheme SignatureScheme minModulusBytes int maxVersion uint16 }{ // RSA-PSS is used with PSSSaltLengthEqualsHash, and requires // emLen >= hLen + sLen + 2 {PSSWithSHA256, crypto.SHA256.Size()*2 + 2, VersionTLS13}, {PSSWithSHA384, crypto.SHA384.Size()*2 + 2, VersionTLS13}, {PSSWithSHA512, crypto.SHA512.Size()*2 + 2, VersionTLS13}, // PKCS#1 v1.5 uses prefixes from hashPrefixes in crypto/rsa, and requires // emLen >= len(prefix) + hLen + 11 // TLS 1.3 dropped support for PKCS#1 v1.5 in favor of RSA-PSS. {PKCS1WithSHA256, 19 + crypto.SHA256.Size() + 11, VersionTLS12}, {PKCS1WithSHA384, 19 + crypto.SHA384.Size() + 11, VersionTLS12}, {PKCS1WithSHA512, 19 + crypto.SHA512.Size() + 11, VersionTLS12}, {PKCS1WithSHA1, 15 + crypto.SHA1.Size() + 11, VersionTLS12}, } // signatureSchemesForCertificate returns the list of supported SignatureSchemes // for a given certificate, based on the public key and the protocol version, // and optionally filtered by its explicit SupportedSignatureAlgorithms. // // This function must be kept in sync with supportedSignatureAlgorithms. func signatureSchemesForCertificate(version uint16, cert *Certificate) []SignatureScheme { priv, ok := cert.PrivateKey.(crypto.Signer) if !ok { return nil } var sigAlgs []SignatureScheme switch pub := priv.Public().(type) { case *ecdsa.PublicKey: if version != VersionTLS13 { // In TLS 1.2 and earlier, ECDSA algorithms are not // constrained to a single curve. sigAlgs = []SignatureScheme{ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512, ECDSAWithSHA1, } break } switch pub.Curve { case elliptic.P256(): sigAlgs = []SignatureScheme{ECDSAWithP256AndSHA256} case elliptic.P384(): sigAlgs = []SignatureScheme{ECDSAWithP384AndSHA384} case elliptic.P521(): sigAlgs = []SignatureScheme{ECDSAWithP521AndSHA512} default: return nil } case *rsa.PublicKey: size := pub.Size() sigAlgs = make([]SignatureScheme, 0, len(rsaSignatureSchemes)) for _, candidate := range rsaSignatureSchemes { if size >= candidate.minModulusBytes && version <= candidate.maxVersion { sigAlgs = append(sigAlgs, candidate.scheme) } } case ed25519.PublicKey: sigAlgs = []SignatureScheme{Ed25519} default: return nil } if cert.SupportedSignatureAlgorithms != nil { var filteredSigAlgs []SignatureScheme for _, sigAlg := range sigAlgs { if isSupportedSignatureAlgorithm(sigAlg, cert.SupportedSignatureAlgorithms) { filteredSigAlgs = append(filteredSigAlgs, sigAlg) } } return filteredSigAlgs } return sigAlgs } // selectSignatureScheme picks a SignatureScheme from the peer's preference list // that works with the selected certificate. It's only called for protocol // versions that support signature algorithms, so TLS 1.2 and 1.3. func selectSignatureScheme(vers uint16, c *Certificate, peerAlgs []SignatureScheme) (SignatureScheme, error) { supportedAlgs := signatureSchemesForCertificate(vers, c) if len(supportedAlgs) == 0 { return 0, unsupportedCertificateError(c) } if len(peerAlgs) == 0 && vers == VersionTLS12 { // For TLS 1.2, if the client didn't send signature_algorithms then we // can assume that it supports SHA1. See RFC 5246, Section 7.4.1.4.1. peerAlgs = []SignatureScheme{PKCS1WithSHA1, ECDSAWithSHA1} } // Pick signature scheme in the peer's preference order, as our // preference order is not configurable. for _, preferredAlg := range peerAlgs { if isSupportedSignatureAlgorithm(preferredAlg, supportedAlgs) { return preferredAlg, nil } } return 0, errors.New("tls: peer doesn't support any of the certificate's signature algorithms") } // unsupportedCertificateError returns a helpful error for certificates with // an unsupported private key. func unsupportedCertificateError(cert *Certificate) error { switch cert.PrivateKey.(type) { case rsa.PrivateKey, ecdsa.PrivateKey: return fmt.Errorf("tls: unsupported certificate: private key is %T, expected *%T", cert.PrivateKey, cert.PrivateKey) case *ed25519.PrivateKey: return fmt.Errorf("tls: unsupported certificate: private key is *ed25519.PrivateKey, expected ed25519.PrivateKey") } signer, ok := cert.PrivateKey.(crypto.Signer) if !ok { return fmt.Errorf("tls: certificate private key (%T) does not implement crypto.Signer", cert.PrivateKey) } switch pub := signer.Public().(type) { case *ecdsa.PublicKey: switch pub.Curve { case elliptic.P256(): case elliptic.P384(): case elliptic.P521(): default: return fmt.Errorf("tls: unsupported certificate curve (%s)", pub.Curve.Params().Name) } case *rsa.PublicKey: return fmt.Errorf("tls: certificate RSA key size too small for supported signature algorithms") case ed25519.PublicKey: default: return fmt.Errorf("tls: unsupported certificate key (%T)", pub) } if cert.SupportedSignatureAlgorithms != nil { return fmt.Errorf("tls: peer doesn't support the certificate custom signature algorithms") } return fmt.Errorf("tls: internal error: unsupported key (%T)", cert.PrivateKey) } golang-github-marten-seemann-qtls-0.10.0/auth_test.go000066400000000000000000000156011373277661100225570ustar00rootroot00000000000000// Copyright 2017 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "crypto" "testing" ) func TestSignatureSelection(t *testing.T) { rsaCert := &Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, } pkcs1Cert := &Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, SupportedSignatureAlgorithms: []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, } ecdsaCert := &Certificate{ Certificate: [][]byte{testP256Certificate}, PrivateKey: testP256PrivateKey, } ed25519Cert := &Certificate{ Certificate: [][]byte{testEd25519Certificate}, PrivateKey: testEd25519PrivateKey, } tests := []struct { cert *Certificate peerSigAlgs []SignatureScheme tlsVersion uint16 expectedSigAlg SignatureScheme expectedSigType uint8 expectedHash crypto.Hash }{ {rsaCert, []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, crypto.SHA1}, {rsaCert, []SignatureScheme{PKCS1WithSHA512, PKCS1WithSHA1}, VersionTLS12, PKCS1WithSHA512, signaturePKCS1v15, crypto.SHA512}, {rsaCert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS12, PSSWithSHA256, signatureRSAPSS, crypto.SHA256}, {pkcs1Cert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS12, PKCS1WithSHA256, signaturePKCS1v15, crypto.SHA256}, {rsaCert, []SignatureScheme{PSSWithSHA384, PKCS1WithSHA1}, VersionTLS13, PSSWithSHA384, signatureRSAPSS, crypto.SHA384}, {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, VersionTLS12, ECDSAWithSHA1, signatureECDSA, crypto.SHA1}, {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, VersionTLS12, ECDSAWithP256AndSHA256, signatureECDSA, crypto.SHA256}, {ecdsaCert, []SignatureScheme{ECDSAWithP256AndSHA256}, VersionTLS13, ECDSAWithP256AndSHA256, signatureECDSA, crypto.SHA256}, {ed25519Cert, []SignatureScheme{Ed25519}, VersionTLS12, Ed25519, signatureEd25519, directSigning}, {ed25519Cert, []SignatureScheme{Ed25519}, VersionTLS13, Ed25519, signatureEd25519, directSigning}, // TLS 1.2 without signature_algorithms extension {rsaCert, nil, VersionTLS12, PKCS1WithSHA1, signaturePKCS1v15, crypto.SHA1}, {ecdsaCert, nil, VersionTLS12, ECDSAWithSHA1, signatureECDSA, crypto.SHA1}, // TLS 1.2 does not restrict the ECDSA curve (our ecdsaCert is P-256) {ecdsaCert, []SignatureScheme{ECDSAWithP384AndSHA384}, VersionTLS12, ECDSAWithP384AndSHA384, signatureECDSA, crypto.SHA384}, } for testNo, test := range tests { sigAlg, err := selectSignatureScheme(test.tlsVersion, test.cert, test.peerSigAlgs) if err != nil { t.Errorf("test[%d]: unexpected selectSignatureScheme error: %v", testNo, err) } if test.expectedSigAlg != sigAlg { t.Errorf("test[%d]: expected signature scheme %#x, got %#x", testNo, test.expectedSigAlg, sigAlg) } sigType, hashFunc, err := typeAndHashFromSignatureScheme(sigAlg) if err != nil { t.Errorf("test[%d]: unexpected typeAndHashFromSignatureScheme error: %v", testNo, err) } if test.expectedSigType != sigType { t.Errorf("test[%d]: expected signature algorithm %#x, got %#x", testNo, test.expectedSigType, sigType) } if test.expectedHash != hashFunc { t.Errorf("test[%d]: expected hash function %#x, got %#x", testNo, test.expectedHash, hashFunc) } } brokenCert := &Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, SupportedSignatureAlgorithms: []SignatureScheme{Ed25519}, } badTests := []struct { cert *Certificate peerSigAlgs []SignatureScheme tlsVersion uint16 }{ {rsaCert, []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}, VersionTLS12}, {ecdsaCert, []SignatureScheme{PKCS1WithSHA256, PKCS1WithSHA1}, VersionTLS12}, {rsaCert, []SignatureScheme{0}, VersionTLS12}, {ed25519Cert, []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithSHA1}, VersionTLS12}, {ecdsaCert, []SignatureScheme{Ed25519}, VersionTLS12}, {brokenCert, []SignatureScheme{Ed25519}, VersionTLS12}, {brokenCert, []SignatureScheme{PKCS1WithSHA256}, VersionTLS12}, // RFC 5246, Section 7.4.1.4.1, says to only consider {sha1,ecdsa} as // default when the extension is missing, and RFC 8422 does not update // it. Anyway, if a stack supports Ed25519 it better support sigalgs. {ed25519Cert, nil, VersionTLS12}, // TLS 1.3 has no default signature_algorithms. {rsaCert, nil, VersionTLS13}, {ecdsaCert, nil, VersionTLS13}, {ed25519Cert, nil, VersionTLS13}, // Wrong curve, which TLS 1.3 checks {ecdsaCert, []SignatureScheme{ECDSAWithP384AndSHA384}, VersionTLS13}, // TLS 1.3 does not support PKCS1v1.5 or SHA-1. {rsaCert, []SignatureScheme{PKCS1WithSHA256}, VersionTLS13}, {pkcs1Cert, []SignatureScheme{PSSWithSHA256, PKCS1WithSHA256}, VersionTLS13}, {ecdsaCert, []SignatureScheme{ECDSAWithSHA1}, VersionTLS13}, // The key can be too small for the hash. {rsaCert, []SignatureScheme{PSSWithSHA512}, VersionTLS12}, } for testNo, test := range badTests { sigAlg, err := selectSignatureScheme(test.tlsVersion, test.cert, test.peerSigAlgs) if err == nil { t.Errorf("test[%d]: unexpected success, got %#x", testNo, sigAlg) } } } func TestLegacyTypeAndHash(t *testing.T) { sigType, hashFunc, err := legacyTypeAndHashFromPublicKey(testRSAPrivateKey.Public()) if err != nil { t.Errorf("RSA: unexpected error: %v", err) } if expectedSigType := signaturePKCS1v15; expectedSigType != sigType { t.Errorf("RSA: expected signature type %#x, got %#x", expectedSigType, sigType) } if expectedHashFunc := crypto.MD5SHA1; expectedHashFunc != hashFunc { t.Errorf("RSA: expected hash %#x, got %#x", expectedHashFunc, sigType) } sigType, hashFunc, err = legacyTypeAndHashFromPublicKey(testECDSAPrivateKey.Public()) if err != nil { t.Errorf("ECDSA: unexpected error: %v", err) } if expectedSigType := signatureECDSA; expectedSigType != sigType { t.Errorf("ECDSA: expected signature type %#x, got %#x", expectedSigType, sigType) } if expectedHashFunc := crypto.SHA1; expectedHashFunc != hashFunc { t.Errorf("ECDSA: expected hash %#x, got %#x", expectedHashFunc, sigType) } // Ed25519 is not supported by TLS 1.0 and 1.1. _, _, err = legacyTypeAndHashFromPublicKey(testEd25519PrivateKey.Public()) if err == nil { t.Errorf("Ed25519: unexpected success") } } // TestSupportedSignatureAlgorithms checks that all supportedSignatureAlgorithms // have valid type and hash information. func TestSupportedSignatureAlgorithms(t *testing.T) { for _, sigAlg := range supportedSignatureAlgorithms { sigType, hash, err := typeAndHashFromSignatureScheme(sigAlg) if err != nil { t.Errorf("%#04x: unexpected error: %v", sigAlg, err) } if sigType == 0 { t.Errorf("%#04x: missing signature type", sigAlg) } if hash == 0 && sigAlg != Ed25519 { t.Errorf("%#04x: missing hash", sigAlg) } } } golang-github-marten-seemann-qtls-0.10.0/cipher_suites.go000066400000000000000000000476211373277661100234340ustar00rootroot00000000000000// Copyright 2010 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "crypto" "crypto/aes" "crypto/cipher" "crypto/des" "crypto/hmac" "crypto/rc4" "crypto/sha1" "crypto/sha256" "crypto/x509" "fmt" "hash" "golang.org/x/crypto/chacha20poly1305" ) // CipherSuite is a TLS cipher suite. Note that most functions in this package // accept and expose cipher suite IDs instead of this type. type CipherSuite struct { ID uint16 Name string // Supported versions is the list of TLS protocol versions that can // negotiate this cipher suite. SupportedVersions []uint16 // Insecure is true if the cipher suite has known security issues // due to its primitives, design, or implementation. Insecure bool } var ( supportedUpToTLS12 = []uint16{VersionTLS10, VersionTLS11, VersionTLS12} supportedOnlyTLS12 = []uint16{VersionTLS12} supportedOnlyTLS13 = []uint16{VersionTLS13} ) // CipherSuites returns a list of cipher suites currently implemented by this // package, excluding those with security issues, which are returned by // InsecureCipherSuites. // // The list is sorted by ID. Note that the default cipher suites selected by // this package might depend on logic that can't be captured by a static list. func CipherSuites() []*CipherSuite { return []*CipherSuite{ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, false}, {TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false}, {TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false}, {TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false}, {TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false}, {TLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256", supportedOnlyTLS13, false}, {TLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384", supportedOnlyTLS13, false}, {TLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256", supportedOnlyTLS13, false}, {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false}, {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false}, {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, false}, {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false}, {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false}, {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false}, {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false}, {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false}, {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false}, {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false}, {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false}, } } // InsecureCipherSuites returns a list of cipher suites currently implemented by // this package and which have security issues. // // Most applications should not use the cipher suites in this list, and should // only use those returned by CipherSuites. func InsecureCipherSuites() []*CipherSuite { // RC4 suites are broken because RC4 is. // CBC-SHA256 suites have no Lucky13 countermeasures. return []*CipherSuite{ {TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true}, {TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true}, {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", supportedUpToTLS12, true}, {TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS_ECDHE_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true}, {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true}, {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true}, } } // CipherSuiteName returns the standard name for the passed cipher suite ID // (e.g. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"), or a fallback representation // of the ID value if the cipher suite is not implemented by this package. func CipherSuiteName(id uint16) string { for _, c := range CipherSuites() { if c.ID == id { return c.Name } } for _, c := range InsecureCipherSuites() { if c.ID == id { return c.Name } } return fmt.Sprintf("0x%04X", id) } // a keyAgreement implements the client and server side of a TLS key agreement // protocol by generating and processing key exchange messages. type keyAgreement interface { // On the server side, the first two methods are called in order. // In the case that the key agreement protocol doesn't use a // ServerKeyExchange message, generateServerKeyExchange can return nil, // nil. generateServerKeyExchange(*Config, *Certificate, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error) processClientKeyExchange(*Config, *Certificate, *clientKeyExchangeMsg, uint16) ([]byte, error) // On the client side, the next two methods are called in order. // This method may not be called if the server doesn't send a // ServerKeyExchange message. processServerKeyExchange(*Config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error generateClientKeyExchange(*Config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) } const ( // suiteECDHE indicates that the cipher suite involves elliptic curve // Diffie-Hellman. This means that it should only be selected when the // client indicates that it supports ECC with a curve and point format // that we're happy with. suiteECDHE = 1 << iota // suiteECSign indicates that the cipher suite involves an ECDSA or // EdDSA signature and therefore may only be selected when the server's // certificate is ECDSA or EdDSA. If this is not set then the cipher suite // is RSA based. suiteECSign // suiteTLS12 indicates that the cipher suite should only be advertised // and accepted when using TLS 1.2. suiteTLS12 // suiteSHA384 indicates that the cipher suite uses SHA384 as the // handshake hash. suiteSHA384 // suiteDefaultOff indicates that this cipher suite is not included by // default. suiteDefaultOff ) // A cipherSuite is a specific combination of key agreement, cipher and MAC function. type cipherSuite struct { id uint16 // the lengths, in bytes, of the key material needed for each component. keyLen int macLen int ivLen int ka func(version uint16) keyAgreement // flags is a bitmask of the suite* values, above. flags int cipher func(key, iv []byte, isRead bool) interface{} mac func(version uint16, macKey []byte) macFunction aead func(key, fixedNonce []byte) aead } var cipherSuites = []*cipherSuite{ // Ciphersuite order is chosen so that ECDHE comes before plain RSA and // AEADs are the top preference. {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadChaCha20Poly1305}, {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadChaCha20Poly1305}, {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadAESGCM}, {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadAESGCM}, {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil}, {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil}, {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil}, {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil}, {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil}, {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil}, {TLS_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, rsaKA, suiteTLS12, nil, nil, aeadAESGCM}, {TLS_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, rsaKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM}, {TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil}, {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil}, {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil}, {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil}, {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, 0, cipher3DES, macSHA1, nil}, // RC4-based cipher suites are disabled by default. {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, suiteDefaultOff, cipherRC4, macSHA1, nil}, {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, suiteECDHE | suiteDefaultOff, cipherRC4, macSHA1, nil}, {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteDefaultOff, cipherRC4, macSHA1, nil}, } // selectCipherSuite returns the first cipher suite from ids which is also in // supportedIDs and passes the ok filter. func selectCipherSuite(ids, supportedIDs []uint16, ok func(*cipherSuite) bool) *cipherSuite { for _, id := range ids { candidate := cipherSuiteByID(id) if candidate == nil || !ok(candidate) { continue } for _, suppID := range supportedIDs { if id == suppID { return candidate } } } return nil } // A cipherSuiteTLS13 defines only the pair of the AEAD algorithm and hash // algorithm to be used with HKDF. See RFC 8446, Appendix B.4. type cipherSuiteTLS13 struct { id uint16 keyLen int aead func(key, fixedNonce []byte) aead hash crypto.Hash } type CipherSuiteTLS13 struct { ID uint16 KeyLen int Hash crypto.Hash AEAD func(key, fixedNonce []byte) cipher.AEAD } func (c *CipherSuiteTLS13) IVLen() int { return aeadNonceLength } var cipherSuitesTLS13 = []*cipherSuiteTLS13{ {TLS_AES_128_GCM_SHA256, 16, aeadAESGCMTLS13, crypto.SHA256}, {TLS_CHACHA20_POLY1305_SHA256, 32, aeadChaCha20Poly1305, crypto.SHA256}, {TLS_AES_256_GCM_SHA384, 32, aeadAESGCMTLS13, crypto.SHA384}, } func cipherRC4(key, iv []byte, isRead bool) interface{} { cipher, _ := rc4.NewCipher(key) return cipher } func cipher3DES(key, iv []byte, isRead bool) interface{} { block, _ := des.NewTripleDESCipher(key) if isRead { return cipher.NewCBCDecrypter(block, iv) } return cipher.NewCBCEncrypter(block, iv) } func cipherAES(key, iv []byte, isRead bool) interface{} { block, _ := aes.NewCipher(key) if isRead { return cipher.NewCBCDecrypter(block, iv) } return cipher.NewCBCEncrypter(block, iv) } // macSHA1 returns a macFunction for the given protocol version. func macSHA1(version uint16, key []byte) macFunction { return tls10MAC{h: hmac.New(newConstantTimeHash(sha1.New), key)} } // macSHA256 returns a SHA-256 based MAC. These are only supported in TLS 1.2 // so the given version is ignored. func macSHA256(version uint16, key []byte) macFunction { return tls10MAC{h: hmac.New(sha256.New, key)} } type macFunction interface { // Size returns the length of the MAC. Size() int // MAC appends the MAC of (seq, header, data) to out. The extra data is fed // into the MAC after obtaining the result to normalize timing. The result // is only valid until the next invocation of MAC as the buffer is reused. MAC(seq, header, data, extra []byte) []byte } type aead interface { cipher.AEAD // explicitNonceLen returns the number of bytes of explicit nonce // included in each record. This is eight for older AEADs and // zero for modern ones. explicitNonceLen() int } const ( aeadNonceLength = 12 noncePrefixLength = 4 ) // prefixNonceAEAD wraps an AEAD and prefixes a fixed portion of the nonce to // each call. type prefixNonceAEAD struct { // nonce contains the fixed part of the nonce in the first four bytes. nonce [aeadNonceLength]byte aead cipher.AEAD } func (f *prefixNonceAEAD) NonceSize() int { return aeadNonceLength - noncePrefixLength } func (f *prefixNonceAEAD) Overhead() int { return f.aead.Overhead() } func (f *prefixNonceAEAD) explicitNonceLen() int { return f.NonceSize() } func (f *prefixNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte { copy(f.nonce[4:], nonce) return f.aead.Seal(out, f.nonce[:], plaintext, additionalData) } func (f *prefixNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) { copy(f.nonce[4:], nonce) return f.aead.Open(out, f.nonce[:], ciphertext, additionalData) } // xoredNonceAEAD wraps an AEAD by XORing in a fixed pattern to the nonce // before each call. type xorNonceAEAD struct { nonceMask [aeadNonceLength]byte aead cipher.AEAD } func (f *xorNonceAEAD) NonceSize() int { return 8 } // 64-bit sequence number func (f *xorNonceAEAD) Overhead() int { return f.aead.Overhead() } func (f *xorNonceAEAD) explicitNonceLen() int { return 0 } func (f *xorNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte { for i, b := range nonce { f.nonceMask[4+i] ^= b } result := f.aead.Seal(out, f.nonceMask[:], plaintext, additionalData) for i, b := range nonce { f.nonceMask[4+i] ^= b } return result } func (f *xorNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) { for i, b := range nonce { f.nonceMask[4+i] ^= b } result, err := f.aead.Open(out, f.nonceMask[:], ciphertext, additionalData) for i, b := range nonce { f.nonceMask[4+i] ^= b } return result, err } func aeadAESGCM(key, noncePrefix []byte) aead { if len(noncePrefix) != noncePrefixLength { panic("tls: internal error: wrong nonce length") } aes, err := aes.NewCipher(key) if err != nil { panic(err) } aead, err := cipher.NewGCM(aes) if err != nil { panic(err) } ret := &prefixNonceAEAD{aead: aead} copy(ret.nonce[:], noncePrefix) return ret } // AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3 func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD { return aeadAESGCMTLS13(key, fixedNonce) } func aeadAESGCMTLS13(key, nonceMask []byte) aead { if len(nonceMask) != aeadNonceLength { panic("tls: internal error: wrong nonce length") } aes, err := aes.NewCipher(key) if err != nil { panic(err) } aead, err := cipher.NewGCM(aes) if err != nil { panic(err) } ret := &xorNonceAEAD{aead: aead} copy(ret.nonceMask[:], nonceMask) return ret } func aeadChaCha20Poly1305(key, nonceMask []byte) aead { if len(nonceMask) != aeadNonceLength { panic("tls: internal error: wrong nonce length") } aead, err := chacha20poly1305.New(key) if err != nil { panic(err) } ret := &xorNonceAEAD{aead: aead} copy(ret.nonceMask[:], nonceMask) return ret } type constantTimeHash interface { hash.Hash ConstantTimeSum(b []byte) []byte } // cthWrapper wraps any hash.Hash that implements ConstantTimeSum, and replaces // with that all calls to Sum. It's used to obtain a ConstantTimeSum-based HMAC. type cthWrapper struct { h constantTimeHash } func (c *cthWrapper) Size() int { return c.h.Size() } func (c *cthWrapper) BlockSize() int { return c.h.BlockSize() } func (c *cthWrapper) Reset() { c.h.Reset() } func (c *cthWrapper) Write(p []byte) (int, error) { return c.h.Write(p) } func (c *cthWrapper) Sum(b []byte) []byte { return c.h.ConstantTimeSum(b) } func newConstantTimeHash(h func() hash.Hash) func() hash.Hash { return func() hash.Hash { return &cthWrapper{h().(constantTimeHash)} } } // tls10MAC implements the TLS 1.0 MAC function. RFC 2246, Section 6.2.3. type tls10MAC struct { h hash.Hash buf []byte } func (s tls10MAC) Size() int { return s.h.Size() } // MAC is guaranteed to take constant time, as long as // len(seq)+len(header)+len(data)+len(extra) is constant. extra is not fed into // the MAC, but is only provided to make the timing profile constant. func (s tls10MAC) MAC(seq, header, data, extra []byte) []byte { s.h.Reset() s.h.Write(seq) s.h.Write(header) s.h.Write(data) res := s.h.Sum(s.buf[:0]) if extra != nil { s.h.Write(extra) } return res } func rsaKA(version uint16) keyAgreement { return rsaKeyAgreement{} } func ecdheECDSAKA(version uint16) keyAgreement { return &ecdheKeyAgreement{ isRSA: false, version: version, } } func ecdheRSAKA(version uint16) keyAgreement { return &ecdheKeyAgreement{ isRSA: true, version: version, } } // mutualCipherSuite returns a cipherSuite given a list of supported // ciphersuites and the id requested by the peer. func mutualCipherSuite(have []uint16, want uint16) *cipherSuite { for _, id := range have { if id == want { return cipherSuiteByID(id) } } return nil } func cipherSuiteByID(id uint16) *cipherSuite { for _, cipherSuite := range cipherSuites { if cipherSuite.id == id { return cipherSuite } } return nil } func mutualCipherSuiteTLS13(have []uint16, want uint16) *cipherSuiteTLS13 { for _, id := range have { if id == want { return cipherSuiteTLS13ByID(id) } } return nil } func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 { for _, cipherSuite := range cipherSuitesTLS13 { if cipherSuite.id == id { return cipherSuite } } return nil } // A list of cipher suite IDs that are, or have been, implemented by this // package. // // See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml const ( // TLS 1.0 - 1.2 cipher suites. TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005 TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035 TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xc011 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc023 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc027 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca8 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca9 // TLS 1.3 cipher suites. TLS_AES_128_GCM_SHA256 uint16 = 0x1301 TLS_AES_256_GCM_SHA384 uint16 = 0x1302 TLS_CHACHA20_POLY1305_SHA256 uint16 = 0x1303 // TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator // that the client is doing version fallback. See RFC 7507. TLS_FALLBACK_SCSV uint16 = 0x5600 // Legacy names for the corresponding cipher suites with the correct _SHA256 // suffix, retained for backward compatibility. TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 ) golang-github-marten-seemann-qtls-0.10.0/common.go000066400000000000000000001441541373277661100220550ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "container/list" "crypto" "crypto/ecdsa" "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" "crypto/sha512" "crypto/tls" "crypto/x509" "errors" "fmt" "io" "math/big" "net" "strings" "sync" "time" "golang.org/x/sys/cpu" ) const ( VersionTLS10 = 0x0301 VersionTLS11 = 0x0302 VersionTLS12 = 0x0303 VersionTLS13 = 0x0304 // Deprecated: SSLv3 is cryptographically broken, and is no longer // supported by this package. See golang.org/issue/32716. VersionSSL30 = 0x0300 ) const ( maxPlaintext = 16384 // maximum plaintext payload length maxCiphertext = 16384 + 2048 // maximum ciphertext payload length maxCiphertextTLS13 = 16384 + 256 // maximum ciphertext length in TLS 1.3 recordHeaderLen = 5 // record header length maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB) maxUselessRecords = 16 // maximum number of consecutive non-advancing records ) // TLS record types. type recordType uint8 const ( recordTypeChangeCipherSpec recordType = 20 recordTypeAlert recordType = 21 recordTypeHandshake recordType = 22 recordTypeApplicationData recordType = 23 ) // TLS handshake message types. const ( typeHelloRequest uint8 = 0 typeClientHello uint8 = 1 typeServerHello uint8 = 2 typeNewSessionTicket uint8 = 4 typeEndOfEarlyData uint8 = 5 typeEncryptedExtensions uint8 = 8 typeCertificate uint8 = 11 typeServerKeyExchange uint8 = 12 typeCertificateRequest uint8 = 13 typeServerHelloDone uint8 = 14 typeCertificateVerify uint8 = 15 typeClientKeyExchange uint8 = 16 typeFinished uint8 = 20 typeCertificateStatus uint8 = 22 typeKeyUpdate uint8 = 24 typeNextProtocol uint8 = 67 // Not IANA assigned typeMessageHash uint8 = 254 // synthetic message ) // TLS compression types. const ( compressionNone uint8 = 0 ) type Extension struct { Type uint16 Data []byte } // TLS extension numbers const ( extensionServerName uint16 = 0 extensionStatusRequest uint16 = 5 extensionSupportedCurves uint16 = 10 // supported_groups in TLS 1.3, see RFC 8446, Section 4.2.7 extensionSupportedPoints uint16 = 11 extensionSignatureAlgorithms uint16 = 13 extensionALPN uint16 = 16 extensionSCT uint16 = 18 extensionSessionTicket uint16 = 35 extensionPreSharedKey uint16 = 41 extensionEarlyData uint16 = 42 extensionSupportedVersions uint16 = 43 extensionCookie uint16 = 44 extensionPSKModes uint16 = 45 extensionCertificateAuthorities uint16 = 47 extensionSignatureAlgorithmsCert uint16 = 50 extensionKeyShare uint16 = 51 extensionRenegotiationInfo uint16 = 0xff01 ) // TLS signaling cipher suite values const ( scsvRenegotiation uint16 = 0x00ff ) type EncryptionLevel uint8 const ( EncryptionHandshake EncryptionLevel = iota Encryption0RTT EncryptionApplication ) // CurveID is a tls.CurveID type CurveID = tls.CurveID const ( CurveP256 CurveID = 23 CurveP384 CurveID = 24 CurveP521 CurveID = 25 X25519 CurveID = 29 ) // TLS 1.3 Key Share. See RFC 8446, Section 4.2.8. type keyShare struct { group CurveID data []byte } // TLS 1.3 PSK Key Exchange Modes. See RFC 8446, Section 4.2.9. const ( pskModePlain uint8 = 0 pskModeDHE uint8 = 1 ) // TLS 1.3 PSK Identity. Can be a Session Ticket, or a reference to a saved // session. See RFC 8446, Section 4.2.11. type pskIdentity struct { label []byte obfuscatedTicketAge uint32 } // TLS Elliptic Curve Point Formats // https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9 const ( pointFormatUncompressed uint8 = 0 ) // TLS CertificateStatusType (RFC 3546) const ( statusTypeOCSP uint8 = 1 ) // Certificate types (for certificateRequestMsg) const ( certTypeRSASign = 1 certTypeECDSASign = 64 // ECDSA or EdDSA keys, see RFC 8422, Section 3. ) // Signature algorithms (for internal signaling use). Starting at 225 to avoid overlap with // TLS 1.2 codepoints (RFC 5246, Appendix A.4.1), with which these have nothing to do. const ( signaturePKCS1v15 uint8 = iota + 225 signatureRSAPSS signatureECDSA signatureEd25519 ) // directSigning is a standard Hash value that signals that no pre-hashing // should be performed, and that the input should be signed directly. It is the // hash function associated with the Ed25519 signature scheme. var directSigning crypto.Hash = 0 // supportedSignatureAlgorithms contains the signature and hash algorithms that // the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+ // CertificateRequest. The two fields are merged to match with TLS 1.3. // Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc. var supportedSignatureAlgorithms = []SignatureScheme{ PSSWithSHA256, ECDSAWithP256AndSHA256, Ed25519, PSSWithSHA384, PSSWithSHA512, PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512, PKCS1WithSHA1, ECDSAWithSHA1, } // helloRetryRequestRandom is set as the Random value of a ServerHello // to signal that the message is actually a HelloRetryRequest. var helloRetryRequestRandom = []byte{ // See RFC 8446, Section 4.1.3. 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C, } const ( // downgradeCanaryTLS12 or downgradeCanaryTLS11 is embedded in the server // random as a downgrade protection if the server would be capable of // negotiating a higher version. See RFC 8446, Section 4.1.3. downgradeCanaryTLS12 = "DOWNGRD\x01" downgradeCanaryTLS11 = "DOWNGRD\x00" ) // ConnectionState records basic TLS details about the connection. type ConnectionState struct { Version uint16 // TLS version used by the connection (e.g. VersionTLS12) HandshakeComplete bool // TLS handshake is complete DidResume bool // connection resumes a previous TLS connection CipherSuite uint16 // cipher suite in use (TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, ...) NegotiatedProtocol string // negotiated next protocol (not guaranteed to be from Config.NextProtos) NegotiatedProtocolIsMutual bool // negotiated protocol was advertised by server (client side only) ServerName string // server name requested by client, if any (server side only) PeerCertificates []*x509.Certificate // certificate chain presented by remote peer VerifiedChains [][]*x509.Certificate // verified chains built from PeerCertificates SignedCertificateTimestamps [][]byte // SCTs from the peer, if any OCSPResponse []byte // stapled OCSP response from peer, if any Used0RTT bool // true if 0-RTT was both offered and accepted // ekm is a closure exposed via ExportKeyingMaterial. ekm func(label string, context []byte, length int) ([]byte, error) // TLSUnique contains the "tls-unique" channel binding value (see RFC // 5929, section 3). For resumed sessions this value will be nil // because resumption does not include enough context (see // https://mitls.org/pages/attacks/3SHAKE#channelbindings). This will // change in future versions of Go once the TLS master-secret fix has // been standardized and implemented. It is not defined in TLS 1.3. TLSUnique []byte } // ExportKeyingMaterial returns length bytes of exported key material in a new // slice as defined in RFC 5705. If context is nil, it is not used as part of // the seed. If the connection was set to allow renegotiation via // Config.Renegotiation, this function will return an error. func (cs *ConnectionState) ExportKeyingMaterial(label string, context []byte, length int) ([]byte, error) { return cs.ekm(label, context, length) } // ClientAuthType is tls.ClientAuthType type ClientAuthType = tls.ClientAuthType const ( NoClientCert ClientAuthType = iota RequestClientCert RequireAnyClientCert VerifyClientCertIfGiven RequireAndVerifyClientCert ) // requiresClientCert reports whether the ClientAuthType requires a client // certificate to be provided. func requiresClientCert(c ClientAuthType) bool { switch c { case RequireAnyClientCert, RequireAndVerifyClientCert: return true default: return false } } // ClientSessionState contains the state needed by clients to resume TLS // sessions. type ClientSessionState struct { sessionTicket []uint8 // Encrypted ticket used for session resumption with server vers uint16 // TLS version negotiated for the session cipherSuite uint16 // Ciphersuite negotiated for the session masterSecret []byte // Full handshake MasterSecret, or TLS 1.3 resumption_master_secret serverCertificates []*x509.Certificate // Certificate chain presented by the server verifiedChains [][]*x509.Certificate // Certificate chains we built for verification receivedAt time.Time // When the session ticket was received from the server // TLS 1.3 fields. nonce []byte // Ticket nonce sent by the server, to derive PSK useBy time.Time // Expiration of the ticket lifetime as set by the server ageAdd uint32 // Random obfuscation factor for sending the ticket age } // ClientSessionCache is a cache of ClientSessionState objects that can be used // by a client to resume a TLS session with a given server. ClientSessionCache // implementations should expect to be called concurrently from different // goroutines. Up to TLS 1.2, only ticket-based resumption is supported, not // SessionID-based resumption. In TLS 1.3 they were merged into PSK modes, which // are supported via this interface. //go:generate sh -c "mockgen -package qtls -self_package github.com/marten-seemann/qtls -destination mock_client_session_cache_test.go github.com/marten-seemann/qtls ClientSessionCache" type ClientSessionCache interface { // Get searches for a ClientSessionState associated with the given key. // On return, ok is true if one was found. Get(sessionKey string) (session *ClientSessionState, ok bool) // Put adds the ClientSessionState to the cache with the given key. It might // get called multiple times in a connection if a TLS 1.3 server provides // more than one session ticket. If called with a nil *ClientSessionState, // it should remove the cache entry. Put(sessionKey string, cs *ClientSessionState) } // SignatureScheme is a tls.SignatureScheme type SignatureScheme = tls.SignatureScheme const ( // RSASSA-PKCS1-v1_5 algorithms. PKCS1WithSHA256 SignatureScheme = 0x0401 PKCS1WithSHA384 SignatureScheme = 0x0501 PKCS1WithSHA512 SignatureScheme = 0x0601 // RSASSA-PSS algorithms with public key OID rsaEncryption. PSSWithSHA256 SignatureScheme = 0x0804 PSSWithSHA384 SignatureScheme = 0x0805 PSSWithSHA512 SignatureScheme = 0x0806 // ECDSA algorithms. Only constrained to a specific curve in TLS 1.3. ECDSAWithP256AndSHA256 SignatureScheme = 0x0403 ECDSAWithP384AndSHA384 SignatureScheme = 0x0503 ECDSAWithP521AndSHA512 SignatureScheme = 0x0603 // EdDSA algorithms. Ed25519 SignatureScheme = 0x0807 // Legacy signature and hash algorithms for TLS 1.2. PKCS1WithSHA1 SignatureScheme = 0x0201 ECDSAWithSHA1 SignatureScheme = 0x0203 ) // ClientHelloInfo contains information from a ClientHello message in order to // guide application logic in the GetCertificate and GetConfigForClient callbacks. type ClientHelloInfo struct { // CipherSuites lists the CipherSuites supported by the client (e.g. // TLS_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256). CipherSuites []uint16 // ServerName indicates the name of the server requested by the client // in order to support virtual hosting. ServerName is only set if the // client is using SNI (see RFC 4366, Section 3.1). ServerName string // SupportedCurves lists the elliptic curves supported by the client. // SupportedCurves is set only if the Supported Elliptic Curves // Extension is being used (see RFC 4492, Section 5.1.1). SupportedCurves []CurveID // SupportedPoints lists the point formats supported by the client. // SupportedPoints is set only if the Supported Point Formats Extension // is being used (see RFC 4492, Section 5.1.2). SupportedPoints []uint8 // SignatureSchemes lists the signature and hash schemes that the client // is willing to verify. SignatureSchemes is set only if the Signature // Algorithms Extension is being used (see RFC 5246, Section 7.4.1.4.1). SignatureSchemes []SignatureScheme // SupportedProtos lists the application protocols supported by the client. // SupportedProtos is set only if the Application-Layer Protocol // Negotiation Extension is being used (see RFC 7301, Section 3.1). // // Servers can select a protocol by setting Config.NextProtos in a // GetConfigForClient return value. SupportedProtos []string // SupportedVersions lists the TLS versions supported by the client. // For TLS versions less than 1.3, this is extrapolated from the max // version advertised by the client, so values other than the greatest // might be rejected if used. SupportedVersions []uint16 // Conn is the underlying net.Conn for the connection. Do not read // from, or write to, this connection; that will cause the TLS // connection to fail. Conn net.Conn // config is embedded by the GetCertificate or GetConfigForClient caller, // for use with SupportsCertificate. config *Config } // CertificateRequestInfo contains information from a server's // CertificateRequest message, which is used to demand a certificate and proof // of control from a client. type CertificateRequestInfo struct { // AcceptableCAs contains zero or more, DER-encoded, X.501 // Distinguished Names. These are the names of root or intermediate CAs // that the server wishes the returned certificate to be signed by. An // empty slice indicates that the server has no preference. AcceptableCAs [][]byte // SignatureSchemes lists the signature schemes that the server is // willing to verify. SignatureSchemes []SignatureScheme // Version is the TLS version that was negotiated for this connection. Version uint16 } // RenegotiationSupport enumerates the different levels of support for TLS // renegotiation. TLS renegotiation is the act of performing subsequent // handshakes on a connection after the first. This significantly complicates // the state machine and has been the source of numerous, subtle security // issues. Initiating a renegotiation is not supported, but support for // accepting renegotiation requests may be enabled. // // Even when enabled, the server may not change its identity between handshakes // (i.e. the leaf certificate must be the same). Additionally, concurrent // handshake and application data flow is not permitted so renegotiation can // only be used with protocols that synchronise with the renegotiation, such as // HTTPS. // // Renegotiation is not defined in TLS 1.3. type RenegotiationSupport int const ( // RenegotiateNever disables renegotiation. RenegotiateNever RenegotiationSupport = iota // RenegotiateOnceAsClient allows a remote server to request // renegotiation once per connection. RenegotiateOnceAsClient // RenegotiateFreelyAsClient allows a remote server to repeatedly // request renegotiation. RenegotiateFreelyAsClient ) // A Config structure is used to configure a TLS client or server. // After one has been passed to a TLS function it must not be // modified. A Config may be reused; the tls package will also not // modify it. type Config struct { // Rand provides the source of entropy for nonces and RSA blinding. // If Rand is nil, TLS uses the cryptographic random reader in package // crypto/rand. // The Reader must be safe for use by multiple goroutines. Rand io.Reader // Time returns the current time as the number of seconds since the epoch. // If Time is nil, TLS uses time.Now. Time func() time.Time // Certificates contains one or more certificate chains to present to the // other side of the connection. The first certificate compatible with the // peer's requirements is selected automatically. // // Server configurations must set one of Certificates, GetCertificate or // GetConfigForClient. Clients doing client-authentication may set either // Certificates or GetClientCertificate. // // Note: if there are multiple Certificates, and they don't have the // optional field Leaf set, certificate selection will incur a significant // per-handshake performance cost. Certificates []Certificate // NameToCertificate maps from a certificate name to an element of // Certificates. Note that a certificate name can be of the form // '*.example.com' and so doesn't have to be a domain name as such. // // Deprecated: NameToCertificate only allows associating a single // certificate with a given name. Leave this field nil to let the library // select the first compatible chain from Certificates. NameToCertificate map[string]*Certificate // GetCertificate returns a Certificate based on the given // ClientHelloInfo. It will only be called if the client supplies SNI // information or if Certificates is empty. // // If GetCertificate is nil or returns nil, then the certificate is // retrieved from NameToCertificate. If NameToCertificate is nil, the // best element of Certificates will be used. GetCertificate func(*ClientHelloInfo) (*Certificate, error) // GetClientCertificate, if not nil, is called when a server requests a // certificate from a client. If set, the contents of Certificates will // be ignored. // // If GetClientCertificate returns an error, the handshake will be // aborted and that error will be returned. Otherwise // GetClientCertificate must return a non-nil Certificate. If // Certificate.Certificate is empty then no certificate will be sent to // the server. If this is unacceptable to the server then it may abort // the handshake. // // GetClientCertificate may be called multiple times for the same // connection if renegotiation occurs or if TLS 1.3 is in use. GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error) // GetConfigForClient, if not nil, is called after a ClientHello is // received from a client. It may return a non-nil Config in order to // change the Config that will be used to handle this connection. If // the returned Config is nil, the original Config will be used. The // Config returned by this callback may not be subsequently modified. // // If GetConfigForClient is nil, the Config passed to Server() will be // used for all connections. // // Uniquely for the fields in the returned Config, session ticket keys // will be duplicated from the original Config if not set. // Specifically, if SetSessionTicketKeys was called on the original // config but not on the returned config then the ticket keys from the // original config will be copied into the new config before use. // Otherwise, if SessionTicketKey was set in the original config but // not in the returned config then it will be copied into the returned // config before use. If neither of those cases applies then the key // material from the returned config will be used for session tickets. GetConfigForClient func(*ClientHelloInfo) (*Config, error) // VerifyPeerCertificate, if not nil, is called after normal // certificate verification by either a TLS client or server. It // receives the raw ASN.1 certificates provided by the peer and also // any verified chains that normal processing found. If it returns a // non-nil error, the handshake is aborted and that error results. // // If normal verification fails then the handshake will abort before // considering this callback. If normal verification is disabled by // setting InsecureSkipVerify, or (for a server) when ClientAuth is // RequestClientCert or RequireAnyClientCert, then this callback will // be considered but the verifiedChains argument will always be nil. VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error // RootCAs defines the set of root certificate authorities // that clients use when verifying server certificates. // If RootCAs is nil, TLS uses the host's root CA set. RootCAs *x509.CertPool // NextProtos is a list of supported application level protocols, in // order of preference. NextProtos []string // ServerName is used to verify the hostname on the returned // certificates unless InsecureSkipVerify is given. It is also included // in the client's handshake to support virtual hosting unless it is // an IP address. ServerName string // ClientAuth determines the server's policy for // TLS Client Authentication. The default is NoClientCert. ClientAuth ClientAuthType // ClientCAs defines the set of root certificate authorities // that servers use if required to verify a client certificate // by the policy in ClientAuth. ClientCAs *x509.CertPool // InsecureSkipVerify controls whether a client verifies the // server's certificate chain and host name. // If InsecureSkipVerify is true, TLS accepts any certificate // presented by the server and any host name in that certificate. // In this mode, TLS is susceptible to man-in-the-middle attacks. // This should be used only for testing. InsecureSkipVerify bool // CipherSuites is a list of supported cipher suites for TLS versions up to // TLS 1.2. If CipherSuites is nil, a default list of secure cipher suites // is used, with a preference order based on hardware performance. The // default cipher suites might change over Go versions. Note that TLS 1.3 // ciphersuites are not configurable. CipherSuites []uint16 // PreferServerCipherSuites controls whether the server selects the // client's most preferred ciphersuite, or the server's most preferred // ciphersuite. If true then the server's preference, as expressed in // the order of elements in CipherSuites, is used. PreferServerCipherSuites bool // SessionTicketsDisabled may be set to true to disable session ticket and // PSK (resumption) support. Note that on clients, session ticket support is // also disabled if ClientSessionCache is nil. SessionTicketsDisabled bool // SessionTicketKey is used by TLS servers to provide session resumption. // See RFC 5077 and the PSK mode of RFC 8446. If zero, it will be filled // with random data before the first server handshake. // // If multiple servers are terminating connections for the same host // they should all have the same SessionTicketKey. If the // SessionTicketKey leaks, previously recorded and future TLS // connections using that key might be compromised. SessionTicketKey [32]byte // ClientSessionCache is a cache of ClientSessionState entries for TLS // session resumption. It is only used by clients. ClientSessionCache ClientSessionCache // MinVersion contains the minimum TLS version that is acceptable. // If zero, TLS 1.0 is currently taken as the minimum. MinVersion uint16 // MaxVersion contains the maximum TLS version that is acceptable. // If zero, the maximum version supported by this package is used, // which is currently TLS 1.3. MaxVersion uint16 // CurvePreferences contains the elliptic curves that will be used in // an ECDHE handshake, in preference order. If empty, the default will // be used. The client will use the first preference as the type for // its key share in TLS 1.3. This may change in the future. CurvePreferences []CurveID // DynamicRecordSizingDisabled disables adaptive sizing of TLS records. // When true, the largest possible TLS record size is always used. When // false, the size of TLS records may be adjusted in an attempt to // improve latency. DynamicRecordSizingDisabled bool // Renegotiation controls what types of renegotiation are supported. // The default, none, is correct for the vast majority of applications. Renegotiation RenegotiationSupport // KeyLogWriter optionally specifies a destination for TLS master secrets // in NSS key log format that can be used to allow external programs // such as Wireshark to decrypt TLS connections. // See https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format. // Use of KeyLogWriter compromises security and should only be // used for debugging. KeyLogWriter io.Writer // GetExtensions, if not nil, is called before a message that allows // sending of extensions is sent. // Currently only implemented for the ClientHello message (for the client) // and for the EncryptedExtensions message (for the server). // Only valid for TLS 1.3. GetExtensions func(handshakeMessageType uint8) []Extension // ReceivedExtensions, if not nil, is called when a message that allows the // inclusion of extensions is received. // It is called with an empty slice of extensions, if the message didn't // contain any extensions. // Currently only implemented for the ClientHello message (sent by the // client) and for the EncryptedExtensions message (sent by the server). // Only valid for TLS 1.3. ReceivedExtensions func(handshakeMessageType uint8, exts []Extension) serverInitOnce sync.Once // guards calling (*Config).serverInit // mutex protects sessionTicketKeys. mutex sync.RWMutex // sessionTicketKeys contains zero or more ticket keys. If the length // is zero, SessionTicketsDisabled must be true. The first key is used // for new tickets and any subsequent keys can be used to decrypt old // tickets. sessionTicketKeys []ticketKey // AlternativeRecordLayer is used by QUIC AlternativeRecordLayer RecordLayer // Enforce the selection of a supported application protocol. // Only works for TLS 1.3. // If enabled, client and server have to agree on an application protocol. // Otherwise, connection establishment fails. EnforceNextProtoSelection bool // If MaxEarlyData is greater than 0, the client will be allowed to send early // data when resuming a session. // Requires the AlternativeRecordLayer to be set. // // It has no meaning on the client. MaxEarlyData uint32 // The Accept0RTT callback is called when the client offers 0-RTT. // The server then has to decide if it wants to accept or reject 0-RTT. // It is only used for servers. Accept0RTT func(appData []byte) bool // 0RTTRejected is called when the server rejectes 0-RTT. // It is only used for clients. Rejected0RTT func() // If set, the client will export the 0-RTT key when resuming a session that // allows sending of early data. // Requires the AlternativeRecordLayer to be set. // // It has no meaning to the server. Enable0RTT bool // Is called when the client saves a session ticket to the session ticket. // This gives the application the opportunity to save some data along with the ticket, // which can be restored when the session ticket is used. GetAppDataForSessionState func() []byte // Is called when the client uses a session ticket. // Restores the application data that was saved earlier on GetAppDataForSessionTicket. SetAppDataFromSessionState func([]byte) } // A RecordLayer handles encrypting and decrypting of TLS messages. type RecordLayer interface { SetReadKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) SetWriteKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) ReadHandshakeMessage() ([]byte, error) WriteRecord([]byte) (int, error) SendAlert(uint8) } // ticketKeyNameLen is the number of bytes of identifier that is prepended to // an encrypted session ticket in order to identify the key used to encrypt it. const ticketKeyNameLen = 16 // ticketKey is the internal representation of a session ticket key. type ticketKey struct { // keyName is an opaque byte string that serves to identify the session // ticket key. It's exposed as plaintext in every session ticket. keyName [ticketKeyNameLen]byte aesKey [16]byte hmacKey [16]byte } // ticketKeyFromBytes converts from the external representation of a session // ticket key to a ticketKey. Externally, session ticket keys are 32 random // bytes and this function expands that into sufficient name and key material. func ticketKeyFromBytes(b [32]byte) (key ticketKey) { hashed := sha512.Sum512(b[:]) copy(key.keyName[:], hashed[:ticketKeyNameLen]) copy(key.aesKey[:], hashed[ticketKeyNameLen:ticketKeyNameLen+16]) copy(key.hmacKey[:], hashed[ticketKeyNameLen+16:ticketKeyNameLen+32]) return key } // maxSessionTicketLifetime is the maximum allowed lifetime of a TLS 1.3 session // ticket, and the lifetime we set for tickets we send. const maxSessionTicketLifetime = 7 * 24 * time.Hour // Clone returns a shallow clone of c. It is safe to clone a Config that is // being used concurrently by a TLS client or server. func (c *Config) Clone() *Config { // Running serverInit ensures that it's safe to read // SessionTicketsDisabled. c.serverInitOnce.Do(func() { c.serverInit(nil) }) var sessionTicketKeys []ticketKey c.mutex.RLock() sessionTicketKeys = c.sessionTicketKeys c.mutex.RUnlock() return &Config{ Rand: c.Rand, Time: c.Time, Certificates: c.Certificates, NameToCertificate: c.NameToCertificate, GetCertificate: c.GetCertificate, GetClientCertificate: c.GetClientCertificate, GetConfigForClient: c.GetConfigForClient, VerifyPeerCertificate: c.VerifyPeerCertificate, RootCAs: c.RootCAs, NextProtos: c.NextProtos, ServerName: c.ServerName, ClientAuth: c.ClientAuth, ClientCAs: c.ClientCAs, InsecureSkipVerify: c.InsecureSkipVerify, CipherSuites: c.CipherSuites, PreferServerCipherSuites: c.PreferServerCipherSuites, SessionTicketsDisabled: c.SessionTicketsDisabled, SessionTicketKey: c.SessionTicketKey, ClientSessionCache: c.ClientSessionCache, MinVersion: c.MinVersion, MaxVersion: c.MaxVersion, CurvePreferences: c.CurvePreferences, DynamicRecordSizingDisabled: c.DynamicRecordSizingDisabled, Renegotiation: c.Renegotiation, KeyLogWriter: c.KeyLogWriter, GetExtensions: c.GetExtensions, ReceivedExtensions: c.ReceivedExtensions, sessionTicketKeys: sessionTicketKeys, EnforceNextProtoSelection: c.EnforceNextProtoSelection, MaxEarlyData: c.MaxEarlyData, Enable0RTT: c.Enable0RTT, Accept0RTT: c.Accept0RTT, Rejected0RTT: c.Rejected0RTT, GetAppDataForSessionState: c.GetAppDataForSessionState, SetAppDataFromSessionState: c.SetAppDataFromSessionState, } } // serverInit is run under c.serverInitOnce to do initialization of c. If c was // returned by a GetConfigForClient callback then the argument should be the // Config that was passed to Server, otherwise it should be nil. func (c *Config) serverInit(originalConfig *Config) { if c.SessionTicketsDisabled || len(c.ticketKeys()) != 0 { return } alreadySet := false for _, b := range c.SessionTicketKey { if b != 0 { alreadySet = true break } } if !alreadySet { if originalConfig != nil { copy(c.SessionTicketKey[:], originalConfig.SessionTicketKey[:]) } else if _, err := io.ReadFull(c.rand(), c.SessionTicketKey[:]); err != nil { c.SessionTicketsDisabled = true return } } if originalConfig != nil { originalConfig.mutex.RLock() c.sessionTicketKeys = originalConfig.sessionTicketKeys originalConfig.mutex.RUnlock() } else { c.sessionTicketKeys = []ticketKey{ticketKeyFromBytes(c.SessionTicketKey)} } } func (c *Config) ticketKeys() []ticketKey { c.mutex.RLock() // c.sessionTicketKeys is constant once created. SetSessionTicketKeys // will only update it by replacing it with a new value. ret := c.sessionTicketKeys c.mutex.RUnlock() return ret } // SetSessionTicketKeys updates the session ticket keys for a server. The first // key will be used when creating new tickets, while all keys can be used for // decrypting tickets. It is safe to call this function while the server is // running in order to rotate the session ticket keys. The function will panic // if keys is empty. func (c *Config) SetSessionTicketKeys(keys [][32]byte) { if len(keys) == 0 { panic("tls: keys must have at least one key") } newKeys := make([]ticketKey, len(keys)) for i, bytes := range keys { newKeys[i] = ticketKeyFromBytes(bytes) } c.mutex.Lock() c.sessionTicketKeys = newKeys c.mutex.Unlock() } func (c *Config) rand() io.Reader { r := c.Rand if r == nil { return rand.Reader } return r } func (c *Config) time() time.Time { t := c.Time if t == nil { t = time.Now } return t() } func (c *Config) cipherSuites() []uint16 { s := c.CipherSuites if s == nil { s = defaultCipherSuites() } return s } var supportedVersions = []uint16{ VersionTLS13, VersionTLS12, VersionTLS11, VersionTLS10, } func (c *Config) supportedVersions() []uint16 { versions := make([]uint16, 0, len(supportedVersions)) for _, v := range supportedVersions { if c != nil && c.MinVersion != 0 && v < c.MinVersion { continue } if c != nil && c.MaxVersion != 0 && v > c.MaxVersion { continue } versions = append(versions, v) } return versions } func (c *Config) maxSupportedVersion() uint16 { supportedVersions := c.supportedVersions() if len(supportedVersions) == 0 { return 0 } return supportedVersions[0] } // supportedVersionsFromMax returns a list of supported versions derived from a // legacy maximum version value. Note that only versions supported by this // library are returned. Any newer peer will use supportedVersions anyway. func supportedVersionsFromMax(maxVersion uint16) []uint16 { versions := make([]uint16, 0, len(supportedVersions)) for _, v := range supportedVersions { if v > maxVersion { continue } versions = append(versions, v) } return versions } var defaultCurvePreferences = []CurveID{X25519, CurveP256, CurveP384, CurveP521} func (c *Config) curvePreferences() []CurveID { if c == nil || len(c.CurvePreferences) == 0 { return defaultCurvePreferences } return c.CurvePreferences } func (c *Config) supportsCurve(curve CurveID) bool { for _, cc := range c.curvePreferences() { if cc == curve { return true } } return false } // mutualVersion returns the protocol version to use given the advertised // versions of the peer. Priority is given to the peer preference order. func (c *Config) mutualVersion(peerVersions []uint16) (uint16, bool) { supportedVersions := c.supportedVersions() for _, peerVersion := range peerVersions { for _, v := range supportedVersions { if v == peerVersion { return v, true } } } return 0, false } var errNoCertificates = errors.New("tls: no certificates configured") // getCertificate returns the best certificate for the given ClientHelloInfo, // defaulting to the first element of c.Certificates. func (c *Config) getCertificate(clientHello *ClientHelloInfo) (*Certificate, error) { if c.GetCertificate != nil && (len(c.Certificates) == 0 || len(clientHello.ServerName) > 0) { cert, err := c.GetCertificate(clientHello) if cert != nil || err != nil { return cert, err } } if len(c.Certificates) == 0 { return nil, errNoCertificates } if len(c.Certificates) == 1 { // There's only one choice, so no point doing any work. return &c.Certificates[0], nil } if c.NameToCertificate != nil { name := strings.ToLower(clientHello.ServerName) if cert, ok := c.NameToCertificate[name]; ok { return cert, nil } if len(name) > 0 { labels := strings.Split(name, ".") labels[0] = "*" wildcardName := strings.Join(labels, ".") if cert, ok := c.NameToCertificate[wildcardName]; ok { return cert, nil } } } for _, cert := range c.Certificates { if err := clientHello.SupportsCertificate(&cert); err == nil { return &cert, nil } } // If nothing matches, return the first certificate. return &c.Certificates[0], nil } // SupportsCertificate returns nil if the provided certificate is supported by // the client that sent the ClientHello. Otherwise, it returns an error // describing the reason for the incompatibility. // // If this ClientHelloInfo was passed to a GetConfigForClient or GetCertificate // callback, this method will take into account the associated Config. Note that // if GetConfigForClient returns a different Config, the change can't be // accounted for by this method. // // This function will call x509.ParseCertificate unless c.Leaf is set, which can // incur a significant performance cost. func (chi *ClientHelloInfo) SupportsCertificate(c *Certificate) error { // Note we don't currently support certificate_authorities nor // signature_algorithms_cert, and don't check the algorithms of the // signatures on the chain (which anyway are a SHOULD, see RFC 8446, // Section 4.4.2.2). config := chi.config if config == nil { config = &Config{} } vers, ok := config.mutualVersion(chi.SupportedVersions) if !ok { return errors.New("no mutually supported protocol versions") } // If the client specified the name they are trying to connect to, the // certificate needs to be valid for it. if chi.ServerName != "" { x509Cert, err := c.leaf() if err != nil { return fmt.Errorf("failed to parse certificate: %w", err) } if err := x509Cert.VerifyHostname(chi.ServerName); err != nil { return fmt.Errorf("certificate is not valid for requested server name: %w", err) } } // supportsRSAFallback returns nil if the certificate and connection support // the static RSA key exchange, and unsupported otherwise. The logic for // supporting static RSA is completely disjoint from the logic for // supporting signed key exchanges, so we just check it as a fallback. supportsRSAFallback := func(unsupported error) error { // TLS 1.3 dropped support for the static RSA key exchange. if vers == VersionTLS13 { return unsupported } // The static RSA key exchange works by decrypting a challenge with the // RSA private key, not by signing, so check the PrivateKey implements // crypto.Decrypter, like *rsa.PrivateKey does. if priv, ok := c.PrivateKey.(crypto.Decrypter); ok { if _, ok := priv.Public().(*rsa.PublicKey); !ok { return unsupported } } else { return unsupported } // Finally, there needs to be a mutual cipher suite that uses the static // RSA key exchange instead of ECDHE. rsaCipherSuite := selectCipherSuite(chi.CipherSuites, config.cipherSuites(), func(c *cipherSuite) bool { if c.flags&suiteECDHE != 0 { return false } if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 { return false } return true }) if rsaCipherSuite == nil { return unsupported } return nil } // If the client sent the signature_algorithms extension, ensure it supports // schemes we can use with this certificate and TLS version. if len(chi.SignatureSchemes) > 0 { if _, err := selectSignatureScheme(vers, c, chi.SignatureSchemes); err != nil { return supportsRSAFallback(err) } } // In TLS 1.3 we are done because supported_groups is only relevant to the // ECDHE computation, point format negotiation is removed, cipher suites are // only relevant to the AEAD choice, and static RSA does not exist. if vers == VersionTLS13 { return nil } // The only signed key exchange we support is ECDHE. if !supportsECDHE(config, chi.SupportedCurves, chi.SupportedPoints) { return supportsRSAFallback(errors.New("client doesn't support ECDHE, can only use legacy RSA key exchange")) } var ecdsaCipherSuite bool if priv, ok := c.PrivateKey.(crypto.Signer); ok { switch pub := priv.Public().(type) { case *ecdsa.PublicKey: var curve CurveID switch pub.Curve { case elliptic.P256(): curve = CurveP256 case elliptic.P384(): curve = CurveP384 case elliptic.P521(): curve = CurveP521 default: return supportsRSAFallback(unsupportedCertificateError(c)) } var curveOk bool for _, c := range chi.SupportedCurves { if c == curve && config.supportsCurve(c) { curveOk = true break } } if !curveOk { return errors.New("client doesn't support certificate curve") } ecdsaCipherSuite = true case ed25519.PublicKey: if vers < VersionTLS12 || len(chi.SignatureSchemes) == 0 { return errors.New("connection doesn't support Ed25519") } ecdsaCipherSuite = true case *rsa.PublicKey: default: return supportsRSAFallback(unsupportedCertificateError(c)) } } else { return supportsRSAFallback(unsupportedCertificateError(c)) } // Make sure that there is a mutually supported cipher suite that works with // this certificate. Cipher suite selection will then apply the logic in // reverse to pick it. See also serverHandshakeState.cipherSuiteOk. cipherSuite := selectCipherSuite(chi.CipherSuites, config.cipherSuites(), func(c *cipherSuite) bool { if c.flags&suiteECDHE == 0 { return false } if c.flags&suiteECSign != 0 { if !ecdsaCipherSuite { return false } } else { if ecdsaCipherSuite { return false } } if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 { return false } return true }) if cipherSuite == nil { return supportsRSAFallback(errors.New("client doesn't support any cipher suites compatible with the certificate")) } return nil } // SupportsCertificate returns nil if the provided certificate is supported by // the server that sent the CertificateRequest. Otherwise, it returns an error // describing the reason for the incompatibility. func (cri *CertificateRequestInfo) SupportsCertificate(c *Certificate) error { if _, err := selectSignatureScheme(cri.Version, c, cri.SignatureSchemes); err != nil { return err } if len(cri.AcceptableCAs) == 0 { return nil } for j, cert := range c.Certificate { x509Cert := c.Leaf // Parse the certificate if this isn't the leaf node, or if // chain.Leaf was nil. if j != 0 || x509Cert == nil { var err error if x509Cert, err = x509.ParseCertificate(cert); err != nil { return fmt.Errorf("failed to parse certificate #%d in the chain: %w", j, err) } } for _, ca := range cri.AcceptableCAs { if bytes.Equal(x509Cert.RawIssuer, ca) { return nil } } } return errors.New("chain is not signed by an acceptable CA") } // BuildNameToCertificate parses c.Certificates and builds c.NameToCertificate // from the CommonName and SubjectAlternateName fields of each of the leaf // certificates. // // Deprecated: NameToCertificate only allows associating a single certificate // with a given name. Leave that field nil to let the library select the first // compatible chain from Certificates. func (c *Config) BuildNameToCertificate() { c.NameToCertificate = make(map[string]*Certificate) for i := range c.Certificates { cert := &c.Certificates[i] x509Cert, err := cert.leaf() if err != nil { continue } if len(x509Cert.Subject.CommonName) > 0 { c.NameToCertificate[x509Cert.Subject.CommonName] = cert } for _, san := range x509Cert.DNSNames { c.NameToCertificate[san] = cert } } } const ( keyLogLabelTLS12 = "CLIENT_RANDOM" keyLogLabelEarlyTraffic = "CLIENT_EARLY_TRAFFIC_SECRET" keyLogLabelClientHandshake = "CLIENT_HANDSHAKE_TRAFFIC_SECRET" keyLogLabelServerHandshake = "SERVER_HANDSHAKE_TRAFFIC_SECRET" keyLogLabelClientTraffic = "CLIENT_TRAFFIC_SECRET_0" keyLogLabelServerTraffic = "SERVER_TRAFFIC_SECRET_0" ) func (c *Config) writeKeyLog(label string, clientRandom, secret []byte) error { if c.KeyLogWriter == nil { return nil } logLine := []byte(fmt.Sprintf("%s %x %x\n", label, clientRandom, secret)) writerMutex.Lock() _, err := c.KeyLogWriter.Write(logLine) writerMutex.Unlock() return err } // writerMutex protects all KeyLogWriters globally. It is rarely enabled, // and is only for debugging, so a global mutex saves space. var writerMutex sync.Mutex // A Certificate is a chain of one or more certificates, leaf first. type Certificate struct { Certificate [][]byte // PrivateKey contains the private key corresponding to the public key in // Leaf. This must implement crypto.Signer with an RSA, ECDSA or Ed25519 PublicKey. // For a server up to TLS 1.2, it can also implement crypto.Decrypter with // an RSA PublicKey. PrivateKey crypto.PrivateKey // SupportedSignatureAlgorithms is an optional list restricting what // signature algorithms the PrivateKey can be used for. SupportedSignatureAlgorithms []SignatureScheme // OCSPStaple contains an optional OCSP response which will be served // to clients that request it. OCSPStaple []byte // SignedCertificateTimestamps contains an optional list of Signed // Certificate Timestamps which will be served to clients that request it. SignedCertificateTimestamps [][]byte // Leaf is the parsed form of the leaf certificate, which may be initialized // using x509.ParseCertificate to reduce per-handshake processing. If nil, // the leaf certificate will be parsed as needed. Leaf *x509.Certificate } // leaf returns the parsed leaf certificate, either from c.Leaf or by parsing // the corresponding c.Certificate[0]. func (c *Certificate) leaf() (*x509.Certificate, error) { if c.Leaf != nil { return c.Leaf, nil } return x509.ParseCertificate(c.Certificate[0]) } type handshakeMessage interface { marshal() []byte unmarshal([]byte) bool } // lruSessionCache is a ClientSessionCache implementation that uses an LRU // caching strategy. type lruSessionCache struct { sync.Mutex m map[string]*list.Element q *list.List capacity int } type lruSessionCacheEntry struct { sessionKey string state *ClientSessionState } // NewLRUClientSessionCache returns a ClientSessionCache with the given // capacity that uses an LRU strategy. If capacity is < 1, a default capacity // is used instead. func NewLRUClientSessionCache(capacity int) ClientSessionCache { const defaultSessionCacheCapacity = 64 if capacity < 1 { capacity = defaultSessionCacheCapacity } return &lruSessionCache{ m: make(map[string]*list.Element), q: list.New(), capacity: capacity, } } // Put adds the provided (sessionKey, cs) pair to the cache. If cs is nil, the entry // corresponding to sessionKey is removed from the cache instead. func (c *lruSessionCache) Put(sessionKey string, cs *ClientSessionState) { c.Lock() defer c.Unlock() if elem, ok := c.m[sessionKey]; ok { if cs == nil { c.q.Remove(elem) delete(c.m, sessionKey) } else { entry := elem.Value.(*lruSessionCacheEntry) entry.state = cs c.q.MoveToFront(elem) } return } if c.q.Len() < c.capacity { entry := &lruSessionCacheEntry{sessionKey, cs} c.m[sessionKey] = c.q.PushFront(entry) return } elem := c.q.Back() entry := elem.Value.(*lruSessionCacheEntry) delete(c.m, entry.sessionKey) entry.sessionKey = sessionKey entry.state = cs c.q.MoveToFront(elem) c.m[sessionKey] = elem } // Get returns the ClientSessionState value associated with a given key. It // returns (nil, false) if no value is found. func (c *lruSessionCache) Get(sessionKey string) (*ClientSessionState, bool) { c.Lock() defer c.Unlock() if elem, ok := c.m[sessionKey]; ok { c.q.MoveToFront(elem) return elem.Value.(*lruSessionCacheEntry).state, true } return nil, false } // TODO(jsing): Make these available to both crypto/x509 and crypto/tls. type dsaSignature struct { R, S *big.Int } type ecdsaSignature dsaSignature var emptyConfig Config func defaultConfig() *Config { return &emptyConfig } var ( once sync.Once varDefaultCipherSuites []uint16 varDefaultCipherSuitesTLS13 []uint16 ) func defaultCipherSuites() []uint16 { once.Do(initDefaultCipherSuites) return varDefaultCipherSuites } func defaultCipherSuitesTLS13() []uint16 { once.Do(initDefaultCipherSuites) return varDefaultCipherSuitesTLS13 } func initDefaultCipherSuites() { var topCipherSuites []uint16 // Check the cpu flags for each platform that has optimized GCM implementations. // Worst case, these variables will just all be false. var ( hasGCMAsmAMD64 = cpu.X86.HasAES && cpu.X86.HasPCLMULQDQ hasGCMAsmARM64 = cpu.ARM64.HasAES && cpu.ARM64.HasPMULL // Keep in sync with crypto/aes/cipher_s390x.go. // TODO: check for s390 // hasGCMAsmS390X = cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR && (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM) hasGCMAsmS390X = false hasGCMAsm = hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X ) if hasGCMAsm { // If AES-GCM hardware is provided then prioritise AES-GCM // cipher suites. topCipherSuites = []uint16{ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, } varDefaultCipherSuitesTLS13 = []uint16{ TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_256_GCM_SHA384, } } else { // Without AES-GCM hardware, we put the ChaCha20-Poly1305 // cipher suites first. topCipherSuites = []uint16{ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, } varDefaultCipherSuitesTLS13 = []uint16{ TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, } } varDefaultCipherSuites = make([]uint16, 0, len(cipherSuites)) varDefaultCipherSuites = append(varDefaultCipherSuites, topCipherSuites...) NextCipherSuite: for _, suite := range cipherSuites { if suite.flags&suiteDefaultOff != 0 { continue } for _, existing := range varDefaultCipherSuites { if existing == suite.id { continue NextCipherSuite } } varDefaultCipherSuites = append(varDefaultCipherSuites, suite.id) } } func unexpectedMessageError(wanted, got interface{}) error { return fmt.Errorf("tls: received unexpected handshake message of type %T when waiting for %T", got, wanted) } func isSupportedSignatureAlgorithm(sigAlg SignatureScheme, supportedSignatureAlgorithms []SignatureScheme) bool { for _, s := range supportedSignatureAlgorithms { if s == sigAlg { return true } } return false } golang-github-marten-seemann-qtls-0.10.0/conn.go000066400000000000000000001274201373277661100215170ustar00rootroot00000000000000// Copyright 2010 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // TLS low level connection and record layer package qtls import ( "bytes" "crypto/cipher" "crypto/subtle" "crypto/x509" "errors" "fmt" "io" "net" "sync" "sync/atomic" "time" ) // A Conn represents a secured connection. // It implements the net.Conn interface. type Conn struct { // constant conn net.Conn isClient bool // handshakeStatus is 1 if the connection is currently transferring // application data (i.e. is not currently processing a handshake). // This field is only to be accessed with sync/atomic. handshakeStatus uint32 // constant after handshake; protected by handshakeMutex handshakeMutex sync.Mutex handshakeErr error // error resulting from handshake vers uint16 // TLS version haveVers bool // version has been negotiated config *Config // configuration passed to constructor // handshakes counts the number of handshakes performed on the // connection so far. If renegotiation is disabled then this is either // zero or one. handshakes int didResume bool // whether this connection was a session resumption cipherSuite uint16 ocspResponse []byte // stapled OCSP response scts [][]byte // signed certificate timestamps from server peerCertificates []*x509.Certificate // verifiedChains contains the certificate chains that we built, as // opposed to the ones presented by the server. verifiedChains [][]*x509.Certificate // serverName contains the server name indicated by the client, if any. serverName string // secureRenegotiation is true if the server echoed the secure // renegotiation extension. (This is meaningless as a server because // renegotiation is not supported in that case.) secureRenegotiation bool // ekm is a closure for exporting keying material. ekm func(label string, context []byte, length int) ([]byte, error) // For the client: // resumptionSecret is the resumption_master_secret for handling // NewSessionTicket messages. nil if config.SessionTicketsDisabled. // For the server: // resumptionSecret is the resumption_master_secret for generating // NewSessionTicket messages. Only used when the alternative record // layer is set. nil if config.SessionTicketsDisabled. resumptionSecret []byte // clientFinishedIsFirst is true if the client sent the first Finished // message during the most recent handshake. This is recorded because // the first transmitted Finished message is the tls-unique // channel-binding value. clientFinishedIsFirst bool // closeNotifyErr is any error from sending the alertCloseNotify record. closeNotifyErr error // closeNotifySent is true if the Conn attempted to send an // alertCloseNotify record. closeNotifySent bool // clientFinished and serverFinished contain the Finished message sent // by the client or server in the most recent handshake. This is // retained to support the renegotiation extension and tls-unique // channel-binding. clientFinished [12]byte serverFinished [12]byte clientProtocol string clientProtocolFallback bool // input/output in, out halfConn rawInput bytes.Buffer // raw input, starting with a record header input bytes.Reader // application data waiting to be read, from rawInput.Next hand bytes.Buffer // handshake data waiting to be read outBuf []byte // scratch buffer used by out.encrypt buffering bool // whether records are buffered in sendBuf sendBuf []byte // a buffer of records waiting to be sent // bytesSent counts the bytes of application data sent. // packetsSent counts packets. bytesSent int64 packetsSent int64 // retryCount counts the number of consecutive non-advancing records // received by Conn.readRecord. That is, records that neither advance the // handshake, nor deliver application data. Protected by in.Mutex. retryCount int // activeCall is an atomic int32; the low bit is whether Close has // been called. the rest of the bits are the number of goroutines // in Conn.Write. activeCall int32 used0RTT bool tmp [16]byte } // Access to net.Conn methods. // Cannot just embed net.Conn because that would // export the struct field too. // LocalAddr returns the local network address. func (c *Conn) LocalAddr() net.Addr { return c.conn.LocalAddr() } // RemoteAddr returns the remote network address. func (c *Conn) RemoteAddr() net.Addr { return c.conn.RemoteAddr() } // SetDeadline sets the read and write deadlines associated with the connection. // A zero value for t means Read and Write will not time out. // After a Write has timed out, the TLS state is corrupt and all future writes will return the same error. func (c *Conn) SetDeadline(t time.Time) error { return c.conn.SetDeadline(t) } // SetReadDeadline sets the read deadline on the underlying connection. // A zero value for t means Read will not time out. func (c *Conn) SetReadDeadline(t time.Time) error { return c.conn.SetReadDeadline(t) } // SetWriteDeadline sets the write deadline on the underlying connection. // A zero value for t means Write will not time out. // After a Write has timed out, the TLS state is corrupt and all future writes will return the same error. func (c *Conn) SetWriteDeadline(t time.Time) error { return c.conn.SetWriteDeadline(t) } // A halfConn represents one direction of the record layer // connection, either sending or receiving. type halfConn struct { sync.Mutex err error // first permanent error version uint16 // protocol version cipher interface{} // cipher algorithm mac macFunction seq [8]byte // 64-bit sequence number additionalData [13]byte // to avoid allocs; interface method args escape nextCipher interface{} // next encryption state nextMac macFunction // next MAC algorithm trafficSecret []byte // current TLS 1.3 traffic secret setKeyCallback func(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) } func (hc *halfConn) setErrorLocked(err error) error { hc.err = err return err } // prepareCipherSpec sets the encryption and MAC states // that a subsequent changeCipherSpec will use. func (hc *halfConn) prepareCipherSpec(version uint16, cipher interface{}, mac macFunction) { hc.version = version hc.nextCipher = cipher hc.nextMac = mac } // changeCipherSpec changes the encryption and MAC states // to the ones previously passed to prepareCipherSpec. func (hc *halfConn) changeCipherSpec() error { if hc.nextCipher == nil || hc.version == VersionTLS13 { return alertInternalError } hc.cipher = hc.nextCipher hc.mac = hc.nextMac hc.nextCipher = nil hc.nextMac = nil for i := range hc.seq { hc.seq[i] = 0 } return nil } func (hc *halfConn) exportKey(encLevel EncryptionLevel, suite *cipherSuiteTLS13, trafficSecret []byte) { if hc.setKeyCallback != nil { s := &CipherSuiteTLS13{ ID: suite.id, KeyLen: suite.keyLen, Hash: suite.hash, AEAD: func(key, fixedNonce []byte) cipher.AEAD { return suite.aead(key, fixedNonce) }, } hc.setKeyCallback(encLevel, s, trafficSecret) } } func (hc *halfConn) setTrafficSecret(suite *cipherSuiteTLS13, secret []byte) { hc.trafficSecret = secret key, iv := suite.trafficKey(secret) hc.cipher = suite.aead(key, iv) for i := range hc.seq { hc.seq[i] = 0 } } // incSeq increments the sequence number. func (hc *halfConn) incSeq() { for i := 7; i >= 0; i-- { hc.seq[i]++ if hc.seq[i] != 0 { return } } // Not allowed to let sequence number wrap. // Instead, must renegotiate before it does. // Not likely enough to bother. panic("TLS: sequence number wraparound") } // explicitNonceLen returns the number of bytes of explicit nonce or IV included // in each record. Explicit nonces are present only in CBC modes after TLS 1.0 // and in certain AEAD modes in TLS 1.2. func (hc *halfConn) explicitNonceLen() int { if hc.cipher == nil { return 0 } switch c := hc.cipher.(type) { case cipher.Stream: return 0 case aead: return c.explicitNonceLen() case cbcMode: // TLS 1.1 introduced a per-record explicit IV to fix the BEAST attack. if hc.version >= VersionTLS11 { return c.BlockSize() } return 0 default: panic("unknown cipher type") } } // extractPadding returns, in constant time, the length of the padding to remove // from the end of payload. It also returns a byte which is equal to 255 if the // padding was valid and 0 otherwise. See RFC 2246, Section 6.2.3.2. func extractPadding(payload []byte) (toRemove int, good byte) { if len(payload) < 1 { return 0, 0 } paddingLen := payload[len(payload)-1] t := uint(len(payload)-1) - uint(paddingLen) // if len(payload) >= (paddingLen - 1) then the MSB of t is zero good = byte(int32(^t) >> 31) // The maximum possible padding length plus the actual length field toCheck := 256 // The length of the padded data is public, so we can use an if here if toCheck > len(payload) { toCheck = len(payload) } for i := 0; i < toCheck; i++ { t := uint(paddingLen) - uint(i) // if i <= paddingLen then the MSB of t is zero mask := byte(int32(^t) >> 31) b := payload[len(payload)-1-i] good &^= mask&paddingLen ^ mask&b } // We AND together the bits of good and replicate the result across // all the bits. good &= good << 4 good &= good << 2 good &= good << 1 good = uint8(int8(good) >> 7) // Zero the padding length on error. This ensures any unchecked bytes // are included in the MAC. Otherwise, an attacker that could // distinguish MAC failures from padding failures could mount an attack // similar to POODLE in SSL 3.0: given a good ciphertext that uses a // full block's worth of padding, replace the final block with another // block. If the MAC check passed but the padding check failed, the // last byte of that block decrypted to the block size. // // See also macAndPaddingGood logic below. paddingLen &= good toRemove = int(paddingLen) + 1 return } func roundUp(a, b int) int { return a + (b-a%b)%b } // cbcMode is an interface for block ciphers using cipher block chaining. type cbcMode interface { cipher.BlockMode SetIV([]byte) } // decrypt authenticates and decrypts the record if protection is active at // this stage. The returned plaintext might overlap with the input. func (hc *halfConn) decrypt(record []byte) ([]byte, recordType, error) { var plaintext []byte typ := recordType(record[0]) payload := record[recordHeaderLen:] // In TLS 1.3, change_cipher_spec messages are to be ignored without being // decrypted. See RFC 8446, Appendix D.4. if hc.version == VersionTLS13 && typ == recordTypeChangeCipherSpec { return payload, typ, nil } paddingGood := byte(255) paddingLen := 0 explicitNonceLen := hc.explicitNonceLen() if hc.cipher != nil { switch c := hc.cipher.(type) { case cipher.Stream: c.XORKeyStream(payload, payload) case aead: if len(payload) < explicitNonceLen { return nil, 0, alertBadRecordMAC } nonce := payload[:explicitNonceLen] if len(nonce) == 0 { nonce = hc.seq[:] } payload = payload[explicitNonceLen:] additionalData := hc.additionalData[:] if hc.version == VersionTLS13 { additionalData = record[:recordHeaderLen] } else { copy(additionalData, hc.seq[:]) copy(additionalData[8:], record[:3]) n := len(payload) - c.Overhead() additionalData[11] = byte(n >> 8) additionalData[12] = byte(n) } var err error plaintext, err = c.Open(payload[:0], nonce, payload, additionalData) if err != nil { return nil, 0, alertBadRecordMAC } case cbcMode: blockSize := c.BlockSize() minPayload := explicitNonceLen + roundUp(hc.mac.Size()+1, blockSize) if len(payload)%blockSize != 0 || len(payload) < minPayload { return nil, 0, alertBadRecordMAC } if explicitNonceLen > 0 { c.SetIV(payload[:explicitNonceLen]) payload = payload[explicitNonceLen:] } c.CryptBlocks(payload, payload) // In a limited attempt to protect against CBC padding oracles like // Lucky13, the data past paddingLen (which is secret) is passed to // the MAC function as extra data, to be fed into the HMAC after // computing the digest. This makes the MAC roughly constant time as // long as the digest computation is constant time and does not // affect the subsequent write, modulo cache effects. paddingLen, paddingGood = extractPadding(payload) default: panic("unknown cipher type") } if hc.version == VersionTLS13 { if typ != recordTypeApplicationData { return nil, 0, alertUnexpectedMessage } if len(plaintext) > maxPlaintext+1 { return nil, 0, alertRecordOverflow } // Remove padding and find the ContentType scanning from the end. for i := len(plaintext) - 1; i >= 0; i-- { if plaintext[i] != 0 { typ = recordType(plaintext[i]) plaintext = plaintext[:i] break } if i == 0 { return nil, 0, alertUnexpectedMessage } } } } else { plaintext = payload } if hc.mac != nil { macSize := hc.mac.Size() if len(payload) < macSize { return nil, 0, alertBadRecordMAC } n := len(payload) - macSize - paddingLen n = subtle.ConstantTimeSelect(int(uint32(n)>>31), 0, n) // if n < 0 { n = 0 } record[3] = byte(n >> 8) record[4] = byte(n) remoteMAC := payload[n : n+macSize] localMAC := hc.mac.MAC(hc.seq[0:], record[:recordHeaderLen], payload[:n], payload[n+macSize:]) // This is equivalent to checking the MACs and paddingGood // separately, but in constant-time to prevent distinguishing // padding failures from MAC failures. Depending on what value // of paddingLen was returned on bad padding, distinguishing // bad MAC from bad padding can lead to an attack. // // See also the logic at the end of extractPadding. macAndPaddingGood := subtle.ConstantTimeCompare(localMAC, remoteMAC) & int(paddingGood) if macAndPaddingGood != 1 { return nil, 0, alertBadRecordMAC } plaintext = payload[:n] } hc.incSeq() return plaintext, typ, nil } func (c *Conn) setAlternativeRecordLayer() { if c.config.AlternativeRecordLayer != nil { c.in.setKeyCallback = c.config.AlternativeRecordLayer.SetReadKey c.out.setKeyCallback = c.config.AlternativeRecordLayer.SetWriteKey } } // sliceForAppend extends the input slice by n bytes. head is the full extended // slice, while tail is the appended part. If the original slice has sufficient // capacity no allocation is performed. func sliceForAppend(in []byte, n int) (head, tail []byte) { if total := len(in) + n; cap(in) >= total { head = in[:total] } else { head = make([]byte, total) copy(head, in) } tail = head[len(in):] return } // encrypt encrypts payload, adding the appropriate nonce and/or MAC, and // appends it to record, which contains the record header. func (hc *halfConn) encrypt(record, payload []byte, rand io.Reader) ([]byte, error) { if hc.cipher == nil { return append(record, payload...), nil } var explicitNonce []byte if explicitNonceLen := hc.explicitNonceLen(); explicitNonceLen > 0 { record, explicitNonce = sliceForAppend(record, explicitNonceLen) if _, isCBC := hc.cipher.(cbcMode); !isCBC && explicitNonceLen < 16 { // The AES-GCM construction in TLS has an explicit nonce so that the // nonce can be random. However, the nonce is only 8 bytes which is // too small for a secure, random nonce. Therefore we use the // sequence number as the nonce. The 3DES-CBC construction also has // an 8 bytes nonce but its nonces must be unpredictable (see RFC // 5246, Appendix F.3), forcing us to use randomness. That's not // 3DES' biggest problem anyway because the birthday bound on block // collision is reached first due to its simlarly small block size // (see the Sweet32 attack). copy(explicitNonce, hc.seq[:]) } else { if _, err := io.ReadFull(rand, explicitNonce); err != nil { return nil, err } } } var mac []byte if hc.mac != nil { mac = hc.mac.MAC(hc.seq[:], record[:recordHeaderLen], payload, nil) } var dst []byte switch c := hc.cipher.(type) { case cipher.Stream: record, dst = sliceForAppend(record, len(payload)+len(mac)) c.XORKeyStream(dst[:len(payload)], payload) c.XORKeyStream(dst[len(payload):], mac) case aead: nonce := explicitNonce if len(nonce) == 0 { nonce = hc.seq[:] } if hc.version == VersionTLS13 { record = append(record, payload...) // Encrypt the actual ContentType and replace the plaintext one. record = append(record, record[0]) record[0] = byte(recordTypeApplicationData) n := len(payload) + 1 + c.Overhead() record[3] = byte(n >> 8) record[4] = byte(n) record = c.Seal(record[:recordHeaderLen], nonce, record[recordHeaderLen:], record[:recordHeaderLen]) } else { copy(hc.additionalData[:], hc.seq[:]) copy(hc.additionalData[8:], record) record = c.Seal(record, nonce, payload, hc.additionalData[:]) } case cbcMode: blockSize := c.BlockSize() plaintextLen := len(payload) + len(mac) paddingLen := blockSize - plaintextLen%blockSize record, dst = sliceForAppend(record, plaintextLen+paddingLen) copy(dst, payload) copy(dst[len(payload):], mac) for i := plaintextLen; i < len(dst); i++ { dst[i] = byte(paddingLen - 1) } if len(explicitNonce) > 0 { c.SetIV(explicitNonce) } c.CryptBlocks(dst, dst) default: panic("unknown cipher type") } // Update length to include nonce, MAC and any block padding needed. n := len(record) - recordHeaderLen record[3] = byte(n >> 8) record[4] = byte(n) hc.incSeq() return record, nil } // RecordHeaderError is returned when a TLS record header is invalid. type RecordHeaderError struct { // Msg contains a human readable string that describes the error. Msg string // RecordHeader contains the five bytes of TLS record header that // triggered the error. RecordHeader [5]byte // Conn provides the underlying net.Conn in the case that a client // sent an initial handshake that didn't look like TLS. // It is nil if there's already been a handshake or a TLS alert has // been written to the connection. Conn net.Conn } func (e RecordHeaderError) Error() string { return "tls: " + e.Msg } func (c *Conn) newRecordHeaderError(conn net.Conn, msg string) (err RecordHeaderError) { err.Msg = msg err.Conn = conn copy(err.RecordHeader[:], c.rawInput.Bytes()) return err } func (c *Conn) readRecord() error { return c.readRecordOrCCS(false) } func (c *Conn) readChangeCipherSpec() error { return c.readRecordOrCCS(true) } // readRecordOrCCS reads one or more TLS records from the connection and // updates the record layer state. Some invariants: // * c.in must be locked // * c.input must be empty // During the handshake one and only one of the following will happen: // - c.hand grows // - c.in.changeCipherSpec is called // - an error is returned // After the handshake one and only one of the following will happen: // - c.hand grows // - c.input is set // - an error is returned func (c *Conn) readRecordOrCCS(expectChangeCipherSpec bool) error { if c.in.err != nil { return c.in.err } handshakeComplete := c.handshakeComplete() // This function modifies c.rawInput, which owns the c.input memory. if c.input.Len() != 0 { return c.in.setErrorLocked(errors.New("tls: internal error: attempted to read record with pending application data")) } c.input.Reset(nil) // Read header, payload. if err := c.readFromUntil(c.conn, recordHeaderLen); err != nil { // RFC 8446, Section 6.1 suggests that EOF without an alertCloseNotify // is an error, but popular web sites seem to do this, so we accept it // if and only if at the record boundary. if err == io.ErrUnexpectedEOF && c.rawInput.Len() == 0 { err = io.EOF } if e, ok := err.(net.Error); !ok || !e.Temporary() { c.in.setErrorLocked(err) } return err } hdr := c.rawInput.Bytes()[:recordHeaderLen] typ := recordType(hdr[0]) // No valid TLS record has a type of 0x80, however SSLv2 handshakes // start with a uint16 length where the MSB is set and the first record // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests // an SSLv2 client. if !handshakeComplete && typ == 0x80 { c.sendAlert(alertProtocolVersion) return c.in.setErrorLocked(c.newRecordHeaderError(nil, "unsupported SSLv2 handshake received")) } vers := uint16(hdr[1])<<8 | uint16(hdr[2]) n := int(hdr[3])<<8 | int(hdr[4]) if c.haveVers && c.vers != VersionTLS13 && vers != c.vers { c.sendAlert(alertProtocolVersion) msg := fmt.Sprintf("received record with version %x when expecting version %x", vers, c.vers) return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg)) } if !c.haveVers { // First message, be extra suspicious: this might not be a TLS // client. Bail out before reading a full 'body', if possible. // The current max version is 3.3 so if the version is >= 16.0, // it's probably not real. if (typ != recordTypeAlert && typ != recordTypeHandshake) || vers >= 0x1000 { return c.in.setErrorLocked(c.newRecordHeaderError(c.conn, "first record does not look like a TLS handshake")) } } if c.vers == VersionTLS13 && n > maxCiphertextTLS13 || n > maxCiphertext { c.sendAlert(alertRecordOverflow) msg := fmt.Sprintf("oversized record received with length %d", n) return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg)) } if err := c.readFromUntil(c.conn, recordHeaderLen+n); err != nil { if e, ok := err.(net.Error); !ok || !e.Temporary() { c.in.setErrorLocked(err) } return err } // Process message. record := c.rawInput.Next(recordHeaderLen + n) data, typ, err := c.in.decrypt(record) if err != nil { return c.in.setErrorLocked(c.sendAlert(err.(alert))) } if len(data) > maxPlaintext { return c.in.setErrorLocked(c.sendAlert(alertRecordOverflow)) } // Application Data messages are always protected. if c.in.cipher == nil && typ == recordTypeApplicationData { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } if typ != recordTypeAlert && typ != recordTypeChangeCipherSpec && len(data) > 0 { // This is a state-advancing message: reset the retry count. c.retryCount = 0 } // Handshake messages MUST NOT be interleaved with other record types in TLS 1.3. if c.vers == VersionTLS13 && typ != recordTypeHandshake && c.hand.Len() > 0 { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } switch typ { default: return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) case recordTypeAlert: if len(data) != 2 { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } if alert(data[1]) == alertCloseNotify { return c.in.setErrorLocked(io.EOF) } if c.vers == VersionTLS13 { return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])}) } switch data[0] { case alertLevelWarning: // Drop the record on the floor and retry. return c.retryReadRecord(expectChangeCipherSpec) case alertLevelError: return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])}) default: return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } case recordTypeChangeCipherSpec: if len(data) != 1 || data[0] != 1 { return c.in.setErrorLocked(c.sendAlert(alertDecodeError)) } // Handshake messages are not allowed to fragment across the CCS. if c.hand.Len() > 0 { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } // In TLS 1.3, change_cipher_spec records are ignored until the // Finished. See RFC 8446, Appendix D.4. Note that according to Section // 5, a server can send a ChangeCipherSpec before its ServerHello, when // c.vers is still unset. That's not useful though and suspicious if the // server then selects a lower protocol version, so don't allow that. if c.vers == VersionTLS13 { return c.retryReadRecord(expectChangeCipherSpec) } if !expectChangeCipherSpec { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } if err := c.in.changeCipherSpec(); err != nil { return c.in.setErrorLocked(c.sendAlert(err.(alert))) } case recordTypeApplicationData: if !handshakeComplete || expectChangeCipherSpec { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } // Some OpenSSL servers send empty records in order to randomize the // CBC IV. Ignore a limited number of empty records. if len(data) == 0 { return c.retryReadRecord(expectChangeCipherSpec) } // Note that data is owned by c.rawInput, following the Next call above, // to avoid copying the plaintext. This is safe because c.rawInput is // not read from or written to until c.input is drained. c.input.Reset(data) case recordTypeHandshake: if len(data) == 0 || expectChangeCipherSpec { return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } c.hand.Write(data) } return nil } // retryReadRecord recurses into readRecordOrCCS to drop a non-advancing record, like // a warning alert, empty application_data, or a change_cipher_spec in TLS 1.3. func (c *Conn) retryReadRecord(expectChangeCipherSpec bool) error { c.retryCount++ if c.retryCount > maxUselessRecords { c.sendAlert(alertUnexpectedMessage) return c.in.setErrorLocked(errors.New("tls: too many ignored records")) } return c.readRecordOrCCS(expectChangeCipherSpec) } // atLeastReader reads from R, stopping with EOF once at least N bytes have been // read. It is different from an io.LimitedReader in that it doesn't cut short // the last Read call, and in that it considers an early EOF an error. type atLeastReader struct { R io.Reader N int64 } func (r *atLeastReader) Read(p []byte) (int, error) { if r.N <= 0 { return 0, io.EOF } n, err := r.R.Read(p) r.N -= int64(n) // won't underflow unless len(p) >= n > 9223372036854775809 if r.N > 0 && err == io.EOF { return n, io.ErrUnexpectedEOF } if r.N <= 0 && err == nil { return n, io.EOF } return n, err } // readFromUntil reads from r into c.rawInput until c.rawInput contains // at least n bytes or else returns an error. func (c *Conn) readFromUntil(r io.Reader, n int) error { if c.rawInput.Len() >= n { return nil } needs := n - c.rawInput.Len() // There might be extra input waiting on the wire. Make a best effort // attempt to fetch it so that it can be used in (*Conn).Read to // "predict" closeNotify alerts. c.rawInput.Grow(needs + bytes.MinRead) _, err := c.rawInput.ReadFrom(&atLeastReader{r, int64(needs)}) return err } // sendAlert sends a TLS alert message. func (c *Conn) sendAlertLocked(err alert) error { switch err { case alertNoRenegotiation, alertCloseNotify: c.tmp[0] = alertLevelWarning default: c.tmp[0] = alertLevelError } c.tmp[1] = byte(err) _, writeErr := c.writeRecordLocked(recordTypeAlert, c.tmp[0:2]) if err == alertCloseNotify { // closeNotify is a special case in that it isn't an error. return writeErr } return c.out.setErrorLocked(&net.OpError{Op: "local error", Err: err}) } // sendAlert sends a TLS alert message. func (c *Conn) sendAlert(err alert) error { if c.config.AlternativeRecordLayer != nil { c.config.AlternativeRecordLayer.SendAlert(uint8(err)) return &net.OpError{Op: "local error", Err: err} } c.out.Lock() defer c.out.Unlock() return c.sendAlertLocked(err) } const ( // tcpMSSEstimate is a conservative estimate of the TCP maximum segment // size (MSS). A constant is used, rather than querying the kernel for // the actual MSS, to avoid complexity. The value here is the IPv6 // minimum MTU (1280 bytes) minus the overhead of an IPv6 header (40 // bytes) and a TCP header with timestamps (32 bytes). tcpMSSEstimate = 1208 // recordSizeBoostThreshold is the number of bytes of application data // sent after which the TLS record size will be increased to the // maximum. recordSizeBoostThreshold = 128 * 1024 ) // maxPayloadSizeForWrite returns the maximum TLS payload size to use for the // next application data record. There is the following trade-off: // // - For latency-sensitive applications, such as web browsing, each TLS // record should fit in one TCP segment. // - For throughput-sensitive applications, such as large file transfers, // larger TLS records better amortize framing and encryption overheads. // // A simple heuristic that works well in practice is to use small records for // the first 1MB of data, then use larger records for subsequent data, and // reset back to smaller records after the connection becomes idle. See "High // Performance Web Networking", Chapter 4, or: // https://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/ // // In the interests of simplicity and determinism, this code does not attempt // to reset the record size once the connection is idle, however. func (c *Conn) maxPayloadSizeForWrite(typ recordType) int { if c.config.DynamicRecordSizingDisabled || typ != recordTypeApplicationData { return maxPlaintext } if c.bytesSent >= recordSizeBoostThreshold { return maxPlaintext } // Subtract TLS overheads to get the maximum payload size. payloadBytes := tcpMSSEstimate - recordHeaderLen - c.out.explicitNonceLen() if c.out.cipher != nil { switch ciph := c.out.cipher.(type) { case cipher.Stream: payloadBytes -= c.out.mac.Size() case cipher.AEAD: payloadBytes -= ciph.Overhead() case cbcMode: blockSize := ciph.BlockSize() // The payload must fit in a multiple of blockSize, with // room for at least one padding byte. payloadBytes = (payloadBytes & ^(blockSize - 1)) - 1 // The MAC is appended before padding so affects the // payload size directly. payloadBytes -= c.out.mac.Size() default: panic("unknown cipher type") } } if c.vers == VersionTLS13 { payloadBytes-- // encrypted ContentType } // Allow packet growth in arithmetic progression up to max. pkt := c.packetsSent c.packetsSent++ if pkt > 1000 { return maxPlaintext // avoid overflow in multiply below } n := payloadBytes * int(pkt+1) if n > maxPlaintext { n = maxPlaintext } return n } func (c *Conn) write(data []byte) (int, error) { if c.buffering { c.sendBuf = append(c.sendBuf, data...) return len(data), nil } n, err := c.conn.Write(data) c.bytesSent += int64(n) return n, err } func (c *Conn) flush() (int, error) { if len(c.sendBuf) == 0 { return 0, nil } n, err := c.conn.Write(c.sendBuf) c.bytesSent += int64(n) c.sendBuf = nil c.buffering = false return n, err } // writeRecordLocked writes a TLS record with the given type and payload to the // connection and updates the record layer state. func (c *Conn) writeRecordLocked(typ recordType, data []byte) (int, error) { var n int for len(data) > 0 { m := len(data) if maxPayload := c.maxPayloadSizeForWrite(typ); m > maxPayload { m = maxPayload } _, c.outBuf = sliceForAppend(c.outBuf[:0], recordHeaderLen) c.outBuf[0] = byte(typ) vers := c.vers if vers == 0 { // Some TLS servers fail if the record version is // greater than TLS 1.0 for the initial ClientHello. vers = VersionTLS10 } else if vers == VersionTLS13 { // TLS 1.3 froze the record layer version to 1.2. // See RFC 8446, Section 5.1. vers = VersionTLS12 } c.outBuf[1] = byte(vers >> 8) c.outBuf[2] = byte(vers) c.outBuf[3] = byte(m >> 8) c.outBuf[4] = byte(m) var err error c.outBuf, err = c.out.encrypt(c.outBuf, data[:m], c.config.rand()) if err != nil { return n, err } if _, err := c.write(c.outBuf); err != nil { return n, err } n += m data = data[m:] } if typ == recordTypeChangeCipherSpec && c.vers != VersionTLS13 { if err := c.out.changeCipherSpec(); err != nil { return n, c.sendAlertLocked(err.(alert)) } } return n, nil } // writeRecord writes a TLS record with the given type and payload to the // connection and updates the record layer state. func (c *Conn) writeRecord(typ recordType, data []byte) (int, error) { if c.config.AlternativeRecordLayer != nil { if typ == recordTypeChangeCipherSpec { return len(data), nil } return c.config.AlternativeRecordLayer.WriteRecord(data) } c.out.Lock() defer c.out.Unlock() return c.writeRecordLocked(typ, data) } // readHandshake reads the next handshake message from // the record layer. func (c *Conn) readHandshake() (interface{}, error) { var data []byte if c.config.AlternativeRecordLayer != nil { var err error data, err = c.config.AlternativeRecordLayer.ReadHandshakeMessage() if err != nil { return nil, err } } else { for c.hand.Len() < 4 { if err := c.readRecord(); err != nil { return nil, err } } data = c.hand.Bytes() n := int(data[1])<<16 | int(data[2])<<8 | int(data[3]) if n > maxHandshake { c.sendAlertLocked(alertInternalError) return nil, c.in.setErrorLocked(fmt.Errorf("tls: handshake message of length %d bytes exceeds maximum of %d bytes", n, maxHandshake)) } for c.hand.Len() < 4+n { if err := c.readRecord(); err != nil { return nil, err } } data = c.hand.Next(4 + n) } var m handshakeMessage switch data[0] { case typeHelloRequest: m = new(helloRequestMsg) case typeClientHello: m = new(clientHelloMsg) case typeServerHello: m = new(serverHelloMsg) case typeNewSessionTicket: if c.vers == VersionTLS13 { m = new(newSessionTicketMsgTLS13) } else { m = new(newSessionTicketMsg) } case typeCertificate: if c.vers == VersionTLS13 { m = new(certificateMsgTLS13) } else { m = new(certificateMsg) } case typeCertificateRequest: if c.vers == VersionTLS13 { m = new(certificateRequestMsgTLS13) } else { m = &certificateRequestMsg{ hasSignatureAlgorithm: c.vers >= VersionTLS12, } } case typeCertificateStatus: m = new(certificateStatusMsg) case typeServerKeyExchange: m = new(serverKeyExchangeMsg) case typeServerHelloDone: m = new(serverHelloDoneMsg) case typeClientKeyExchange: m = new(clientKeyExchangeMsg) case typeCertificateVerify: m = &certificateVerifyMsg{ hasSignatureAlgorithm: c.vers >= VersionTLS12, } case typeFinished: m = new(finishedMsg) case typeEncryptedExtensions: m = new(encryptedExtensionsMsg) case typeEndOfEarlyData: m = new(endOfEarlyDataMsg) case typeKeyUpdate: m = new(keyUpdateMsg) default: return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } // The handshake message unmarshalers // expect to be able to keep references to data, // so pass in a fresh copy that won't be overwritten. data = append([]byte(nil), data...) if !m.unmarshal(data) { return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage)) } return m, nil } var ( errClosed = errors.New("tls: use of closed connection") errShutdown = errors.New("tls: protocol is shutdown") ) // Write writes data to the connection. func (c *Conn) Write(b []byte) (int, error) { // interlock with Close below for { x := atomic.LoadInt32(&c.activeCall) if x&1 != 0 { return 0, errClosed } if atomic.CompareAndSwapInt32(&c.activeCall, x, x+2) { break } } defer atomic.AddInt32(&c.activeCall, -2) if err := c.Handshake(); err != nil { return 0, err } c.out.Lock() defer c.out.Unlock() if err := c.out.err; err != nil { return 0, err } if !c.handshakeComplete() { return 0, alertInternalError } if c.closeNotifySent { return 0, errShutdown } // TLS 1.0 is susceptible to a chosen-plaintext // attack when using block mode ciphers due to predictable IVs. // This can be prevented by splitting each Application Data // record into two records, effectively randomizing the IV. // // https://www.openssl.org/~bodo/tls-cbc.txt // https://bugzilla.mozilla.org/show_bug.cgi?id=665814 // https://www.imperialviolet.org/2012/01/15/beastfollowup.html var m int if len(b) > 1 && c.vers == VersionTLS10 { if _, ok := c.out.cipher.(cipher.BlockMode); ok { n, err := c.writeRecordLocked(recordTypeApplicationData, b[:1]) if err != nil { return n, c.out.setErrorLocked(err) } m, b = 1, b[1:] } } n, err := c.writeRecordLocked(recordTypeApplicationData, b) return n + m, c.out.setErrorLocked(err) } // handleRenegotiation processes a HelloRequest handshake message. func (c *Conn) handleRenegotiation() error { if c.vers == VersionTLS13 { return errors.New("tls: internal error: unexpected renegotiation") } msg, err := c.readHandshake() if err != nil { return err } helloReq, ok := msg.(*helloRequestMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(helloReq, msg) } if !c.isClient { return c.sendAlert(alertNoRenegotiation) } switch c.config.Renegotiation { case RenegotiateNever: return c.sendAlert(alertNoRenegotiation) case RenegotiateOnceAsClient: if c.handshakes > 1 { return c.sendAlert(alertNoRenegotiation) } case RenegotiateFreelyAsClient: // Ok. default: c.sendAlert(alertInternalError) return errors.New("tls: unknown Renegotiation value") } c.handshakeMutex.Lock() defer c.handshakeMutex.Unlock() atomic.StoreUint32(&c.handshakeStatus, 0) if c.handshakeErr = c.clientHandshake(); c.handshakeErr == nil { c.handshakes++ } return c.handshakeErr } func (c *Conn) HandlePostHandshakeMessage() error { return c.handlePostHandshakeMessage() } // handlePostHandshakeMessage processes a handshake message arrived after the // handshake is complete. Up to TLS 1.2, it indicates the start of a renegotiation. func (c *Conn) handlePostHandshakeMessage() error { if c.vers != VersionTLS13 { return c.handleRenegotiation() } msg, err := c.readHandshake() if err != nil { return err } c.retryCount++ if c.retryCount > maxUselessRecords { c.sendAlert(alertUnexpectedMessage) return c.in.setErrorLocked(errors.New("tls: too many non-advancing records")) } switch msg := msg.(type) { case *newSessionTicketMsgTLS13: return c.handleNewSessionTicket(msg) case *keyUpdateMsg: return c.handleKeyUpdate(msg) default: c.sendAlert(alertUnexpectedMessage) return fmt.Errorf("tls: received unexpected handshake message of type %T", msg) } } func (c *Conn) handleKeyUpdate(keyUpdate *keyUpdateMsg) error { cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite) if cipherSuite == nil { return c.in.setErrorLocked(c.sendAlert(alertInternalError)) } newSecret := cipherSuite.nextTrafficSecret(c.in.trafficSecret) c.in.setTrafficSecret(cipherSuite, newSecret) if keyUpdate.updateRequested { c.out.Lock() defer c.out.Unlock() msg := &keyUpdateMsg{} _, err := c.writeRecordLocked(recordTypeHandshake, msg.marshal()) if err != nil { // Surface the error at the next write. c.out.setErrorLocked(err) return nil } newSecret := cipherSuite.nextTrafficSecret(c.out.trafficSecret) c.out.setTrafficSecret(cipherSuite, newSecret) } return nil } // Read can be made to time out and return a net.Error with Timeout() == true // after a fixed time limit; see SetDeadline and SetReadDeadline. func (c *Conn) Read(b []byte) (int, error) { if err := c.Handshake(); err != nil { return 0, err } if len(b) == 0 { // Put this after Handshake, in case people were calling // Read(nil) for the side effect of the Handshake. return 0, nil } c.in.Lock() defer c.in.Unlock() for c.input.Len() == 0 { if err := c.readRecord(); err != nil { return 0, err } for c.hand.Len() > 0 { if err := c.handlePostHandshakeMessage(); err != nil { return 0, err } } } n, _ := c.input.Read(b) // If a close-notify alert is waiting, read it so that we can return (n, // EOF) instead of (n, nil), to signal to the HTTP response reading // goroutine that the connection is now closed. This eliminates a race // where the HTTP response reading goroutine would otherwise not observe // the EOF until its next read, by which time a client goroutine might // have already tried to reuse the HTTP connection for a new request. // See https://golang.org/cl/76400046 and https://golang.org/issue/3514 if n != 0 && c.input.Len() == 0 && c.rawInput.Len() > 0 && recordType(c.rawInput.Bytes()[0]) == recordTypeAlert { if err := c.readRecord(); err != nil { return n, err // will be io.EOF on closeNotify } } return n, nil } // Close closes the connection. func (c *Conn) Close() error { // Interlock with Conn.Write above. var x int32 for { x = atomic.LoadInt32(&c.activeCall) if x&1 != 0 { return errClosed } if atomic.CompareAndSwapInt32(&c.activeCall, x, x|1) { break } } if x != 0 { // io.Writer and io.Closer should not be used concurrently. // If Close is called while a Write is currently in-flight, // interpret that as a sign that this Close is really just // being used to break the Write and/or clean up resources and // avoid sending the alertCloseNotify, which may block // waiting on handshakeMutex or the c.out mutex. return c.conn.Close() } var alertErr error if c.handshakeComplete() { alertErr = c.closeNotify() } if err := c.conn.Close(); err != nil { return err } return alertErr } var errEarlyCloseWrite = errors.New("tls: CloseWrite called before handshake complete") // CloseWrite shuts down the writing side of the connection. It should only be // called once the handshake has completed and does not call CloseWrite on the // underlying connection. Most callers should just use Close. func (c *Conn) CloseWrite() error { if !c.handshakeComplete() { return errEarlyCloseWrite } return c.closeNotify() } func (c *Conn) closeNotify() error { c.out.Lock() defer c.out.Unlock() if !c.closeNotifySent { c.closeNotifyErr = c.sendAlertLocked(alertCloseNotify) c.closeNotifySent = true } return c.closeNotifyErr } // Handshake runs the client or server handshake // protocol if it has not yet been run. // Most uses of this package need not call Handshake // explicitly: the first Read or Write will call it automatically. func (c *Conn) Handshake() error { c.handshakeMutex.Lock() defer c.handshakeMutex.Unlock() if err := c.handshakeErr; err != nil { return err } if c.handshakeComplete() { return nil } c.in.Lock() defer c.in.Unlock() if c.isClient { c.handshakeErr = c.clientHandshake() } else { c.handshakeErr = c.serverHandshake() } if c.handshakeErr == nil { c.handshakes++ } else { // If an error occurred during the handshake try to flush the // alert that might be left in the buffer. c.flush() } if c.handshakeErr == nil && !c.handshakeComplete() { c.handshakeErr = errors.New("tls: internal error: handshake should have had a result") } return c.handshakeErr } // ConnectionState returns basic TLS details about the connection. func (c *Conn) ConnectionState() ConnectionState { c.handshakeMutex.Lock() defer c.handshakeMutex.Unlock() var state ConnectionState state.HandshakeComplete = c.handshakeComplete() state.ServerName = c.serverName if state.HandshakeComplete { state.Version = c.vers state.NegotiatedProtocol = c.clientProtocol state.DidResume = c.didResume state.NegotiatedProtocolIsMutual = !c.clientProtocolFallback state.CipherSuite = c.cipherSuite state.PeerCertificates = c.peerCertificates state.VerifiedChains = c.verifiedChains state.SignedCertificateTimestamps = c.scts state.OCSPResponse = c.ocspResponse if !c.didResume && c.vers != VersionTLS13 { if c.clientFinishedIsFirst { state.TLSUnique = c.clientFinished[:] } else { state.TLSUnique = c.serverFinished[:] } } state.Used0RTT = c.used0RTT if c.config.Renegotiation != RenegotiateNever { state.ekm = noExportedKeyingMaterial } else { state.ekm = c.ekm } } return state } // OCSPResponse returns the stapled OCSP response from the TLS server, if // any. (Only valid for client connections.) func (c *Conn) OCSPResponse() []byte { c.handshakeMutex.Lock() defer c.handshakeMutex.Unlock() return c.ocspResponse } // VerifyHostname checks that the peer certificate chain is valid for // connecting to host. If so, it returns nil; if not, it returns an error // describing the problem. func (c *Conn) VerifyHostname(host string) error { c.handshakeMutex.Lock() defer c.handshakeMutex.Unlock() if !c.isClient { return errors.New("tls: VerifyHostname called on TLS server connection") } if !c.handshakeComplete() { return errors.New("tls: handshake has not yet been performed") } if len(c.verifiedChains) == 0 { return errors.New("tls: handshake did not verify certificate chain") } return c.peerCertificates[0].VerifyHostname(host) } func (c *Conn) handshakeComplete() bool { return atomic.LoadUint32(&c.handshakeStatus) == 1 } golang-github-marten-seemann-qtls-0.10.0/conn_test.go000066400000000000000000000233051373277661100225530ustar00rootroot00000000000000// Copyright 2010 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "io" "net" "testing" ) func TestRoundUp(t *testing.T) { if roundUp(0, 16) != 0 || roundUp(1, 16) != 16 || roundUp(15, 16) != 16 || roundUp(16, 16) != 16 || roundUp(17, 16) != 32 { t.Error("roundUp broken") } } // will be initialized with {0, 255, 255, ..., 255} var padding255Bad = [256]byte{} // will be initialized with {255, 255, 255, ..., 255} var padding255Good = [256]byte{255} var paddingTests = []struct { in []byte good bool expectedLen int }{ {[]byte{1, 2, 3, 4, 0}, true, 4}, {[]byte{1, 2, 3, 4, 0, 1}, false, 0}, {[]byte{1, 2, 3, 4, 99, 99}, false, 0}, {[]byte{1, 2, 3, 4, 1, 1}, true, 4}, {[]byte{1, 2, 3, 2, 2, 2}, true, 3}, {[]byte{1, 2, 3, 3, 3, 3}, true, 2}, {[]byte{1, 2, 3, 4, 3, 3}, false, 0}, {[]byte{1, 4, 4, 4, 4, 4}, true, 1}, {[]byte{5, 5, 5, 5, 5, 5}, true, 0}, {[]byte{6, 6, 6, 6, 6, 6}, false, 0}, {padding255Bad[:], false, 0}, {padding255Good[:], true, 0}, } func TestRemovePadding(t *testing.T) { for i := 1; i < len(padding255Bad); i++ { padding255Bad[i] = 255 padding255Good[i] = 255 } for i, test := range paddingTests { paddingLen, good := extractPadding(test.in) expectedGood := byte(255) if !test.good { expectedGood = 0 } if good != expectedGood { t.Errorf("#%d: wrong validity, want:%d got:%d", i, expectedGood, good) } if good == 255 && len(test.in)-paddingLen != test.expectedLen { t.Errorf("#%d: got %d, want %d", i, len(test.in)-paddingLen, test.expectedLen) } } } var certExampleCom = `308201713082011ba003020102021005a75ddf21014d5f417083b7a010ba2e300d06092a864886f70d01010b050030123110300e060355040a130741636d6520436f301e170d3136303831373231343135335a170d3137303831373231343135335a30123110300e060355040a130741636d6520436f305c300d06092a864886f70d0101010500034b003048024100b37f0fdd67e715bf532046ac34acbd8fdc4dabe2b598588f3f58b1f12e6219a16cbfe54d2b4b665396013589262360b6721efa27d546854f17cc9aeec6751db10203010001a34d304b300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff0402300030160603551d11040f300d820b6578616d706c652e636f6d300d06092a864886f70d01010b050003410059fc487866d3d855503c8e064ca32aac5e9babcece89ec597f8b2b24c17867f4a5d3b4ece06e795bfc5448ccbd2ffca1b3433171ebf3557a4737b020565350a0` var certWildcardExampleCom = `308201743082011ea003020102021100a7aa6297c9416a4633af8bec2958c607300d06092a864886f70d01010b050030123110300e060355040a130741636d6520436f301e170d3136303831373231343231395a170d3137303831373231343231395a30123110300e060355040a130741636d6520436f305c300d06092a864886f70d0101010500034b003048024100b105afc859a711ee864114e7d2d46c2dcbe392d3506249f6c2285b0eb342cc4bf2d803677c61c0abde443f084745c1a6d62080e5664ef2cc8f50ad8a0ab8870b0203010001a34f304d300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff0402300030180603551d110411300f820d2a2e6578616d706c652e636f6d300d06092a864886f70d01010b0500034100af26088584d266e3f6566360cf862c7fecc441484b098b107439543144a2b93f20781988281e108c6d7656934e56950e1e5f2bcf38796b814ccb729445856c34` var certFooExampleCom = `308201753082011fa00302010202101bbdb6070b0aeffc49008cde74deef29300d06092a864886f70d01010b050030123110300e060355040a130741636d6520436f301e170d3136303831373231343234345a170d3137303831373231343234345a30123110300e060355040a130741636d6520436f305c300d06092a864886f70d0101010500034b003048024100f00ac69d8ca2829f26216c7b50f1d4bbabad58d447706476cd89a2f3e1859943748aa42c15eedc93ac7c49e40d3b05ed645cb6b81c4efba60d961f44211a54eb0203010001a351304f300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000301a0603551d1104133011820f666f6f2e6578616d706c652e636f6d300d06092a864886f70d01010b0500034100a0957fca6d1e0f1ef4b247348c7a8ca092c29c9c0ecc1898ea6b8065d23af6d922a410dd2335a0ea15edd1394cef9f62c9e876a21e35250a0b4fe1ddceba0f36` func TestCertificateSelection(t *testing.T) { config := Config{ Certificates: []Certificate{ { Certificate: [][]byte{fromHex(certExampleCom)}, }, { Certificate: [][]byte{fromHex(certWildcardExampleCom)}, }, { Certificate: [][]byte{fromHex(certFooExampleCom)}, }, }, } config.BuildNameToCertificate() pointerToIndex := func(c *Certificate) int { for i := range config.Certificates { if c == &config.Certificates[i] { return i } } return -1 } certificateForName := func(name string) *Certificate { clientHello := &ClientHelloInfo{ ServerName: name, } if cert, err := config.getCertificate(clientHello); err != nil { t.Errorf("unable to get certificate for name '%s': %s", name, err) return nil } else { return cert } } if n := pointerToIndex(certificateForName("example.com")); n != 0 { t.Errorf("example.com returned certificate %d, not 0", n) } if n := pointerToIndex(certificateForName("bar.example.com")); n != 1 { t.Errorf("bar.example.com returned certificate %d, not 1", n) } if n := pointerToIndex(certificateForName("foo.example.com")); n != 2 { t.Errorf("foo.example.com returned certificate %d, not 2", n) } if n := pointerToIndex(certificateForName("foo.bar.example.com")); n != 0 { t.Errorf("foo.bar.example.com returned certificate %d, not 0", n) } } // Run with multiple crypto configs to test the logic for computing TLS record overheads. func runDynamicRecordSizingTest(t *testing.T, config *Config) { clientConn, serverConn := localPipe(t) serverConfig := config.Clone() serverConfig.DynamicRecordSizingDisabled = false tlsConn := Server(serverConn, serverConfig) handshakeDone := make(chan struct{}) recordSizesChan := make(chan []int, 1) defer func() { <-recordSizesChan }() // wait for the goroutine to exit go func() { // This goroutine performs a TLS handshake over clientConn and // then reads TLS records until EOF. It writes a slice that // contains all the record sizes to recordSizesChan. defer close(recordSizesChan) defer clientConn.Close() tlsConn := Client(clientConn, config) if err := tlsConn.Handshake(); err != nil { t.Errorf("Error from client handshake: %v", err) return } close(handshakeDone) var recordHeader [recordHeaderLen]byte var record []byte var recordSizes []int for { n, err := io.ReadFull(clientConn, recordHeader[:]) if err == io.EOF { break } if err != nil || n != len(recordHeader) { t.Errorf("io.ReadFull = %d, %v", n, err) return } length := int(recordHeader[3])<<8 | int(recordHeader[4]) if len(record) < length { record = make([]byte, length) } n, err = io.ReadFull(clientConn, record[:length]) if err != nil || n != length { t.Errorf("io.ReadFull = %d, %v", n, err) return } recordSizes = append(recordSizes, recordHeaderLen+length) } recordSizesChan <- recordSizes }() if err := tlsConn.Handshake(); err != nil { t.Fatalf("Error from server handshake: %s", err) } <-handshakeDone // The server writes these plaintexts in order. plaintext := bytes.Join([][]byte{ bytes.Repeat([]byte("x"), recordSizeBoostThreshold), bytes.Repeat([]byte("y"), maxPlaintext*2), bytes.Repeat([]byte("z"), maxPlaintext), }, nil) if _, err := tlsConn.Write(plaintext); err != nil { t.Fatalf("Error from server write: %s", err) } if err := tlsConn.Close(); err != nil { t.Fatalf("Error from server close: %s", err) } recordSizes := <-recordSizesChan if recordSizes == nil { t.Fatalf("Client encountered an error") } // Drop the size of the second to last record, which is likely to be // truncated, and the last record, which is a close_notify alert. recordSizes = recordSizes[:len(recordSizes)-2] // recordSizes should contain a series of records smaller than // tcpMSSEstimate followed by some larger than maxPlaintext. seenLargeRecord := false for i, size := range recordSizes { if !seenLargeRecord { if size > (i+1)*tcpMSSEstimate { t.Fatalf("Record #%d has size %d, which is too large too soon", i, size) } if size >= maxPlaintext { seenLargeRecord = true } } else if size <= maxPlaintext { t.Fatalf("Record #%d has size %d but should be full sized", i, size) } } if !seenLargeRecord { t.Fatalf("No large records observed") } } func TestDynamicRecordSizingWithStreamCipher(t *testing.T) { config := testConfig.Clone() config.MaxVersion = VersionTLS12 config.CipherSuites = []uint16{TLS_RSA_WITH_RC4_128_SHA} runDynamicRecordSizingTest(t, config) } func TestDynamicRecordSizingWithCBC(t *testing.T) { config := testConfig.Clone() config.MaxVersion = VersionTLS12 config.CipherSuites = []uint16{TLS_RSA_WITH_AES_256_CBC_SHA} runDynamicRecordSizingTest(t, config) } func TestDynamicRecordSizingWithAEAD(t *testing.T) { config := testConfig.Clone() config.MaxVersion = VersionTLS12 config.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256} runDynamicRecordSizingTest(t, config) } func TestDynamicRecordSizingWithTLSv13(t *testing.T) { config := testConfig.Clone() runDynamicRecordSizingTest(t, config) } // hairpinConn is a net.Conn that makes a “hairpin” call when closed, back into // the tls.Conn which is calling it. type hairpinConn struct { net.Conn tlsConn *Conn } func (conn *hairpinConn) Close() error { conn.tlsConn.ConnectionState() return nil } func TestHairpinInClose(t *testing.T) { // This tests that the underlying net.Conn can call back into the // tls.Conn when being closed without deadlocking. client, server := localPipe(t) defer server.Close() defer client.Close() conn := &hairpinConn{client, nil} tlsConn := Server(conn, &Config{ GetCertificate: func(*ClientHelloInfo) (*Certificate, error) { panic("unreachable") }, }) conn.tlsConn = tlsConn // This call should not deadlock. tlsConn.Close() } golang-github-marten-seemann-qtls-0.10.0/example_test.go000066400000000000000000000205341373277661100232520ustar00rootroot00000000000000// Copyright 2014 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls_test import ( "crypto/tls" "crypto/x509" "errors" "log" "net/http" "net/http/httptest" "os" "time" ) // zeroSource is an io.Reader that returns an unlimited number of zero bytes. type zeroSource struct{} func (zeroSource) Read(b []byte) (n int, err error) { for i := range b { b[i] = 0 } return len(b), nil } func ExampleDial() { // Connecting with a custom root-certificate set. const rootPEM = ` -----BEGIN CERTIFICATE----- MIIEBDCCAuygAwIBAgIDAjppMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTUwNDA0MTUxNTU1WjBJMQswCQYDVQQG EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB+zCB+DAfBgNVHSMEGDAWgBTAephojYn7 qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2g K4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwPQYI KwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vZ3RnbG9iYWwtb2NzcC5n ZW90cnVzdC5jb20wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMA0GCSqGSIb3DQEB BQUAA4IBAQA21waAESetKhSbOHezI6B1WLuxfoNCunLaHtiONgaX4PCVOzf9G0JY /iLIa704XtE7JW4S615ndkZAkNoUyHgN7ZVm2o6Gb4ChulYylYbc3GrKBIxbf/a/ zG+FA1jDaFETzf3I93k9mTXwVqO94FntT0QJo544evZG0R0SnU++0ED8Vf4GXjza HFa9llF7b1cq26KqltyMdMKVvvBulRP/F/A8rLIQjcxz++iPAsbw+zOzlTvjwsto WHPbqCRiOwY1nQ2pM714A5AuTHhdUDqB1O6gyHA43LL5Z/qHQF1hwFGPa4NrzQU6 yuGnBXj8ytqU0CwIPX4WecigUCAkVDNx -----END CERTIFICATE-----` // First, create the set of root certificates. For this example we only // have one. It's also possible to omit this in order to use the // default root set of the current operating system. roots := x509.NewCertPool() ok := roots.AppendCertsFromPEM([]byte(rootPEM)) if !ok { panic("failed to parse root certificate") } conn, err := tls.Dial("tcp", "mail.google.com:443", &tls.Config{ RootCAs: roots, }) if err != nil { panic("failed to connect: " + err.Error()) } conn.Close() } func ExampleConfig_keyLogWriter() { // Debugging TLS applications by decrypting a network traffic capture. // WARNING: Use of KeyLogWriter compromises security and should only be // used for debugging. // Dummy test HTTP server for the example with insecure random so output is // reproducible. server := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) server.TLS = &tls.Config{ Rand: zeroSource{}, // for example only; don't do this. } server.StartTLS() defer server.Close() // Typically the log would go to an open file: // w, err := os.OpenFile("tls-secrets.txt", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) w := os.Stdout client := &http.Client{ Transport: &http.Transport{ TLSClientConfig: &tls.Config{ KeyLogWriter: w, Rand: zeroSource{}, // for reproducible output; don't do this. InsecureSkipVerify: true, // test server certificate is not trusted. }, }, } resp, err := client.Get(server.URL) if err != nil { log.Fatalf("Failed to get URL: %v", err) } resp.Body.Close() // The resulting file can be used with Wireshark to decrypt the TLS // connection by setting (Pre)-Master-Secret log filename in SSL Protocol // preferences. } func ExampleLoadX509KeyPair() { cert, err := tls.LoadX509KeyPair("testdata/example-cert.pem", "testdata/example-key.pem") if err != nil { log.Fatal(err) } cfg := &tls.Config{Certificates: []tls.Certificate{cert}} listener, err := tls.Listen("tcp", ":2000", cfg) if err != nil { log.Fatal(err) } _ = listener } func ExampleX509KeyPair() { certPem := []byte(`-----BEGIN CERTIFICATE----- MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d 7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B 5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1 NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc 6MF9+Yw1Yy0t -----END CERTIFICATE-----`) keyPem := []byte(`-----BEGIN EC PRIVATE KEY----- MHcCAQEEIIrYSSNQFaA2Hwf1duRSxKtLYX5CB04fSeQ6tF1aY/PuoAoGCCqGSM49 AwEHoUQDQgAEPR3tU2Fta9ktY+6P9G0cWO+0kETA6SFs38GecTyudlHz6xvCdz8q EKTcWGekdmdDPsHloRNtsiCa697B2O9IFA== -----END EC PRIVATE KEY-----`) cert, err := tls.X509KeyPair(certPem, keyPem) if err != nil { log.Fatal(err) } cfg := &tls.Config{Certificates: []tls.Certificate{cert}} listener, err := tls.Listen("tcp", ":2000", cfg) if err != nil { log.Fatal(err) } _ = listener } func ExampleX509KeyPair_httpServer() { certPem := []byte(`-----BEGIN CERTIFICATE----- MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d 7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B 5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1 NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc 6MF9+Yw1Yy0t -----END CERTIFICATE-----`) keyPem := []byte(`-----BEGIN EC PRIVATE KEY----- MHcCAQEEIIrYSSNQFaA2Hwf1duRSxKtLYX5CB04fSeQ6tF1aY/PuoAoGCCqGSM49 AwEHoUQDQgAEPR3tU2Fta9ktY+6P9G0cWO+0kETA6SFs38GecTyudlHz6xvCdz8q EKTcWGekdmdDPsHloRNtsiCa697B2O9IFA== -----END EC PRIVATE KEY-----`) cert, err := tls.X509KeyPair(certPem, keyPem) if err != nil { log.Fatal(err) } cfg := &tls.Config{Certificates: []tls.Certificate{cert}} srv := &http.Server{ TLSConfig: cfg, ReadTimeout: time.Minute, WriteTimeout: time.Minute, } log.Fatal(srv.ListenAndServeTLS("", "")) } func ExampleConfig_verifyPeerCertificate() { // VerifyPeerCertificate can be used to replace and customize certificate // verification. This example shows a VerifyPeerCertificate implementation // that will be approximately equivalent to what crypto/tls does normally. config := &tls.Config{ // Set InsecureSkipVerify to skip the default validation we are // replacing. This will not disable VerifyPeerCertificate. InsecureSkipVerify: true, // While packages like net/http will implicitly set ServerName, the // VerifyPeerCertificate callback can't access that value, so it has to be set // explicitly here or in VerifyPeerCertificate on the client side. If in // an http.Transport DialTLS callback, this can be obtained by passing // the addr argument to net.SplitHostPort. ServerName: "example.com", // On the server side, set ClientAuth to require client certificates (or // VerifyPeerCertificate will run anyway and panic accessing certs[0]) // but not verify them with the default verifier. // ClientAuth: tls.RequireAnyClientCert, } config.VerifyPeerCertificate = func(certificates [][]byte, _ [][]*x509.Certificate) error { certs := make([]*x509.Certificate, len(certificates)) for i, asn1Data := range certificates { cert, err := x509.ParseCertificate(asn1Data) if err != nil { return errors.New("tls: failed to parse certificate from server: " + err.Error()) } certs[i] = cert } opts := x509.VerifyOptions{ Roots: config.RootCAs, // On the server side, use config.ClientCAs. DNSName: config.ServerName, Intermediates: x509.NewCertPool(), // On the server side, set KeyUsages to ExtKeyUsageClientAuth. The // default value is appropriate for clients side verification. // KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, } for _, cert := range certs[1:] { opts.Intermediates.AddCert(cert) } _, err := certs[0].Verify(opts) return err } // Note that when InsecureSkipVerify and VerifyPeerCertificate are in use, // ConnectionState.VerifiedChains will be nil. } golang-github-marten-seemann-qtls-0.10.0/generate_cert.go000066400000000000000000000107561373277661100233740ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // +build ignore // Generate a self-signed X.509 certificate for a TLS server. Outputs to // 'cert.pem' and 'key.pem' and will overwrite existing files. package main import ( "crypto/ecdsa" "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" "crypto/x509" "crypto/x509/pkix" "encoding/pem" "flag" "log" "math/big" "net" "os" "strings" "time" ) var ( host = flag.String("host", "", "Comma-separated hostnames and IPs to generate a certificate for") validFrom = flag.String("start-date", "", "Creation date formatted as Jan 1 15:04:05 2011") validFor = flag.Duration("duration", 365*24*time.Hour, "Duration that certificate is valid for") isCA = flag.Bool("ca", false, "whether this cert should be its own Certificate Authority") rsaBits = flag.Int("rsa-bits", 2048, "Size of RSA key to generate. Ignored if --ecdsa-curve is set") ecdsaCurve = flag.String("ecdsa-curve", "", "ECDSA curve to use to generate a key. Valid values are P224, P256 (recommended), P384, P521") ed25519Key = flag.Bool("ed25519", false, "Generate an Ed25519 key") ) func publicKey(priv interface{}) interface{} { switch k := priv.(type) { case *rsa.PrivateKey: return &k.PublicKey case *ecdsa.PrivateKey: return &k.PublicKey case ed25519.PrivateKey: return k.Public().(ed25519.PublicKey) default: return nil } } func main() { flag.Parse() if len(*host) == 0 { log.Fatalf("Missing required --host parameter") } var priv interface{} var err error switch *ecdsaCurve { case "": if *ed25519Key { _, priv, err = ed25519.GenerateKey(rand.Reader) } else { priv, err = rsa.GenerateKey(rand.Reader, *rsaBits) } case "P224": priv, err = ecdsa.GenerateKey(elliptic.P224(), rand.Reader) case "P256": priv, err = ecdsa.GenerateKey(elliptic.P256(), rand.Reader) case "P384": priv, err = ecdsa.GenerateKey(elliptic.P384(), rand.Reader) case "P521": priv, err = ecdsa.GenerateKey(elliptic.P521(), rand.Reader) default: log.Fatalf("Unrecognized elliptic curve: %q", *ecdsaCurve) } if err != nil { log.Fatalf("Failed to generate private key: %v", err) } var notBefore time.Time if len(*validFrom) == 0 { notBefore = time.Now() } else { notBefore, err = time.Parse("Jan 2 15:04:05 2006", *validFrom) if err != nil { log.Fatalf("Failed to parse creation date: %v", err) } } notAfter := notBefore.Add(*validFor) serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) if err != nil { log.Fatalf("Failed to generate serial number: %v", err) } template := x509.Certificate{ SerialNumber: serialNumber, Subject: pkix.Name{ Organization: []string{"Acme Co"}, }, NotBefore: notBefore, NotAfter: notAfter, KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, BasicConstraintsValid: true, } hosts := strings.Split(*host, ",") for _, h := range hosts { if ip := net.ParseIP(h); ip != nil { template.IPAddresses = append(template.IPAddresses, ip) } else { template.DNSNames = append(template.DNSNames, h) } } if *isCA { template.IsCA = true template.KeyUsage |= x509.KeyUsageCertSign } derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, publicKey(priv), priv) if err != nil { log.Fatalf("Failed to create certificate: %v", err) } certOut, err := os.Create("cert.pem") if err != nil { log.Fatalf("Failed to open cert.pem for writing: %v", err) } if err := pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}); err != nil { log.Fatalf("Failed to write data to cert.pem: %v", err) } if err := certOut.Close(); err != nil { log.Fatalf("Error closing cert.pem: %v", err) } log.Print("wrote cert.pem\n") keyOut, err := os.OpenFile("key.pem", os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) if err != nil { log.Fatalf("Failed to open key.pem for writing: %v", err) return } privBytes, err := x509.MarshalPKCS8PrivateKey(priv) if err != nil { log.Fatalf("Unable to marshal private key: %v", err) } if err := pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes}); err != nil { log.Fatalf("Failed to write data to key.pem: %v", err) } if err := keyOut.Close(); err != nil { log.Fatalf("Error closing key.pem: %v", err) } log.Print("wrote key.pem\n") } golang-github-marten-seemann-qtls-0.10.0/go.mod000066400000000000000000000003111373277661100213260ustar00rootroot00000000000000module github.com/marten-seemann/qtls go 1.14 require ( github.com/golang/mock v1.4.0 golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae ) golang-github-marten-seemann-qtls-0.10.0/go.sum000066400000000000000000000032211373277661100213560ustar00rootroot00000000000000github.com/golang/mock v1.4.0 h1:Rd1kQnQu0Hq3qvJppYSG0HtP+f5LPPUiDswTLiEegLg= github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d h1:1ZiEyfaQIg3Qh0EoqpwAakHVhecoE5wlSg5GjnafJGw= golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepxRw6jWvR5iDRdvjHgy8= golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= golang-github-marten-seemann-qtls-0.10.0/handshake_client.go000066400000000000000000000753241373277661100240530ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto" "crypto/ecdsa" "crypto/ed25519" "crypto/rsa" "crypto/subtle" "crypto/x509" "errors" "fmt" "io" "net" "strings" "sync/atomic" "time" "golang.org/x/crypto/cryptobyte" ) const clientSessionStateVersion = 1 type clientHandshakeState struct { c *Conn serverHello *serverHelloMsg hello *clientHelloMsg suite *cipherSuite finishedHash finishedHash masterSecret []byte session *ClientSessionState } func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) { config := c.config if len(config.ServerName) == 0 && !config.InsecureSkipVerify { return nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config") } nextProtosLength := 0 for _, proto := range config.NextProtos { if l := len(proto); l == 0 || l > 255 { return nil, nil, errors.New("tls: invalid NextProtos value") } else { nextProtosLength += 1 + l } } if nextProtosLength > 0xffff { return nil, nil, errors.New("tls: NextProtos values too large") } supportedVersions := config.supportedVersions() if len(supportedVersions) == 0 { return nil, nil, errors.New("tls: no supported versions satisfy MinVersion and MaxVersion") } clientHelloVersion := supportedVersions[0] // The version at the beginning of the ClientHello was capped at TLS 1.2 // for compatibility reasons. The supported_versions extension is used // to negotiate versions now. See RFC 8446, Section 4.2.1. if clientHelloVersion > VersionTLS12 { clientHelloVersion = VersionTLS12 } hello := &clientHelloMsg{ vers: clientHelloVersion, compressionMethods: []uint8{compressionNone}, random: make([]byte, 32), ocspStapling: true, scts: true, serverName: hostnameInSNI(config.ServerName), supportedCurves: config.curvePreferences(), supportedPoints: []uint8{pointFormatUncompressed}, secureRenegotiationSupported: true, alpnProtocols: config.NextProtos, supportedVersions: supportedVersions, } if c.handshakes > 0 { hello.secureRenegotiation = c.clientFinished[:] } possibleCipherSuites := config.cipherSuites() hello.cipherSuites = make([]uint16, 0, len(possibleCipherSuites)) // add non-TLS 1.3 cipher suites if c.config.MinVersion <= VersionTLS12 { for _, suiteId := range possibleCipherSuites { for _, suite := range cipherSuites { if suite.id != suiteId { continue } // Don't advertise TLS 1.2-only cipher suites unless // we're attempting TLS 1.2. if hello.vers < VersionTLS12 && suite.flags&suiteTLS12 != 0 { break } hello.cipherSuites = append(hello.cipherSuites, suiteId) break } } } _, err := io.ReadFull(config.rand(), hello.random) if err != nil { return nil, nil, errors.New("tls: short read from Rand: " + err.Error()) } // A random session ID is used to detect when the server accepted a ticket // and is resuming a session (see RFC 5077). In TLS 1.3, it's always set as // a compatibility measure (see RFC 8446, Section 4.1.2). if c.config.AlternativeRecordLayer == nil { hello.sessionId = make([]byte, 32) if _, err := io.ReadFull(config.rand(), hello.sessionId); err != nil { return nil, nil, errors.New("tls: short read from Rand: " + err.Error()) } } if hello.vers >= VersionTLS12 { hello.supportedSignatureAlgorithms = supportedSignatureAlgorithms } var params ecdheParameters if hello.supportedVersions[0] == VersionTLS13 { var hasTLS13CipherSuite bool // add TLS 1.3 cipher suites for _, suiteID := range possibleCipherSuites { for _, suite := range cipherSuitesTLS13 { if suite.id == suiteID { hasTLS13CipherSuite = true hello.cipherSuites = append(hello.cipherSuites, suiteID) } } } if !hasTLS13CipherSuite { hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13()...) } curveID := config.curvePreferences()[0] if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok { return nil, nil, errors.New("tls: CurvePreferences includes unsupported curve") } params, err = generateECDHEParameters(config.rand(), curveID) if err != nil { return nil, nil, err } hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}} } if hello.supportedVersions[0] == VersionTLS13 && config.GetExtensions != nil { hello.additionalExtensions = config.GetExtensions(typeClientHello) } return hello, params, nil } func (c *Conn) clientHandshake() (err error) { if c.config == nil { c.config = defaultConfig() } c.setAlternativeRecordLayer() // This may be a renegotiation handshake, in which case some fields // need to be reset. c.didResume = false hello, ecdheParams, err := c.makeClientHello() if err != nil { return err } cacheKey, session, earlySecret, binderKey := c.loadSession(hello) if cacheKey != "" && session != nil { var deletedTicket bool if session.vers == VersionTLS13 && hello.earlyData && c.config.Enable0RTT { // don't reuse a session ticket that enabled 0-RTT c.config.ClientSessionCache.Put(cacheKey, nil) deletedTicket = true if suite := cipherSuiteTLS13ByID(session.cipherSuite); suite != nil { h := suite.hash.New() h.Write(hello.marshal()) clientEarlySecret := suite.deriveSecret(earlySecret, "c e traffic", h) c.out.exportKey(Encryption0RTT, suite, clientEarlySecret) if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hello.random, clientEarlySecret); err != nil { c.sendAlert(alertInternalError) return err } } } if !deletedTicket { defer func() { // If we got a handshake failure when resuming a session, throw away // the session ticket. See RFC 5077, Section 3.2. // // RFC 8446 makes no mention of dropping tickets on failure, but it // does require servers to abort on invalid binders, so we need to // delete tickets to recover from a corrupted PSK. if err != nil { c.config.ClientSessionCache.Put(cacheKey, nil) } }() } } if _, err := c.writeRecord(recordTypeHandshake, hello.marshal()); err != nil { return err } msg, err := c.readHandshake() if err != nil { return err } serverHello, ok := msg.(*serverHelloMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(serverHello, msg) } if err := c.pickTLSVersion(serverHello); err != nil { return err } if c.vers == VersionTLS13 { hs := &clientHandshakeStateTLS13{ c: c, serverHello: serverHello, hello: hello, ecdheParams: ecdheParams, session: session, earlySecret: earlySecret, binderKey: binderKey, } // In TLS 1.3, session tickets are delivered after the handshake. return hs.handshake() } hs := &clientHandshakeState{ c: c, serverHello: serverHello, hello: hello, session: session, } if err := hs.handshake(); err != nil { return err } // If we had a successful handshake and hs.session is different from // the one already cached - cache a new one. if cacheKey != "" && hs.session != nil && session != hs.session { c.config.ClientSessionCache.Put(cacheKey, hs.session) } return nil } // extract the app data saved in the session.nonce, // and set the session.nonce to the actual nonce value func (c *Conn) decodeSessionState(session *ClientSessionState) (uint32 /* max early data */, []byte /* app data */, bool /* ok */) { s := cryptobyte.String(session.nonce) var version uint16 if !s.ReadUint16(&version) { return 0, nil, false } if version != clientSessionStateVersion { return 0, nil, false } var maxEarlyData uint32 if !s.ReadUint32(&maxEarlyData) { return 0, nil, false } var appData []byte if !readUint16LengthPrefixed(&s, &appData) { return 0, nil, false } var nonce []byte if !readUint16LengthPrefixed(&s, &nonce) { return 0, nil, false } session.nonce = nonce return maxEarlyData, appData, true } func (c *Conn) loadSession(hello *clientHelloMsg) (cacheKey string, session *ClientSessionState, earlySecret, binderKey []byte) { if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil { return "", nil, nil, nil } hello.ticketSupported = true if hello.supportedVersions[0] == VersionTLS13 { // Require DHE on resumption as it guarantees forward secrecy against // compromise of the session ticket key. See RFC 8446, Section 4.2.9. hello.pskModes = []uint8{pskModeDHE} } // Session resumption is not allowed if renegotiating because // renegotiation is primarily used to allow a client to send a client // certificate, which would be skipped if session resumption occurred. if c.handshakes != 0 { return "", nil, nil, nil } // Try to resume a previously negotiated TLS session, if available. cacheKey = clientSessionCacheKey(c.conn.RemoteAddr(), c.config) session, ok := c.config.ClientSessionCache.Get(cacheKey) if !ok || session == nil { return cacheKey, nil, nil, nil } var appData []byte var maxEarlyData uint32 if session.vers == VersionTLS13 { var ok bool maxEarlyData, appData, ok = c.decodeSessionState(session) if !ok { // delete it, if parsing failed c.config.ClientSessionCache.Put(cacheKey, nil) return cacheKey, nil, nil, nil } } // Check that version used for the previous session is still valid. versOk := false for _, v := range hello.supportedVersions { if v == session.vers { versOk = true break } } if !versOk { return cacheKey, nil, nil, nil } // Check that the cached server certificate is not expired, and that it's // valid for the ServerName. This should be ensured by the cache key, but // protect the application from a faulty ClientSessionCache implementation. if !c.config.InsecureSkipVerify { if len(session.verifiedChains) == 0 { // The original connection had InsecureSkipVerify, while this doesn't. return cacheKey, nil, nil, nil } serverCert := session.serverCertificates[0] if c.config.time().After(serverCert.NotAfter) { // Expired certificate, delete the entry. c.config.ClientSessionCache.Put(cacheKey, nil) return cacheKey, nil, nil, nil } if err := serverCert.VerifyHostname(c.config.ServerName); err != nil { return cacheKey, nil, nil, nil } } if session.vers != VersionTLS13 { // In TLS 1.2 the cipher suite must match the resumed session. Ensure we // are still offering it. if mutualCipherSuite(hello.cipherSuites, session.cipherSuite) == nil { return cacheKey, nil, nil, nil } hello.sessionTicket = session.sessionTicket return } // Check that the session ticket is not expired. if c.config.time().After(session.useBy) { c.config.ClientSessionCache.Put(cacheKey, nil) return cacheKey, nil, nil, nil } // In TLS 1.3 the KDF hash must match the resumed session. Ensure we // offer at least one cipher suite with that hash. cipherSuite := cipherSuiteTLS13ByID(session.cipherSuite) if cipherSuite == nil { return cacheKey, nil, nil, nil } cipherSuiteOk := false for _, offeredID := range hello.cipherSuites { offeredSuite := cipherSuiteTLS13ByID(offeredID) if offeredSuite != nil && offeredSuite.hash == cipherSuite.hash { cipherSuiteOk = true break } } if !cipherSuiteOk { return cacheKey, nil, nil, nil } // Set the pre_shared_key extension. See RFC 8446, Section 4.2.11.1. ticketAge := uint32(c.config.time().Sub(session.receivedAt) / time.Millisecond) identity := pskIdentity{ label: session.sessionTicket, obfuscatedTicketAge: ticketAge + session.ageAdd, } hello.pskIdentities = []pskIdentity{identity} hello.pskBinders = [][]byte{make([]byte, cipherSuite.hash.Size())} // Compute the PSK binders. See RFC 8446, Section 4.2.11.2. psk := cipherSuite.expandLabel(session.masterSecret, "resumption", session.nonce, cipherSuite.hash.Size()) earlySecret = cipherSuite.extract(psk, nil) binderKey = cipherSuite.deriveSecret(earlySecret, resumptionBinderLabel, nil) hello.earlyData = c.config.Enable0RTT && maxEarlyData > 0 transcript := cipherSuite.hash.New() transcript.Write(hello.marshalWithoutBinders()) pskBinders := [][]byte{cipherSuite.finishedHash(binderKey, transcript)} hello.updateBinders(pskBinders) if session.vers == VersionTLS13 && c.config.SetAppDataFromSessionState != nil { c.config.SetAppDataFromSessionState(appData) } return } func (c *Conn) pickTLSVersion(serverHello *serverHelloMsg) error { peerVersion := serverHello.vers if serverHello.supportedVersion != 0 { peerVersion = serverHello.supportedVersion } vers, ok := c.config.mutualVersion([]uint16{peerVersion}) if !ok { c.sendAlert(alertProtocolVersion) return fmt.Errorf("tls: server selected unsupported protocol version %x", peerVersion) } c.vers = vers c.haveVers = true c.in.version = vers c.out.version = vers return nil } // Does the handshake, either a full one or resumes old session. Requires hs.c, // hs.hello, hs.serverHello, and, optionally, hs.session to be set. func (hs *clientHandshakeState) handshake() error { c := hs.c isResume, err := hs.processServerHello() if err != nil { return err } hs.finishedHash = newFinishedHash(c.vers, hs.suite) // No signatures of the handshake are needed in a resumption. // Otherwise, in a full handshake, if we don't have any certificates // configured then we will never send a CertificateVerify message and // thus no signatures are needed in that case either. if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) { hs.finishedHash.discardHandshakeBuffer() } hs.finishedHash.Write(hs.hello.marshal()) hs.finishedHash.Write(hs.serverHello.marshal()) c.buffering = true if isResume { if err := hs.establishKeys(); err != nil { return err } if err := hs.readSessionTicket(); err != nil { return err } if err := hs.readFinished(c.serverFinished[:]); err != nil { return err } c.clientFinishedIsFirst = false if err := hs.sendFinished(c.clientFinished[:]); err != nil { return err } if _, err := c.flush(); err != nil { return err } } else { if err := hs.doFullHandshake(); err != nil { return err } if err := hs.establishKeys(); err != nil { return err } if err := hs.sendFinished(c.clientFinished[:]); err != nil { return err } if _, err := c.flush(); err != nil { return err } c.clientFinishedIsFirst = true if err := hs.readSessionTicket(); err != nil { return err } if err := hs.readFinished(c.serverFinished[:]); err != nil { return err } } c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random) c.didResume = isResume atomic.StoreUint32(&c.handshakeStatus, 1) return nil } func (hs *clientHandshakeState) pickCipherSuite() error { if hs.suite = mutualCipherSuite(hs.hello.cipherSuites, hs.serverHello.cipherSuite); hs.suite == nil { hs.c.sendAlert(alertHandshakeFailure) return errors.New("tls: server chose an unconfigured cipher suite") } hs.c.cipherSuite = hs.suite.id return nil } func (hs *clientHandshakeState) doFullHandshake() error { c := hs.c msg, err := c.readHandshake() if err != nil { return err } certMsg, ok := msg.(*certificateMsg) if !ok || len(certMsg.certificates) == 0 { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certMsg, msg) } hs.finishedHash.Write(certMsg.marshal()) if c.handshakes == 0 { // If this is the first handshake on a connection, process and // (optionally) verify the server's certificates. if err := c.verifyServerCertificate(certMsg.certificates); err != nil { return err } } else { // This is a renegotiation handshake. We require that the // server's identity (i.e. leaf certificate) is unchanged and // thus any previous trust decision is still valid. // // See https://mitls.org/pages/attacks/3SHAKE for the // motivation behind this requirement. if !bytes.Equal(c.peerCertificates[0].Raw, certMsg.certificates[0]) { c.sendAlert(alertBadCertificate) return errors.New("tls: server's identity changed during renegotiation") } } msg, err = c.readHandshake() if err != nil { return err } cs, ok := msg.(*certificateStatusMsg) if ok { // RFC4366 on Certificate Status Request: // The server MAY return a "certificate_status" message. if !hs.serverHello.ocspStapling { // If a server returns a "CertificateStatus" message, then the // server MUST have included an extension of type "status_request" // with empty "extension_data" in the extended server hello. c.sendAlert(alertUnexpectedMessage) return errors.New("tls: received unexpected CertificateStatus message") } hs.finishedHash.Write(cs.marshal()) c.ocspResponse = cs.response msg, err = c.readHandshake() if err != nil { return err } } keyAgreement := hs.suite.ka(c.vers) skx, ok := msg.(*serverKeyExchangeMsg) if ok { hs.finishedHash.Write(skx.marshal()) err = keyAgreement.processServerKeyExchange(c.config, hs.hello, hs.serverHello, c.peerCertificates[0], skx) if err != nil { c.sendAlert(alertUnexpectedMessage) return err } msg, err = c.readHandshake() if err != nil { return err } } var chainToSend *Certificate var certRequested bool certReq, ok := msg.(*certificateRequestMsg) if ok { certRequested = true hs.finishedHash.Write(certReq.marshal()) cri := certificateRequestInfoFromMsg(c.vers, certReq) if chainToSend, err = c.getClientCertificate(cri); err != nil { c.sendAlert(alertInternalError) return err } msg, err = c.readHandshake() if err != nil { return err } } shd, ok := msg.(*serverHelloDoneMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(shd, msg) } hs.finishedHash.Write(shd.marshal()) // If the server requested a certificate then we have to send a // Certificate message, even if it's empty because we don't have a // certificate to send. if certRequested { certMsg = new(certificateMsg) certMsg.certificates = chainToSend.Certificate hs.finishedHash.Write(certMsg.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil { return err } } preMasterSecret, ckx, err := keyAgreement.generateClientKeyExchange(c.config, hs.hello, c.peerCertificates[0]) if err != nil { c.sendAlert(alertInternalError) return err } if ckx != nil { hs.finishedHash.Write(ckx.marshal()) if _, err := c.writeRecord(recordTypeHandshake, ckx.marshal()); err != nil { return err } } if chainToSend != nil && len(chainToSend.Certificate) > 0 { certVerify := &certificateVerifyMsg{} key, ok := chainToSend.PrivateKey.(crypto.Signer) if !ok { c.sendAlert(alertInternalError) return fmt.Errorf("tls: client certificate private key of type %T does not implement crypto.Signer", chainToSend.PrivateKey) } var sigType uint8 var sigHash crypto.Hash if c.vers >= VersionTLS12 { signatureAlgorithm, err := selectSignatureScheme(c.vers, chainToSend, certReq.supportedSignatureAlgorithms) if err != nil { c.sendAlert(alertIllegalParameter) return err } sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm) if err != nil { return c.sendAlert(alertInternalError) } certVerify.hasSignatureAlgorithm = true certVerify.signatureAlgorithm = signatureAlgorithm } else { sigType, sigHash, err = legacyTypeAndHashFromPublicKey(key.Public()) if err != nil { c.sendAlert(alertIllegalParameter) return err } } signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret) signOpts := crypto.SignerOpts(sigHash) if sigType == signatureRSAPSS { signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash} } certVerify.signature, err = key.Sign(c.config.rand(), signed, signOpts) if err != nil { c.sendAlert(alertInternalError) return err } hs.finishedHash.Write(certVerify.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certVerify.marshal()); err != nil { return err } } hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random) if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.hello.random, hs.masterSecret); err != nil { c.sendAlert(alertInternalError) return errors.New("tls: failed to write to key log: " + err.Error()) } hs.finishedHash.discardHandshakeBuffer() return nil } func (hs *clientHandshakeState) establishKeys() error { c := hs.c clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV := keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen) var clientCipher, serverCipher interface{} var clientHash, serverHash macFunction if hs.suite.cipher != nil { clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */) clientHash = hs.suite.mac(c.vers, clientMAC) serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */) serverHash = hs.suite.mac(c.vers, serverMAC) } else { clientCipher = hs.suite.aead(clientKey, clientIV) serverCipher = hs.suite.aead(serverKey, serverIV) } c.in.prepareCipherSpec(c.vers, serverCipher, serverHash) c.out.prepareCipherSpec(c.vers, clientCipher, clientHash) return nil } func (hs *clientHandshakeState) serverResumedSession() bool { // If the server responded with the same sessionId then it means the // sessionTicket is being used to resume a TLS session. return hs.session != nil && hs.hello.sessionId != nil && bytes.Equal(hs.serverHello.sessionId, hs.hello.sessionId) } func (hs *clientHandshakeState) processServerHello() (bool, error) { c := hs.c if err := hs.pickCipherSuite(); err != nil { return false, err } if hs.serverHello.compressionMethod != compressionNone { c.sendAlert(alertUnexpectedMessage) return false, errors.New("tls: server selected unsupported compression format") } if c.handshakes == 0 && hs.serverHello.secureRenegotiationSupported { c.secureRenegotiation = true if len(hs.serverHello.secureRenegotiation) != 0 { c.sendAlert(alertHandshakeFailure) return false, errors.New("tls: initial handshake had non-empty renegotiation extension") } } if c.handshakes > 0 && c.secureRenegotiation { var expectedSecureRenegotiation [24]byte copy(expectedSecureRenegotiation[:], c.clientFinished[:]) copy(expectedSecureRenegotiation[12:], c.serverFinished[:]) if !bytes.Equal(hs.serverHello.secureRenegotiation, expectedSecureRenegotiation[:]) { c.sendAlert(alertHandshakeFailure) return false, errors.New("tls: incorrect renegotiation extension contents") } } clientDidALPN := len(hs.hello.alpnProtocols) > 0 serverHasALPN := len(hs.serverHello.alpnProtocol) > 0 if !clientDidALPN && serverHasALPN { c.sendAlert(alertHandshakeFailure) return false, errors.New("tls: server advertised unrequested ALPN extension") } if serverHasALPN { c.clientProtocol = hs.serverHello.alpnProtocol c.clientProtocolFallback = false } c.scts = hs.serverHello.scts if !hs.serverResumedSession() { return false, nil } if hs.session.vers != c.vers { c.sendAlert(alertHandshakeFailure) return false, errors.New("tls: server resumed a session with a different version") } if hs.session.cipherSuite != hs.suite.id { c.sendAlert(alertHandshakeFailure) return false, errors.New("tls: server resumed a session with a different cipher suite") } // Restore masterSecret and peerCerts from previous state hs.masterSecret = hs.session.masterSecret c.peerCertificates = hs.session.serverCertificates c.verifiedChains = hs.session.verifiedChains return true, nil } func (hs *clientHandshakeState) readFinished(out []byte) error { c := hs.c if err := c.readChangeCipherSpec(); err != nil { return err } msg, err := c.readHandshake() if err != nil { return err } serverFinished, ok := msg.(*finishedMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(serverFinished, msg) } verify := hs.finishedHash.serverSum(hs.masterSecret) if len(verify) != len(serverFinished.verifyData) || subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 { c.sendAlert(alertHandshakeFailure) return errors.New("tls: server's Finished message was incorrect") } hs.finishedHash.Write(serverFinished.marshal()) copy(out, verify) return nil } func (hs *clientHandshakeState) readSessionTicket() error { if !hs.serverHello.ticketSupported { return nil } c := hs.c msg, err := c.readHandshake() if err != nil { return err } sessionTicketMsg, ok := msg.(*newSessionTicketMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(sessionTicketMsg, msg) } hs.finishedHash.Write(sessionTicketMsg.marshal()) hs.session = &ClientSessionState{ sessionTicket: sessionTicketMsg.ticket, vers: c.vers, cipherSuite: hs.suite.id, masterSecret: hs.masterSecret, serverCertificates: c.peerCertificates, verifiedChains: c.verifiedChains, receivedAt: c.config.time(), } return nil } func (hs *clientHandshakeState) sendFinished(out []byte) error { c := hs.c if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil { return err } finished := new(finishedMsg) finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret) hs.finishedHash.Write(finished.marshal()) if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil { return err } copy(out, finished.verifyData) return nil } // verifyServerCertificate parses and verifies the provided chain, setting // c.verifiedChains and c.peerCertificates or sending the appropriate alert. func (c *Conn) verifyServerCertificate(certificates [][]byte) error { certs := make([]*x509.Certificate, len(certificates)) for i, asn1Data := range certificates { cert, err := x509.ParseCertificate(asn1Data) if err != nil { c.sendAlert(alertBadCertificate) return errors.New("tls: failed to parse certificate from server: " + err.Error()) } certs[i] = cert } if !c.config.InsecureSkipVerify { opts := x509.VerifyOptions{ Roots: c.config.RootCAs, CurrentTime: c.config.time(), DNSName: c.config.ServerName, Intermediates: x509.NewCertPool(), } for _, cert := range certs[1:] { opts.Intermediates.AddCert(cert) } var err error c.verifiedChains, err = certs[0].Verify(opts) if err != nil { c.sendAlert(alertBadCertificate) return err } } if c.config.VerifyPeerCertificate != nil { if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil { c.sendAlert(alertBadCertificate) return err } } switch certs[0].PublicKey.(type) { case *rsa.PublicKey, *ecdsa.PublicKey, ed25519.PublicKey: break default: c.sendAlert(alertUnsupportedCertificate) return fmt.Errorf("tls: server's certificate contains an unsupported type of public key: %T", certs[0].PublicKey) } c.peerCertificates = certs return nil } // tls11SignatureSchemes contains the signature schemes that we synthesise for // a TLS <= 1.1 connection, based on the supported certificate types. var ( tls11SignatureSchemes = []SignatureScheme{ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512, PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1} tls11SignatureSchemesECDSA = tls11SignatureSchemes[:3] tls11SignatureSchemesRSA = tls11SignatureSchemes[3:] ) // certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS // <= 1.2 CertificateRequest, making an effort to fill in missing information. func certificateRequestInfoFromMsg(vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo { cri := &CertificateRequestInfo{ AcceptableCAs: certReq.certificateAuthorities, Version: vers, } var rsaAvail, ecAvail bool for _, certType := range certReq.certificateTypes { switch certType { case certTypeRSASign: rsaAvail = true case certTypeECDSASign: ecAvail = true } } if !certReq.hasSignatureAlgorithm { // Prior to TLS 1.2, the signature schemes were not // included in the certificate request message. In this // case we use a plausible list based on the acceptable // certificate types. switch { case rsaAvail && ecAvail: cri.SignatureSchemes = tls11SignatureSchemes case rsaAvail: cri.SignatureSchemes = tls11SignatureSchemesRSA case ecAvail: cri.SignatureSchemes = tls11SignatureSchemesECDSA } return cri } // Filter the signature schemes based on the certificate types. // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated"). cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms)) for _, sigScheme := range certReq.supportedSignatureAlgorithms { sigType, _, err := typeAndHashFromSignatureScheme(sigScheme) if err != nil { continue } switch sigType { case signatureECDSA, signatureEd25519: if ecAvail { cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme) } case signatureRSAPSS, signaturePKCS1v15: if rsaAvail { cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme) } } } return cri } func (c *Conn) getClientCertificate(cri *CertificateRequestInfo) (*Certificate, error) { if c.config.GetClientCertificate != nil { return c.config.GetClientCertificate(cri) } for _, chain := range c.config.Certificates { if err := cri.SupportsCertificate(&chain); err != nil { continue } return &chain, nil } // No acceptable certificate found. Don't send a certificate. return new(Certificate), nil } // clientSessionCacheKey returns a key used to cache sessionTickets that could // be used to resume previously negotiated TLS sessions with a server. func clientSessionCacheKey(serverAddr net.Addr, config *Config) string { if len(config.ServerName) > 0 { return config.ServerName } return serverAddr.String() } // mutualProtocol finds the mutual Next Protocol Negotiation or ALPN protocol // given list of possible protocols and a list of the preference order. The // first list must not be empty. It returns the resulting protocol and flag // indicating if the fallback case was reached. func mutualProtocol(protos, preferenceProtos []string) (string, bool) { for _, s := range preferenceProtos { for _, c := range protos { if s == c { return s, false } } } return protos[0], true } // hostnameInSNI converts name into an appropriate hostname for SNI. // Literal IP addresses and absolute FQDNs are not permitted as SNI values. // See RFC 6066, Section 3. func hostnameInSNI(name string) string { host := name if len(host) > 0 && host[0] == '[' && host[len(host)-1] == ']' { host = host[1 : len(host)-1] } if i := strings.LastIndex(host, "%"); i > 0 { host = host[:i] } if net.ParseIP(host) != nil { return "" } for len(name) > 0 && name[len(name)-1] == '.' { name = name[:len(name)-1] } return name } golang-github-marten-seemann-qtls-0.10.0/handshake_client_test.go000066400000000000000000001706361373277661100251140ustar00rootroot00000000000000// Copyright 2010 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto/rsa" "crypto/x509" "encoding/base64" "encoding/binary" "encoding/pem" "errors" "fmt" "io" "math/big" "net" "os" "os/exec" "path/filepath" "strconv" "strings" "testing" "time" "github.com/golang/mock/gomock" ) // Note: see comment in handshake_test.go for details of how the reference // tests work. // opensslInputEvent enumerates possible inputs that can be sent to an `openssl // s_client` process. type opensslInputEvent int const ( // opensslRenegotiate causes OpenSSL to request a renegotiation of the // connection. opensslRenegotiate opensslInputEvent = iota // opensslSendBanner causes OpenSSL to send the contents of // opensslSentinel on the connection. opensslSendSentinel // opensslKeyUpdate causes OpenSSL to send send a key update message to the // client and request one back. opensslKeyUpdate ) const opensslSentinel = "SENTINEL\n" type opensslInput chan opensslInputEvent func (i opensslInput) Read(buf []byte) (n int, err error) { for event := range i { switch event { case opensslRenegotiate: return copy(buf, []byte("R\n")), nil case opensslKeyUpdate: return copy(buf, []byte("K\n")), nil case opensslSendSentinel: return copy(buf, []byte(opensslSentinel)), nil default: panic("unknown event") } } return 0, io.EOF } // opensslOutputSink is an io.Writer that receives the stdout and stderr from an // `openssl` process and sends a value to handshakeComplete or readKeyUpdate // when certain messages are seen. type opensslOutputSink struct { handshakeComplete chan struct{} readKeyUpdate chan struct{} all []byte line []byte } func newOpensslOutputSink() *opensslOutputSink { return &opensslOutputSink{make(chan struct{}), make(chan struct{}), nil, nil} } // opensslEndOfHandshake is a message that the “openssl s_server” tool will // print when a handshake completes if run with “-state”. const opensslEndOfHandshake = "SSL_accept:SSLv3/TLS write finished" // opensslReadKeyUpdate is a message that the “openssl s_server” tool will // print when a KeyUpdate message is received if run with “-state”. const opensslReadKeyUpdate = "SSL_accept:TLSv1.3 read client key update" func (o *opensslOutputSink) Write(data []byte) (n int, err error) { o.line = append(o.line, data...) o.all = append(o.all, data...) for { i := bytes.IndexByte(o.line, '\n') if i < 0 { break } if bytes.Equal([]byte(opensslEndOfHandshake), o.line[:i]) { o.handshakeComplete <- struct{}{} } if bytes.Equal([]byte(opensslReadKeyUpdate), o.line[:i]) { o.readKeyUpdate <- struct{}{} } o.line = o.line[i+1:] } return len(data), nil } func (o *opensslOutputSink) String() string { return string(o.all) } // clientTest represents a test of the TLS client handshake against a reference // implementation. type clientTest struct { // name is a freeform string identifying the test and the file in which // the expected results will be stored. name string // args, if not empty, contains a series of arguments for the // command to run for the reference server. args []string // config, if not nil, contains a custom Config to use for this test. config *Config // cert, if not empty, contains a DER-encoded certificate for the // reference server. cert []byte // key, if not nil, contains either a *rsa.PrivateKey, ed25519.PrivateKey or // *ecdsa.PrivateKey which is the private key for the reference server. key interface{} // extensions, if not nil, contains a list of extension data to be returned // from the ServerHello. The data should be in standard TLS format with // a 2-byte uint16 type, 2-byte data length, followed by the extension data. extensions [][]byte // validate, if not nil, is a function that will be called with the // ConnectionState of the resulting connection. It returns a non-nil // error if the ConnectionState is unacceptable. validate func(ConnectionState) error // numRenegotiations is the number of times that the connection will be // renegotiated. numRenegotiations int // renegotiationExpectedToFail, if not zero, is the number of the // renegotiation attempt that is expected to fail. renegotiationExpectedToFail int // checkRenegotiationError, if not nil, is called with any error // arising from renegotiation. It can map expected errors to nil to // ignore them. checkRenegotiationError func(renegotiationNum int, err error) error // sendKeyUpdate will cause the server to send a KeyUpdate message. sendKeyUpdate bool } var serverCommand = []string{"openssl", "s_server", "-no_ticket", "-num_tickets", "0"} // connFromCommand starts the reference server process, connects to it and // returns a recordingConn for the connection. The stdin return value is an // opensslInput for the stdin of the child process. It must be closed before // Waiting for child. func (test *clientTest) connFromCommand() (conn *recordingConn, child *exec.Cmd, stdin opensslInput, stdout *opensslOutputSink, err error) { cert := testRSACertificate if len(test.cert) > 0 { cert = test.cert } certPath := tempFile(string(cert)) defer os.Remove(certPath) var key interface{} = testRSAPrivateKey if test.key != nil { key = test.key } derBytes, err := x509.MarshalPKCS8PrivateKey(key) if err != nil { panic(err) } var pemOut bytes.Buffer pem.Encode(&pemOut, &pem.Block{Type: "PRIVATE KEY", Bytes: derBytes}) keyPath := tempFile(pemOut.String()) defer os.Remove(keyPath) var command []string command = append(command, serverCommand...) command = append(command, test.args...) command = append(command, "-cert", certPath, "-certform", "DER", "-key", keyPath) // serverPort contains the port that OpenSSL will listen on. OpenSSL // can't take "0" as an argument here so we have to pick a number and // hope that it's not in use on the machine. Since this only occurs // when -update is given and thus when there's a human watching the // test, this isn't too bad. const serverPort = 24323 command = append(command, "-accept", strconv.Itoa(serverPort)) if len(test.extensions) > 0 { var serverInfo bytes.Buffer for _, ext := range test.extensions { pem.Encode(&serverInfo, &pem.Block{ Type: fmt.Sprintf("SERVERINFO FOR EXTENSION %d", binary.BigEndian.Uint16(ext)), Bytes: ext, }) } serverInfoPath := tempFile(serverInfo.String()) defer os.Remove(serverInfoPath) command = append(command, "-serverinfo", serverInfoPath) } if test.numRenegotiations > 0 || test.sendKeyUpdate { found := false for _, flag := range command[1:] { if flag == "-state" { found = true break } } if !found { panic("-state flag missing to OpenSSL, you need this if testing renegotiation or KeyUpdate") } } cmd := exec.Command(command[0], command[1:]...) stdin = opensslInput(make(chan opensslInputEvent)) cmd.Stdin = stdin out := newOpensslOutputSink() cmd.Stdout = out cmd.Stderr = out if err := cmd.Start(); err != nil { return nil, nil, nil, nil, err } // OpenSSL does print an "ACCEPT" banner, but it does so *before* // opening the listening socket, so we can't use that to wait until it // has started listening. Thus we are forced to poll until we get a // connection. var tcpConn net.Conn for i := uint(0); i < 5; i++ { tcpConn, err = net.DialTCP("tcp", nil, &net.TCPAddr{ IP: net.IPv4(127, 0, 0, 1), Port: serverPort, }) if err == nil { break } time.Sleep((1 << i) * 5 * time.Millisecond) } if err != nil { close(stdin) cmd.Process.Kill() err = fmt.Errorf("error connecting to the OpenSSL server: %v (%v)\n\n%s", err, cmd.Wait(), out) return nil, nil, nil, nil, err } record := &recordingConn{ Conn: tcpConn, } return record, cmd, stdin, out, nil } func (test *clientTest) dataPath() string { return filepath.Join("testdata", "Client-"+test.name) } func (test *clientTest) loadData() (flows [][]byte, err error) { in, err := os.Open(test.dataPath()) if err != nil { return nil, err } defer in.Close() return parseTestData(in) } func (test *clientTest) run(t *testing.T, write bool) { var clientConn, serverConn net.Conn var recordingConn *recordingConn var childProcess *exec.Cmd var stdin opensslInput var stdout *opensslOutputSink if write { var err error recordingConn, childProcess, stdin, stdout, err = test.connFromCommand() if err != nil { t.Fatalf("Failed to start subcommand: %s", err) } clientConn = recordingConn defer func() { if t.Failed() { t.Logf("OpenSSL output:\n\n%s", stdout.all) } }() } else { clientConn, serverConn = localPipe(t) } doneChan := make(chan bool) defer func() { clientConn.Close() <-doneChan }() go func() { defer close(doneChan) config := test.config if config == nil { config = testConfig } client := Client(clientConn, config) defer client.Close() if _, err := client.Write([]byte("hello\n")); err != nil { t.Errorf("Client.Write failed: %s", err) return } for i := 1; i <= test.numRenegotiations; i++ { // The initial handshake will generate a // handshakeComplete signal which needs to be quashed. if i == 1 && write { <-stdout.handshakeComplete } // OpenSSL will try to interleave application data and // a renegotiation if we send both concurrently. // Therefore: ask OpensSSL to start a renegotiation, run // a goroutine to call client.Read and thus process the // renegotiation request, watch for OpenSSL's stdout to // indicate that the handshake is complete and, // finally, have OpenSSL write something to cause // client.Read to complete. if write { stdin <- opensslRenegotiate } signalChan := make(chan struct{}) go func() { defer close(signalChan) buf := make([]byte, 256) n, err := client.Read(buf) if test.checkRenegotiationError != nil { newErr := test.checkRenegotiationError(i, err) if err != nil && newErr == nil { return } err = newErr } if err != nil { t.Errorf("Client.Read failed after renegotiation #%d: %s", i, err) return } buf = buf[:n] if !bytes.Equal([]byte(opensslSentinel), buf) { t.Errorf("Client.Read returned %q, but wanted %q", string(buf), opensslSentinel) } if expected := i + 1; client.handshakes != expected { t.Errorf("client should have recorded %d handshakes, but believes that %d have occurred", expected, client.handshakes) } }() if write && test.renegotiationExpectedToFail != i { <-stdout.handshakeComplete stdin <- opensslSendSentinel } <-signalChan } if test.sendKeyUpdate { if write { <-stdout.handshakeComplete stdin <- opensslKeyUpdate } doneRead := make(chan struct{}) go func() { defer close(doneRead) buf := make([]byte, 256) n, err := client.Read(buf) if err != nil { t.Errorf("Client.Read failed after KeyUpdate: %s", err) return } buf = buf[:n] if !bytes.Equal([]byte(opensslSentinel), buf) { t.Errorf("Client.Read returned %q, but wanted %q", string(buf), opensslSentinel) } }() if write { // There's no real reason to wait for the client KeyUpdate to // send data with the new server keys, except that s_server // drops writes if they are sent at the wrong time. <-stdout.readKeyUpdate stdin <- opensslSendSentinel } <-doneRead if _, err := client.Write([]byte("hello again\n")); err != nil { t.Errorf("Client.Write failed: %s", err) return } } if test.validate != nil { if err := test.validate(client.ConnectionState()); err != nil { t.Errorf("validate callback returned error: %s", err) } } // If the server sent us an alert after our last flight, give it a // chance to arrive. if write && test.renegotiationExpectedToFail == 0 { if err := peekError(client); err != nil { t.Errorf("final Read returned an error: %s", err) } } }() if !write { flows, err := test.loadData() if err != nil { t.Fatalf("%s: failed to load data from %s: %v", test.name, test.dataPath(), err) } for i, b := range flows { if i%2 == 1 { if *fast { serverConn.SetWriteDeadline(time.Now().Add(1 * time.Second)) } else { serverConn.SetWriteDeadline(time.Now().Add(1 * time.Minute)) } serverConn.Write(b) continue } bb := make([]byte, len(b)) if *fast { serverConn.SetReadDeadline(time.Now().Add(1 * time.Second)) } else { serverConn.SetReadDeadline(time.Now().Add(1 * time.Minute)) } _, err := io.ReadFull(serverConn, bb) if err != nil { t.Fatalf("%s, flow %d: %s", test.name, i+1, err) } if !bytes.Equal(b, bb) { t.Fatalf("%s, flow %d: mismatch on read: got:%x want:%x", test.name, i+1, bb, b) } } } <-doneChan if !write { serverConn.Close() } if write { path := test.dataPath() out, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) if err != nil { t.Fatalf("Failed to create output file: %s", err) } defer out.Close() recordingConn.Close() close(stdin) childProcess.Process.Kill() childProcess.Wait() if len(recordingConn.flows) < 3 { t.Fatalf("Client connection didn't work") } recordingConn.WriteTo(out) t.Logf("Wrote %s\n", path) } } // peekError does a read with a short timeout to check if the next read would // cause an error, for example if there is an alert waiting on the wire. func peekError(conn net.Conn) error { conn.SetReadDeadline(time.Now().Add(100 * time.Millisecond)) if n, err := conn.Read(make([]byte, 1)); n != 0 { return errors.New("unexpectedly read data") } else if err != nil { if netErr, ok := err.(net.Error); !ok || !netErr.Timeout() { return err } } return nil } func runClientTestForVersion(t *testing.T, template *clientTest, version, option string) { // Make a deep copy of the template before going parallel. test := *template if template.config != nil { test.config = template.config.Clone() } test.name = version + "-" + test.name test.args = append([]string{option}, test.args...) runTestAndUpdateIfNeeded(t, version, test.run, false) } func runClientTestTLS10(t *testing.T, template *clientTest) { runClientTestForVersion(t, template, "TLSv10", "-tls1") } func runClientTestTLS11(t *testing.T, template *clientTest) { runClientTestForVersion(t, template, "TLSv11", "-tls1_1") } func runClientTestTLS12(t *testing.T, template *clientTest) { runClientTestForVersion(t, template, "TLSv12", "-tls1_2") } func runClientTestTLS13(t *testing.T, template *clientTest) { runClientTestForVersion(t, template, "TLSv13", "-tls1_3") } func TestHandshakeClientRSARC4(t *testing.T) { test := &clientTest{ name: "RSA-RC4", args: []string{"-cipher", "RC4-SHA"}, } runClientTestTLS10(t, test) runClientTestTLS11(t, test) runClientTestTLS12(t, test) } func TestHandshakeClientRSAAES128GCM(t *testing.T) { test := &clientTest{ name: "AES128-GCM-SHA256", args: []string{"-cipher", "AES128-GCM-SHA256"}, } runClientTestTLS12(t, test) } func TestHandshakeClientRSAAES256GCM(t *testing.T) { test := &clientTest{ name: "AES256-GCM-SHA384", args: []string{"-cipher", "AES256-GCM-SHA384"}, } runClientTestTLS12(t, test) } func TestHandshakeClientECDHERSAAES(t *testing.T) { test := &clientTest{ name: "ECDHE-RSA-AES", args: []string{"-cipher", "ECDHE-RSA-AES128-SHA"}, } runClientTestTLS10(t, test) runClientTestTLS11(t, test) runClientTestTLS12(t, test) } func TestHandshakeClientECDHEECDSAAES(t *testing.T) { test := &clientTest{ name: "ECDHE-ECDSA-AES", args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA"}, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS10(t, test) runClientTestTLS11(t, test) runClientTestTLS12(t, test) } func TestHandshakeClientECDHEECDSAAESGCM(t *testing.T) { test := &clientTest{ name: "ECDHE-ECDSA-AES-GCM", args: []string{"-cipher", "ECDHE-ECDSA-AES128-GCM-SHA256"}, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS12(t, test) } func TestHandshakeClientAES256GCMSHA384(t *testing.T) { test := &clientTest{ name: "ECDHE-ECDSA-AES256-GCM-SHA384", args: []string{"-cipher", "ECDHE-ECDSA-AES256-GCM-SHA384"}, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS12(t, test) } func TestHandshakeClientAES128CBCSHA256(t *testing.T) { test := &clientTest{ name: "AES128-SHA256", args: []string{"-cipher", "AES128-SHA256"}, } runClientTestTLS12(t, test) } func TestHandshakeClientECDHERSAAES128CBCSHA256(t *testing.T) { test := &clientTest{ name: "ECDHE-RSA-AES128-SHA256", args: []string{"-cipher", "ECDHE-RSA-AES128-SHA256"}, } runClientTestTLS12(t, test) } func TestHandshakeClientECDHEECDSAAES128CBCSHA256(t *testing.T) { test := &clientTest{ name: "ECDHE-ECDSA-AES128-SHA256", args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA256"}, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS12(t, test) } func TestHandshakeClientX25519(t *testing.T) { config := testConfig.Clone() config.CurvePreferences = []CurveID{X25519} test := &clientTest{ name: "X25519-ECDHE", args: []string{"-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "X25519"}, config: config, } runClientTestTLS12(t, test) runClientTestTLS13(t, test) } func TestHandshakeClientP256(t *testing.T) { config := testConfig.Clone() config.CurvePreferences = []CurveID{CurveP256} test := &clientTest{ name: "P256-ECDHE", args: []string{"-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"}, config: config, } runClientTestTLS12(t, test) runClientTestTLS13(t, test) } func TestHandshakeClientHelloRetryRequest(t *testing.T) { config := testConfig.Clone() config.CurvePreferences = []CurveID{X25519, CurveP256} test := &clientTest{ name: "HelloRetryRequest", args: []string{"-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"}, config: config, } runClientTestTLS13(t, test) } func TestHandshakeClientECDHERSAChaCha20(t *testing.T) { config := testConfig.Clone() config.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305} test := &clientTest{ name: "ECDHE-RSA-CHACHA20-POLY1305", args: []string{"-cipher", "ECDHE-RSA-CHACHA20-POLY1305"}, config: config, } runClientTestTLS12(t, test) } func TestHandshakeClientECDHEECDSAChaCha20(t *testing.T) { config := testConfig.Clone() config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305} test := &clientTest{ name: "ECDHE-ECDSA-CHACHA20-POLY1305", args: []string{"-cipher", "ECDHE-ECDSA-CHACHA20-POLY1305"}, config: config, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS12(t, test) } func TestHandshakeClientAES128SHA256(t *testing.T) { test := &clientTest{ name: "AES128-SHA256", args: []string{"-ciphersuites", "TLS_AES_128_GCM_SHA256"}, } runClientTestTLS13(t, test) } func TestHandshakeClientAES256SHA384(t *testing.T) { test := &clientTest{ name: "AES256-SHA384", args: []string{"-ciphersuites", "TLS_AES_256_GCM_SHA384"}, } runClientTestTLS13(t, test) } func TestHandshakeClientCHACHA20SHA256(t *testing.T) { test := &clientTest{ name: "CHACHA20-SHA256", args: []string{"-ciphersuites", "TLS_CHACHA20_POLY1305_SHA256"}, } runClientTestTLS13(t, test) } func TestHandshakeClientECDSATLS13(t *testing.T) { test := &clientTest{ name: "ECDSA", cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS13(t, test) } func TestHandshakeClientEd25519(t *testing.T) { test := &clientTest{ name: "Ed25519", cert: testEd25519Certificate, key: testEd25519PrivateKey, } runClientTestTLS12(t, test) runClientTestTLS13(t, test) config := testConfig.Clone() cert, _ := X509KeyPair([]byte(clientEd25519CertificatePEM), []byte(clientEd25519KeyPEM)) config.Certificates = []Certificate{cert} test = &clientTest{ name: "ClientCert-Ed25519", args: []string{"-Verify", "1"}, config: config, } runClientTestTLS12(t, test) runClientTestTLS13(t, test) } func TestHandshakeClientCertRSA(t *testing.T) { config := testConfig.Clone() cert, _ := X509KeyPair([]byte(clientCertificatePEM), []byte(clientKeyPEM)) config.Certificates = []Certificate{cert} test := &clientTest{ name: "ClientCert-RSA-RSA", args: []string{"-cipher", "AES128", "-Verify", "1"}, config: config, } runClientTestTLS10(t, test) runClientTestTLS12(t, test) test = &clientTest{ name: "ClientCert-RSA-ECDSA", args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA", "-Verify", "1"}, config: config, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS10(t, test) runClientTestTLS12(t, test) runClientTestTLS13(t, test) test = &clientTest{ name: "ClientCert-RSA-AES256-GCM-SHA384", args: []string{"-cipher", "ECDHE-RSA-AES256-GCM-SHA384", "-Verify", "1"}, config: config, cert: testRSACertificate, key: testRSAPrivateKey, } runClientTestTLS12(t, test) } func TestHandshakeClientCertECDSA(t *testing.T) { config := testConfig.Clone() cert, _ := X509KeyPair([]byte(clientECDSACertificatePEM), []byte(clientECDSAKeyPEM)) config.Certificates = []Certificate{cert} test := &clientTest{ name: "ClientCert-ECDSA-RSA", args: []string{"-cipher", "AES128", "-Verify", "1"}, config: config, } runClientTestTLS10(t, test) runClientTestTLS12(t, test) runClientTestTLS13(t, test) test = &clientTest{ name: "ClientCert-ECDSA-ECDSA", args: []string{"-cipher", "ECDHE-ECDSA-AES128-SHA", "-Verify", "1"}, config: config, cert: testECDSACertificate, key: testECDSAPrivateKey, } runClientTestTLS10(t, test) runClientTestTLS12(t, test) } // TestHandshakeClientCertRSAPSS tests rsa_pss_rsae_sha256 signatures from both // client and server certificates. It also serves from both sides a certificate // signed itself with RSA-PSS, mostly to check that crypto/x509 chain validation // works. func TestHandshakeClientCertRSAPSS(t *testing.T) { cert, err := x509.ParseCertificate(testRSAPSSCertificate) if err != nil { panic(err) } rootCAs := x509.NewCertPool() rootCAs.AddCert(cert) config := testConfig.Clone() // Use GetClientCertificate to bypass the client certificate selection logic. config.GetClientCertificate = func(*CertificateRequestInfo) (*Certificate, error) { return &Certificate{ Certificate: [][]byte{testRSAPSSCertificate}, PrivateKey: testRSAPrivateKey, }, nil } config.RootCAs = rootCAs test := &clientTest{ name: "ClientCert-RSA-RSAPSS", args: []string{"-cipher", "AES128", "-Verify", "1", "-client_sigalgs", "rsa_pss_rsae_sha256", "-sigalgs", "rsa_pss_rsae_sha256"}, config: config, cert: testRSAPSSCertificate, key: testRSAPrivateKey, } runClientTestTLS12(t, test) runClientTestTLS13(t, test) } func TestHandshakeClientCertRSAPKCS1v15(t *testing.T) { config := testConfig.Clone() cert, _ := X509KeyPair([]byte(clientCertificatePEM), []byte(clientKeyPEM)) config.Certificates = []Certificate{cert} test := &clientTest{ name: "ClientCert-RSA-RSAPKCS1v15", args: []string{"-cipher", "AES128", "-Verify", "1", "-client_sigalgs", "rsa_pkcs1_sha256", "-sigalgs", "rsa_pkcs1_sha256"}, config: config, } runClientTestTLS12(t, test) } func TestClientKeyUpdate(t *testing.T) { test := &clientTest{ name: "KeyUpdate", args: []string{"-state"}, sendKeyUpdate: true, } runClientTestTLS13(t, test) } func TestResumption(t *testing.T) { t.Run("TLSv12", func(t *testing.T) { testResumption(t, VersionTLS12, false) }) t.Run("TLSv13", func(t *testing.T) { testResumption(t, VersionTLS13, false) }) t.Run("TLSv13, saving app data", func(t *testing.T) { testResumption(t, VersionTLS13, true) }) t.Run("TLSv13, with 0-RTT", func(t *testing.T) { testResumption0RTT(t, false) }) t.Run("TLSv13, with 0-RTT, saving app data", func(t *testing.T) { testResumption0RTT(t, true) }) } func testResumption(t *testing.T, version uint16, saveAppData bool) { if testing.Short() { t.Skip("skipping in -short mode") } serverConfig := &Config{ MaxVersion: version, CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, Certificates: testConfig.Certificates, } issuer, err := x509.ParseCertificate(testRSACertificateIssuer) if err != nil { panic(err) } rootCAs := x509.NewCertPool() rootCAs.AddCert(issuer) var restoredAppData []byte clientConfig := &Config{ MaxVersion: version, CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, ClientSessionCache: NewLRUClientSessionCache(32), RootCAs: rootCAs, ServerName: "example.golang", } if saveAppData { clientConfig.GetAppDataForSessionState = func() []byte { return []byte("foobar") } clientConfig.SetAppDataFromSessionState = func(data []byte) { restoredAppData = data } } testResumeState := func(test string, didResume bool) { _, hs, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("%s: handshake failed: %s", test, err) } if hs.DidResume != didResume { t.Fatalf("%s resumed: %v, expected: %v", test, hs.DidResume, didResume) } if didResume && (hs.PeerCertificates == nil || hs.VerifiedChains == nil) { t.Fatalf("expected non-nil certificates after resumption. Got peerCertificates: %#v, verifiedCertificates: %#v", hs.PeerCertificates, hs.VerifiedChains) } if didResume && saveAppData { if !bytes.Equal(restoredAppData, []byte("foobar")) { t.Fatalf("Expected to restore app data saved with the session state. Got: %#v", restoredAppData) } restoredAppData = nil } } getTicket := func() []byte { return clientConfig.ClientSessionCache.(*lruSessionCache).q.Front().Value.(*lruSessionCacheEntry).state.sessionTicket } deleteTicket := func() { ticketKey := clientConfig.ClientSessionCache.(*lruSessionCache).q.Front().Value.(*lruSessionCacheEntry).sessionKey clientConfig.ClientSessionCache.Put(ticketKey, nil) } corruptTicket := func() { clientConfig.ClientSessionCache.(*lruSessionCache).q.Front().Value.(*lruSessionCacheEntry).state.masterSecret[0] ^= 0xff } randomKey := func() [32]byte { var k [32]byte if _, err := io.ReadFull(serverConfig.rand(), k[:]); err != nil { t.Fatalf("Failed to read new SessionTicketKey: %s", err) } return k } testResumeState("Handshake", false) ticket := getTicket() testResumeState("Resume", true) if !bytes.Equal(ticket, getTicket()) && version != VersionTLS13 { t.Fatal("first ticket doesn't match ticket after resumption") } if bytes.Equal(ticket, getTicket()) && version == VersionTLS13 { t.Fatal("ticket didn't change after resumption") } key1 := randomKey() serverConfig.SetSessionTicketKeys([][32]byte{key1}) testResumeState("InvalidSessionTicketKey", false) testResumeState("ResumeAfterInvalidSessionTicketKey", true) key2 := randomKey() serverConfig.SetSessionTicketKeys([][32]byte{key2, key1}) ticket = getTicket() testResumeState("KeyChange", true) if bytes.Equal(ticket, getTicket()) { t.Fatal("new ticket wasn't included while resuming") } testResumeState("KeyChangeFinish", true) // Reset serverConfig to ensure that calling SetSessionTicketKeys // before the serverConfig is used works. serverConfig = &Config{ MaxVersion: version, CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, Certificates: testConfig.Certificates, } serverConfig.SetSessionTicketKeys([][32]byte{key2}) testResumeState("FreshConfig", true) // In TLS 1.3, cross-cipher suite resumption is allowed as long as the KDF // hash matches. Also, Config.CipherSuites does not apply to TLS 1.3. if version != VersionTLS13 { clientConfig.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_RC4_128_SHA} testResumeState("DifferentCipherSuite", false) testResumeState("DifferentCipherSuiteRecovers", true) } deleteTicket() testResumeState("WithoutSessionTicket", false) // Session resumption should work when using client certificates deleteTicket() serverConfig.ClientCAs = rootCAs serverConfig.ClientAuth = RequireAndVerifyClientCert clientConfig.Certificates = serverConfig.Certificates testResumeState("InitialHandshake", false) testResumeState("WithClientCertificates", true) serverConfig.ClientAuth = NoClientCert // Tickets should be removed from the session cache on TLS handshake // failure, and the client should recover from a corrupted PSK testResumeState("FetchTicketToCorrupt", false) corruptTicket() _, _, err = testHandshake(t, clientConfig, serverConfig) if err == nil { t.Fatalf("handshake did not fail with a corrupted client secret") } testResumeState("AfterHandshakeFailure", false) clientConfig.ClientSessionCache = nil testResumeState("WithoutSessionCache", false) } func testResumption0RTT(t *testing.T, saveAppData bool) { mockCtrl := gomock.NewController(t) defer mockCtrl.Finish() serverConfig := testConfig.Clone() serverConfig.MaxEarlyData = 100 serverConfig.Accept0RTT = func([]byte) bool { return true } cache := NewMockClientSessionCache(mockCtrl) clientConfig := testConfig.Clone() clientConfig.Enable0RTT = true clientConfig.ClientSessionCache = cache var restoredAppData []byte if saveAppData { clientConfig.GetAppDataForSessionState = func() []byte { return []byte("foobar") } clientConfig.SetAppDataFromSessionState = func(data []byte) { restoredAppData = data } } // check that the ticket is deleted when 0-RTT is used var state *ClientSessionState gomock.InOrder( cache.EXPECT().Get(gomock.Any()), cache.EXPECT().Put(gomock.Any(), gomock.Any()).Do(func(_ string, s *ClientSessionState) { state = s }), ) _, _, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("first handshake failed: %s", err) } gomock.InOrder( cache.EXPECT().Get(gomock.Any()).Return(state, true), cache.EXPECT().Put(gomock.Any(), nil), // expect the ticket to be deleted immediately cache.EXPECT().Put(gomock.Any(), gomock.Any()), ) _, hs, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("second handshake failed: %s", err) } if !hs.Used0RTT { t.Fatal("should have used 0-RTT during the second handshake") } // check that the ticket is not deleted when 0-RTT is not used clientConfig.Enable0RTT = false gomock.InOrder( cache.EXPECT().Get(gomock.Any()), cache.EXPECT().Put(gomock.Any(), gomock.Any()).Do(func(_ string, s *ClientSessionState) { state = s }), ) _, _, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("first handshake failed: %s", err) } gomock.InOrder( cache.EXPECT().Get(gomock.Any()).Return(state, true), cache.EXPECT().Put(gomock.Any(), gomock.Any()), ) _, hs, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("second handshake failed: %s", err) } if hs.Used0RTT { t.Fatal("should not have used 0-RTT during the second handshake") } if saveAppData && !bytes.Equal(restoredAppData, []byte("foobar")) { t.Fatalf("expected app data to be restored. Got: %#v", restoredAppData) } } func TestLRUClientSessionCache(t *testing.T) { // Initialize cache of capacity 4. cache := NewLRUClientSessionCache(4) cs := make([]ClientSessionState, 6) keys := []string{"0", "1", "2", "3", "4", "5", "6"} // Add 4 entries to the cache and look them up. for i := 0; i < 4; i++ { cache.Put(keys[i], &cs[i]) } for i := 0; i < 4; i++ { if s, ok := cache.Get(keys[i]); !ok || s != &cs[i] { t.Fatalf("session cache failed lookup for added key: %s", keys[i]) } } // Add 2 more entries to the cache. First 2 should be evicted. for i := 4; i < 6; i++ { cache.Put(keys[i], &cs[i]) } for i := 0; i < 2; i++ { if s, ok := cache.Get(keys[i]); ok || s != nil { t.Fatalf("session cache should have evicted key: %s", keys[i]) } } // Touch entry 2. LRU should evict 3 next. cache.Get(keys[2]) cache.Put(keys[0], &cs[0]) if s, ok := cache.Get(keys[3]); ok || s != nil { t.Fatalf("session cache should have evicted key 3") } // Update entry 0 in place. cache.Put(keys[0], &cs[3]) if s, ok := cache.Get(keys[0]); !ok || s != &cs[3] { t.Fatalf("session cache failed update for key 0") } // Calling Put with a nil entry deletes the key. cache.Put(keys[0], nil) if _, ok := cache.Get(keys[0]); ok { t.Fatalf("session cache failed to delete key 0") } // Delete entry 2. LRU should keep 4 and 5 cache.Put(keys[2], nil) if _, ok := cache.Get(keys[2]); ok { t.Fatalf("session cache failed to delete key 4") } for i := 4; i < 6; i++ { if s, ok := cache.Get(keys[i]); !ok || s != &cs[i] { t.Fatalf("session cache should not have deleted key: %s", keys[i]) } } } func TestKeyLogTLS12(t *testing.T) { var serverBuf, clientBuf bytes.Buffer clientConfig := testConfig.Clone() clientConfig.KeyLogWriter = &clientBuf clientConfig.MaxVersion = VersionTLS12 serverConfig := testConfig.Clone() serverConfig.KeyLogWriter = &serverBuf serverConfig.MaxVersion = VersionTLS12 c, s := localPipe(t) done := make(chan bool) go func() { defer close(done) if err := Server(s, serverConfig).Handshake(); err != nil { t.Errorf("server: %s", err) return } s.Close() }() if err := Client(c, clientConfig).Handshake(); err != nil { t.Fatalf("client: %s", err) } c.Close() <-done checkKeylogLine := func(side, loggedLine string) { if len(loggedLine) == 0 { t.Fatalf("%s: no keylog line was produced", side) } const expectedLen = 13 /* "CLIENT_RANDOM" */ + 1 /* space */ + 32*2 /* hex client nonce */ + 1 /* space */ + 48*2 /* hex master secret */ + 1 /* new line */ if len(loggedLine) != expectedLen { t.Fatalf("%s: keylog line has incorrect length (want %d, got %d): %q", side, expectedLen, len(loggedLine), loggedLine) } if !strings.HasPrefix(loggedLine, "CLIENT_RANDOM "+strings.Repeat("0", 64)+" ") { t.Fatalf("%s: keylog line has incorrect structure or nonce: %q", side, loggedLine) } } checkKeylogLine("client", clientBuf.String()) checkKeylogLine("server", serverBuf.String()) } func TestKeyLogTLS13(t *testing.T) { var serverBuf, clientBuf bytes.Buffer clientConfig := testConfig.Clone() clientConfig.KeyLogWriter = &clientBuf serverConfig := testConfig.Clone() serverConfig.KeyLogWriter = &serverBuf c, s := localPipe(t) done := make(chan bool) go func() { defer close(done) if err := Server(s, serverConfig).Handshake(); err != nil { t.Errorf("server: %s", err) return } s.Close() }() if err := Client(c, clientConfig).Handshake(); err != nil { t.Fatalf("client: %s", err) } c.Close() <-done checkKeylogLines := func(side, loggedLines string) { loggedLines = strings.TrimSpace(loggedLines) lines := strings.Split(loggedLines, "\n") if len(lines) != 4 { t.Errorf("Expected the %s to log 4 lines, got %d", side, len(lines)) } } checkKeylogLines("client", clientBuf.String()) checkKeylogLines("server", serverBuf.String()) } func TestHandshakeClientALPNMatch(t *testing.T) { config := testConfig.Clone() config.NextProtos = []string{"proto2", "proto1"} test := &clientTest{ name: "ALPN", // Note that this needs OpenSSL 1.0.2 because that is the first // version that supports the -alpn flag. args: []string{"-alpn", "proto1,proto2"}, config: config, validate: func(state ConnectionState) error { // The server's preferences should override the client. if state.NegotiatedProtocol != "proto1" { return fmt.Errorf("Got protocol %q, wanted proto1", state.NegotiatedProtocol) } return nil }, } runClientTestTLS12(t, test) runClientTestTLS13(t, test) } func TestHandshakeClientEnforceALPNMatch(t *testing.T) { clientConn, serverConn := localPipe(t) server := Server(serverConn, testConfig) sErrChan := make(chan error) go func() { sErrChan <- server.Handshake() }() config := testConfig.Clone() config.NextProtos = []string{"proto2", "proto1"} config.EnforceNextProtoSelection = true client := Client(clientConn, config) err := client.Handshake() if err == nil || err.Error() != "ALPN negotiation failed. Server didn't offer any protocols" { t.Fatalf("Expected APLN negotiation to fail, got %s", err) } sErr := <-sErrChan if sErr == nil || !strings.Contains(sErr.Error(), "no application protocol") { t.Fatalf("Expect 'no_application_protocol' error, got %s", sErr) } } // sctsBase64 contains data from `openssl s_client -serverinfo 18 -connect ritter.vg:443` const sctsBase64 = "ABIBaQFnAHUApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAAAAFHl5nuFgAABAMARjBEAiAcS4JdlW5nW9sElUv2zvQyPoZ6ejKrGGB03gjaBZFMLwIgc1Qbbn+hsH0RvObzhS+XZhr3iuQQJY8S9G85D9KeGPAAdgBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAUeX4bVwAAAEAwBHMEUCIDIhFDgG2HIuADBkGuLobU5a4dlCHoJLliWJ1SYT05z6AiEAjxIoZFFPRNWMGGIjskOTMwXzQ1Wh2e7NxXE1kd1J0QsAdgDuS723dc5guuFCaR+r4Z5mow9+X7By2IMAxHuJeqj9ywAAAUhcZIqHAAAEAwBHMEUCICmJ1rBT09LpkbzxtUC+Hi7nXLR0J+2PmwLp+sJMuqK+AiEAr0NkUnEVKVhAkccIFpYDqHOlZaBsuEhWWrYpg2RtKp0=" func TestHandshakClientSCTs(t *testing.T) { config := testConfig.Clone() scts, err := base64.StdEncoding.DecodeString(sctsBase64) if err != nil { t.Fatal(err) } // Note that this needs OpenSSL 1.0.2 because that is the first // version that supports the -serverinfo flag. test := &clientTest{ name: "SCT", config: config, extensions: [][]byte{scts}, validate: func(state ConnectionState) error { expectedSCTs := [][]byte{ scts[8:125], scts[127:245], scts[247:], } if n := len(state.SignedCertificateTimestamps); n != len(expectedSCTs) { return fmt.Errorf("Got %d scts, wanted %d", n, len(expectedSCTs)) } for i, expected := range expectedSCTs { if sct := state.SignedCertificateTimestamps[i]; !bytes.Equal(sct, expected) { return fmt.Errorf("SCT #%d contained %x, expected %x", i, sct, expected) } } return nil }, } runClientTestTLS12(t, test) // TLS 1.3 moved SCTs to the Certificate extensions and -serverinfo only // supports ServerHello extensions. } func TestRenegotiationRejected(t *testing.T) { config := testConfig.Clone() test := &clientTest{ name: "RenegotiationRejected", args: []string{"-state"}, config: config, numRenegotiations: 1, renegotiationExpectedToFail: 1, checkRenegotiationError: func(renegotiationNum int, err error) error { if err == nil { return errors.New("expected error from renegotiation but got nil") } if !strings.Contains(err.Error(), "no renegotiation") { return fmt.Errorf("expected renegotiation to be rejected but got %q", err) } return nil }, } runClientTestTLS12(t, test) } func TestRenegotiateOnce(t *testing.T) { config := testConfig.Clone() config.Renegotiation = RenegotiateOnceAsClient test := &clientTest{ name: "RenegotiateOnce", args: []string{"-state"}, config: config, numRenegotiations: 1, } runClientTestTLS12(t, test) } func TestRenegotiateTwice(t *testing.T) { config := testConfig.Clone() config.Renegotiation = RenegotiateFreelyAsClient test := &clientTest{ name: "RenegotiateTwice", args: []string{"-state"}, config: config, numRenegotiations: 2, } runClientTestTLS12(t, test) } func TestRenegotiateTwiceRejected(t *testing.T) { config := testConfig.Clone() config.Renegotiation = RenegotiateOnceAsClient test := &clientTest{ name: "RenegotiateTwiceRejected", args: []string{"-state"}, config: config, numRenegotiations: 2, renegotiationExpectedToFail: 2, checkRenegotiationError: func(renegotiationNum int, err error) error { if renegotiationNum == 1 { return err } if err == nil { return errors.New("expected error from renegotiation but got nil") } if !strings.Contains(err.Error(), "no renegotiation") { return fmt.Errorf("expected renegotiation to be rejected but got %q", err) } return nil }, } runClientTestTLS12(t, test) } func TestHandshakeClientExportKeyingMaterial(t *testing.T) { test := &clientTest{ name: "ExportKeyingMaterial", config: testConfig.Clone(), validate: func(state ConnectionState) error { if km, err := state.ExportKeyingMaterial("test", nil, 42); err != nil { return fmt.Errorf("ExportKeyingMaterial failed: %v", err) } else if len(km) != 42 { return fmt.Errorf("Got %d bytes from ExportKeyingMaterial, wanted %d", len(km), 42) } return nil }, } runClientTestTLS10(t, test) runClientTestTLS12(t, test) runClientTestTLS13(t, test) } var hostnameInSNITests = []struct { in, out string }{ // Opaque string {"", ""}, {"localhost", "localhost"}, {"foo, bar, baz and qux", "foo, bar, baz and qux"}, // DNS hostname {"golang.org", "golang.org"}, {"golang.org.", "golang.org"}, // Literal IPv4 address {"1.2.3.4", ""}, // Literal IPv6 address {"::1", ""}, {"::1%lo0", ""}, // with zone identifier {"[::1]", ""}, // as per RFC 5952 we allow the [] style as IPv6 literal {"[::1%lo0]", ""}, } func TestHostnameInSNI(t *testing.T) { for _, tt := range hostnameInSNITests { c, s := localPipe(t) go func(host string) { Client(c, &Config{ServerName: host, InsecureSkipVerify: true}).Handshake() }(tt.in) var header [5]byte if _, err := io.ReadFull(s, header[:]); err != nil { t.Fatal(err) } recordLen := int(header[3])<<8 | int(header[4]) record := make([]byte, recordLen) if _, err := io.ReadFull(s, record[:]); err != nil { t.Fatal(err) } c.Close() s.Close() var m clientHelloMsg if !m.unmarshal(record) { t.Errorf("unmarshaling ClientHello for %q failed", tt.in) continue } if tt.in != tt.out && m.serverName == tt.in { t.Errorf("prohibited %q found in ClientHello: %x", tt.in, record) } if m.serverName != tt.out { t.Errorf("expected %q not found in ClientHello: %x", tt.out, record) } } } func TestServerSelectingUnconfiguredCipherSuite(t *testing.T) { // This checks that the server can't select a cipher suite that the // client didn't offer. See #13174. c, s := localPipe(t) errChan := make(chan error, 1) go func() { client := Client(c, &Config{ ServerName: "foo", CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, }) errChan <- client.Handshake() }() var header [5]byte if _, err := io.ReadFull(s, header[:]); err != nil { t.Fatal(err) } recordLen := int(header[3])<<8 | int(header[4]) record := make([]byte, recordLen) if _, err := io.ReadFull(s, record); err != nil { t.Fatal(err) } // Create a ServerHello that selects a different cipher suite than the // sole one that the client offered. serverHello := &serverHelloMsg{ vers: VersionTLS12, random: make([]byte, 32), cipherSuite: TLS_RSA_WITH_AES_256_GCM_SHA384, } serverHelloBytes := serverHello.marshal() s.Write([]byte{ byte(recordTypeHandshake), byte(VersionTLS12 >> 8), byte(VersionTLS12 & 0xff), byte(len(serverHelloBytes) >> 8), byte(len(serverHelloBytes)), }) s.Write(serverHelloBytes) s.Close() if err := <-errChan; !strings.Contains(err.Error(), "unconfigured cipher") { t.Fatalf("Expected error about unconfigured cipher suite but got %q", err) } } func TestVerifyPeerCertificate(t *testing.T) { t.Run("TLSv12", func(t *testing.T) { testVerifyPeerCertificate(t, VersionTLS12) }) t.Run("TLSv13", func(t *testing.T) { testVerifyPeerCertificate(t, VersionTLS13) }) } func testVerifyPeerCertificate(t *testing.T, version uint16) { issuer, err := x509.ParseCertificate(testRSACertificateIssuer) if err != nil { panic(err) } rootCAs := x509.NewCertPool() rootCAs.AddCert(issuer) now := func() time.Time { return time.Unix(1476984729, 0) } sentinelErr := errors.New("TestVerifyPeerCertificate") verifyCallback := func(called *bool, rawCerts [][]byte, validatedChains [][]*x509.Certificate) error { if l := len(rawCerts); l != 1 { return fmt.Errorf("got len(rawCerts) = %d, wanted 1", l) } if len(validatedChains) == 0 { return errors.New("got len(validatedChains) = 0, wanted non-zero") } *called = true return nil } tests := []struct { configureServer func(*Config, *bool) configureClient func(*Config, *bool) validate func(t *testing.T, testNo int, clientCalled, serverCalled bool, clientErr, serverErr error) }{ { configureServer: func(config *Config, called *bool) { config.InsecureSkipVerify = false config.VerifyPeerCertificate = func(rawCerts [][]byte, validatedChains [][]*x509.Certificate) error { return verifyCallback(called, rawCerts, validatedChains) } }, configureClient: func(config *Config, called *bool) { config.InsecureSkipVerify = false config.VerifyPeerCertificate = func(rawCerts [][]byte, validatedChains [][]*x509.Certificate) error { return verifyCallback(called, rawCerts, validatedChains) } }, validate: func(t *testing.T, testNo int, clientCalled, serverCalled bool, clientErr, serverErr error) { if clientErr != nil { t.Errorf("test[%d]: client handshake failed: %v", testNo, clientErr) } if serverErr != nil { t.Errorf("test[%d]: server handshake failed: %v", testNo, serverErr) } if !clientCalled { t.Errorf("test[%d]: client did not call callback", testNo) } if !serverCalled { t.Errorf("test[%d]: server did not call callback", testNo) } }, }, { configureServer: func(config *Config, called *bool) { config.InsecureSkipVerify = false config.VerifyPeerCertificate = func(rawCerts [][]byte, validatedChains [][]*x509.Certificate) error { return sentinelErr } }, configureClient: func(config *Config, called *bool) { config.VerifyPeerCertificate = nil }, validate: func(t *testing.T, testNo int, clientCalled, serverCalled bool, clientErr, serverErr error) { if serverErr != sentinelErr { t.Errorf("#%d: got server error %v, wanted sentinelErr", testNo, serverErr) } }, }, { configureServer: func(config *Config, called *bool) { config.InsecureSkipVerify = false }, configureClient: func(config *Config, called *bool) { config.VerifyPeerCertificate = func(rawCerts [][]byte, validatedChains [][]*x509.Certificate) error { return sentinelErr } }, validate: func(t *testing.T, testNo int, clientCalled, serverCalled bool, clientErr, serverErr error) { if clientErr != sentinelErr { t.Errorf("#%d: got client error %v, wanted sentinelErr", testNo, clientErr) } }, }, { configureServer: func(config *Config, called *bool) { config.InsecureSkipVerify = false }, configureClient: func(config *Config, called *bool) { config.InsecureSkipVerify = true config.VerifyPeerCertificate = func(rawCerts [][]byte, validatedChains [][]*x509.Certificate) error { if l := len(rawCerts); l != 1 { return fmt.Errorf("got len(rawCerts) = %d, wanted 1", l) } // With InsecureSkipVerify set, this // callback should still be called but // validatedChains must be empty. if l := len(validatedChains); l != 0 { return fmt.Errorf("got len(validatedChains) = %d, wanted zero", l) } *called = true return nil } }, validate: func(t *testing.T, testNo int, clientCalled, serverCalled bool, clientErr, serverErr error) { if clientErr != nil { t.Errorf("test[%d]: client handshake failed: %v", testNo, clientErr) } if serverErr != nil { t.Errorf("test[%d]: server handshake failed: %v", testNo, serverErr) } if !clientCalled { t.Errorf("test[%d]: client did not call callback", testNo) } }, }, } for i, test := range tests { c, s := localPipe(t) done := make(chan error) var clientCalled, serverCalled bool go func() { config := testConfig.Clone() config.ServerName = "example.golang" config.ClientAuth = RequireAndVerifyClientCert config.ClientCAs = rootCAs config.Time = now config.MaxVersion = version test.configureServer(config, &serverCalled) err = Server(s, config).Handshake() s.Close() done <- err }() config := testConfig.Clone() config.ServerName = "example.golang" config.RootCAs = rootCAs config.Time = now config.MaxVersion = version test.configureClient(config, &clientCalled) clientErr := Client(c, config).Handshake() c.Close() serverErr := <-done test.validate(t, i, clientCalled, serverCalled, clientErr, serverErr) } } // brokenConn wraps a net.Conn and causes all Writes after a certain number to // fail with brokenConnErr. type brokenConn struct { net.Conn // breakAfter is the number of successful writes that will be allowed // before all subsequent writes fail. breakAfter int // numWrites is the number of writes that have been done. numWrites int } // brokenConnErr is the error that brokenConn returns once exhausted. var brokenConnErr = errors.New("too many writes to brokenConn") func (b *brokenConn) Write(data []byte) (int, error) { if b.numWrites >= b.breakAfter { return 0, brokenConnErr } b.numWrites++ return b.Conn.Write(data) } func TestFailedWrite(t *testing.T) { // Test that a write error during the handshake is returned. for _, breakAfter := range []int{0, 1} { c, s := localPipe(t) done := make(chan bool) go func() { Server(s, testConfig).Handshake() s.Close() done <- true }() brokenC := &brokenConn{Conn: c, breakAfter: breakAfter} err := Client(brokenC, testConfig).Handshake() if err != brokenConnErr { t.Errorf("#%d: expected error from brokenConn but got %q", breakAfter, err) } brokenC.Close() <-done } } // writeCountingConn wraps a net.Conn and counts the number of Write calls. type writeCountingConn struct { net.Conn // numWrites is the number of writes that have been done. numWrites int } func (wcc *writeCountingConn) Write(data []byte) (int, error) { wcc.numWrites++ return wcc.Conn.Write(data) } func TestBuffering(t *testing.T) { t.Run("TLSv12", func(t *testing.T) { testBuffering(t, VersionTLS12) }) t.Run("TLSv13", func(t *testing.T) { testBuffering(t, VersionTLS13) }) } func testBuffering(t *testing.T, version uint16) { c, s := localPipe(t) done := make(chan bool) clientWCC := &writeCountingConn{Conn: c} serverWCC := &writeCountingConn{Conn: s} go func() { config := testConfig.Clone() config.MaxVersion = version Server(serverWCC, config).Handshake() serverWCC.Close() done <- true }() err := Client(clientWCC, testConfig).Handshake() if err != nil { t.Fatal(err) } clientWCC.Close() <-done var expectedClient, expectedServer int if version == VersionTLS13 { expectedClient = 2 expectedServer = 1 } else { expectedClient = 2 expectedServer = 2 } if n := clientWCC.numWrites; n != expectedClient { t.Errorf("expected client handshake to complete with %d writes, but saw %d", expectedClient, n) } if n := serverWCC.numWrites; n != expectedServer { t.Errorf("expected server handshake to complete with %d writes, but saw %d", expectedServer, n) } } func TestAlertFlushing(t *testing.T) { c, s := localPipe(t) done := make(chan bool) clientWCC := &writeCountingConn{Conn: c} serverWCC := &writeCountingConn{Conn: s} serverConfig := testConfig.Clone() // Cause a signature-time error brokenKey := rsa.PrivateKey{PublicKey: testRSAPrivateKey.PublicKey} brokenKey.D = big.NewInt(42) serverConfig.Certificates = []Certificate{{ Certificate: [][]byte{testRSACertificate}, PrivateKey: &brokenKey, }} go func() { Server(serverWCC, serverConfig).Handshake() serverWCC.Close() done <- true }() err := Client(clientWCC, testConfig).Handshake() if err == nil { t.Fatal("client unexpectedly returned no error") } const expectedError = "remote error: tls: internal error" if e := err.Error(); !strings.Contains(e, expectedError) { t.Fatalf("expected to find %q in error but error was %q", expectedError, e) } clientWCC.Close() <-done if n := serverWCC.numWrites; n != 1 { t.Errorf("expected server handshake to complete with one write, but saw %d", n) } } func TestHandshakeRace(t *testing.T) { if testing.Short() { t.Skip("skipping in -short mode") } t.Parallel() // This test races a Read and Write to try and complete a handshake in // order to provide some evidence that there are no races or deadlocks // in the handshake locking. for i := 0; i < 32; i++ { c, s := localPipe(t) go func() { server := Server(s, testConfig) if err := server.Handshake(); err != nil { panic(err) } var request [1]byte if n, err := server.Read(request[:]); err != nil || n != 1 { panic(err) } server.Write(request[:]) server.Close() }() startWrite := make(chan struct{}) startRead := make(chan struct{}) readDone := make(chan struct{}) client := Client(c, testConfig) go func() { <-startWrite var request [1]byte client.Write(request[:]) }() go func() { <-startRead var reply [1]byte if _, err := io.ReadFull(client, reply[:]); err != nil { panic(err) } c.Close() readDone <- struct{}{} }() if i&1 == 1 { startWrite <- struct{}{} startRead <- struct{}{} } else { startRead <- struct{}{} startWrite <- struct{}{} } <-readDone } } var getClientCertificateTests = []struct { setup func(*Config, *Config) expectedClientError string verify func(*testing.T, int, *ConnectionState) }{ { func(clientConfig, serverConfig *Config) { // Returning a Certificate with no certificate data // should result in an empty message being sent to the // server. serverConfig.ClientCAs = nil clientConfig.GetClientCertificate = func(cri *CertificateRequestInfo) (*Certificate, error) { if len(cri.SignatureSchemes) == 0 { panic("empty SignatureSchemes") } if len(cri.AcceptableCAs) != 0 { panic("AcceptableCAs should have been empty") } return new(Certificate), nil } }, "", func(t *testing.T, testNum int, cs *ConnectionState) { if l := len(cs.PeerCertificates); l != 0 { t.Errorf("#%d: expected no certificates but got %d", testNum, l) } }, }, { func(clientConfig, serverConfig *Config) { // With TLS 1.1, the SignatureSchemes should be // synthesised from the supported certificate types. clientConfig.MaxVersion = VersionTLS11 clientConfig.GetClientCertificate = func(cri *CertificateRequestInfo) (*Certificate, error) { if len(cri.SignatureSchemes) == 0 { panic("empty SignatureSchemes") } return new(Certificate), nil } }, "", func(t *testing.T, testNum int, cs *ConnectionState) { if l := len(cs.PeerCertificates); l != 0 { t.Errorf("#%d: expected no certificates but got %d", testNum, l) } }, }, { func(clientConfig, serverConfig *Config) { // Returning an error should abort the handshake with // that error. clientConfig.GetClientCertificate = func(cri *CertificateRequestInfo) (*Certificate, error) { return nil, errors.New("GetClientCertificate") } }, "GetClientCertificate", func(t *testing.T, testNum int, cs *ConnectionState) { }, }, { func(clientConfig, serverConfig *Config) { clientConfig.GetClientCertificate = func(cri *CertificateRequestInfo) (*Certificate, error) { if len(cri.AcceptableCAs) == 0 { panic("empty AcceptableCAs") } cert := &Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, } return cert, nil } }, "", func(t *testing.T, testNum int, cs *ConnectionState) { if len(cs.VerifiedChains) == 0 { t.Errorf("#%d: expected some verified chains, but found none", testNum) } }, }, } func TestGetClientCertificate(t *testing.T) { t.Run("TLSv12", func(t *testing.T) { testGetClientCertificate(t, VersionTLS12) }) t.Run("TLSv13", func(t *testing.T) { testGetClientCertificate(t, VersionTLS13) }) } func testGetClientCertificate(t *testing.T, version uint16) { issuer, err := x509.ParseCertificate(testRSACertificateIssuer) if err != nil { panic(err) } for i, test := range getClientCertificateTests { serverConfig := testConfig.Clone() serverConfig.ClientAuth = VerifyClientCertIfGiven serverConfig.RootCAs = x509.NewCertPool() serverConfig.RootCAs.AddCert(issuer) serverConfig.ClientCAs = serverConfig.RootCAs serverConfig.Time = func() time.Time { return time.Unix(1476984729, 0) } serverConfig.MaxVersion = version clientConfig := testConfig.Clone() clientConfig.MaxVersion = version test.setup(clientConfig, serverConfig) type serverResult struct { cs ConnectionState err error } c, s := localPipe(t) done := make(chan serverResult) go func() { defer s.Close() server := Server(s, serverConfig) err := server.Handshake() var cs ConnectionState if err == nil { cs = server.ConnectionState() } done <- serverResult{cs, err} }() clientErr := Client(c, clientConfig).Handshake() c.Close() result := <-done if clientErr != nil { if len(test.expectedClientError) == 0 { t.Errorf("#%d: client error: %v", i, clientErr) } else if got := clientErr.Error(); got != test.expectedClientError { t.Errorf("#%d: expected client error %q, but got %q", i, test.expectedClientError, got) } else { test.verify(t, i, &result.cs) } } else if len(test.expectedClientError) > 0 { t.Errorf("#%d: expected client error %q, but got no error", i, test.expectedClientError) } else if err := result.err; err != nil { t.Errorf("#%d: server error: %v", i, err) } else { test.verify(t, i, &result.cs) } } } func TestRSAPSSKeyError(t *testing.T) { // crypto/tls does not support the rsa_pss_pss_* SignatureSchemes. If support for // public keys with OID RSASSA-PSS is added to crypto/x509, they will be misused with // the rsa_pss_rsae_* SignatureSchemes. Assert that RSASSA-PSS certificates don't // parse, or that they don't carry *rsa.PublicKey keys. b, _ := pem.Decode([]byte(` -----BEGIN CERTIFICATE----- MIIDZTCCAhygAwIBAgIUCF2x0FyTgZG0CC9QTDjGWkB5vgEwPgYJKoZIhvcNAQEK MDGgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogQC AgDeMBIxEDAOBgNVBAMMB1JTQS1QU1MwHhcNMTgwNjI3MjI0NDM2WhcNMTgwNzI3 MjI0NDM2WjASMRAwDgYDVQQDDAdSU0EtUFNTMIIBIDALBgkqhkiG9w0BAQoDggEP ADCCAQoCggEBANxDm0f76JdI06YzsjB3AmmjIYkwUEGxePlafmIASFjDZl/elD0Z /a7xLX468b0qGxLS5al7XCcEprSdsDR6DF5L520+pCbpfLyPOjuOvGmk9KzVX4x5 b05YXYuXdsQ0Kjxcx2i3jjCday6scIhMJVgBZxTEyMj1thPQM14SHzKCd/m6HmCL QmswpH2yMAAcBRWzRpp/vdH5DeOJEB3aelq7094no731mrLUCHRiZ1htq8BDB3ou czwqgwspbqZ4dnMXl2MvfySQ5wJUxQwILbiuAKO2lVVPUbFXHE9pgtznNoPvKwQT JNcX8ee8WIZc2SEGzofjk3NpjR+2ADB2u3sCAwEAAaNTMFEwHQYDVR0OBBYEFNEz AdyJ2f+fU+vSCS6QzohnOnprMB8GA1UdIwQYMBaAFNEzAdyJ2f+fU+vSCS6Qzohn OnprMA8GA1UdEwEB/wQFMAMBAf8wPgYJKoZIhvcNAQEKMDGgDTALBglghkgBZQME AgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogQCAgDeA4IBAQCjEdrR5aab sZmCwrMeKidXgfkmWvfuLDE+TCbaqDZp7BMWcMQXT9O0UoUT5kqgKj2ARm2pEW0Z H3Z1vj3bbds72qcDIJXp+l0fekyLGeCrX/CbgnMZXEP7+/+P416p34ChR1Wz4dU1 KD3gdsUuTKKeMUog3plxlxQDhRQmiL25ygH1LmjLd6dtIt0GVRGr8lj3euVeprqZ bZ3Uq5eLfsn8oPgfC57gpO6yiN+UURRTlK3bgYvLh4VWB3XXk9UaQZ7Mq1tpXjoD HYFybkWzibkZp4WRo+Fa28rirH+/wHt0vfeN7UCceURZEx4JaxIIfe4ku7uDRhJi RwBA9Xk1KBNF -----END CERTIFICATE-----`)) if b == nil { t.Fatal("Failed to decode certificate") } cert, err := x509.ParseCertificate(b.Bytes) if err != nil { return } if _, ok := cert.PublicKey.(*rsa.PublicKey); ok { t.Error("A RSASSA-PSS certificate was parsed like a PKCS#1 v1.5 one, and it will be mistakenly used with rsa_pss_rsae_* signature algorithms") } } func TestCloseClientConnectionOnIdleServer(t *testing.T) { clientConn, serverConn := localPipe(t) client := Client(clientConn, testConfig.Clone()) go func() { var b [1]byte serverConn.Read(b[:]) client.Close() }() client.SetWriteDeadline(time.Now().Add(time.Minute)) err := client.Handshake() if err != nil { if err, ok := err.(net.Error); ok && err.Timeout() { t.Errorf("Expected a closed network connection error but got '%s'", err.Error()) } } else { t.Errorf("Error expected, but no error returned") } } func TestAdditionalExtensionsReceivedByClient(t *testing.T) { c, s := net.Pipe() done := make(chan bool) config := testConfig.Clone() config.MinVersion = VersionTLS13 config.MaxVersion = VersionTLS13 sconf := config.Clone() sconf.GetExtensions = func(_ uint8) []Extension { return []Extension{ {Type: 0x1337, Data: []byte("foobar")}, } } go func() { Server(s, sconf).Handshake() s.Close() done <- true }() var receivedExtensions bool cconf := config.Clone() cconf.ReceivedExtensions = func(handshakeMessageType uint8, exts []Extension) { receivedExtensions = true if handshakeMessageType != typeEncryptedExtensions { t.Errorf("expected handshake message type to be %d, but got %d", typeEncryptedExtensions, handshakeMessageType) } if len(exts) != 1 { t.Errorf("expected to received 1 extension, got %d", len(exts)) } if exts[0].Type != 0x1337 { t.Errorf("expected extension type 0x1337, got %#x", exts[0].Type) } if string(exts[0].Data) != "foobar" { t.Errorf("expection extension data to be foobar, got %s", exts[0].Data) } } err := Client(c, cconf).Handshake() if err != nil { t.Errorf("expected client to complete handshake, got %s", err) } if !receivedExtensions { t.Errorf("expected client to receive extensions") } } golang-github-marten-seemann-qtls-0.10.0/handshake_client_tls13.go000066400000000000000000000514351373277661100250760ustar00rootroot00000000000000// Copyright 2018 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto" "crypto/hmac" "crypto/rsa" "encoding/binary" "errors" "fmt" "hash" "sync/atomic" "time" "golang.org/x/crypto/cryptobyte" ) type clientHandshakeStateTLS13 struct { c *Conn serverHello *serverHelloMsg hello *clientHelloMsg ecdheParams ecdheParameters session *ClientSessionState earlySecret []byte binderKey []byte certReq *certificateRequestMsgTLS13 usingPSK bool sentDummyCCS bool suite *cipherSuiteTLS13 transcript hash.Hash masterSecret []byte trafficSecret []byte // client_application_traffic_secret_0 } // handshake requires hs.c, hs.hello, hs.serverHello, hs.ecdheParams, and, // optionally, hs.session, hs.earlySecret and hs.binderKey to be set. func (hs *clientHandshakeStateTLS13) handshake() error { c := hs.c // The server must not select TLS 1.3 in a renegotiation. See RFC 8446, // sections 4.1.2 and 4.1.3. if c.handshakes > 0 { c.sendAlert(alertProtocolVersion) return errors.New("tls: server selected TLS 1.3 in a renegotiation") } // Consistency check on the presence of a keyShare and its parameters. if hs.ecdheParams == nil || len(hs.hello.keyShares) != 1 { return c.sendAlert(alertInternalError) } if err := hs.checkServerHelloOrHRR(); err != nil { return err } hs.transcript = hs.suite.hash.New() hs.transcript.Write(hs.hello.marshal()) if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) { if err := hs.sendDummyChangeCipherSpec(); err != nil { return err } if err := hs.processHelloRetryRequest(); err != nil { return err } } hs.transcript.Write(hs.serverHello.marshal()) c.buffering = true if err := hs.processServerHello(); err != nil { return err } if err := hs.sendDummyChangeCipherSpec(); err != nil { return err } if err := hs.establishHandshakeKeys(); err != nil { return err } if err := hs.readServerParameters(); err != nil { return err } if err := hs.readServerCertificate(); err != nil { return err } if err := hs.readServerFinished(); err != nil { return err } if err := hs.sendClientCertificate(); err != nil { return err } if err := hs.sendClientFinished(); err != nil { return err } if _, err := c.flush(); err != nil { return err } atomic.StoreUint32(&c.handshakeStatus, 1) return nil } // checkServerHelloOrHRR does validity checks that apply to both ServerHello and // HelloRetryRequest messages. It sets hs.suite. func (hs *clientHandshakeStateTLS13) checkServerHelloOrHRR() error { c := hs.c if hs.serverHello.supportedVersion == 0 { c.sendAlert(alertMissingExtension) return errors.New("tls: server selected TLS 1.3 using the legacy version field") } if hs.serverHello.supportedVersion != VersionTLS13 { c.sendAlert(alertIllegalParameter) return errors.New("tls: server selected an invalid version after a HelloRetryRequest") } if hs.serverHello.vers != VersionTLS12 { c.sendAlert(alertIllegalParameter) return errors.New("tls: server sent an incorrect legacy version") } if hs.serverHello.ocspStapling || hs.serverHello.ticketSupported || hs.serverHello.secureRenegotiationSupported || len(hs.serverHello.secureRenegotiation) != 0 || len(hs.serverHello.alpnProtocol) != 0 || len(hs.serverHello.scts) != 0 { c.sendAlert(alertUnsupportedExtension) return errors.New("tls: server sent a ServerHello extension forbidden in TLS 1.3") } if !bytes.Equal(hs.hello.sessionId, hs.serverHello.sessionId) { c.sendAlert(alertIllegalParameter) return errors.New("tls: server did not echo the legacy session ID") } if hs.serverHello.compressionMethod != compressionNone { c.sendAlert(alertIllegalParameter) return errors.New("tls: server selected unsupported compression format") } selectedSuite := mutualCipherSuiteTLS13(hs.hello.cipherSuites, hs.serverHello.cipherSuite) if hs.suite != nil && selectedSuite != hs.suite { c.sendAlert(alertIllegalParameter) return errors.New("tls: server changed cipher suite after a HelloRetryRequest") } if selectedSuite == nil { c.sendAlert(alertIllegalParameter) return errors.New("tls: server chose an unconfigured cipher suite") } hs.suite = selectedSuite c.cipherSuite = hs.suite.id return nil } // sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility // with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4. func (hs *clientHandshakeStateTLS13) sendDummyChangeCipherSpec() error { if hs.sentDummyCCS { return nil } hs.sentDummyCCS = true _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1}) return err } // processHelloRetryRequest handles the HRR in hs.serverHello, modifies and // resends hs.hello, and reads the new ServerHello into hs.serverHello. func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error { c := hs.c // The first ClientHello gets double-hashed into the transcript upon a // HelloRetryRequest. See RFC 8446, Section 4.4.1. chHash := hs.transcript.Sum(nil) hs.transcript.Reset() hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))}) hs.transcript.Write(chHash) hs.transcript.Write(hs.serverHello.marshal()) if hs.serverHello.serverShare.group != 0 { c.sendAlert(alertDecodeError) return errors.New("tls: received malformed key_share extension") } curveID := hs.serverHello.selectedGroup if curveID == 0 { c.sendAlert(alertMissingExtension) return errors.New("tls: received HelloRetryRequest without selected group") } curveOK := false for _, id := range hs.hello.supportedCurves { if id == curveID { curveOK = true break } } if !curveOK { c.sendAlert(alertIllegalParameter) return errors.New("tls: server selected unsupported group") } if hs.ecdheParams.CurveID() == curveID { c.sendAlert(alertIllegalParameter) return errors.New("tls: server sent an unnecessary HelloRetryRequest message") } if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok { c.sendAlert(alertInternalError) return errors.New("tls: CurvePreferences includes unsupported curve") } params, err := generateECDHEParameters(c.config.rand(), curveID) if err != nil { c.sendAlert(alertInternalError) return err } hs.ecdheParams = params hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}} hs.hello.cookie = hs.serverHello.cookie hs.hello.raw = nil if len(hs.hello.pskIdentities) > 0 { pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite) if pskSuite == nil { return c.sendAlert(alertInternalError) } if pskSuite.hash == hs.suite.hash { // Update binders and obfuscated_ticket_age. ticketAge := uint32(c.config.time().Sub(hs.session.receivedAt) / time.Millisecond) hs.hello.pskIdentities[0].obfuscatedTicketAge = ticketAge + hs.session.ageAdd transcript := hs.suite.hash.New() transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))}) transcript.Write(chHash) transcript.Write(hs.serverHello.marshal()) transcript.Write(hs.hello.marshalWithoutBinders()) pskBinders := [][]byte{hs.suite.finishedHash(hs.binderKey, transcript)} hs.hello.updateBinders(pskBinders) } else { // Server selected a cipher suite incompatible with the PSK. hs.hello.pskIdentities = nil hs.hello.pskBinders = nil } } hs.hello.earlyData = false // disable 0-RTT if c.config.Rejected0RTT != nil { c.config.Rejected0RTT() } hs.transcript.Write(hs.hello.marshal()) if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil { return err } msg, err := c.readHandshake() if err != nil { return err } serverHello, ok := msg.(*serverHelloMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(serverHello, msg) } hs.serverHello = serverHello if err := hs.checkServerHelloOrHRR(); err != nil { return err } return nil } func (hs *clientHandshakeStateTLS13) processServerHello() error { c := hs.c if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) { c.sendAlert(alertUnexpectedMessage) return errors.New("tls: server sent two HelloRetryRequest messages") } if len(hs.serverHello.cookie) != 0 { c.sendAlert(alertUnsupportedExtension) return errors.New("tls: server sent a cookie in a normal ServerHello") } if hs.serverHello.selectedGroup != 0 { c.sendAlert(alertDecodeError) return errors.New("tls: malformed key_share extension") } if hs.serverHello.serverShare.group == 0 { c.sendAlert(alertIllegalParameter) return errors.New("tls: server did not send a key share") } if hs.serverHello.serverShare.group != hs.ecdheParams.CurveID() { c.sendAlert(alertIllegalParameter) return errors.New("tls: server selected unsupported group") } if !hs.serverHello.selectedIdentityPresent { return nil } if int(hs.serverHello.selectedIdentity) >= len(hs.hello.pskIdentities) { c.sendAlert(alertIllegalParameter) return errors.New("tls: server selected an invalid PSK") } if len(hs.hello.pskIdentities) != 1 || hs.session == nil { return c.sendAlert(alertInternalError) } pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite) if pskSuite == nil { return c.sendAlert(alertInternalError) } if pskSuite.hash != hs.suite.hash { c.sendAlert(alertIllegalParameter) return errors.New("tls: server selected an invalid PSK and cipher suite pair") } hs.usingPSK = true c.didResume = true c.peerCertificates = hs.session.serverCertificates c.verifiedChains = hs.session.verifiedChains return nil } func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error { c := hs.c sharedKey := hs.ecdheParams.SharedKey(hs.serverHello.serverShare.data) if sharedKey == nil { c.sendAlert(alertIllegalParameter) return errors.New("tls: invalid server key share") } earlySecret := hs.earlySecret if !hs.usingPSK { earlySecret = hs.suite.extract(nil, nil) } handshakeSecret := hs.suite.extract(sharedKey, hs.suite.deriveSecret(earlySecret, "derived", nil)) clientSecret := hs.suite.deriveSecret(handshakeSecret, clientHandshakeTrafficLabel, hs.transcript) c.out.exportKey(EncryptionHandshake, hs.suite, clientSecret) c.out.setTrafficSecret(hs.suite, clientSecret) serverSecret := hs.suite.deriveSecret(handshakeSecret, serverHandshakeTrafficLabel, hs.transcript) c.in.exportKey(EncryptionHandshake, hs.suite, serverSecret) c.in.setTrafficSecret(hs.suite, serverSecret) err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.hello.random, clientSecret) if err != nil { c.sendAlert(alertInternalError) return err } err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.hello.random, serverSecret) if err != nil { c.sendAlert(alertInternalError) return err } hs.masterSecret = hs.suite.extract(nil, hs.suite.deriveSecret(handshakeSecret, "derived", nil)) return nil } func (hs *clientHandshakeStateTLS13) readServerParameters() error { c := hs.c msg, err := c.readHandshake() if err != nil { return err } encryptedExtensions, ok := msg.(*encryptedExtensionsMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(encryptedExtensions, msg) } if hs.c.config.ReceivedExtensions != nil { hs.c.config.ReceivedExtensions(typeEncryptedExtensions, encryptedExtensions.additionalExtensions) } hs.transcript.Write(encryptedExtensions.marshal()) if len(encryptedExtensions.alpnProtocol) != 0 && len(hs.hello.alpnProtocols) == 0 { c.sendAlert(alertUnsupportedExtension) return errors.New("tls: server advertised unrequested ALPN extension") } if c.config.EnforceNextProtoSelection { if len(encryptedExtensions.alpnProtocol) == 0 { // the server didn't select an ALPN c.sendAlert(alertNoApplicationProtocol) return errors.New("ALPN negotiation failed. Server didn't offer any protocols") } if _, fallback := mutualProtocol([]string{encryptedExtensions.alpnProtocol}, hs.c.config.NextProtos); fallback { // the protocol selected by the server was not offered c.sendAlert(alertNoApplicationProtocol) return fmt.Errorf("ALPN negotiation failed. Server offered: %q", encryptedExtensions.alpnProtocol) } } c.clientProtocol = encryptedExtensions.alpnProtocol // Notify the caller if 0-RTT was rejected. if !encryptedExtensions.earlyData && hs.hello.earlyData && c.config.Rejected0RTT != nil { c.config.Rejected0RTT() } c.used0RTT = encryptedExtensions.earlyData return nil } func (hs *clientHandshakeStateTLS13) readServerCertificate() error { c := hs.c // Either a PSK or a certificate is always used, but not both. // See RFC 8446, Section 4.1.1. if hs.usingPSK { return nil } msg, err := c.readHandshake() if err != nil { return err } certReq, ok := msg.(*certificateRequestMsgTLS13) if ok { hs.transcript.Write(certReq.marshal()) hs.certReq = certReq msg, err = c.readHandshake() if err != nil { return err } } certMsg, ok := msg.(*certificateMsgTLS13) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certMsg, msg) } if len(certMsg.certificate.Certificate) == 0 { c.sendAlert(alertDecodeError) return errors.New("tls: received empty certificates message") } hs.transcript.Write(certMsg.marshal()) c.scts = certMsg.certificate.SignedCertificateTimestamps c.ocspResponse = certMsg.certificate.OCSPStaple if err := c.verifyServerCertificate(certMsg.certificate.Certificate); err != nil { return err } msg, err = c.readHandshake() if err != nil { return err } certVerify, ok := msg.(*certificateVerifyMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certVerify, msg) } // See RFC 8446, Section 4.4.3. if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) { c.sendAlert(alertIllegalParameter) return errors.New("tls: certificate used with invalid signature algorithm") } sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm) if err != nil { return c.sendAlert(alertInternalError) } if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 { c.sendAlert(alertIllegalParameter) return errors.New("tls: certificate used with invalid signature algorithm") } signed := signedMessage(sigHash, serverSignatureContext, hs.transcript) if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey, sigHash, signed, certVerify.signature); err != nil { c.sendAlert(alertDecryptError) return errors.New("tls: invalid signature by the server certificate: " + err.Error()) } hs.transcript.Write(certVerify.marshal()) return nil } func (hs *clientHandshakeStateTLS13) readServerFinished() error { c := hs.c msg, err := c.readHandshake() if err != nil { return err } finished, ok := msg.(*finishedMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(finished, msg) } expectedMAC := hs.suite.finishedHash(c.in.trafficSecret, hs.transcript) if !hmac.Equal(expectedMAC, finished.verifyData) { c.sendAlert(alertDecryptError) return errors.New("tls: invalid server finished hash") } hs.transcript.Write(finished.marshal()) // Derive secrets that take context through the server Finished. hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret, clientApplicationTrafficLabel, hs.transcript) serverSecret := hs.suite.deriveSecret(hs.masterSecret, serverApplicationTrafficLabel, hs.transcript) c.in.exportKey(EncryptionApplication, hs.suite, serverSecret) c.in.setTrafficSecret(hs.suite, serverSecret) err = c.config.writeKeyLog(keyLogLabelClientTraffic, hs.hello.random, hs.trafficSecret) if err != nil { c.sendAlert(alertInternalError) return err } err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.hello.random, serverSecret) if err != nil { c.sendAlert(alertInternalError) return err } c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript) return nil } func (hs *clientHandshakeStateTLS13) sendClientCertificate() error { c := hs.c if hs.certReq == nil { return nil } cert, err := c.getClientCertificate(&CertificateRequestInfo{ AcceptableCAs: hs.certReq.certificateAuthorities, SignatureSchemes: hs.certReq.supportedSignatureAlgorithms, Version: c.vers, }) if err != nil { return err } certMsg := new(certificateMsgTLS13) certMsg.certificate = *cert certMsg.scts = hs.certReq.scts && len(cert.SignedCertificateTimestamps) > 0 certMsg.ocspStapling = hs.certReq.ocspStapling && len(cert.OCSPStaple) > 0 hs.transcript.Write(certMsg.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil { return err } // If we sent an empty certificate message, skip the CertificateVerify. if len(cert.Certificate) == 0 { return nil } certVerifyMsg := new(certificateVerifyMsg) certVerifyMsg.hasSignatureAlgorithm = true certVerifyMsg.signatureAlgorithm, err = selectSignatureScheme(c.vers, cert, hs.certReq.supportedSignatureAlgorithms) if err != nil { // getClientCertificate returned a certificate incompatible with the // CertificateRequestInfo supported signature algorithms. c.sendAlert(alertHandshakeFailure) return err } sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerifyMsg.signatureAlgorithm) if err != nil { return c.sendAlert(alertInternalError) } signed := signedMessage(sigHash, clientSignatureContext, hs.transcript) signOpts := crypto.SignerOpts(sigHash) if sigType == signatureRSAPSS { signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash} } sig, err := cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts) if err != nil { c.sendAlert(alertInternalError) return errors.New("tls: failed to sign handshake: " + err.Error()) } certVerifyMsg.signature = sig hs.transcript.Write(certVerifyMsg.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil { return err } return nil } func (hs *clientHandshakeStateTLS13) sendClientFinished() error { c := hs.c finished := &finishedMsg{ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript), } hs.transcript.Write(finished.marshal()) if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil { return err } c.out.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret) c.out.setTrafficSecret(hs.suite, hs.trafficSecret) if !c.config.SessionTicketsDisabled && c.config.ClientSessionCache != nil { c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret, resumptionLabel, hs.transcript) } return nil } func (c *Conn) handleNewSessionTicket(msg *newSessionTicketMsgTLS13) error { if !c.isClient { c.sendAlert(alertUnexpectedMessage) return errors.New("tls: received new session ticket from a client") } if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil { return nil } // See RFC 8446, Section 4.6.1. if msg.lifetime == 0 { return nil } lifetime := time.Duration(msg.lifetime) * time.Second if lifetime > maxSessionTicketLifetime { c.sendAlert(alertIllegalParameter) return errors.New("tls: received a session ticket with invalid lifetime") } cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite) if cipherSuite == nil || c.resumptionSecret == nil { return c.sendAlert(alertInternalError) } // We need to save the max_early_data_size that the server sent us, in order // to decide if we're going to try 0-RTT with this ticket. // However, at the same time, the qtls.ClientSessionTicket needs to be equal to // the tls.ClientSessionTicket, so we can't just add a new field to the struct. // We therefore abuse the nonce field (which is a byte slice) nonceWithEarlyData := make([]byte, len(msg.nonce)+4) binary.BigEndian.PutUint32(nonceWithEarlyData, msg.maxEarlyData) copy(nonceWithEarlyData[4:], msg.nonce) var appData []byte if c.config.GetAppDataForSessionState != nil { appData = c.config.GetAppDataForSessionState() } var b cryptobyte.Builder b.AddUint16(clientSessionStateVersion) // revision b.AddUint32(msg.maxEarlyData) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(appData) }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(msg.nonce) }) // Save the resumption_master_secret and nonce instead of deriving the PSK // to do the least amount of work on NewSessionTicket messages before we // know if the ticket will be used. Forward secrecy of resumed connections // is guaranteed by the requirement for pskModeDHE. session := &ClientSessionState{ sessionTicket: msg.label, vers: c.vers, cipherSuite: c.cipherSuite, masterSecret: c.resumptionSecret, serverCertificates: c.peerCertificates, verifiedChains: c.verifiedChains, receivedAt: c.config.time(), nonce: b.BytesOrPanic(), useBy: c.config.time().Add(lifetime), ageAdd: msg.ageAdd, } cacheKey := clientSessionCacheKey(c.conn.RemoteAddr(), c.config) c.config.ClientSessionCache.Put(cacheKey, session) return nil } golang-github-marten-seemann-qtls-0.10.0/handshake_messages.go000066400000000000000000001342771373277661100244070ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "fmt" "strings" "golang.org/x/crypto/cryptobyte" ) // The marshalingFunction type is an adapter to allow the use of ordinary // functions as cryptobyte.MarshalingValue. type marshalingFunction func(b *cryptobyte.Builder) error func (f marshalingFunction) Marshal(b *cryptobyte.Builder) error { return f(b) } // addBytesWithLength appends a sequence of bytes to the cryptobyte.Builder. If // the length of the sequence is not the value specified, it produces an error. func addBytesWithLength(b *cryptobyte.Builder, v []byte, n int) { b.AddValue(marshalingFunction(func(b *cryptobyte.Builder) error { if len(v) != n { return fmt.Errorf("invalid value length: expected %d, got %d", n, len(v)) } b.AddBytes(v) return nil })) } // addUint64 appends a big-endian, 64-bit value to the cryptobyte.Builder. func addUint64(b *cryptobyte.Builder, v uint64) { b.AddUint32(uint32(v >> 32)) b.AddUint32(uint32(v)) } // readUint64 decodes a big-endian, 64-bit value into out and advances over it. // It reports whether the read was successful. func readUint64(s *cryptobyte.String, out *uint64) bool { var hi, lo uint32 if !s.ReadUint32(&hi) || !s.ReadUint32(&lo) { return false } *out = uint64(hi)<<32 | uint64(lo) return true } // readUint8LengthPrefixed acts like s.ReadUint8LengthPrefixed, but targets a // []byte instead of a cryptobyte.String. func readUint8LengthPrefixed(s *cryptobyte.String, out *[]byte) bool { return s.ReadUint8LengthPrefixed((*cryptobyte.String)(out)) } // readUint16LengthPrefixed acts like s.ReadUint16LengthPrefixed, but targets a // []byte instead of a cryptobyte.String. func readUint16LengthPrefixed(s *cryptobyte.String, out *[]byte) bool { return s.ReadUint16LengthPrefixed((*cryptobyte.String)(out)) } // readUint24LengthPrefixed acts like s.ReadUint24LengthPrefixed, but targets a // []byte instead of a cryptobyte.String. func readUint24LengthPrefixed(s *cryptobyte.String, out *[]byte) bool { return s.ReadUint24LengthPrefixed((*cryptobyte.String)(out)) } type clientHelloMsg struct { raw []byte vers uint16 random []byte sessionId []byte cipherSuites []uint16 compressionMethods []uint8 serverName string ocspStapling bool supportedCurves []CurveID supportedPoints []uint8 ticketSupported bool sessionTicket []uint8 supportedSignatureAlgorithms []SignatureScheme supportedSignatureAlgorithmsCert []SignatureScheme secureRenegotiationSupported bool secureRenegotiation []byte alpnProtocols []string scts bool supportedVersions []uint16 cookie []byte keyShares []keyShare earlyData bool pskModes []uint8 pskIdentities []pskIdentity pskBinders [][]byte additionalExtensions []Extension } func (m *clientHelloMsg) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeClientHello) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16(m.vers) addBytesWithLength(b, m.random, 32) b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.sessionId) }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, suite := range m.cipherSuites { b.AddUint16(suite) } }) b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.compressionMethods) }) // If extensions aren't present, omit them. var extensionsPresent bool bWithoutExtensions := *b b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { if len(m.serverName) > 0 { // RFC 6066, Section 3 b.AddUint16(extensionServerName) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8(0) // name_type = host_name b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes([]byte(m.serverName)) }) }) }) } if m.ocspStapling { // RFC 4366, Section 3.6 b.AddUint16(extensionStatusRequest) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8(1) // status_type = ocsp b.AddUint16(0) // empty responder_id_list b.AddUint16(0) // empty request_extensions }) } if len(m.supportedCurves) > 0 { // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7 b.AddUint16(extensionSupportedCurves) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, curve := range m.supportedCurves { b.AddUint16(uint16(curve)) } }) }) } if len(m.supportedPoints) > 0 { // RFC 4492, Section 5.1.2 b.AddUint16(extensionSupportedPoints) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.supportedPoints) }) }) } if m.ticketSupported { // RFC 5077, Section 3.2 b.AddUint16(extensionSessionTicket) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.sessionTicket) }) } if len(m.supportedSignatureAlgorithms) > 0 { // RFC 5246, Section 7.4.1.4.1 b.AddUint16(extensionSignatureAlgorithms) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, sigAlgo := range m.supportedSignatureAlgorithms { b.AddUint16(uint16(sigAlgo)) } }) }) } if len(m.supportedSignatureAlgorithmsCert) > 0 { // RFC 8446, Section 4.2.3 b.AddUint16(extensionSignatureAlgorithmsCert) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, sigAlgo := range m.supportedSignatureAlgorithmsCert { b.AddUint16(uint16(sigAlgo)) } }) }) } if m.secureRenegotiationSupported { // RFC 5746, Section 3.2 b.AddUint16(extensionRenegotiationInfo) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.secureRenegotiation) }) }) } if len(m.alpnProtocols) > 0 { // RFC 7301, Section 3.1 b.AddUint16(extensionALPN) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, proto := range m.alpnProtocols { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes([]byte(proto)) }) } }) }) } if m.scts { // RFC 6962, Section 3.3.1 b.AddUint16(extensionSCT) b.AddUint16(0) // empty extension_data } if len(m.supportedVersions) > 0 { // RFC 8446, Section 4.2.1 b.AddUint16(extensionSupportedVersions) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { for _, vers := range m.supportedVersions { b.AddUint16(vers) } }) }) } if len(m.cookie) > 0 { // RFC 8446, Section 4.2.2 b.AddUint16(extensionCookie) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.cookie) }) }) } if len(m.keyShares) > 0 { // RFC 8446, Section 4.2.8 b.AddUint16(extensionKeyShare) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, ks := range m.keyShares { b.AddUint16(uint16(ks.group)) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(ks.data) }) } }) }) } if m.earlyData { // RFC 8446, Section 4.2.10 b.AddUint16(extensionEarlyData) b.AddUint16(0) // empty extension_data } if len(m.pskModes) > 0 { // RFC 8446, Section 4.2.9 b.AddUint16(extensionPSKModes) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.pskModes) }) }) } for _, ext := range m.additionalExtensions { b.AddUint16(ext.Type) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(ext.Data) }) } if len(m.pskIdentities) > 0 { // pre_shared_key must be the last extension // RFC 8446, Section 4.2.11 b.AddUint16(extensionPreSharedKey) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, psk := range m.pskIdentities { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(psk.label) }) b.AddUint32(psk.obfuscatedTicketAge) } }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, binder := range m.pskBinders { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(binder) }) } }) }) } extensionsPresent = len(b.BytesOrPanic()) > 2 }) if !extensionsPresent { *b = bWithoutExtensions } }) m.raw = b.BytesOrPanic() return m.raw } // marshalWithoutBinders returns the ClientHello through the // PreSharedKeyExtension.identities field, according to RFC 8446, Section // 4.2.11.2. Note that m.pskBinders must be set to slices of the correct length. func (m *clientHelloMsg) marshalWithoutBinders() []byte { bindersLen := 2 // uint16 length prefix for _, binder := range m.pskBinders { bindersLen += 1 // uint8 length prefix bindersLen += len(binder) } fullMessage := m.marshal() return fullMessage[:len(fullMessage)-bindersLen] } // updateBinders updates the m.pskBinders field, if necessary updating the // cached marshaled representation. The supplied binders must have the same // length as the current m.pskBinders. func (m *clientHelloMsg) updateBinders(pskBinders [][]byte) { if len(pskBinders) != len(m.pskBinders) { panic("tls: internal error: pskBinders length mismatch") } for i := range m.pskBinders { if len(pskBinders[i]) != len(m.pskBinders[i]) { panic("tls: internal error: pskBinders length mismatch") } } m.pskBinders = pskBinders if m.raw != nil { lenWithoutBinders := len(m.marshalWithoutBinders()) // TODO(filippo): replace with NewFixedBuilder once CL 148882 is imported. b := cryptobyte.NewBuilder(m.raw[:lenWithoutBinders]) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, binder := range m.pskBinders { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(binder) }) } }) if len(b.BytesOrPanic()) != len(m.raw) { panic("tls: internal error: failed to update binders") } } } func (m *clientHelloMsg) unmarshal(data []byte) bool { *m = clientHelloMsg{raw: data} s := cryptobyte.String(data) if !s.Skip(4) || // message type and uint24 length field !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) || !readUint8LengthPrefixed(&s, &m.sessionId) { return false } var cipherSuites cryptobyte.String if !s.ReadUint16LengthPrefixed(&cipherSuites) { return false } m.cipherSuites = []uint16{} m.secureRenegotiationSupported = false for !cipherSuites.Empty() { var suite uint16 if !cipherSuites.ReadUint16(&suite) { return false } if suite == scsvRenegotiation { m.secureRenegotiationSupported = true } m.cipherSuites = append(m.cipherSuites, suite) } if !readUint8LengthPrefixed(&s, &m.compressionMethods) { return false } if s.Empty() { // ClientHello is optionally followed by extension data return true } var extensions cryptobyte.String if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() { return false } for !extensions.Empty() { var ext uint16 var extData cryptobyte.String if !extensions.ReadUint16(&ext) || !extensions.ReadUint16LengthPrefixed(&extData) { return false } switch ext { case extensionServerName: // RFC 6066, Section 3 var nameList cryptobyte.String if !extData.ReadUint16LengthPrefixed(&nameList) || nameList.Empty() { return false } for !nameList.Empty() { var nameType uint8 var serverName cryptobyte.String if !nameList.ReadUint8(&nameType) || !nameList.ReadUint16LengthPrefixed(&serverName) || serverName.Empty() { return false } if nameType != 0 { continue } if len(m.serverName) != 0 { // Multiple names of the same name_type are prohibited. return false } m.serverName = string(serverName) // An SNI value may not include a trailing dot. if strings.HasSuffix(m.serverName, ".") { return false } } case extensionStatusRequest: // RFC 4366, Section 3.6 var statusType uint8 var ignored cryptobyte.String if !extData.ReadUint8(&statusType) || !extData.ReadUint16LengthPrefixed(&ignored) || !extData.ReadUint16LengthPrefixed(&ignored) { return false } m.ocspStapling = statusType == statusTypeOCSP case extensionSupportedCurves: // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7 var curves cryptobyte.String if !extData.ReadUint16LengthPrefixed(&curves) || curves.Empty() { return false } for !curves.Empty() { var curve uint16 if !curves.ReadUint16(&curve) { return false } m.supportedCurves = append(m.supportedCurves, CurveID(curve)) } case extensionSupportedPoints: // RFC 4492, Section 5.1.2 if !readUint8LengthPrefixed(&extData, &m.supportedPoints) || len(m.supportedPoints) == 0 { return false } case extensionSessionTicket: // RFC 5077, Section 3.2 m.ticketSupported = true extData.ReadBytes(&m.sessionTicket, len(extData)) case extensionSignatureAlgorithms: // RFC 5246, Section 7.4.1.4.1 var sigAndAlgs cryptobyte.String if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() { return false } for !sigAndAlgs.Empty() { var sigAndAlg uint16 if !sigAndAlgs.ReadUint16(&sigAndAlg) { return false } m.supportedSignatureAlgorithms = append( m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg)) } case extensionSignatureAlgorithmsCert: // RFC 8446, Section 4.2.3 var sigAndAlgs cryptobyte.String if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() { return false } for !sigAndAlgs.Empty() { var sigAndAlg uint16 if !sigAndAlgs.ReadUint16(&sigAndAlg) { return false } m.supportedSignatureAlgorithmsCert = append( m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg)) } case extensionRenegotiationInfo: // RFC 5746, Section 3.2 if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) { return false } m.secureRenegotiationSupported = true case extensionALPN: // RFC 7301, Section 3.1 var protoList cryptobyte.String if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() { return false } for !protoList.Empty() { var proto cryptobyte.String if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() { return false } m.alpnProtocols = append(m.alpnProtocols, string(proto)) } case extensionSCT: // RFC 6962, Section 3.3.1 m.scts = true case extensionSupportedVersions: // RFC 8446, Section 4.2.1 var versList cryptobyte.String if !extData.ReadUint8LengthPrefixed(&versList) || versList.Empty() { return false } for !versList.Empty() { var vers uint16 if !versList.ReadUint16(&vers) { return false } m.supportedVersions = append(m.supportedVersions, vers) } case extensionCookie: // RFC 8446, Section 4.2.2 if !readUint16LengthPrefixed(&extData, &m.cookie) || len(m.cookie) == 0 { return false } case extensionKeyShare: // RFC 8446, Section 4.2.8 var clientShares cryptobyte.String if !extData.ReadUint16LengthPrefixed(&clientShares) { return false } for !clientShares.Empty() { var ks keyShare if !clientShares.ReadUint16((*uint16)(&ks.group)) || !readUint16LengthPrefixed(&clientShares, &ks.data) || len(ks.data) == 0 { return false } m.keyShares = append(m.keyShares, ks) } case extensionEarlyData: // RFC 8446, Section 4.2.10 m.earlyData = true case extensionPSKModes: // RFC 8446, Section 4.2.9 if !readUint8LengthPrefixed(&extData, &m.pskModes) { return false } case extensionPreSharedKey: // RFC 8446, Section 4.2.11 if !extensions.Empty() { return false // pre_shared_key must be the last extension } var identities cryptobyte.String if !extData.ReadUint16LengthPrefixed(&identities) || identities.Empty() { return false } for !identities.Empty() { var psk pskIdentity if !readUint16LengthPrefixed(&identities, &psk.label) || !identities.ReadUint32(&psk.obfuscatedTicketAge) || len(psk.label) == 0 { return false } m.pskIdentities = append(m.pskIdentities, psk) } var binders cryptobyte.String if !extData.ReadUint16LengthPrefixed(&binders) || binders.Empty() { return false } for !binders.Empty() { var binder []byte if !readUint8LengthPrefixed(&binders, &binder) || len(binder) == 0 { return false } m.pskBinders = append(m.pskBinders, binder) } default: m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData}) continue } if !extData.Empty() { return false } } return true } type serverHelloMsg struct { raw []byte vers uint16 random []byte sessionId []byte cipherSuite uint16 compressionMethod uint8 ocspStapling bool ticketSupported bool secureRenegotiationSupported bool secureRenegotiation []byte alpnProtocol string scts [][]byte supportedVersion uint16 serverShare keyShare selectedIdentityPresent bool selectedIdentity uint16 supportedPoints []uint8 // HelloRetryRequest extensions cookie []byte selectedGroup CurveID } func (m *serverHelloMsg) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeServerHello) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16(m.vers) addBytesWithLength(b, m.random, 32) b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.sessionId) }) b.AddUint16(m.cipherSuite) b.AddUint8(m.compressionMethod) // If extensions aren't present, omit them. var extensionsPresent bool bWithoutExtensions := *b b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { if m.ocspStapling { b.AddUint16(extensionStatusRequest) b.AddUint16(0) // empty extension_data } if m.ticketSupported { b.AddUint16(extensionSessionTicket) b.AddUint16(0) // empty extension_data } if m.secureRenegotiationSupported { b.AddUint16(extensionRenegotiationInfo) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.secureRenegotiation) }) }) } if len(m.alpnProtocol) > 0 { b.AddUint16(extensionALPN) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes([]byte(m.alpnProtocol)) }) }) }) } if len(m.scts) > 0 { b.AddUint16(extensionSCT) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, sct := range m.scts { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(sct) }) } }) }) } if m.supportedVersion != 0 { b.AddUint16(extensionSupportedVersions) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16(m.supportedVersion) }) } if m.serverShare.group != 0 { b.AddUint16(extensionKeyShare) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16(uint16(m.serverShare.group)) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.serverShare.data) }) }) } if m.selectedIdentityPresent { b.AddUint16(extensionPreSharedKey) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16(m.selectedIdentity) }) } if len(m.cookie) > 0 { b.AddUint16(extensionCookie) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.cookie) }) }) } if m.selectedGroup != 0 { b.AddUint16(extensionKeyShare) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16(uint16(m.selectedGroup)) }) } if len(m.supportedPoints) > 0 { b.AddUint16(extensionSupportedPoints) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.supportedPoints) }) }) } extensionsPresent = len(b.BytesOrPanic()) > 2 }) if !extensionsPresent { *b = bWithoutExtensions } }) m.raw = b.BytesOrPanic() return m.raw } func (m *serverHelloMsg) unmarshal(data []byte) bool { *m = serverHelloMsg{raw: data} s := cryptobyte.String(data) if !s.Skip(4) || // message type and uint24 length field !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) || !readUint8LengthPrefixed(&s, &m.sessionId) || !s.ReadUint16(&m.cipherSuite) || !s.ReadUint8(&m.compressionMethod) { return false } if s.Empty() { // ServerHello is optionally followed by extension data return true } var extensions cryptobyte.String if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() { return false } for !extensions.Empty() { var extension uint16 var extData cryptobyte.String if !extensions.ReadUint16(&extension) || !extensions.ReadUint16LengthPrefixed(&extData) { return false } switch extension { case extensionStatusRequest: m.ocspStapling = true case extensionSessionTicket: m.ticketSupported = true case extensionRenegotiationInfo: if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) { return false } m.secureRenegotiationSupported = true case extensionALPN: var protoList cryptobyte.String if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() { return false } var proto cryptobyte.String if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() || !protoList.Empty() { return false } m.alpnProtocol = string(proto) case extensionSCT: var sctList cryptobyte.String if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() { return false } for !sctList.Empty() { var sct []byte if !readUint16LengthPrefixed(&sctList, &sct) || len(sct) == 0 { return false } m.scts = append(m.scts, sct) } case extensionSupportedVersions: if !extData.ReadUint16(&m.supportedVersion) { return false } case extensionCookie: if !readUint16LengthPrefixed(&extData, &m.cookie) || len(m.cookie) == 0 { return false } case extensionKeyShare: // This extension has different formats in SH and HRR, accept either // and let the handshake logic decide. See RFC 8446, Section 4.2.8. if len(extData) == 2 { if !extData.ReadUint16((*uint16)(&m.selectedGroup)) { return false } } else { if !extData.ReadUint16((*uint16)(&m.serverShare.group)) || !readUint16LengthPrefixed(&extData, &m.serverShare.data) { return false } } case extensionPreSharedKey: m.selectedIdentityPresent = true if !extData.ReadUint16(&m.selectedIdentity) { return false } case extensionSupportedPoints: // RFC 4492, Section 5.1.2 if !readUint8LengthPrefixed(&extData, &m.supportedPoints) || len(m.supportedPoints) == 0 { return false } default: // Ignore unknown extensions. continue } if !extData.Empty() { return false } } return true } type encryptedExtensionsMsg struct { raw []byte alpnProtocol string earlyData bool additionalExtensions []Extension } func (m *encryptedExtensionsMsg) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeEncryptedExtensions) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { if len(m.alpnProtocol) > 0 { b.AddUint16(extensionALPN) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes([]byte(m.alpnProtocol)) }) }) }) } if m.earlyData { // RFC 8446, Section 4.2.10 b.AddUint16(extensionEarlyData) b.AddUint16(0) // empty extension_data } for _, ext := range m.additionalExtensions { b.AddUint16(ext.Type) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(ext.Data) }) } }) }) m.raw = b.BytesOrPanic() return m.raw } func (m *encryptedExtensionsMsg) unmarshal(data []byte) bool { *m = encryptedExtensionsMsg{raw: data} s := cryptobyte.String(data) var extensions cryptobyte.String if !s.Skip(4) || // message type and uint24 length field !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() { return false } for !extensions.Empty() { var ext uint16 var extData cryptobyte.String if !extensions.ReadUint16(&ext) || !extensions.ReadUint16LengthPrefixed(&extData) { return false } switch ext { case extensionALPN: var protoList cryptobyte.String if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() { return false } var proto cryptobyte.String if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() || !protoList.Empty() { return false } m.alpnProtocol = string(proto) case extensionEarlyData: m.earlyData = true default: m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData}) continue } if !extData.Empty() { return false } } return true } type endOfEarlyDataMsg struct{} func (m *endOfEarlyDataMsg) marshal() []byte { x := make([]byte, 4) x[0] = typeEndOfEarlyData return x } func (m *endOfEarlyDataMsg) unmarshal(data []byte) bool { return len(data) == 4 } type keyUpdateMsg struct { raw []byte updateRequested bool } func (m *keyUpdateMsg) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeKeyUpdate) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { if m.updateRequested { b.AddUint8(1) } else { b.AddUint8(0) } }) m.raw = b.BytesOrPanic() return m.raw } func (m *keyUpdateMsg) unmarshal(data []byte) bool { m.raw = data s := cryptobyte.String(data) var updateRequested uint8 if !s.Skip(4) || // message type and uint24 length field !s.ReadUint8(&updateRequested) || !s.Empty() { return false } switch updateRequested { case 0: m.updateRequested = false case 1: m.updateRequested = true default: return false } return true } type newSessionTicketMsgTLS13 struct { raw []byte lifetime uint32 ageAdd uint32 nonce []byte label []byte maxEarlyData uint32 } func (m *newSessionTicketMsgTLS13) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeNewSessionTicket) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint32(m.lifetime) b.AddUint32(m.ageAdd) b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.nonce) }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.label) }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { if m.maxEarlyData > 0 { b.AddUint16(extensionEarlyData) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint32(m.maxEarlyData) }) } }) }) m.raw = b.BytesOrPanic() return m.raw } func (m *newSessionTicketMsgTLS13) unmarshal(data []byte) bool { *m = newSessionTicketMsgTLS13{raw: data} s := cryptobyte.String(data) var extensions cryptobyte.String if !s.Skip(4) || // message type and uint24 length field !s.ReadUint32(&m.lifetime) || !s.ReadUint32(&m.ageAdd) || !readUint8LengthPrefixed(&s, &m.nonce) || !readUint16LengthPrefixed(&s, &m.label) || !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() { return false } for !extensions.Empty() { var extension uint16 var extData cryptobyte.String if !extensions.ReadUint16(&extension) || !extensions.ReadUint16LengthPrefixed(&extData) { return false } switch extension { case extensionEarlyData: if !extData.ReadUint32(&m.maxEarlyData) { return false } default: // Ignore unknown extensions. continue } if !extData.Empty() { return false } } return true } type certificateRequestMsgTLS13 struct { raw []byte ocspStapling bool scts bool supportedSignatureAlgorithms []SignatureScheme supportedSignatureAlgorithmsCert []SignatureScheme certificateAuthorities [][]byte } func (m *certificateRequestMsgTLS13) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeCertificateRequest) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { // certificate_request_context (SHALL be zero length unless used for // post-handshake authentication) b.AddUint8(0) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { if m.ocspStapling { b.AddUint16(extensionStatusRequest) b.AddUint16(0) // empty extension_data } if m.scts { // RFC 8446, Section 4.4.2.1 makes no mention of // signed_certificate_timestamp in CertificateRequest, but // "Extensions in the Certificate message from the client MUST // correspond to extensions in the CertificateRequest message // from the server." and it appears in the table in Section 4.2. b.AddUint16(extensionSCT) b.AddUint16(0) // empty extension_data } if len(m.supportedSignatureAlgorithms) > 0 { b.AddUint16(extensionSignatureAlgorithms) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, sigAlgo := range m.supportedSignatureAlgorithms { b.AddUint16(uint16(sigAlgo)) } }) }) } if len(m.supportedSignatureAlgorithmsCert) > 0 { b.AddUint16(extensionSignatureAlgorithmsCert) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, sigAlgo := range m.supportedSignatureAlgorithmsCert { b.AddUint16(uint16(sigAlgo)) } }) }) } if len(m.certificateAuthorities) > 0 { b.AddUint16(extensionCertificateAuthorities) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, ca := range m.certificateAuthorities { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(ca) }) } }) }) } }) }) m.raw = b.BytesOrPanic() return m.raw } func (m *certificateRequestMsgTLS13) unmarshal(data []byte) bool { *m = certificateRequestMsgTLS13{raw: data} s := cryptobyte.String(data) var context, extensions cryptobyte.String if !s.Skip(4) || // message type and uint24 length field !s.ReadUint8LengthPrefixed(&context) || !context.Empty() || !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() { return false } for !extensions.Empty() { var extension uint16 var extData cryptobyte.String if !extensions.ReadUint16(&extension) || !extensions.ReadUint16LengthPrefixed(&extData) { return false } switch extension { case extensionStatusRequest: m.ocspStapling = true case extensionSCT: m.scts = true case extensionSignatureAlgorithms: var sigAndAlgs cryptobyte.String if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() { return false } for !sigAndAlgs.Empty() { var sigAndAlg uint16 if !sigAndAlgs.ReadUint16(&sigAndAlg) { return false } m.supportedSignatureAlgorithms = append( m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg)) } case extensionSignatureAlgorithmsCert: var sigAndAlgs cryptobyte.String if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() { return false } for !sigAndAlgs.Empty() { var sigAndAlg uint16 if !sigAndAlgs.ReadUint16(&sigAndAlg) { return false } m.supportedSignatureAlgorithmsCert = append( m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg)) } case extensionCertificateAuthorities: var auths cryptobyte.String if !extData.ReadUint16LengthPrefixed(&auths) || auths.Empty() { return false } for !auths.Empty() { var ca []byte if !readUint16LengthPrefixed(&auths, &ca) || len(ca) == 0 { return false } m.certificateAuthorities = append(m.certificateAuthorities, ca) } default: // Ignore unknown extensions. continue } if !extData.Empty() { return false } } return true } type certificateMsg struct { raw []byte certificates [][]byte } func (m *certificateMsg) marshal() (x []byte) { if m.raw != nil { return m.raw } var i int for _, slice := range m.certificates { i += len(slice) } length := 3 + 3*len(m.certificates) + i x = make([]byte, 4+length) x[0] = typeCertificate x[1] = uint8(length >> 16) x[2] = uint8(length >> 8) x[3] = uint8(length) certificateOctets := length - 3 x[4] = uint8(certificateOctets >> 16) x[5] = uint8(certificateOctets >> 8) x[6] = uint8(certificateOctets) y := x[7:] for _, slice := range m.certificates { y[0] = uint8(len(slice) >> 16) y[1] = uint8(len(slice) >> 8) y[2] = uint8(len(slice)) copy(y[3:], slice) y = y[3+len(slice):] } m.raw = x return } func (m *certificateMsg) unmarshal(data []byte) bool { if len(data) < 7 { return false } m.raw = data certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6]) if uint32(len(data)) != certsLen+7 { return false } numCerts := 0 d := data[7:] for certsLen > 0 { if len(d) < 4 { return false } certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2]) if uint32(len(d)) < 3+certLen { return false } d = d[3+certLen:] certsLen -= 3 + certLen numCerts++ } m.certificates = make([][]byte, numCerts) d = data[7:] for i := 0; i < numCerts; i++ { certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2]) m.certificates[i] = d[3 : 3+certLen] d = d[3+certLen:] } return true } type certificateMsgTLS13 struct { raw []byte certificate Certificate ocspStapling bool scts bool } func (m *certificateMsgTLS13) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeCertificate) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8(0) // certificate_request_context certificate := m.certificate if !m.ocspStapling { certificate.OCSPStaple = nil } if !m.scts { certificate.SignedCertificateTimestamps = nil } marshalCertificate(b, certificate) }) m.raw = b.BytesOrPanic() return m.raw } func marshalCertificate(b *cryptobyte.Builder, certificate Certificate) { b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { for i, cert := range certificate.Certificate { b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(cert) }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { if i > 0 { // This library only supports OCSP and SCT for leaf certificates. return } if certificate.OCSPStaple != nil { b.AddUint16(extensionStatusRequest) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8(statusTypeOCSP) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(certificate.OCSPStaple) }) }) } if certificate.SignedCertificateTimestamps != nil { b.AddUint16(extensionSCT) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { for _, sct := range certificate.SignedCertificateTimestamps { b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(sct) }) } }) }) } }) } }) } func (m *certificateMsgTLS13) unmarshal(data []byte) bool { *m = certificateMsgTLS13{raw: data} s := cryptobyte.String(data) var context cryptobyte.String if !s.Skip(4) || // message type and uint24 length field !s.ReadUint8LengthPrefixed(&context) || !context.Empty() || !unmarshalCertificate(&s, &m.certificate) || !s.Empty() { return false } m.scts = m.certificate.SignedCertificateTimestamps != nil m.ocspStapling = m.certificate.OCSPStaple != nil return true } func unmarshalCertificate(s *cryptobyte.String, certificate *Certificate) bool { var certList cryptobyte.String if !s.ReadUint24LengthPrefixed(&certList) { return false } for !certList.Empty() { var cert []byte var extensions cryptobyte.String if !readUint24LengthPrefixed(&certList, &cert) || !certList.ReadUint16LengthPrefixed(&extensions) { return false } certificate.Certificate = append(certificate.Certificate, cert) for !extensions.Empty() { var extension uint16 var extData cryptobyte.String if !extensions.ReadUint16(&extension) || !extensions.ReadUint16LengthPrefixed(&extData) { return false } if len(certificate.Certificate) > 1 { // This library only supports OCSP and SCT for leaf certificates. continue } switch extension { case extensionStatusRequest: var statusType uint8 if !extData.ReadUint8(&statusType) || statusType != statusTypeOCSP || !readUint24LengthPrefixed(&extData, &certificate.OCSPStaple) || len(certificate.OCSPStaple) == 0 { return false } case extensionSCT: var sctList cryptobyte.String if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() { return false } for !sctList.Empty() { var sct []byte if !readUint16LengthPrefixed(&sctList, &sct) || len(sct) == 0 { return false } certificate.SignedCertificateTimestamps = append( certificate.SignedCertificateTimestamps, sct) } default: // Ignore unknown extensions. continue } if !extData.Empty() { return false } } } return true } type serverKeyExchangeMsg struct { raw []byte key []byte } func (m *serverKeyExchangeMsg) marshal() []byte { if m.raw != nil { return m.raw } length := len(m.key) x := make([]byte, length+4) x[0] = typeServerKeyExchange x[1] = uint8(length >> 16) x[2] = uint8(length >> 8) x[3] = uint8(length) copy(x[4:], m.key) m.raw = x return x } func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool { m.raw = data if len(data) < 4 { return false } m.key = data[4:] return true } type certificateStatusMsg struct { raw []byte response []byte } func (m *certificateStatusMsg) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeCertificateStatus) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddUint8(statusTypeOCSP) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.response) }) }) m.raw = b.BytesOrPanic() return m.raw } func (m *certificateStatusMsg) unmarshal(data []byte) bool { m.raw = data s := cryptobyte.String(data) var statusType uint8 if !s.Skip(4) || // message type and uint24 length field !s.ReadUint8(&statusType) || statusType != statusTypeOCSP || !readUint24LengthPrefixed(&s, &m.response) || len(m.response) == 0 || !s.Empty() { return false } return true } type serverHelloDoneMsg struct{} func (m *serverHelloDoneMsg) marshal() []byte { x := make([]byte, 4) x[0] = typeServerHelloDone return x } func (m *serverHelloDoneMsg) unmarshal(data []byte) bool { return len(data) == 4 } type clientKeyExchangeMsg struct { raw []byte ciphertext []byte } func (m *clientKeyExchangeMsg) marshal() []byte { if m.raw != nil { return m.raw } length := len(m.ciphertext) x := make([]byte, length+4) x[0] = typeClientKeyExchange x[1] = uint8(length >> 16) x[2] = uint8(length >> 8) x[3] = uint8(length) copy(x[4:], m.ciphertext) m.raw = x return x } func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool { m.raw = data if len(data) < 4 { return false } l := int(data[1])<<16 | int(data[2])<<8 | int(data[3]) if l != len(data)-4 { return false } m.ciphertext = data[4:] return true } type finishedMsg struct { raw []byte verifyData []byte } func (m *finishedMsg) marshal() []byte { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeFinished) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.verifyData) }) m.raw = b.BytesOrPanic() return m.raw } func (m *finishedMsg) unmarshal(data []byte) bool { m.raw = data s := cryptobyte.String(data) return s.Skip(1) && readUint24LengthPrefixed(&s, &m.verifyData) && s.Empty() } type certificateRequestMsg struct { raw []byte // hasSignatureAlgorithm indicates whether this message includes a list of // supported signature algorithms. This change was introduced with TLS 1.2. hasSignatureAlgorithm bool certificateTypes []byte supportedSignatureAlgorithms []SignatureScheme certificateAuthorities [][]byte } func (m *certificateRequestMsg) marshal() (x []byte) { if m.raw != nil { return m.raw } // See RFC 4346, Section 7.4.4. length := 1 + len(m.certificateTypes) + 2 casLength := 0 for _, ca := range m.certificateAuthorities { casLength += 2 + len(ca) } length += casLength if m.hasSignatureAlgorithm { length += 2 + 2*len(m.supportedSignatureAlgorithms) } x = make([]byte, 4+length) x[0] = typeCertificateRequest x[1] = uint8(length >> 16) x[2] = uint8(length >> 8) x[3] = uint8(length) x[4] = uint8(len(m.certificateTypes)) copy(x[5:], m.certificateTypes) y := x[5+len(m.certificateTypes):] if m.hasSignatureAlgorithm { n := len(m.supportedSignatureAlgorithms) * 2 y[0] = uint8(n >> 8) y[1] = uint8(n) y = y[2:] for _, sigAlgo := range m.supportedSignatureAlgorithms { y[0] = uint8(sigAlgo >> 8) y[1] = uint8(sigAlgo) y = y[2:] } } y[0] = uint8(casLength >> 8) y[1] = uint8(casLength) y = y[2:] for _, ca := range m.certificateAuthorities { y[0] = uint8(len(ca) >> 8) y[1] = uint8(len(ca)) y = y[2:] copy(y, ca) y = y[len(ca):] } m.raw = x return } func (m *certificateRequestMsg) unmarshal(data []byte) bool { m.raw = data if len(data) < 5 { return false } length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) if uint32(len(data))-4 != length { return false } numCertTypes := int(data[4]) data = data[5:] if numCertTypes == 0 || len(data) <= numCertTypes { return false } m.certificateTypes = make([]byte, numCertTypes) if copy(m.certificateTypes, data) != numCertTypes { return false } data = data[numCertTypes:] if m.hasSignatureAlgorithm { if len(data) < 2 { return false } sigAndHashLen := uint16(data[0])<<8 | uint16(data[1]) data = data[2:] if sigAndHashLen&1 != 0 { return false } if len(data) < int(sigAndHashLen) { return false } numSigAlgos := sigAndHashLen / 2 m.supportedSignatureAlgorithms = make([]SignatureScheme, numSigAlgos) for i := range m.supportedSignatureAlgorithms { m.supportedSignatureAlgorithms[i] = SignatureScheme(data[0])<<8 | SignatureScheme(data[1]) data = data[2:] } } if len(data) < 2 { return false } casLength := uint16(data[0])<<8 | uint16(data[1]) data = data[2:] if len(data) < int(casLength) { return false } cas := make([]byte, casLength) copy(cas, data) data = data[casLength:] m.certificateAuthorities = nil for len(cas) > 0 { if len(cas) < 2 { return false } caLen := uint16(cas[0])<<8 | uint16(cas[1]) cas = cas[2:] if len(cas) < int(caLen) { return false } m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen]) cas = cas[caLen:] } return len(data) == 0 } type certificateVerifyMsg struct { raw []byte hasSignatureAlgorithm bool // format change introduced in TLS 1.2 signatureAlgorithm SignatureScheme signature []byte } func (m *certificateVerifyMsg) marshal() (x []byte) { if m.raw != nil { return m.raw } var b cryptobyte.Builder b.AddUint8(typeCertificateVerify) b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) { if m.hasSignatureAlgorithm { b.AddUint16(uint16(m.signatureAlgorithm)) } b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.signature) }) }) m.raw = b.BytesOrPanic() return m.raw } func (m *certificateVerifyMsg) unmarshal(data []byte) bool { m.raw = data s := cryptobyte.String(data) if !s.Skip(4) { // message type and uint24 length field return false } if m.hasSignatureAlgorithm { if !s.ReadUint16((*uint16)(&m.signatureAlgorithm)) { return false } } return readUint16LengthPrefixed(&s, &m.signature) && s.Empty() } type newSessionTicketMsg struct { raw []byte ticket []byte } func (m *newSessionTicketMsg) marshal() (x []byte) { if m.raw != nil { return m.raw } // See RFC 5077, Section 3.3. ticketLen := len(m.ticket) length := 2 + 4 + ticketLen x = make([]byte, 4+length) x[0] = typeNewSessionTicket x[1] = uint8(length >> 16) x[2] = uint8(length >> 8) x[3] = uint8(length) x[8] = uint8(ticketLen >> 8) x[9] = uint8(ticketLen) copy(x[10:], m.ticket) m.raw = x return } func (m *newSessionTicketMsg) unmarshal(data []byte) bool { m.raw = data if len(data) < 10 { return false } length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3]) if uint32(len(data))-4 != length { return false } ticketLen := int(data[8])<<8 + int(data[9]) if len(data)-10 != ticketLen { return false } m.ticket = data[10:] return true } type helloRequestMsg struct { } func (*helloRequestMsg) marshal() []byte { return []byte{typeHelloRequest, 0, 0, 0} } func (*helloRequestMsg) unmarshal(data []byte) bool { return len(data) == 4 } golang-github-marten-seemann-qtls-0.10.0/handshake_messages_test.go000066400000000000000000000330101373277661100254250ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "math/rand" "reflect" "strings" "testing" "testing/quick" "time" ) var tests = []interface{}{ &clientHelloMsg{}, &serverHelloMsg{}, &finishedMsg{}, &certificateMsg{}, &certificateRequestMsg{}, &certificateVerifyMsg{ hasSignatureAlgorithm: true, }, &certificateStatusMsg{}, &clientKeyExchangeMsg{}, &newSessionTicketMsg{}, &sessionState{}, &sessionStateTLS13{}, &encryptedExtensionsMsg{}, &endOfEarlyDataMsg{}, &keyUpdateMsg{}, &newSessionTicketMsgTLS13{}, &certificateRequestMsgTLS13{}, &certificateMsgTLS13{}, } func TestMarshalUnmarshal(t *testing.T) { rand := rand.New(rand.NewSource(time.Now().UnixNano())) for i, iface := range tests { ty := reflect.ValueOf(iface).Type() n := 100 if testing.Short() { n = 5 } for j := 0; j < n; j++ { v, ok := quick.Value(ty, rand) if !ok { t.Errorf("#%d: failed to create value", i) break } m1 := v.Interface().(handshakeMessage) marshaled := m1.marshal() m2 := iface.(handshakeMessage) if !m2.unmarshal(marshaled) { t.Errorf("#%d failed to unmarshal %#v %x", i, m1, marshaled) break } m2.marshal() // to fill any marshal cache in the message if !reflect.DeepEqual(m1, m2) { t.Errorf("#%d got:%#v want:%#v %x", i, m2, m1, marshaled) break } if i >= 3 { // The first three message types (ClientHello, // ServerHello and Finished) are allowed to // have parsable prefixes because the extension // data is optional and the length of the // Finished varies across versions. for j := 0; j < len(marshaled); j++ { if m2.unmarshal(marshaled[0:j]) { t.Errorf("#%d unmarshaled a prefix of length %d of %#v", i, j, m1) break } } } } } } func TestFuzz(t *testing.T) { rand := rand.New(rand.NewSource(0)) for _, iface := range tests { m := iface.(handshakeMessage) for j := 0; j < 1000; j++ { len := rand.Intn(100) bytes := randomBytes(len, rand) // This just looks for crashes due to bounds errors etc. m.unmarshal(bytes) } } } func randomBytes(n int, rand *rand.Rand) []byte { r := make([]byte, n) if _, err := rand.Read(r); err != nil { panic("rand.Read failed: " + err.Error()) } return r } func randomString(n int, rand *rand.Rand) string { b := randomBytes(n, rand) return string(b) } func (*clientHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &clientHelloMsg{} m.vers = uint16(rand.Intn(65536)) m.random = randomBytes(32, rand) m.sessionId = randomBytes(rand.Intn(32), rand) m.cipherSuites = make([]uint16, rand.Intn(63)+1) for i := 0; i < len(m.cipherSuites); i++ { cs := uint16(rand.Int31()) if cs == scsvRenegotiation { cs += 1 } m.cipherSuites[i] = cs } m.compressionMethods = randomBytes(rand.Intn(63)+1, rand) if rand.Intn(10) > 5 { m.serverName = randomString(rand.Intn(255), rand) for strings.HasSuffix(m.serverName, ".") { m.serverName = m.serverName[:len(m.serverName)-1] } } m.ocspStapling = rand.Intn(10) > 5 m.supportedPoints = randomBytes(rand.Intn(5)+1, rand) m.supportedCurves = make([]CurveID, rand.Intn(5)+1) for i := range m.supportedCurves { m.supportedCurves[i] = CurveID(rand.Intn(30000) + 1) } if rand.Intn(10) > 5 { m.ticketSupported = true if rand.Intn(10) > 5 { m.sessionTicket = randomBytes(rand.Intn(300), rand) } else { m.sessionTicket = make([]byte, 0) } } if rand.Intn(10) > 5 { m.supportedSignatureAlgorithms = supportedSignatureAlgorithms } if rand.Intn(10) > 5 { m.supportedSignatureAlgorithmsCert = supportedSignatureAlgorithms } for i := 0; i < rand.Intn(5); i++ { m.alpnProtocols = append(m.alpnProtocols, randomString(rand.Intn(20)+1, rand)) } if rand.Intn(10) > 5 { m.scts = true } if rand.Intn(10) > 5 { m.secureRenegotiationSupported = true m.secureRenegotiation = randomBytes(rand.Intn(50)+1, rand) } for i := 0; i < rand.Intn(5); i++ { m.supportedVersions = append(m.supportedVersions, uint16(rand.Intn(0xffff)+1)) } if rand.Intn(10) > 5 { m.cookie = randomBytes(rand.Intn(500)+1, rand) } for i := 0; i < rand.Intn(5); i++ { var ks keyShare ks.group = CurveID(rand.Intn(30000) + 1) ks.data = randomBytes(rand.Intn(200)+1, rand) m.keyShares = append(m.keyShares, ks) } switch rand.Intn(3) { case 1: m.pskModes = []uint8{pskModeDHE} case 2: m.pskModes = []uint8{pskModeDHE, pskModePlain} } for i := 0; i < rand.Intn(5); i++ { var psk pskIdentity psk.obfuscatedTicketAge = uint32(rand.Intn(500000)) psk.label = randomBytes(rand.Intn(500)+1, rand) m.pskIdentities = append(m.pskIdentities, psk) m.pskBinders = append(m.pskBinders, randomBytes(rand.Intn(50)+32, rand)) } if rand.Intn(10) > 5 { m.earlyData = true } if numExt := rand.Intn(10); numExt > 0 { extType := 1000 + uint16(rand.Intn(5000)) length := rand.Intn(50) m.additionalExtensions = append(m.additionalExtensions, Extension{Type: extType, Data: randomBytes(length, rand)}) } return reflect.ValueOf(m) } func (*serverHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &serverHelloMsg{} m.vers = uint16(rand.Intn(65536)) m.random = randomBytes(32, rand) m.sessionId = randomBytes(rand.Intn(32), rand) m.cipherSuite = uint16(rand.Int31()) m.compressionMethod = uint8(rand.Intn(256)) m.supportedPoints = randomBytes(rand.Intn(5)+1, rand) if rand.Intn(10) > 5 { m.ocspStapling = true } if rand.Intn(10) > 5 { m.ticketSupported = true } if rand.Intn(10) > 5 { m.alpnProtocol = randomString(rand.Intn(32)+1, rand) } for i := 0; i < rand.Intn(4); i++ { m.scts = append(m.scts, randomBytes(rand.Intn(500)+1, rand)) } if rand.Intn(10) > 5 { m.secureRenegotiationSupported = true m.secureRenegotiation = randomBytes(rand.Intn(50)+1, rand) } if rand.Intn(10) > 5 { m.supportedVersion = uint16(rand.Intn(0xffff) + 1) } if rand.Intn(10) > 5 { m.cookie = randomBytes(rand.Intn(500)+1, rand) } if rand.Intn(10) > 5 { for i := 0; i < rand.Intn(5); i++ { m.serverShare.group = CurveID(rand.Intn(30000) + 1) m.serverShare.data = randomBytes(rand.Intn(200)+1, rand) } } else if rand.Intn(10) > 5 { m.selectedGroup = CurveID(rand.Intn(30000) + 1) } if rand.Intn(10) > 5 { m.selectedIdentityPresent = true m.selectedIdentity = uint16(rand.Intn(0xffff)) } return reflect.ValueOf(m) } func (*encryptedExtensionsMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &encryptedExtensionsMsg{} if rand.Intn(10) > 5 { m.alpnProtocol = randomString(rand.Intn(32)+1, rand) } if rand.Intn(10) > 5 { m.earlyData = true } if numExt := rand.Intn(4); numExt > 0 { for i := 0; i < numExt; i++ { extType := 1000 + uint16(rand.Intn(5000)) length := rand.Intn(50) m.additionalExtensions = append(m.additionalExtensions, Extension{Type: extType, Data: randomBytes(length, rand)}) } } return reflect.ValueOf(m) } func (*certificateMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &certificateMsg{} numCerts := rand.Intn(20) m.certificates = make([][]byte, numCerts) for i := 0; i < numCerts; i++ { m.certificates[i] = randomBytes(rand.Intn(10)+1, rand) } return reflect.ValueOf(m) } func (*certificateRequestMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &certificateRequestMsg{} m.certificateTypes = randomBytes(rand.Intn(5)+1, rand) for i := 0; i < rand.Intn(100); i++ { m.certificateAuthorities = append(m.certificateAuthorities, randomBytes(rand.Intn(15)+1, rand)) } return reflect.ValueOf(m) } func (*certificateVerifyMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &certificateVerifyMsg{} m.hasSignatureAlgorithm = true m.signatureAlgorithm = SignatureScheme(rand.Intn(30000)) m.signature = randomBytes(rand.Intn(15)+1, rand) return reflect.ValueOf(m) } func (*certificateStatusMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &certificateStatusMsg{} m.response = randomBytes(rand.Intn(10)+1, rand) return reflect.ValueOf(m) } func (*clientKeyExchangeMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &clientKeyExchangeMsg{} m.ciphertext = randomBytes(rand.Intn(1000)+1, rand) return reflect.ValueOf(m) } func (*finishedMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &finishedMsg{} m.verifyData = randomBytes(12, rand) return reflect.ValueOf(m) } func (*newSessionTicketMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &newSessionTicketMsg{} m.ticket = randomBytes(rand.Intn(4), rand) return reflect.ValueOf(m) } func (*sessionState) Generate(rand *rand.Rand, size int) reflect.Value { s := &sessionState{} s.vers = uint16(rand.Intn(10000)) s.cipherSuite = uint16(rand.Intn(10000)) s.masterSecret = randomBytes(rand.Intn(100), rand) numCerts := rand.Intn(20) s.certificates = make([][]byte, numCerts) for i := 0; i < numCerts; i++ { s.certificates[i] = randomBytes(rand.Intn(10)+1, rand) } return reflect.ValueOf(s) } func (*sessionStateTLS13) Generate(rand *rand.Rand, size int) reflect.Value { s := &sessionStateTLS13{} s.cipherSuite = uint16(rand.Intn(10000)) s.resumptionSecret = randomBytes(rand.Intn(100)+1, rand) s.createdAt = uint64(rand.Int63()) s.maxEarlyData = uint32(rand.Int31()) s.appData = randomBytes(rand.Intn(100)+1, rand) for i := 0; i < rand.Intn(2)+1; i++ { s.certificate.Certificate = append( s.certificate.Certificate, randomBytes(rand.Intn(500)+1, rand)) } if rand.Intn(10) > 5 { s.certificate.OCSPStaple = randomBytes(rand.Intn(100)+1, rand) } if rand.Intn(10) > 5 { for i := 0; i < rand.Intn(2)+1; i++ { s.certificate.SignedCertificateTimestamps = append( s.certificate.SignedCertificateTimestamps, randomBytes(rand.Intn(500)+1, rand)) } } s.alpn = randomString(6, rand) return reflect.ValueOf(s) } func (*endOfEarlyDataMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &endOfEarlyDataMsg{} return reflect.ValueOf(m) } func (*keyUpdateMsg) Generate(rand *rand.Rand, size int) reflect.Value { m := &keyUpdateMsg{} m.updateRequested = rand.Intn(10) > 5 return reflect.ValueOf(m) } func (*newSessionTicketMsgTLS13) Generate(rand *rand.Rand, size int) reflect.Value { m := &newSessionTicketMsgTLS13{} m.lifetime = uint32(rand.Intn(500000)) m.ageAdd = uint32(rand.Intn(500000)) m.nonce = randomBytes(rand.Intn(100), rand) m.label = randomBytes(rand.Intn(1000), rand) if rand.Intn(10) > 5 { m.maxEarlyData = uint32(rand.Intn(500000)) } return reflect.ValueOf(m) } func (*certificateRequestMsgTLS13) Generate(rand *rand.Rand, size int) reflect.Value { m := &certificateRequestMsgTLS13{} if rand.Intn(10) > 5 { m.ocspStapling = true } if rand.Intn(10) > 5 { m.scts = true } if rand.Intn(10) > 5 { m.supportedSignatureAlgorithms = supportedSignatureAlgorithms } if rand.Intn(10) > 5 { m.supportedSignatureAlgorithmsCert = supportedSignatureAlgorithms } if rand.Intn(10) > 5 { m.certificateAuthorities = make([][]byte, 3) for i := 0; i < 3; i++ { m.certificateAuthorities[i] = randomBytes(rand.Intn(10)+1, rand) } } return reflect.ValueOf(m) } func (*certificateMsgTLS13) Generate(rand *rand.Rand, size int) reflect.Value { m := &certificateMsgTLS13{} for i := 0; i < rand.Intn(2)+1; i++ { m.certificate.Certificate = append( m.certificate.Certificate, randomBytes(rand.Intn(500)+1, rand)) } if rand.Intn(10) > 5 { m.ocspStapling = true m.certificate.OCSPStaple = randomBytes(rand.Intn(100)+1, rand) } if rand.Intn(10) > 5 { m.scts = true for i := 0; i < rand.Intn(2)+1; i++ { m.certificate.SignedCertificateTimestamps = append( m.certificate.SignedCertificateTimestamps, randomBytes(rand.Intn(500)+1, rand)) } } return reflect.ValueOf(m) } func TestRejectEmptySCTList(t *testing.T) { // RFC 6962, Section 3.3.1 specifies that empty SCT lists are invalid. var random [32]byte sct := []byte{0x42, 0x42, 0x42, 0x42} serverHello := serverHelloMsg{ vers: VersionTLS12, random: random[:], scts: [][]byte{sct}, } serverHelloBytes := serverHello.marshal() var serverHelloCopy serverHelloMsg if !serverHelloCopy.unmarshal(serverHelloBytes) { t.Fatal("Failed to unmarshal initial message") } // Change serverHelloBytes so that the SCT list is empty i := bytes.Index(serverHelloBytes, sct) if i < 0 { t.Fatal("Cannot find SCT in ServerHello") } var serverHelloEmptySCT []byte serverHelloEmptySCT = append(serverHelloEmptySCT, serverHelloBytes[:i-6]...) // Append the extension length and SCT list length for an empty list. serverHelloEmptySCT = append(serverHelloEmptySCT, []byte{0, 2, 0, 0}...) serverHelloEmptySCT = append(serverHelloEmptySCT, serverHelloBytes[i+4:]...) // Update the handshake message length. serverHelloEmptySCT[1] = byte((len(serverHelloEmptySCT) - 4) >> 16) serverHelloEmptySCT[2] = byte((len(serverHelloEmptySCT) - 4) >> 8) serverHelloEmptySCT[3] = byte(len(serverHelloEmptySCT) - 4) // Update the extensions length serverHelloEmptySCT[42] = byte((len(serverHelloEmptySCT) - 44) >> 8) serverHelloEmptySCT[43] = byte((len(serverHelloEmptySCT) - 44)) if serverHelloCopy.unmarshal(serverHelloEmptySCT) { t.Fatal("Unmarshaled ServerHello with empty SCT list") } } func TestRejectEmptySCT(t *testing.T) { // Not only must the SCT list be non-empty, but the SCT elements must // not be zero length. var random [32]byte serverHello := serverHelloMsg{ vers: VersionTLS12, random: random[:], scts: [][]byte{nil}, } serverHelloBytes := serverHello.marshal() var serverHelloCopy serverHelloMsg if serverHelloCopy.unmarshal(serverHelloBytes) { t.Fatal("Unmarshaled ServerHello with zero-length SCT") } } golang-github-marten-seemann-qtls-0.10.0/handshake_server.go000066400000000000000000000544171373277661100241030ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "crypto" "crypto/ecdsa" "crypto/ed25519" "crypto/rsa" "crypto/subtle" "crypto/x509" "errors" "fmt" "io" "sync/atomic" ) // serverHandshakeState contains details of a server handshake in progress. // It's discarded once the handshake has completed. type serverHandshakeState struct { c *Conn clientHello *clientHelloMsg hello *serverHelloMsg suite *cipherSuite ecdheOk bool ecSignOk bool rsaDecryptOk bool rsaSignOk bool sessionState *sessionState finishedHash finishedHash masterSecret []byte cert *Certificate } // serverHandshake performs a TLS handshake as a server. func (c *Conn) serverHandshake() error { // If this is the first server handshake, we generate a random key to // encrypt the tickets with. c.config.serverInitOnce.Do(func() { c.config.serverInit(nil) }) c.setAlternativeRecordLayer() clientHello, err := c.readClientHello() if err != nil { return err } if c.vers == VersionTLS13 { hs := serverHandshakeStateTLS13{ c: c, clientHello: clientHello, } return hs.handshake() } hs := serverHandshakeState{ c: c, clientHello: clientHello, } return hs.handshake() } func (hs *serverHandshakeState) handshake() error { c := hs.c if err := hs.processClientHello(); err != nil { return err } // For an overview of TLS handshaking, see RFC 5246, Section 7.3. c.buffering = true if hs.checkForResumption() { // The client has included a session ticket and so we do an abbreviated handshake. if err := hs.doResumeHandshake(); err != nil { return err } if err := hs.establishKeys(); err != nil { return err } // ticketSupported is set in a resumption handshake if the // ticket from the client was encrypted with an old session // ticket key and thus a refreshed ticket should be sent. if hs.hello.ticketSupported { if err := hs.sendSessionTicket(); err != nil { return err } } if err := hs.sendFinished(c.serverFinished[:]); err != nil { return err } if _, err := c.flush(); err != nil { return err } c.clientFinishedIsFirst = false if err := hs.readFinished(nil); err != nil { return err } c.didResume = true } else { // The client didn't include a session ticket, or it wasn't // valid so we do a full handshake. if err := hs.pickCipherSuite(); err != nil { return err } if err := hs.doFullHandshake(); err != nil { return err } if err := hs.establishKeys(); err != nil { return err } if err := hs.readFinished(c.clientFinished[:]); err != nil { return err } c.clientFinishedIsFirst = true c.buffering = true if err := hs.sendSessionTicket(); err != nil { return err } if err := hs.sendFinished(nil); err != nil { return err } if _, err := c.flush(); err != nil { return err } } c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random) atomic.StoreUint32(&c.handshakeStatus, 1) return nil } // readClientHello reads a ClientHello message and selects the protocol version. func (c *Conn) readClientHello() (*clientHelloMsg, error) { msg, err := c.readHandshake() if err != nil { return nil, err } clientHello, ok := msg.(*clientHelloMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return nil, unexpectedMessageError(clientHello, msg) } if c.config.GetConfigForClient != nil { chi := clientHelloInfo(c, clientHello) if newConfig, err := c.config.GetConfigForClient(chi); err != nil { c.sendAlert(alertInternalError) return nil, err } else if newConfig != nil { newConfig.serverInitOnce.Do(func() { newConfig.serverInit(c.config) }) c.config = newConfig } } clientVersions := clientHello.supportedVersions if len(clientHello.supportedVersions) == 0 { clientVersions = supportedVersionsFromMax(clientHello.vers) } c.vers, ok = c.config.mutualVersion(clientVersions) if !ok { c.sendAlert(alertProtocolVersion) return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions) } c.haveVers = true c.in.version = c.vers c.out.version = c.vers return clientHello, nil } func (hs *serverHandshakeState) processClientHello() error { c := hs.c hs.hello = new(serverHelloMsg) hs.hello.vers = c.vers foundCompression := false // We only support null compression, so check that the client offered it. for _, compression := range hs.clientHello.compressionMethods { if compression == compressionNone { foundCompression = true break } } if !foundCompression { c.sendAlert(alertHandshakeFailure) return errors.New("tls: client does not support uncompressed connections") } hs.hello.random = make([]byte, 32) serverRandom := hs.hello.random // Downgrade protection canaries. See RFC 8446, Section 4.1.3. maxVers := c.config.maxSupportedVersion() if maxVers >= VersionTLS12 && c.vers < maxVers { if c.vers == VersionTLS12 { copy(serverRandom[24:], downgradeCanaryTLS12) } else { copy(serverRandom[24:], downgradeCanaryTLS11) } serverRandom = serverRandom[:24] } _, err := io.ReadFull(c.config.rand(), serverRandom) if err != nil { c.sendAlert(alertInternalError) return err } if len(hs.clientHello.secureRenegotiation) != 0 { c.sendAlert(alertHandshakeFailure) return errors.New("tls: initial handshake had non-empty renegotiation extension") } hs.hello.secureRenegotiationSupported = hs.clientHello.secureRenegotiationSupported hs.hello.compressionMethod = compressionNone if len(hs.clientHello.serverName) > 0 { c.serverName = hs.clientHello.serverName } if len(hs.clientHello.alpnProtocols) > 0 { if selectedProto, fallback := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); !fallback { hs.hello.alpnProtocol = selectedProto c.clientProtocol = selectedProto } } hs.cert, err = c.config.getCertificate(clientHelloInfo(c, hs.clientHello)) if err != nil { if err == errNoCertificates { c.sendAlert(alertUnrecognizedName) } else { c.sendAlert(alertInternalError) } return err } if hs.clientHello.scts { hs.hello.scts = hs.cert.SignedCertificateTimestamps } hs.ecdheOk = supportsECDHE(c.config, hs.clientHello.supportedCurves, hs.clientHello.supportedPoints) if hs.ecdheOk { // Although omitting the ec_point_formats extension is permitted, some // old OpenSSL version will refuse to handshake if not present. // // Per RFC 4492, section 5.1.2, implementations MUST support the // uncompressed point format. See golang.org/issue/31943. hs.hello.supportedPoints = []uint8{pointFormatUncompressed} } if priv, ok := hs.cert.PrivateKey.(crypto.Signer); ok { switch priv.Public().(type) { case *ecdsa.PublicKey: hs.ecSignOk = true case ed25519.PublicKey: hs.ecSignOk = true case *rsa.PublicKey: hs.rsaSignOk = true default: c.sendAlert(alertInternalError) return fmt.Errorf("tls: unsupported signing key type (%T)", priv.Public()) } } if priv, ok := hs.cert.PrivateKey.(crypto.Decrypter); ok { switch priv.Public().(type) { case *rsa.PublicKey: hs.rsaDecryptOk = true default: c.sendAlert(alertInternalError) return fmt.Errorf("tls: unsupported decryption key type (%T)", priv.Public()) } } return nil } // supportsECDHE returns whether ECDHE key exchanges can be used with this // pre-TLS 1.3 client. func supportsECDHE(c *Config, supportedCurves []CurveID, supportedPoints []uint8) bool { supportsCurve := false for _, curve := range supportedCurves { if c.supportsCurve(curve) { supportsCurve = true break } } supportsPointFormat := false for _, pointFormat := range supportedPoints { if pointFormat == pointFormatUncompressed { supportsPointFormat = true break } } return supportsCurve && supportsPointFormat } func (hs *serverHandshakeState) pickCipherSuite() error { c := hs.c var preferenceList, supportedList []uint16 if c.config.PreferServerCipherSuites { preferenceList = c.config.cipherSuites() supportedList = hs.clientHello.cipherSuites } else { preferenceList = hs.clientHello.cipherSuites supportedList = c.config.cipherSuites() } hs.suite = selectCipherSuite(preferenceList, supportedList, hs.cipherSuiteOk) if hs.suite == nil { c.sendAlert(alertHandshakeFailure) return errors.New("tls: no cipher suite supported by both client and server") } for _, id := range hs.clientHello.cipherSuites { if id == TLS_FALLBACK_SCSV { // The client is doing a fallback connection. See RFC 7507. if hs.clientHello.vers < c.config.maxSupportedVersion() { c.sendAlert(alertInappropriateFallback) return errors.New("tls: client using inappropriate protocol fallback") } break } } return nil } func (hs *serverHandshakeState) cipherSuiteOk(c *cipherSuite) bool { if c.flags&suiteECDHE != 0 { if !hs.ecdheOk { return false } if c.flags&suiteECSign != 0 { if !hs.ecSignOk { return false } } else if !hs.rsaSignOk { return false } } else if !hs.rsaDecryptOk { return false } if hs.c.vers < VersionTLS12 && c.flags&suiteTLS12 != 0 { return false } return true } // checkForResumption reports whether we should perform resumption on this connection. func (hs *serverHandshakeState) checkForResumption() bool { c := hs.c if c.config.SessionTicketsDisabled { return false } plaintext, usedOldKey := c.decryptTicket(hs.clientHello.sessionTicket) if plaintext == nil { return false } hs.sessionState = &sessionState{usedOldKey: usedOldKey} ok := hs.sessionState.unmarshal(plaintext) if !ok { return false } // Never resume a session for a different TLS version. if c.vers != hs.sessionState.vers { return false } cipherSuiteOk := false // Check that the client is still offering the ciphersuite in the session. for _, id := range hs.clientHello.cipherSuites { if id == hs.sessionState.cipherSuite { cipherSuiteOk = true break } } if !cipherSuiteOk { return false } // Check that we also support the ciphersuite from the session. hs.suite = selectCipherSuite([]uint16{hs.sessionState.cipherSuite}, c.config.cipherSuites(), hs.cipherSuiteOk) if hs.suite == nil { return false } sessionHasClientCerts := len(hs.sessionState.certificates) != 0 needClientCerts := requiresClientCert(c.config.ClientAuth) if needClientCerts && !sessionHasClientCerts { return false } if sessionHasClientCerts && c.config.ClientAuth == NoClientCert { return false } return true } func (hs *serverHandshakeState) doResumeHandshake() error { c := hs.c hs.hello.cipherSuite = hs.suite.id // We echo the client's session ID in the ServerHello to let it know // that we're doing a resumption. hs.hello.sessionId = hs.clientHello.sessionId hs.hello.ticketSupported = hs.sessionState.usedOldKey hs.finishedHash = newFinishedHash(c.vers, hs.suite) hs.finishedHash.discardHandshakeBuffer() hs.finishedHash.Write(hs.clientHello.marshal()) hs.finishedHash.Write(hs.hello.marshal()) if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil { return err } if err := c.processCertsFromClient(Certificate{ Certificate: hs.sessionState.certificates, }); err != nil { return err } hs.masterSecret = hs.sessionState.masterSecret return nil } func (hs *serverHandshakeState) doFullHandshake() error { c := hs.c if hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 { hs.hello.ocspStapling = true } hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled hs.hello.cipherSuite = hs.suite.id hs.finishedHash = newFinishedHash(hs.c.vers, hs.suite) if c.config.ClientAuth == NoClientCert { // No need to keep a full record of the handshake if client // certificates won't be used. hs.finishedHash.discardHandshakeBuffer() } hs.finishedHash.Write(hs.clientHello.marshal()) hs.finishedHash.Write(hs.hello.marshal()) if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil { return err } certMsg := new(certificateMsg) certMsg.certificates = hs.cert.Certificate hs.finishedHash.Write(certMsg.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil { return err } if hs.hello.ocspStapling { certStatus := new(certificateStatusMsg) certStatus.response = hs.cert.OCSPStaple hs.finishedHash.Write(certStatus.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certStatus.marshal()); err != nil { return err } } keyAgreement := hs.suite.ka(c.vers) skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello) if err != nil { c.sendAlert(alertHandshakeFailure) return err } if skx != nil { hs.finishedHash.Write(skx.marshal()) if _, err := c.writeRecord(recordTypeHandshake, skx.marshal()); err != nil { return err } } var certReq *certificateRequestMsg if c.config.ClientAuth >= RequestClientCert { // Request a client certificate certReq = new(certificateRequestMsg) certReq.certificateTypes = []byte{ byte(certTypeRSASign), byte(certTypeECDSASign), } if c.vers >= VersionTLS12 { certReq.hasSignatureAlgorithm = true certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms } // An empty list of certificateAuthorities signals to // the client that it may send any certificate in response // to our request. When we know the CAs we trust, then // we can send them down, so that the client can choose // an appropriate certificate to give to us. if c.config.ClientCAs != nil { certReq.certificateAuthorities = c.config.ClientCAs.Subjects() } hs.finishedHash.Write(certReq.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil { return err } } helloDone := new(serverHelloDoneMsg) hs.finishedHash.Write(helloDone.marshal()) if _, err := c.writeRecord(recordTypeHandshake, helloDone.marshal()); err != nil { return err } if _, err := c.flush(); err != nil { return err } var pub crypto.PublicKey // public key for client auth, if any msg, err := c.readHandshake() if err != nil { return err } // If we requested a client certificate, then the client must send a // certificate message, even if it's empty. if c.config.ClientAuth >= RequestClientCert { certMsg, ok := msg.(*certificateMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certMsg, msg) } hs.finishedHash.Write(certMsg.marshal()) if err := c.processCertsFromClient(Certificate{ Certificate: certMsg.certificates, }); err != nil { return err } if len(certMsg.certificates) != 0 { pub = c.peerCertificates[0].PublicKey } msg, err = c.readHandshake() if err != nil { return err } } // Get client key exchange ckx, ok := msg.(*clientKeyExchangeMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(ckx, msg) } hs.finishedHash.Write(ckx.marshal()) preMasterSecret, err := keyAgreement.processClientKeyExchange(c.config, hs.cert, ckx, c.vers) if err != nil { c.sendAlert(alertHandshakeFailure) return err } hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.clientHello.random, hs.hello.random) if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.clientHello.random, hs.masterSecret); err != nil { c.sendAlert(alertInternalError) return err } // If we received a client cert in response to our certificate request message, // the client will send us a certificateVerifyMsg immediately after the // clientKeyExchangeMsg. This message is a digest of all preceding // handshake-layer messages that is signed using the private key corresponding // to the client's certificate. This allows us to verify that the client is in // possession of the private key of the certificate. if len(c.peerCertificates) > 0 { msg, err = c.readHandshake() if err != nil { return err } certVerify, ok := msg.(*certificateVerifyMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certVerify, msg) } var sigType uint8 var sigHash crypto.Hash if c.vers >= VersionTLS12 { if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, certReq.supportedSignatureAlgorithms) { c.sendAlert(alertIllegalParameter) return errors.New("tls: client certificate used with invalid signature algorithm") } sigType, sigHash, err = typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm) if err != nil { return c.sendAlert(alertInternalError) } } else { sigType, sigHash, err = legacyTypeAndHashFromPublicKey(pub) if err != nil { c.sendAlert(alertIllegalParameter) return err } } signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret) if err := verifyHandshakeSignature(sigType, pub, sigHash, signed, certVerify.signature); err != nil { c.sendAlert(alertDecryptError) return errors.New("tls: invalid signature by the client certificate: " + err.Error()) } hs.finishedHash.Write(certVerify.marshal()) } hs.finishedHash.discardHandshakeBuffer() return nil } func (hs *serverHandshakeState) establishKeys() error { c := hs.c clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV := keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen) var clientCipher, serverCipher interface{} var clientHash, serverHash macFunction if hs.suite.aead == nil { clientCipher = hs.suite.cipher(clientKey, clientIV, true /* for reading */) clientHash = hs.suite.mac(c.vers, clientMAC) serverCipher = hs.suite.cipher(serverKey, serverIV, false /* not for reading */) serverHash = hs.suite.mac(c.vers, serverMAC) } else { clientCipher = hs.suite.aead(clientKey, clientIV) serverCipher = hs.suite.aead(serverKey, serverIV) } c.in.prepareCipherSpec(c.vers, clientCipher, clientHash) c.out.prepareCipherSpec(c.vers, serverCipher, serverHash) return nil } func (hs *serverHandshakeState) readFinished(out []byte) error { c := hs.c if err := c.readChangeCipherSpec(); err != nil { return err } msg, err := c.readHandshake() if err != nil { return err } clientFinished, ok := msg.(*finishedMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(clientFinished, msg) } verify := hs.finishedHash.clientSum(hs.masterSecret) if len(verify) != len(clientFinished.verifyData) || subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 { c.sendAlert(alertHandshakeFailure) return errors.New("tls: client's Finished message is incorrect") } hs.finishedHash.Write(clientFinished.marshal()) copy(out, verify) return nil } func (hs *serverHandshakeState) sendSessionTicket() error { if !hs.hello.ticketSupported { return nil } c := hs.c m := new(newSessionTicketMsg) var certsFromClient [][]byte for _, cert := range c.peerCertificates { certsFromClient = append(certsFromClient, cert.Raw) } state := sessionState{ vers: c.vers, cipherSuite: hs.suite.id, masterSecret: hs.masterSecret, certificates: certsFromClient, } var err error m.ticket, err = c.encryptTicket(state.marshal()) if err != nil { return err } hs.finishedHash.Write(m.marshal()) if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil { return err } return nil } func (hs *serverHandshakeState) sendFinished(out []byte) error { c := hs.c if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil { return err } finished := new(finishedMsg) finished.verifyData = hs.finishedHash.serverSum(hs.masterSecret) hs.finishedHash.Write(finished.marshal()) if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil { return err } c.cipherSuite = hs.suite.id copy(out, finished.verifyData) return nil } // processCertsFromClient takes a chain of client certificates either from a // Certificates message or from a sessionState and verifies them. It returns // the public key of the leaf certificate. func (c *Conn) processCertsFromClient(certificate Certificate) error { certificates := certificate.Certificate certs := make([]*x509.Certificate, len(certificates)) var err error for i, asn1Data := range certificates { if certs[i], err = x509.ParseCertificate(asn1Data); err != nil { c.sendAlert(alertBadCertificate) return errors.New("tls: failed to parse client certificate: " + err.Error()) } } if len(certs) == 0 && requiresClientCert(c.config.ClientAuth) { c.sendAlert(alertBadCertificate) return errors.New("tls: client didn't provide a certificate") } if c.config.ClientAuth >= VerifyClientCertIfGiven && len(certs) > 0 { opts := x509.VerifyOptions{ Roots: c.config.ClientCAs, CurrentTime: c.config.time(), Intermediates: x509.NewCertPool(), KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}, } for _, cert := range certs[1:] { opts.Intermediates.AddCert(cert) } chains, err := certs[0].Verify(opts) if err != nil { c.sendAlert(alertBadCertificate) return errors.New("tls: failed to verify client certificate: " + err.Error()) } c.verifiedChains = chains } if c.config.VerifyPeerCertificate != nil { if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil { c.sendAlert(alertBadCertificate) return err } } if len(certs) == 0 { return nil } switch certs[0].PublicKey.(type) { case *ecdsa.PublicKey, *rsa.PublicKey, ed25519.PublicKey: default: c.sendAlert(alertUnsupportedCertificate) return fmt.Errorf("tls: client certificate contains an unsupported public key of type %T", certs[0].PublicKey) } c.peerCertificates = certs c.ocspResponse = certificate.OCSPStaple c.scts = certificate.SignedCertificateTimestamps return nil } func clientHelloInfo(c *Conn, clientHello *clientHelloMsg) *ClientHelloInfo { supportedVersions := clientHello.supportedVersions if len(clientHello.supportedVersions) == 0 { supportedVersions = supportedVersionsFromMax(clientHello.vers) } return &ClientHelloInfo{ CipherSuites: clientHello.cipherSuites, ServerName: clientHello.serverName, SupportedCurves: clientHello.supportedCurves, SupportedPoints: clientHello.supportedPoints, SignatureSchemes: clientHello.supportedSignatureAlgorithms, SupportedProtos: clientHello.alpnProtocols, SupportedVersions: supportedVersions, Conn: c.conn, config: c.config, } } golang-github-marten-seemann-qtls-0.10.0/handshake_server_test.go000066400000000000000000001531001373277661100251270ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto" "crypto/elliptic" "crypto/x509" "encoding/pem" "errors" "fmt" "io" "net" "os" "os/exec" "path/filepath" "strings" "testing" "time" ) func testClientHello(t *testing.T, serverConfig *Config, m handshakeMessage) { testClientHelloFailure(t, serverConfig, m, "") } func testClientHelloFailure(t *testing.T, serverConfig *Config, m handshakeMessage, expectedSubStr string) { c, s := localPipe(t) go func() { cli := Client(c, testConfig) if ch, ok := m.(*clientHelloMsg); ok { cli.vers = ch.vers } cli.writeRecord(recordTypeHandshake, m.marshal()) c.Close() }() conn := Server(s, serverConfig) ch, err := conn.readClientHello() hs := serverHandshakeState{ c: conn, clientHello: ch, } if err == nil { err = hs.processClientHello() } if err == nil { err = hs.pickCipherSuite() } s.Close() if len(expectedSubStr) == 0 { if err != nil && err != io.EOF { t.Errorf("Got error: %s; expected to succeed", err) } } else if err == nil || !strings.Contains(err.Error(), expectedSubStr) { t.Errorf("Got error: %v; expected to match substring '%s'", err, expectedSubStr) } } func TestSimpleError(t *testing.T) { testClientHelloFailure(t, testConfig, &serverHelloDoneMsg{}, "unexpected handshake message") } var badProtocolVersions = []uint16{0x0000, 0x0005, 0x0100, 0x0105, 0x0200, 0x0205, VersionSSL30} func TestRejectBadProtocolVersion(t *testing.T) { config := testConfig.Clone() config.MinVersion = VersionSSL30 for _, v := range badProtocolVersions { testClientHelloFailure(t, config, &clientHelloMsg{ vers: v, random: make([]byte, 32), }, "unsupported versions") } testClientHelloFailure(t, config, &clientHelloMsg{ vers: VersionTLS12, supportedVersions: badProtocolVersions, random: make([]byte, 32), }, "unsupported versions") } func TestNoSuiteOverlap(t *testing.T) { clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{0xff00}, compressionMethods: []uint8{compressionNone}, } testClientHelloFailure(t, testConfig, clientHello, "no cipher suite supported by both client and server") } func TestNoCompressionOverlap(t *testing.T) { clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, compressionMethods: []uint8{0xff}, } testClientHelloFailure(t, testConfig, clientHello, "client does not support uncompressed connections") } func TestNoRC4ByDefault(t *testing.T) { clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, compressionMethods: []uint8{compressionNone}, } serverConfig := testConfig.Clone() // Reset the enabled cipher suites to nil in order to test the // defaults. serverConfig.CipherSuites = nil testClientHelloFailure(t, serverConfig, clientHello, "no cipher suite supported by both client and server") } func TestRejectSNIWithTrailingDot(t *testing.T) { testClientHelloFailure(t, testConfig, &clientHelloMsg{ vers: VersionTLS12, random: make([]byte, 32), serverName: "foo.com.", }, "unexpected message") } func TestDontSelectECDSAWithRSAKey(t *testing.T) { // Test that, even when both sides support an ECDSA cipher suite, it // won't be selected if the server's private key doesn't support it. clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA}, compressionMethods: []uint8{compressionNone}, supportedCurves: []CurveID{CurveP256}, supportedPoints: []uint8{pointFormatUncompressed}, } serverConfig := testConfig.Clone() serverConfig.CipherSuites = clientHello.cipherSuites serverConfig.Certificates = make([]Certificate, 1) serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate} serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey serverConfig.BuildNameToCertificate() // First test that it *does* work when the server's key is ECDSA. testClientHello(t, serverConfig, clientHello) // Now test that switching to an RSA key causes the expected error (and // not an internal error about a signing failure). serverConfig.Certificates = testConfig.Certificates testClientHelloFailure(t, serverConfig, clientHello, "no cipher suite supported by both client and server") } func TestDontSelectRSAWithECDSAKey(t *testing.T) { // Test that, even when both sides support an RSA cipher suite, it // won't be selected if the server's private key doesn't support it. clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA}, compressionMethods: []uint8{compressionNone}, supportedCurves: []CurveID{CurveP256}, supportedPoints: []uint8{pointFormatUncompressed}, } serverConfig := testConfig.Clone() serverConfig.CipherSuites = clientHello.cipherSuites // First test that it *does* work when the server's key is RSA. testClientHello(t, serverConfig, clientHello) // Now test that switching to an ECDSA key causes the expected error // (and not an internal error about a signing failure). serverConfig.Certificates = make([]Certificate, 1) serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate} serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey serverConfig.BuildNameToCertificate() testClientHelloFailure(t, serverConfig, clientHello, "no cipher suite supported by both client and server") } func TestRenegotiationExtension(t *testing.T) { clientHello := &clientHelloMsg{ vers: VersionTLS12, compressionMethods: []uint8{compressionNone}, random: make([]byte, 32), secureRenegotiationSupported: true, cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, } bufChan := make(chan []byte) c, s := localPipe(t) go func() { cli := Client(c, testConfig) cli.vers = clientHello.vers cli.writeRecord(recordTypeHandshake, clientHello.marshal()) buf := make([]byte, 1024) n, err := c.Read(buf) if err != nil { t.Errorf("Server read returned error: %s", err) return } c.Close() bufChan <- buf[:n] }() Server(s, testConfig).Handshake() buf := <-bufChan if len(buf) < 5+4 { t.Fatalf("Server returned short message of length %d", len(buf)) } // buf contains a TLS record, with a 5 byte record header and a 4 byte // handshake header. The length of the ServerHello is taken from the // handshake header. serverHelloLen := int(buf[6])<<16 | int(buf[7])<<8 | int(buf[8]) var serverHello serverHelloMsg // unmarshal expects to be given the handshake header, but // serverHelloLen doesn't include it. if !serverHello.unmarshal(buf[5 : 9+serverHelloLen]) { t.Fatalf("Failed to parse ServerHello") } if !serverHello.secureRenegotiationSupported { t.Errorf("Secure renegotiation extension was not echoed.") } } func TestTLS12OnlyCipherSuites(t *testing.T) { // Test that a Server doesn't select a TLS 1.2-only cipher suite when // the client negotiates TLS 1.1. clientHello := &clientHelloMsg{ vers: VersionTLS11, random: make([]byte, 32), cipherSuites: []uint16{ // The Server, by default, will use the client's // preference order. So the GCM cipher suite // will be selected unless it's excluded because // of the version in this ClientHello. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_RC4_128_SHA, }, compressionMethods: []uint8{compressionNone}, supportedCurves: []CurveID{CurveP256, CurveP384, CurveP521}, supportedPoints: []uint8{pointFormatUncompressed}, } c, s := localPipe(t) replyChan := make(chan interface{}) go func() { cli := Client(c, testConfig) cli.vers = clientHello.vers cli.writeRecord(recordTypeHandshake, clientHello.marshal()) reply, err := cli.readHandshake() c.Close() if err != nil { replyChan <- err } else { replyChan <- reply } }() config := testConfig.Clone() config.CipherSuites = clientHello.cipherSuites Server(s, config).Handshake() s.Close() reply := <-replyChan if err, ok := reply.(error); ok { t.Fatal(err) } serverHello, ok := reply.(*serverHelloMsg) if !ok { t.Fatalf("didn't get ServerHello message in reply. Got %v\n", reply) } if s := serverHello.cipherSuite; s != TLS_RSA_WITH_RC4_128_SHA { t.Fatalf("bad cipher suite from server: %x", s) } } func TestTLSPointFormats(t *testing.T) { // Test that a Server returns the ec_point_format extension when ECC is // negotiated, and not returned on RSA handshake. tests := []struct { name string cipherSuites []uint16 supportedCurves []CurveID supportedPoints []uint8 wantSupportedPoints bool }{ {"ECC", []uint16{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA}, []CurveID{CurveP256}, []uint8{compressionNone}, true}, {"RSA", []uint16{TLS_RSA_WITH_AES_256_GCM_SHA384}, nil, nil, false}, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { clientHello := &clientHelloMsg{ vers: VersionTLS12, random: make([]byte, 32), cipherSuites: tt.cipherSuites, compressionMethods: []uint8{compressionNone}, supportedCurves: tt.supportedCurves, supportedPoints: tt.supportedPoints, } c, s := localPipe(t) replyChan := make(chan interface{}) go func() { cli := Client(c, testConfig) cli.vers = clientHello.vers cli.writeRecord(recordTypeHandshake, clientHello.marshal()) reply, err := cli.readHandshake() c.Close() if err != nil { replyChan <- err } else { replyChan <- reply } }() config := testConfig.Clone() config.CipherSuites = clientHello.cipherSuites Server(s, config).Handshake() s.Close() reply := <-replyChan if err, ok := reply.(error); ok { t.Fatal(err) } serverHello, ok := reply.(*serverHelloMsg) if !ok { t.Fatalf("didn't get ServerHello message in reply. Got %v\n", reply) } if tt.wantSupportedPoints { if len(serverHello.supportedPoints) < 1 { t.Fatal("missing ec_point_format extension from server") } found := false for _, p := range serverHello.supportedPoints { if p == pointFormatUncompressed { found = true break } } if !found { t.Fatal("missing uncompressed format in ec_point_format extension from server") } } else { if len(serverHello.supportedPoints) != 0 { t.Fatalf("unexcpected ec_point_format extension from server: %v", serverHello.supportedPoints) } } }) } } func TestAlertForwarding(t *testing.T) { c, s := localPipe(t) go func() { Client(c, testConfig).sendAlert(alertUnknownCA) c.Close() }() err := Server(s, testConfig).Handshake() s.Close() if e, ok := err.(*net.OpError); !ok || e.Err != error(alertUnknownCA) { t.Errorf("Got error: %s; expected: %s", err, error(alertUnknownCA)) } } func TestClose(t *testing.T) { c, s := localPipe(t) go c.Close() err := Server(s, testConfig).Handshake() s.Close() if err != io.EOF { t.Errorf("Got error: %s; expected: %s", err, io.EOF) } } func TestVersion(t *testing.T) { serverConfig := &Config{ Certificates: testConfig.Certificates, MaxVersion: VersionTLS11, } clientConfig := &Config{ InsecureSkipVerify: true, } state, _, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.Version != VersionTLS11 { t.Fatalf("Incorrect version %x, should be %x", state.Version, VersionTLS11) } } func TestCipherSuitePreference(t *testing.T) { serverConfig := &Config{ CipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA}, Certificates: testConfig.Certificates, MaxVersion: VersionTLS11, } clientConfig := &Config{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_RC4_128_SHA}, InsecureSkipVerify: true, } state, _, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.CipherSuite != TLS_RSA_WITH_AES_128_CBC_SHA { // By default the server should use the client's preference. t.Fatalf("Client's preference was not used, got %x", state.CipherSuite) } serverConfig.PreferServerCipherSuites = true state, _, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.CipherSuite != TLS_RSA_WITH_RC4_128_SHA { t.Fatalf("Server's preference was not used, got %x", state.CipherSuite) } } func TestCipherSuitePreferenceTLS13(t *testing.T) { serverConfig := &Config{ CipherSuites: []uint16{TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256}, Certificates: testConfig.Certificates, } clientConfig := &Config{ CipherSuites: []uint16{TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_GCM_SHA256}, InsecureSkipVerify: true, } state, _, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.CipherSuite != TLS_CHACHA20_POLY1305_SHA256 { // By default the server should use the client's preference. t.Fatalf("Client's preference was not used, got %x", state.CipherSuite) } serverConfig.PreferServerCipherSuites = true state, _, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.CipherSuite != TLS_AES_128_GCM_SHA256 { t.Fatalf("Server's preference was not used, got %x", state.CipherSuite) } } func TestSCTHandshake(t *testing.T) { t.Run("TLSv12", func(t *testing.T) { testSCTHandshake(t, VersionTLS12) }) t.Run("TLSv13", func(t *testing.T) { testSCTHandshake(t, VersionTLS13) }) } func testSCTHandshake(t *testing.T, version uint16) { expected := [][]byte{[]byte("certificate"), []byte("transparency")} serverConfig := &Config{ Certificates: []Certificate{{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, SignedCertificateTimestamps: expected, }}, MaxVersion: version, } clientConfig := &Config{ InsecureSkipVerify: true, } _, state, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } actual := state.SignedCertificateTimestamps if len(actual) != len(expected) { t.Fatalf("got %d scts, want %d", len(actual), len(expected)) } for i, sct := range expected { if !bytes.Equal(sct, actual[i]) { t.Fatalf("SCT #%d was %x, but expected %x", i, actual[i], sct) } } } func TestCrossVersionResume(t *testing.T) { t.Run("TLSv12", func(t *testing.T) { testCrossVersionResume(t, VersionTLS12) }) t.Run("TLSv13", func(t *testing.T) { testCrossVersionResume(t, VersionTLS13) }) } func testCrossVersionResume(t *testing.T, version uint16) { serverConfig := &Config{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, Certificates: testConfig.Certificates, } clientConfig := &Config{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_CBC_SHA}, InsecureSkipVerify: true, ClientSessionCache: NewLRUClientSessionCache(1), ServerName: "servername", } // Establish a session at TLS 1.1. clientConfig.MaxVersion = VersionTLS11 _, _, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } // The client session cache now contains a TLS 1.1 session. state, _, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if !state.DidResume { t.Fatalf("handshake did not resume at the same version") } // Test that the server will decline to resume at a lower version. clientConfig.MaxVersion = VersionTLS10 state, _, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.DidResume { t.Fatalf("handshake resumed at a lower version") } // The client session cache now contains a TLS 1.0 session. state, _, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if !state.DidResume { t.Fatalf("handshake did not resume at the same version") } // Test that the server will decline to resume at a higher version. clientConfig.MaxVersion = VersionTLS11 state, _, err = testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatalf("handshake failed: %s", err) } if state.DidResume { t.Fatalf("handshake resumed at a higher version") } } // Note: see comment in handshake_test.go for details of how the reference // tests work. // serverTest represents a test of the TLS server handshake against a reference // implementation. type serverTest struct { // name is a freeform string identifying the test and the file in which // the expected results will be stored. name string // command, if not empty, contains a series of arguments for the // command to run for the reference server. command []string // expectedPeerCerts contains a list of PEM blocks of expected // certificates from the client. expectedPeerCerts []string // config, if not nil, contains a custom Config to use for this test. config *Config // expectHandshakeErrorIncluding, when not empty, contains a string // that must be a substring of the error resulting from the handshake. expectHandshakeErrorIncluding string // validate, if not nil, is a function that will be called with the // ConnectionState of the resulting connection. It returns false if the // ConnectionState is unacceptable. validate func(ConnectionState) error // wait, if true, prevents this subtest from calling t.Parallel. // If false, runServerTest* returns immediately. wait bool } var defaultClientCommand = []string{"openssl", "s_client", "-no_ticket"} // connFromCommand starts opens a listening socket and starts the reference // client to connect to it. It returns a recordingConn that wraps the resulting // connection. func (test *serverTest) connFromCommand() (conn *recordingConn, child *exec.Cmd, err error) { l, err := net.ListenTCP("tcp", &net.TCPAddr{ IP: net.IPv4(127, 0, 0, 1), Port: 0, }) if err != nil { return nil, nil, err } defer l.Close() port := l.Addr().(*net.TCPAddr).Port var command []string command = append(command, test.command...) if len(command) == 0 { command = defaultClientCommand } command = append(command, "-connect") command = append(command, fmt.Sprintf("127.0.0.1:%d", port)) cmd := exec.Command(command[0], command[1:]...) cmd.Stdin = nil var output bytes.Buffer cmd.Stdout = &output cmd.Stderr = &output if err := cmd.Start(); err != nil { return nil, nil, err } connChan := make(chan interface{}) go func() { tcpConn, err := l.Accept() if err != nil { connChan <- err } connChan <- tcpConn }() var tcpConn net.Conn select { case connOrError := <-connChan: if err, ok := connOrError.(error); ok { return nil, nil, err } tcpConn = connOrError.(net.Conn) case <-time.After(2 * time.Second): return nil, nil, errors.New("timed out waiting for connection from child process") } record := &recordingConn{ Conn: tcpConn, } return record, cmd, nil } func (test *serverTest) dataPath() string { return filepath.Join("testdata", "Server-"+test.name) } func (test *serverTest) loadData() (flows [][]byte, err error) { in, err := os.Open(test.dataPath()) if err != nil { return nil, err } defer in.Close() return parseTestData(in) } func (test *serverTest) run(t *testing.T, write bool) { var clientConn, serverConn net.Conn var recordingConn *recordingConn var childProcess *exec.Cmd if write { var err error recordingConn, childProcess, err = test.connFromCommand() if err != nil { t.Fatalf("Failed to start subcommand: %s", err) } serverConn = recordingConn defer func() { if t.Failed() { t.Logf("OpenSSL output:\n\n%s", childProcess.Stdout) } }() } else { clientConn, serverConn = localPipe(t) } config := test.config if config == nil { config = testConfig } server := Server(serverConn, config) connStateChan := make(chan ConnectionState, 1) go func() { _, err := server.Write([]byte("hello, world\n")) if len(test.expectHandshakeErrorIncluding) > 0 { if err == nil { t.Errorf("Error expected, but no error returned") } else if s := err.Error(); !strings.Contains(s, test.expectHandshakeErrorIncluding) { t.Errorf("Error expected containing '%s' but got '%s'", test.expectHandshakeErrorIncluding, s) } } else { if err != nil { t.Logf("Error from Server.Write: '%s'", err) } } server.Close() serverConn.Close() connStateChan <- server.ConnectionState() }() if !write { flows, err := test.loadData() if err != nil { t.Fatalf("%s: failed to load data from %s", test.name, test.dataPath()) } for i, b := range flows { if i%2 == 0 { if *fast { clientConn.SetWriteDeadline(time.Now().Add(1 * time.Second)) } else { clientConn.SetWriteDeadline(time.Now().Add(1 * time.Minute)) } clientConn.Write(b) continue } bb := make([]byte, len(b)) if *fast { clientConn.SetReadDeadline(time.Now().Add(1 * time.Second)) } else { clientConn.SetReadDeadline(time.Now().Add(1 * time.Minute)) } n, err := io.ReadFull(clientConn, bb) if err != nil { t.Fatalf("%s #%d: %s\nRead %d, wanted %d, got %x, wanted %x\n", test.name, i+1, err, n, len(bb), bb[:n], b) } if !bytes.Equal(b, bb) { t.Fatalf("%s #%d: mismatch on read: got:%x want:%x", test.name, i+1, bb, b) } } clientConn.Close() } connState := <-connStateChan peerCerts := connState.PeerCertificates if len(peerCerts) == len(test.expectedPeerCerts) { for i, peerCert := range peerCerts { block, _ := pem.Decode([]byte(test.expectedPeerCerts[i])) if !bytes.Equal(block.Bytes, peerCert.Raw) { t.Fatalf("%s: mismatch on peer cert %d", test.name, i+1) } } } else { t.Fatalf("%s: mismatch on peer list length: %d (wanted) != %d (got)", test.name, len(test.expectedPeerCerts), len(peerCerts)) } if test.validate != nil { if err := test.validate(connState); err != nil { t.Fatalf("validate callback returned error: %s", err) } } if write { path := test.dataPath() out, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) if err != nil { t.Fatalf("Failed to create output file: %s", err) } defer out.Close() recordingConn.Close() if len(recordingConn.flows) < 3 { if len(test.expectHandshakeErrorIncluding) == 0 { t.Fatalf("Handshake failed") } } recordingConn.WriteTo(out) t.Logf("Wrote %s\n", path) childProcess.Wait() } } func runServerTestForVersion(t *testing.T, template *serverTest, version, option string) { // Make a deep copy of the template before going parallel. test := *template if template.config != nil { test.config = template.config.Clone() } test.name = version + "-" + test.name if len(test.command) == 0 { test.command = defaultClientCommand } test.command = append([]string(nil), test.command...) test.command = append(test.command, option) runTestAndUpdateIfNeeded(t, version, test.run, test.wait) } func runServerTestTLS10(t *testing.T, template *serverTest) { runServerTestForVersion(t, template, "TLSv10", "-tls1") } func runServerTestTLS11(t *testing.T, template *serverTest) { runServerTestForVersion(t, template, "TLSv11", "-tls1_1") } func runServerTestTLS12(t *testing.T, template *serverTest) { runServerTestForVersion(t, template, "TLSv12", "-tls1_2") } func runServerTestTLS13(t *testing.T, template *serverTest) { runServerTestForVersion(t, template, "TLSv13", "-tls1_3") } func TestHandshakeServerRSARC4(t *testing.T) { test := &serverTest{ name: "RSA-RC4", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "RC4-SHA"}, } runServerTestTLS10(t, test) runServerTestTLS11(t, test) runServerTestTLS12(t, test) } func TestHandshakeServerRSA3DES(t *testing.T) { test := &serverTest{ name: "RSA-3DES", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "DES-CBC3-SHA"}, } runServerTestTLS10(t, test) runServerTestTLS12(t, test) } func TestHandshakeServerRSAAES(t *testing.T) { test := &serverTest{ name: "RSA-AES", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"}, } runServerTestTLS10(t, test) runServerTestTLS12(t, test) } func TestHandshakeServerAESGCM(t *testing.T) { test := &serverTest{ name: "RSA-AES-GCM", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256"}, } runServerTestTLS12(t, test) } func TestHandshakeServerAES256GCMSHA384(t *testing.T) { test := &serverTest{ name: "RSA-AES256-GCM-SHA384", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-RSA-AES256-GCM-SHA384"}, } runServerTestTLS12(t, test) } func TestHandshakeServerAES128SHA256(t *testing.T) { test := &serverTest{ name: "AES128-SHA256", command: []string{"openssl", "s_client", "-no_ticket", "-ciphersuites", "TLS_AES_128_GCM_SHA256"}, } runServerTestTLS13(t, test) } func TestHandshakeServerAES256SHA384(t *testing.T) { test := &serverTest{ name: "AES256-SHA384", command: []string{"openssl", "s_client", "-no_ticket", "-ciphersuites", "TLS_AES_256_GCM_SHA384"}, } runServerTestTLS13(t, test) } func TestHandshakeServerCHACHA20SHA256(t *testing.T) { test := &serverTest{ name: "CHACHA20-SHA256", command: []string{"openssl", "s_client", "-no_ticket", "-ciphersuites", "TLS_CHACHA20_POLY1305_SHA256"}, } runServerTestTLS13(t, test) } func TestHandshakeServerECDHEECDSAAES(t *testing.T) { config := testConfig.Clone() config.Certificates = make([]Certificate, 1) config.Certificates[0].Certificate = [][]byte{testECDSACertificate} config.Certificates[0].PrivateKey = testECDSAPrivateKey config.BuildNameToCertificate() test := &serverTest{ name: "ECDHE-ECDSA-AES", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-ECDSA-AES256-SHA", "-ciphersuites", "TLS_AES_128_GCM_SHA256"}, config: config, } runServerTestTLS10(t, test) runServerTestTLS12(t, test) runServerTestTLS13(t, test) } func TestHandshakeServerX25519(t *testing.T) { config := testConfig.Clone() config.CurvePreferences = []CurveID{X25519} test := &serverTest{ name: "X25519", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "X25519"}, config: config, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) } func TestHandshakeServerP256(t *testing.T) { config := testConfig.Clone() config.CurvePreferences = []CurveID{CurveP256} test := &serverTest{ name: "P256", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "ECDHE-RSA-AES128-GCM-SHA256", "-curves", "P-256"}, config: config, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) } func TestHandshakeServerHelloRetryRequest(t *testing.T) { config := testConfig.Clone() config.CurvePreferences = []CurveID{CurveP256} test := &serverTest{ name: "HelloRetryRequest", command: []string{"openssl", "s_client", "-no_ticket", "-curves", "X25519:P-256"}, config: config, } runServerTestTLS13(t, test) } func TestHandshakeServerALPN(t *testing.T) { config := testConfig.Clone() config.NextProtos = []string{"proto1", "proto2"} test := &serverTest{ name: "ALPN", // Note that this needs OpenSSL 1.0.2 because that is the first // version that supports the -alpn flag. command: []string{"openssl", "s_client", "-alpn", "proto2,proto1"}, config: config, validate: func(state ConnectionState) error { // The server's preferences should override the client. if state.NegotiatedProtocol != "proto1" { return fmt.Errorf("Got protocol %q, wanted proto1", state.NegotiatedProtocol) } return nil }, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) } func TestHandshakeServerEnforceALPNMatch(t *testing.T) { clientConn, serverConn := localPipe(t) serverConfig := testConfig.Clone() serverConfig.NextProtos = []string{"proto1", "proto2"} client := Client(clientConn, serverConfig) cErrChan := make(chan error) go func() { cErrChan <- client.Handshake() }() config := testConfig.Clone() config.NextProtos = []string{"proto3"} config.EnforceNextProtoSelection = true server := Server(serverConn, config) err := server.Handshake() if err == nil || err.Error() != "ALPN negotiation failed. Client offered: [\"proto1\" \"proto2\"]" { t.Fatalf("Expected APLN negotiation to fail, got %s", err) } cErr := <-cErrChan if cErr == nil || !strings.Contains(cErr.Error(), "no application protocol") { t.Fatalf("Expect 'no_application_protocol' error, got %s", cErr) } } func TestHandshakeServerALPNNoMatch(t *testing.T) { config := testConfig.Clone() config.NextProtos = []string{"proto3"} test := &serverTest{ name: "ALPN-NoMatch", // Note that this needs OpenSSL 1.0.2 because that is the first // version that supports the -alpn flag. command: []string{"openssl", "s_client", "-alpn", "proto2,proto1"}, config: config, validate: func(state ConnectionState) error { // Rather than reject the connection, Go doesn't select // a protocol when there is no overlap. if state.NegotiatedProtocol != "" { return fmt.Errorf("Got protocol %q, wanted ''", state.NegotiatedProtocol) } return nil }, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) } // TestHandshakeServerSNI involves a client sending an SNI extension of // "snitest.com", which happens to match the CN of testSNICertificate. The test // verifies that the server correctly selects that certificate. func TestHandshakeServerSNI(t *testing.T) { test := &serverTest{ name: "SNI", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-servername", "snitest.com"}, } runServerTestTLS12(t, test) } // TestHandshakeServerSNICertForName is similar to TestHandshakeServerSNI, but // tests the dynamic GetCertificate method func TestHandshakeServerSNIGetCertificate(t *testing.T) { config := testConfig.Clone() // Replace the NameToCertificate map with a GetCertificate function nameToCert := config.NameToCertificate config.NameToCertificate = nil config.GetCertificate = func(clientHello *ClientHelloInfo) (*Certificate, error) { cert := nameToCert[clientHello.ServerName] return cert, nil } test := &serverTest{ name: "SNI-GetCertificate", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-servername", "snitest.com"}, config: config, } runServerTestTLS12(t, test) } // TestHandshakeServerSNICertForNameNotFound is similar to // TestHandshakeServerSNICertForName, but tests to make sure that when the // GetCertificate method doesn't return a cert, we fall back to what's in // the NameToCertificate map. func TestHandshakeServerSNIGetCertificateNotFound(t *testing.T) { config := testConfig.Clone() config.GetCertificate = func(clientHello *ClientHelloInfo) (*Certificate, error) { return nil, nil } test := &serverTest{ name: "SNI-GetCertificateNotFound", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-servername", "snitest.com"}, config: config, } runServerTestTLS12(t, test) } // TestHandshakeServerSNICertForNameError tests to make sure that errors in // GetCertificate result in a tls alert. func TestHandshakeServerSNIGetCertificateError(t *testing.T) { const errMsg = "TestHandshakeServerSNIGetCertificateError error" serverConfig := testConfig.Clone() serverConfig.GetCertificate = func(clientHello *ClientHelloInfo) (*Certificate, error) { return nil, errors.New(errMsg) } clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, compressionMethods: []uint8{compressionNone}, serverName: "test", } testClientHelloFailure(t, serverConfig, clientHello, errMsg) } // TestHandshakeServerEmptyCertificates tests that GetCertificates is called in // the case that Certificates is empty, even without SNI. func TestHandshakeServerEmptyCertificates(t *testing.T) { const errMsg = "TestHandshakeServerEmptyCertificates error" serverConfig := testConfig.Clone() serverConfig.GetCertificate = func(clientHello *ClientHelloInfo) (*Certificate, error) { return nil, errors.New(errMsg) } serverConfig.Certificates = nil clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, compressionMethods: []uint8{compressionNone}, } testClientHelloFailure(t, serverConfig, clientHello, errMsg) // With an empty Certificates and a nil GetCertificate, the server // should always return a “no certificates” error. serverConfig.GetCertificate = nil clientHello = &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, compressionMethods: []uint8{compressionNone}, } testClientHelloFailure(t, serverConfig, clientHello, "no certificates") } // TestCipherSuiteCertPreferance ensures that we select an RSA ciphersuite with // an RSA certificate and an ECDSA ciphersuite with an ECDSA certificate. func TestCipherSuiteCertPreferenceECDSA(t *testing.T) { config := testConfig.Clone() config.CipherSuites = []uint16{TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA} config.PreferServerCipherSuites = true test := &serverTest{ name: "CipherSuiteCertPreferenceRSA", config: config, } runServerTestTLS12(t, test) config = testConfig.Clone() config.CipherSuites = []uint16{TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA} config.Certificates = []Certificate{ { Certificate: [][]byte{testECDSACertificate}, PrivateKey: testECDSAPrivateKey, }, } config.BuildNameToCertificate() config.PreferServerCipherSuites = true test = &serverTest{ name: "CipherSuiteCertPreferenceECDSA", config: config, } runServerTestTLS12(t, test) } func TestServerResumption(t *testing.T) { sessionFilePath := tempFile("") defer os.Remove(sessionFilePath) testIssue := &serverTest{ name: "IssueTicket", command: []string{"openssl", "s_client", "-cipher", "AES128-SHA", "-sess_out", sessionFilePath}, wait: true, } testResume := &serverTest{ name: "Resume", command: []string{"openssl", "s_client", "-cipher", "AES128-SHA", "-sess_in", sessionFilePath}, validate: func(state ConnectionState) error { if !state.DidResume { return errors.New("did not resume") } return nil }, } runServerTestTLS12(t, testIssue) runServerTestTLS12(t, testResume) runServerTestTLS13(t, testIssue) runServerTestTLS13(t, testResume) config := testConfig.Clone() config.CurvePreferences = []CurveID{CurveP256} testResumeHRR := &serverTest{ name: "Resume-HelloRetryRequest", command: []string{"openssl", "s_client", "-curves", "X25519:P-256", "-sess_in", sessionFilePath}, config: config, validate: func(state ConnectionState) error { if !state.DidResume { return errors.New("did not resume") } return nil }, } runServerTestTLS13(t, testResumeHRR) } func TestServerResumptionDisabled(t *testing.T) { sessionFilePath := tempFile("") defer os.Remove(sessionFilePath) config := testConfig.Clone() testIssue := &serverTest{ name: "IssueTicketPreDisable", command: []string{"openssl", "s_client", "-cipher", "AES128-SHA", "-sess_out", sessionFilePath}, config: config, wait: true, } testResume := &serverTest{ name: "ResumeDisabled", command: []string{"openssl", "s_client", "-cipher", "AES128-SHA", "-sess_in", sessionFilePath}, config: config, validate: func(state ConnectionState) error { if state.DidResume { return errors.New("resumed with SessionTicketsDisabled") } return nil }, } config.SessionTicketsDisabled = false runServerTestTLS12(t, testIssue) config.SessionTicketsDisabled = true runServerTestTLS12(t, testResume) config.SessionTicketsDisabled = false runServerTestTLS13(t, testIssue) config.SessionTicketsDisabled = true runServerTestTLS13(t, testResume) } func TestFallbackSCSV(t *testing.T) { serverConfig := Config{ Certificates: testConfig.Certificates, } test := &serverTest{ name: "FallbackSCSV", config: &serverConfig, // OpenSSL 1.0.1j is needed for the -fallback_scsv option. command: []string{"openssl", "s_client", "-fallback_scsv"}, expectHandshakeErrorIncluding: "inappropriate protocol fallback", } runServerTestTLS11(t, test) } func TestHandshakeServerExportKeyingMaterial(t *testing.T) { test := &serverTest{ name: "ExportKeyingMaterial", command: []string{"openssl", "s_client"}, config: testConfig.Clone(), validate: func(state ConnectionState) error { if km, err := state.ExportKeyingMaterial("test", nil, 42); err != nil { return fmt.Errorf("ExportKeyingMaterial failed: %v", err) } else if len(km) != 42 { return fmt.Errorf("Got %d bytes from ExportKeyingMaterial, wanted %d", len(km), 42) } return nil }, } runServerTestTLS10(t, test) runServerTestTLS12(t, test) runServerTestTLS13(t, test) } func TestHandshakeServerRSAPKCS1v15(t *testing.T) { test := &serverTest{ name: "RSA-RSAPKCS1v15", command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pkcs1_sha256"}, } runServerTestTLS12(t, test) } func TestHandshakeServerRSAPSS(t *testing.T) { // We send rsa_pss_rsae_sha512 first, as the test key won't fit, and we // verify the server implementation will disregard the client preference in // that case. See Issue 29793. test := &serverTest{ name: "RSA-RSAPSS", command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha512:rsa_pss_rsae_sha256"}, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) test = &serverTest{ name: "RSA-RSAPSS-TooSmall", command: []string{"openssl", "s_client", "-no_ticket", "-sigalgs", "rsa_pss_rsae_sha512"}, expectHandshakeErrorIncluding: "peer doesn't support any of the certificate's signature algorithms", } runServerTestTLS13(t, test) } func TestHandshakeServerEd25519(t *testing.T) { config := testConfig.Clone() config.Certificates = make([]Certificate, 1) config.Certificates[0].Certificate = [][]byte{testEd25519Certificate} config.Certificates[0].PrivateKey = testEd25519PrivateKey config.BuildNameToCertificate() test := &serverTest{ name: "Ed25519", command: []string{"openssl", "s_client", "-no_ticket"}, config: config, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) } func benchmarkHandshakeServer(b *testing.B, version uint16, cipherSuite uint16, curve CurveID, cert []byte, key crypto.PrivateKey) { config := testConfig.Clone() config.CipherSuites = []uint16{cipherSuite} config.CurvePreferences = []CurveID{curve} config.Certificates = make([]Certificate, 1) config.Certificates[0].Certificate = [][]byte{cert} config.Certificates[0].PrivateKey = key config.BuildNameToCertificate() clientConn, serverConn := localPipe(b) serverConn = &recordingConn{Conn: serverConn} go func() { config := testConfig.Clone() config.MaxVersion = version config.CurvePreferences = []CurveID{curve} client := Client(clientConn, config) client.Handshake() }() server := Server(serverConn, config) if err := server.Handshake(); err != nil { b.Fatalf("handshake failed: %v", err) } serverConn.Close() flows := serverConn.(*recordingConn).flows feeder := make(chan struct{}) clientConn, serverConn = localPipe(b) go func() { for range feeder { for i, f := range flows { if i%2 == 0 { clientConn.Write(f) continue } ff := make([]byte, len(f)) n, err := io.ReadFull(clientConn, ff) if err != nil { b.Errorf("#%d: %s\nRead %d, wanted %d, got %x, wanted %x\n", i+1, err, n, len(ff), ff[:n], f) } if !bytes.Equal(f, ff) { b.Errorf("#%d: mismatch on read: got:%x want:%x", i+1, ff, f) } } } }() b.ResetTimer() for i := 0; i < b.N; i++ { feeder <- struct{}{} server := Server(serverConn, config) if err := server.Handshake(); err != nil { b.Fatalf("handshake failed: %v", err) } } close(feeder) } func BenchmarkHandshakeServer(b *testing.B) { b.Run("RSA", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS12, TLS_RSA_WITH_AES_128_GCM_SHA256, 0, testRSACertificate, testRSAPrivateKey) }) b.Run("ECDHE-P256-RSA", func(b *testing.B) { b.Run("TLSv13", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS13, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, CurveP256, testRSACertificate, testRSAPrivateKey) }) b.Run("TLSv12", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS12, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, CurveP256, testRSACertificate, testRSAPrivateKey) }) }) b.Run("ECDHE-P256-ECDSA-P256", func(b *testing.B) { b.Run("TLSv13", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS13, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, CurveP256, testP256Certificate, testP256PrivateKey) }) b.Run("TLSv12", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS12, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, CurveP256, testP256Certificate, testP256PrivateKey) }) }) b.Run("ECDHE-X25519-ECDSA-P256", func(b *testing.B) { b.Run("TLSv13", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS13, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, X25519, testP256Certificate, testP256PrivateKey) }) b.Run("TLSv12", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS12, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, X25519, testP256Certificate, testP256PrivateKey) }) }) b.Run("ECDHE-P521-ECDSA-P521", func(b *testing.B) { if testECDSAPrivateKey.PublicKey.Curve != elliptic.P521() { b.Fatal("test ECDSA key doesn't use curve P-521") } b.Run("TLSv13", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS13, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, CurveP521, testECDSACertificate, testECDSAPrivateKey) }) b.Run("TLSv12", func(b *testing.B) { benchmarkHandshakeServer(b, VersionTLS12, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, CurveP521, testECDSACertificate, testECDSAPrivateKey) }) }) } func TestClientAuth(t *testing.T) { var certPath, keyPath, ecdsaCertPath, ecdsaKeyPath, ed25519CertPath, ed25519KeyPath string if *update { certPath = tempFile(clientCertificatePEM) defer os.Remove(certPath) keyPath = tempFile(clientKeyPEM) defer os.Remove(keyPath) ecdsaCertPath = tempFile(clientECDSACertificatePEM) defer os.Remove(ecdsaCertPath) ecdsaKeyPath = tempFile(clientECDSAKeyPEM) defer os.Remove(ecdsaKeyPath) ed25519CertPath = tempFile(clientEd25519CertificatePEM) defer os.Remove(ed25519CertPath) ed25519KeyPath = tempFile(clientEd25519KeyPEM) defer os.Remove(ed25519KeyPath) } else { t.Parallel() } config := testConfig.Clone() config.ClientAuth = RequestClientCert test := &serverTest{ name: "ClientAuthRequestedNotGiven", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA"}, config: config, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) test = &serverTest{ name: "ClientAuthRequestedAndGiven", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-cert", certPath, "-key", keyPath, "-client_sigalgs", "rsa_pss_rsae_sha256"}, config: config, expectedPeerCerts: []string{clientCertificatePEM}, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) test = &serverTest{ name: "ClientAuthRequestedAndECDSAGiven", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-cert", ecdsaCertPath, "-key", ecdsaKeyPath}, config: config, expectedPeerCerts: []string{clientECDSACertificatePEM}, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) test = &serverTest{ name: "ClientAuthRequestedAndEd25519Given", command: []string{"openssl", "s_client", "-no_ticket", "-cert", ed25519CertPath, "-key", ed25519KeyPath}, config: config, expectedPeerCerts: []string{clientEd25519CertificatePEM}, } runServerTestTLS12(t, test) runServerTestTLS13(t, test) test = &serverTest{ name: "ClientAuthRequestedAndPKCS1v15Given", command: []string{"openssl", "s_client", "-no_ticket", "-cipher", "AES128-SHA", "-cert", certPath, "-key", keyPath, "-client_sigalgs", "rsa_pkcs1_sha256"}, config: config, expectedPeerCerts: []string{clientCertificatePEM}, } runServerTestTLS12(t, test) } func TestSNIGivenOnFailure(t *testing.T) { const expectedServerName = "test.testing" clientHello := &clientHelloMsg{ vers: VersionTLS10, random: make([]byte, 32), cipherSuites: []uint16{TLS_RSA_WITH_RC4_128_SHA}, compressionMethods: []uint8{compressionNone}, serverName: expectedServerName, } serverConfig := testConfig.Clone() // Erase the server's cipher suites to ensure the handshake fails. serverConfig.CipherSuites = nil c, s := localPipe(t) go func() { cli := Client(c, testConfig) cli.vers = clientHello.vers cli.writeRecord(recordTypeHandshake, clientHello.marshal()) c.Close() }() conn := Server(s, serverConfig) ch, err := conn.readClientHello() hs := serverHandshakeState{ c: conn, clientHello: ch, } if err == nil { err = hs.processClientHello() } if err == nil { err = hs.pickCipherSuite() } defer s.Close() if err == nil { t.Error("No error reported from server") } cs := hs.c.ConnectionState() if cs.HandshakeComplete { t.Error("Handshake registered as complete") } if cs.ServerName != expectedServerName { t.Errorf("Expected ServerName of %q, but got %q", expectedServerName, cs.ServerName) } } var getConfigForClientTests = []struct { setup func(config *Config) callback func(clientHello *ClientHelloInfo) (*Config, error) errorSubstring string verify func(config *Config) error }{ { nil, func(clientHello *ClientHelloInfo) (*Config, error) { return nil, nil }, "", nil, }, { nil, func(clientHello *ClientHelloInfo) (*Config, error) { return nil, errors.New("should bubble up") }, "should bubble up", nil, }, { nil, func(clientHello *ClientHelloInfo) (*Config, error) { config := testConfig.Clone() // Setting a maximum version of TLS 1.1 should cause // the handshake to fail, as the client MinVersion is TLS 1.2. config.MaxVersion = VersionTLS11 return config, nil }, "client offered only unsupported versions", nil, }, { func(config *Config) { for i := range config.SessionTicketKey { config.SessionTicketKey[i] = byte(i) } config.sessionTicketKeys = nil }, func(clientHello *ClientHelloInfo) (*Config, error) { config := testConfig.Clone() for i := range config.SessionTicketKey { config.SessionTicketKey[i] = 0 } config.sessionTicketKeys = nil return config, nil }, "", func(config *Config) error { // The value of SessionTicketKey should have been // duplicated into the per-connection Config. for i := range config.SessionTicketKey { if b := config.SessionTicketKey[i]; b != byte(i) { return fmt.Errorf("SessionTicketKey was not duplicated from original Config: byte %d has value %d", i, b) } } return nil }, }, { func(config *Config) { var dummyKey [32]byte for i := range dummyKey { dummyKey[i] = byte(i) } config.SetSessionTicketKeys([][32]byte{dummyKey}) }, func(clientHello *ClientHelloInfo) (*Config, error) { config := testConfig.Clone() config.sessionTicketKeys = nil return config, nil }, "", func(config *Config) error { // The session ticket keys should have been duplicated // into the per-connection Config. if l := len(config.sessionTicketKeys); l != 1 { return fmt.Errorf("got len(sessionTicketKeys) == %d, wanted 1", l) } return nil }, }, } func TestGetConfigForClient(t *testing.T) { serverConfig := testConfig.Clone() clientConfig := testConfig.Clone() clientConfig.MinVersion = VersionTLS12 for i, test := range getConfigForClientTests { if test.setup != nil { test.setup(serverConfig) } var configReturned *Config serverConfig.GetConfigForClient = func(clientHello *ClientHelloInfo) (*Config, error) { config, err := test.callback(clientHello) configReturned = config return config, err } c, s := localPipe(t) done := make(chan error) go func() { defer s.Close() done <- Server(s, serverConfig).Handshake() }() clientErr := Client(c, clientConfig).Handshake() c.Close() serverErr := <-done if len(test.errorSubstring) == 0 { if serverErr != nil || clientErr != nil { t.Errorf("test[%d]: expected no error but got serverErr: %q, clientErr: %q", i, serverErr, clientErr) } if test.verify != nil { if err := test.verify(configReturned); err != nil { t.Errorf("test[%d]: verify returned error: %v", i, err) } } } else { if serverErr == nil { t.Errorf("test[%d]: expected error containing %q but got no error", i, test.errorSubstring) } else if !strings.Contains(serverErr.Error(), test.errorSubstring) { t.Errorf("test[%d]: expected error to contain %q but it was %q", i, test.errorSubstring, serverErr) } } } } func TestAdditionalExtensionsReceivedByServer(t *testing.T) { c, s := net.Pipe() done := make(chan bool) config := testConfig.Clone() config.MinVersion = VersionTLS13 config.MaxVersion = VersionTLS13 cconf := config.Clone() cconf.GetExtensions = func(_ uint8) []Extension { return []Extension{ {Type: 0x1337, Data: []byte("foobar")}, } } go func() { Client(s, cconf).Handshake() s.Close() done <- true }() var receivedExtensions bool sconf := config.Clone() sconf.ReceivedExtensions = func(handshakeMessageType uint8, exts []Extension) { receivedExtensions = true if handshakeMessageType != typeClientHello { t.Errorf("expected handshake message type to be %d, but got %d", typeClientHello, handshakeMessageType) } // TODO(#84): parse signature_algorithms_cert if len(exts) == 2 && exts[0].Type == 50 { exts = exts[1:] } if len(exts) != 1 { t.Errorf("expected to received 1 extension, got %d", len(exts)) } if exts[0].Type != 0x1337 { t.Errorf("expected extension type 0x1337, got %#x", exts[0].Type) } if string(exts[0].Data) != "foobar" { t.Errorf("expection extension data to be foobar, got %s", exts[0].Data) } } err := Server(c, sconf).Handshake() if err != nil { t.Errorf("expected client to complete handshake, got %s", err) } if !receivedExtensions { t.Errorf("expected client to receive extensions") } } func TestCloseServerConnectionOnIdleClient(t *testing.T) { clientConn, serverConn := localPipe(t) server := Server(serverConn, testConfig.Clone()) go func() { clientConn.Write([]byte{'0'}) server.Close() }() server.SetReadDeadline(time.Now().Add(time.Minute)) err := server.Handshake() if err != nil { if err, ok := err.(net.Error); ok && err.Timeout() { t.Errorf("Expected a closed network connection error but got '%s'", err.Error()) } } else { t.Errorf("Error expected, but no error returned") } } func TestCloneHash(t *testing.T) { h1 := crypto.SHA256.New() h1.Write([]byte("test")) s1 := h1.Sum(nil) h2 := cloneHash(h1, crypto.SHA256) s2 := h2.Sum(nil) if !bytes.Equal(s1, s2) { t.Error("cloned hash generated a different sum") } } func expectError(t *testing.T, err error, sub string) { if err == nil { t.Errorf(`expected error %q, got nil`, sub) } else if !strings.Contains(err.Error(), sub) { t.Errorf(`expected error %q, got %q`, sub, err) } } func TestKeyTooSmallForRSAPSS(t *testing.T) { cert, err := X509KeyPair([]byte(`-----BEGIN CERTIFICATE----- MIIBcTCCARugAwIBAgIQGjQnkCFlUqaFlt6ixyz/tDANBgkqhkiG9w0BAQsFADAS MRAwDgYDVQQKEwdBY21lIENvMB4XDTE5MDExODIzMjMyOFoXDTIwMDExODIzMjMy OFowEjEQMA4GA1UEChMHQWNtZSBDbzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDd ez1rFUDwax2HTxbcnFUP9AhcgEGMHVV2nn4VVEWFJB6I8C/Nkx0XyyQlrmFYBzEQ nIPhKls4T0hFoLvjJnXpAgMBAAGjTTBLMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE DDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAAMBYGA1UdEQQPMA2CC2V4YW1wbGUu Y29tMA0GCSqGSIb3DQEBCwUAA0EAxDuUS+BrrS3c+h+k+fQPOmOScy6yTX9mHw0Q KbucGamXYEy0URIwOdO0tQ3LHPc1YGvYSPwkDjkjqECs2Vm/AA== -----END CERTIFICATE-----`), []byte(testingKey(`-----BEGIN RSA TESTING KEY----- MIIBOgIBAAJBAN17PWsVQPBrHYdPFtycVQ/0CFyAQYwdVXaefhVURYUkHojwL82T HRfLJCWuYVgHMRCcg+EqWzhPSEWgu+MmdekCAwEAAQJBALjQYNTdXF4CFBbXwUz/ yt9QFDYT9B5WT/12jeGAe653gtYS6OOi/+eAkGmzg1GlRnw6fOfn+HYNFDORST7z 4j0CIQDn2xz9hVWQEu9ee3vecNT3f60huDGTNoRhtqgweQGX0wIhAPSLj1VcRZEz nKpbtU22+PbIMSJ+e80fmY9LIPx5N4HTAiAthGSimMR9bloz0EY3GyuUEyqoDgMd hXxjuno2WesoJQIgemilbcALXpxsLmZLgcQ2KSmaVr7jb5ECx9R+hYKTw1sCIG4s T+E0J8wlH24pgwQHzy7Ko2qLwn1b5PW8ecrlvP1g -----END RSA TESTING KEY-----`))) if err != nil { t.Fatal(err) } clientConn, serverConn := localPipe(t) client := Client(clientConn, testConfig) done := make(chan struct{}) go func() { config := testConfig.Clone() config.Certificates = []Certificate{cert} config.MinVersion = VersionTLS13 server := Server(serverConn, config) err := server.Handshake() expectError(t, err, "key size too small") close(done) }() err = client.Handshake() expectError(t, err, "handshake failure") <-done } func TestMultipleCertificates(t *testing.T) { clientConfig := testConfig.Clone() clientConfig.CipherSuites = []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256} clientConfig.MaxVersion = VersionTLS12 serverConfig := testConfig.Clone() serverConfig.Certificates = []Certificate{{ Certificate: [][]byte{testECDSACertificate}, PrivateKey: testECDSAPrivateKey, }, { Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, }} _, clientState, err := testHandshake(t, clientConfig, serverConfig) if err != nil { t.Fatal(err) } if got := clientState.PeerCertificates[0].PublicKeyAlgorithm; got != x509.RSA { t.Errorf("expected RSA certificate, got %v", got) } } golang-github-marten-seemann-qtls-0.10.0/handshake_server_tls13.go000066400000000000000000000637231373277661100251310ustar00rootroot00000000000000// Copyright 2018 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto" "crypto/hmac" "crypto/rsa" "errors" "fmt" "hash" "io" "sync/atomic" "time" ) // maxClientPSKIdentities is the number of client PSK identities the server will // attempt to validate. It will ignore the rest not to let cheap ClientHello // messages cause too much work in session ticket decryption attempts. const maxClientPSKIdentities = 5 type serverHandshakeStateTLS13 struct { c *Conn clientHello *clientHelloMsg hello *serverHelloMsg encryptedExtensions *encryptedExtensionsMsg sentDummyCCS bool usingPSK bool suite *cipherSuiteTLS13 cert *Certificate sigAlg SignatureScheme earlySecret []byte sharedKey []byte handshakeSecret []byte masterSecret []byte trafficSecret []byte // client_application_traffic_secret_0 transcript hash.Hash clientFinished []byte } func (hs *serverHandshakeStateTLS13) handshake() error { c := hs.c // For an overview of the TLS 1.3 handshake, see RFC 8446, Section 2. if err := hs.processClientHello(); err != nil { return err } if err := hs.checkForResumption(); err != nil { return err } if err := hs.pickCertificate(); err != nil { return err } c.buffering = true if err := hs.sendServerParameters(); err != nil { return err } if err := hs.sendServerCertificate(); err != nil { return err } if err := hs.sendServerFinished(); err != nil { return err } // Note that at this point we could start sending application data without // waiting for the client's second flight, but the application might not // expect the lack of replay protection of the ClientHello parameters. if _, err := c.flush(); err != nil { return err } if err := hs.readClientCertificate(); err != nil { return err } if err := hs.readClientFinished(); err != nil { return err } atomic.StoreUint32(&c.handshakeStatus, 1) return nil } func (hs *serverHandshakeStateTLS13) processClientHello() error { c := hs.c hs.hello = new(serverHelloMsg) hs.encryptedExtensions = new(encryptedExtensionsMsg) // TLS 1.3 froze the ServerHello.legacy_version field, and uses // supported_versions instead. See RFC 8446, sections 4.1.3 and 4.2.1. hs.hello.vers = VersionTLS12 hs.hello.supportedVersion = c.vers if len(hs.clientHello.supportedVersions) == 0 { c.sendAlert(alertIllegalParameter) return errors.New("tls: client used the legacy version field to negotiate TLS 1.3") } // Abort if the client is doing a fallback and landing lower than what we // support. See RFC 7507, which however does not specify the interaction // with supported_versions. The only difference is that with // supported_versions a client has a chance to attempt a [TLS 1.2, TLS 1.4] // handshake in case TLS 1.3 is broken but 1.2 is not. Alas, in that case, // it will have to drop the TLS_FALLBACK_SCSV protection if it falls back to // TLS 1.2, because a TLS 1.3 server would abort here. The situation before // supported_versions was not better because there was just no way to do a // TLS 1.4 handshake without risking the server selecting TLS 1.3. for _, id := range hs.clientHello.cipherSuites { if id == TLS_FALLBACK_SCSV { // Use c.vers instead of max(supported_versions) because an attacker // could defeat this by adding an arbitrary high version otherwise. if c.vers < c.config.maxSupportedVersion() { c.sendAlert(alertInappropriateFallback) return errors.New("tls: client using inappropriate protocol fallback") } break } } if len(hs.clientHello.compressionMethods) != 1 || hs.clientHello.compressionMethods[0] != compressionNone { c.sendAlert(alertIllegalParameter) return errors.New("tls: TLS 1.3 client supports illegal compression methods") } hs.hello.random = make([]byte, 32) if _, err := io.ReadFull(c.config.rand(), hs.hello.random); err != nil { c.sendAlert(alertInternalError) return err } if len(hs.clientHello.secureRenegotiation) != 0 { c.sendAlert(alertHandshakeFailure) return errors.New("tls: initial handshake had non-empty renegotiation extension") } hs.hello.sessionId = hs.clientHello.sessionId hs.hello.compressionMethod = compressionNone var preferenceList, supportedList, ourList []uint16 for _, suiteID := range c.config.CipherSuites { for _, suite := range cipherSuitesTLS13 { if suite.id == suiteID { ourList = append(ourList, suiteID) } } } if len(ourList) == 0 { ourList = defaultCipherSuitesTLS13() } if c.config.PreferServerCipherSuites { preferenceList = ourList supportedList = hs.clientHello.cipherSuites } else { preferenceList = hs.clientHello.cipherSuites supportedList = ourList } for _, suiteID := range preferenceList { hs.suite = mutualCipherSuiteTLS13(supportedList, suiteID) if hs.suite != nil { break } } if hs.suite == nil { c.sendAlert(alertHandshakeFailure) return errors.New("tls: no cipher suite supported by both client and server") } c.cipherSuite = hs.suite.id hs.hello.cipherSuite = hs.suite.id hs.transcript = hs.suite.hash.New() // Pick the ECDHE group in server preference order, but give priority to // groups with a key share, to avoid a HelloRetryRequest round-trip. var selectedGroup CurveID var clientKeyShare *keyShare GroupSelection: for _, preferredGroup := range c.config.curvePreferences() { for _, ks := range hs.clientHello.keyShares { if ks.group == preferredGroup { selectedGroup = ks.group clientKeyShare = &ks break GroupSelection } } if selectedGroup != 0 { continue } for _, group := range hs.clientHello.supportedCurves { if group == preferredGroup { selectedGroup = group break } } } if selectedGroup == 0 { c.sendAlert(alertHandshakeFailure) return errors.New("tls: no ECDHE curve supported by both client and server") } if clientKeyShare == nil { if err := hs.doHelloRetryRequest(selectedGroup); err != nil { return err } clientKeyShare = &hs.clientHello.keyShares[0] } if _, ok := curveForCurveID(selectedGroup); selectedGroup != X25519 && !ok { c.sendAlert(alertInternalError) return errors.New("tls: CurvePreferences includes unsupported curve") } params, err := generateECDHEParameters(c.config.rand(), selectedGroup) if err != nil { c.sendAlert(alertInternalError) return err } hs.hello.serverShare = keyShare{group: selectedGroup, data: params.PublicKey()} hs.sharedKey = params.SharedKey(clientKeyShare.data) if hs.sharedKey == nil { c.sendAlert(alertIllegalParameter) return errors.New("tls: invalid client key share") } c.serverName = hs.clientHello.serverName if c.config.ReceivedExtensions != nil { c.config.ReceivedExtensions(typeClientHello, hs.clientHello.additionalExtensions) } if len(hs.clientHello.alpnProtocols) > 0 { if selectedProto, fallback := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); !fallback { hs.encryptedExtensions.alpnProtocol = selectedProto c.clientProtocol = selectedProto } } return nil } func (hs *serverHandshakeStateTLS13) checkForResumption() error { c := hs.c if c.config.SessionTicketsDisabled { return nil } modeOK := false for _, mode := range hs.clientHello.pskModes { if mode == pskModeDHE { modeOK = true break } } if !modeOK { return nil } if len(hs.clientHello.pskIdentities) != len(hs.clientHello.pskBinders) { c.sendAlert(alertIllegalParameter) return errors.New("tls: invalid or missing PSK binders") } if len(hs.clientHello.pskIdentities) == 0 { return nil } for i, identity := range hs.clientHello.pskIdentities { if i >= maxClientPSKIdentities { break } plaintext, _ := c.decryptTicket(identity.label) if plaintext == nil { continue } sessionState := new(sessionStateTLS13) if ok := sessionState.unmarshal(plaintext); !ok { continue } if hs.clientHello.earlyData { if sessionState.maxEarlyData == 0 { c.sendAlert(alertUnsupportedExtension) return errors.New("tls: client sent unexpected early data") } if sessionState.alpn == c.clientProtocol && c.config.Accept0RTT != nil && c.config.Accept0RTT(sessionState.appData) { hs.encryptedExtensions.earlyData = true c.used0RTT = true } } createdAt := time.Unix(int64(sessionState.createdAt), 0) if c.config.time().Sub(createdAt) > maxSessionTicketLifetime { continue } // We don't check the obfuscated ticket age because it's affected by // clock skew and it's only a freshness signal useful for shrinking the // window for replay attacks, which don't affect us as we don't do 0-RTT. pskSuite := cipherSuiteTLS13ByID(sessionState.cipherSuite) if pskSuite == nil || pskSuite.hash != hs.suite.hash { continue } // PSK connections don't re-establish client certificates, but carry // them over in the session ticket. Ensure the presence of client certs // in the ticket is consistent with the configured requirements. sessionHasClientCerts := len(sessionState.certificate.Certificate) != 0 needClientCerts := requiresClientCert(c.config.ClientAuth) if needClientCerts && !sessionHasClientCerts { continue } if sessionHasClientCerts && c.config.ClientAuth == NoClientCert { continue } psk := hs.suite.expandLabel(sessionState.resumptionSecret, "resumption", nil, hs.suite.hash.Size()) hs.earlySecret = hs.suite.extract(psk, nil) binderKey := hs.suite.deriveSecret(hs.earlySecret, resumptionBinderLabel, nil) // Clone the transcript in case a HelloRetryRequest was recorded. transcript := cloneHash(hs.transcript, hs.suite.hash) if transcript == nil { c.sendAlert(alertInternalError) return errors.New("tls: internal error: failed to clone hash") } transcript.Write(hs.clientHello.marshalWithoutBinders()) pskBinder := hs.suite.finishedHash(binderKey, transcript) if !hmac.Equal(hs.clientHello.pskBinders[i], pskBinder) { c.sendAlert(alertDecryptError) return errors.New("tls: invalid PSK binder") } if err := c.processCertsFromClient(sessionState.certificate); err != nil { return err } h := cloneHash(hs.transcript, hs.suite.hash) h.Write(hs.clientHello.marshal()) if sessionState.maxEarlyData > 0 && c.config.MaxEarlyData > 0 { clientEarlySecret := hs.suite.deriveSecret(hs.earlySecret, "c e traffic", h) c.in.exportKey(Encryption0RTT, hs.suite, clientEarlySecret) if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hs.clientHello.random, clientEarlySecret); err != nil { c.sendAlert(alertInternalError) return err } } hs.hello.selectedIdentityPresent = true hs.hello.selectedIdentity = uint16(i) hs.usingPSK = true c.didResume = true return nil } return nil } // cloneHash uses the encoding.BinaryMarshaler and encoding.BinaryUnmarshaler // interfaces implemented by standard library hashes to clone the state of in // to a new instance of h. It returns nil if the operation fails. func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash { // Recreate the interface to avoid importing encoding. type binaryMarshaler interface { MarshalBinary() (data []byte, err error) UnmarshalBinary(data []byte) error } marshaler, ok := in.(binaryMarshaler) if !ok { return nil } state, err := marshaler.MarshalBinary() if err != nil { return nil } out := h.New() unmarshaler, ok := out.(binaryMarshaler) if !ok { return nil } if err := unmarshaler.UnmarshalBinary(state); err != nil { return nil } return out } func (hs *serverHandshakeStateTLS13) pickCertificate() error { c := hs.c // Only one of PSK and certificates are used at a time. if hs.usingPSK { return nil } // signature_algorithms is required in TLS 1.3. See RFC 8446, Section 4.2.3. if len(hs.clientHello.supportedSignatureAlgorithms) == 0 { return c.sendAlert(alertMissingExtension) } certificate, err := c.config.getCertificate(clientHelloInfo(c, hs.clientHello)) if err != nil { if err == errNoCertificates { c.sendAlert(alertUnrecognizedName) } else { c.sendAlert(alertInternalError) } return err } hs.sigAlg, err = selectSignatureScheme(c.vers, certificate, hs.clientHello.supportedSignatureAlgorithms) if err != nil { // getCertificate returned a certificate that is unsupported or // incompatible with the client's signature algorithms. c.sendAlert(alertHandshakeFailure) return err } hs.cert = certificate return nil } // sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility // with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4. func (hs *serverHandshakeStateTLS13) sendDummyChangeCipherSpec() error { if hs.sentDummyCCS { return nil } hs.sentDummyCCS = true _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1}) return err } func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID) error { c := hs.c // The first ClientHello gets double-hashed into the transcript upon a // HelloRetryRequest. See RFC 8446, Section 4.4.1. hs.transcript.Write(hs.clientHello.marshal()) chHash := hs.transcript.Sum(nil) hs.transcript.Reset() hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))}) hs.transcript.Write(chHash) helloRetryRequest := &serverHelloMsg{ vers: hs.hello.vers, random: helloRetryRequestRandom, sessionId: hs.hello.sessionId, cipherSuite: hs.hello.cipherSuite, compressionMethod: hs.hello.compressionMethod, supportedVersion: hs.hello.supportedVersion, selectedGroup: selectedGroup, } hs.transcript.Write(helloRetryRequest.marshal()) if _, err := c.writeRecord(recordTypeHandshake, helloRetryRequest.marshal()); err != nil { return err } if err := hs.sendDummyChangeCipherSpec(); err != nil { return err } msg, err := c.readHandshake() if err != nil { return err } clientHello, ok := msg.(*clientHelloMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(clientHello, msg) } if len(clientHello.keyShares) != 1 || clientHello.keyShares[0].group != selectedGroup { c.sendAlert(alertIllegalParameter) return errors.New("tls: client sent invalid key share in second ClientHello") } if clientHello.earlyData { c.sendAlert(alertIllegalParameter) return errors.New("tls: client indicated early data in second ClientHello") } if illegalClientHelloChange(clientHello, hs.clientHello) { c.sendAlert(alertIllegalParameter) return errors.New("tls: client illegally modified second ClientHello") } if clientHello.earlyData { c.sendAlert(alertIllegalParameter) return errors.New("tls: client offered 0-RTT data in second ClientHello") } hs.clientHello = clientHello return nil } // illegalClientHelloChange reports whether the two ClientHello messages are // different, with the exception of the changes allowed before and after a // HelloRetryRequest. See RFC 8446, Section 4.1.2. func illegalClientHelloChange(ch, ch1 *clientHelloMsg) bool { if len(ch.supportedVersions) != len(ch1.supportedVersions) || len(ch.cipherSuites) != len(ch1.cipherSuites) || len(ch.supportedCurves) != len(ch1.supportedCurves) || len(ch.supportedSignatureAlgorithms) != len(ch1.supportedSignatureAlgorithms) || len(ch.supportedSignatureAlgorithmsCert) != len(ch1.supportedSignatureAlgorithmsCert) || len(ch.alpnProtocols) != len(ch1.alpnProtocols) { return true } for i := range ch.supportedVersions { if ch.supportedVersions[i] != ch1.supportedVersions[i] { return true } } for i := range ch.cipherSuites { if ch.cipherSuites[i] != ch1.cipherSuites[i] { return true } } for i := range ch.supportedCurves { if ch.supportedCurves[i] != ch1.supportedCurves[i] { return true } } for i := range ch.supportedSignatureAlgorithms { if ch.supportedSignatureAlgorithms[i] != ch1.supportedSignatureAlgorithms[i] { return true } } for i := range ch.supportedSignatureAlgorithmsCert { if ch.supportedSignatureAlgorithmsCert[i] != ch1.supportedSignatureAlgorithmsCert[i] { return true } } for i := range ch.alpnProtocols { if ch.alpnProtocols[i] != ch1.alpnProtocols[i] { return true } } return ch.vers != ch1.vers || !bytes.Equal(ch.random, ch1.random) || !bytes.Equal(ch.sessionId, ch1.sessionId) || !bytes.Equal(ch.compressionMethods, ch1.compressionMethods) || ch.serverName != ch1.serverName || ch.ocspStapling != ch1.ocspStapling || !bytes.Equal(ch.supportedPoints, ch1.supportedPoints) || ch.ticketSupported != ch1.ticketSupported || !bytes.Equal(ch.sessionTicket, ch1.sessionTicket) || ch.secureRenegotiationSupported != ch1.secureRenegotiationSupported || !bytes.Equal(ch.secureRenegotiation, ch1.secureRenegotiation) || ch.scts != ch1.scts || !bytes.Equal(ch.cookie, ch1.cookie) || !bytes.Equal(ch.pskModes, ch1.pskModes) } func (hs *serverHandshakeStateTLS13) sendServerParameters() error { c := hs.c if c.config.EnforceNextProtoSelection && len(c.clientProtocol) == 0 { c.sendAlert(alertNoApplicationProtocol) return fmt.Errorf("ALPN negotiation failed. Client offered: %q", hs.clientHello.alpnProtocols) } hs.transcript.Write(hs.clientHello.marshal()) hs.transcript.Write(hs.hello.marshal()) if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil { return err } if err := hs.sendDummyChangeCipherSpec(); err != nil { return err } earlySecret := hs.earlySecret if earlySecret == nil { earlySecret = hs.suite.extract(nil, nil) } hs.handshakeSecret = hs.suite.extract(hs.sharedKey, hs.suite.deriveSecret(earlySecret, "derived", nil)) clientSecret := hs.suite.deriveSecret(hs.handshakeSecret, clientHandshakeTrafficLabel, hs.transcript) c.in.exportKey(EncryptionHandshake, hs.suite, clientSecret) c.in.setTrafficSecret(hs.suite, clientSecret) serverSecret := hs.suite.deriveSecret(hs.handshakeSecret, serverHandshakeTrafficLabel, hs.transcript) c.out.exportKey(EncryptionHandshake, hs.suite, serverSecret) c.out.setTrafficSecret(hs.suite, serverSecret) err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.clientHello.random, clientSecret) if err != nil { c.sendAlert(alertInternalError) return err } err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.clientHello.random, serverSecret) if err != nil { c.sendAlert(alertInternalError) return err } if hs.c.config.GetExtensions != nil { hs.encryptedExtensions.additionalExtensions = hs.c.config.GetExtensions(typeEncryptedExtensions) } hs.transcript.Write(hs.encryptedExtensions.marshal()) if _, err := c.writeRecord(recordTypeHandshake, hs.encryptedExtensions.marshal()); err != nil { return err } return nil } func (hs *serverHandshakeStateTLS13) requestClientCert() bool { return hs.c.config.ClientAuth >= RequestClientCert && !hs.usingPSK } func (hs *serverHandshakeStateTLS13) sendServerCertificate() error { c := hs.c // Only one of PSK and certificates are used at a time. if hs.usingPSK { return nil } if hs.requestClientCert() { // Request a client certificate certReq := new(certificateRequestMsgTLS13) certReq.ocspStapling = true certReq.scts = true certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms if c.config.ClientCAs != nil { certReq.certificateAuthorities = c.config.ClientCAs.Subjects() } hs.transcript.Write(certReq.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil { return err } } certMsg := new(certificateMsgTLS13) certMsg.certificate = *hs.cert certMsg.scts = hs.clientHello.scts && len(hs.cert.SignedCertificateTimestamps) > 0 certMsg.ocspStapling = hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 hs.transcript.Write(certMsg.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil { return err } certVerifyMsg := new(certificateVerifyMsg) certVerifyMsg.hasSignatureAlgorithm = true certVerifyMsg.signatureAlgorithm = hs.sigAlg sigType, sigHash, err := typeAndHashFromSignatureScheme(hs.sigAlg) if err != nil { return c.sendAlert(alertInternalError) } signed := signedMessage(sigHash, serverSignatureContext, hs.transcript) signOpts := crypto.SignerOpts(sigHash) if sigType == signatureRSAPSS { signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash} } sig, err := hs.cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts) if err != nil { public := hs.cert.PrivateKey.(crypto.Signer).Public() if rsaKey, ok := public.(*rsa.PublicKey); ok && sigType == signatureRSAPSS && rsaKey.N.BitLen()/8 < sigHash.Size()*2+2 { // key too small for RSA-PSS c.sendAlert(alertHandshakeFailure) } else { c.sendAlert(alertInternalError) } return errors.New("tls: failed to sign handshake: " + err.Error()) } certVerifyMsg.signature = sig hs.transcript.Write(certVerifyMsg.marshal()) if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil { return err } return nil } func (hs *serverHandshakeStateTLS13) sendServerFinished() error { c := hs.c finished := &finishedMsg{ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript), } hs.transcript.Write(finished.marshal()) if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil { return err } // Derive secrets that take context through the server Finished. hs.masterSecret = hs.suite.extract(nil, hs.suite.deriveSecret(hs.handshakeSecret, "derived", nil)) hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret, clientApplicationTrafficLabel, hs.transcript) serverSecret := hs.suite.deriveSecret(hs.masterSecret, serverApplicationTrafficLabel, hs.transcript) c.out.exportKey(EncryptionApplication, hs.suite, serverSecret) c.out.setTrafficSecret(hs.suite, serverSecret) err := c.config.writeKeyLog(keyLogLabelClientTraffic, hs.clientHello.random, hs.trafficSecret) if err != nil { c.sendAlert(alertInternalError) return err } err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.clientHello.random, serverSecret) if err != nil { c.sendAlert(alertInternalError) return err } c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript) // If we did not request client certificates, at this point we can // precompute the client finished and roll the transcript forward to send // session tickets in our first flight. if !hs.requestClientCert() { if err := hs.sendSessionTickets(); err != nil { return err } } return nil } func (hs *serverHandshakeStateTLS13) shouldSendSessionTickets() bool { if hs.c.config.SessionTicketsDisabled { return false } // Don't send tickets the client wouldn't use. See RFC 8446, Section 4.2.9. for _, pskMode := range hs.clientHello.pskModes { if pskMode == pskModeDHE { return true } } return false } func (hs *serverHandshakeStateTLS13) sendSessionTickets() error { c := hs.c hs.clientFinished = hs.suite.finishedHash(c.in.trafficSecret, hs.transcript) finishedMsg := &finishedMsg{ verifyData: hs.clientFinished, } hs.transcript.Write(finishedMsg.marshal()) if !hs.shouldSendSessionTickets() { return nil } c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret, resumptionLabel, hs.transcript) // Don't send session tickets when the alternative record layer is set. // Instead, save the resumption secret on the Conn. // Session tickets can then be generated by calling Conn.GetSessionTicket(). if hs.c.config.AlternativeRecordLayer != nil { return nil } m, err := hs.c.getSessionTicketMsg(nil) if err != nil { return err } if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil { return err } return nil } func (hs *serverHandshakeStateTLS13) readClientCertificate() error { c := hs.c if !hs.requestClientCert() { return nil } // If we requested a client certificate, then the client must send a // certificate message. If it's empty, no CertificateVerify is sent. msg, err := c.readHandshake() if err != nil { return err } certMsg, ok := msg.(*certificateMsgTLS13) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certMsg, msg) } hs.transcript.Write(certMsg.marshal()) if err := c.processCertsFromClient(certMsg.certificate); err != nil { return err } if len(certMsg.certificate.Certificate) != 0 { msg, err = c.readHandshake() if err != nil { return err } certVerify, ok := msg.(*certificateVerifyMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(certVerify, msg) } // See RFC 8446, Section 4.4.3. if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) { c.sendAlert(alertIllegalParameter) return errors.New("tls: client certificate used with invalid signature algorithm") } sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm) if err != nil { return c.sendAlert(alertInternalError) } if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 { c.sendAlert(alertIllegalParameter) return errors.New("tls: client certificate used with invalid signature algorithm") } signed := signedMessage(sigHash, clientSignatureContext, hs.transcript) if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey, sigHash, signed, certVerify.signature); err != nil { c.sendAlert(alertDecryptError) return errors.New("tls: invalid signature by the client certificate: " + err.Error()) } hs.transcript.Write(certVerify.marshal()) } // If we waited until the client certificates to send session tickets, we // are ready to do it now. if err := hs.sendSessionTickets(); err != nil { return err } return nil } func (hs *serverHandshakeStateTLS13) readClientFinished() error { c := hs.c msg, err := c.readHandshake() if err != nil { return err } finished, ok := msg.(*finishedMsg) if !ok { c.sendAlert(alertUnexpectedMessage) return unexpectedMessageError(finished, msg) } if !hmac.Equal(hs.clientFinished, finished.verifyData) { c.sendAlert(alertDecryptError) return errors.New("tls: invalid client finished hash") } c.in.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret) c.in.setTrafficSecret(hs.suite, hs.trafficSecret) return nil } golang-github-marten-seemann-qtls-0.10.0/handshake_test.go000066400000000000000000000575531373277661100235600ustar00rootroot00000000000000// Copyright 2013 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bufio" "crypto/ed25519" "crypto/x509" "encoding/hex" "errors" "flag" "fmt" "io" "io/ioutil" "net" "os" "os/exec" "runtime" "strconv" "strings" "sync" "testing" "time" ) // TLS reference tests run a connection against a reference implementation // (OpenSSL) of TLS and record the bytes of the resulting connection. The Go // code, during a test, is configured with deterministic randomness and so the // reference test can be reproduced exactly in the future. // // In order to save everyone who wishes to run the tests from needing the // reference implementation installed, the reference connections are saved in // files in the testdata directory. Thus running the tests involves nothing // external, but creating and updating them requires the reference // implementation. // // Tests can be updated by running them with the -update flag. This will cause // the test files for failing tests to be regenerated. Since the reference // implementation will always generate fresh random numbers, large parts of the // reference connection will always change. var ( update = flag.Bool("update", false, "update golden files on failure") fast = flag.Bool("fast", false, "impose a quick, possibly flaky timeout on recorded tests") keyFile = flag.String("keylog", "", "destination file for KeyLogWriter") ) func runTestAndUpdateIfNeeded(t *testing.T, name string, run func(t *testing.T, update bool), wait bool) { success := t.Run(name, func(t *testing.T) { if !*update && !wait { t.Parallel() } run(t, false) }) if !success && *update { t.Run(name+"#update", func(t *testing.T) { run(t, true) }) } } // checkOpenSSLVersion ensures that the version of OpenSSL looks reasonable // before updating the test data. func checkOpenSSLVersion() error { if !*update { return nil } openssl := exec.Command("openssl", "version") output, err := openssl.CombinedOutput() if err != nil { return err } version := string(output) if strings.HasPrefix(version, "OpenSSL 1.1.1") { return nil } println("***********************************************") println("") println("You need to build OpenSSL 1.1.1 from source in order") println("to update the test data.") println("") println("Configure it with:") println("./Configure enable-weak-ssl-ciphers") println("and then add the apps/ directory at the front of your PATH.") println("***********************************************") return errors.New("version of OpenSSL does not appear to be suitable for updating test data") } // recordingConn is a net.Conn that records the traffic that passes through it. // WriteTo can be used to produce output that can be later be loaded with // ParseTestData. type recordingConn struct { net.Conn sync.Mutex flows [][]byte reading bool } func (r *recordingConn) Read(b []byte) (n int, err error) { if n, err = r.Conn.Read(b); n == 0 { return } b = b[:n] r.Lock() defer r.Unlock() if l := len(r.flows); l == 0 || !r.reading { buf := make([]byte, len(b)) copy(buf, b) r.flows = append(r.flows, buf) } else { r.flows[l-1] = append(r.flows[l-1], b[:n]...) } r.reading = true return } func (r *recordingConn) Write(b []byte) (n int, err error) { if n, err = r.Conn.Write(b); n == 0 { return } b = b[:n] r.Lock() defer r.Unlock() if l := len(r.flows); l == 0 || r.reading { buf := make([]byte, len(b)) copy(buf, b) r.flows = append(r.flows, buf) } else { r.flows[l-1] = append(r.flows[l-1], b[:n]...) } r.reading = false return } // WriteTo writes Go source code to w that contains the recorded traffic. func (r *recordingConn) WriteTo(w io.Writer) (int64, error) { // TLS always starts with a client to server flow. clientToServer := true var written int64 for i, flow := range r.flows { source, dest := "client", "server" if !clientToServer { source, dest = dest, source } n, err := fmt.Fprintf(w, ">>> Flow %d (%s to %s)\n", i+1, source, dest) written += int64(n) if err != nil { return written, err } dumper := hex.Dumper(w) n, err = dumper.Write(flow) written += int64(n) if err != nil { return written, err } err = dumper.Close() if err != nil { return written, err } clientToServer = !clientToServer } return written, nil } func parseTestData(r io.Reader) (flows [][]byte, err error) { var currentFlow []byte scanner := bufio.NewScanner(r) for scanner.Scan() { line := scanner.Text() // If the line starts with ">>> " then it marks the beginning // of a new flow. if strings.HasPrefix(line, ">>> ") { if len(currentFlow) > 0 || len(flows) > 0 { flows = append(flows, currentFlow) currentFlow = nil } continue } // Otherwise the line is a line of hex dump that looks like: // 00000170 fc f5 06 bf (...) |.....X{&?......!| // (Some bytes have been omitted from the middle section.) if i := strings.IndexByte(line, ' '); i >= 0 { line = line[i:] } else { return nil, errors.New("invalid test data") } if i := strings.IndexByte(line, '|'); i >= 0 { line = line[:i] } else { return nil, errors.New("invalid test data") } hexBytes := strings.Fields(line) for _, hexByte := range hexBytes { val, err := strconv.ParseUint(hexByte, 16, 8) if err != nil { return nil, errors.New("invalid hex byte in test data: " + err.Error()) } currentFlow = append(currentFlow, byte(val)) } } if len(currentFlow) > 0 { flows = append(flows, currentFlow) } return flows, nil } // tempFile creates a temp file containing contents and returns its path. func tempFile(contents string) string { file, err := ioutil.TempFile("", "go-tls-test") if err != nil { panic("failed to create temp file: " + err.Error()) } path := file.Name() file.WriteString(contents) file.Close() return path } // localListener is set up by TestMain and used by localPipe to create Conn // pairs like net.Pipe, but connected by an actual buffered TCP connection. var localListener struct { mu sync.Mutex addr net.Addr ch chan net.Conn } const localFlakes = 0 // change to 1 or 2 to exercise localServer/localPipe handling of mismatches func localServer(l net.Listener) { for n := 0; ; n++ { c, err := l.Accept() if err != nil { return } if localFlakes == 1 && n%2 == 0 { c.Close() continue } localListener.ch <- c } } var isConnRefused = func(err error) bool { return false } func localPipe(t testing.TB) (net.Conn, net.Conn) { localListener.mu.Lock() defer localListener.mu.Unlock() addr := localListener.addr var err error Dialing: // We expect a rare mismatch, but probably not 5 in a row. for i := 0; i < 5; i++ { tooSlow := time.NewTimer(1 * time.Second) defer tooSlow.Stop() var c1 net.Conn c1, err = net.Dial(addr.Network(), addr.String()) if err != nil { if runtime.GOOS == "dragonfly" && (isConnRefused(err) || os.IsTimeout(err)) { // golang.org/issue/29583: Dragonfly sometimes returns a spurious // ECONNREFUSED or ETIMEDOUT. <-tooSlow.C continue } t.Fatalf("localPipe: %v", err) } if localFlakes == 2 && i == 0 { c1.Close() continue } for { select { case <-tooSlow.C: t.Logf("localPipe: timeout waiting for %v", c1.LocalAddr()) c1.Close() continue Dialing case c2 := <-localListener.ch: if c2.RemoteAddr().String() == c1.LocalAddr().String() { return c1, c2 } t.Logf("localPipe: unexpected connection: %v != %v", c2.RemoteAddr(), c1.LocalAddr()) c2.Close() } } } t.Fatalf("localPipe: failed to connect: %v", err) panic("unreachable") } // zeroSource is an io.Reader that returns an unlimited number of zero bytes. type zeroSource struct{} func (zeroSource) Read(b []byte) (n int, err error) { for i := range b { b[i] = 0 } return len(b), nil } func allCipherSuites() []uint16 { ids := make([]uint16, len(cipherSuites)) for i, suite := range cipherSuites { ids[i] = suite.id } return ids } var testConfig *Config func TestMain(m *testing.M) { flag.Parse() os.Exit(runMain(m)) } func runMain(m *testing.M) int { // TLS 1.3 cipher suites preferences are not configurable and change based // on the architecture. Force them to the version with AES acceleration for // test consistency. once.Do(initDefaultCipherSuites) varDefaultCipherSuitesTLS13 = []uint16{ TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_256_GCM_SHA384, } // Set up localPipe. l, err := net.Listen("tcp", "127.0.0.1:0") if err != nil { l, err = net.Listen("tcp6", "[::1]:0") } if err != nil { fmt.Fprintf(os.Stderr, "Failed to open local listener: %v", err) os.Exit(1) } localListener.ch = make(chan net.Conn) localListener.addr = l.Addr() defer l.Close() go localServer(l) if err := checkOpenSSLVersion(); err != nil { fmt.Fprintf(os.Stderr, "Error: %v", err) os.Exit(1) } testConfig = &Config{ Time: func() time.Time { return time.Unix(0, 0) }, Rand: zeroSource{}, Certificates: make([]Certificate, 2), InsecureSkipVerify: true, CipherSuites: allCipherSuites(), } testConfig.Certificates[0].Certificate = [][]byte{testRSACertificate} testConfig.Certificates[0].PrivateKey = testRSAPrivateKey testConfig.Certificates[1].Certificate = [][]byte{testSNICertificate} testConfig.Certificates[1].PrivateKey = testRSAPrivateKey testConfig.BuildNameToCertificate() if *keyFile != "" { f, err := os.OpenFile(*keyFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644) if err != nil { panic("failed to open -keylog file: " + err.Error()) } testConfig.KeyLogWriter = f defer f.Close() } return m.Run() } func testHandshake(t *testing.T, clientConfig, serverConfig *Config) (serverState, clientState ConnectionState, err error) { const sentinel = "SENTINEL\n" c, s := localPipe(t) errChan := make(chan error) go func() { cli := Client(c, clientConfig) err := cli.Handshake() if err != nil { errChan <- fmt.Errorf("client: %v", err) c.Close() return } defer cli.Close() clientState = cli.ConnectionState() buf, err := ioutil.ReadAll(cli) if err != nil { t.Errorf("failed to call cli.Read: %v", err) } if got := string(buf); got != sentinel { t.Errorf("read %q from TLS connection, but expected %q", got, sentinel) } errChan <- nil }() server := Server(s, serverConfig) err = server.Handshake() if err == nil { serverState = server.ConnectionState() if _, err := io.WriteString(server, sentinel); err != nil { t.Errorf("failed to call server.Write: %v", err) } if err := server.Close(); err != nil { t.Errorf("failed to call server.Close: %v", err) } err = <-errChan } else { s.Close() <-errChan } return } func fromHex(s string) []byte { b, _ := hex.DecodeString(s) return b } var testRSACertificate = fromHex("3082024b308201b4a003020102020900e8f09d3fe25beaa6300d06092a864886f70d01010b0500301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f74301e170d3136303130313030303030305a170d3235303130313030303030305a301a310b3009060355040a1302476f310b300906035504031302476f30819f300d06092a864886f70d010101050003818d0030818902818100db467d932e12270648bc062821ab7ec4b6a25dfe1e5245887a3647a5080d92425bc281c0be97799840fb4f6d14fd2b138bc2a52e67d8d4099ed62238b74a0b74732bc234f1d193e596d9747bf3589f6c613cc0b041d4d92b2b2423775b1c3bbd755dce2054cfa163871d1e24c4f31d1a508baab61443ed97a77562f414c852d70203010001a38193308190300e0603551d0f0101ff0404030205a0301d0603551d250416301406082b0601050507030106082b06010505070302300c0603551d130101ff0402300030190603551d0e041204109f91161f43433e49a6de6db680d79f60301b0603551d230414301280104813494d137e1631bba301d5acab6e7b30190603551d1104123010820e6578616d706c652e676f6c616e67300d06092a864886f70d01010b0500038181009d30cc402b5b50a061cbbae55358e1ed8328a9581aa938a495a1ac315a1a84663d43d32dd90bf297dfd320643892243a00bccf9c7db74020015faad3166109a276fd13c3cce10c5ceeb18782f16c04ed73bbb343778d0c1cf10fa1d8408361c94c722b9daedb4606064df4c1b33ec0d1bd42d4dbfe3d1360845c21d33be9fae7") var testRSACertificateIssuer = fromHex("3082021930820182a003020102020900ca5e4e811a965964300d06092a864886f70d01010b0500301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f74301e170d3136303130313030303030305a170d3235303130313030303030305a301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f7430819f300d06092a864886f70d010101050003818d0030818902818100d667b378bb22f34143b6cd2008236abefaf2852adf3ab05e01329e2c14834f5105df3f3073f99dab5442d45ee5f8f57b0111c8cb682fbb719a86944eebfffef3406206d898b8c1b1887797c9c5006547bb8f00e694b7a063f10839f269f2c34fff7a1f4b21fbcd6bfdfb13ac792d1d11f277b5c5b48600992203059f2a8f8cc50203010001a35d305b300e0603551d0f0101ff040403020204301d0603551d250416301406082b0601050507030106082b06010505070302300f0603551d130101ff040530030101ff30190603551d0e041204104813494d137e1631bba301d5acab6e7b300d06092a864886f70d01010b050003818100c1154b4bab5266221f293766ae4138899bd4c5e36b13cee670ceeaa4cbdf4f6679017e2fe649765af545749fe4249418a56bd38a04b81e261f5ce86b8d5c65413156a50d12449554748c59a30c515bc36a59d38bddf51173e899820b282e40aa78c806526fd184fb6b4cf186ec728edffa585440d2b3225325f7ab580e87dd76") // testRSAPSSCertificate has signatureAlgorithm rsassaPss, but subjectPublicKeyInfo // algorithm rsaEncryption, for use with the rsa_pss_rsae_* SignatureSchemes. // See also TestRSAPSSKeyError. testRSAPSSCertificate is self-signed. var testRSAPSSCertificate = fromHex("308202583082018da003020102021100f29926eb87ea8a0db9fcc247347c11b0304106092a864886f70d01010a3034a00f300d06096086480165030402010500a11c301a06092a864886f70d010108300d06096086480165030402010500a20302012030123110300e060355040a130741636d6520436f301e170d3137313132333136313631305a170d3138313132333136313631305a30123110300e060355040a130741636d6520436f30819f300d06092a864886f70d010101050003818d0030818902818100db467d932e12270648bc062821ab7ec4b6a25dfe1e5245887a3647a5080d92425bc281c0be97799840fb4f6d14fd2b138bc2a52e67d8d4099ed62238b74a0b74732bc234f1d193e596d9747bf3589f6c613cc0b041d4d92b2b2423775b1c3bbd755dce2054cfa163871d1e24c4f31d1a508baab61443ed97a77562f414c852d70203010001a3463044300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000300f0603551d110408300687047f000001304106092a864886f70d01010a3034a00f300d06096086480165030402010500a11c301a06092a864886f70d010108300d06096086480165030402010500a20302012003818100cdac4ef2ce5f8d79881042707f7cbf1b5a8a00ef19154b40151771006cd41626e5496d56da0c1a139fd84695593cb67f87765e18aa03ea067522dd78d2a589b8c92364e12838ce346c6e067b51f1a7e6f4b37ffab13f1411896679d18e880e0ba09e302ac067efca460288e9538122692297ad8093d4f7dd701424d7700a46a1") var testECDSACertificate = fromHex("3082020030820162020900b8bf2d47a0d2ebf4300906072a8648ce3d04013045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c7464301e170d3132313132323135303633325a170d3232313132303135303633325a3045310b3009060355040613024155311330110603550408130a536f6d652d53746174653121301f060355040a1318496e7465726e6574205769646769747320507479204c746430819b301006072a8648ce3d020106052b81040023038186000400c4a1edbe98f90b4873367ec316561122f23d53c33b4d213dcd6b75e6f6b0dc9adf26c1bcb287f072327cb3642f1c90bcea6823107efee325c0483a69e0286dd33700ef0462dd0da09c706283d881d36431aa9e9731bd96b068c09b23de76643f1a5c7fe9120e5858b65f70dd9bd8ead5d7f5d5ccb9b69f30665b669a20e227e5bffe3b300906072a8648ce3d040103818c0030818802420188a24febe245c5487d1bacf5ed989dae4770c05e1bb62fbdf1b64db76140d311a2ceee0b7e927eff769dc33b7ea53fcefa10e259ec472d7cacda4e970e15a06fd00242014dfcbe67139c2d050ebd3fa38c25c13313830d9406bbd4377af6ec7ac9862eddd711697f857c56defb31782be4c7780daecbbe9e4e3624317b6a0f399512078f2a") var testEd25519Certificate = fromHex("3082012e3081e1a00302010202100f431c425793941de987e4f1ad15005d300506032b657030123110300e060355040a130741636d6520436f301e170d3139303531363231333830315a170d3230303531353231333830315a30123110300e060355040a130741636d6520436f302a300506032b65700321003fe2152ee6e3ef3f4e854a7577a3649eede0bf842ccc92268ffa6f3483aaec8fa34d304b300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff0402300030160603551d11040f300d820b6578616d706c652e636f6d300506032b65700341006344ed9cc4be5324539fd2108d9fe82108909539e50dc155ff2c16b71dfcab7d4dd4e09313d0a942e0b66bfe5d6748d79f50bc6ccd4b03837cf20858cdaccf0c") var testSNICertificate = fromHex("0441883421114c81480804c430820237308201a0a003020102020900e8f09d3fe25beaa6300d06092a864886f70d01010b0500301f310b3009060355040a1302476f3110300e06035504031307476f20526f6f74301e170d3136303130313030303030305a170d3235303130313030303030305a3023310b3009060355040a1302476f311430120603550403130b736e69746573742e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100db467d932e12270648bc062821ab7ec4b6a25dfe1e5245887a3647a5080d92425bc281c0be97799840fb4f6d14fd2b138bc2a52e67d8d4099ed62238b74a0b74732bc234f1d193e596d9747bf3589f6c613cc0b041d4d92b2b2423775b1c3bbd755dce2054cfa163871d1e24c4f31d1a508baab61443ed97a77562f414c852d70203010001a3773075300e0603551d0f0101ff0404030205a0301d0603551d250416301406082b0601050507030106082b06010505070302300c0603551d130101ff0402300030190603551d0e041204109f91161f43433e49a6de6db680d79f60301b0603551d230414301280104813494d137e1631bba301d5acab6e7b300d06092a864886f70d01010b0500038181007beeecff0230dbb2e7a334af65430b7116e09f327c3bbf918107fc9c66cb497493207ae9b4dbb045cb63d605ec1b5dd485bb69124d68fa298dc776699b47632fd6d73cab57042acb26f083c4087459bc5a3bb3ca4d878d7fe31016b7bc9a627438666566e3389bfaeebe6becc9a0093ceed18d0f9ac79d56f3a73f18188988ed") var testP256Certificate = fromHex("308201693082010ea00302010202105012dc24e1124ade4f3e153326ff27bf300a06082a8648ce3d04030230123110300e060355040a130741636d6520436f301e170d3137303533313232343934375a170d3138303533313232343934375a30123110300e060355040a130741636d6520436f3059301306072a8648ce3d020106082a8648ce3d03010703420004c02c61c9b16283bbcc14956d886d79b358aa614596975f78cece787146abf74c2d5dc578c0992b4f3c631373479ebf3892efe53d21c4f4f1cc9a11c3536b7f75a3463044300e0603551d0f0101ff0404030205a030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000300f0603551d1104083006820474657374300a06082a8648ce3d0403020349003046022100963712d6226c7b2bef41512d47e1434131aaca3ba585d666c924df71ac0448b3022100f4d05c725064741aef125f243cdbccaa2a5d485927831f221c43023bd5ae471a") var testRSAPrivateKey, _ = x509.ParsePKCS1PrivateKey(fromHex("3082025b02010002818100db467d932e12270648bc062821ab7ec4b6a25dfe1e5245887a3647a5080d92425bc281c0be97799840fb4f6d14fd2b138bc2a52e67d8d4099ed62238b74a0b74732bc234f1d193e596d9747bf3589f6c613cc0b041d4d92b2b2423775b1c3bbd755dce2054cfa163871d1e24c4f31d1a508baab61443ed97a77562f414c852d702030100010281800b07fbcf48b50f1388db34b016298b8217f2092a7c9a04f77db6775a3d1279b62ee9951f7e371e9de33f015aea80660760b3951dc589a9f925ed7de13e8f520e1ccbc7498ce78e7fab6d59582c2386cc07ed688212a576ff37833bd5943483b5554d15a0b9b4010ed9bf09f207e7e9805f649240ed6c1256ed75ab7cd56d9671024100fded810da442775f5923debae4ac758390a032a16598d62f059bb2e781a9c2f41bfa015c209f966513fe3bf5a58717cbdb385100de914f88d649b7d15309fa49024100dd10978c623463a1802c52f012cfa72ff5d901f25a2292446552c2568b1840e49a312e127217c2186615aae4fb6602a4f6ebf3f3d160f3b3ad04c592f65ae41f02400c69062ca781841a09de41ed7a6d9f54adc5d693a2c6847949d9e1358555c9ac6a8d9e71653ac77beb2d3abaf7bb1183aa14278956575dbebf525d0482fd72d90240560fe1900ba36dae3022115fd952f2399fb28e2975a1c3e3d0b679660bdcb356cc189d611cfdd6d87cd5aea45aa30a2082e8b51e94c2f3dd5d5c6036a8a615ed0240143993d80ece56f877cb80048335701eb0e608cc0c1ca8c2227b52edf8f1ac99c562f2541b5ce81f0515af1c5b4770dba53383964b4b725ff46fdec3d08907df")) var testECDSAPrivateKey, _ = x509.ParseECPrivateKey(fromHex("3081dc0201010442019883e909ad0ac9ea3d33f9eae661f1785206970f8ca9a91672f1eedca7a8ef12bd6561bb246dda5df4b4d5e7e3a92649bc5d83a0bf92972e00e62067d0c7bd99d7a00706052b81040023a18189038186000400c4a1edbe98f90b4873367ec316561122f23d53c33b4d213dcd6b75e6f6b0dc9adf26c1bcb287f072327cb3642f1c90bcea6823107efee325c0483a69e0286dd33700ef0462dd0da09c706283d881d36431aa9e9731bd96b068c09b23de76643f1a5c7fe9120e5858b65f70dd9bd8ead5d7f5d5ccb9b69f30665b669a20e227e5bffe3b")) var testP256PrivateKey, _ = x509.ParseECPrivateKey(fromHex("30770201010420012f3b52bc54c36ba3577ad45034e2e8efe1e6999851284cb848725cfe029991a00a06082a8648ce3d030107a14403420004c02c61c9b16283bbcc14956d886d79b358aa614596975f78cece787146abf74c2d5dc578c0992b4f3c631373479ebf3892efe53d21c4f4f1cc9a11c3536b7f75")) var testEd25519PrivateKey = ed25519.PrivateKey(fromHex("3a884965e76b3f55e5faf9615458a92354894234de3ec9f684d46d55cebf3dc63fe2152ee6e3ef3f4e854a7577a3649eede0bf842ccc92268ffa6f3483aaec8f")) const clientCertificatePEM = ` -----BEGIN CERTIFICATE----- MIIB7zCCAVigAwIBAgIQXBnBiWWDVW/cC8m5k5/pvDANBgkqhkiG9w0BAQsFADAS MRAwDgYDVQQKEwdBY21lIENvMB4XDTE2MDgxNzIxNTIzMVoXDTE3MDgxNzIxNTIz MVowEjEQMA4GA1UEChMHQWNtZSBDbzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC gYEAum+qhr3Pv5/y71yUYHhv6BPy0ZZvzdkybiI3zkH5yl0prOEn2mGi7oHLEMff NFiVhuk9GeZcJ3NgyI14AvQdpJgJoxlwaTwlYmYqqyIjxXuFOE8uCXMyp70+m63K hAfmDzr/d8WdQYUAirab7rCkPy1MTOZCPrtRyN1IVPQMjkcCAwEAAaNGMEQwDgYD VR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAw DwYDVR0RBAgwBocEfwAAATANBgkqhkiG9w0BAQsFAAOBgQBGq0Si+yhU+Fpn+GKU 8ZqyGJ7ysd4dfm92lam6512oFmyc9wnTN+RLKzZ8Aa1B0jLYw9KT+RBrjpW5LBeK o0RIvFkTgxYEiKSBXCUNmAysEbEoVr4dzWFihAm/1oDGRY2CLLTYg5vbySK3KhIR e/oCO8HJ/+rJnahJ05XX1Q7lNQ== -----END CERTIFICATE-----` var clientKeyPEM = testingKey(` -----BEGIN RSA TESTING KEY----- MIICXQIBAAKBgQC6b6qGvc+/n/LvXJRgeG/oE/LRlm/N2TJuIjfOQfnKXSms4Sfa YaLugcsQx980WJWG6T0Z5lwnc2DIjXgC9B2kmAmjGXBpPCViZiqrIiPFe4U4Ty4J czKnvT6brcqEB+YPOv93xZ1BhQCKtpvusKQ/LUxM5kI+u1HI3UhU9AyORwIDAQAB AoGAEJZ03q4uuMb7b26WSQsOMeDsftdatT747LGgs3pNRkMJvTb/O7/qJjxoG+Mc qeSj0TAZXp+PXXc3ikCECAc+R8rVMfWdmp903XgO/qYtmZGCorxAHEmR80SrfMXv PJnznLQWc8U9nphQErR+tTESg7xWEzmFcPKwnZd1xg8ERYkCQQDTGtrFczlB2b/Z 9TjNMqUlMnTLIk/a/rPE2fLLmAYhK5sHnJdvDURaH2mF4nso0EGtENnTsh6LATnY dkrxXGm9AkEA4hXHG2q3MnhgK1Z5hjv+Fnqd+8bcbII9WW4flFs15EKoMgS1w/PJ zbsySaSy5IVS8XeShmT9+3lrleed4sy+UwJBAJOOAbxhfXP5r4+5R6ql66jES75w jUCVJzJA5ORJrn8g64u2eGK28z/LFQbv9wXgCwfc72R468BdawFSLa/m2EECQGbZ rWiFla26IVXV0xcD98VWJsTBZMlgPnSOqoMdM1kSEd4fUmlAYI/dFzV1XYSkOmVr FhdZnklmpVDeu27P4c0CQQCuCOup0FlJSBpWY1TTfun/KMBkBatMz0VMA3d7FKIU csPezl677Yjo8u1r/KzeI6zLg87Z8E6r6ZWNc9wBSZK6 -----END RSA TESTING KEY-----`) const clientECDSACertificatePEM = ` -----BEGIN CERTIFICATE----- MIIB/DCCAV4CCQCaMIRsJjXZFzAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0 eSBMdGQwHhcNMTIxMTE0MTMyNTUzWhcNMjIxMTEyMTMyNTUzWjBBMQswCQYDVQQG EwJBVTEMMAoGA1UECBMDTlNXMRAwDgYDVQQHEwdQeXJtb250MRIwEAYDVQQDEwlK b2VsIFNpbmcwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABACVjJF1FMBexFe01MNv ja5oHt1vzobhfm6ySD6B5U7ixohLZNz1MLvT/2XMW/TdtWo+PtAd3kfDdq0Z9kUs jLzYHQFMH3CQRnZIi4+DzEpcj0B22uCJ7B0rxE4wdihBsmKo+1vx+U56jb0JuK7q ixgnTy5w/hOWusPTQBbNZU6sER7m8TAJBgcqhkjOPQQBA4GMADCBiAJCAOAUxGBg C3JosDJdYUoCdFzCgbkWqD8pyDbHgf9stlvZcPE4O1BIKJTLCRpS8V3ujfK58PDa 2RU6+b0DeoeiIzXsAkIBo9SKeDUcSpoj0gq+KxAxnZxfvuiRs9oa9V2jI/Umi0Vw jWVim34BmT0Y9hCaOGGbLlfk+syxis7iI6CH8OFnUes= -----END CERTIFICATE-----` var clientECDSAKeyPEM = testingKey(` -----BEGIN EC PARAMETERS----- BgUrgQQAIw== -----END EC PARAMETERS----- -----BEGIN EC TESTING KEY----- MIHcAgEBBEIBkJN9X4IqZIguiEVKMqeBUP5xtRsEv4HJEtOpOGLELwO53SD78Ew8 k+wLWoqizS3NpQyMtrU8JFdWfj+C57UNkOugBwYFK4EEACOhgYkDgYYABACVjJF1 FMBexFe01MNvja5oHt1vzobhfm6ySD6B5U7ixohLZNz1MLvT/2XMW/TdtWo+PtAd 3kfDdq0Z9kUsjLzYHQFMH3CQRnZIi4+DzEpcj0B22uCJ7B0rxE4wdihBsmKo+1vx +U56jb0JuK7qixgnTy5w/hOWusPTQBbNZU6sER7m8Q== -----END EC TESTING KEY-----`) const clientEd25519CertificatePEM = ` -----BEGIN CERTIFICATE----- MIIBLjCB4aADAgECAhAX0YGTviqMISAQJRXoNCNPMAUGAytlcDASMRAwDgYDVQQK EwdBY21lIENvMB4XDTE5MDUxNjIxNTQyNloXDTIwMDUxNTIxNTQyNlowEjEQMA4G A1UEChMHQWNtZSBDbzAqMAUGAytlcAMhAAvgtWC14nkwPb7jHuBQsQTIbcd4bGkv xRStmmNveRKRo00wSzAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUH AwIwDAYDVR0TAQH/BAIwADAWBgNVHREEDzANggtleGFtcGxlLmNvbTAFBgMrZXAD QQD8GRcqlKUx+inILn9boF2KTjRAOdazENwZ/qAicbP1j6FYDc308YUkv+Y9FN/f 7Q7hF9gRomDQijcjKsJGqjoI -----END CERTIFICATE-----` var clientEd25519KeyPEM = testingKey(` -----BEGIN TESTING KEY----- MC4CAQAwBQYDK2VwBCIEINifzf07d9qx3d44e0FSbV4mC/xQxT644RRbpgNpin7I -----END TESTING KEY-----`) golang-github-marten-seemann-qtls-0.10.0/handshake_unix_test.go000066400000000000000000000005751373277661100246130ustar00rootroot00000000000000// Copyright 2019 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // +build aix darwin dragonfly freebsd linux netbsd openbsd solaris package qtls import ( "errors" "syscall" ) func init() { isConnRefused = func(err error) bool { return errors.Is(err, syscall.ECONNREFUSED) } } golang-github-marten-seemann-qtls-0.10.0/key_agreement.go000066400000000000000000000251411373277661100233760ustar00rootroot00000000000000// Copyright 2010 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "crypto" "crypto/md5" "crypto/rsa" "crypto/sha1" "crypto/x509" "errors" "fmt" "io" ) var errClientKeyExchange = errors.New("tls: invalid ClientKeyExchange message") var errServerKeyExchange = errors.New("tls: invalid ServerKeyExchange message") // rsaKeyAgreement implements the standard TLS key agreement where the client // encrypts the pre-master secret to the server's public key. type rsaKeyAgreement struct{} func (ka rsaKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { return nil, nil } func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) { if len(ckx.ciphertext) < 2 { return nil, errClientKeyExchange } ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1]) if ciphertextLen != len(ckx.ciphertext)-2 { return nil, errClientKeyExchange } ciphertext := ckx.ciphertext[2:] priv, ok := cert.PrivateKey.(crypto.Decrypter) if !ok { return nil, errors.New("tls: certificate private key does not implement crypto.Decrypter") } // Perform constant time RSA PKCS#1 v1.5 decryption preMasterSecret, err := priv.Decrypt(config.rand(), ciphertext, &rsa.PKCS1v15DecryptOptions{SessionKeyLen: 48}) if err != nil { return nil, err } // We don't check the version number in the premaster secret. For one, // by checking it, we would leak information about the validity of the // encrypted pre-master secret. Secondly, it provides only a small // benefit against a downgrade attack and some implementations send the // wrong version anyway. See the discussion at the end of section // 7.4.7.1 of RFC 4346. return preMasterSecret, nil } func (ka rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error { return errors.New("tls: unexpected ServerKeyExchange") } func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) { preMasterSecret := make([]byte, 48) preMasterSecret[0] = byte(clientHello.vers >> 8) preMasterSecret[1] = byte(clientHello.vers) _, err := io.ReadFull(config.rand(), preMasterSecret[2:]) if err != nil { return nil, nil, err } encrypted, err := rsa.EncryptPKCS1v15(config.rand(), cert.PublicKey.(*rsa.PublicKey), preMasterSecret) if err != nil { return nil, nil, err } ckx := new(clientKeyExchangeMsg) ckx.ciphertext = make([]byte, len(encrypted)+2) ckx.ciphertext[0] = byte(len(encrypted) >> 8) ckx.ciphertext[1] = byte(len(encrypted)) copy(ckx.ciphertext[2:], encrypted) return preMasterSecret, ckx, nil } // sha1Hash calculates a SHA1 hash over the given byte slices. func sha1Hash(slices [][]byte) []byte { hsha1 := sha1.New() for _, slice := range slices { hsha1.Write(slice) } return hsha1.Sum(nil) } // md5SHA1Hash implements TLS 1.0's hybrid hash function which consists of the // concatenation of an MD5 and SHA1 hash. func md5SHA1Hash(slices [][]byte) []byte { md5sha1 := make([]byte, md5.Size+sha1.Size) hmd5 := md5.New() for _, slice := range slices { hmd5.Write(slice) } copy(md5sha1, hmd5.Sum(nil)) copy(md5sha1[md5.Size:], sha1Hash(slices)) return md5sha1 } // hashForServerKeyExchange hashes the given slices and returns their digest // using the given hash function (for >= TLS 1.2) or using a default based on // the sigType (for earlier TLS versions). For Ed25519 signatures, which don't // do pre-hashing, it returns the concatenation of the slices. func hashForServerKeyExchange(sigType uint8, hashFunc crypto.Hash, version uint16, slices ...[]byte) []byte { if sigType == signatureEd25519 { var signed []byte for _, slice := range slices { signed = append(signed, slice...) } return signed } if version >= VersionTLS12 { h := hashFunc.New() for _, slice := range slices { h.Write(slice) } digest := h.Sum(nil) return digest } if sigType == signatureECDSA { return sha1Hash(slices) } return md5SHA1Hash(slices) } // ecdheKeyAgreement implements a TLS key agreement where the server // generates an ephemeral EC public/private key pair and signs it. The // pre-master secret is then calculated using ECDH. The signature may // be ECDSA, Ed25519 or RSA. type ecdheKeyAgreement struct { version uint16 isRSA bool params ecdheParameters // ckx and preMasterSecret are generated in processServerKeyExchange // and returned in generateClientKeyExchange. ckx *clientKeyExchangeMsg preMasterSecret []byte } func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *Config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { var curveID CurveID for _, c := range clientHello.supportedCurves { if config.supportsCurve(c) { curveID = c break } } if curveID == 0 { return nil, errors.New("tls: no supported elliptic curves offered") } if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok { return nil, errors.New("tls: CurvePreferences includes unsupported curve") } params, err := generateECDHEParameters(config.rand(), curveID) if err != nil { return nil, err } ka.params = params // See RFC 4492, Section 5.4. ecdhePublic := params.PublicKey() serverECDHEParams := make([]byte, 1+2+1+len(ecdhePublic)) serverECDHEParams[0] = 3 // named curve serverECDHEParams[1] = byte(curveID >> 8) serverECDHEParams[2] = byte(curveID) serverECDHEParams[3] = byte(len(ecdhePublic)) copy(serverECDHEParams[4:], ecdhePublic) priv, ok := cert.PrivateKey.(crypto.Signer) if !ok { return nil, fmt.Errorf("tls: certificate private key of type %T does not implement crypto.Signer", cert.PrivateKey) } var signatureAlgorithm SignatureScheme var sigType uint8 var sigHash crypto.Hash if ka.version >= VersionTLS12 { signatureAlgorithm, err = selectSignatureScheme(ka.version, cert, clientHello.supportedSignatureAlgorithms) if err != nil { return nil, err } sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm) if err != nil { return nil, err } } else { sigType, sigHash, err = legacyTypeAndHashFromPublicKey(priv.Public()) if err != nil { return nil, err } } if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA { return nil, errors.New("tls: certificate cannot be used with the selected cipher suite") } signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, hello.random, serverECDHEParams) signOpts := crypto.SignerOpts(sigHash) if sigType == signatureRSAPSS { signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash} } sig, err := priv.Sign(config.rand(), signed, signOpts) if err != nil { return nil, errors.New("tls: failed to sign ECDHE parameters: " + err.Error()) } skx := new(serverKeyExchangeMsg) sigAndHashLen := 0 if ka.version >= VersionTLS12 { sigAndHashLen = 2 } skx.key = make([]byte, len(serverECDHEParams)+sigAndHashLen+2+len(sig)) copy(skx.key, serverECDHEParams) k := skx.key[len(serverECDHEParams):] if ka.version >= VersionTLS12 { k[0] = byte(signatureAlgorithm >> 8) k[1] = byte(signatureAlgorithm) k = k[2:] } k[0] = byte(len(sig) >> 8) k[1] = byte(len(sig)) copy(k[2:], sig) return skx, nil } func (ka *ecdheKeyAgreement) processClientKeyExchange(config *Config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) { if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 { return nil, errClientKeyExchange } preMasterSecret := ka.params.SharedKey(ckx.ciphertext[1:]) if preMasterSecret == nil { return nil, errClientKeyExchange } return preMasterSecret, nil } func (ka *ecdheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error { if len(skx.key) < 4 { return errServerKeyExchange } if skx.key[0] != 3 { // named curve return errors.New("tls: server selected unsupported curve") } curveID := CurveID(skx.key[1])<<8 | CurveID(skx.key[2]) publicLen := int(skx.key[3]) if publicLen+4 > len(skx.key) { return errServerKeyExchange } serverECDHEParams := skx.key[:4+publicLen] publicKey := serverECDHEParams[4:] sig := skx.key[4+publicLen:] if len(sig) < 2 { return errServerKeyExchange } if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok { return errors.New("tls: server selected unsupported curve") } params, err := generateECDHEParameters(config.rand(), curveID) if err != nil { return err } ka.params = params ka.preMasterSecret = params.SharedKey(publicKey) if ka.preMasterSecret == nil { return errServerKeyExchange } ourPublicKey := params.PublicKey() ka.ckx = new(clientKeyExchangeMsg) ka.ckx.ciphertext = make([]byte, 1+len(ourPublicKey)) ka.ckx.ciphertext[0] = byte(len(ourPublicKey)) copy(ka.ckx.ciphertext[1:], ourPublicKey) var sigType uint8 var sigHash crypto.Hash if ka.version >= VersionTLS12 { signatureAlgorithm := SignatureScheme(sig[0])<<8 | SignatureScheme(sig[1]) sig = sig[2:] if len(sig) < 2 { return errServerKeyExchange } if !isSupportedSignatureAlgorithm(signatureAlgorithm, clientHello.supportedSignatureAlgorithms) { return errors.New("tls: certificate used with invalid signature algorithm") } sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm) if err != nil { return err } } else { sigType, sigHash, err = legacyTypeAndHashFromPublicKey(cert.PublicKey) if err != nil { return err } } if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA { return errServerKeyExchange } sigLen := int(sig[0])<<8 | int(sig[1]) if sigLen+2 != len(sig) { return errServerKeyExchange } sig = sig[2:] signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, serverHello.random, serverECDHEParams) if err := verifyHandshakeSignature(sigType, cert.PublicKey, sigHash, signed, sig); err != nil { return errors.New("tls: invalid signature by the server certificate: " + err.Error()) } return nil } func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) { if ka.ckx == nil { return nil, nil, errors.New("tls: missing ServerKeyExchange message") } return ka.preMasterSecret, ka.ckx, nil } golang-github-marten-seemann-qtls-0.10.0/key_schedule.go000066400000000000000000000150401373277661100232200ustar00rootroot00000000000000// Copyright 2018 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "crypto" "crypto/elliptic" "crypto/hmac" "errors" "hash" "io" "math/big" "golang.org/x/crypto/cryptobyte" "golang.org/x/crypto/curve25519" "golang.org/x/crypto/hkdf" ) // This file contains the functions necessary to compute the TLS 1.3 key // schedule. See RFC 8446, Section 7. const ( resumptionBinderLabel = "res binder" clientHandshakeTrafficLabel = "c hs traffic" serverHandshakeTrafficLabel = "s hs traffic" clientApplicationTrafficLabel = "c ap traffic" serverApplicationTrafficLabel = "s ap traffic" exporterLabel = "exp master" resumptionLabel = "res master" trafficUpdateLabel = "traffic upd" ) // HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt. func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte { if newSecret == nil { newSecret = make([]byte, hash.Size()) } return hkdf.Extract(hash.New, newSecret, currentSecret) } // HkdfExpandLabel HKDF expands a label func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte { return hkdfExpandLabel(hash, secret, hashValue, label, L) } func hkdfExpandLabel(hash crypto.Hash, secret, context []byte, label string, length int) []byte { var hkdfLabel cryptobyte.Builder hkdfLabel.AddUint16(uint16(length)) hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes([]byte("tls13 ")) b.AddBytes([]byte(label)) }) hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(context) }) out := make([]byte, length) n, err := hkdf.Expand(hash.New, secret, hkdfLabel.BytesOrPanic()).Read(out) if err != nil || n != length { panic("tls: HKDF-Expand-Label invocation failed unexpectedly") } return out } // expandLabel implements HKDF-Expand-Label from RFC 8446, Section 7.1. func (c *cipherSuiteTLS13) expandLabel(secret []byte, label string, context []byte, length int) []byte { return hkdfExpandLabel(c.hash, secret, context, label, length) } // deriveSecret implements Derive-Secret from RFC 8446, Section 7.1. func (c *cipherSuiteTLS13) deriveSecret(secret []byte, label string, transcript hash.Hash) []byte { if transcript == nil { transcript = c.hash.New() } return c.expandLabel(secret, label, transcript.Sum(nil), c.hash.Size()) } // extract implements HKDF-Extract with the cipher suite hash. func (c *cipherSuiteTLS13) extract(newSecret, currentSecret []byte) []byte { return HkdfExtract(c.hash, newSecret, currentSecret) } // nextTrafficSecret generates the next traffic secret, given the current one, // according to RFC 8446, Section 7.2. func (c *cipherSuiteTLS13) nextTrafficSecret(trafficSecret []byte) []byte { return c.expandLabel(trafficSecret, trafficUpdateLabel, nil, c.hash.Size()) } // trafficKey generates traffic keys according to RFC 8446, Section 7.3. func (c *cipherSuiteTLS13) trafficKey(trafficSecret []byte) (key, iv []byte) { key = c.expandLabel(trafficSecret, "key", nil, c.keyLen) iv = c.expandLabel(trafficSecret, "iv", nil, aeadNonceLength) return } // finishedHash generates the Finished verify_data or PskBinderEntry according // to RFC 8446, Section 4.4.4. See sections 4.4 and 4.2.11.2 for the baseKey // selection. func (c *cipherSuiteTLS13) finishedHash(baseKey []byte, transcript hash.Hash) []byte { finishedKey := c.expandLabel(baseKey, "finished", nil, c.hash.Size()) verifyData := hmac.New(c.hash.New, finishedKey) verifyData.Write(transcript.Sum(nil)) return verifyData.Sum(nil) } // exportKeyingMaterial implements RFC5705 exporters for TLS 1.3 according to // RFC 8446, Section 7.5. func (c *cipherSuiteTLS13) exportKeyingMaterial(masterSecret []byte, transcript hash.Hash) func(string, []byte, int) ([]byte, error) { expMasterSecret := c.deriveSecret(masterSecret, exporterLabel, transcript) return func(label string, context []byte, length int) ([]byte, error) { secret := c.deriveSecret(expMasterSecret, label, nil) h := c.hash.New() h.Write(context) return c.expandLabel(secret, "exporter", h.Sum(nil), length), nil } } // ecdheParameters implements Diffie-Hellman with either NIST curves or X25519, // according to RFC 8446, Section 4.2.8.2. type ecdheParameters interface { CurveID() CurveID PublicKey() []byte SharedKey(peerPublicKey []byte) []byte } func generateECDHEParameters(rand io.Reader, curveID CurveID) (ecdheParameters, error) { if curveID == X25519 { privateKey := make([]byte, curve25519.ScalarSize) if _, err := io.ReadFull(rand, privateKey); err != nil { return nil, err } publicKey, err := curve25519.X25519(privateKey, curve25519.Basepoint) if err != nil { return nil, err } return &x25519Parameters{privateKey: privateKey, publicKey: publicKey}, nil } curve, ok := curveForCurveID(curveID) if !ok { return nil, errors.New("tls: internal error: unsupported curve") } p := &nistParameters{curveID: curveID} var err error p.privateKey, p.x, p.y, err = elliptic.GenerateKey(curve, rand) if err != nil { return nil, err } return p, nil } func curveForCurveID(id CurveID) (elliptic.Curve, bool) { switch id { case CurveP256: return elliptic.P256(), true case CurveP384: return elliptic.P384(), true case CurveP521: return elliptic.P521(), true default: return nil, false } } type nistParameters struct { privateKey []byte x, y *big.Int // public key curveID CurveID } func (p *nistParameters) CurveID() CurveID { return p.curveID } func (p *nistParameters) PublicKey() []byte { curve, _ := curveForCurveID(p.curveID) return elliptic.Marshal(curve, p.x, p.y) } func (p *nistParameters) SharedKey(peerPublicKey []byte) []byte { curve, _ := curveForCurveID(p.curveID) // Unmarshal also checks whether the given point is on the curve. x, y := elliptic.Unmarshal(curve, peerPublicKey) if x == nil { return nil } xShared, _ := curve.ScalarMult(x, y, p.privateKey) sharedKey := make([]byte, (curve.Params().BitSize+7)>>3) xBytes := xShared.Bytes() copy(sharedKey[len(sharedKey)-len(xBytes):], xBytes) return sharedKey } type x25519Parameters struct { privateKey []byte publicKey []byte } func (p *x25519Parameters) CurveID() CurveID { return X25519 } func (p *x25519Parameters) PublicKey() []byte { return p.publicKey[:] } func (p *x25519Parameters) SharedKey(peerPublicKey []byte) []byte { sharedKey, err := curve25519.X25519(p.privateKey, peerPublicKey) if err != nil { return nil } return sharedKey } golang-github-marten-seemann-qtls-0.10.0/key_schedule_test.go000066400000000000000000000130751373277661100242650ustar00rootroot00000000000000// Copyright 2018 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "encoding/hex" "hash" "strings" "testing" "unicode" ) // This file contains tests derived from draft-ietf-tls-tls13-vectors-07. func parseVector(v string) []byte { v = strings.Map(func(c rune) rune { if unicode.IsSpace(c) { return -1 } return c }, v) parts := strings.Split(v, ":") v = parts[len(parts)-1] res, err := hex.DecodeString(v) if err != nil { panic(err) } return res } func TestDeriveSecret(t *testing.T) { chTranscript := cipherSuitesTLS13[0].hash.New() chTranscript.Write(parseVector(` payload (512 octets): 01 00 01 fc 03 03 1b c3 ce b6 bb e3 9c ff 93 83 55 b5 a5 0a db 6d b2 1b 7a 6a f6 49 d7 b4 bc 41 9d 78 76 48 7d 95 00 00 06 13 01 13 03 13 02 01 00 01 cd 00 00 00 0b 00 09 00 00 06 73 65 72 76 65 72 ff 01 00 01 00 00 0a 00 14 00 12 00 1d 00 17 00 18 00 19 01 00 01 01 01 02 01 03 01 04 00 33 00 26 00 24 00 1d 00 20 e4 ff b6 8a c0 5f 8d 96 c9 9d a2 66 98 34 6c 6b e1 64 82 ba dd da fe 05 1a 66 b4 f1 8d 66 8f 0b 00 2a 00 00 00 2b 00 03 02 03 04 00 0d 00 20 00 1e 04 03 05 03 06 03 02 03 08 04 08 05 08 06 04 01 05 01 06 01 02 01 04 02 05 02 06 02 02 02 00 2d 00 02 01 01 00 1c 00 02 40 01 00 15 00 57 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 29 00 dd 00 b8 00 b2 2c 03 5d 82 93 59 ee 5f f7 af 4e c9 00 00 00 00 26 2a 64 94 dc 48 6d 2c 8a 34 cb 33 fa 90 bf 1b 00 70 ad 3c 49 88 83 c9 36 7c 09 a2 be 78 5a bc 55 cd 22 60 97 a3 a9 82 11 72 83 f8 2a 03 a1 43 ef d3 ff 5d d3 6d 64 e8 61 be 7f d6 1d 28 27 db 27 9c ce 14 50 77 d4 54 a3 66 4d 4e 6d a4 d2 9e e0 37 25 a6 a4 da fc d0 fc 67 d2 ae a7 05 29 51 3e 3d a2 67 7f a5 90 6c 5b 3f 7d 8f 92 f2 28 bd a4 0d da 72 14 70 f9 fb f2 97 b5 ae a6 17 64 6f ac 5c 03 27 2e 97 07 27 c6 21 a7 91 41 ef 5f 7d e6 50 5e 5b fb c3 88 e9 33 43 69 40 93 93 4a e4 d3 57 fa d6 aa cb 00 21 20 3a dd 4f b2 d8 fd f8 22 a0 ca 3c f7 67 8e f5 e8 8d ae 99 01 41 c5 92 4d 57 bb 6f a3 1b 9e 5f 9d`)) type args struct { secret []byte label string transcript hash.Hash } tests := []struct { name string args args want []byte }{ { `derive secret for handshake "tls13 derived"`, args{ parseVector(`PRK (32 octets): 33 ad 0a 1c 60 7e c0 3b 09 e6 cd 98 93 68 0c e2 10 ad f3 00 aa 1f 26 60 e1 b2 2e 10 f1 70 f9 2a`), "derived", nil, }, parseVector(`expanded (32 octets): 6f 26 15 a1 08 c7 02 c5 67 8f 54 fc 9d ba b6 97 16 c0 76 18 9c 48 25 0c eb ea c3 57 6c 36 11 ba`), }, { `derive secret "tls13 c e traffic"`, args{ parseVector(`PRK (32 octets): 9b 21 88 e9 b2 fc 6d 64 d7 1d c3 29 90 0e 20 bb 41 91 50 00 f6 78 aa 83 9c bb 79 7c b7 d8 33 2c`), "c e traffic", chTranscript, }, parseVector(`expanded (32 octets): 3f bb e6 a6 0d eb 66 c3 0a 32 79 5a ba 0e ff 7e aa 10 10 55 86 e7 be 5c 09 67 8d 63 b6 ca ab 62`), }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { c := cipherSuitesTLS13[0] if got := c.deriveSecret(tt.args.secret, tt.args.label, tt.args.transcript); !bytes.Equal(got, tt.want) { t.Errorf("cipherSuiteTLS13.deriveSecret() = % x, want % x", got, tt.want) } }) } } func TestTrafficKey(t *testing.T) { trafficSecret := parseVector( `PRK (32 octets): b6 7b 7d 69 0c c1 6c 4e 75 e5 42 13 cb 2d 37 b4 e9 c9 12 bc de d9 10 5d 42 be fd 59 d3 91 ad 38`) wantKey := parseVector( `key expanded (16 octets): 3f ce 51 60 09 c2 17 27 d0 f2 e4 e8 6e e4 03 bc`) wantIV := parseVector( `iv expanded (12 octets): 5d 31 3e b2 67 12 76 ee 13 00 0b 30`) c := cipherSuitesTLS13[0] gotKey, gotIV := c.trafficKey(trafficSecret) if !bytes.Equal(gotKey, wantKey) { t.Errorf("cipherSuiteTLS13.trafficKey() gotKey = % x, want % x", gotKey, wantKey) } if !bytes.Equal(gotIV, wantIV) { t.Errorf("cipherSuiteTLS13.trafficKey() gotIV = % x, want % x", gotIV, wantIV) } } func TestExtract(t *testing.T) { type args struct { newSecret []byte currentSecret []byte } tests := []struct { name string args args want []byte }{ { `extract secret "early"`, args{ nil, nil, }, parseVector(`secret (32 octets): 33 ad 0a 1c 60 7e c0 3b 09 e6 cd 98 93 68 0c e2 10 ad f3 00 aa 1f 26 60 e1 b2 2e 10 f1 70 f9 2a`), }, { `extract secret "master"`, args{ nil, parseVector(`salt (32 octets): 43 de 77 e0 c7 77 13 85 9a 94 4d b9 db 25 90 b5 31 90 a6 5b 3e e2 e4 f1 2d d7 a0 bb 7c e2 54 b4`), }, parseVector(`secret (32 octets): 18 df 06 84 3d 13 a0 8b f2 a4 49 84 4c 5f 8a 47 80 01 bc 4d 4c 62 79 84 d5 a4 1d a8 d0 40 29 19`), }, { `extract secret "handshake"`, args{ parseVector(`IKM (32 octets): 8b d4 05 4f b5 5b 9d 63 fd fb ac f9 f0 4b 9f 0d 35 e6 d6 3f 53 75 63 ef d4 62 72 90 0f 89 49 2d`), parseVector(`salt (32 octets): 6f 26 15 a1 08 c7 02 c5 67 8f 54 fc 9d ba b6 97 16 c0 76 18 9c 48 25 0c eb ea c3 57 6c 36 11 ba`), }, parseVector(`secret (32 octets): 1d c8 26 e9 36 06 aa 6f dc 0a ad c1 2f 74 1b 01 04 6a a6 b9 9f 69 1e d2 21 a9 f0 ca 04 3f be ac`), }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { c := cipherSuitesTLS13[0] if got := c.extract(tt.args.newSecret, tt.args.currentSecret); !bytes.Equal(got, tt.want) { t.Errorf("cipherSuiteTLS13.extract() = % x, want % x", got, tt.want) } }) } } golang-github-marten-seemann-qtls-0.10.0/mock_client_session_cache_test.go000066400000000000000000000037231373277661100267750ustar00rootroot00000000000000// Code generated by MockGen. DO NOT EDIT. // Source: github.com/marten-seemann/qtls (interfaces: ClientSessionCache) // Package qtls is a generated GoMock package. package qtls import ( gomock "github.com/golang/mock/gomock" reflect "reflect" ) // MockClientSessionCache is a mock of ClientSessionCache interface type MockClientSessionCache struct { ctrl *gomock.Controller recorder *MockClientSessionCacheMockRecorder } // MockClientSessionCacheMockRecorder is the mock recorder for MockClientSessionCache type MockClientSessionCacheMockRecorder struct { mock *MockClientSessionCache } // NewMockClientSessionCache creates a new mock instance func NewMockClientSessionCache(ctrl *gomock.Controller) *MockClientSessionCache { mock := &MockClientSessionCache{ctrl: ctrl} mock.recorder = &MockClientSessionCacheMockRecorder{mock} return mock } // EXPECT returns an object that allows the caller to indicate expected use func (m *MockClientSessionCache) EXPECT() *MockClientSessionCacheMockRecorder { return m.recorder } // Get mocks base method func (m *MockClientSessionCache) Get(arg0 string) (*ClientSessionState, bool) { m.ctrl.T.Helper() ret := m.ctrl.Call(m, "Get", arg0) ret0, _ := ret[0].(*ClientSessionState) ret1, _ := ret[1].(bool) return ret0, ret1 } // Get indicates an expected call of Get func (mr *MockClientSessionCacheMockRecorder) Get(arg0 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Get", reflect.TypeOf((*MockClientSessionCache)(nil).Get), arg0) } // Put mocks base method func (m *MockClientSessionCache) Put(arg0 string, arg1 *ClientSessionState) { m.ctrl.T.Helper() m.ctrl.Call(m, "Put", arg0, arg1) } // Put indicates an expected call of Put func (mr *MockClientSessionCacheMockRecorder) Put(arg0, arg1 interface{}) *gomock.Call { mr.mock.ctrl.T.Helper() return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Put", reflect.TypeOf((*MockClientSessionCache)(nil).Put), arg0, arg1) } golang-github-marten-seemann-qtls-0.10.0/prf.go000066400000000000000000000205661373277661100213540ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "crypto" "crypto/hmac" "crypto/md5" "crypto/sha1" "crypto/sha256" "crypto/sha512" "errors" "fmt" "hash" ) // Split a premaster secret in two as specified in RFC 4346, Section 5. func splitPreMasterSecret(secret []byte) (s1, s2 []byte) { s1 = secret[0 : (len(secret)+1)/2] s2 = secret[len(secret)/2:] return } // pHash implements the P_hash function, as defined in RFC 4346, Section 5. func pHash(result, secret, seed []byte, hash func() hash.Hash) { h := hmac.New(hash, secret) h.Write(seed) a := h.Sum(nil) j := 0 for j < len(result) { h.Reset() h.Write(a) h.Write(seed) b := h.Sum(nil) copy(result[j:], b) j += len(b) h.Reset() h.Write(a) a = h.Sum(nil) } } // prf10 implements the TLS 1.0 pseudo-random function, as defined in RFC 2246, Section 5. func prf10(result, secret, label, seed []byte) { hashSHA1 := sha1.New hashMD5 := md5.New labelAndSeed := make([]byte, len(label)+len(seed)) copy(labelAndSeed, label) copy(labelAndSeed[len(label):], seed) s1, s2 := splitPreMasterSecret(secret) pHash(result, s1, labelAndSeed, hashMD5) result2 := make([]byte, len(result)) pHash(result2, s2, labelAndSeed, hashSHA1) for i, b := range result2 { result[i] ^= b } } // prf12 implements the TLS 1.2 pseudo-random function, as defined in RFC 5246, Section 5. func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) { return func(result, secret, label, seed []byte) { labelAndSeed := make([]byte, len(label)+len(seed)) copy(labelAndSeed, label) copy(labelAndSeed[len(label):], seed) pHash(result, secret, labelAndSeed, hashFunc) } } const ( masterSecretLength = 48 // Length of a master secret in TLS 1.1. finishedVerifyLength = 12 // Length of verify_data in a Finished message. ) var masterSecretLabel = []byte("master secret") var keyExpansionLabel = []byte("key expansion") var clientFinishedLabel = []byte("client finished") var serverFinishedLabel = []byte("server finished") func prfAndHashForVersion(version uint16, suite *cipherSuite) (func(result, secret, label, seed []byte), crypto.Hash) { switch version { case VersionTLS10, VersionTLS11: return prf10, crypto.Hash(0) case VersionTLS12: if suite.flags&suiteSHA384 != 0 { return prf12(sha512.New384), crypto.SHA384 } return prf12(sha256.New), crypto.SHA256 default: panic("unknown version") } } func prfForVersion(version uint16, suite *cipherSuite) func(result, secret, label, seed []byte) { prf, _ := prfAndHashForVersion(version, suite) return prf } // masterFromPreMasterSecret generates the master secret from the pre-master // secret. See RFC 5246, Section 8.1. func masterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret, clientRandom, serverRandom []byte) []byte { seed := make([]byte, 0, len(clientRandom)+len(serverRandom)) seed = append(seed, clientRandom...) seed = append(seed, serverRandom...) masterSecret := make([]byte, masterSecretLength) prfForVersion(version, suite)(masterSecret, preMasterSecret, masterSecretLabel, seed) return masterSecret } // keysFromMasterSecret generates the connection keys from the master // secret, given the lengths of the MAC key, cipher key and IV, as defined in // RFC 2246, Section 6.3. func keysFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) { seed := make([]byte, 0, len(serverRandom)+len(clientRandom)) seed = append(seed, serverRandom...) seed = append(seed, clientRandom...) n := 2*macLen + 2*keyLen + 2*ivLen keyMaterial := make([]byte, n) prfForVersion(version, suite)(keyMaterial, masterSecret, keyExpansionLabel, seed) clientMAC = keyMaterial[:macLen] keyMaterial = keyMaterial[macLen:] serverMAC = keyMaterial[:macLen] keyMaterial = keyMaterial[macLen:] clientKey = keyMaterial[:keyLen] keyMaterial = keyMaterial[keyLen:] serverKey = keyMaterial[:keyLen] keyMaterial = keyMaterial[keyLen:] clientIV = keyMaterial[:ivLen] keyMaterial = keyMaterial[ivLen:] serverIV = keyMaterial[:ivLen] return } func newFinishedHash(version uint16, cipherSuite *cipherSuite) finishedHash { var buffer []byte if version >= VersionTLS12 { buffer = []byte{} } prf, hash := prfAndHashForVersion(version, cipherSuite) if hash != 0 { return finishedHash{hash.New(), hash.New(), nil, nil, buffer, version, prf} } return finishedHash{sha1.New(), sha1.New(), md5.New(), md5.New(), buffer, version, prf} } // A finishedHash calculates the hash of a set of handshake messages suitable // for including in a Finished message. type finishedHash struct { client hash.Hash server hash.Hash // Prior to TLS 1.2, an additional MD5 hash is required. clientMD5 hash.Hash serverMD5 hash.Hash // In TLS 1.2, a full buffer is sadly required. buffer []byte version uint16 prf func(result, secret, label, seed []byte) } func (h *finishedHash) Write(msg []byte) (n int, err error) { h.client.Write(msg) h.server.Write(msg) if h.version < VersionTLS12 { h.clientMD5.Write(msg) h.serverMD5.Write(msg) } if h.buffer != nil { h.buffer = append(h.buffer, msg...) } return len(msg), nil } func (h finishedHash) Sum() []byte { if h.version >= VersionTLS12 { return h.client.Sum(nil) } out := make([]byte, 0, md5.Size+sha1.Size) out = h.clientMD5.Sum(out) return h.client.Sum(out) } // clientSum returns the contents of the verify_data member of a client's // Finished message. func (h finishedHash) clientSum(masterSecret []byte) []byte { out := make([]byte, finishedVerifyLength) h.prf(out, masterSecret, clientFinishedLabel, h.Sum()) return out } // serverSum returns the contents of the verify_data member of a server's // Finished message. func (h finishedHash) serverSum(masterSecret []byte) []byte { out := make([]byte, finishedVerifyLength) h.prf(out, masterSecret, serverFinishedLabel, h.Sum()) return out } // hashForClientCertificate returns the handshake messages so far, pre-hashed if // necessary, suitable for signing by a TLS client certificate. func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash, masterSecret []byte) []byte { if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil { panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer") } if sigType == signatureEd25519 { return h.buffer } if h.version >= VersionTLS12 { hash := hashAlg.New() hash.Write(h.buffer) return hash.Sum(nil) } if sigType == signatureECDSA { return h.server.Sum(nil) } return h.Sum() } // discardHandshakeBuffer is called when there is no more need to // buffer the entirety of the handshake messages. func (h *finishedHash) discardHandshakeBuffer() { h.buffer = nil } // noExportedKeyingMaterial is used as a value of // ConnectionState.ekm when renegotiation is enabled and thus // we wish to fail all key-material export requests. func noExportedKeyingMaterial(label string, context []byte, length int) ([]byte, error) { return nil, errors.New("crypto/tls: ExportKeyingMaterial is unavailable when renegotiation is enabled") } // ekmFromMasterSecret generates exported keying material as defined in RFC 5705. func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte) func(string, []byte, int) ([]byte, error) { return func(label string, context []byte, length int) ([]byte, error) { switch label { case "client finished", "server finished", "master secret", "key expansion": // These values are reserved and may not be used. return nil, fmt.Errorf("crypto/tls: reserved ExportKeyingMaterial label: %s", label) } seedLen := len(serverRandom) + len(clientRandom) if context != nil { seedLen += 2 + len(context) } seed := make([]byte, 0, seedLen) seed = append(seed, clientRandom...) seed = append(seed, serverRandom...) if context != nil { if len(context) >= 1<<16 { return nil, fmt.Errorf("crypto/tls: ExportKeyingMaterial context too long") } seed = append(seed, byte(len(context)>>8), byte(len(context))) seed = append(seed, context...) } keyMaterial := make([]byte, length) prfForVersion(version, suite)(keyMaterial, masterSecret, []byte(label), seed) return keyMaterial, nil } } golang-github-marten-seemann-qtls-0.10.0/prf_test.go000066400000000000000000000133241373277661100224050ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "encoding/hex" "testing" ) type testSplitPreMasterSecretTest struct { in, out1, out2 string } var testSplitPreMasterSecretTests = []testSplitPreMasterSecretTest{ {"", "", ""}, {"00", "00", "00"}, {"0011", "00", "11"}, {"001122", "0011", "1122"}, {"00112233", "0011", "2233"}, } func TestSplitPreMasterSecret(t *testing.T) { for i, test := range testSplitPreMasterSecretTests { in, _ := hex.DecodeString(test.in) out1, out2 := splitPreMasterSecret(in) s1 := hex.EncodeToString(out1) s2 := hex.EncodeToString(out2) if s1 != test.out1 || s2 != test.out2 { t.Errorf("#%d: got: (%s, %s) want: (%s, %s)", i, s1, s2, test.out1, test.out2) } } } type testKeysFromTest struct { version uint16 suite *cipherSuite preMasterSecret string clientRandom, serverRandom string masterSecret string clientMAC, serverMAC string clientKey, serverKey string macLen, keyLen int contextKeyingMaterial, noContextKeyingMaterial string } func TestKeysFromPreMasterSecret(t *testing.T) { for i, test := range testKeysFromTests { in, _ := hex.DecodeString(test.preMasterSecret) clientRandom, _ := hex.DecodeString(test.clientRandom) serverRandom, _ := hex.DecodeString(test.serverRandom) masterSecret := masterFromPreMasterSecret(test.version, test.suite, in, clientRandom, serverRandom) if s := hex.EncodeToString(masterSecret); s != test.masterSecret { t.Errorf("#%d: bad master secret %s, want %s", i, s, test.masterSecret) continue } clientMAC, serverMAC, clientKey, serverKey, _, _ := keysFromMasterSecret(test.version, test.suite, masterSecret, clientRandom, serverRandom, test.macLen, test.keyLen, 0) clientMACString := hex.EncodeToString(clientMAC) serverMACString := hex.EncodeToString(serverMAC) clientKeyString := hex.EncodeToString(clientKey) serverKeyString := hex.EncodeToString(serverKey) if clientMACString != test.clientMAC || serverMACString != test.serverMAC || clientKeyString != test.clientKey || serverKeyString != test.serverKey { t.Errorf("#%d: got: (%s, %s, %s, %s) want: (%s, %s, %s, %s)", i, clientMACString, serverMACString, clientKeyString, serverKeyString, test.clientMAC, test.serverMAC, test.clientKey, test.serverKey) } ekm := ekmFromMasterSecret(test.version, test.suite, masterSecret, clientRandom, serverRandom) contextKeyingMaterial, err := ekm("label", []byte("context"), 32) if err != nil { t.Fatalf("ekmFromMasterSecret failed: %v", err) } noContextKeyingMaterial, err := ekm("label", nil, 32) if err != nil { t.Fatalf("ekmFromMasterSecret failed: %v", err) } if hex.EncodeToString(contextKeyingMaterial) != test.contextKeyingMaterial || hex.EncodeToString(noContextKeyingMaterial) != test.noContextKeyingMaterial { t.Errorf("#%d: got keying material: (%s, %s) want: (%s, %s)", i, contextKeyingMaterial, noContextKeyingMaterial, test.contextKeyingMaterial, test.noContextKeyingMaterial) } } } // These test vectors were generated from GnuTLS using `gnutls-cli --insecure -d 9 ` var testKeysFromTests = []testKeysFromTest{ { VersionTLS10, cipherSuiteByID(TLS_RSA_WITH_RC4_128_SHA), "0302cac83ad4b1db3b9ab49ad05957de2a504a634a386fc600889321e1a971f57479466830ac3e6f468e87f5385fa0c5", "4ae66303755184a3917fcb44880605fcc53baa01912b22ed94473fc69cebd558", "4ae663020ec16e6bb5130be918cfcafd4d765979a3136a5d50c593446e4e44db", "3d851bab6e5556e959a16bc36d66cfae32f672bfa9ecdef6096cbb1b23472df1da63dbbd9827606413221d149ed08ceb", "805aaa19b3d2c0a0759a4b6c9959890e08480119", "2d22f9fe519c075c16448305ceee209fc24ad109", "d50b5771244f850cd8117a9ccafe2cf1", "e076e33206b30507a85c32855acd0919", 20, 16, "4d1bb6fc278c37d27aa6e2a13c2e079095d143272c2aa939da33d88c1c0cec22", "93fba89599b6321ae538e27c6548ceb8b46821864318f5190d64a375e5d69d41", }, { VersionTLS10, cipherSuiteByID(TLS_RSA_WITH_RC4_128_SHA), "03023f7527316bc12cbcd69e4b9e8275d62c028f27e65c745cfcddc7ce01bd3570a111378b63848127f1c36e5f9e4890", "4ae66364b5ea56b20ce4e25555aed2d7e67f42788dd03f3fee4adae0459ab106", "4ae66363ab815cbf6a248b87d6b556184e945e9b97fbdf247858b0bdafacfa1c", "7d64be7c80c59b740200b4b9c26d0baaa1c5ae56705acbcf2307fe62beb4728c19392c83f20483801cce022c77645460", "97742ed60a0554ca13f04f97ee193177b971e3b0", "37068751700400e03a8477a5c7eec0813ab9e0dc", "207cddbc600d2a200abac6502053ee5c", "df3f94f6e1eacc753b815fe16055cd43", 20, 16, "2c9f8961a72b97cbe76553b5f954caf8294fc6360ef995ac1256fe9516d0ce7f", "274f19c10291d188857ad8878e2119f5aa437d4da556601cf1337aff23154016", }, { VersionTLS10, cipherSuiteByID(TLS_RSA_WITH_RC4_128_SHA), "832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1", "4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e", "4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e", "1aff2e7a2c4279d0126f57a65a77a8d9d0087cf2733366699bec27eb53d5740705a8574bb1acc2abbe90e44f0dd28d6c", "3c7647c93c1379a31a609542aa44e7f117a70085", "0d73102994be74a575a3ead8532590ca32a526d4", "ac7581b0b6c10d85bbd905ffbf36c65e", "ff07edde49682b45466bd2e39464b306", 20, 16, "678b0d43f607de35241dc7e9d1a7388a52c35033a1a0336d4d740060a6638fe2", "f3b4ac743f015ef21d79978297a53da3e579ee047133f38c234d829c0f907dab", }, } golang-github-marten-seemann-qtls-0.10.0/record_layer_test.go000066400000000000000000000450041373277661100242700ustar00rootroot00000000000000package qtls import ( "bytes" "fmt" "net" "testing" "time" ) type exportedKey struct { typ string // "read" or "write" encLevel EncryptionLevel suite *CipherSuiteTLS13 trafficSecret []byte } func compareExportedKeys(t *testing.T, k1, k2 *exportedKey) { if k1.encLevel != k2.encLevel || k1.suite.ID != k2.suite.ID || !bytes.Equal(k1.trafficSecret, k2.trafficSecret) { t.Fatal("mismatching keys") } } type recordLayerWithKeys struct { in <-chan []byte out chan<- interface{} } func (r *recordLayerWithKeys) SetReadKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) { r.out <- &exportedKey{typ: "read", encLevel: encLevel, suite: suite, trafficSecret: trafficSecret} } func (r *recordLayerWithKeys) SetWriteKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) { r.out <- &exportedKey{typ: "write", encLevel: encLevel, suite: suite, trafficSecret: trafficSecret} } func (r *recordLayerWithKeys) ReadHandshakeMessage() ([]byte, error) { return <-r.in, nil } func (r *recordLayerWithKeys) WriteRecord(b []byte) (int, error) { r.out <- b; return len(b), nil } func (r *recordLayerWithKeys) SendAlert(uint8) {} type unusedConn struct { remoteAddr net.Addr } var _ net.Conn = &unusedConn{} func (unusedConn) Read([]byte) (int, error) { panic("unexpected call to Read()") } func (unusedConn) Write([]byte) (int, error) { panic("unexpected call to Write()") } func (unusedConn) Close() error { return nil } func (unusedConn) LocalAddr() net.Addr { return &net.TCPAddr{} } func (c *unusedConn) RemoteAddr() net.Addr { return c.remoteAddr } func (unusedConn) SetDeadline(time.Time) error { return nil } func (unusedConn) SetReadDeadline(time.Time) error { return nil } func (unusedConn) SetWriteDeadline(time.Time) error { return nil } func TestAlternativeRecordLayer(t *testing.T) { sIn := make(chan []byte, 10) sOut := make(chan interface{}, 10) defer close(sOut) cIn := make(chan []byte, 10) cOut := make(chan interface{}, 10) defer close(cOut) serverEvents := make(chan interface{}, 100) go func() { for { c, ok := <-sOut if !ok { return } serverEvents <- c if b, ok := c.([]byte); ok { cIn <- b } } }() clientEvents := make(chan interface{}, 100) go func() { for { c, ok := <-cOut if !ok { return } clientEvents <- c if b, ok := c.([]byte); ok { sIn <- b } } }() errChan := make(chan error) go func() { config := testConfig.Clone() config.AlternativeRecordLayer = &recordLayerWithKeys{in: sIn, out: sOut} tlsConn := Server(&unusedConn{}, config) defer tlsConn.Close() errChan <- tlsConn.Handshake() }() config := testConfig.Clone() config.AlternativeRecordLayer = &recordLayerWithKeys{in: cIn, out: cOut} tlsConn := Client(&unusedConn{}, config) defer tlsConn.Close() if err := tlsConn.Handshake(); err != nil { t.Fatalf("Handshake failed: %s", err) } // Handshakes completed. Now check that events were received in the correct order. var clientHandshakeReadKey, clientHandshakeWriteKey *exportedKey var clientApplicationReadKey, clientApplicationWriteKey *exportedKey for i := 0; i <= 5; i++ { ev := <-clientEvents switch i { case 0: if ev.([]byte)[0] != typeClientHello { t.Fatalf("expected ClientHello") } case 1: keyEv := ev.(*exportedKey) if keyEv.typ != "write" || keyEv.encLevel != EncryptionHandshake { t.Fatalf("expected the handshake write key") } clientHandshakeWriteKey = keyEv case 2: keyEv := ev.(*exportedKey) if keyEv.typ != "read" || keyEv.encLevel != EncryptionHandshake { t.Fatalf("expected the handshake read key") } clientHandshakeReadKey = keyEv case 3: keyEv := ev.(*exportedKey) if keyEv.typ != "read" || keyEv.encLevel != EncryptionApplication { t.Fatalf("expected the application read key") } clientApplicationReadKey = keyEv case 4: if ev.([]byte)[0] != typeFinished { t.Fatalf("expected Finished") } case 5: keyEv := ev.(*exportedKey) if keyEv.typ != "write" || keyEv.encLevel != EncryptionApplication { t.Fatalf("expected the application write key") } clientApplicationWriteKey = keyEv } } if len(clientEvents) > 0 { t.Fatal("didn't expect any more client events") } for i := 0; i <= 8; i++ { ev := <-serverEvents switch i { case 0: if ev.([]byte)[0] != typeServerHello { t.Fatalf("expected ServerHello") } case 1: keyEv := ev.(*exportedKey) if keyEv.typ != "read" || keyEv.encLevel != EncryptionHandshake { t.Fatalf("expected the handshake read key") } compareExportedKeys(t, clientHandshakeWriteKey, keyEv) case 2: keyEv := ev.(*exportedKey) if keyEv.typ != "write" || keyEv.encLevel != EncryptionHandshake { t.Fatalf("expected the handshake write key") } compareExportedKeys(t, clientHandshakeReadKey, keyEv) case 3: if ev.([]byte)[0] != typeEncryptedExtensions { t.Fatalf("expected EncryptedExtensions") } case 4: if ev.([]byte)[0] != typeCertificate { t.Fatalf("expected Certificate") } case 5: if ev.([]byte)[0] != typeCertificateVerify { t.Fatalf("expected CertificateVerify") } case 6: if ev.([]byte)[0] != typeFinished { t.Fatalf("expected Finished") } case 7: keyEv := ev.(*exportedKey) if keyEv.typ != "write" || keyEv.encLevel != EncryptionApplication { t.Fatalf("expected the application write key") } compareExportedKeys(t, clientApplicationReadKey, keyEv) case 8: keyEv := ev.(*exportedKey) if keyEv.typ != "read" || keyEv.encLevel != EncryptionApplication { t.Fatalf("expected the application read key") } compareExportedKeys(t, clientApplicationWriteKey, keyEv) } } if len(serverEvents) > 0 { t.Fatal("didn't expect any more server events") } } func TestForbiddenZeroRTT(t *testing.T) { // run the first handshake to get a session ticket clientConn, serverConn := localPipe(t) errChan := make(chan error, 1) go func() { tlsConn := Server(serverConn, testConfig.Clone()) defer tlsConn.Close() err := tlsConn.Handshake() errChan <- err if err != nil { return } tlsConn.Write([]byte{0}) }() clientConfig := testConfig.Clone() clientConfig.ClientSessionCache = NewLRUClientSessionCache(10) tlsConn := Client(clientConn, clientConfig) if err := tlsConn.Handshake(); err != nil { t.Fatalf("first handshake failed: %s", err) } tlsConn.Read([]byte{0}) // make sure to read the session ticket tlsConn.Close() if err := <-errChan; err != nil { t.Fatalf("first handshake failed: %s", err) } sIn := make(chan []byte, 10) sOut := make(chan interface{}, 10) defer close(sOut) cIn := make(chan []byte, 10) cOut := make(chan interface{}, 10) defer close(cOut) serverEvents := make(chan interface{}, 100) go func() { for { c, ok := <-sOut if !ok { return } serverEvents <- c if b, ok := c.([]byte); ok { cIn <- b } } }() clientEvents := make(chan interface{}, 100) go func() { for { c, ok := <-cOut if !ok { return } clientEvents <- c if b, ok := c.([]byte); ok { if b[0] == typeClientHello { msg := &clientHelloMsg{} if ok := msg.unmarshal(b); !ok { panic("unmarshaling failed") } msg.earlyData = true msg.raw = nil b = msg.marshal() } sIn <- b } } }() done := make(chan struct{}) go func() { defer close(done) clientConfig.AlternativeRecordLayer = &recordLayerWithKeys{in: cIn, out: cOut} Client(&unusedConn{remoteAddr: clientConn.RemoteAddr()}, clientConfig).Handshake() }() config := testConfig.Clone() config.MinVersion = VersionTLS13 config.AlternativeRecordLayer = &recordLayerWithKeys{in: sIn, out: sOut} tlsConn = Server(&unusedConn{}, config) err := tlsConn.Handshake() if err == nil { t.Fatal("expected handshake to fail") } if err.Error() != "tls: client sent unexpected early data" { t.Fatalf("expected early data error") } cIn <- []byte{0} // make the client handshake error <-done } func TestZeroRTTKeys(t *testing.T) { // run the first handshake to get a session ticket clientConn, serverConn := localPipe(t) errChan := make(chan error, 1) go func() { config := testConfig.Clone() config.MaxEarlyData = 1000 tlsConn := Server(serverConn, config) defer tlsConn.Close() err := tlsConn.Handshake() errChan <- err if err != nil { return } tlsConn.Write([]byte{0}) }() clientConfig := testConfig.Clone() clientConfig.ClientSessionCache = NewLRUClientSessionCache(10) tlsConn := Client(clientConn, clientConfig) if err := tlsConn.Handshake(); err != nil { t.Fatalf("first handshake failed: %s", err) } tlsConn.Read([]byte{0}) // make sure to read the session ticket tlsConn.Close() if err := <-errChan; err != nil { t.Fatalf("first handshake failed: %s", err) } sIn := make(chan []byte, 10) sOut := make(chan interface{}, 10) defer close(sOut) cIn := make(chan []byte, 10) cOut := make(chan interface{}, 10) defer close(cOut) var serverEarlyData bool var serverExportedKey *exportedKey go func() { for { c, ok := <-sOut if !ok { return } if b, ok := c.([]byte); ok { if b[0] == typeEncryptedExtensions { var msg encryptedExtensionsMsg if ok := msg.unmarshal(b); !ok { panic("failed to unmarshal EncryptedExtensions") } serverEarlyData = msg.earlyData } cIn <- b } if k, ok := c.(*exportedKey); ok && k.encLevel == Encryption0RTT { serverExportedKey = k } } }() var clientEarlyData bool var clientExportedKey *exportedKey go func() { for { c, ok := <-cOut if !ok { return } if b, ok := c.([]byte); ok { if b[0] == typeClientHello { var msg clientHelloMsg if ok := msg.unmarshal(b); !ok { panic("failed to unmarshal ClientHello") } clientEarlyData = msg.earlyData } sIn <- b } if k, ok := c.(*exportedKey); ok && k.encLevel == Encryption0RTT { clientExportedKey = k } } }() errChan = make(chan error) go func() { config := testConfig.Clone() config.AlternativeRecordLayer = &recordLayerWithKeys{in: sIn, out: sOut} config.MaxEarlyData = 1 config.Accept0RTT = func([]byte) bool { return true } tlsConn := Server(&unusedConn{}, config) defer tlsConn.Close() errChan <- tlsConn.Handshake() }() clientConfig.AlternativeRecordLayer = &recordLayerWithKeys{in: cIn, out: cOut} clientConfig.Enable0RTT = true tlsConn = Client(&unusedConn{remoteAddr: clientConn.RemoteAddr()}, clientConfig) defer tlsConn.Close() if err := tlsConn.Handshake(); err != nil { t.Fatalf("Handshake failed: %s", err) } if err := <-errChan; err != nil { t.Fatalf("Handshake failed: %s", err) } if !clientEarlyData { t.Fatal("expected the client to offer early data") } if !serverEarlyData { t.Fatal("expected the server to offer early data") } compareExportedKeys(t, clientExportedKey, serverExportedKey) } type recordLayer struct { in <-chan []byte out chan<- []byte } func (r *recordLayer) SetReadKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) { } func (r *recordLayer) SetWriteKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte) { } func (r *recordLayer) ReadHandshakeMessage() ([]byte, error) { return <-r.in, nil } func (r *recordLayer) WriteRecord(b []byte) (int, error) { r.out <- b; return len(b), nil } func (r *recordLayer) SendAlert(uint8) {} func TestEncodeIntoSessionTicket(t *testing.T) { raddr := &net.TCPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 1234} sIn := make(chan []byte, 10) sOut := make(chan []byte, 10) // do a first handshake and encode a "foobar" into the session ticket errChan := make(chan error, 1) stChan := make(chan []byte, 1) go func() { serverConf := testConfig.Clone() serverConf.AlternativeRecordLayer = &recordLayer{in: sIn, out: sOut} serverConf.MaxEarlyData = 1 server := Server(&unusedConn{remoteAddr: raddr}, serverConf) defer server.Close() err := server.Handshake() if err != nil { errChan <- err return } st, err := server.GetSessionTicket([]byte("foobar")) if err != nil { errChan <- err return } stChan <- st errChan <- nil }() clientConf := testConfig.Clone() clientConf.AlternativeRecordLayer = &recordLayer{in: sOut, out: sIn} clientConf.ClientSessionCache = NewLRUClientSessionCache(10) client := Client(&unusedConn{remoteAddr: raddr}, clientConf) if err := client.Handshake(); err != nil { t.Fatalf("first handshake failed %s", err) } if err := <-errChan; err != nil { t.Fatalf("first handshake failed %s", err) } sOut <- <-stChan if err := client.HandlePostHandshakeMessage(); err != nil { t.Fatalf("handling the session ticket failed: %s", err) } client.Close() dataChan := make(chan []byte, 1) errChan = make(chan error, 1) go func() { serverConf := testConfig.Clone() serverConf.AlternativeRecordLayer = &recordLayer{in: sIn, out: sOut} serverConf.Accept0RTT = func(data []byte) bool { dataChan <- data return true } server := Server(&unusedConn{remoteAddr: raddr}, serverConf) defer server.Close() errChan <- server.Handshake() }() clientConf.Enable0RTT = true client = Client(&unusedConn{remoteAddr: raddr}, clientConf) if err := client.Handshake(); err != nil { t.Fatalf("second handshake failed %s", err) } defer client.Close() if err := <-errChan; err != nil { t.Fatalf("second handshake failed %s", err) } if len(dataChan) != 1 { t.Fatal("expected to receive application data") } if data := <-dataChan; !bytes.Equal(data, []byte("foobar")) { t.Fatalf("expected to receive a foobar, got %s", string(data)) } } func TestZeroRTTRejection(t *testing.T) { for _, doReject := range []bool{true, false} { t.Run(fmt.Sprintf("doing reject: %t", doReject), func(t *testing.T) { raddr := &net.TCPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 1234} sIn := make(chan []byte, 10) sOut := make(chan []byte, 10) // do a first handshake and encode a "foobar" into the session ticket errChan := make(chan error, 1) go func() { serverConf := testConfig.Clone() serverConf.AlternativeRecordLayer = &recordLayer{in: sIn, out: sOut} serverConf.MaxEarlyData = 1 server := Server(&unusedConn{remoteAddr: raddr}, serverConf) defer server.Close() err := server.Handshake() if err != nil { errChan <- err return } st, err := server.GetSessionTicket(nil) if err != nil { errChan <- err return } sOut <- st errChan <- nil }() clientConf := testConfig.Clone() clientConf.AlternativeRecordLayer = &recordLayer{in: sOut, out: sIn} clientConf.ClientSessionCache = NewLRUClientSessionCache(10) client := Client(&unusedConn{remoteAddr: raddr}, clientConf) if err := client.Handshake(); err != nil { t.Fatalf("first handshake failed %s", err) } if err := <-errChan; err != nil { t.Fatalf("first handshake failed %s", err) } if err := client.HandlePostHandshakeMessage(); err != nil { t.Fatalf("handling the session ticket failed: %s", err) } client.Close() // now dial the second connection errChan = make(chan error, 1) connStateChan := make(chan ConnectionState, 1) go func() { serverConf := testConfig.Clone() serverConf.AlternativeRecordLayer = &recordLayer{in: sIn, out: sOut} serverConf.Accept0RTT = func(data []byte) bool { return !doReject } server := Server(&unusedConn{remoteAddr: raddr}, serverConf) defer server.Close() errChan <- server.Handshake() connStateChan <- server.ConnectionState() }() clientConf.Enable0RTT = true var rejected bool clientConf.Rejected0RTT = func() { rejected = true } client = Client(&unusedConn{remoteAddr: raddr}, clientConf) if err := client.Handshake(); err != nil { t.Fatalf("second handshake failed %s", err) } defer client.Close() if err := <-errChan; err != nil { t.Fatalf("second handshake failed %s", err) } if rejected != doReject { t.Fatal("wrong rejection") } if client.ConnectionState().Used0RTT == doReject { t.Fatal("wrong connection state on the client") } if (<-connStateChan).Used0RTT == doReject { t.Fatal("wrong connection state on the server") } }) } } func TestZeroRTTRejectionOnALPNMismatch(t *testing.T) { raddr := &net.TCPAddr{IP: net.IPv4(127, 0, 0, 1), Port: 1234} sIn := make(chan []byte, 10) sOut := make(chan []byte, 10) // do a first handshake and encode a "foobar" into the session ticket errChan := make(chan error, 1) go func() { serverConf := testConfig.Clone() serverConf.NextProtos = []string{"proto1"} serverConf.AlternativeRecordLayer = &recordLayer{in: sIn, out: sOut} serverConf.MaxEarlyData = 1 server := Server(&unusedConn{remoteAddr: raddr}, serverConf) defer server.Close() err := server.Handshake() if err != nil { errChan <- err return } st, err := server.GetSessionTicket(nil) if err != nil { errChan <- err return } sOut <- st errChan <- nil }() clientConf := testConfig.Clone() clientConf.NextProtos = []string{"proto1"} clientConf.AlternativeRecordLayer = &recordLayer{in: sOut, out: sIn} clientConf.ClientSessionCache = NewLRUClientSessionCache(10) client := Client(&unusedConn{remoteAddr: raddr}, clientConf) if err := client.Handshake(); err != nil { t.Fatalf("first handshake failed %s", err) } if err := <-errChan; err != nil { t.Fatalf("first handshake failed %s", err) } if err := client.HandlePostHandshakeMessage(); err != nil { t.Fatalf("handling the session ticket failed: %s", err) } client.Close() // now dial the second connection errChan = make(chan error, 1) connStateChan := make(chan ConnectionState, 1) go func() { serverConf := testConfig.Clone() serverConf.NextProtos = []string{"proto2"} serverConf.AlternativeRecordLayer = &recordLayer{in: sIn, out: sOut} serverConf.Accept0RTT = func([]byte) bool { return true } server := Server(&unusedConn{remoteAddr: raddr}, serverConf) defer server.Close() errChan <- server.Handshake() connStateChan <- server.ConnectionState() }() clientConf.Enable0RTT = true var rejected bool clientConf.Rejected0RTT = func() { rejected = true } clientConf.NextProtos = []string{"proto2"} client = Client(&unusedConn{remoteAddr: raddr}, clientConf) if err := client.Handshake(); err != nil { t.Fatalf("second handshake failed %s", err) } defer client.Close() if err := <-errChan; err != nil { t.Fatalf("second handshake failed %s", err) } if !rejected { t.Fatal("expected 0-RTT to be rejected") } if client.ConnectionState().Used0RTT { t.Fatal("expected 0-RTT to be rejected") } if (<-connStateChan).Used0RTT { t.Fatal("expected 0-RTT to be rejected") } } golang-github-marten-seemann-qtls-0.10.0/testdata/000077500000000000000000000000001373277661100220365ustar00rootroot00000000000000golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-ClientCert-ECDSA-ECDSA000066400000000000000000000241121373277661100276520ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 94 1f ba 79 da |....Y...U.....y.| 00000010 4b 58 3e 08 2c c5 31 36 a4 7e 32 bf e1 a0 f7 71 |KX>.,.16.~2....q| 00000020 01 48 63 3c 5f cb 08 7a 25 80 c7 20 35 0c c0 8b |.Hc<_..z%.. 5...| 00000030 df 30 fc dc 3d f1 48 96 0d b6 ff a8 cd 35 29 57 |.0..=.H......5)W| 00000040 7d 3f c2 9d e2 32 b1 c2 4c 05 5e 3b c0 09 00 00 |}?...2..L.^;....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 01 00 b5 0c 00 00 b1 03 00 1d 20 1a 74 |*............ .t| 00000280 c4 96 9e 65 45 9a 0a 01 7c ed 7b 51 01 d8 ba 5b |...eE...|.{Q...[| 00000290 3e 2f b1 4b 36 69 e8 47 75 7e 27 be b3 2f 00 8b |>/.K6i.Gu~'../..| 000002a0 30 81 88 02 42 01 cb 20 d9 1e ae 05 6f 1f 37 ce |0...B.. ....o.7.| 000002b0 dc 38 20 2f 8f 52 9a 92 f6 80 d6 f9 97 99 a5 8b |.8 /.R..........| 000002c0 6e 73 0b 95 a4 4e 82 67 bd 1a 34 d9 5c 4e b4 d7 |ns...N.g..4.\N..| 000002d0 35 e6 45 81 14 23 9c 4e 5a 4c 1b 93 fd 7f 43 18 |5.E..#.NZL....C.| 000002e0 db 54 4b e0 d1 d3 fa 02 42 00 ab 8e 34 d5 c2 04 |.TK.....B...4...| 000002f0 d0 a4 44 b1 b3 25 a0 af c8 80 b3 88 ae da b3 c6 |..D..%..........| 00000300 4f 57 ae 31 54 c6 d9 ee 4e 21 56 01 cc b9 6a e9 |OW.1T...N!V...j.| 00000310 e9 7e 62 2a 64 0e a4 a0 79 1e a3 64 52 70 b1 a5 |.~b*d...y..dRp..| 00000320 19 2c a4 6d 4b 3b a3 63 ed 56 2f 16 03 01 00 0a |.,.mK;.c.V/.....| 00000330 0d 00 00 06 03 01 02 40 00 00 16 03 01 00 04 0e |.......@........| 00000340 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 01 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| 00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| 00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| 00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| 00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| 00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| 00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| 00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| 00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| 00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| 000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| 000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| 000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| 000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| 000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| 00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| 00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| 00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| 00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| 00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| 00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| 00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| 00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| 00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| 00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| 000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| 000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| 000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| 000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| 000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| 000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| 00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| 00000210 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 cd 62 |...%...! /.}.G.b| 00000220 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......| 00000230 c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 90 0f 00 |...._X.;t.......| 00000240 00 8c 00 8a 30 81 87 02 42 01 89 0f 43 df a8 34 |....0...B...C..4| 00000250 dd d7 c9 d4 2b 8d ec 29 77 7b 64 d0 0e 8c e8 2b |....+..)w{d....+| 00000260 e3 25 1c ed 0a 1b 05 e0 66 42 37 c0 e6 fa 3e 81 |.%......fB7...>.| 00000270 ec e1 06 99 f4 62 3f ea 55 79 ae 68 56 9e e3 3c |.....b?.Uy.hV..<| 00000280 83 ba 9b 1c 65 b9 eb a6 e7 f7 4e 02 41 61 2c 52 |....e.....N.Aa,R| 00000290 4c 48 92 b0 93 d8 31 58 c3 90 b0 e3 7d 55 94 fc |LH....1X....}U..| 000002a0 70 bf 18 42 51 73 d0 45 17 2e 0e 00 b0 12 76 0d |p..BQs.E......v.| 000002b0 35 78 cb fd 34 60 36 ff ed 19 ef 0a 1e 21 cc 4c |5x..4`6......!.L| 000002c0 9a ff a0 f7 cf 72 03 cd 00 bb 73 0d 1d e5 14 03 |.....r....s.....| 000002d0 01 00 01 01 16 03 01 00 30 69 76 1f 5b 81 5f 62 |........0iv.[._b| 000002e0 cf d5 d9 2c 19 71 80 d0 2a 97 8a 89 21 7f 6d 02 |...,.q..*...!.m.| 000002f0 b6 01 a4 ed fe 18 9f 34 ae 95 f6 a1 29 0b 9a 1c |.......4....)...| 00000300 04 b6 ce c7 d1 0c 5a b5 3f |......Z.?| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 7d 4b fc 73 20 |..........0}K.s | 00000010 e4 ac c4 39 15 79 e3 89 e1 24 ce 28 30 e5 f1 87 |...9.y...$.(0...| 00000020 cd c0 cc 39 a8 77 3b 06 a5 f9 b0 a1 3d 54 53 3b |...9.w;.....=TS;| 00000030 53 ec ac b2 ea 24 1b 2d 6a ef c3 |S....$.-j..| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 9d 57 d2 4b 5b 7e 7d 7c 28 f7 8e |.... .W.K[~}|(..| 00000010 00 0a b6 1c 3c 6b df 4d 06 c0 f8 db 86 2e 8f 8e |....>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 97 0c 7e fc 7f |....Y...U....~..| 00000010 96 47 02 21 a7 19 45 a5 79 5c 5e fc c2 15 b3 fa |.G.!..E.y\^.....| 00000020 84 98 7d 67 65 c8 48 58 a1 5d 67 20 ad 2a c6 b3 |..}ge.HX.]g .*..| 00000030 a4 17 82 12 4a c5 97 af 12 6b 7d f6 9e 49 f1 38 |....J....k}..I.8| 00000040 d0 56 76 bc 81 23 ad 3a 3e 7f bc 2d c0 13 00 00 |.Vv..#.:>..-....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 |.=.`.\!.;.......| 000002c0 aa 0c 00 00 a6 03 00 1d 20 a4 24 f7 67 e3 da fa |........ .$.g...| 000002d0 10 33 95 b4 46 00 c0 3c cd 74 12 e4 a3 3b 01 70 |.3..F..<.t...;.p| 000002e0 fb 98 01 9a e9 2d d0 18 7b 00 80 ce c5 7b 4b 87 |.....-..{....{K.| 000002f0 cd bc 5d 63 09 7e d4 ce 09 53 7a 1b e5 b4 10 54 |..]c.~...Sz....T| 00000300 89 52 ac 82 9c 78 88 ed e8 1a 8c 3a 7a 2c 9a c5 |.R...x.....:z,..| 00000310 2b 97 1c 79 43 bd b1 ee 93 6f 4c 4d fc 3c 47 91 |+..yC....oLM.>> Flow 3 (client to server) 00000000 16 03 01 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| 00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| 00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| 00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| 00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| 00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| 00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| 00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| 00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| 00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| 000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| 000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| 000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| 000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| 000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| 00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| 00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| 00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| 00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| 00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| 00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| 00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| 00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| 00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| 00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| 000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| 000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| 000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| 000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| 000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| 000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| 00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| 00000210 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 cd 62 |...%...! /.}.G.b| 00000220 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......| 00000230 c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 91 0f 00 |...._X.;t.......| 00000240 00 8d 00 8b 30 81 88 02 42 01 71 f3 c4 3a 85 08 |....0...B.q..:..| 00000250 3b 18 26 48 5c 3f c3 8a 4f e9 d7 29 48 59 1a 35 |;.&H\?..O..)HY.5| 00000260 ee b3 0d 5e 29 03 1d 34 95 0e 40 73 85 13 14 d0 |...^)..4..@s....| 00000270 fb fb 96 77 21 fb d8 43 d7 e2 bf 2c 95 7b 75 5d |...w!..C...,.{u]| 00000280 59 15 81 71 d2 b6 82 96 d9 cc 78 02 42 01 d3 51 |Y..q......x.B..Q| 00000290 af 25 d0 f8 a4 e2 e7 8e 7e 46 56 53 8f d1 09 f6 |.%......~FVS....| 000002a0 76 88 5a 42 83 89 92 7b c7 e4 40 9c 3d 05 ac 43 |v.ZB...{..@.=..C| 000002b0 bf 6e 24 14 fe 36 f8 43 a6 90 8e a1 bd e2 92 84 |.n$..6.C........| 000002c0 60 e3 92 34 1c 7b 53 d5 57 6d 23 32 12 a8 23 14 |`..4.{S.Wm#2..#.| 000002d0 03 01 00 01 01 16 03 01 00 30 6f 06 c7 84 fa 7f |.........0o.....| 000002e0 c9 66 a9 6f 26 37 45 db 42 c8 8f 63 c3 5b 05 07 |.f.o&7E.B..c.[..| 000002f0 ef 07 41 be 71 60 35 d3 16 8f 92 f6 89 cb c7 dc |..A.q`5.........| 00000300 4e 45 61 99 31 45 66 40 36 86 |NEa.1Ef@6.| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 d3 83 ac 08 7f |..........0.....| 00000010 a1 91 51 7c b7 99 6f 24 cd b1 cd 31 7b 12 20 47 |..Q|..o$...1{. G| 00000020 66 08 22 f6 28 ea 81 fe 92 b5 c8 40 60 bc 5b 19 |f.".(......@`.[.| 00000030 e0 2b d1 26 fd 4c 12 22 c5 13 9a |.+.&.L."...| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 79 06 89 7e e0 17 9a e3 dc 4c ee |.... y..~.....L.| 00000010 70 63 13 bc 27 f5 43 fa f8 90 49 d9 89 43 7a 15 |pc..'.C...I..Cz.| 00000020 d4 e2 a8 e6 3e 17 03 01 00 20 ea 84 0e 21 62 d5 |....>.... ...!b.| 00000030 ee 26 5e fc 3e 0c 83 3b 91 01 c4 a7 8e 9b c4 1a |.&^.>..;........| 00000040 86 f8 a0 44 21 44 2f 31 cf a1 15 03 01 00 20 c6 |...D!D/1...... .| 00000050 11 f1 65 ea f3 39 d1 d2 ac 95 1f 81 36 ae db b1 |..e..9......6...| 00000060 88 a8 42 25 86 ec 1b c1 7e 12 60 a9 6b 7f 66 |..B%....~.`.k.f| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-ClientCert-Ed25519000066400000000000000000000204101373277661100271510ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 08 05 08 06 04 01 04 |................| 000000b0 03 05 01 05 03 06 01 06 03 02 01 02 03 08 07 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 55 df 11 fe c6 |....Y...U..U....| 00000010 aa d4 85 4b 87 c2 35 4c ac a9 c3 15 a3 7f 6d 7e |...K..5L......m~| 00000020 15 d1 47 b2 d2 09 16 4d 08 1b dd 20 49 d9 51 42 |..G....M... I.QB| 00000030 97 cf 36 b3 74 3e 05 0a e5 c9 97 ef 01 9c 24 34 |..6.t>........$4| 00000040 31 17 e1 8a 6a ce 37 60 02 47 46 7f c0 13 00 00 |1...j.7`.GF.....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 |.=.`.\!.;.......| 000002c0 aa 0c 00 00 a6 03 00 1d 20 17 27 58 d2 5f 59 a3 |........ .'X._Y.| 000002d0 62 62 d4 97 4a 49 c4 ff ec dc f7 d3 c9 ea f3 00 |bb..JI..........| 000002e0 61 1b d3 73 38 9e af 7d 17 00 80 59 7a 4e 55 97 |a..s8..}...YzNU.| 000002f0 5a 81 0e 2e 85 0b c2 61 f0 79 72 0e d1 d5 3b bf |Z......a.yr...;.| 00000300 6a 77 03 0a 9a 51 42 f5 98 2f 09 d5 7b 17 76 b8 |jw...QB../..{.v.| 00000310 2c a7 95 ee 61 65 d7 37 b3 1b 16 3c 48 7e 9d ed |,...ae.7...>> Flow 3 (client to server) 00000000 16 03 01 01 3c 0b 00 01 38 00 01 35 00 01 32 30 |....<...8..5..20| 00000010 82 01 2e 30 81 e1 a0 03 02 01 02 02 10 17 d1 81 |...0............| 00000020 93 be 2a 8c 21 20 10 25 15 e8 34 23 4f 30 05 06 |..*.! .%..4#O0..| 00000030 03 2b 65 70 30 12 31 10 30 0e 06 03 55 04 0a 13 |.+ep0.1.0...U...| 00000040 07 41 63 6d 65 20 43 6f 30 1e 17 0d 31 39 30 35 |.Acme Co0...1905| 00000050 31 36 32 31 35 34 32 36 5a 17 0d 32 30 30 35 31 |16215426Z..20051| 00000060 35 32 31 35 34 32 36 5a 30 12 31 10 30 0e 06 03 |5215426Z0.1.0...| 00000070 55 04 0a 13 07 41 63 6d 65 20 43 6f 30 2a 30 05 |U....Acme Co0*0.| 00000080 06 03 2b 65 70 03 21 00 0b e0 b5 60 b5 e2 79 30 |..+ep.!....`..y0| 00000090 3d be e3 1e e0 50 b1 04 c8 6d c7 78 6c 69 2f c5 |=....P...m.xli/.| 000000a0 14 ad 9a 63 6f 79 12 91 a3 4d 30 4b 30 0e 06 03 |...coy...M0K0...| 000000b0 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 |U...........0...| 000000c0 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 |U.%..0...+......| 000000d0 02 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 |.0...U.......0.0| 000000e0 16 06 03 55 1d 11 04 0f 30 0d 82 0b 65 78 61 6d |...U....0...exam| 000000f0 70 6c 65 2e 63 6f 6d 30 05 06 03 2b 65 70 03 41 |ple.com0...+ep.A| 00000100 00 fc 19 17 2a 94 a5 31 fa 29 c8 2e 7f 5b a0 5d |....*..1.)...[.]| 00000110 8a 4e 34 40 39 d6 b3 10 dc 19 fe a0 22 71 b3 f5 |.N4@9......."q..| 00000120 8f a1 58 0d cd f4 f1 85 24 bf e6 3d 14 df df ed |..X.....$..=....| 00000130 0e e1 17 d8 11 a2 60 d0 8a 37 23 2a c2 46 aa 3a |......`..7#*.F.:| 00000140 08 16 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 |.....%...! /.}.G| 00000150 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af |.bC.(.._.).0....| 00000160 c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 46 |......_X.;t....F| 00000170 0f 00 00 42 00 40 14 6a d7 c1 9c 3d 81 fa e9 da |...B.@.j...=....| 00000180 96 5c 3a 09 e2 fc 36 e2 30 39 e4 6e 0d ac aa 54 |.\:...6.09.n...T| 00000190 24 4d 8c f0 35 14 b0 0b e9 5b 57 52 31 02 9f 6c |$M..5....[WR1..l| 000001a0 6f 6c d7 e9 b5 7f cb 30 fe b9 ba b9 7a 46 67 e3 |ol.....0....zFg.| 000001b0 a7 50 ca ce e4 04 14 03 01 00 01 01 16 03 01 00 |.P..............| 000001c0 30 8d 0a ca d1 5e 2c 7e 92 d0 69 f4 d9 e8 5d 0a |0....^,~..i...].| 000001d0 11 72 67 20 3e 80 64 29 e5 79 f5 33 ad 06 78 07 |.rg >.d).y.3..x.| 000001e0 4c 03 fc 2e 16 35 70 b1 72 e7 35 a9 cc 49 b8 29 |L....5p.r.5..I.)| 000001f0 30 |0| >>> Flow 4 (server to client) 00000000 15 03 01 00 02 02 50 |......P| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-ClientCert-RSA-ECDSA000066400000000000000000000237641373277661100274740ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 3b 4c b9 76 d2 |....Y...U..;L.v.| 00000010 c3 d1 ea 81 71 1a 10 e1 b1 69 5c 54 c2 df 17 0a |....q....i\T....| 00000020 de 41 cb d1 69 c3 9a da 90 fd 25 20 1e 02 11 16 |.A..i.....% ....| 00000030 ab 66 13 56 3d 94 00 a9 80 7c d8 57 12 99 1c 5f |.f.V=....|.W..._| 00000040 7a b2 02 8c 23 f3 76 b8 59 5e 16 dd c0 09 00 00 |z...#.v.Y^......| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 01 00 b5 0c 00 00 b1 03 00 1d 20 16 64 |*............ .d| 00000280 ca 24 70 6f 61 2f 9e 2d 43 0a 73 ac 67 f0 7a e5 |.$poa/.-C.s.g.z.| 00000290 c7 4e c4 1f ad 13 0d eb df ff 0d ff a3 27 00 8b |.N...........'..| 000002a0 30 81 88 02 42 01 1a 33 8b 88 78 ed 5c c1 56 0d |0...B..3..x.\.V.| 000002b0 75 51 69 a0 e7 45 6d ae b0 67 55 3f be 23 3e 92 |uQi..Em..gU?.#>.| 000002c0 fe 26 68 a2 30 84 2f b3 33 66 f6 dd 71 67 99 5e |.&h.0./.3f..qg.^| 000002d0 1c 6f bf 87 ed 33 a0 87 69 f6 35 65 8d cb 3a 7e |.o...3..i.5e..:~| 000002e0 95 a7 a4 40 54 cb 97 02 42 00 a3 fe 50 34 68 9f |...@T...B...P4h.| 000002f0 f2 43 98 23 e4 24 ad 36 e9 d3 e0 75 2c 11 46 6c |.C.#.$.6...u,.Fl| 00000300 48 33 c5 bc 2d 04 ff cc bb ec 38 ec f4 b3 55 31 |H3..-.....8...U1| 00000310 8a 6e 38 a5 6d a0 9c fc f6 98 75 48 c6 79 53 de |.n8.m.....uH.yS.| 00000320 dd 91 49 f0 b6 32 83 45 61 89 4e 16 03 01 00 0a |..I..2.Ea.N.....| 00000330 0d 00 00 06 03 01 02 40 00 00 16 03 01 00 04 0e |.......@........| 00000340 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 01 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 01 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.| 00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 |......._X.;t....| 00000230 86 0f 00 00 82 00 80 90 68 a8 2f 6f 2b 70 e4 25 |........h./o+p.%| 00000240 7d fb b7 85 db 44 ec 1a ad 6d 84 fb 95 21 fa 24 |}....D...m...!.$| 00000250 7b 31 6a 97 4f 06 ee 87 22 c3 7c 81 70 ed e3 2a |{1j.O...".|.p..*| 00000260 d5 2c d1 4e 6d f0 12 52 2f 98 05 08 af 41 fa 87 |.,.Nm..R/....A..| 00000270 d1 62 98 6c 06 47 ec 7a 44 e0 7d ae 7a 7d ef 1b |.b.l.G.zD.}.z}..| 00000280 d5 2c fa 1b 70 a3 fb 9a 5d 8c 60 b4 44 6a e5 b8 |.,..p...].`.Dj..| 00000290 80 4c 29 fc f1 2d f1 11 46 81 c4 01 e4 11 2e 05 |.L)..-..F.......| 000002a0 cb 2b ca d9 4a 14 39 06 93 77 19 db 80 03 82 38 |.+..J.9..w.....8| 000002b0 e5 c1 0f 11 17 47 a7 14 03 01 00 01 01 16 03 01 |.....G..........| 000002c0 00 30 a6 68 28 50 75 6d eb f4 32 c8 a3 57 3f b1 |.0.h(Pum..2..W?.| 000002d0 37 84 8e 7e 1d 1d 93 7d 9f ec ff ac 1c 8d bf 30 |7..~...}.......0| 000002e0 d2 b0 0f 3f 02 c3 ef ac a3 62 94 26 1c 8f 7e 8d |...?.....b.&..~.| 000002f0 74 99 |t.| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 80 3e 0d 50 13 |..........0.>.P.| 00000010 5f 00 ba 2e 47 46 5d 63 1b 72 a8 02 24 1c 3e 1f |_...GF]c.r..$.>.| 00000020 ed e2 3a 45 d7 7d 3a f2 33 97 c3 ab 13 9b 0e 4a |..:E.}:.3......J| 00000030 04 f0 08 48 ab d3 46 0b 40 7d 5c |...H..F.@}\| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 f7 32 e7 36 4f 77 2f 4a 05 fd 27 |.... .2.6Ow/J..'| 00000010 19 57 52 f7 8a 0c 7f fb 14 78 b2 06 bf ca 86 73 |.WR......x.....s| 00000020 32 13 33 04 91 17 03 01 00 20 7e e4 fe c5 6d f7 |2.3...... ~...m.| 00000030 d4 69 30 57 89 a0 76 70 40 a7 b5 17 74 2f 5d 16 |.i0W..vp@...t/].| 00000040 c1 19 30 73 f8 37 c4 10 5b b7 15 03 01 00 20 08 |..0s.7..[..... .| 00000050 41 5e 0b 9f 36 23 bd 9a 09 f7 58 9d a3 d7 26 3a |A^..6#....X...&:| 00000060 f4 5e 6b bf 9c d4 6f 0c d3 9e cd de cb 95 57 |.^k...o.......W| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-ClientCert-RSA-RSA000066400000000000000000000244601373277661100272740ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 97 fe 7f 92 37 |....Y...U......7| 00000010 67 99 e0 d8 62 a9 31 80 bd 1f 31 8e 7d 0b 08 0a |g...b.1...1.}...| 00000020 de a5 82 a2 f2 d0 c1 35 66 34 6e 20 39 46 b1 b0 |.......5f4n 9F..| 00000030 6e 2d 0e fe 8c 48 ea ab 1c c4 49 ee f4 21 cf cb |n-...H....I..!..| 00000040 2a 20 57 78 18 99 a1 b9 7f 88 4f 64 c0 13 00 00 |* Wx......Od....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 |.=.`.\!.;.......| 000002c0 aa 0c 00 00 a6 03 00 1d 20 07 80 79 40 4b b1 0e |........ ..y@K..| 000002d0 05 ce e4 ca 9d f5 d7 ad a6 98 f2 40 f9 b9 66 a8 |...........@..f.| 000002e0 04 6e ae b5 da 99 67 09 69 00 80 01 4a f2 c1 c9 |.n....g.i...J...| 000002f0 2f 46 4f b8 9e 8b 2c c4 a1 32 44 3c dc 2c 5e b9 |/FO...,..2D<.,^.| 00000300 76 5f 41 20 23 1b 82 dd ec 37 b4 24 68 6d a7 39 |v_A #....7.$hm.9| 00000310 4f f2 e5 97 09 75 64 2a 64 16 b8 99 04 8a 74 77 |O....ud*d.....tw| 00000320 19 bb 12 5f 27 f6 41 09 f7 2e 1c 33 80 3b 01 57 |..._'.A....3.;.W| 00000330 5c f9 20 6e 0c 48 76 59 e1 8b 1f bb 2a 33 1a 28 |\. n.HvY....*3.(| 00000340 a0 5a 05 44 94 eb 35 62 5e ae 7f e4 01 76 b6 b4 |.Z.D..5b^....v..| 00000350 64 91 bf 25 09 ff 88 8a af 73 00 d0 7e ea 0f ca |d..%.....s..~...| 00000360 4a 2b d4 6f 02 26 98 28 5a ed 11 16 03 01 00 0a |J+.o.&.(Z.......| 00000370 0d 00 00 06 03 01 02 40 00 00 16 03 01 00 04 0e |.......@........| 00000380 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 01 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 01 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.| 00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 01 00 |......._X.;t....| 00000230 86 0f 00 00 82 00 80 81 aa 68 1f a9 a4 de f1 4d |.........h.....M| 00000240 30 9a fe e6 a5 f6 f6 18 b6 3e d2 c7 f1 e6 77 e3 |0........>....w.| 00000250 6a cd 61 01 81 3a 02 31 a5 aa d6 db b6 02 9d 4b |j.a..:.1.......K| 00000260 f5 78 50 c3 95 fe 43 88 33 3a 95 32 bc e8 02 1a |.xP...C.3:.2....| 00000270 e6 f4 d5 54 b9 fc e0 4a 4e f0 92 21 35 4b de c8 |...T...JN..!5K..| 00000280 a4 b0 01 c3 ca 3a 87 ed cb 21 1c ce c2 14 7b 8d |.....:...!....{.| 00000290 90 68 b9 21 49 13 dd cd e7 68 83 41 7c 84 6a 75 |.h.!I....h.A|.ju| 000002a0 76 ee 19 8b fa d5 a6 57 3d a7 f1 f1 6f 11 ca 77 |v......W=...o..w| 000002b0 95 0e b5 c7 3d 99 d4 14 03 01 00 01 01 16 03 01 |....=...........| 000002c0 00 30 5e be 40 82 f8 db 05 20 23 45 a4 42 48 e8 |.0^.@.... #E.BH.| 000002d0 06 69 eb 4c ef 79 53 52 4a 5a 3a ba cc d6 99 59 |.i.L.ySRJZ:....Y| 000002e0 4d c2 b0 34 0f 14 68 03 93 8b a4 95 7e cf 26 f8 |M..4..h.....~.&.| 000002f0 5c 8a |\.| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 ef 9b 5c da 0a |..........0..\..| 00000010 2e c4 79 fa ea 8a 9c 78 4a 1f 08 77 56 73 6e fa |..y....xJ..wVsn.| 00000020 3a 5b 3c cd cd e9 0c a8 bb 59 9e 22 ab 67 2c 03 |:[<......Y.".g,.| 00000030 de ad 7c e4 cb 85 d7 8f c1 1c e3 |..|........| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 48 1a 1a 1c 6c 7d 6c 2a e0 b2 e3 |.... H...l}l*...| 00000010 b3 9f ec 39 a8 cd 9a f9 a2 3e 2d 46 3b cf 17 ed |...9.....>-F;...| 00000020 70 99 ce d7 3c 17 03 01 00 20 69 27 e9 89 78 e6 |p...<.... i'..x.| 00000030 64 c0 a9 40 4f 0d 97 53 b2 2e 15 f3 2b 54 3b 77 |d..@O..S....+T;w| 00000040 f2 24 2c 94 dc b3 8b f0 c4 ce 15 03 01 00 20 1b |.$,........... .| 00000050 50 55 83 d8 6b b4 04 b2 f0 2d 1c 9c 0d fa de 58 |PU..k....-.....X| 00000060 cd 0a 1d 55 d6 36 f4 a4 fb cc 55 c5 b1 f3 d3 |...U.6....U....| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-ECDHE-ECDSA-AES000066400000000000000000000154021373277661100262210ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 a7 ea 63 8c 7d |....Y...U....c.}| 00000010 54 70 04 d5 5e a2 2e 8b 75 4f 17 c8 a8 8c 3d bc |Tp..^...uO....=.| 00000020 08 aa 82 48 85 ed 1a ff 42 e1 54 20 3b 77 9d 32 |...H....B.T ;w.2| 00000030 4d 60 f2 81 f8 20 aa d2 b0 eb ea 7c 6a 39 52 20 |M`... .....|j9R | 00000040 94 4a 2a 88 05 8a fe 6c 50 5c 95 39 c0 09 00 00 |.J*....lP\.9....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 01 00 b5 0c 00 00 b1 03 00 1d 20 3a 1f |*............ :.| 00000280 18 e9 f2 09 3e 79 4b a0 62 73 ef 87 0d ea 90 51 |....>yK.bs.....Q| 00000290 7f 9d d2 79 59 e4 11 7f 69 f7 a9 d7 78 7f 00 8b |...yY...i...x...| 000002a0 30 81 88 02 42 01 65 ac eb e6 b0 86 73 95 a4 27 |0...B.e.....s..'| 000002b0 e3 82 55 cf 88 16 80 c2 68 4b 39 77 2a b1 a9 d3 |..U.....hK9w*...| 000002c0 08 d5 ac 77 ce 5b 16 73 2c ad b5 57 2a 7a 75 34 |...w.[.s,..W*zu4| 000002d0 ec 99 23 bd df b2 27 36 5a 4b 40 e0 d3 b0 d2 31 |..#...'6ZK@....1| 000002e0 9b c7 9e 0a cb 5b 69 02 42 00 88 d7 5a 6a 9e 4c |.....[i.B...Zj.L| 000002f0 c5 7b 2c 8e 93 3b 75 27 b4 00 11 88 ba cf 99 8c |.{,..;u'........| 00000300 e5 f2 60 22 de f2 fe 86 a6 48 86 9c 40 31 08 75 |..`".....H..@1.u| 00000310 aa bc 5d 6d fa 2e a4 a9 a1 0d fc e1 d9 5a a1 60 |..]m.........Z.`| 00000320 93 b9 69 c7 c2 3e f5 a9 cb 31 41 16 03 01 00 04 |..i..>...1A.....| 00000330 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 01 00 01 01 |....._X.;t......| 00000030 16 03 01 00 30 30 25 15 82 a1 7f 11 32 13 52 17 |....00%.....2.R.| 00000040 b8 bd 5b b9 1e 69 88 0b b3 5f 12 40 e3 4b 03 cb |..[..i..._.@.K..| 00000050 cd 07 3c 43 4f ab f7 5d 2c 6a a3 02 a9 64 d0 77 |..>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 b5 3e 18 97 a1 |..........0.>...| 00000010 ca 2e 7f 5f b9 72 cb aa d4 f6 85 86 d3 27 40 13 |..._.r.......'@.| 00000020 e3 99 35 13 67 a8 9e 6e bb 63 15 97 96 42 e4 b3 |..5.g..n.c...B..| 00000030 fc 15 ee b7 d8 cb a2 64 3d 55 b8 |.......d=U.| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 12 6c bf f2 39 2d e6 ad a8 38 d5 |.... .l..9-...8.| 00000010 1c ea 5b 79 e5 c7 4a 41 eb 58 70 f0 7d f7 60 e7 |..[y..JA.Xp.}.`.| 00000020 ee 77 98 75 f2 17 03 01 00 20 ac 5e 6d b0 81 0b |.w.u..... .^m...| 00000030 14 ca c2 70 53 d8 6d 55 49 63 da 8a 61 66 80 2d |...pS.mUIc..af.-| 00000040 e4 7c 2e 60 1f eb 3c f2 27 66 15 03 01 00 20 7a |.|.`..<.'f.... z| 00000050 2b 80 f8 00 0f 06 f5 6e fe b7 b7 6b 12 6c 8d 8e |+......n...k.l..| 00000060 c4 11 23 2b a2 bb 16 93 b4 e0 e0 fd 8c 42 db |..#+.........B.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-ECDHE-RSA-AES000066400000000000000000000160761373277661100260370ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 16 f4 24 01 94 |....Y...U....$..| 00000010 68 d2 0f 15 4d d6 65 54 84 73 ab 2c b2 11 c5 64 |h...M.eT.s.,...d| 00000020 d8 93 66 50 cd b0 f0 ab 11 5c 72 20 b1 13 c1 f5 |..fP.....\r ....| 00000030 63 ed 70 0b 21 52 85 36 84 99 1d b6 bb dc d3 1c |c.p.!R.6........| 00000040 b3 76 13 d9 ef 47 c4 c0 18 57 23 3b c0 13 00 00 |.v...G...W#;....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 |.=.`.\!.;.......| 000002c0 aa 0c 00 00 a6 03 00 1d 20 7e aa 30 94 7b fb 09 |........ ~.0.{..| 000002d0 b5 55 ce b3 e9 e0 5b 55 82 f4 e6 7c d0 e4 57 eb |.U....[U...|..W.| 000002e0 9b ec 82 48 d6 0e 2a bb 16 00 80 80 da c5 75 4f |...H..*.......uO| 000002f0 82 95 ee 47 28 af 09 08 d5 13 68 33 5d 91 dd 13 |...G(.....h3]...| 00000300 43 84 e9 54 d9 e7 39 7c 38 74 d5 92 8f 46 37 86 |C..T..9|8t...F7.| 00000310 44 68 ae c7 3a ad e1 33 5f cd d8 c6 a5 7c 5e 83 |Dh..:..3_....|^.| 00000320 44 ba b1 09 44 ec 42 7f 41 80 d6 b6 4c 6d ae 24 |D...D.B.A...Lm.$| 00000330 a9 3b 53 87 2f 3b 3a 1f da 87 2b 7d cf 9e ed a5 |.;S./;:...+}....| 00000340 04 54 ad c2 3c 7b 21 60 55 67 41 47 60 02 1e 62 |.T..<{!`UgAG`..b| 00000350 bb 9f ee 2c 6e 79 20 6e 65 e2 d0 ae 73 70 3e a7 |...,ny ne...sp>.| 00000360 3f 74 96 8e 2a 6e a6 7e 7a e0 e4 16 03 01 00 04 |?t..*n.~z.......| 00000370 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 01 00 01 01 |....._X.;t......| 00000030 16 03 01 00 30 5a cb 36 c8 1c 43 a8 e1 88 db c9 |....0Z.6..C.....| 00000040 ae 78 b0 af 97 e4 c3 f6 25 51 8e 4d 57 94 ee ca |.x......%Q.MW...| 00000050 a4 8b 3f 4d 17 75 34 58 c3 fa a6 6f d4 e5 ae 3a |..?M.u4X...o...:| 00000060 cb 5a cb 11 ef |.Z...| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 96 92 50 6f f0 |..........0..Po.| 00000010 d1 ff 7c 39 fb 75 0c 8b c9 d7 29 7d 9d 32 4c 19 |..|9.u....)}.2L.| 00000020 2e 93 ea 11 87 07 fc 5a 7d 3c 30 e1 bd 64 7f 90 |.......Z}<0..d..| 00000030 fd 70 1d 50 eb ec f2 d6 de 09 61 |.p.P......a| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 fd a4 ba f1 78 a9 a2 45 d3 d2 5a |.... ....x..E..Z| 00000010 1e 41 6b 89 8d bd a4 21 69 03 a1 7c b8 56 ff df |.Ak....!i..|.V..| 00000020 67 bc 85 5e 21 17 03 01 00 20 a7 6d 4c 11 d0 f3 |g..^!.... .mL...| 00000030 7d e2 f0 69 18 7c 42 71 78 e4 3b 71 7d 13 27 bb |}..i.|Bqx.;q}.'.| 00000040 79 fd d7 b2 d7 28 ca 92 83 f1 15 03 01 00 20 10 |y....(........ .| 00000050 b3 79 d4 1d 70 db b7 6c f2 15 05 3c 4d 65 ba ec |.y..p..l...>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 59 02 00 00 55 03 01 7a a4 22 4f 19 |....Y...U..z."O.| 00000010 54 37 47 cb e5 dd b4 54 86 9e 9e d6 3f f1 bd ca |T7G....T....?...| 00000020 9a 3e 16 3c 7e 1a 29 22 0d c8 95 20 ac 85 42 c1 |.>.<~.)"... ..B.| 00000030 e7 f3 38 62 38 24 a8 24 d2 67 bd 0d 06 44 74 cf |..8b8$.$.g...Dt.| 00000040 3d a4 37 17 bc 8c 5d 41 9f 5a 74 69 c0 13 00 00 |=.7...]A.Zti....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 01 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 |.=.`.\!.;.......| 000002c0 aa 0c 00 00 a6 03 00 1d 20 71 52 12 72 a7 56 0b |........ qR.r.V.| 000002d0 51 81 af 9f e1 95 43 44 54 0e 9e 3d cc 6f 3c 4c |Q.....CDT..=.o| 00000360 cb 59 5d 81 da 58 07 83 e7 af 25 16 03 01 00 04 |.Y]..X....%.....| 00000370 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 01 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 01 00 01 01 |....._X.;t......| 00000030 16 03 01 00 30 c3 26 49 92 5a 8c d0 da 48 ba 60 |....0.&I.Z...H.`| 00000040 29 c0 5c d5 44 04 11 7a 25 b5 d6 9f a4 cf fe bf |).\.D..z%.......| 00000050 33 a7 ba c2 96 2b 4d c1 fb dc 4c ba b8 2b 6f 20 |3....+M...L..+o | 00000060 2d 2a 02 ee 17 |-*...| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 f4 4e 0a ea 58 |..........0.N..X| 00000010 18 c6 9d 5f aa 5d f0 03 d4 63 0d e7 83 cb a8 18 |..._.]...c......| 00000020 06 fa b6 82 da df 16 89 5c 8b 5d 92 87 b1 42 da |........\.]...B.| 00000030 cd 2a ee dc 43 08 f1 0d 1f 18 5c |.*..C.....\| >>> Flow 5 (client to server) 00000000 17 03 01 00 20 e6 95 10 e0 98 07 9f 2b 42 06 b8 |.... .......+B..| 00000010 2a 6c 5d 4a 95 2a 2c 17 d5 cc 68 42 18 bd 72 58 |*l]J.*,...hB..rX| 00000020 c1 39 73 05 75 17 03 01 00 20 d4 ae 70 ee a0 ed |.9s.u.... ..p...| 00000030 3e dd f9 aa 93 03 ff f5 a4 f6 f3 0d e7 a6 59 a9 |>.............Y.| 00000040 40 b4 f6 ad a5 46 0b eb ee 0e 15 03 01 00 20 7c |@....F........ || 00000050 1a 29 f3 49 60 47 2e 52 ec 00 4a 62 44 30 93 5f |.).I`G.R..JbD0._| 00000060 df 73 2f 44 65 3f 77 c1 3d 04 32 c8 bb 86 ed |.s/De?w.=.2....| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv10-RSA-RC4000066400000000000000000000143461373277661100252070ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 01 00 51 02 00 00 4d 03 01 5a 4f 78 41 d5 |....Q...M..ZOxA.| 00000010 86 2f d2 0a c6 05 bc c9 8e cc bd b2 39 ac a5 78 |./..........9..x| 00000020 e3 e5 31 b9 cb 01 af cb ca fc 88 20 c9 61 c6 91 |..1........ .a..| 00000030 b2 e5 70 df ca d0 41 a8 20 61 ab 08 f6 dc fe c0 |..p...A. a......| 00000040 cc ea 1e 80 89 02 6a 26 ea f0 c8 71 00 05 00 00 |......j&...q....| 00000050 05 ff 01 00 01 00 16 03 01 02 59 0b 00 02 55 00 |..........Y...U.| 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......| 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..| 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.| 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..| 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..| 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..| 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1| 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.| 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...| 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0| 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.| 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6| 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.| 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....| 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......| 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$| 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..| 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u| 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.| 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........| 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.| 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......| 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.| 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>| 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#| 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..| 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0| 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan| 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........| 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...| 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1| 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d| 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..| 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....| 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......| 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..| 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.| 000002b0 3b e9 fa e7 16 03 01 00 04 0e 00 00 00 |;............| >>> Flow 3 (client to server) 00000000 16 03 01 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...| 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..| 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.| 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h| 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...| 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........| 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 01 00 01 |.Y(.....ia5.....| 00000090 01 16 03 01 00 24 48 fd e6 fc 4a 94 33 82 22 ff |.....$H...J.3.".| 000000a0 af c3 44 98 d2 c6 4e 8a 39 43 dd 4b 2a 11 2b 4e |..D...N.9C.K*.+N| 000000b0 5b d9 a4 fc 6c 95 d7 69 05 f9 |[...l..i..| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 24 61 d2 68 5e 12 |..........$a.h^.| 00000010 91 6e 7f fe bf b7 42 58 e9 06 38 09 c1 16 34 e5 |.n....BX..8...4.| 00000020 a1 46 d6 cf 23 ca 48 c1 ed 76 f9 48 a1 9a 2a |.F..#.H..v.H..*| >>> Flow 5 (client to server) 00000000 17 03 01 00 1a 3a e1 39 7c fe 25 50 dc 66 3f b6 |.....:.9|.%P.f?.| 00000010 6f fd 79 3b 12 83 af 89 b1 c5 f6 75 56 ad a1 15 |o.y;.......uV...| 00000020 03 01 00 16 07 d1 d3 7a 54 1c 71 0b c8 64 10 46 |.......zT.q..d.F| 00000030 30 d0 bf df 75 a6 dc 10 b1 d1 |0...u.....| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv11-ECDHE-ECDSA-AES000066400000000000000000000156321373277661100262270ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 02 00 59 02 00 00 55 03 02 23 a8 e7 14 3f |....Y...U..#...?| 00000010 64 61 3c ee 80 a2 94 84 ab b8 66 76 30 84 06 78 |da<.......fv0..x| 00000020 96 ba a7 d3 1e 81 1b 16 64 76 88 20 3d 21 21 b3 |........dv. =!!.| 00000030 45 dd fe cb 5b d7 9a 86 39 ee 4f f8 60 eb 95 ea |E...[...9.O.`...| 00000040 ab 64 48 14 74 16 fd e9 47 07 66 60 c0 09 00 00 |.dH.t...G.f`....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 02 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 02 00 b4 0c 00 00 b0 03 00 1d 20 a7 a4 |*............ ..| 00000280 33 20 48 6a 74 8e 07 fc c0 b6 10 61 84 d6 67 d1 |3 Hjt......a..g.| 00000290 ae cf 65 36 4d d5 13 a1 07 fc 1f aa 77 44 00 8a |..e6M.......wD..| 000002a0 30 81 87 02 42 01 02 5b f9 4a af 8d 0a d5 a3 de |0...B..[.J......| 000002b0 11 62 d8 f1 db 49 7a 0c 34 3e 2d 61 f9 6f 6b c2 |.b...Iz.4>-a.ok.| 000002c0 1d 32 4b 88 93 9b 22 b0 3d 09 c3 93 9e 25 31 d6 |.2K...".=....%1.| 000002d0 5f 06 3a f0 4a 61 0b 06 03 5d 6c 0e b3 5e 48 5a |_.:.Ja...]l..^HZ| 000002e0 f0 5b 21 48 58 8f b2 02 41 1c 57 f1 51 04 d6 f8 |.[!HX...A.W.Q...| 000002f0 a2 51 e6 e6 3e e0 99 63 aa d2 1c 7b 92 be 44 ec |.Q..>..c...{..D.| 00000300 86 c3 31 fa e7 9b 98 1a 59 a5 93 3e a9 73 f0 ec |..1.....Y..>.s..| 00000310 03 22 37 19 db 78 30 27 ab bf 52 07 6c 3a 79 f5 |."7..x0'..R.l:y.| 00000320 ad 70 59 76 84 44 f0 47 e0 3d 16 03 02 00 04 0e |.pYv.D.G.=......| 00000330 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 02 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 02 00 01 01 |....._X.;t......| 00000030 16 03 02 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000040 00 00 00 00 00 ef 0f 92 ac 11 fe 97 1a 46 69 e4 |.............Fi.| 00000050 b3 26 8d d7 92 46 02 25 5b 2e 86 3e 96 3d 64 ed |.&...F.%[..>.=d.| 00000060 37 92 dd ae a5 a6 9f 03 f0 c2 42 78 9f b9 78 ac |7.........Bx..x.| 00000070 97 ab 82 25 e2 |...%.| >>> Flow 4 (server to client) 00000000 14 03 02 00 01 01 16 03 02 00 40 df a9 23 37 74 |..........@..#7t| 00000010 47 d8 98 87 53 b4 0a 4d b0 a5 fb cb d6 37 c8 7c |G...S..M.....7.|| 00000020 61 95 81 ef b3 63 78 2b 53 c2 86 fc 39 df c4 5f |a....cx+S...9.._| 00000030 e4 4b af 1d fe bc 4c fe 1b 6a 28 c3 46 6f 24 94 |.K....L..j(.Fo$.| 00000040 a8 bf ef ce e8 e8 ad 2c d9 10 32 |.......,..2| >>> Flow 5 (client to server) 00000000 17 03 02 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 00000010 00 00 00 00 00 34 50 ce 9c 7f f5 2d a2 c1 e4 5c |.....4P....-...\| 00000020 fa d1 a0 f4 38 e8 4f 51 54 36 07 da f1 af 6d ef |....8.OQT6....m.| 00000030 b8 b0 bc bc a6 15 03 02 00 30 00 00 00 00 00 00 |.........0......| 00000040 00 00 00 00 00 00 00 00 00 00 0b d4 8e e8 69 64 |..............id| 00000050 53 38 7c 72 d8 1d 9f d5 8a 83 74 a7 37 6b e2 c0 |S8|r......t.7k..| 00000060 8f 26 e7 5d 0e 06 ae e0 db fb |.&.]......| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv11-ECDHE-RSA-AES000066400000000000000000000163271373277661100260370ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 02 00 59 02 00 00 55 03 02 6e ff 3b 26 66 |....Y...U..n.;&f| 00000010 7c 32 3f 42 fd 92 7c 12 db 26 b2 45 6e 28 b9 49 ||2?B..|..&.En(.I| 00000020 86 6b 00 54 92 3b 65 a6 02 6d 94 20 ea 44 db 5c |.k.T.;e..m. .D.\| 00000030 d1 39 35 b2 ea 1c 6d 3e 94 bb 47 60 25 1e 9c 74 |.95...m>..G`%..t| 00000040 e7 bd 54 cc 2b 36 14 6a 12 54 5b 6c c0 13 00 00 |..T.+6.j.T[l....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 02 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 02 00 |.=.`.\!.;.......| 000002c0 aa 0c 00 00 a6 03 00 1d 20 82 3b d2 56 dd cd d8 |........ .;.V...| 000002d0 e1 98 a7 90 d1 08 2d 37 dc e8 21 cd 29 af 29 a5 |......-7..!.).).| 000002e0 78 8e 59 9e 4c ac c9 d2 4b 00 80 25 20 91 4e 0d |x.Y.L...K..% .N.| 000002f0 74 12 9e 1c 98 fb 5f 4b ad fd c8 68 df 6b 82 98 |t....._K...h.k..| 00000300 a8 7c ee 17 44 47 91 2a 42 c1 82 d0 ce aa cd f8 |.|..DG.*B.......| 00000310 69 1e 85 79 27 fe ef 5a a2 e1 35 30 9a 2d c6 b0 |i..y'..Z..50.-..| 00000320 43 84 39 7f 8d 68 09 d6 6c 1a 84 0f c0 9a c0 9f |C.9..h..l.......| 00000330 64 56 cb fc 32 f2 4a a3 26 e8 c2 5f d7 16 3e 7c |dV..2.J.&.._..>|| 00000340 4e 8b 89 f8 7f f4 c2 26 fe 01 cd 48 b6 61 9c 93 |N......&...H.a..| 00000350 1a bc a1 d1 01 c5 bf ef 43 b4 ca 86 62 37 b4 99 |........C...b7..| 00000360 54 69 db 74 51 92 92 dd c1 b1 75 16 03 02 00 04 |Ti.tQ.....u.....| 00000370 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 02 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 02 00 01 01 |....._X.;t......| 00000030 16 03 02 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000040 00 00 00 00 00 c5 bf e6 b3 86 12 92 df 68 fa 75 |.............h.u| 00000050 79 5f ee fe 60 91 d1 fd 8a 48 3b 97 b4 da 7f 58 |y_..`....H;....X| 00000060 3e 7e 40 d7 93 1d 6b e2 0e 2a a4 45 20 e0 9d f9 |>~@...k..*.E ...| 00000070 b6 5e b1 f1 4f |.^..O| >>> Flow 4 (server to client) 00000000 14 03 02 00 01 01 16 03 02 00 40 bf 58 92 80 02 |..........@.X...| 00000010 75 91 40 30 35 e0 16 76 f4 97 bd 77 46 a3 a3 4e |u.@05..v...wF..N| 00000020 f1 be 53 eb b8 56 45 b1 71 c9 f8 a9 bf c6 9a 00 |..S..VE.q.......| 00000030 83 46 91 88 d5 7b 72 95 27 33 80 43 3f 3e f6 60 |.F...{r.'3.C?>.`| 00000040 c6 55 90 6a 87 8e 7d 48 27 e2 40 |.U.j..}H'.@| >>> Flow 5 (client to server) 00000000 17 03 02 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 00000010 00 00 00 00 00 f5 6b bc 6d 2c 70 b1 c0 f0 ab 78 |......k.m,p....x| 00000020 44 c9 97 f6 59 ef 15 e4 05 cf e0 55 ee a4 68 8c |D...Y......U..h.| 00000030 86 57 82 bd 84 15 03 02 00 30 00 00 00 00 00 00 |.W.......0......| 00000040 00 00 00 00 00 00 00 00 00 00 ef b2 a9 a5 bb a3 |................| 00000050 6e e5 d1 2b ef 83 1d 11 de 29 d2 30 2c fc 78 73 |n..+.....).0,.xs| 00000060 6b 6e 0a d2 55 67 5c d4 58 b3 |kn..Ug\.X.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv11-Ed25519000066400000000000000000000000001373277661100251110ustar00rootroot00000000000000golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv11-RSA-RC4000066400000000000000000000143461373277661100252100ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 02 00 51 02 00 00 4d 03 02 96 ca 2a e7 23 |....Q...M....*.#| 00000010 af 2e 45 62 15 fa 5a 84 bc aa 7c 79 03 1b 37 69 |..Eb..Z...|y..7i| 00000020 a0 77 ce 03 81 b7 e5 7d 31 34 6e 20 93 83 5d 7c |.w.....}14n ..]|| 00000030 e8 c7 48 f9 67 ec 97 b1 27 b6 de de 89 07 5a cf |..H.g...'.....Z.| 00000040 44 77 48 4b e9 62 43 e3 87 fd de 87 00 05 00 00 |DwHK.bC.........| 00000050 05 ff 01 00 01 00 16 03 02 02 59 0b 00 02 55 00 |..........Y...U.| 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......| 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..| 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.| 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..| 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..| 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..| 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1| 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.| 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...| 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0| 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.| 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6| 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.| 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....| 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......| 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$| 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..| 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u| 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.| 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........| 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.| 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......| 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.| 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>| 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#| 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..| 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0| 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan| 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........| 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...| 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1| 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d| 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..| 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....| 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......| 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..| 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.| 000002b0 3b e9 fa e7 16 03 02 00 04 0e 00 00 00 |;............| >>> Flow 3 (client to server) 00000000 16 03 02 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...| 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..| 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.| 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h| 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...| 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........| 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 02 00 01 |.Y(.....ia5.....| 00000090 01 16 03 02 00 24 33 5d 7f cb 6e 36 19 8b db 35 |.....$3]..n6...5| 000000a0 88 16 87 7a 9d 5a 51 27 51 13 17 64 0e 57 d5 e1 |...z.ZQ'Q..d.W..| 000000b0 6e 34 8d e6 99 a8 38 b2 e7 3a |n4....8..:| >>> Flow 4 (server to client) 00000000 14 03 02 00 01 01 16 03 02 00 24 e0 8b 90 9b 83 |..........$.....| 00000010 f5 3d 00 e9 cf 7b 1d 75 cf c8 16 f2 29 8d de 0b |.=...{.u....)...| 00000020 75 82 b1 c4 6e 1c 1f ab e9 90 74 31 99 f2 ad |u...n.....t1...| >>> Flow 5 (client to server) 00000000 17 03 02 00 1a ca 2a 95 13 de 40 0d af 44 a4 aa |......*...@..D..| 00000010 9a 35 d7 38 c7 9f 74 4f 3a bf d1 9c cd 9e ee 15 |.5.8..tO:.......| 00000020 03 02 00 16 d3 a4 32 78 a9 00 1b 7a 48 3e 7c 2b |......2x...zH>|+| 00000030 f9 3b 92 32 20 0b f4 16 39 18 |.;.2 ...9.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-AES128-GCM-SHA256000066400000000000000000000145641373277661100263150ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 51 02 00 00 4d 03 03 1d be be 1e eb |....Q...M.......| 00000010 59 2c d5 07 b9 7a 64 47 95 84 ef cf d9 3e 82 4c |Y,...zdG.....>.L| 00000020 00 c0 0a 69 8a 01 2a b3 42 78 02 20 5e 32 5c 88 |...i..*.Bx. ^2\.| 00000030 50 ed d5 44 41 4f bf a9 4e 49 83 5d aa 7c 2e 5d |P..DAO..NI.].|.]| 00000040 85 e8 64 92 5e 49 5d 8a d0 0e 89 eb 00 9c 00 00 |..d.^I].........| 00000050 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.| 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......| 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..| 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.| 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..| 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..| 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..| 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1| 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.| 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...| 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0| 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.| 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6| 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.| 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....| 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......| 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$| 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..| 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u| 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.| 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........| 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.| 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......| 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.| 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>| 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#| 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..| 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0| 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan| 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........| 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...| 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1| 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d| 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..| 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....| 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......| 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..| 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.| 000002b0 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...| 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..| 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.| 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h| 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...| 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........| 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....| 00000090 01 16 03 03 00 28 00 00 00 00 00 00 00 00 69 38 |.....(........i8| 000000a0 97 84 2e 77 5c b8 58 82 b5 78 85 2e f3 7b 92 81 |...w\.X..x...{..| 000000b0 00 72 91 23 41 ae 59 6c 18 64 f0 62 f2 c9 |.r.#A.Yl.d.b..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 37 f7 98 2f 78 |..........(7../x| 00000010 54 85 5f 2e cb a9 b7 bf 4b 2d 62 06 e2 32 cd 18 |T._.....K-b..2..| 00000020 de f5 54 c8 e0 54 2d c5 b4 98 07 7e c7 b7 79 a0 |..T..T-....~..y.| 00000030 75 af 5c |u.\| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 78 c1 c0 |.............x..| 00000010 7d 1b a8 b2 80 0e a3 64 cf e0 fa 71 9d 37 5d 32 |}......d...q.7]2| 00000020 8d 36 38 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.68.............| 00000030 c2 f3 41 1a 2c a4 4f 48 fa 61 14 40 60 51 e5 99 |..A.,.OH.a.@`Q..| 00000040 c6 e5 |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-AES128-SHA256000066400000000000000000000161031373277661100257000ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 51 02 00 00 4d 03 03 c3 41 d7 9c 1b |....Q...M...A...| 00000010 9a ff f8 17 af 41 df 8d 96 70 bb b8 f6 9a 4c a2 |.....A...p....L.| 00000020 03 25 31 2c 58 fa 05 5b 12 85 6a 20 18 3c 34 d6 |.%1,X..[..j .<4.| 00000030 08 44 46 a5 5c b1 40 0d 38 33 c0 2d ea a6 46 53 |.DF.\.@.83.-..FS| 00000040 0e 09 39 6f 11 35 02 63 cf 21 74 c2 00 3c 00 00 |..9o.5.c.!t..<..| 00000050 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.| 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......| 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..| 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.| 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..| 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..| 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..| 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1| 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.| 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...| 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0| 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.| 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6| 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.| 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....| 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......| 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$| 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..| 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u| 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.| 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........| 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.| 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......| 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.| 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>| 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#| 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..| 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0| 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan| 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........| 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...| 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1| 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d| 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..| 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....| 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......| 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..| 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.| 000002b0 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...| 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..| 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.| 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h| 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...| 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........| 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....| 00000090 01 16 03 03 00 50 00 00 00 00 00 00 00 00 00 00 |.....P..........| 000000a0 00 00 00 00 00 00 88 20 99 51 5e fb 72 79 7f f8 |....... .Q^.ry..| 000000b0 b2 a9 56 96 a3 03 1d a0 e0 38 1a be 4c ea 80 f9 |..V......8..L...| 000000c0 c0 ef 45 81 91 7f b9 1b f7 91 3b 4e 05 87 d6 73 |..E.......;N...s| 000000d0 c0 27 94 50 4f 00 ee c1 02 af 5f 6f 4c a5 0e 5b |.'.PO....._oL..[| 000000e0 6c 76 87 28 b4 bf |lv.(..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 50 93 14 a5 13 16 |..........P.....| 00000010 d7 af 14 81 94 33 2d ae f7 7a b1 b1 a5 38 fb e8 |.....3-..z...8..| 00000020 c8 38 b3 ce f1 eb 70 e7 84 b6 fc 25 25 32 a9 09 |.8....p....%%2..| 00000030 d1 0d 2d 59 57 6d d0 42 e8 c1 81 92 d0 af fb 5a |..-YWm.B.......Z| 00000040 08 7e 0f 3d 10 e5 42 6d 27 cd 8c 32 b2 20 4b 0a |.~.=..Bm'..2. K.| 00000050 75 76 ed 08 54 fe 74 94 72 35 9e |uv..T.t.r5.| >>> Flow 5 (client to server) 00000000 17 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000010 00 00 00 00 00 53 91 38 34 33 20 94 0d 76 d7 72 |.....S.843 ..v.r| 00000020 48 f3 17 34 01 ae 0e 89 db 60 f1 4e 64 a5 cf 0c |H..4.....`.Nd...| 00000030 32 52 3f a0 18 f8 c5 57 ed 3a d1 41 19 81 cf 0a |2R?....W.:.A....| 00000040 f2 d8 90 4b ba 15 03 03 00 40 00 00 00 00 00 00 |...K.....@......| 00000050 00 00 00 00 00 00 00 00 00 00 05 2b 31 3c 1b a2 |...........+1<..| 00000060 11 87 5f 0f 49 72 bb 67 e6 75 18 9c b1 f4 6c ed |.._.Ir.g.u....l.| 00000070 4d 01 58 35 30 43 44 e8 ee 1d f2 81 9d 67 6d 77 |M.X50CD......gmw| 00000080 1e 36 61 7f f3 32 3d 60 73 6d |.6a..2=`sm| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-AES256-GCM-SHA384000066400000000000000000000145641373277661100263210ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 51 02 00 00 4d 03 03 2b 59 94 f3 9e |....Q...M..+Y...| 00000010 23 ae d3 58 82 1f 2e be 38 1d 14 e4 4c a4 b8 ed |#..X....8...L...| 00000020 95 08 b9 44 60 02 4b 0b a9 6e ae 20 9b 43 e5 2a |...D`.K..n. .C.*| 00000030 0f 08 8e a4 c1 c0 15 79 9f af a5 ab a3 67 9d 09 |.......y.....g..| 00000040 23 0e 8e 96 a9 aa 7d 26 74 d8 0c 9a 00 9d 00 00 |#.....}&t.......| 00000050 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.| 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......| 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..| 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.| 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..| 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..| 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..| 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1| 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.| 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...| 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0| 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.| 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6| 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.| 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....| 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......| 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$| 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..| 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u| 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.| 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........| 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.| 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......| 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.| 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>| 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#| 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..| 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0| 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan| 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........| 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...| 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1| 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d| 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..| 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....| 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......| 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..| 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.| 000002b0 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...| 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..| 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.| 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h| 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...| 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........| 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....| 00000090 01 16 03 03 00 28 00 00 00 00 00 00 00 00 59 fc |.....(........Y.| 000000a0 aa b1 84 ab 09 82 00 88 8e e4 82 6e cd 24 9f b5 |...........n.$..| 000000b0 01 95 d3 c3 f4 a2 16 54 25 91 77 76 fc f0 |.......T%.wv..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 67 ac 20 d9 b6 |..........(g. ..| 00000010 a9 f0 ec f6 7b 34 31 3a 5e 06 20 0f 5b 32 86 1b |....{41:^. .[2..| 00000020 da 5a c5 54 47 d0 ad 4f 95 2c b5 1f 17 3f ec 17 |.Z.TG..O.,...?..| 00000030 a3 01 fc |...| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 6c 9c 0a |.............l..| 00000010 ae 0b 40 57 8b 24 6d 09 77 ae 2f 14 be 06 26 9e |..@W.$m.w./...&.| 00000020 0a bf 18 15 03 03 00 1a 00 00 00 00 00 00 00 02 |................| 00000030 32 50 20 68 3d 05 68 ed 0c ac 7a db 24 21 7e e0 |2P h=.h...z.$!~.| 00000040 9e f0 |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ALPN000066400000000000000000000156061373277661100247300ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 0e 01 00 01 0a 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 8f 00 05 00 05 01 00 00 00 00 00 0a 00 |................| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 10 00 10 00 0e 06 70 72 6f 74 6f |...........proto| 000000d0 32 06 70 72 6f 74 6f 31 00 12 00 00 00 2b 00 09 |2.proto1.....+..| 000000e0 08 03 04 03 03 03 02 03 01 00 33 00 26 00 24 00 |..........3.&.$.| 000000f0 1d 00 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f |.. /.}.G.bC.(.._| 00000100 bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 |.).0.........._X| 00000110 cb 3b 74 |.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 66 02 00 00 62 03 03 95 14 55 52 0b |....f...b....UR.| 00000010 e7 c1 15 6b dc 19 3b 17 9e bb 6a b7 61 82 dc 59 |...k..;...j.a..Y| 00000020 d3 a4 7c e1 c3 83 cc e2 e5 56 e0 20 3c 82 0d 54 |..|......V. <..T| 00000030 2b 78 fe 50 cb 4e c1 69 d7 6f b3 9f ac 2e 27 c8 |+x.P.N.i.o....'.| 00000040 c6 7a 70 27 1e 14 67 43 4c f1 7d d7 cc a8 00 00 |.zp'..gCL.}.....| 00000050 1a ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 10 |................| 00000060 00 09 00 07 06 70 72 6f 74 6f 31 16 03 03 02 59 |.....proto1....Y| 00000070 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 82 |...U..R..O0..K0.| 00000080 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 5b |.............?.[| 00000090 ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 |..0...*.H.......| 000000a0 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 6f |.0.1.0...U....Go| 000000b0 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 6f |1.0...U....Go Ro| 000000c0 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 30 |ot0...1601010000| 000000d0 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 30 |00Z..25010100000| 000000e0 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 47 |0Z0.1.0...U....G| 000000f0 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 81 |o1.0...U....Go0.| 00000100 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 |.0...*.H........| 00000110 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 2e |....0.......F}..| 00000120 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe 1e |.'.H..(!.~...]..| 00000130 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 be |RE.z6G....B[....| 00000140 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 |.y.@.Om..+.....g| 00000150 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 f1 |....."8.J.ts+.4.| 00000160 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 41 |.....t{.X.la<..A| 00000170 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 54 |..++$#w[.;.u]. T| 00000180 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 14 |..c...$....P....| 00000190 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 01 |C...ub...R......| 000001a0 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 ff |...0..0...U.....| 000001b0 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 30 |......0...U.%..0| 000001c0 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 |...+.........+..| 000001d0 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff 04 |.....0...U......| 000001e0 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f 91 |.0.0...U........| 000001f0 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 1b |..CC>I..m....`0.| 00000200 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d 13 |..U.#..0...H.IM.| 00000210 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 55 |~.1......n{0...U| 00000220 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 2e |....0...example.| 00000230 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 0d |golang0...*.H...| 00000240 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b 50 |..........0.@+[P| 00000250 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 38 |.a...SX...(.X..8| 00000260 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b f2 |....1Z..f=C.-...| 00000270 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 40 |... d8.$:....}.@| 00000280 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 0c | ._...a..v......| 00000290 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d 0c |\.....l..s..Cw..| 000002a0 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db 46 |.....@.a.Lr+...F| 000002b0 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d 13 |..M...>...B...=.| 000002c0 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c 00 |`.\!.;..........| 000002d0 00 a8 03 00 1d 20 c3 e3 43 9c 5d 0f 09 61 ae 18 |..... ..C.]..a..| 000002e0 66 05 b1 7d c1 9f e5 26 9c a7 97 d6 1f 9a 7c ff |f..}...&......|.| 000002f0 8c 34 a1 32 a2 35 08 04 00 80 6c 50 a1 80 d9 20 |.4.2.5....lP... | 00000300 56 08 da d9 5b 77 4d ad 43 66 71 15 ec fe db 02 |V...[wM.Cfq.....| 00000310 fb 40 d8 8d 67 22 e2 1b ec 8d b9 4e ba 65 01 8b |.@..g".....N.e..| 00000320 70 e0 83 bc 06 1b 14 8f 07 cf a6 08 58 c3 77 94 |p...........X.w.| 00000330 0f 94 53 62 54 6c 1f 92 22 9d ae f8 5a ad d5 f3 |..SbTl.."...Z...| 00000340 8a f7 e6 93 8c 0e 48 1b 23 89 d8 bd e9 5c 50 cd |......H.#....\P.| 00000350 07 3d 7e 8e b0 d6 65 44 58 62 03 a1 d9 94 72 f0 |.=~...eDXb....r.| 00000360 25 a9 e0 c1 be ac 32 05 59 f7 7f 6e 13 23 70 5a |%.....2.Y..n.#pZ| 00000370 65 ba a2 d7 da 3c a2 9e 6b 13 16 03 03 00 04 0e |e....<..k.......| 00000380 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 5e 91 45 7d ab 7c b7 6f 57 a6 d0 |.... ^.E}.|.oW..| 00000040 17 83 cb 40 1b 76 6b 5e 80 39 03 2f 6d 2f 10 8e |...@.vk^.9./m/..| 00000050 74 33 12 54 8d |t3.T.| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 f1 3c 7a 28 eb |.......... .>> Flow 5 (client to server) 00000000 17 03 03 00 16 dc f6 18 54 22 e0 9c 08 bf db a8 |........T"......| 00000010 62 2a 64 9e 06 43 0f 22 18 0e 34 15 03 03 00 12 |b*d..C."..4.....| 00000020 20 2f f4 76 cd dc 82 eb 30 f9 e0 42 6b 29 16 ed | /.v....0..Bk)..| 00000030 7c f0 ||.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ALPN-NoMatch000066400000000000000000000153531373277661100262560ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 9c 01 00 00 98 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 28 c0 2f |.............(./| 00000030 c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 c0 09 c0 14 |.+.0.,.'...#....| 00000040 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 c0 12 00 0a |.......<./.5....| 00000050 00 05 c0 11 c0 07 01 00 00 47 33 74 00 00 00 05 |.........G3t....| 00000060 00 05 01 00 00 00 00 00 0a 00 08 00 06 00 17 00 |................| 00000070 18 00 19 00 0b 00 02 01 00 00 0d 00 0e 00 0c 04 |................| 00000080 01 04 03 05 01 05 03 02 01 02 03 ff 01 00 01 00 |................| 00000090 00 10 00 09 00 07 06 70 72 6f 74 6f 33 00 12 00 |.......proto3...| 000000a0 00 |.| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 36 0e 9f 51 42 |....Y...U..6..QB| 00000010 82 65 fa b5 17 7a 86 d6 40 33 a9 67 d3 3d aa 2f |.e...z..@3.g.=./| 00000020 89 a0 39 82 af 16 30 8e 64 80 d4 20 23 a6 d0 12 |..9...0.d.. #...| 00000030 ff 8c fc b4 b5 47 ec 10 fe ba 73 fb 0f ab e8 1c |.....G....s.....| 00000040 15 c1 fb 11 c1 b2 e1 8a f7 5d 5b ad c0 2f 00 00 |.........][../..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 cd 0c 00 00 c9 03 00 17 41 04 11 b4 a9 10 7e 5c |........A.....~\| 000002d0 41 5e 39 12 15 a3 ed 5b 3e 5d 68 c8 ad 48 39 ef |A^9....[>]h..H9.| 000002e0 09 8b b1 a7 bf db 5f 54 49 cd d5 de 4d b3 47 4c |......_TI...M.GL| 000002f0 18 02 84 7c ec 75 4e d0 3e 8a d1 6c 80 83 98 64 |...|.uN.>..l...d| 00000300 4a 81 bc 8f 84 c7 e5 b4 2d fa 04 01 00 80 72 ee |J.......-.....r.| 00000310 41 38 f2 b8 a1 56 81 d8 04 78 75 05 f4 78 5f f2 |A8...V...xu..x_.| 00000320 2b 5d a2 46 23 9d 48 c8 63 a9 1d de a8 78 6e 99 |+].F#.H.c....xn.| 00000330 cd 59 6b 19 20 f5 b1 11 e1 f8 1c 5b 40 c3 b8 cd |.Yk. ......[@...| 00000340 66 a3 98 37 c5 c2 5c b7 d6 cc 61 b4 5e 97 fa dd |f..7..\...a.^...| 00000350 b7 85 5d b6 34 8c 39 4a 60 5a 03 20 47 7f e3 65 |..].4.9J`Z. G..e| 00000360 01 18 00 2c c3 eb be d4 aa 58 57 a9 5e 69 fb 3c |...,.....XW.^i.<| 00000370 fa c6 28 1a 5c f7 00 d5 21 e5 c1 30 db 84 38 c3 |..(.\...!..0..8.| 00000380 08 aa 08 5f c9 fd a0 b7 8e d0 66 77 bf 13 16 03 |..._......fw....| 00000390 03 00 04 0e 00 00 00 |.......| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| 00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| 00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 4f 7e |.....(........O~| 00000060 9a 3a cc 74 a4 91 77 01 0b 0e 28 0a c5 bd 55 b7 |.:.t..w...(...U.| 00000070 9a 4c 40 4e e9 c9 46 d5 5f c5 e1 77 c3 f2 |.L@N..F._..w..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 62 4b 13 ef 22 |..........(bK.."| 00000010 f9 a8 8d ec 42 3a 36 80 5d a8 5b e9 60 d1 ba 65 |....B:6.].[.`..e| 00000020 2b d8 37 64 e5 12 b2 ef 84 75 87 0c 0f 3d 35 6e |+.7d.....u...=5n| 00000030 59 7c 51 |Y|Q| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 5f cd 4d |............._.M| 00000010 7b a7 c0 f9 6c 1f 80 93 cf 55 3b 12 c7 21 12 86 |{...l....U;..!..| 00000020 f6 b1 52 15 03 03 00 1a 00 00 00 00 00 00 00 02 |..R.............| 00000030 fd 31 a4 4b d1 e9 f0 e0 18 b5 96 28 f7 b4 0c 29 |.1.K.......(...)| 00000040 8c 0c |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ClientCert-ECDSA-ECDSA000066400000000000000000000247251373277661100276660ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 08 a4 b1 ad 21 |....Y...U......!| 00000010 3a 60 7a d3 3b 60 67 48 5d de da ff 3f a8 55 a9 |:`z.;`gH]...?.U.| 00000020 c4 72 69 32 12 c1 d1 4e d4 78 e1 20 6e 9f ed 1e |.ri2...N.x. n...| 00000030 50 9a 31 e2 ae e2 6a f4 01 cc 94 21 25 73 f3 a5 |P.1...j....!%s..| 00000040 f6 28 b3 c6 6b c1 b3 2d fc 0c d3 66 c0 09 00 00 |.(..k..-...f....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b7 0c 00 00 b3 03 00 1d 20 ec f3 |*............ ..| 00000280 2b 3b be 93 68 53 f2 ab 6c 97 5a fa 9b 8c bf eb |+;..hS..l.Z.....| 00000290 37 6f af d7 b8 02 f3 8c 0b f9 75 29 11 32 04 03 |7o........u).2..| 000002a0 00 8b 30 81 88 02 42 01 9d 90 aa b3 19 d2 9d cf |..0...B.........| 000002b0 92 c1 64 05 89 db d0 dd 80 f3 a4 7e 09 ec 36 22 |..d........~..6"| 000002c0 95 79 c4 36 0e 21 80 7d 4b 72 a5 38 a4 b0 a7 5f |.y.6.!.}Kr.8..._| 000002d0 fb ae f7 66 23 82 91 c2 f8 95 df 60 ce dc e8 1a |...f#......`....| 000002e0 3f 2b 2c fa 5e 58 67 98 78 02 42 00 fa 88 7f ae |?+,.^Xg.x.B.....| 000002f0 00 55 2c a1 c2 47 ed c8 11 74 64 e7 c6 30 63 fb |.U,..G...td..0c.| 00000300 bb 42 2a 02 9b 80 60 88 e7 3f af 17 a3 7f 1e f6 |.B*...`..?......| 00000310 31 9c 1f 8c 89 e5 a0 b1 01 2a 4e d8 d2 1e 9f 11 |1........*N.....| 00000320 f5 e3 35 38 3e b0 da 30 f1 fb ed e5 d1 16 03 03 |..58>..0........| 00000330 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......| 00000340 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000350 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................| 00000360 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................| 00000370 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| 00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| 00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| 00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| 00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| 00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| 00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| 00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| 00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| 00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| 000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| 000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| 000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| 000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| 000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| 00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| 00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| 00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| 00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| 00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| 00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| 00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| 00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| 00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| 00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| 000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| 000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| 000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| 000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| 000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| 000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| 00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| 00000210 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd 62 |...%...! /.}.G.b| 00000220 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......| 00000230 c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 93 0f 00 |...._X.;t.......| 00000240 00 8f 04 03 00 8b 30 81 88 02 42 01 e6 0a ff de |......0...B.....| 00000250 af a6 d2 7a 5f 4e f8 eb c8 19 74 53 5c e8 bc 2d |...z_N....tS\..-| 00000260 72 24 11 d2 11 ec ec cd a1 9c 3d 10 a2 de f8 8b |r$........=.....| 00000270 22 98 d3 33 c2 13 3b 93 89 ae ca a6 a8 94 70 fe |"..3..;.......p.| 00000280 76 2f 04 bc ac fb 66 79 3b 76 7f 6d 96 02 42 01 |v/....fy;v.m..B.| 00000290 df f6 30 14 7c 7e a1 0b f6 b8 8b d7 75 b8 bd 0e |..0.|~......u...| 000002a0 63 8a bd 8b ec 75 70 db d9 37 d7 53 f3 8b a2 ae |c....up..7.S....| 000002b0 60 96 69 74 eb bb 3d a6 9a 7d 46 51 73 ff 78 cf |`.it..=..}FQs.x.| 000002c0 7f 49 d9 27 5e 9f f9 d2 11 cc 0e e4 dc 04 fe d5 |.I.'^...........| 000002d0 d2 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 |...........@....| 000002e0 00 00 00 00 00 00 00 00 00 00 00 00 7a db 34 e9 |............z.4.| 000002f0 98 f8 c1 f0 38 c3 33 22 5c c3 45 b0 a3 10 3c 77 |....8.3"\.E...>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 18 c0 f3 96 7b |..........@....{| 00000010 45 91 6d 5b 1c 67 4f 37 74 b7 db 72 45 57 09 25 |E.m[.gO7t..rEW.%| 00000020 4a 14 68 4d 78 6c c7 15 6a b1 57 e6 ff 53 c4 58 |J.hMxl..j.W..S.X| 00000030 41 c5 6b 08 3c 5a 8c b9 04 d0 27 62 ee a6 e3 36 |A.k.>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 00000010 00 00 00 00 00 a6 c2 ef 07 bb 38 4a e4 8f 0c 12 |..........8J....| 00000020 19 1a 96 62 22 57 57 a2 b5 b3 06 70 95 28 a7 f7 |...b"WW....p.(..| 00000030 0d 42 69 37 7f 15 03 03 00 30 00 00 00 00 00 00 |.Bi7.....0......| 00000040 00 00 00 00 00 00 00 00 00 00 04 ed 3e 68 40 eb |............>h@.| 00000050 a0 7e 57 da 27 e7 f5 e8 6c e5 6d 58 c8 a5 18 47 |.~W.'...l.mX...G| 00000060 92 5a 43 90 de 07 9e 9a 3b cc |.ZC.....;.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ClientCert-ECDSA-RSA000066400000000000000000000246741373277661100274770ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 be ba ac 2a 81 |....Y...U.....*.| 00000010 33 b1 6e 4d 8b 9b 29 f9 16 86 bc cd b2 03 50 72 |3.nM..).......Pr| 00000020 91 9a 93 f9 e1 d6 27 55 8b b8 6c 20 84 c2 21 9e |......'U..l ..!.| 00000030 60 aa b3 f0 ec 2f 66 0d 59 31 02 08 9e 68 68 c0 |`..../f.Y1...hh.| 00000040 58 9a 8e 6c 25 ce 4d e3 3f 9d dc 91 c0 2f 00 00 |X..l%.M.?..../..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 82 89 54 65 64 97 8d |........ ..Ted..| 000002d0 e8 63 a2 5b 4f 16 56 7c cf 8b 0a 75 46 52 7e b6 |.c.[O.V|...uFR~.| 000002e0 99 2a e9 52 1f 11 46 85 36 08 04 00 80 cd a5 84 |.*.R..F.6.......| 000002f0 ff 9a 79 b5 04 85 88 fb 1e 1c d6 6b 78 e8 4d a5 |..y........kx.M.| 00000300 10 38 25 8e 8d de 71 51 b5 fd a6 2a f8 8b 5c 6d |.8%...qQ...*..\m| 00000310 1e 88 f7 d8 12 24 ff f7 7e dd 05 1c bf 71 7d 4f |.....$..~....q}O| 00000320 26 2f 2e 27 d8 e1 a8 8b d2 42 2b a6 d9 4e e6 60 |&/.'.....B+..N.`| 00000330 48 57 38 5d 3b f3 94 74 2c 8f ba e0 84 54 1c c0 |HW8];..t,....T..| 00000340 10 51 a0 31 1a d0 ec 72 01 f1 d3 65 73 c7 40 25 |.Q.1...r...es.@%| 00000350 af cd 10 18 29 2c 1a 52 e0 c9 a6 de 85 8c 96 e6 |....),.R........| 00000360 7d 85 0a 64 86 59 39 25 8f 8c 36 4c 37 16 03 03 |}..d.Y9%..6L7...| 00000370 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......| 00000380 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000390 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................| 000003a0 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................| 000003b0 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| 00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| 00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| 00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| 00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| 00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| 00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| 00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| 00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| 00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| 000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| 000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| 000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| 000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| 000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| 00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| 00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| 00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| 00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| 00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| 00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| 00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| 00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| 00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| 00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| 000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| 000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| 000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| 000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| 000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| 000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| 00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| 00000210 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd 62 |...%...! /.}.G.b| 00000220 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......| 00000230 c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 92 0f 00 |...._X.;t.......| 00000240 00 8e 04 03 00 8a 30 81 87 02 41 72 16 75 7d 08 |......0...Ar.u}.| 00000250 42 7b 33 e7 59 51 ef 3c 54 e7 81 e4 10 31 ab 5d |B{3.YQ.>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 b8 e9 dd 30 75 |..........(...0u| 00000010 40 7d 71 76 db 9a 95 92 81 02 3a 9e 36 d5 15 ca |@}qv......:.6...| 00000020 5d 63 a1 0f 8c 53 c9 1c 37 56 b2 0d 54 15 a2 dc |]c...S..7V..T...| 00000030 03 d6 2e |...| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 01 85 96 |................| 00000010 67 b2 4b d3 e3 27 80 9f 2d a8 f4 bf 47 91 58 6e |g.K..'..-...G.Xn| 00000020 47 d8 98 15 03 03 00 1a 00 00 00 00 00 00 00 02 |G...............| 00000030 36 54 82 d1 a2 0f 2a c3 53 f6 09 d0 5c 78 46 97 |6T....*.S...\xF.| 00000040 20 41 | A| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ClientCert-Ed25519000066400000000000000000000216301373277661100271600ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 1c 50 4e 50 35 |....Y...U...PNP5| 00000010 51 02 a9 62 ba 82 a5 d3 fa 40 4e f3 28 9b 50 a6 |Q..b.....@N.(.P.| 00000020 f0 75 30 e9 fe be a3 42 1d 1c f5 20 9e 88 46 57 |.u0....B... ..FW| 00000030 c5 b4 a3 a3 fc 88 bb e0 1c 5e ea 77 a0 75 93 5a |.........^.w.u.Z| 00000040 6d 4c c7 57 6f 3a 05 af 3f 3f ac 75 cc a8 00 00 |mL.Wo:..??.u....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 82 c1 f5 7b 68 eb 7a |........ ...{h.z| 000002d0 cf 02 c9 95 28 4b 31 76 a9 84 93 a9 1f 5b f4 2a |....(K1v.....[.*| 000002e0 5c a5 31 94 5f f0 e0 ed 2e 08 04 00 80 7a 99 38 |\.1._........z.8| 000002f0 7f d0 25 4b bf a9 e0 2b db ce 17 9d 30 4b 82 9e |..%K...+....0K..| 00000300 b1 50 84 fc dd b0 a8 5c 39 20 00 40 5b 92 dc 7c |.P.....\9 .@[..|| 00000310 25 3b 53 7d 5a 4b ad 05 6f 3a 4f e5 84 b6 3a e2 |%;S}ZK..o:O...:.| 00000320 fb bf cb c8 94 39 a5 28 ad c8 5f 94 53 90 0e 61 |.....9.(.._.S..a| 00000330 af f2 92 2c 3b ec 3c bf 1d d3 8b a5 65 58 5b bf |...,;.<.....eX[.| 00000340 5a 21 3d cd 40 7c 9e 1d e9 62 3c 67 71 7c ec b4 |Z!=.@|...b....| 00000370 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......| 00000380 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000390 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................| 000003a0 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................| 000003b0 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 01 3c 0b 00 01 38 00 01 35 00 01 32 30 |....<...8..5..20| 00000010 82 01 2e 30 81 e1 a0 03 02 01 02 02 10 17 d1 81 |...0............| 00000020 93 be 2a 8c 21 20 10 25 15 e8 34 23 4f 30 05 06 |..*.! .%..4#O0..| 00000030 03 2b 65 70 30 12 31 10 30 0e 06 03 55 04 0a 13 |.+ep0.1.0...U...| 00000040 07 41 63 6d 65 20 43 6f 30 1e 17 0d 31 39 30 35 |.Acme Co0...1905| 00000050 31 36 32 31 35 34 32 36 5a 17 0d 32 30 30 35 31 |16215426Z..20051| 00000060 35 32 31 35 34 32 36 5a 30 12 31 10 30 0e 06 03 |5215426Z0.1.0...| 00000070 55 04 0a 13 07 41 63 6d 65 20 43 6f 30 2a 30 05 |U....Acme Co0*0.| 00000080 06 03 2b 65 70 03 21 00 0b e0 b5 60 b5 e2 79 30 |..+ep.!....`..y0| 00000090 3d be e3 1e e0 50 b1 04 c8 6d c7 78 6c 69 2f c5 |=....P...m.xli/.| 000000a0 14 ad 9a 63 6f 79 12 91 a3 4d 30 4b 30 0e 06 03 |...coy...M0K0...| 000000b0 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 |U...........0...| 000000c0 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 |U.%..0...+......| 000000d0 02 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 |.0...U.......0.0| 000000e0 16 06 03 55 1d 11 04 0f 30 0d 82 0b 65 78 61 6d |...U....0...exam| 000000f0 70 6c 65 2e 63 6f 6d 30 05 06 03 2b 65 70 03 41 |ple.com0...+ep.A| 00000100 00 fc 19 17 2a 94 a5 31 fa 29 c8 2e 7f 5b a0 5d |....*..1.)...[.]| 00000110 8a 4e 34 40 39 d6 b3 10 dc 19 fe a0 22 71 b3 f5 |.N4@9......."q..| 00000120 8f a1 58 0d cd f4 f1 85 24 bf e6 3d 14 df df ed |..X.....$..=....| 00000130 0e e1 17 d8 11 a2 60 d0 8a 37 23 2a c2 46 aa 3a |......`..7#*.F.:| 00000140 08 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 |.....%...! /.}.G| 00000150 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af |.bC.(.._.).0....| 00000160 c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 48 |......_X.;t....H| 00000170 0f 00 00 44 08 07 00 40 af a6 03 14 53 7a 4f 75 |...D...@....SzOu| 00000180 9d cc 2f e3 e7 2a 51 16 16 b0 1d 28 e0 2a 59 f0 |../..*Q....(.*Y.| 00000190 3c df cc 18 dd b8 ef d1 9f 9d 03 8e 59 00 27 d1 |<...........Y.'.| 000001a0 39 2f 3b 33 53 1f b2 f0 22 1d 06 f6 50 0b a7 98 |9/;3S..."...P...| 000001b0 cc fa 78 53 bf 8e ff 0b 14 03 03 00 01 01 16 03 |..xS............| 000001c0 03 00 20 e5 81 3e a3 34 29 52 14 19 49 cf 04 82 |.. ..>.4)R..I...| 000001d0 8b e7 83 aa 6c db 96 ec 97 29 b4 a3 db 87 21 2e |....l....)....!.| 000001e0 a5 c0 66 |..f| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 84 67 d4 ce cf |.......... .g...| 00000010 fb 54 2c dc f7 53 31 8a aa 03 60 37 3d 33 f2 79 |.T,..S1...`7=3.y| 00000020 d0 65 2e 3f 0e f9 1a d3 6e 6d 8e |.e.?....nm.| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 e5 b7 4c 92 05 fc 81 cf 11 ef cd |.......L........| 00000010 0f 4b df ef a1 54 ae 26 4e ec aa 15 03 03 00 12 |.K...T.&N.......| 00000020 0a f3 5b 06 63 84 a6 eb d4 73 94 db fe d8 e0 ae |..[.c....s......| 00000030 d6 fc |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ClientCert-RSA-AES256-GCM-SHA384000066400000000000000000000244471373277661100307770ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 d4 20 b3 4c 6a |....Y...U... .Lj| 00000010 69 44 3f f7 ab 15 35 85 ca 71 02 b0 70 18 8e d6 |iD?...5..q..p...| 00000020 61 d5 34 08 42 de cf a1 57 32 96 20 8c b4 72 dd |a.4.B...W2. ..r.| 00000030 63 93 e6 13 9d 4a ec 75 d9 a1 a6 9e 5e 02 f5 63 |c....J.u....^..c| 00000040 29 1a 78 9f 94 9f 6c 58 b5 91 ae 63 c0 30 00 00 |).x...lX...c.0..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 a2 bd 95 3e 0c 9f ad |........ ...>...| 000002d0 11 59 e0 6a c1 21 0c 6c 86 cc f1 ce bd a0 30 5d |.Y.j.!.l......0]| 000002e0 53 1e 75 f9 55 af 49 7b 31 08 04 00 80 d4 8b 11 |S.u.U.I{1.......| 000002f0 ca 22 14 79 a3 e8 b6 c7 d0 d6 1b 17 42 93 47 30 |.".y........B.G0| 00000300 ab 50 0e c9 0c 92 88 96 b4 63 4e 4e ac 7f dd c8 |.P.......cNN....| 00000310 8f 85 07 5b 95 c5 0a c0 4e 6d 4f 51 ba d8 d7 db |...[....NmOQ....| 00000320 14 70 80 4f 68 d9 b4 39 e7 48 27 21 76 4c 79 a4 |.p.Oh..9.H'!vLy.| 00000330 60 91 d7 2f 75 69 04 1a da 71 ff b8 4d 78 d8 e7 |`../ui...q..Mx..| 00000340 ca f2 f2 1e 71 21 b3 a0 44 a7 6c 99 16 a1 c9 f8 |....q!..D.l.....| 00000350 f0 de e8 99 12 7b 3d a2 e3 15 fa 63 62 e9 1b 72 |.....{=....cb..r| 00000360 c8 bb 27 38 4a 48 66 1d dd fb ef 6f d1 16 03 03 |..'8JHf....o....| 00000370 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......| 00000380 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000390 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................| 000003a0 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................| 000003b0 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.| 00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....| 00000230 88 0f 00 00 84 08 04 00 80 2e bf 05 22 82 a7 d6 |............"...| 00000240 e9 08 ff 9b 10 d3 4a 6c c4 73 5c 78 88 05 0c 15 |......Jl.s\x....| 00000250 b7 8c 78 49 64 2d 58 67 ef 8f db c0 67 fa 32 6e |..xId-Xg....g.2n| 00000260 65 45 90 a0 69 5c fb ba e0 16 1c d4 81 1d 24 89 |eE..i\........$.| 00000270 35 27 14 15 19 0b 86 ee 6a f2 b4 a5 27 61 5f 1f |5'......j...'a_.| 00000280 cc 47 7c 01 ed a9 ff ed 61 45 3f 53 1c 82 c8 cd |.G|.....aE?S....| 00000290 48 e4 89 82 12 d7 d2 ff fa 32 b3 e6 9d ce 75 75 |H........2....uu| 000002a0 d1 cd b2 a8 56 a6 a6 63 da 8d ed 27 13 01 9a 56 |....V..c...'...V| 000002b0 a2 26 b4 6c af 27 f6 4f 1b 14 03 03 00 01 01 16 |.&.l.'.O........| 000002c0 03 03 00 28 00 00 00 00 00 00 00 00 f0 e8 32 33 |...(..........23| 000002d0 50 df 73 17 3c 58 f2 c9 30 2e 5d e9 00 4f 4b 33 |P.s..6.X| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 14 ce b1 86 0e |..........(.....| 00000010 9f ce 73 25 44 b7 3e a9 25 db a8 93 d9 39 33 75 |..s%D.>.%....93u| 00000020 2f a9 7f 97 6a 76 28 fe e2 84 5f 1e 84 66 b4 c8 |/...jv(..._..f..| 00000030 45 e7 64 |E.d| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 3b 17 73 |.............;.s| 00000010 78 d6 3a b4 6d 3a 61 52 f6 a5 8c dd 18 3e ff 04 |x.:.m:aR.....>..| 00000020 d9 3f 22 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.?".............| 00000030 32 8d 5d 07 14 a9 d2 1c dd 1e 2f 3d 89 a9 8f 1d |2.]......./=....| 00000040 08 0f |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ClientCert-RSA-ECDSA000066400000000000000000000245761373277661100275000ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 3c ba b1 d8 8d |....Y...U..<....| 00000010 f5 52 f4 a4 70 fc 12 54 20 85 eb 23 bc b8 0b e0 |.R..p..T ..#....| 00000020 80 b6 ab 9b c5 34 84 57 bc ae 95 20 e3 51 8d 40 |.....4.W... .Q.@| 00000030 93 cc 9f e4 fd 77 82 c8 12 54 6a 23 08 db ff e5 |.....w...Tj#....| 00000040 87 8d 72 41 60 51 6a 11 5f 0a 9a d2 c0 09 00 00 |..rA`Qj._.......| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b7 0c 00 00 b3 03 00 1d 20 86 f3 |*............ ..| 00000280 1e c5 fb 1f 91 44 0e e5 e4 3e 0a cd 75 a2 fb 4c |.....D...>..u..L| 00000290 a2 b9 07 f7 33 ce cc cd 61 a5 8c ba 6a 35 04 03 |....3...a...j5..| 000002a0 00 8b 30 81 88 02 42 01 f4 8d 4f 3e c8 73 b5 b4 |..0...B...O>.s..| 000002b0 b5 2b ac 2a 27 68 56 a1 45 ce b6 1d c6 37 ce de |.+.*'hV.E....7..| 000002c0 bd 96 90 5e e2 1c c8 84 b2 84 57 25 81 d4 c3 7a |...^......W%...z| 000002d0 db b2 3d 24 2b 17 3a 4a 7e 92 1a bb 0c fb b6 05 |..=$+.:J~.......| 000002e0 cd 0e 85 4c 3d 4b 24 2a 2a 02 42 00 f6 91 d6 82 |...L=K$**.B.....| 000002f0 9e 81 98 5f 64 59 ce 16 85 fc 65 19 0c 50 ca ea |..._dY....e..P..| 00000300 8a ba 1e 61 a8 71 cf 2c eb 94 24 ac 34 75 6e 5c |...a.q.,..$.4un\| 00000310 dc 92 ba b8 bd 42 75 ef 6d 67 5f 06 5c e3 6c c2 |.....Bu.mg_.\.l.| 00000320 aa 5e 29 25 66 00 68 c8 5d 9c 6f bb e0 16 03 03 |.^)%f.h.].o.....| 00000330 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......| 00000340 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000350 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................| 00000360 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................| 00000370 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.| 00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....| 00000230 88 0f 00 00 84 08 04 00 80 53 85 ea dc a6 86 2d |.........S.....-| 00000240 e7 8c 0b 68 f9 57 7f f5 77 d8 fe 35 28 91 e7 2f |...h.W..w..5(../| 00000250 8a 2c 36 cf d7 8c 9f 3d f2 e2 99 41 11 b2 3c a2 |.,6....=...A..<.| 00000260 5e f3 68 1f b5 d4 f8 90 8a e2 5e 02 48 00 2b eb |^.h.......^.H.+.| 00000270 f0 e6 8c 28 af 11 80 82 ea 35 06 fd 0a 5f d7 1a |...(.....5..._..| 00000280 e9 63 29 08 8c aa 18 1e 7c 08 81 21 c8 aa 86 b1 |.c).....|..!....| 00000290 cf 94 db f6 8d 15 dc cc ae cf 41 2c 32 b1 3f 0c |..........A,2.?.| 000002a0 96 0e 5c ed 82 74 cc fc 35 f4 38 80 29 00 c1 3a |..\..t..5.8.)..:| 000002b0 70 d4 07 07 9c 49 9e 7b 91 14 03 03 00 01 01 16 |p....I.{........| 000002c0 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 00 |...@............| 000002d0 00 00 00 00 f3 da dc d7 12 d6 f6 19 75 a8 02 68 |............u..h| 000002e0 57 0e e1 90 75 d1 fc b8 32 a3 34 16 d6 8d 2a f5 |W...u...2.4...*.| 000002f0 65 f2 a7 67 2c 2c a4 73 6a b6 f2 ad 2d 7f 8a ce |e..g,,.sj...-...| 00000300 a7 12 16 97 |....| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 dc 11 a1 a2 fb |..........@.....| 00000010 55 0c 9e e0 e2 55 1a ca cd 5b df 1f 39 9e 08 51 |U....U...[..9..Q| 00000020 bd 6b 72 40 93 f8 23 7a 32 9d 85 18 20 b7 39 b0 |.kr@..#z2... .9.| 00000030 03 d3 10 6a 8e 66 6d e6 d5 38 03 c6 e5 b8 dc d7 |...j.fm..8......| 00000040 3c 27 1d d2 a9 59 f9 18 7d 15 90 |<'...Y..}..| >>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 00000010 00 00 00 00 00 c2 92 ee 96 31 60 90 d5 ee a6 1c |.........1`.....| 00000020 ed 3c 03 40 8c e7 0c db 7f b0 11 dc 7e 58 e1 aa |.<.@........~X..| 00000030 4c d7 68 2a 91 15 03 03 00 30 00 00 00 00 00 00 |L.h*.....0......| 00000040 00 00 00 00 00 00 00 00 00 00 b6 61 51 ac 66 a5 |...........aQ.f.| 00000050 d1 ef d3 ee c8 d3 48 72 d5 e0 ef 7d ca 6a ec b2 |......Hr...}.j..| 00000060 77 ff 2d a8 32 6d be 6e a7 42 |w.-.2m.n.B| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ClientCert-RSA-RSA000066400000000000000000000244471373277661100273030ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 f3 28 ca c9 ac |....Y...U...(...| 00000010 29 bb 15 80 56 d2 37 09 fa 7d 23 04 d4 79 e7 1d |)...V.7..}#..y..| 00000020 bb 4e c5 60 c8 44 39 02 6a e9 e0 20 b5 ae 39 87 |.N.`.D9.j.. ..9.| 00000030 4e 24 2f 33 02 fe 72 d6 2a 4d 0c 8c da 36 7b 28 |N$/3..r.*M...6{(| 00000040 3c 06 aa b2 60 68 91 7a ae d8 7b e2 c0 2f 00 00 |<...`h.z..{../..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 d4 df 5d 10 ee ba a6 |........ ..]....| 000002d0 51 d7 1b fb bf ed bc d6 b9 34 44 e7 af 23 0e 9b |Q........4D..#..| 000002e0 45 af ba 7a 89 63 03 a9 4c 08 04 00 80 30 2c 0f |E..z.c..L....0,.| 000002f0 2e d9 e4 1d c2 90 01 1c cc cf d4 fe 06 6d c3 aa |.............m..| 00000300 59 d9 d9 bc 16 2f 2c b1 be 90 a3 93 a7 be bc 4d |Y..../,........M| 00000310 d8 f4 ac 21 36 59 a8 21 94 ef d3 c4 53 14 34 18 |...!6Y.!....S.4.| 00000320 c9 10 d5 77 fd 1e ad 15 0f 23 d7 73 90 7a c0 7b |...w.....#.s.z.{| 00000330 b3 b2 e2 df 15 42 35 ce 38 05 52 02 77 b7 b2 2b |.....B5.8.R.w..+| 00000340 6b 88 6a ce d4 20 99 9d e4 fe e8 38 1e 01 b7 78 |k.j.. .....8...x| 00000350 3c ea ac 8e ef 2f 7e e8 22 08 78 42 b7 db 84 80 |<..../~.".xB....| 00000360 8c 61 8a c5 cc d7 1f 6a 8d 5c 1d 2d 0d 16 03 03 |.a.....j.\.-....| 00000370 00 3a 0d 00 00 36 03 01 02 40 00 2e 04 03 05 03 |.:...6...@......| 00000380 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000390 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 |................| 000003a0 03 02 02 02 04 02 05 02 06 02 00 00 16 03 03 00 |................| 000003b0 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.| 00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....| 00000230 88 0f 00 00 84 08 04 00 80 b8 96 b3 c8 66 a9 fb |.............f..| 00000240 da 1b 82 65 9d 57 e5 e5 e5 60 c9 43 df 6e 99 53 |...e.W...`.C.n.S| 00000250 45 95 b8 58 d1 19 05 50 e1 a7 3c e8 07 ad 57 09 |E..X...P..<...W.| 00000260 9c 95 13 ea 80 24 53 56 b1 13 2d 59 9d e9 60 0f |.....$SV..-Y..`.| 00000270 75 97 d3 4f 82 3a b5 41 3e 90 75 ea 28 97 00 e7 |u..O.:.A>.u.(...| 00000280 74 c9 04 1d d0 16 ba 40 75 9c ae a0 bd 00 b1 a9 |t......@u.......| 00000290 86 d5 1a f2 30 45 72 99 ea b2 eb 61 b1 63 72 c5 |....0Er....a.cr.| 000002a0 ad b1 60 a8 fa bd 95 95 17 03 4c 8e 87 4b 44 e5 |..`.......L..KD.| 000002b0 ec f3 e0 48 33 b8 a9 74 78 14 03 03 00 01 01 16 |...H3..tx.......| 000002c0 03 03 00 28 00 00 00 00 00 00 00 00 e6 a6 db ee |...(............| 000002d0 7d fb 48 9f 81 a6 78 6a db a1 9a bb c8 da 7b b2 |}.H...xj......{.| 000002e0 6a 01 66 fb 85 a7 2f 35 40 77 b6 b2 |j.f.../5@w..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 b3 9c 30 b6 a2 |..........(..0..| 00000010 cb cf 75 38 10 e7 80 39 0e 87 39 9c d9 da 2c 53 |..u8...9..9...,S| 00000020 1a 64 2d 33 ff 21 25 e9 3c f2 ec 6d a4 59 f4 30 |.d-3.!%.<..m.Y.0| 00000030 ea 41 24 |.A$| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 65 72 8f |.............er.| 00000010 4a 5f 08 c1 f9 37 5d 30 bc c6 e6 5f a8 23 35 69 |J_...7]0..._.#5i| 00000020 d3 3c 7a 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 97 f2 cb de f1 |....Y...U.......| 00000010 bb cf 9a 6c 6d 7e e2 94 af 9d 0b ed 02 cf fc b2 |...lm~..........| 00000020 80 b2 7b 41 2c a6 83 e7 52 62 93 20 63 23 7f 48 |..{A,...Rb. c#.H| 00000030 be c1 7f d3 75 34 fe 3a ad 27 f5 99 b0 73 91 df |....u4.:.'...s..| 00000040 b3 e9 82 95 cd 1b f9 08 b6 3d 4f 9b c0 2f 00 00 |.........=O../..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 f8 3a 6c 5b 6f 88 48 |........ .:l[o.H| 000002d0 19 c5 a2 e7 4a d9 6d 21 56 23 63 1b 1f 95 aa bc |....J.m!V#c.....| 000002e0 33 ac aa 3b bb f8 35 ba 1a 04 01 00 80 98 6d 7b |3..;..5.......m{| 000002f0 7d 40 13 81 6b 70 ec ac 60 ee 1d 3e 37 36 bc f4 |}@..kp..`..>76..| 00000300 c1 9f 3c 13 b7 06 3d 38 be 4f 8c 3e e2 2e f2 b5 |..<...=8.O.>....| 00000310 de 16 ec a0 5b 64 00 5c c3 50 cc 79 a2 f7 e0 8d |....[d.\.P.y....| 00000320 68 e6 6b 1b b8 57 a4 15 d0 2c d7 4a be 97 26 26 |h.k..W...,.J..&&| 00000330 8c 5c 4e 26 36 96 48 b5 0f 88 7b 37 43 e4 d1 24 |.\N&6.H...{7C..$| 00000340 01 3c 70 38 99 c6 e2 2f 66 e7 db 57 30 f2 72 d0 |.>> Flow 3 (client to server) 00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 |.5....%...! /.}.| 00000210 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000220 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 16 03 03 00 |......._X.;t....| 00000230 88 0f 00 00 84 04 01 00 80 a8 12 9d 84 c2 17 0a |................| 00000240 03 ae bd 87 9a b6 6f 65 2f 7a 04 1f 69 2a 41 f4 |......oe/z..i*A.| 00000250 d0 9a 4d a4 5b 6e d2 d3 42 c3 77 4f 04 28 ce e6 |..M.[n..B.wO.(..| 00000260 d4 25 c5 81 1b 78 91 e9 1e 93 90 57 b2 58 6f 26 |.%...x.....W.Xo&| 00000270 ed 20 15 62 ff e9 c6 c1 52 4a 9a 05 a6 cd 17 22 |. .b....RJ....."| 00000280 75 c8 81 da a4 96 af c6 83 b5 5c 81 93 59 44 26 |u.........\..YD&| 00000290 5b 03 59 9d ab 93 ee c7 37 61 74 e7 4a 22 1c ec |[.Y.....7at.J"..| 000002a0 96 fb a2 c9 ea 2d 4b 8d d3 a7 e4 60 57 10 be b7 |.....-K....`W...| 000002b0 60 80 4f ee 8e 21 6b a2 13 14 03 03 00 01 01 16 |`.O..!k.........| 000002c0 03 03 00 28 00 00 00 00 00 00 00 00 16 82 4a c0 |...(..........J.| 000002d0 98 7b 62 3e 9b da a9 ac 31 f2 32 a9 23 13 2f e3 |.{b>....1.2.#./.| 000002e0 77 c9 1e ca 39 9f 4c 8a 10 58 33 67 |w...9.L..X3g| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 8e 56 d0 9c 38 |..........(.V..8| 00000010 4f d9 df 12 9b dd 96 05 94 77 2f 6d 24 a8 cb 56 |O........w/m$..V| 00000020 91 f9 bc ec 00 b5 cc 71 c4 f4 36 42 be 68 37 78 |.......q..6B.h7x| 00000030 8f 6e 8c |.n.| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 1c 19 9e |................| 00000010 a5 40 f6 d7 8b 80 23 8a 0b fa 14 65 08 6a 3c 66 |.@....#....e.j>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 29 bc e2 fe ae |....Y...U..)....| 00000010 0a db 37 e6 39 d5 48 24 3d 0f e5 d7 6b a3 69 dd |..7.9.H$=...k.i.| 00000020 ce 09 fd 28 03 c2 7e 38 db c9 ec 20 d2 5e 3f 94 |...(..~8... .^?.| 00000030 b0 2c 5e 4c 77 c2 94 c3 f2 a9 d0 91 4f 96 45 0e |.,^Lw.......O.E.| 00000040 d3 34 fc 9f e0 a5 e6 fc 1e 8a c1 00 c0 2f 00 00 |.4.........../..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 66 0b 00 02 62 00 02 5f 00 02 5c 30 82 02 |..f...b.._..\0..| 00000070 58 30 82 01 8d a0 03 02 01 02 02 11 00 f2 99 26 |X0.............&| 00000080 eb 87 ea 8a 0d b9 fc c2 47 34 7c 11 b0 30 41 06 |........G4|..0A.| 00000090 09 2a 86 48 86 f7 0d 01 01 0a 30 34 a0 0f 30 0d |.*.H......04..0.| 000000a0 06 09 60 86 48 01 65 03 04 02 01 05 00 a1 1c 30 |..`.H.e........0| 000000b0 1a 06 09 2a 86 48 86 f7 0d 01 01 08 30 0d 06 09 |...*.H......0...| 000000c0 60 86 48 01 65 03 04 02 01 05 00 a2 03 02 01 20 |`.H.e.......... | 000000d0 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 6d |0.1.0...U....Acm| 000000e0 65 20 43 6f 30 1e 17 0d 31 37 31 31 32 33 31 36 |e Co0...17112316| 000000f0 31 36 31 30 5a 17 0d 31 38 31 31 32 33 31 36 31 |1610Z..181123161| 00000100 36 31 30 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 |610Z0.1.0...U...| 00000110 07 41 63 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a |.Acme Co0..0...*| 00000120 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 |.H............0.| 00000130 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc 06 |......F}...'.H..| 00000140 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 47 |(!.~...]..RE.z6G| 00000150 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb 4f |....B[.....y.@.O| 00000160 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 22 |m..+.....g....."| 00000170 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 74 |8.J.ts+.4......t| 00000180 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 23 |{.X.la<..A..++$#| 00000190 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d 1e |w[.;.u]. T..c...| 000001a0 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 62 |$....P....C...ub| 000001b0 f4 14 c8 52 d7 02 03 01 00 01 a3 46 30 44 30 0e |...R.......F0D0.| 000001c0 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 |..U...........0.| 000001d0 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 |..U.%..0...+....| 000001e0 07 03 01 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 |...0...U.......0| 000001f0 00 30 0f 06 03 55 1d 11 04 08 30 06 87 04 7f 00 |.0...U....0.....| 00000200 00 01 30 41 06 09 2a 86 48 86 f7 0d 01 01 0a 30 |..0A..*.H......0| 00000210 34 a0 0f 30 0d 06 09 60 86 48 01 65 03 04 02 01 |4..0...`.H.e....| 00000220 05 00 a1 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 01 |....0...*.H.....| 00000230 08 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 |.0...`.H.e......| 00000240 a2 03 02 01 20 03 81 81 00 cd ac 4e f2 ce 5f 8d |.... ......N.._.| 00000250 79 88 10 42 70 7f 7c bf 1b 5a 8a 00 ef 19 15 4b |y..Bp.|..Z.....K| 00000260 40 15 17 71 00 6c d4 16 26 e5 49 6d 56 da 0c 1a |@..q.l..&.ImV...| 00000270 13 9f d8 46 95 59 3c b6 7f 87 76 5e 18 aa 03 ea |...F.Y<...v^....| 00000280 06 75 22 dd 78 d2 a5 89 b8 c9 23 64 e1 28 38 ce |.u".x.....#d.(8.| 00000290 34 6c 6e 06 7b 51 f1 a7 e6 f4 b3 7f fa b1 3f 14 |4ln.{Q........?.| 000002a0 11 89 66 79 d1 8e 88 0e 0b a0 9e 30 2a c0 67 ef |..fy.......0*.g.| 000002b0 ca 46 02 88 e9 53 81 22 69 22 97 ad 80 93 d4 f7 |.F...S."i"......| 000002c0 dd 70 14 24 d7 70 0a 46 a1 16 03 03 00 ac 0c 00 |.p.$.p.F........| 000002d0 00 a8 03 00 1d 20 9e e4 39 3a b3 d5 f9 51 16 d4 |..... ..9:...Q..| 000002e0 a8 e1 0a 6d ad 3c ca 01 97 d6 a1 ce 03 2a 67 4a |...m.<.......*gJ| 000002f0 49 06 eb ed c6 24 08 04 00 80 b3 b7 9e fd 97 9b |I....$..........| 00000300 b0 d6 35 89 21 53 ff a8 4b 59 59 26 37 ac 2f 36 |..5.!S..KYY&7./6| 00000310 27 3d 5a 04 3f 50 ed 36 e0 5f 1a d7 1b 36 47 94 |'=Z.?P.6._...6G.| 00000320 45 ec 8c 0b 8f 0f fc df ec 3c 56 f0 d0 28 45 94 |E........>> Flow 3 (client to server) 00000000 16 03 03 02 66 0b 00 02 62 00 02 5f 00 02 5c 30 |....f...b.._..\0| 00000010 82 02 58 30 82 01 8d a0 03 02 01 02 02 11 00 f2 |..X0............| 00000020 99 26 eb 87 ea 8a 0d b9 fc c2 47 34 7c 11 b0 30 |.&........G4|..0| 00000030 41 06 09 2a 86 48 86 f7 0d 01 01 0a 30 34 a0 0f |A..*.H......04..| 00000040 30 0d 06 09 60 86 48 01 65 03 04 02 01 05 00 a1 |0...`.H.e.......| 00000050 1c 30 1a 06 09 2a 86 48 86 f7 0d 01 01 08 30 0d |.0...*.H......0.| 00000060 06 09 60 86 48 01 65 03 04 02 01 05 00 a2 03 02 |..`.H.e.........| 00000070 01 20 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 |. 0.1.0...U....A| 00000080 63 6d 65 20 43 6f 30 1e 17 0d 31 37 31 31 32 33 |cme Co0...171123| 00000090 31 36 31 36 31 30 5a 17 0d 31 38 31 31 32 33 31 |161610Z..1811231| 000000a0 36 31 36 31 30 5a 30 12 31 10 30 0e 06 03 55 04 |61610Z0.1.0...U.| 000000b0 0a 13 07 41 63 6d 65 20 43 6f 30 81 9f 30 0d 06 |...Acme Co0..0..| 000000c0 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 |.*.H............| 000000d0 30 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 |0.......F}...'.H| 000000e0 bc 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a |..(!.~...]..RE.z| 000000f0 36 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 |6G....B[.....y.@| 00000100 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e |.Om..+.....g....| 00000110 d6 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 |."8.J.ts+.4.....| 00000120 d9 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b |.t{.X.la<..A..++| 00000130 24 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 |$#w[.;.u]. T..c.| 00000140 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 |..$....P....C...| 00000150 75 62 f4 14 c8 52 d7 02 03 01 00 01 a3 46 30 44 |ub...R.......F0D| 00000160 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 |0...U...........| 00000170 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 |0...U.%..0...+..| 00000180 05 05 07 03 01 30 0c 06 03 55 1d 13 01 01 ff 04 |.....0...U......| 00000190 02 30 00 30 0f 06 03 55 1d 11 04 08 30 06 87 04 |.0.0...U....0...| 000001a0 7f 00 00 01 30 41 06 09 2a 86 48 86 f7 0d 01 01 |....0A..*.H.....| 000001b0 0a 30 34 a0 0f 30 0d 06 09 60 86 48 01 65 03 04 |.04..0...`.H.e..| 000001c0 02 01 05 00 a1 1c 30 1a 06 09 2a 86 48 86 f7 0d |......0...*.H...| 000001d0 01 01 08 30 0d 06 09 60 86 48 01 65 03 04 02 01 |...0...`.H.e....| 000001e0 05 00 a2 03 02 01 20 03 81 81 00 cd ac 4e f2 ce |...... ......N..| 000001f0 5f 8d 79 88 10 42 70 7f 7c bf 1b 5a 8a 00 ef 19 |_.y..Bp.|..Z....| 00000200 15 4b 40 15 17 71 00 6c d4 16 26 e5 49 6d 56 da |.K@..q.l..&.ImV.| 00000210 0c 1a 13 9f d8 46 95 59 3c b6 7f 87 76 5e 18 aa |.....F.Y<...v^..| 00000220 03 ea 06 75 22 dd 78 d2 a5 89 b8 c9 23 64 e1 28 |...u".x.....#d.(| 00000230 38 ce 34 6c 6e 06 7b 51 f1 a7 e6 f4 b3 7f fa b1 |8.4ln.{Q........| 00000240 3f 14 11 89 66 79 d1 8e 88 0e 0b a0 9e 30 2a c0 |?...fy.......0*.| 00000250 67 ef ca 46 02 88 e9 53 81 22 69 22 97 ad 80 93 |g..F...S."i"....| 00000260 d4 f7 dd 70 14 24 d7 70 0a 46 a1 16 03 03 00 25 |...p.$.p.F.....%| 00000270 10 00 00 21 20 2f e5 7d a3 47 cd 62 43 15 28 da |...! /.}.G.bC.(.| 00000280 ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 |._.).0..........| 00000290 5f 58 cb 3b 74 16 03 03 00 88 0f 00 00 84 08 04 |_X.;t...........| 000002a0 00 80 a6 6b 99 15 5e 97 33 4f a8 0e 59 af 15 22 |...k..^.3O..Y.."| 000002b0 f3 6e be 02 6e e4 20 d5 81 c0 b4 74 5a e2 20 32 |.n..n. ....tZ. 2| 000002c0 2b 7f 9c e6 94 32 4d 30 bf 93 86 9b 75 4d f1 9f |+....2M0....uM..| 000002d0 e4 48 28 00 27 fa 7c 45 2e fe d7 0b dc 03 c4 6b |.H(.'.|E.......k| 000002e0 42 ad a2 32 d7 9d ea d6 52 05 3f ed 87 fd b9 9d |B..2....R.?.....| 000002f0 58 fd d6 9f 28 6d 45 07 de 5b 4a 8e f4 4d 19 0b |X...(mE..[J..M..| 00000300 cf 4e 64 75 73 ae cd e9 ae f9 af 27 d0 b9 eb 4c |.Ndus......'...L| 00000310 98 ad 66 6d 4e bf 2c 39 87 f3 72 3e 4e bc a1 8f |..fmN.,9..r>N...| 00000320 a8 1e 14 03 03 00 01 01 16 03 03 00 28 00 00 00 |............(...| 00000330 00 00 00 00 00 04 3c cc ae cd 19 52 6b 1e 0e cc |......<....Rk...| 00000340 dd a9 ac 2f 2a c6 94 4c 09 f3 ee 2f b5 5a 13 1e |.../*..L.../.Z..| 00000350 4f 54 a0 ae c2 |OT...| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 6d 44 cb 35 8b |..........(mD.5.| 00000010 15 5c f9 f8 1e ae 4f 8c 8c d9 90 9e 6c cf 13 f6 |.\....O.....l...| 00000020 12 29 f5 f7 d6 ff da e2 48 7d 68 ec ad 1a 6c 39 |.)......H}h...l9| 00000030 c5 77 6c |.wl| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 2a ce da |.............*..| 00000010 11 1c 7d 49 0d aa 44 d4 d6 d4 7f 64 2b 49 47 20 |..}I..D....d+IG | 00000020 5a 21 bb 15 03 03 00 1a 00 00 00 00 00 00 00 02 |Z!..............| 00000030 fc 10 75 a7 22 f9 74 1c 3a d2 b2 a8 04 2d 37 5f |..u.".t.:....-7_| 00000040 c2 76 |.v| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-ECDSA-AES000066400000000000000000000156351373277661100262330ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 eb a2 77 eb b6 |....Y...U....w..| 00000010 1e e4 5c 2c ed 5a dc 93 1b 7e 8a 75 a1 8c ac a6 |..\,.Z...~.u....| 00000020 69 13 f6 f6 a4 69 07 93 99 cf 12 20 37 d7 f8 26 |i....i..... 7..&| 00000030 46 ea 3a 21 03 d0 25 0f 22 84 8d 24 2f 98 3d 42 |F.:!..%."..$/.=B| 00000040 eb 47 1d de 0c 12 ab 95 7a 55 46 f7 c0 09 00 00 |.G......zUF.....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b7 0c 00 00 b3 03 00 1d 20 90 68 |*............ .h| 00000280 81 8b 1d 7f d5 69 36 d3 4e 63 40 fa 3a 21 ee a4 |.....i6.Nc@.:!..| 00000290 c7 b4 09 bc 34 51 89 df d5 d2 79 51 34 32 04 03 |....4Q....yQ42..| 000002a0 00 8b 30 81 88 02 42 01 b4 69 6b 1c e6 35 99 81 |..0...B..ik..5..| 000002b0 fb aa cb b4 2d e9 e0 48 6a 6c 5e 14 54 77 b7 9d |....-..Hjl^.Tw..| 000002c0 df a3 c2 1b 53 8c d2 46 6d 2e ae 83 3a db 7c 86 |....S..Fm...:.|.| 000002d0 4a 45 c7 51 cd 30 d6 8c f5 4f ea 37 cb 1e 27 18 |JE.Q.0...O.7..'.| 000002e0 ba df d5 5f 11 ae 0e af 75 02 42 01 2b 37 2e 6d |..._....u.B.+7.m| 000002f0 7c 11 57 b7 b7 8b 90 73 cd e0 c9 38 3c ee aa d5 ||.W....s...8<...| 00000300 f2 cd ff b9 66 6a be 62 70 74 ee a4 f4 e3 fb 4f |....fj.bpt.....O| 00000310 ed 2e d5 a7 b5 a4 53 c8 1b 17 9e e9 48 e1 dd a6 |......S.....H...| 00000320 e8 6a 05 cf 73 b2 85 11 13 37 be e0 26 16 03 03 |.j..s....7..&...| 00000330 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000040 00 00 00 00 00 7f 83 b7 cd 14 66 fb c3 2a f9 9f |..........f..*..| 00000050 79 ec 40 e5 dd 15 46 f3 25 8d dd b2 8e d5 78 97 |y.@...F.%.....x.| 00000060 e5 d6 4e 1a 2e 35 21 b2 aa ac 28 6f 2c 36 a6 6e |..N..5!...(o,6.n| 00000070 44 92 84 1b b9 |D....| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 db ee f8 c1 0e |..........@.....| 00000010 7f 23 b4 cb e6 db 03 2a fb 68 40 78 85 03 9e dc |.#.....*.h@x....| 00000020 ac f8 f0 b5 65 8d 7c 01 4a ce 86 29 a9 c5 c3 b2 |....e.|.J..)....| 00000030 12 8d d1 58 af e7 21 75 e4 be f3 c0 03 55 f8 bb |...X..!u.....U..| 00000040 71 bd 85 ee 46 87 a0 32 75 ee 4c |q...F..2u.L| >>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 00000010 00 00 00 00 00 48 95 f8 a1 0e a7 d0 50 dd cf 8f |.....H......P...| 00000020 c4 af ec 49 89 bf 5d 8b a0 d0 60 7b 38 5a 83 e4 |...I..]...`{8Z..| 00000030 72 47 7f 81 bd 15 03 03 00 30 00 00 00 00 00 00 |rG.......0......| 00000040 00 00 00 00 00 00 00 00 00 00 48 06 f1 30 61 dd |..........H..0a.| 00000050 e2 97 aa 9c 5f a7 07 bb 44 a4 fb d6 6a 7c aa f5 |...._...D...j|..| 00000060 16 ae 38 1a 98 e5 f5 28 c2 57 |..8....(.W| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-ECDSA-AES-GCM000066400000000000000000000150121373277661100266240ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 c9 a1 8b 70 59 |....Y...U.....pY| 00000010 8b 88 41 56 b7 bc 9a 1f 50 57 46 7d 79 d8 ef b2 |..AV....PWF}y...| 00000020 15 3f ad ad bb 48 09 ce e1 c2 2c 20 84 43 65 e7 |.?...H...., .Ce.| 00000030 3f 2f d8 13 9a 79 ac 54 ee b9 13 a1 7c a7 05 f7 |?/...y.T....|...| 00000040 c8 b4 fc bd 20 40 17 ca 15 cd 91 1e c0 2b 00 00 |.... @.......+..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b7 0c 00 00 b3 03 00 1d 20 58 f9 |*............ X.| 00000280 2e 03 90 fa 3d 33 0d 3e e1 3a b1 5a 45 ec 5c ee |....=3.>.:.ZE.\.| 00000290 9f 47 51 4b 93 89 33 11 e0 63 86 fd b2 3b 04 03 |.GQK..3..c...;..| 000002a0 00 8b 30 81 88 02 42 01 c2 fa 7b f8 ed 6b a5 0f |..0...B...{..k..| 000002b0 33 87 02 35 5b 8e 5d 31 5e 92 df c2 90 ae 58 24 |3..5[.]1^.....X$| 000002c0 43 0f ba e3 b8 77 12 7a 97 c3 77 15 62 d3 f2 cc |C....w.z..w.b...| 000002d0 10 cd a9 be b6 b2 37 93 b1 ce 8b b2 6c fa 93 74 |......7.....l..t| 000002e0 5e 14 8e ba 9e d7 66 48 b8 02 42 01 8e 9a 10 1d |^.....fH..B.....| 000002f0 7d e0 d3 cf 0d d0 3c bc 34 1c 16 20 85 50 03 3f |}.....<.4.. .P.?| 00000300 e1 6d a3 a0 d4 6e d8 fd 7e df b4 c1 84 29 c3 68 |.m...n..~....).h| 00000310 c2 01 dd 77 fc 2c a5 8f 3b 74 c6 e4 32 20 b7 a0 |...w.,..;t..2 ..| 00000320 8c 1b 2d 93 6a 9c 8a ed 21 b5 9a e0 cb 16 03 03 |..-.j...!.......| 00000330 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 28 00 00 00 00 00 00 00 00 c2 14 2d |....(..........-| 00000040 fc d7 a2 cb 18 b9 2a ae 38 70 b7 78 7c 88 97 d3 |......*.8p.x|...| 00000050 ff 7f df 12 23 96 ab 4d 6c 5c 67 72 c4 |....#..Ml\gr.| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 2a dd b3 5b c6 |..........(*..[.| 00000010 76 e7 c0 ac 8c 70 77 d6 d8 4e 79 4a 04 3d 91 a9 |v....pw..NyJ.=..| 00000020 ad 79 ef c9 22 78 17 9e ef b0 03 c8 e6 85 b7 8c |.y.."x..........| 00000030 e5 74 95 |.t.| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 84 b5 0f |................| 00000010 1f ed f9 4c 0d a1 f3 7b 8e 23 87 65 b1 39 98 50 |...L...{.#.e.9.P| 00000020 3d ff 1b 15 03 03 00 1a 00 00 00 00 00 00 00 02 |=...............| 00000030 aa 34 cc f1 4a d3 de 4c 42 bc 2c 0f 3e 71 af 6b |.4..J..LB.,.>q.k| 00000040 3c fc |<.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-ECDSA-AES128-SHA256000066400000000000000000000163301373277661100273250ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 87 87 6f ce 44 |....Y...U....o.D| 00000010 94 5f 2f cc 94 03 50 68 a7 4f 37 70 8a d4 cf e3 |._/...Ph.O7p....| 00000020 23 7f 11 f5 93 c7 3f 96 87 49 45 20 9c d4 96 b2 |#.....?..IE ....| 00000030 dc 8c 16 c5 fb cc 2f 8e 0e a5 ef a3 ea cf 57 d0 |....../.......W.| 00000040 09 70 bd 16 c4 d9 e4 1b a0 40 f7 f3 c0 23 00 00 |.p.......@...#..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b6 0c 00 00 b2 03 00 1d 20 3f a6 |*............ ?.| 00000280 d1 0d ae 8d c0 06 14 ca da 2c 69 1c f1 84 c4 dd |.........,i.....| 00000290 14 f4 0e a6 ce b5 d6 37 9d 9f a5 ba 7b 74 04 03 |.......7....{t..| 000002a0 00 8a 30 81 87 02 42 00 b5 2b 9a 32 9d af b9 cc |..0...B..+.2....| 000002b0 0d b6 f1 9b 87 35 af d7 dc 04 0f 1b 04 d7 fa 62 |.....5.........b| 000002c0 20 bd 2c 31 41 17 e7 c0 ea 22 78 e4 de 37 14 a8 | .,1A...."x..7..| 000002d0 f9 f3 f1 3e 0c 55 59 b3 e3 0e 31 26 ce d0 c1 19 |...>.UY...1&....| 000002e0 b8 17 07 2a 23 98 7b 17 0f 02 41 41 d5 51 80 4d |...*#.{...AA.Q.M| 000002f0 8a 14 56 b1 39 7b 8b 37 24 ef e0 ec 43 44 5a cc |..V.9{.7$...CDZ.| 00000300 9b ab dc 63 e7 cc 7b 29 c0 66 ae 9c 23 c5 1b 98 |...c..{).f..#...| 00000310 6e 35 64 97 12 43 16 73 a6 6b c8 09 2c 26 7c f5 |n5d..C.s.k..,&|.| 00000320 b1 1f 9f 55 04 9e 53 33 c1 89 7a d0 16 03 03 00 |...U..S3..z.....| 00000330 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 50 00 00 00 00 00 00 00 00 00 00 00 |....P...........| 00000040 00 00 00 00 00 d3 72 3f 9d 37 ba 97 55 83 b4 f0 |......r?.7..U...| 00000050 ad 0b f0 48 98 16 05 f1 b5 6e da a4 79 e4 d9 8e |...H.....n..y...| 00000060 62 af b9 a1 d1 a4 5c 04 d2 b1 86 32 af 64 ac 89 |b.....\....2.d..| 00000070 d3 47 5f 61 ae f4 21 5b 8d 4b ff 74 c1 b8 9c de |.G_a..![.K.t....| 00000080 fd 74 a0 99 c1 |.t...| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 50 09 3b 3e 7e 2e |..........P.;>~.| 00000010 d8 46 04 ac b0 3d c9 7e ec 28 8c bd 6c 0f a8 b5 |.F...=.~.(..l...| 00000020 af 8c 86 ed 64 81 6c d4 98 9e 56 2a 48 0d 03 40 |....d.l...V*H..@| 00000030 64 3e 25 58 6f 03 6a 4e be a2 11 6f 6f e7 2f c2 |d>%Xo.jN...oo./.| 00000040 8f 78 c4 11 a1 07 21 91 9d 34 01 08 39 0d 07 d2 |.x....!..4..9...| 00000050 d4 a2 cc 2f 25 ea ee 8d 8b 91 f9 |.../%......| >>> Flow 5 (client to server) 00000000 17 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000010 00 00 00 00 00 1d 76 4c fb 46 f8 02 9a bc 07 8d |......vL.F......| 00000020 b0 52 40 44 58 da ad be 3c a6 d7 44 0f 59 98 f3 |.R@DX...<..D.Y..| 00000030 ae 5c d2 04 bb 07 ee f6 99 9d 2c 14 44 3b 90 bc |.\........,.D;..| 00000040 2b e9 bc 37 59 15 03 03 00 40 00 00 00 00 00 00 |+..7Y....@......| 00000050 00 00 00 00 00 00 00 00 00 00 c4 ef 97 87 35 a2 |..............5.| 00000060 2f cc c2 6f 3d d5 f5 6f fd 74 56 50 37 f8 10 e8 |/..o=..o.tVP7...| 00000070 36 f5 fb 6f 7b 5d 20 07 0d 2f 72 46 a7 3a e0 de |6..o{] ../rF.:..| 00000080 39 b3 76 0e 4f c0 e7 85 4b bb |9.v.O...K.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-ECDSA-AES256-GCM-SHA384000066400000000000000000000150111373277661100277300ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 b8 16 bd ae 15 |....Y...U.......| 00000010 a3 33 52 cc 60 dc 6c fe 7c f3 82 b9 1e 13 ab 87 |.3R.`.l.|.......| 00000020 22 d8 c3 38 dc 8a 76 bb a0 a3 fd 20 8a d1 92 d1 |"..8..v.... ....| 00000030 d6 f3 76 e0 e2 76 32 95 32 a0 eb 5b dc e4 42 81 |..v..v2.2..[..B.| 00000040 14 bb 58 ab b8 e8 9d ee fa 32 58 05 c0 2c 00 00 |..X......2X..,..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b6 0c 00 00 b2 03 00 1d 20 5c 9b |*............ \.| 00000280 9b 29 5c 83 36 b8 20 47 2b 04 0d 1b ab f5 f7 81 |.)\.6. G+.......| 00000290 aa 89 b4 93 37 aa 28 4e 44 e1 22 26 b6 46 04 03 |....7.(ND."&.F..| 000002a0 00 8a 30 81 87 02 42 01 2c 87 df 1f 07 86 36 c8 |..0...B.,.....6.| 000002b0 f6 aa 41 c1 8e 99 6e 12 08 5f e2 62 4b 3a 9b ad |..A...n.._.bK:..| 000002c0 e8 26 1c 95 f9 62 c6 f6 c7 e4 f7 db 3b 23 e5 4f |.&...b......;#.O| 000002d0 03 a1 c6 89 74 cb bd 2a 4e 47 3f 0f bf 28 bb 6d |....t..*NG?..(.m| 000002e0 c0 c6 53 4c 02 0b 9a 30 2d 02 41 0c 6f 26 a5 4c |..SL...0-.A.o&.L| 000002f0 b6 6c 8c ab 82 32 19 a0 f0 1b 41 2d 9d 1d 12 1b |.l...2....A-....| 00000300 91 62 6a 3d 17 92 79 f6 59 45 21 2f 6b d0 cb 7b |.bj=..y.YE!/k..{| 00000310 22 b3 79 80 90 90 81 97 06 c8 59 fd 8b 40 f9 ec |".y.......Y..@..| 00000320 80 58 db fc 5e a2 67 9a 96 01 53 d4 16 03 03 00 |.X..^.g...S.....| 00000330 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 28 00 00 00 00 00 00 00 00 17 be e6 |....(...........| 00000040 ba 39 2d 82 38 6e 09 2c 1c ef d5 1f ad 8e e0 47 |.9-.8n.,.......G| 00000050 2d bc 74 f8 3b ed 86 89 9e e9 a5 01 40 |-.t.;.......@| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 42 3b b0 5e 66 |..........(B;.^f| 00000010 3e ef a5 3d 49 64 42 34 b1 21 d6 43 d3 f6 f5 84 |>..=IdB4.!.C....| 00000020 21 96 b4 7b ed 73 b5 23 b6 40 cf 86 ab 71 59 58 |!..{.s.#.@...qYX| 00000030 3a bf 79 |:.y| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 8d 3c f7 |..............<.| 00000010 9e da 91 15 35 10 5f a4 29 32 3f 6a 8c 1d bc 13 |....5._.)2?j....| 00000020 8a 35 2b 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.5+.............| 00000030 1f b3 e3 e3 24 ac 7a a6 ee 81 e7 cc 9e 70 34 2c |....$.z......p4,| 00000040 d2 28 |.(| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-ECDSA-CHACHA20-POLY1305000066400000000000000000000143041373277661100277560ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 d0 01 00 00 cc 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 08 cc a9 |................| 00000050 13 01 13 03 13 02 01 00 00 7b 00 05 00 05 01 00 |.........{......| 00000060 00 00 00 00 0a 00 0a 00 08 00 1d 00 17 00 18 00 |................| 00000070 19 00 0b 00 02 01 00 00 0d 00 1a 00 18 08 04 04 |................| 00000080 03 08 07 08 05 08 06 04 01 05 01 06 01 05 03 06 |................| 00000090 03 02 01 02 03 ff 01 00 01 00 00 12 00 00 00 2b |...............+| 000000a0 00 09 08 03 04 03 03 03 02 03 01 00 33 00 26 00 |............3.&.| 000000b0 24 00 1d 00 20 2f e5 7d a3 47 cd 62 43 15 28 da |$... /.}.G.bC.(.| 000000c0 ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 |._.).0..........| 000000d0 5f 58 cb 3b 74 |_X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 ea 73 50 31 e4 |....Y...U...sP1.| 00000010 7a c7 e2 05 23 a0 22 e3 1a cd 6d b5 0f e7 f2 5e |z...#."...m....^| 00000020 d6 cb 6c 70 05 04 a9 63 4a a3 fc 20 a2 c5 68 f2 |..lp...cJ.. ..h.| 00000030 9b 56 6e 83 66 c1 7f 85 02 b6 6d 37 12 0f 12 5a |.Vn.f.....m7...Z| 00000040 41 7e c3 c9 44 85 3c 00 50 6f c7 f9 cc a9 00 00 |A~..D.<.Po......| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 |.............0..| 00000070 00 30 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 |.0..b.....-G....| 00000080 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 |0...*.H.=..0E1.0| 00000090 09 06 03 55 04 06 13 02 41 55 31 13 30 11 06 03 |...U....AU1.0...| 000000a0 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 |U....Some-State1| 000000b0 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e |!0...U....Intern| 000000c0 65 74 20 57 69 64 67 69 74 73 20 50 74 79 20 4c |et Widgits Pty L| 000000d0 74 64 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 |td0...1211221506| 000000e0 33 32 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 |32Z..22112015063| 000000f0 32 5a 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 |2Z0E1.0...U....A| 00000100 55 31 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 |U1.0...U....Some| 00000110 2d 53 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 |-State1!0...U...| 00000120 18 49 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 |.Internet Widgit| 00000130 73 20 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 |s Pty Ltd0..0...| 00000140 2a 86 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 |*.H.=....+...#..| 00000150 86 00 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 |...........Hs6~.| 00000160 16 56 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 |.V.".=S.;M!=.ku.| 00000170 f6 b0 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 |.....&.....r2|.d| 00000180 2f 1c 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 |/....h#.~..%.H:i| 00000190 e0 28 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 |.(m.7...b....pb.| 000001a0 d8 81 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 |...d1...1...h..#| 000001b0 de 76 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd |.vd?.\....XX._p.| 000001c0 9b d8 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a |...........0f[f.| 000001d0 20 e2 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d | .'...;0...*.H.=| 000001e0 04 01 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb |......0...B...O.| 000001f0 e2 45 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e |.E.H}.......Gp.^| 00000200 1b b6 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b |../...M.a@......| 00000210 7e 92 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 |~.~.v..;~.?....Y| 00000220 ec 47 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 |.G-|..N....o..B.| 00000230 4d fc be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 |M..g..-...?..%.3| 00000240 13 83 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd |.......7z..z....| 00000250 d7 11 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d |..i..|V..1x+..x.| 00000260 ae cb be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f |....N6$1{j.9....| 00000270 2a 16 03 03 00 b7 0c 00 00 b3 03 00 1d 20 a4 6a |*............ .j| 00000280 0d ab f2 7c 1a 31 2a 7d 51 b7 fe 69 cd 59 f5 c1 |...|.1*}Q..i.Y..| 00000290 10 94 a0 b2 6f 6f c4 48 48 9b 20 1e 46 2a 04 03 |....oo.HH. .F*..| 000002a0 00 8b 30 81 88 02 42 00 84 2a 96 88 a4 7a 86 7f |..0...B..*...z..| 000002b0 cf 86 20 37 17 de 54 0c c2 89 5e 27 f4 3b a4 ec |.. 7..T...^'.;..| 000002c0 ce 25 34 4e c7 a8 7d f5 56 6d 96 2c d0 53 ae 42 |.%4N..}.Vm.,.S.B| 000002d0 b5 87 a9 20 9c 4f c9 67 7e ca f6 fc 2f 61 72 35 |... .O.g~.../ar5| 000002e0 78 fe 54 32 1e a1 90 88 c2 02 42 01 a6 7b 98 de |x.T2......B..{..| 000002f0 fd 01 4b 4a 8f 1a e8 18 dd 07 bb 0b 38 41 7f 22 |..KJ........8A."| 00000300 62 3b 7e 37 67 b7 18 46 a7 32 43 1b c9 a9 8a a6 |b;~7g..F.2C.....| 00000310 d7 8a 2f 7b c5 14 f3 33 96 fe 0a fc 22 d0 a5 02 |../{...3...."...| 00000320 37 a5 31 5f b9 6b d2 3b f6 d0 d1 7b a1 16 03 03 |7.1_.k.;...{....| 00000330 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 f5 a0 28 0a 7e d4 8b a2 b6 e1 af |.... ..(.~......| 00000040 83 e2 50 e8 fc 7e f0 59 21 ed 3d 0d a8 ef a9 b1 |..P..~.Y!.=.....| 00000050 5a 13 2a 1b 2c |Z.*.,| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 44 15 68 4d e0 |.......... D.hM.| 00000010 3b 34 c5 77 b2 25 f2 e9 35 75 08 f5 a9 53 c9 65 |;4.w.%..5u...S.e| 00000020 19 36 49 fe 43 e4 f5 48 ac 7c d7 |.6I.C..H.|.| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 f7 fd 2a 83 90 01 f3 d2 82 dc bd |.......*........| 00000010 6c 33 31 a3 92 0f a4 f5 9c fa f4 15 03 03 00 12 |l31.............| 00000020 9e 60 18 02 f1 0d 2f f5 5f 68 69 ae 62 93 04 6a |.`..../._hi.b..j| 00000030 41 f0 |A.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-RSA-AES000066400000000000000000000163311373277661100260330ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 f1 07 97 47 f7 |....Y...U.....G.| 00000010 b8 42 f5 ce 2b b5 ec 5a d3 74 f1 fa 1f ea ec 6d |.B..+..Z.t.....m| 00000020 49 4e cf 2e 47 8b 2e 80 9b 8a ed 20 89 ca 35 4a |IN..G...... ..5J| 00000030 f4 35 5e b7 ed b2 96 ad e1 66 1d 43 9d 07 ba ed |.5^......f.C....| 00000040 ff 9d 47 65 c8 7d 91 32 4b 88 4d 83 c0 13 00 00 |..Ge.}.2K.M.....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 78 22 92 20 a9 be 78 |........ x". ..x| 000002d0 12 0f e6 83 13 3d 13 91 16 11 ca 26 9f b7 37 d5 |.....=.....&..7.| 000002e0 f0 97 f9 f2 01 fd 08 4f 42 08 04 00 80 2c f1 4e |.......OB....,.N| 000002f0 79 63 f2 d9 54 1c 0c 56 fd 56 4d e0 37 ee 5d bb |yc..T..V.VM.7.].| 00000300 22 90 fd ee d9 0f e6 d9 85 41 b9 8d d6 76 5f 05 |"........A...v_.| 00000310 1b 8c d7 4e c5 e8 4e 69 b9 5d de 73 c0 ed 4f 3e |...N..Ni.].s..O>| 00000320 09 9d b0 10 d6 61 87 d8 f9 c2 5b 48 f9 ef dd 65 |.....a....[H...e| 00000330 e6 f8 b0 d2 71 f6 e9 ae b1 c0 ea 90 dc 33 c6 72 |....q........3.r| 00000340 3e 9f 31 d4 ae 78 23 54 7a 4f 02 69 72 c1 06 2f |>.1..x#TzO.ir../| 00000350 3f 3c 7b f2 d8 17 40 a6 95 6d 46 62 6b 54 f1 cf |?<{...@..mFbkT..| 00000360 60 08 63 89 f7 a5 2a 52 3b 0e 0c d6 34 16 03 03 |`.c...*R;...4...| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000040 00 00 00 00 00 96 55 d3 bd a1 b6 de 93 68 19 ed |......U......h..| 00000050 4a 3a cc 42 7c c4 41 1e b5 37 65 d5 84 10 60 3d |J:.B|.A..7e...`=| 00000060 e9 57 29 28 79 54 da 6c 1b 36 6b b1 75 f4 bb 32 |.W)(yT.l.6k.u..2| 00000070 47 8d de c8 7d |G...}| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 db ed ec 54 4a |..........@...TJ| 00000010 20 d8 a7 ee 12 04 e2 e4 95 b4 a4 a7 e1 80 c8 40 | ..............@| 00000020 81 00 6d 3e 58 26 7c d4 26 84 86 ee b4 fc c5 50 |..m>X&|.&......P| 00000030 46 31 e7 4c 1e fd ed 10 7e 72 45 18 43 db 4c 0d |F1.L....~rE.C.L.| 00000040 b5 49 6c 31 04 f0 85 a7 f8 02 e1 |.Il1.......| >>> Flow 5 (client to server) 00000000 17 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 00000010 00 00 00 00 00 90 f7 06 a7 05 8d de 51 21 88 95 |............Q!..| 00000020 47 61 fb 8d a9 c9 6d 59 ca 92 8d 07 8b 9d 82 4e |Ga....mY.......N| 00000030 fd e9 ae 3d b0 15 03 03 00 30 00 00 00 00 00 00 |...=.....0......| 00000040 00 00 00 00 00 00 00 00 00 00 12 77 0c 5f 12 4b |...........w._.K| 00000050 96 ab 64 58 6e f5 82 09 6c 18 ae 1f a2 fb 0a 3b |..dXn...l......;| 00000060 71 17 25 8b c8 72 d0 13 fb e8 |q.%..r....| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-RSA-AES128-SHA256000066400000000000000000000170251373277661100271350ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 9e d4 c1 3e c6 |....Y...U.....>.| 00000010 3d 44 eb a7 b8 c5 c8 e0 ab 16 06 83 67 5e b2 d6 |=D..........g^..| 00000020 67 50 4b f3 24 17 97 19 76 7e 71 20 5a 2b dc 15 |gPK.$...v~q Z+..| 00000030 87 37 be bb c7 9c 38 cd 3e 55 4e 33 32 a0 01 1b |.7....8.>UN32...| 00000040 79 13 87 6a 19 09 42 4c fb 59 97 a8 c0 27 00 00 |y..j..BL.Y...'..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 57 62 97 e9 c8 c6 17 |........ Wb.....| 000002d0 73 d2 9e 31 a6 f8 be 03 65 86 af 6b e2 64 bf 7c |s..1....e..k.d.|| 000002e0 4a f1 b9 fb 84 21 10 76 66 08 04 00 80 2d 08 24 |J....!.vf....-.$| 000002f0 06 2a a3 c5 28 c4 22 5b fe 79 4f 91 56 9e 40 6f |.*..(."[.yO.V.@o| 00000300 e6 0c e8 70 e0 35 9e 55 91 51 86 ec ad ff 6b 3f |...p.5.U.Q....k?| 00000310 a7 19 fa 6f 74 47 8a 86 04 b5 8a f0 0a d5 e5 5f |...otG........._| 00000320 ea 30 cc 79 77 3d ac 99 da 41 7f 25 3b da cd da |.0.yw=...A.%;...| 00000330 aa 4e 2a 54 b5 d3 13 4f e4 e9 cb 76 86 fb 0b b5 |.N*T...O...v....| 00000340 0d a3 be ab d2 e6 6e f6 77 7c 60 a7 50 56 43 60 |......n.w|`.PVC`| 00000350 95 ba 95 c4 b5 1a 8d 6a f7 a5 9f 03 27 93 9f 23 |.......j....'..#| 00000360 44 27 88 f0 d5 51 0f ba 43 84 5c 02 14 16 03 03 |D'...Q..C.\.....| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 50 00 00 00 00 00 00 00 00 00 00 00 |....P...........| 00000040 00 00 00 00 00 02 19 fd 3e 06 0d 12 0d 03 42 da |........>.....B.| 00000050 76 6f e2 e3 96 eb 42 d9 96 b7 0b ae d6 a0 06 fa |vo....B.........| 00000060 57 4e ff 62 85 dd 3f ab 63 f9 73 87 8d 71 6a c6 |WN.b..?.c.s..qj.| 00000070 f4 ef ce f5 55 5b d2 1f b5 33 fd 12 32 bd 5e 1e |....U[...3..2.^.| 00000080 d5 32 91 9a ae |.2...| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 50 77 80 95 42 a3 |..........Pw..B.| 00000010 2b 1c 16 0f 3b f4 78 2a bd ab 6e d1 33 1e 0e a5 |+...;.x*..n.3...| 00000020 c7 f4 e9 92 82 00 da 44 0f b6 4e f9 1f ef 67 3b |.......D..N...g;| 00000030 de 5c dc 93 07 68 99 1a 70 7f 92 a7 d7 da f3 60 |.\...h..p......`| 00000040 cf d5 f1 f0 5e 75 68 a1 0b 32 eb d2 96 de e6 34 |....^uh..2.....4| 00000050 c3 e3 26 43 1f a2 8d e7 1b fc 76 |..&C......v| >>> Flow 5 (client to server) 00000000 17 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000010 00 00 00 00 00 f8 35 11 b8 23 cf d9 ec a7 d3 b9 |......5..#......| 00000020 60 1e 34 01 20 49 73 ec 72 78 58 24 3b fc a8 42 |`.4. Is.rxX$;..B| 00000030 b2 a9 69 69 40 65 5a c2 8b 9f 0b 0e 70 ab ac 22 |..ii@eZ.....p.."| 00000040 1a ac d6 04 06 15 03 03 00 40 00 00 00 00 00 00 |.........@......| 00000050 00 00 00 00 00 00 00 00 00 00 fe ed 19 a0 84 06 |................| 00000060 8b f0 e8 4e 30 7a 3c 89 a0 a8 59 74 a5 92 73 f3 |...N0z<...Yt..s.| 00000070 df 1b f0 c6 5a 95 d5 1c b6 57 4a 1b 8f 24 59 87 |....Z....WJ..$Y.| 00000080 b4 2b 7f 6f 89 03 e8 6d e5 d9 |.+.o...m..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ECDHE-RSA-CHACHA20-POLY1305000066400000000000000000000150001373277661100275560ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 d0 01 00 00 cc 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 08 cc a8 |................| 00000050 13 01 13 03 13 02 01 00 00 7b 00 05 00 05 01 00 |.........{......| 00000060 00 00 00 00 0a 00 0a 00 08 00 1d 00 17 00 18 00 |................| 00000070 19 00 0b 00 02 01 00 00 0d 00 1a 00 18 08 04 04 |................| 00000080 03 08 07 08 05 08 06 04 01 05 01 06 01 05 03 06 |................| 00000090 03 02 01 02 03 ff 01 00 01 00 00 12 00 00 00 2b |...............+| 000000a0 00 09 08 03 04 03 03 03 02 03 01 00 33 00 26 00 |............3.&.| 000000b0 24 00 1d 00 20 2f e5 7d a3 47 cd 62 43 15 28 da |$... /.}.G.bC.(.| 000000c0 ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 |._.).0..........| 000000d0 5f 58 cb 3b 74 |_X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 4e fb dc 04 6f |....Y...U..N...o| 00000010 5a 52 37 a3 55 58 26 e5 cd a0 67 4c 0f 87 1a 3a |ZR7.UX&...gL...:| 00000020 f6 84 33 2f 2e 52 d0 48 7c 5b 64 20 6e d0 bc ca |..3/.R.H|[d n...| 00000030 c9 a5 87 8d 99 c5 ec 85 84 89 f0 22 ab 63 55 f4 |...........".cU.| 00000040 70 d7 02 93 b5 fe d7 38 fb c1 b2 da cc a8 00 00 |p......8........| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 fc 4b 92 ab d2 cb 4f |........ .K....O| 000002d0 61 aa 86 12 1a 1d 75 be 31 dd b8 ee 6c a6 db bd |a.....u.1...l...| 000002e0 0b ea b2 d5 27 49 42 eb 5a 08 04 00 80 02 ad 71 |....'IB.Z......q| 000002f0 e2 e8 f6 44 3c a6 18 6f 76 ee 9a eb 0e d9 ff cb |...D<..ov.......| 00000300 6d 1e 64 dd 29 1d 8c c8 f6 14 40 c0 12 46 74 4c |m.d.).....@..FtL| 00000310 41 2d 71 5f 9c b7 86 0b fc 66 1e 14 cb 26 d0 d7 |A-q_.....f...&..| 00000320 21 b4 bd c2 04 38 77 90 6a f0 01 18 bd 1c 17 45 |!....8w.j......E| 00000330 7e 38 46 4c 2e 97 ba 11 01 1f 20 cc df f2 6b 5b |~8FL...... ...k[| 00000340 a7 29 c0 52 52 9c 2f 23 bd 1c 72 c2 f2 99 d1 dc |.).RR./#..r.....| 00000350 6a 6c ac 8e 87 8a 00 74 47 2e 99 8d 3f 79 04 60 |jl.....tG...?y.`| 00000360 5e dc ba 86 1c f4 f9 03 22 38 96 a7 b3 16 03 03 |^......."8......| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 0a 17 ee 70 8c 50 24 7c 00 b9 6f |.... ...p.P$|..o| 00000040 82 71 ed 2b 8c 0b 4b ff bb 38 bc 12 7e 0c a5 3e |.q.+..K..8..~..>| 00000050 71 a2 ad f8 52 |q...R| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 e9 87 55 12 a8 |.......... ..U..| 00000010 ad 68 42 0c 60 12 be 2f 2c e5 00 2d 01 cf 86 a2 |.hB.`../,..-....| 00000020 1b 06 b3 86 bf 88 48 73 7a d3 cc |......Hsz..| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 96 75 4c c6 ba b1 ad ae 2f 44 9d |......uL...../D.| 00000010 10 c3 ef e5 dc fb 0a 3e af 6b 6a 15 03 03 00 12 |.......>.kj.....| 00000020 30 13 8f e5 a1 0f 38 67 b9 53 4e 6a 66 ec ee 45 |0.....8g.SNjf..E| 00000030 c2 b2 |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-Ed25519000066400000000000000000000117411373277661100251300ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 66 49 2a a6 a4 |....Y...U..fI*..| 00000010 75 60 58 bb 5f 5e 82 cd e5 c0 9f 6d a4 fd 39 3b |u`X._^.....m..9;| 00000020 d9 17 80 14 89 ea 51 c1 b0 43 d6 20 b2 6b 72 81 |......Q..C. .kr.| 00000030 f6 63 20 22 e2 b6 d2 61 aa 87 b6 67 ae 56 78 44 |.c "...a...g.VxD| 00000040 5d 10 8c cf ea 32 cf 9e 92 e5 59 70 cc a9 00 00 |]....2....Yp....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 01 3c 0b 00 01 38 00 01 35 00 01 32 30 82 01 |..<...8..5..20..| 00000070 2e 30 81 e1 a0 03 02 01 02 02 10 0f 43 1c 42 57 |.0..........C.BW| 00000080 93 94 1d e9 87 e4 f1 ad 15 00 5d 30 05 06 03 2b |..........]0...+| 00000090 65 70 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 |ep0.1.0...U....A| 000000a0 63 6d 65 20 43 6f 30 1e 17 0d 31 39 30 35 31 36 |cme Co0...190516| 000000b0 32 31 33 38 30 31 5a 17 0d 32 30 30 35 31 35 32 |213801Z..2005152| 000000c0 31 33 38 30 31 5a 30 12 31 10 30 0e 06 03 55 04 |13801Z0.1.0...U.| 000000d0 0a 13 07 41 63 6d 65 20 43 6f 30 2a 30 05 06 03 |...Acme Co0*0...| 000000e0 2b 65 70 03 21 00 3f e2 15 2e e6 e3 ef 3f 4e 85 |+ep.!.?......?N.| 000000f0 4a 75 77 a3 64 9e ed e0 bf 84 2c cc 92 26 8f fa |Juw.d.....,..&..| 00000100 6f 34 83 aa ec 8f a3 4d 30 4b 30 0e 06 03 55 1d |o4.....M0K0...U.| 00000110 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d |..........0...U.| 00000120 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 |%..0...+.......0| 00000130 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 16 06 |...U.......0.0..| 00000140 03 55 1d 11 04 0f 30 0d 82 0b 65 78 61 6d 70 6c |.U....0...exampl| 00000150 65 2e 63 6f 6d 30 05 06 03 2b 65 70 03 41 00 63 |e.com0...+ep.A.c| 00000160 44 ed 9c c4 be 53 24 53 9f d2 10 8d 9f e8 21 08 |D....S$S......!.| 00000170 90 95 39 e5 0d c1 55 ff 2c 16 b7 1d fc ab 7d 4d |..9...U.,.....}M| 00000180 d4 e0 93 13 d0 a9 42 e0 b6 6b fe 5d 67 48 d7 9f |......B..k.]gH..| 00000190 50 bc 6c cd 4b 03 83 7c f2 08 58 cd ac cf 0c 16 |P.l.K..|..X.....| 000001a0 03 03 00 6c 0c 00 00 68 03 00 1d 20 c4 8c b8 a2 |...l...h... ....| 000001b0 32 92 b8 22 1f 4c f1 96 00 64 35 47 4e f8 3d 08 |2..".L...d5GN.=.| 000001c0 83 12 fe 95 a8 e4 8e c9 30 27 5c 39 08 07 00 40 |........0'\9...@| 000001d0 7f 90 cf e0 87 69 e3 50 e6 fa 5e 28 a1 0f 79 0a |.....i.P..^(..y.| 000001e0 6e cf f4 87 e8 2f 55 b2 dd cb 5e 8f 9a 14 bd c2 |n..../U...^.....| 000001f0 2b 2b 2d ed 72 40 23 5d 6d f4 89 3a ff 09 82 ec |++-.r@#]m..:....| 00000200 b6 4b 27 9a 08 ea e9 73 94 b4 31 1f e1 39 86 0e |.K'....s..1..9..| 00000210 16 03 03 00 04 0e 00 00 00 |.........| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 8f 97 36 bd 59 ef 8e 2f 11 28 b0 |.... ..6.Y../.(.| 00000040 d7 20 79 bf 04 07 45 f9 89 de b0 c7 55 1a ad 80 |. y...E.....U...| 00000050 0f 8c ef 1d c6 |.....| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 47 6c 1f 86 47 |.......... Gl..G| 00000010 72 03 94 e0 43 f8 e5 ca 03 7d f5 d5 dd 70 05 f5 |r...C....}...p..| 00000020 98 5d 51 b4 11 49 71 7a fd 37 9a |.]Q..Iqz.7.| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 b7 a2 f5 8e 7c d3 7d 61 af 29 1c |.........|.}a.).| 00000010 77 0c 8d b4 5b d3 be 77 a6 a5 99 15 03 03 00 12 |w...[..w........| 00000020 d8 23 dc a8 99 fe 1c 6e f2 2f 41 8e df 40 11 4f |.#.....n./A..@.O| 00000030 6b 92 |k.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-ExportKeyingMaterial000066400000000000000000000152501373277661100303000ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 7c c1 7b 30 03 |....Y...U..|.{0.| 00000010 3c d7 63 5f 47 1c b1 13 56 56 b4 fd 55 e2 27 3e |<.c_G...VV..U.'>| 00000020 39 bb ce 9b 5b 2c 1e 17 33 e1 da 20 65 8b 26 42 |9...[,..3.. e.&B| 00000030 a4 38 29 c7 9a 25 13 fc 1d 69 cb 10 63 c6 26 fc |.8)..%...i..c.&.| 00000040 f4 46 64 31 28 06 b3 a5 a4 c2 f6 5a cc a8 00 00 |.Fd1(......Z....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 f7 a2 97 2f 50 e4 e2 |........ .../P..| 000002d0 fa ef 80 67 78 1c aa 6c 03 aa 05 3b 6f 98 97 11 |...gx..l...;o...| 000002e0 7e 55 3d 50 f3 a9 9b 21 65 08 04 00 80 34 4a 4b |~U=P...!e....4JK| 000002f0 4b 6e 86 01 1b 6b 8e 3e 84 01 75 b8 05 c3 b2 52 |Kn...k.>..u....R| 00000300 16 ee ac 61 83 dd 09 32 d5 55 6a 5d d6 6b 4a 1a |...a...2.Uj].kJ.| 00000310 2b f7 09 33 6f 3d 4f c1 e3 aa 03 27 fe af cd 6d |+..3o=O....'...m| 00000320 b8 76 00 02 42 98 e6 f6 b7 ed fb 35 35 29 23 b1 |.v..B......55)#.| 00000330 4d 48 0a ba a1 1b e3 8e a2 cb 80 11 ec 92 20 df |MH............ .| 00000340 1f a4 5e 5d 70 85 8e 5d 85 62 81 1f b3 3a 0d 8d |..^]p..].b...:..| 00000350 9a 07 d3 99 a5 3c 6c c2 52 08 f0 be 50 ed d2 4d |.....>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 30 8b ea ef 6c 35 97 5b 26 5f ef |.... 0...l5.[&_.| 00000040 bc 28 fd e9 23 73 bb b3 ae 41 0c be 5f 83 a5 f7 |.(..#s...A.._...| 00000050 96 07 8d 81 67 |....g| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 29 fa a8 de f2 |.......... )....| 00000010 8f 94 16 fc be 84 93 e9 34 98 c2 44 08 9b 2e 37 |........4..D...7| 00000020 1f 41 61 53 fa 9c 23 ff d8 6d c3 |.AaS..#..m.| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 ab 6d 32 1c 16 cc 29 b1 21 4c b1 |......m2...).!L.| 00000010 74 4c 50 e3 1f c5 f1 05 6a 8a 92 15 03 03 00 12 |tLP.....j.......| 00000020 18 88 3d 23 81 d7 ba c5 1e 9a c4 3a 1b c8 cd 5b |..=#.......:...[| 00000030 c5 fa |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-P256-ECDHE000066400000000000000000000164351373277661100254410ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 15 01 00 01 11 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 96 00 05 00 05 01 00 00 00 00 00 0a 00 |................| 00000090 04 00 02 00 17 00 0b 00 02 01 00 00 0d 00 1a 00 |................| 000000a0 18 08 04 04 03 08 07 08 05 08 06 04 01 05 01 06 |................| 000000b0 01 05 03 06 03 02 01 02 03 ff 01 00 01 00 00 12 |................| 000000c0 00 00 00 2b 00 09 08 03 04 03 03 03 02 03 01 00 |...+............| 000000d0 33 00 47 00 45 00 17 00 41 04 1e 18 37 ef 0d 19 |3.G.E...A...7...| 000000e0 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 |Q.5uq..T[....g..| 000000f0 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 |$ >.V...(^.+-O..| 00000100 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 |..lK[.V.2B.X..I.| 00000110 b5 68 1a 41 03 56 6b dc 5a 89 |.h.A.Vk.Z.| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 b8 7d f5 69 c3 |....Y...U...}.i.| 00000010 6a ca 8b df f3 30 2c 39 47 2e 74 2e 4f 89 4c 1e |j....0,9G.t.O.L.| 00000020 f0 eb 10 0e 06 1d 2c 4e de 2e 8f 20 6c a0 5b 66 |......,N... l.[f| 00000030 fc a6 05 df 29 6b ce 72 92 e7 d7 78 f5 46 38 f9 |....)k.r...x.F8.| 00000040 91 1c 9a 08 4c b1 9a 41 e5 0c d2 cd c0 2f 00 00 |....L..A...../..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 cd 0c 00 00 c9 03 00 17 41 04 3e 87 67 8b 87 08 |........A.>.g...| 000002d0 fe 4e 4c c3 6b 42 4b 97 ad f4 1c 83 35 72 db 4f |.NL.kBK.....5r.O| 000002e0 39 83 ea 14 69 bb 8c 87 58 c5 a4 a8 8c d7 9d af |9...i...X.......| 000002f0 7a 5e 58 59 31 4d f2 01 4a 23 51 24 1b 04 0c e3 |z^XY1M..J#Q$....| 00000300 94 9e 1b 6c ad aa 83 fd 2d 36 08 04 00 80 ab e9 |...l....-6......| 00000310 ff 6d 7a cd 3b a7 da ff d5 bd 27 49 68 53 f5 45 |.mz.;.....'IhS.E| 00000320 c3 dd 5b a2 99 fb 8f 24 37 49 d3 08 87 d1 06 98 |..[....$7I......| 00000330 39 72 25 78 b3 05 fb a2 c9 ac f9 c8 f7 fc ea 8a |9r%x............| 00000340 98 ce 78 83 64 f6 e0 c7 44 62 af a7 d5 26 df f1 |..x.d...Db...&..| 00000350 2c cc ce 11 8b 03 4a e1 81 54 3f e1 6e 52 c9 1a |,.....J..T?.nR..| 00000360 d8 95 52 e0 3f a5 e3 c8 12 9a c7 57 5d 46 7a ce |..R.?......W]Fz.| 00000370 56 8a 90 0f 0d 1b ba 58 cf 1c a3 4b 39 5a 08 ee |V......X...K9Z..| 00000380 8a 61 bb 0f 7d f7 0e f2 1f 73 e0 c8 6f 54 16 03 |.a..}....s..oT..| 00000390 03 00 04 0e 00 00 00 |.......| >>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 1e 18 37 ef 0d |....F...BA...7..| 00000010 19 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd |.Q.5uq..T[....g.| 00000020 a7 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e |.$ >.V...(^.+-O.| 00000030 f1 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 |...lK[.V.2B.X..I| 00000040 a6 b5 68 1a 41 03 56 6b dc 5a 89 14 03 03 00 01 |..h.A.Vk.Z......| 00000050 01 16 03 03 00 28 00 00 00 00 00 00 00 00 b8 16 |.....(..........| 00000060 ce 7d df 64 13 07 9e d8 37 bb 3f 9c 9e 2b 3c 0e |.}.d....7.?..+<.| 00000070 26 a7 9d 32 e5 44 b8 d6 66 bc 05 7b 27 7a |&..2.D..f..{'z| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 c0 73 5c 27 1b |..........(.s\'.| 00000010 19 d0 66 68 ea c5 ad 7d a8 03 37 d2 9a ff 00 c4 |..fh...}..7.....| 00000020 70 65 98 3b 88 59 c0 ca e3 c0 d6 32 0e 8d 15 3c |pe.;.Y.....2...<| 00000030 e2 c3 f3 |...| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 28 ef 47 |.............(.G| 00000010 ad 7f 40 4b 34 78 f3 1e 01 a7 f4 20 0a d5 c1 41 |..@K4x..... ...A| 00000020 f7 be 41 15 03 03 00 1a 00 00 00 00 00 00 00 02 |..A.............| 00000030 fb fc eb 14 f2 a6 e7 2e 80 d6 93 31 25 01 e9 d2 |...........1%...| 00000040 c3 ae |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-RSA-RC4000066400000000000000000000143461373277661100252110ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 51 02 00 00 4d 03 03 34 50 1f 52 15 |....Q...M..4P.R.| 00000010 85 c7 85 2c 4d a9 b2 0c 49 e5 a3 ea 57 21 96 39 |...,M...I...W!.9| 00000020 db c9 97 b6 c4 d0 81 9a 39 a3 e8 20 59 f5 b9 db |........9.. Y...| 00000030 58 2e ef 1c b3 85 96 27 6a 23 71 3f 5c 72 ce cf |X......'j#q?\r..| 00000040 c5 b7 fe 05 00 f4 65 06 54 c1 2e 7c 00 05 00 00 |......e.T..|....| 00000050 05 ff 01 00 01 00 16 03 03 02 59 0b 00 02 55 00 |..........Y...U.| 00000060 02 52 00 02 4f 30 82 02 4b 30 82 01 b4 a0 03 02 |.R..O0..K0......| 00000070 01 02 02 09 00 e8 f0 9d 3f e2 5b ea a6 30 0d 06 |........?.[..0..| 00000080 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 1f 31 0b |.*.H........0.1.| 00000090 30 09 06 03 55 04 0a 13 02 47 6f 31 10 30 0e 06 |0...U....Go1.0..| 000000a0 03 55 04 03 13 07 47 6f 20 52 6f 6f 74 30 1e 17 |.U....Go Root0..| 000000b0 0d 31 36 30 31 30 31 30 30 30 30 30 30 5a 17 0d |.160101000000Z..| 000000c0 32 35 30 31 30 31 30 30 30 30 30 30 5a 30 1a 31 |250101000000Z0.1| 000000d0 0b 30 09 06 03 55 04 0a 13 02 47 6f 31 0b 30 09 |.0...U....Go1.0.| 000000e0 06 03 55 04 03 13 02 47 6f 30 81 9f 30 0d 06 09 |..U....Go0..0...| 000000f0 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 |*.H............0| 00000100 81 89 02 81 81 00 db 46 7d 93 2e 12 27 06 48 bc |.......F}...'.H.| 00000110 06 28 21 ab 7e c4 b6 a2 5d fe 1e 52 45 88 7a 36 |.(!.~...]..RE.z6| 00000120 47 a5 08 0d 92 42 5b c2 81 c0 be 97 79 98 40 fb |G....B[.....y.@.| 00000130 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 d8 d4 09 9e d6 |Om..+.....g.....| 00000140 22 38 b7 4a 0b 74 73 2b c2 34 f1 d1 93 e5 96 d9 |"8.J.ts+.4......| 00000150 74 7b f3 58 9f 6c 61 3c c0 b0 41 d4 d9 2b 2b 24 |t{.X.la<..A..++$| 00000160 23 77 5b 1c 3b bd 75 5d ce 20 54 cf a1 63 87 1d |#w[.;.u]. T..c..| 00000170 1e 24 c4 f3 1d 1a 50 8b aa b6 14 43 ed 97 a7 75 |.$....P....C...u| 00000180 62 f4 14 c8 52 d7 02 03 01 00 01 a3 81 93 30 81 |b...R.........0.| 00000190 90 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 |.0...U..........| 000001a0 a0 30 1d 06 03 55 1d 25 04 16 30 14 06 08 2b 06 |.0...U.%..0...+.| 000001b0 01 05 05 07 03 01 06 08 2b 06 01 05 05 07 03 02 |........+.......| 000001c0 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 19 |0...U.......0.0.| 000001d0 06 03 55 1d 0e 04 12 04 10 9f 91 16 1f 43 43 3e |..U..........CC>| 000001e0 49 a6 de 6d b6 80 d7 9f 60 30 1b 06 03 55 1d 23 |I..m....`0...U.#| 000001f0 04 14 30 12 80 10 48 13 49 4d 13 7e 16 31 bb a3 |..0...H.IM.~.1..| 00000200 01 d5 ac ab 6e 7b 30 19 06 03 55 1d 11 04 12 30 |....n{0...U....0| 00000210 10 82 0e 65 78 61 6d 70 6c 65 2e 67 6f 6c 61 6e |...example.golan| 00000220 67 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 |g0...*.H........| 00000230 03 81 81 00 9d 30 cc 40 2b 5b 50 a0 61 cb ba e5 |.....0.@+[P.a...| 00000240 53 58 e1 ed 83 28 a9 58 1a a9 38 a4 95 a1 ac 31 |SX...(.X..8....1| 00000250 5a 1a 84 66 3d 43 d3 2d d9 0b f2 97 df d3 20 64 |Z..f=C.-...... d| 00000260 38 92 24 3a 00 bc cf 9c 7d b7 40 20 01 5f aa d3 |8.$:....}.@ ._..| 00000270 16 61 09 a2 76 fd 13 c3 cc e1 0c 5c ee b1 87 82 |.a..v......\....| 00000280 f1 6c 04 ed 73 bb b3 43 77 8d 0c 1c f1 0f a1 d8 |.l..s..Cw.......| 00000290 40 83 61 c9 4c 72 2b 9d ae db 46 06 06 4d f4 c1 |@.a.Lr+...F..M..| 000002a0 b3 3e c0 d1 bd 42 d4 db fe 3d 13 60 84 5c 21 d3 |.>...B...=.`.\!.| 000002b0 3b e9 fa e7 16 03 03 00 04 0e 00 00 00 |;............| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 b9 65 8d bf a7 |............e...| 00000010 c8 4b 79 ce 6f cb 8b 13 1c ac b9 7d 66 5e e9 ba |.Ky.o......}f^..| 00000020 1d 71 4e a9 e9 34 ae f6 64 65 90 3b d8 16 52 a2 |.qN..4..de.;..R.| 00000030 6f f4 cb 8a 13 74 a2 ee b7 27 69 b4 41 c0 90 68 |o....t...'i.A..h| 00000040 bc 02 69 e1 c6 48 4f 39 36 30 25 ca 4c 17 ce 83 |..i..HO960%.L...| 00000050 9e 08 56 e3 05 49 93 9e 2e c4 fb e6 c8 01 f1 0f |..V..I..........| 00000060 c5 70 0f 08 83 48 e9 48 ef 6e 50 8b 05 7e e5 84 |.p...H.H.nP..~..| 00000070 25 fa 55 c7 ae 31 02 27 00 ef 3f 98 86 20 12 89 |%.U..1.'..?.. ..| 00000080 91 59 28 b4 f7 d7 af d2 69 61 35 14 03 03 00 01 |.Y(.....ia5.....| 00000090 01 16 03 03 00 24 ab 48 84 ae 77 f9 8b 82 44 52 |.....$.H..w...DR| 000000a0 3e 65 94 27 cc f2 08 a7 f2 e5 21 0c 02 d0 89 ac |>e.'......!.....| 000000b0 50 be 69 57 c9 7c a0 f2 7f 6d |P.iW.|...m| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 24 61 94 21 65 0f |..........$a.!e.| 00000010 10 ba 0c a6 d9 e3 08 54 86 ae f9 64 c7 e7 f4 4b |.......T...d...K| 00000020 aa f5 19 ca 2a 0d 50 88 85 42 32 14 04 29 d9 |....*.P..B2..).| >>> Flow 5 (client to server) 00000000 17 03 03 00 1a cb 1d 43 67 de 7a 20 c7 ed 46 99 |.......Cg.z ..F.| 00000010 86 1f b9 61 9f c6 34 9a 07 37 3c 94 45 b4 40 15 |...a..4..7<.E.@.| 00000020 03 03 00 16 4e ac d3 12 23 b4 33 bc 5b 03 91 7e |....N...#.3.[..~| 00000030 d9 d0 7f d7 48 3e 8c 16 16 ec |....H>....| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-RenegotiateOnce000066400000000000000000000443641373277661100272540ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 f1 d8 72 0c 79 |....Y...U....r.y| 00000010 e2 ca 92 11 1c 30 cc 45 00 9b ea 3d a3 ed 23 d5 |.....0.E...=..#.| 00000020 22 f0 da 9c 03 32 7b c3 13 d3 df 20 8f 7a 61 43 |"....2{.... .zaC| 00000030 cb 72 46 5e c1 39 78 42 32 97 cc 2b 90 2e 53 59 |.rF^.9xB2..+..SY| 00000040 31 38 ec 7b 2b 8a f3 80 e0 03 f0 0e cc a8 00 00 |18.{+...........| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 96 cb 1d cd f6 2f ff |........ ...../.| 000002d0 fe 32 ef d6 18 a2 6b 57 66 cd 3d 50 42 56 dc a4 |.2....kWf.=PBV..| 000002e0 5f fe e4 91 ce d1 17 34 3c 08 04 00 80 b1 47 de |_......4<.....G.| 000002f0 b3 19 b0 fd 02 35 eb 3c a1 04 d3 6b 53 84 20 c7 |.....5.<...kS. .| 00000300 08 4b 96 12 23 ae bf ca a8 83 1d 90 16 ae d3 7c |.K..#..........|| 00000310 fa 1b b4 f0 bb bb 4e 3f 70 13 2f 40 6c d4 76 61 |......N?p./@l.va| 00000320 5b 23 85 3f e7 37 ef e1 55 47 8d 01 e1 24 22 7f |[#.?.7..UG...$".| 00000330 a4 2c 6f 97 47 5f d6 69 bf b4 db 4b b8 a1 ad 66 |.,o.G_.i...K...f| 00000340 5f d5 5d b6 06 ac 93 ed d7 06 cb b5 a4 d4 4b a7 |_.]...........K.| 00000350 7b de f7 73 60 af ad 23 f4 6a f1 bf 2a ee 5b 4e |{..s`..#.j..*.[N| 00000360 83 94 d7 95 3b e5 5e a5 3d 1a 0a 7a 9e 16 03 03 |....;.^.=..z....| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 f2 6f 2e 79 5c db 90 b8 2e cf 59 |.... .o.y\.....Y| 00000040 0a 56 69 86 f1 71 0c ff a9 7c 0b a0 e7 c9 8d 17 |.Vi..q...|......| 00000050 65 ad a5 6c 82 |e..l.| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 d5 90 08 84 71 |.......... ....q| 00000010 bc 09 48 be ad 59 11 76 c6 39 bb 94 8c 60 80 29 |..H..Y.v.9...`.)| 00000020 44 1a 0d fe 5c 00 4c bc 47 3c 1e |D...\.L.G<.| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 42 cd 1c e5 91 35 b0 c1 4d df e4 |.....B....5..M..| 00000010 b0 ca f3 8a 7a 41 85 31 7a 7d 59 |....zA.1z}Y| >>> Flow 6 (server to client) 00000000 16 03 03 00 14 3b 0f 40 64 9f ff 8f b9 85 18 af |.....;.@d.......| 00000010 b4 bc e7 33 8a 9b 03 de ed |...3.....| >>> Flow 7 (client to server) 00000000 16 03 03 01 16 17 a7 61 5b 22 97 6e eb dd 43 84 |.......a[".n..C.| 00000010 b9 ac 15 c2 76 7d 1f c0 e3 46 11 af c0 59 7d cc |....v}...F...Y}.| 00000020 d4 5d 02 90 28 bb b3 7c 85 76 46 34 7c bf 2b bf |.]..(..|.vF4|.+.| 00000030 c4 e9 e1 46 b0 15 7e af c1 03 4a 17 b3 7a 03 cd |...F..~...J..z..| 00000040 e0 90 b1 1b 59 ac 1f 33 b0 41 c3 47 ee 58 af 5b |....Y..3.A.G.X.[| 00000050 5b c4 7a 92 02 e2 34 8d cd 70 20 c4 59 5e 25 f2 |[.z...4..p .Y^%.| 00000060 28 b1 f2 a5 e0 c4 f9 d0 ae cc 2b 1e ea d4 5a fe |(.........+...Z.| 00000070 62 97 bc d7 57 94 5c b8 ce 4c 62 1a e5 29 02 1e |b...W.\..Lb..)..| 00000080 0e 68 1d 8a 17 f9 47 55 ac 65 cf 13 88 d3 95 0d |.h....GU.e......| 00000090 d7 e0 d8 03 f8 f6 6f 9c 5b de 5c 80 c3 34 7e 82 |......o.[.\..4~.| 000000a0 5c 8b c4 a3 99 c8 1e f0 f2 e5 6e 73 40 62 31 8e |\.........ns@b1.| 000000b0 3b 08 62 ba a8 b9 18 c4 84 a0 b4 9f 68 81 2f ae |;.b.........h./.| 000000c0 8d 7c cc 54 ba 4a ec 26 a5 8a 9b a7 bd 36 17 2c |.|.T.J.&.....6.,| 000000d0 52 69 4c 57 81 64 e6 34 88 27 81 d2 32 eb d2 8d |RiLW.d.4.'..2...| 000000e0 4d 8d c1 8b 14 b3 07 19 63 f8 d6 4a 9a 7d 3f c1 |M.......c..J.}?.| 000000f0 af 18 72 f7 2d c8 7e 82 52 28 51 80 59 0c 9b 9f |..r.-.~.R(Q.Y...| 00000100 ac 40 69 25 0e 6d d7 4a 72 b5 18 f8 78 b9 52 c3 |.@i%.m.Jr...x.R.| 00000110 d6 32 6c 7d 29 70 a8 33 18 d0 4b |.2l})p.3..K| >>> Flow 8 (server to client) 00000000 16 03 03 00 81 8b e2 a1 f5 15 55 13 f6 f2 fa 95 |..........U.....| 00000010 3b bb 0f 3d 3e 9b 3c b1 60 cb 69 7f 63 62 2d 9b |;..=>.<.`.i.cb-.| 00000020 20 47 3a 7d 5e d0 98 38 49 c3 94 f8 1d 56 1d 69 | G:}^..8I....V.i| 00000030 27 65 bc ca 63 22 65 61 60 67 49 35 f0 eb 83 1b |'e..c"ea`gI5....| 00000040 44 c4 f0 91 64 5a 81 b5 06 4b 3e 3a ef 3b 5c b0 |D...dZ...K>:.;\.| 00000050 81 b4 36 df f3 0d a3 0a 1c 40 03 fa 81 48 42 70 |..6......@...HBp| 00000060 bf 4c b3 6b 67 19 7b 83 05 a1 31 a3 1c 79 49 2c |.L.kg.{...1..yI,| 00000070 1f 58 bc 7d 98 4e 5b 64 44 3d 3c 43 fb 77 c7 7c |.X.}.N[dD=l.c[.| 000003c0 f0 c6 3a 58 e0 6c 6b 70 46 d0 be 6f 13 34 7a 30 |..:X.lkpF..o.4z0| 000003d0 e6 e4 b2 fd 39 ee 79 b1 7e 73 5e 9b 2d d9 3f 4f |....9.y.~s^.-.?O| 000003e0 61 d5 53 37 79 57 15 a3 3a 7c b7 02 cc 76 25 1d |a.S7yW..:|...v%.| 000003f0 96 8b dd 9e 32 8b 1a 9e 37 b1 1a b8 f2 4f ef 3c |....2...7....O.<| 00000400 78 e1 b9 07 16 03 03 00 14 bf da c1 d4 16 fd 48 |x..............H| 00000410 a9 ad 59 6d 8c dc e1 6c fd 73 ca 9c 1b |..Ym...l.s...| >>> Flow 9 (client to server) 00000000 16 03 03 02 69 11 1e 53 9b b7 57 6d ea 89 bb 37 |....i..S..Wm...7| 00000010 1b c6 01 bd 27 db fa 17 cc 5d 20 be ee 5b a9 64 |....'....] ..[.d| 00000020 48 4e 4a 4c 82 65 8e 3d 42 d6 ce 5c a8 50 d4 fa |HNJL.e.=B..\.P..| 00000030 0f 02 b2 19 90 b5 4e ae 6c e9 d6 b7 b8 64 ca 0e |......N.l....d..| 00000040 09 2d a9 7b ab 0f b8 83 97 b6 e0 eb bf 03 5a 1c |.-.{..........Z.| 00000050 e7 16 31 67 30 46 60 26 df 19 cf 5f fa 40 36 43 |..1g0F`&..._.@6C| 00000060 91 d5 7c 2f 5f 29 74 03 e0 90 cd 55 25 e5 1e fe |..|/_)t....U%...| 00000070 6b 13 ec 58 29 b0 f4 a3 b2 8d ba 4e 3b f1 11 d8 |k..X)......N;...| 00000080 85 49 50 b9 e0 03 89 a1 0f da ce 57 83 aa 4a 8c |.IP........W..J.| 00000090 3b 15 d5 10 47 01 22 32 4f 78 87 69 4c bf a6 6e |;...G."2Ox.iL..n| 000000a0 d4 e6 a5 1e fa 5b ff b0 38 a5 fa 83 1d 45 c5 18 |.....[..8....E..| 000000b0 72 65 91 6c 41 d2 21 be 5b 1d e9 f5 19 eb d0 5a |re.lA.!.[......Z| 000000c0 7e 0d 81 c9 ca f0 97 9e cc 9b 5c 77 6b 9c 15 d3 |~.........\wk...| 000000d0 bd 43 4d 42 e5 f9 82 a9 d6 f2 44 93 ae 74 a3 fd |.CMB......D..t..| 000000e0 c5 1f 15 13 a0 ea d2 f3 4c 4c ea 2d fe 3b 6e 7b |........LL.-.;n{| 000000f0 f4 11 f7 2e 7d 45 26 a0 d9 29 4e 4d ec 90 e2 3e |....}E&..)NM...>| 00000100 51 52 dd 6e e1 b5 77 b1 a2 f5 17 b5 34 7f e8 8f |QR.n..w.....4...| 00000110 38 9c d6 1c b5 6c 2d 99 00 a1 41 95 15 c5 e5 bf |8....l-...A.....| 00000120 c1 67 fb ea 53 6c a8 85 8c c4 a6 74 e3 dc f7 90 |.g..Sl.....t....| 00000130 b8 cc 99 39 1a a1 c6 51 db 65 e9 b8 ad 2b 1f 35 |...9...Q.e...+.5| 00000140 b5 90 ae f7 af c2 d0 a9 92 eb 63 21 24 4f 5e 62 |..........c!$O^b| 00000150 ba 69 ce 1a c8 41 79 db c0 6c ef bc cf 19 4a 2c |.i...Ay..l....J,| 00000160 e0 66 6e 72 97 2d 75 e5 ee 14 82 e8 26 98 fe c4 |.fnr.-u.....&...| 00000170 8a 17 c4 fb 48 2a d7 7e d9 3e 5b f9 d4 7d 0e da |....H*.~.>[..}..| 00000180 56 44 5e 33 9d 5f 97 ab d1 60 a8 ee 3d 16 6a 2a |VD^3._...`..=.j*| 00000190 33 b1 7d e2 e6 86 cd 88 ac e1 48 49 4e 19 a2 b0 |3.}.......HIN...| 000001a0 16 53 ec ff b8 a4 f7 35 2d a7 7a 04 86 66 42 52 |.S.....5-.z..fBR| 000001b0 51 3d 21 62 c5 35 9c e5 cb f9 bf 7b d1 12 b0 18 |Q=!b.5.....{....| 000001c0 7b 6f 88 d9 ef d2 1a 45 3e 51 ac 3e c8 87 8c 47 |{o.....E>Q.>...G| 000001d0 08 d0 90 b5 66 f6 4e c3 75 74 68 c8 7d 14 3a 2b |....f.N.uth.}.:+| 000001e0 83 7d 12 78 37 9e 11 02 3d 63 ba 78 b6 ba 6d 26 |.}.x7...=c.x..m&| 000001f0 30 b0 bf a9 23 1e 83 aa 3d a8 02 5b 77 5f 2a 95 |0...#...=..[w_*.| 00000200 d0 b9 c8 22 a3 a9 fe b0 32 99 8a 46 67 10 b3 d9 |..."....2..Fg...| 00000210 3e 84 02 ec a2 68 7e 69 db 51 99 37 ee 49 66 0b |>....h~i.Q.7.If.| 00000220 af e1 cd b0 25 74 dc ce 29 ed 70 1c 3a bb f2 99 |....%t..).p.:...| 00000230 03 86 6d af 3f 78 4a 86 70 b8 85 15 02 91 be f6 |..m.?xJ.p.......| 00000240 4f f2 73 98 00 c6 76 20 c2 19 c6 e9 6c d0 e5 09 |O.s...v ....l...| 00000250 5c 12 c8 1c a1 3d b7 41 18 26 cb ea d0 92 61 53 |\....=.A.&....aS| 00000260 06 7c f8 5e a8 27 de 76 4e 83 49 2a ab 82 16 03 |.|.^.'.vN.I*....| 00000270 03 00 35 4f b7 51 7c c8 51 25 a4 58 de 8b 4a e2 |..5O.Q|.Q%.X..J.| 00000280 97 cc 48 d0 4d be 9b 8a 44 3b 22 43 b9 82 a4 a5 |..H.M...D;"C....| 00000290 76 38 0b ae 91 d3 20 75 18 50 f3 1b eb 11 fd 86 |v8.... u.P......| 000002a0 4a 1a f1 e8 2a f8 e0 60 16 03 03 00 98 ae e6 1b |J...*..`........| 000002b0 b1 00 f9 14 93 55 be 63 ea 5b 5e d4 18 37 6b 14 |.....U.c.[^..7k.| 000002c0 5c 8e fb 82 51 e1 57 24 b7 4a 8b 55 74 79 70 55 |\...Q.W$.J.UtypU| 000002d0 de 33 82 14 0a 39 0d 91 92 9a 11 c0 4a dd 12 49 |.3...9......J..I| 000002e0 ea 1a 41 df fd f2 4a 79 c3 0a d5 93 5c ea 82 ff |..A...Jy....\...| 000002f0 16 4a 20 91 25 34 5d 72 9d ea 0e 40 dd 6d 86 fd |.J .%4]r...@.m..| 00000300 e9 d1 d9 db 61 e6 62 17 6b 09 47 c4 a7 32 1c 22 |....a.b.k.G..2."| 00000310 f6 e4 41 2a 3e 2b d0 c3 92 56 c5 b8 5f 6d 25 44 |..A*>+...V.._m%D| 00000320 81 e7 1a ed 70 6a a6 94 89 d1 ad 8d d1 c0 df a2 |....pj..........| 00000330 26 6f 20 0b 0e 51 15 dd 05 86 36 88 72 3f e1 5d |&o ..Q....6.r?.]| 00000340 da 9d d3 76 e4 14 03 03 00 11 52 70 cd 84 39 32 |...v......Rp..92| 00000350 7c c0 58 53 9b 32 00 96 14 b6 57 16 03 03 00 20 ||.XS.2....W.... | 00000360 98 94 aa 9f 77 71 42 3e 48 e8 74 8e 27 60 54 c2 |....wqB>H.t.'`T.| 00000370 55 ac 52 99 37 21 f3 1e 30 93 5f 71 06 19 e5 1c |U.R.7!..0._q....| >>> Flow 10 (server to client) 00000000 14 03 03 00 11 45 8e f9 74 04 d0 44 c6 94 80 60 |.....E..t..D...`| 00000010 c1 50 7d b2 64 76 16 03 03 00 20 d5 65 8a b9 26 |.P}.dv.... .e..&| 00000020 54 70 26 de c6 8a 8f 61 a3 b1 9e 8b 49 40 f7 24 |Tp&....a....I@.$| 00000030 4f 75 e0 94 e6 e7 68 51 38 8a 37 17 03 03 00 19 |Ou....hQ8.7.....| 00000040 42 7e 5a e2 46 7b ba 7d 0d 07 20 2a c0 56 fe aa |B~Z.F{.}.. *.V..| 00000050 01 eb ca d2 29 1d ff 85 10 |....)....| >>> Flow 11 (client to server) 00000000 15 03 03 00 12 1d 01 c7 d5 d5 d1 ce 8c 52 15 8f |.............R..| 00000010 75 1e 97 fa 38 5c 65 |u...8\e| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-RenegotiateTwice000066400000000000000000000632411373277661100274360ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 47 d0 f5 d9 f0 |....Y...U..G....| 00000010 59 d1 bf 28 d0 39 36 c0 bc d1 25 fd 5a 63 18 06 |Y..(.96...%.Zc..| 00000020 1e 8a 5c a6 6f d0 f9 b4 02 23 e1 20 df a0 2a 74 |..\.o....#. ..*t| 00000030 1a 52 8b d9 90 01 c2 86 69 12 b8 13 58 aa 59 b0 |.R......i...X.Y.| 00000040 66 79 ff 01 9b 9a 72 1c a6 83 e6 91 cc a8 00 00 |fy....r.........| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 20 97 bd 85 2f cb 85 |........ .../..| 000002d0 be a8 9c e3 ae 6b 23 a5 5b 18 65 5c f5 cc 24 2b |.....k#.[.e\..$+| 000002e0 34 2c 5f c8 4d e9 86 35 0b 08 04 00 80 d2 b6 ee |4,_.M..5........| 000002f0 86 76 aa 1d 9c 1c ee ef 0e 59 63 1d ec f1 cf a1 |.v.......Yc.....| 00000300 f3 5b 6d da 99 9c 40 07 bf 28 ad 72 cd 80 6c 9d |.[m...@..(.r..l.| 00000310 bf a2 20 33 2d d0 67 ef 90 28 88 2b d0 8e c6 9d |.. 3-.g..(.+....| 00000320 87 7a 18 8f 80 ce 25 92 13 8d ef 38 0a 14 f9 67 |.z....%....8...g| 00000330 88 94 ef af 97 d2 21 90 9e 24 2f af 1e bb fa 10 |......!..$/.....| 00000340 4c a7 9f f5 27 63 e6 d8 1a 86 53 c6 3c 15 a8 6c |L...'c....S.<..l| 00000350 b9 bc 8f c4 38 1a 4b 34 36 ec af b2 1e d0 bf 58 |....8.K46......X| 00000360 74 36 ad fb e4 f0 fd 9d 6d 01 cf 51 6c 16 03 03 |t6......m..Ql...| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 e8 d5 df da 49 9a 94 10 30 90 81 |.... ....I...0..| 00000040 c6 19 54 d4 0d e2 0d e0 d9 a3 c0 21 7f a6 d1 cc |..T........!....| 00000050 ea 75 2e 17 01 |.u...| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 f3 92 03 fb 7b |.......... ....{| 00000010 0f 32 0b 5b dd 9e eb c3 26 2c 92 4d 58 35 a8 96 |.2.[....&,.MX5..| 00000020 74 d6 d8 0f 61 b2 7d b6 8d ec e6 |t...a.}....| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 ab 69 44 d0 fe 95 93 ae f9 1b d7 |......iD........| 00000010 33 6c 59 a5 41 cc d2 1b ca 2c 63 |3lY.A....,c| >>> Flow 6 (server to client) 00000000 16 03 03 00 14 99 96 92 c4 82 c8 27 77 a6 f4 ca |...........'w...| 00000010 e5 5b ff 78 bc 54 b6 d7 cd |.[.x.T...| >>> Flow 7 (client to server) 00000000 16 03 03 01 16 d9 6a 26 33 e5 d8 df 32 d1 f5 84 |......j&3...2...| 00000010 1f 37 7f 07 6a ae be 20 84 20 dc 28 31 8e 46 32 |.7..j.. . .(1.F2| 00000020 0b 96 c8 22 28 fb 98 d9 8e 6f 6d 97 66 55 e2 1e |..."(....om.fU..| 00000030 b5 b8 e4 9b 52 25 28 c2 72 cb 9e 14 4c ba 58 6c |....R%(.r...L.Xl| 00000040 3b 33 da 56 db fe 14 d3 4c b4 ce a9 57 64 ae 4e |;3.V....L...Wd.N| 00000050 5f c5 a7 e6 f4 01 51 d7 81 f4 1d ca fa 3f 86 e7 |_.....Q......?..| 00000060 9f 64 28 6e 3f e4 ef 79 77 20 64 45 ed a2 16 e1 |.d(n?..yw dE....| 00000070 b4 63 99 9f 62 6d b7 6d f4 ad 1f fe d9 de 00 84 |.c..bm.m........| 00000080 4b bb 0c bc c8 82 a8 1d 8a ac f6 10 2d 5d d4 c7 |K...........-]..| 00000090 37 f8 fc 89 24 ea c4 b8 87 f4 f4 f0 4b cd db e2 |7...$.......K...| 000000a0 15 03 95 1e c1 10 7c e8 6d 99 6c e0 bc e1 0a a5 |......|.m.l.....| 000000b0 d8 36 eb 59 93 6d 1c 96 1c 61 1b 11 36 04 58 6b |.6.Y.m...a..6.Xk| 000000c0 c5 b0 fb 8e 9f 21 4a 25 a1 59 ee 5d 1b e3 e3 98 |.....!J%.Y.]....| 000000d0 71 0a d8 3f 18 f2 b2 1c 6f ec 6d 87 13 b9 d3 25 |q..?....o.m....%| 000000e0 53 c1 00 78 be 99 82 f6 27 05 24 01 10 1c 59 19 |S..x....'.$...Y.| 000000f0 94 6a af 7e e5 ae c5 03 14 04 e2 fe 5e 59 e8 e0 |.j.~........^Y..| 00000100 45 3d af c0 40 ea 84 0a 13 9c d3 0f d4 69 3f 3e |E=..@........i?>| 00000110 97 83 ac b5 b9 07 56 9a 19 44 ca |......V..D.| >>> Flow 8 (server to client) 00000000 16 03 03 00 81 4b d8 09 ef 6a 5b a2 c2 e0 2c b3 |.....K...j[...,.| 00000010 fa e9 21 b3 64 c7 51 8d d4 14 14 ba 7b 2f f8 1a |..!.d.Q.....{/..| 00000020 e9 f8 7a 69 8b 0b b4 5f 26 c5 b6 2e dd c9 90 04 |..zi..._&.......| 00000030 7d af fd 56 f7 9a 0d 56 09 6c 74 48 49 74 90 71 |}..V...V.ltHIt.q| 00000040 e1 ee 66 4c 1a da 66 43 50 fa 94 2c 84 21 10 f0 |..fL..fCP..,.!..| 00000050 00 85 a7 c2 ea 73 19 52 b7 f2 2a e8 17 17 23 67 |.....s.R..*...#g| 00000060 b6 80 d6 3f e0 a1 ed 81 66 89 0a 0d 48 9f 7f dc |...?....f...H...| 00000070 79 c4 27 9b c0 b8 68 ef 2a 5b ab df 8f 82 d6 ff |y.'...h.*[......| 00000080 84 38 f8 a4 f2 98 16 03 03 02 69 1f c6 1c dc 85 |.8........i.....| 00000090 f1 66 8d 7f 7f aa 36 cd c6 d4 cc 38 c8 8d 98 75 |.f....6....8...u| 000000a0 92 d2 db b4 49 0c 09 cc af e6 5b 07 64 76 34 c8 |....I.....[.dv4.| 000000b0 41 49 85 5e b4 68 ac 35 04 72 00 70 33 f7 5f a7 |AI.^.h.5.r.p3._.| 000000c0 84 40 34 03 2f 89 25 06 a1 50 dc ea d7 c4 29 57 |.@4./.%..P....)W| 000000d0 f9 5b 57 63 14 02 1e 74 db 5d 02 cf c4 f1 89 f6 |.[Wc...t.]......| 000000e0 6a 77 ce 87 5c 3a 61 b8 7d 02 f0 0e 6e 85 2a 51 |jw..\:a.}...n.*Q| 000000f0 d8 ad 4a 9f 65 04 4c 00 d0 35 76 01 dc 03 cf ca |..J.e.L..5v.....| 00000100 6b 11 83 9e 70 33 82 f6 cb eb 4c da 44 76 89 ab |k...p3....L.Dv..| 00000110 d4 65 01 e6 08 7b 2a 3d 49 02 39 85 e8 ff 53 fd |.e...{*=I.9...S.| 00000120 d0 ce 2a f0 11 3c 02 8f bd b8 2f ea 81 a1 64 10 |..*..<..../...d.| 00000130 7b c2 8b 72 f3 32 7b 36 80 13 17 8b 83 dc ce 3a |{..r.2{6.......:| 00000140 29 44 06 66 c9 c3 83 cc 28 38 c5 02 7c 3d b6 30 |)D.f....(8..|=.0| 00000150 55 07 a0 08 bb b3 e1 1e a8 a5 74 60 51 be ee dd |U.........t`Q...| 00000160 aa 83 09 e9 f3 c7 a5 1e 20 fc 6d d5 82 af f5 b6 |........ .m.....| 00000170 5b 23 dd 81 ce 78 5a 3c 92 c3 96 e1 aa e5 ad 24 |[#...xZ<.......$| 00000180 da 89 41 44 8b 0b 42 df e5 28 11 8e 9a e0 06 51 |..AD..B..(.....Q| 00000190 80 93 15 31 ec 8c 3e 60 92 ab a5 ec 25 5c c5 10 |...1..>`....%\..| 000001a0 ac 0f 01 1b c4 36 d5 f0 52 c7 0b f7 9b 40 9b c0 |.....6..R....@..| 000001b0 18 ad 1c eb 49 ed 8e 27 b6 35 b4 20 e0 e6 df 04 |....I..'.5. ....| 000001c0 69 d6 b5 56 04 30 d4 3d b0 9f e6 21 66 e7 97 cb |i..V.0.=...!f...| 000001d0 2f bd b2 b2 c1 be 4b 4f 6e 88 60 a1 cb eb b4 86 |/.....KOn.`.....| 000001e0 92 07 da 3c fa 8b 1a de 1c e7 6b c0 53 70 e7 ee |...<......k.Sp..| 000001f0 2f 70 4f e0 2a a3 b4 dc af 64 4f 5a 44 f9 ff fc |/pO.*....dOZD...| 00000200 7f 2f 7e 22 13 47 ed f4 ec 0c fa 01 21 e3 c1 d6 |./~".G......!...| 00000210 c7 53 f4 de 6c 91 c5 85 bd 3c a7 f3 d6 e7 f3 31 |.S..l....<.....1| 00000220 13 59 b7 ee 0b f7 6a 88 76 94 ab 45 41 9e ab d7 |.Y....j.v..EA...| 00000230 71 59 7e 45 ed 4d a0 12 4a 81 6a 15 05 a9 21 94 |qY~E.M..J.j...!.| 00000240 40 f0 1d aa 7e b3 d4 6d a6 ff 46 94 e6 d0 16 46 |@...~..m..F....F| 00000250 60 ac c5 15 94 d5 f7 76 1e 8b 90 e6 17 ff 5c 21 |`......v......\!| 00000260 d0 f9 98 25 0f 98 8b 6c 0f 2c 2a 92 0a f0 90 3d |...%...l.,*....=| 00000270 ef 9a 40 67 21 83 f7 5c 95 24 97 f6 45 51 81 4c |..@g!..\.$..EQ.L| 00000280 4b e1 64 0a f5 dd 02 fd 8d 21 d1 ef f8 96 70 4b |K.d......!....pK| 00000290 58 aa 3c f9 b1 f1 e9 fd 31 ea fc 68 4b c9 fa 79 |X.<.....1..hK..y| 000002a0 6d 2e 54 d7 1c 9d 5d 62 fc 43 2f cb 6a 48 4d 2e |m.T...]b.C/.jHM.| 000002b0 07 71 7b f2 b3 e6 08 8b 13 ca f0 e9 c1 d2 cc 7a |.q{............z| 000002c0 9a 49 e9 7b aa e8 bb d2 cf 97 73 b8 9a 3f 8b 01 |.I.{......s..?..| 000002d0 b9 cf c6 81 fd 99 fc c9 43 08 35 2c a0 fb 38 32 |........C.5,..82| 000002e0 8b d8 5b d4 20 41 a0 57 e6 34 c1 d8 66 6e 16 e7 |..[. A.W.4..fn..| 000002f0 78 4f e8 58 16 03 03 00 bc d3 91 f3 88 2f ec 1c |xO.X........./..| 00000300 da 94 cb b0 69 70 a2 41 4c fd 40 0d a0 97 01 34 |....ip.AL.@....4| 00000310 35 83 e6 3f a8 b0 c9 26 8d f1 8a c1 f6 a6 ab a4 |5..?...&........| 00000320 63 65 5a 10 38 d2 87 a7 8d ae ca 9e c6 23 7e c6 |ceZ.8........#~.| 00000330 c8 45 37 e8 7c 4b 40 5a 5b 68 19 bb 36 83 81 41 |.E7.|K@Z[h..6..A| 00000340 b2 fe 7c 39 7e 9f 95 3a 45 2e 9f 96 35 26 81 73 |..|9~..:E...5&.s| 00000350 4d 0f c3 09 61 32 eb 64 4b 46 76 c1 0e ca cf 02 |M...a2.dKFv.....| 00000360 6a f3 75 f3 bf aa b0 f8 43 e3 6b d1 c4 27 3e fe |j.u.....C.k..'>.| 00000370 06 a2 49 e4 bb 56 c5 c0 5d 36 81 06 97 ed ff a2 |..I..V..]6......| 00000380 99 78 43 0a c5 20 df a3 ac b7 8f 61 a2 ff 48 66 |.xC.. .....a..Hf| 00000390 ea c1 b6 57 38 fc 36 7c dd 30 b5 ce 58 b1 18 82 |...W8.6|.0..X...| 000003a0 e5 2a 54 d8 4d da f1 fc 98 06 97 43 d5 dc d9 3e |.*T.M......C...>| 000003b0 d4 f8 a3 76 9c 16 03 03 00 4a 78 c0 f2 02 60 a4 |...v.....Jx...`.| 000003c0 8e 9a cd 31 30 e9 16 df ce 98 bb 95 50 a0 05 48 |...10.......P..H| 000003d0 6c c2 ce c5 e2 77 f2 4a d0 45 80 97 98 d4 38 d1 |l....w.J.E....8.| 000003e0 90 04 91 48 cb 52 40 d3 a4 cb 8d 68 dc 64 9c 07 |...H.R@....h.d..| 000003f0 cb 8c b9 3b f8 44 fe 47 69 67 fb 2d ab 44 db d0 |...;.D.Gig.-.D..| 00000400 58 55 83 81 16 03 03 00 14 51 82 e0 57 8e cb 4a |XU.......Q..W..J| 00000410 d4 59 6e 58 f7 6d 44 3f f5 83 64 52 51 |.YnX.mD?..dRQ| >>> Flow 9 (client to server) 00000000 16 03 03 02 69 96 85 13 d5 b1 07 ec bb 1c c1 be |....i...........| 00000010 a3 42 10 c8 e0 ec f8 f1 67 29 d5 52 ef bb 32 e8 |.B......g).R..2.| 00000020 7b e5 a7 3f ab 71 2d 74 20 f7 8a a7 1f bf 7c 4b |{..?.q-t .....|K| 00000030 8b 95 db 07 3c ad 86 5e b3 98 32 e9 5a ce 96 08 |....<..^..2.Z...| 00000040 c5 64 44 27 fb bc 44 29 49 44 32 3f 64 e8 86 1b |.dD'..D)ID2?d...| 00000050 54 63 74 3d a1 99 4d 4a 3e 5a 76 71 39 81 de df |Tct=..MJ>Zvq9...| 00000060 90 e4 f6 ac 96 15 0b 70 ad 7e 8a 1d 69 86 65 6e |.......p.~..i.en| 00000070 63 bf fb f2 6f 21 d5 66 ad f1 b1 09 05 04 f9 09 |c...o!.f........| 00000080 0e 0c 12 74 c1 cd f1 5e fa f1 1b cd 3b 2b 13 8f |...t...^....;+..| 00000090 fb f6 fd b0 ca ea 73 1b 38 ad db 6b fd 29 34 db |......s.8..k.)4.| 000000a0 51 4a 44 97 a7 2f 2a 98 d6 cc d5 c4 b9 17 23 ab |QJD../*.......#.| 000000b0 09 27 15 a5 35 3b 2b 7e b2 3b fd 12 1b 11 90 4d |.'..5;+~.;.....M| 000000c0 81 1b 84 bb fd 72 09 31 5e 78 0e f6 b6 60 44 bb |.....r.1^x...`D.| 000000d0 6c 06 72 0b ba ba 60 f6 c1 cb 7e 45 a9 25 44 3d |l.r...`...~E.%D=| 000000e0 ba da 71 99 bb 79 b3 73 ef eb c2 cc 07 87 76 f5 |..q..y.s......v.| 000000f0 e9 7c d9 47 8c fc 7d b7 a0 70 72 04 1e 3d 9b 2f |.|.G..}..pr..=./| 00000100 85 9f c8 2f d9 20 4e 00 97 d6 dd dc ae a1 04 96 |.../. N.........| 00000110 83 e1 4f f3 0d ad 9c ce 5f e7 7b 88 7a b7 d2 ce |..O....._.{.z...| 00000120 0a 61 95 d2 78 e3 45 a8 10 5e d9 ae d2 e1 22 bf |.a..x.E..^....".| 00000130 59 9c 4a 2c 28 fb c1 b6 89 3b 65 8c 94 a9 f0 7c |Y.J,(....;e....|| 00000140 86 98 8f 22 c4 18 47 e4 f0 b9 42 dd 34 ab 2a 8e |..."..G...B.4.*.| 00000150 fc 8f ce 09 ec 6f 57 6b d1 ab 32 fd 84 e2 9f 7e |.....oWk..2....~| 00000160 f5 b7 5d 26 aa 37 da e9 f3 18 6f 56 74 03 ff 1e |..]&.7....oVt...| 00000170 87 95 fb 93 57 2e 32 fb b3 cf d2 0d 42 02 4f 6a |....W.2.....B.Oj| 00000180 9e de ee 6a e6 7e e5 d2 ba cb 00 5d ff b4 6d 7f |...j.~.....]..m.| 00000190 23 5e 93 be e9 3a c1 b4 78 30 53 90 07 e4 a7 af |#^...:..x0S.....| 000001a0 da e1 29 7d 50 a5 76 ec a8 5e 96 50 45 26 c4 9d |..)}P.v..^.PE&..| 000001b0 c1 99 98 c6 1a bf 93 c1 63 b3 0a 2d af c8 29 7d |........c..-..)}| 000001c0 ef b2 d3 8f aa 93 fb be 39 c0 a1 65 51 e8 6e c4 |........9..eQ.n.| 000001d0 45 cb 2a 52 b7 ec e0 48 c0 b2 cc c7 72 12 18 e0 |E.*R...H....r...| 000001e0 c7 9f fa 09 97 95 16 9f f4 5d 70 c5 d6 7f 23 d5 |.........]p...#.| 000001f0 53 98 d0 80 50 9b 52 46 11 d4 97 ea 47 26 f5 6f |S...P.RF....G&.o| 00000200 66 7b 8a cc f8 8d 70 c7 ec fa 72 de ba ac d4 b2 |f{....p...r.....| 00000210 be 7d d8 78 44 dd de 66 53 26 f4 c0 8a 67 61 cb |.}.xD..fS&...ga.| 00000220 46 34 3d 6f 9e 9b dc ee 4a b9 5c 67 2b d9 87 2a |F4=o....J.\g+..*| 00000230 35 42 1c 3e b8 08 c9 32 13 a6 6f fc 4d cc be dd |5B.>...2..o.M...| 00000240 ad 76 19 1c 2d b3 6e 04 a1 17 05 93 b9 69 27 42 |.v..-.n......i'B| 00000250 23 13 7b c0 f1 53 9c b5 1d 8e 5c f6 40 7e 5a e9 |#.{..S....\.@~Z.| 00000260 20 dd 18 7a 0c f2 7b 5a ec 3d 4e 3b 29 b2 16 03 | ..z..{Z.=N;)...| 00000270 03 00 35 15 15 54 38 4e 87 f1 c1 9a 90 b2 74 df |..5..T8N......t.| 00000280 72 34 aa 0b 41 f3 df b4 c5 fd 50 00 2a 36 a8 d5 |r4..A.....P.*6..| 00000290 c4 49 ac b8 58 3e 89 48 cb a9 4e b1 a9 0f ee 51 |.I..X>.H..N....Q| 000002a0 37 d3 60 ca 23 76 68 0b 16 03 03 00 98 53 3c 0e |7.`.#vh......S<.| 000002b0 d5 3b d3 78 9f 47 5d 9e 1b b6 04 5f d4 04 66 55 |.;.x.G]...._..fU| 000002c0 68 bd d7 ab 54 b7 e5 9a 12 9b 0c 1d 75 7b c7 35 |h...T.......u{.5| 000002d0 e3 9e 9d a0 8f 61 7a 32 d1 a7 23 2a b6 ba 48 7c |.....az2..#*..H|| 000002e0 1a 62 66 61 b4 3d e8 e3 a9 4e 85 7a 8d 5b f3 69 |.bfa.=...N.z.[.i| 000002f0 c8 bc 0a 8a c7 e4 df 78 9b a8 cf 1d 37 14 90 a5 |.......x....7...| 00000300 a8 ce f7 1f e7 a3 e5 d8 97 be 95 fd d3 c0 d0 81 |................| 00000310 bf a6 e1 b3 6b 29 ee c6 16 3c 4c 68 6e b4 42 72 |....k)...>> Flow 10 (server to client) 00000000 14 03 03 00 11 1b a8 a8 a9 c6 a8 85 60 bc 14 0d |............`...| 00000010 86 ce a5 0f 45 17 16 03 03 00 20 cb 3a 73 db 55 |....E..... .:s.U| 00000020 05 7e 3e 4b 6d d0 eb ca 68 39 bf 71 ba 6c e5 0c |.~>Km...h9.q.l..| 00000030 a7 90 d6 c1 b8 55 87 c6 20 40 35 17 03 03 00 19 |.....U.. @5.....| 00000040 28 50 71 7c f0 7c 1e 61 fb de 5d d1 bb 77 f6 c8 |(Pq|.|.a..]..w..| 00000050 a4 76 8d ab d4 c2 fe 27 96 16 03 03 00 14 e4 7e |.v.....'.......~| 00000060 51 bb 26 a8 9c 0c b0 25 7a 57 b9 98 c2 20 5a 50 |Q.&....%zW... ZP| 00000070 07 ca |..| >>> Flow 11 (client to server) 00000000 16 03 03 01 16 66 3c 1a 62 c3 4a f9 e4 66 01 d4 |.....f<.b.J..f..| 00000010 f7 e8 5a fb 95 c4 40 33 d4 af 61 78 d6 54 91 2b |..Z...@3..ax.T.+| 00000020 62 72 d5 7b b8 2c 71 11 4e 0c 2d 79 6d 41 b1 9e |br.{.,q.N.-ymA..| 00000030 df 59 d8 e0 5c 72 98 b5 29 55 1e 9b 01 a5 af 2c |.Y..\r..)U.....,| 00000040 c3 87 4b f0 c8 ca 4d 56 fb 3a 7e 04 e5 b6 4f 6d |..K...MV.:~...Om| 00000050 1e 53 26 5d af fb 17 ee 97 87 45 2f df 1b 21 80 |.S&]......E/..!.| 00000060 21 81 2b 18 2d 2d e9 3c c4 01 32 91 b7 88 27 9e |!.+.--.<..2...'.| 00000070 26 40 e7 6a 27 c5 a0 b4 a3 ed 4d 4b a4 e3 0b c7 |&@.j'.....MK....| 00000080 49 42 ca ef e9 16 5c 98 8d ab fc 7d 00 83 03 89 |IB....\....}....| 00000090 a4 97 1e 3f 9e d8 ba c5 f5 2a 0b 0a ed a0 a5 59 |...?.....*.....Y| 000000a0 27 03 36 7e 94 d8 9a 3c fc f6 f6 52 b6 a7 fa 36 |'.6~...<...R...6| 000000b0 04 83 2f e7 99 e5 1c 56 27 48 13 a0 59 ca ca 3b |../....V'H..Y..;| 000000c0 36 2d 25 e8 6f 6a cb 07 74 f8 1b 7d ba 3e 6e e1 |6-%.oj..t..}.>n.| 000000d0 1d 3e 93 c6 23 f4 eb bf ad 62 21 1a da 53 e1 13 |.>..#....b!..S..| 000000e0 0a 3a 9c 57 48 d5 ee d3 72 af c3 74 fc 74 67 7d |.:.WH...r..t.tg}| 000000f0 b4 76 fc 21 55 67 49 92 fc 71 5d 42 69 d6 01 b5 |.v.!UgI..q]Bi...| 00000100 83 4e b8 cd f9 ed 28 41 ae 95 2f d6 69 b0 d3 b8 |.N....(A../.i...| 00000110 bd 06 d6 00 74 44 c9 47 aa 8e 1d |....tD.G...| >>> Flow 12 (server to client) 00000000 16 03 03 00 81 d3 99 6f 14 2b a1 f4 d7 45 c9 94 |.......o.+...E..| 00000010 69 0b b3 72 f4 2c 2e 5c 80 96 09 20 2f 63 a1 e4 |i..r.,.\... /c..| 00000020 8b df d7 22 11 71 bd 17 db da 2d c6 78 e8 9a 95 |...".q....-.x...| 00000030 6b 39 34 a2 13 7f 39 77 8b e5 1b 6c 4b 20 79 40 |k94...9w...lK y@| 00000040 a1 d9 69 89 b1 e2 60 8a 75 88 ae 83 b9 4f 42 a4 |..i...`.u....OB.| 00000050 c9 c7 44 ac 0d 3f 1c ca 49 f9 a7 05 e2 c7 05 cd |..D..?..I.......| 00000060 30 30 d2 f9 c2 87 60 33 3b 25 d0 e0 5e c2 bd 98 |00....`3;%..^...| 00000070 9c 51 d8 38 c9 ef 04 f4 39 30 50 b6 35 53 f6 95 |.Q.8....90P.5S..| 00000080 eb 5d 67 05 62 9a 16 03 03 02 69 39 94 a1 8d 01 |.]g.b.....i9....| 00000090 37 64 c6 be bb 9c 22 9d 56 e8 68 ab 0f 7a 3a e7 |7d....".V.h..z:.| 000000a0 2d 26 b7 ba 3e 54 38 b3 32 9d 7b d7 43 c4 d2 b3 |-&..>T8.2.{.C...| 000000b0 9a 84 62 73 03 7a f2 68 ec 3e 41 d2 68 c9 22 1a |..bs.z.h.>A.h.".| 000000c0 e9 4d 9c e8 80 6a a9 9e 6a bd 67 5d 77 97 8b f7 |.M...j..j.g]w...| 000000d0 32 cb 3a cb c2 c0 a1 40 7e 63 81 5f 19 a5 71 20 |2.:....@~c._..q | 000000e0 c3 76 88 ae 5c d4 bd 54 08 e7 7e e7 77 7e 3d 91 |.v..\..T..~.w~=.| 000000f0 b5 40 f7 7e 95 d5 e3 f2 e5 4a 57 f6 d9 94 df 07 |.@.~.....JW.....| 00000100 56 45 09 c4 bc 65 05 04 57 f4 00 c5 91 4c dc 4d |VE...e..W....L.M| 00000110 a0 1e c6 e2 37 35 d0 5a e9 79 ce f5 91 6d 3e 39 |....75.Z.y...m>9| 00000120 c3 68 6a 76 6d f3 29 1d e0 ef b2 20 3e 2a ac 11 |.hjvm.).... >*..| 00000130 7e 11 2d a3 84 60 94 b5 8e 3a e6 4b 34 70 aa f8 |~.-..`...:.K4p..| 00000140 e3 f9 0f 2c a4 bf 5b 27 7e c9 5e 6f c0 11 b4 ff |...,..['~.^o....| 00000150 53 6b 98 ee 20 77 87 87 fc 8e 30 1b 8f 74 29 af |Sk.. w....0..t).| 00000160 a2 c7 e8 c1 da e5 d7 0f 70 ec 27 23 46 3f 16 b1 |........p.'#F?..| 00000170 59 bd 43 76 09 1d 8c f4 eb 17 10 a5 c1 1a e0 c6 |Y.Cv............| 00000180 45 e2 d2 dc 6d f4 9a 87 36 ef 71 18 5c 1d e7 7c |E...m...6.q.\..|| 00000190 40 d6 4c 16 ee 58 75 d7 56 9f 2e 17 80 1d 74 1c |@.L..Xu.V.....t.| 000001a0 fd 86 7c 2b 05 ac ef 07 18 a3 98 73 fa 9c 16 6c |..|+.......s...l| 000001b0 14 95 37 91 1e a2 c7 47 a8 87 11 35 30 d8 ed 60 |..7....G...50..`| 000001c0 ba 65 ee 66 2b 1f db 67 c2 d0 71 26 3d ae 17 94 |.e.f+..g..q&=...| 000001d0 f0 f6 65 01 bb 1d 85 7e b3 d8 2c f1 96 c5 d5 e0 |..e....~..,.....| 000001e0 97 a4 3e df 97 ff 8f 4b e3 72 49 c4 5b 87 4e 06 |..>....K.rI.[.N.| 000001f0 93 11 75 04 7b 80 9d 1c a7 85 a3 2c f1 16 8a b9 |..u.{......,....| 00000200 78 6b 27 1e 9a e3 86 eb f9 42 95 10 02 d5 b6 01 |xk'......B......| 00000210 b3 94 04 63 49 50 9e 11 71 07 aa a1 d6 9d d1 db |...cIP..q.......| 00000220 f4 ea 2e bb fa ca 1e 00 53 75 70 de 0a 72 eb 55 |........Sup..r.U| 00000230 ab b7 ff 30 ad 5e 7e 13 90 75 42 5d 07 07 21 0f |...0.^~..uB]..!.| 00000240 db a6 f4 61 9c bf 31 34 e4 98 bb c4 ac 41 2d 76 |...a..14.....A-v| 00000250 fb 6c 30 b0 e2 98 5f ed d9 a8 42 d7 75 a1 bc 36 |.l0..._...B.u..6| 00000260 f2 3e c5 ac 50 ae c7 2e 42 35 6c 1a 47 aa 1f 0a |.>..P...B5l.G...| 00000270 2f ff 6e 0a a5 c4 b5 a5 92 3f 54 d0 4e 62 6e 3e |/.n......?T.Nbn>| 00000280 cb 07 2d 4d 1a fb 94 5b f8 d0 5b 26 34 2b 1b 26 |..-M...[..[&4+.&| 00000290 8c dd 91 a7 66 21 89 d0 11 24 a5 5f 99 ae 62 84 |....f!...$._..b.| 000002a0 34 9c d2 45 71 74 8c 68 db 8b ad 6f df 08 35 38 |4..Eqt.h...o..58| 000002b0 ed 5c 3b 3e 55 a1 c3 16 b6 61 f4 4d 6d d0 2a 5d |.\;>U....a.Mm.*]| 000002c0 10 fb 64 c9 6f 87 6f 3d ff d1 a0 97 64 b4 12 f9 |..d.o.o=....d...| 000002d0 2a a8 46 59 1b e4 6b d8 c9 3e ac 14 00 4f 1a e6 |*.FY..k..>...O..| 000002e0 26 9b 86 32 a3 9b 37 eb c1 cf 9a 70 16 2e 4a b0 |&..2..7....p..J.| 000002f0 6e e5 fc c2 16 03 03 00 bc bf c4 ea e0 dc be fe |n...............| 00000300 33 7f ef 2b d9 50 f7 87 d5 30 2b 09 bb 63 1e 4c |3..+.P...0+..c.L| 00000310 9c 3c a9 10 4e 04 e1 85 29 44 f9 ea 32 61 12 6e |.<..N...)D..2a.n| 00000320 63 0f d9 e7 e9 c8 81 a0 eb 4e fe 90 bf f4 f4 af |c........N......| 00000330 22 66 21 86 dc 2c f6 ed b1 be eb b1 ac 14 f5 ce |"f!..,..........| 00000340 6c b9 a8 45 e4 3f 09 d1 b1 f3 69 f7 df c4 f0 6c |l..E.?....i....l| 00000350 48 f6 15 80 8a b8 b0 39 0e e9 22 9a 5c 72 f9 fa |H......9..".\r..| 00000360 95 01 9d ca e4 68 ef 72 e2 34 28 a5 04 5d d2 30 |.....h.r.4(..].0| 00000370 c6 33 80 a8 f1 8f fb 6c ec 15 c3 7c 68 7c a2 2e |.3.....l...|h|..| 00000380 4d ba 64 af fb f5 b8 f7 6b 6b 8c 5c 56 dc dd 69 |M.d.....kk.\V..i| 00000390 39 d8 73 75 e3 be 17 09 3f 80 ed cc 12 5b ca d9 |9.su....?....[..| 000003a0 e6 e2 50 88 41 0b 39 8e 84 6f fb 6a c3 8e 4f fc |..P.A.9..o.j..O.| 000003b0 dc 18 ca 02 18 16 03 03 00 14 5e ac 52 4d 0b 89 |..........^.RM..| 000003c0 33 7d fe 1c d9 b5 1d 1c 2b 6d d4 4f 12 33 |3}......+m.O.3| >>> Flow 13 (client to server) 00000000 16 03 03 00 35 a4 b8 43 07 6e 71 c9 b4 fa e1 9c |....5..C.nq.....| 00000010 a7 9d 0b 47 d8 ea 8b bd ea c2 f5 bf 36 fa 88 95 |...G........6...| 00000020 3b 98 b3 7e 19 21 9b 0f 58 76 e8 de 5b 24 d3 b5 |;..~.!..Xv..[$..| 00000030 81 bd 11 ce 86 02 b0 d1 3b ac 14 03 03 00 11 3f |........;......?| 00000040 4e a4 96 06 71 44 5f 57 30 5e 1a bc 22 8d 42 97 |N...qD_W0^..".B.| 00000050 16 03 03 00 20 23 e7 90 a5 0a 32 b4 69 06 d7 77 |.... #....2.i..w| 00000060 df ef f6 2f b8 d8 22 39 08 4f 39 02 e0 7f 62 93 |.../.."9.O9...b.| 00000070 02 b9 8e a5 b6 |.....| >>> Flow 14 (server to client) 00000000 14 03 03 00 11 0e 2d 1e 73 95 29 15 86 03 a2 da |......-.s.).....| 00000010 6c f4 d2 02 2c 57 16 03 03 00 20 cd a2 f5 b6 da |l...,W.... .....| 00000020 0c 35 45 96 54 c3 96 5d d8 e6 03 49 7b 5c d4 6f |.5E.T..]...I{\.o| 00000030 02 da 27 9e 2f a7 09 57 1b de 7b 17 03 03 00 19 |..'./..W..{.....| 00000040 18 06 7d aa 5c 93 a9 b3 d3 14 0b 76 78 a2 57 73 |..}.\......vx.Ws| 00000050 2f a3 4f 66 c4 b3 ee 21 95 |/.Of...!.| >>> Flow 15 (client to server) 00000000 15 03 03 00 12 55 f7 2f b2 a2 e7 59 6c f6 a9 2d |.....U./...Yl..-| 00000010 d1 17 88 01 49 c6 f2 |....I..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-RenegotiateTwiceRejected000066400000000000000000000447411373277661100311100ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 bb ec 39 c5 f2 |....Y...U....9..| 00000010 dd a8 26 56 80 09 60 f5 d8 0a 93 6d 08 c4 30 c2 |..&V..`....m..0.| 00000020 cf 0c 44 86 49 a3 19 84 20 38 98 20 0d 8b 81 b5 |..D.I... 8. ....| 00000030 a7 42 37 27 1b 9c be 36 8f 9b 49 31 4f 73 67 a7 |.B7'...6..I1Osg.| 00000040 78 9f 46 e5 9e 3b 45 ff e9 16 11 ca cc a8 00 00 |x.F..;E.........| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 2f ad 87 a5 c9 9e c7 |........ /......| 000002d0 f6 f1 05 9a 44 97 57 34 6b 3a 30 54 4c 0e 47 5e |....D.W4k:0TL.G^| 000002e0 16 d3 c9 c2 25 a8 47 e5 63 08 04 00 80 9f 54 b4 |....%.G.c.....T.| 000002f0 c1 aa bb 15 07 5c b1 52 ef bd 26 fa ec ce 70 31 |.....\.R..&...p1| 00000300 90 fb f5 4d d2 26 0c 64 6f b3 9f 7f 27 c7 a5 b2 |...M.&.do...'...| 00000310 d1 6d cf 0e 9c 91 e3 c4 20 f7 e3 ae 95 ff 6d ce |.m...... .....m.| 00000320 80 b5 30 89 6c a2 dd 31 26 5b 24 19 7a 30 f7 43 |..0.l..1&[$.z0.C| 00000330 71 a8 e9 1a 27 ee 46 86 44 56 b1 f3 2e e1 bd d5 |q...'.F.DV......| 00000340 79 99 34 0c 9b 01 e6 bb 0f ad 96 4a 68 0f 10 79 |y.4........Jh..y| 00000350 e9 91 7f 06 e6 02 32 ba 8c b6 a2 0c 4b 6d 09 f6 |......2.....Km..| 00000360 28 8f 94 e8 10 e1 ca 48 6c de 56 c2 5c 16 03 03 |(......Hl.V.\...| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 d5 77 86 8e 32 60 6b 0f 0f 36 33 |.... .w..2`k..63| 00000040 89 fe 51 b8 69 3a 1f 37 b3 d1 eb 43 ab e0 f6 db |..Q.i:.7...C....| 00000050 8b 9d 3c 0d 9a |..<..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 ed 78 35 a3 71 |.......... .x5.q| 00000010 34 a9 40 b2 be 15 dc a9 10 86 e0 de 94 23 e9 51 |4.@..........#.Q| 00000020 2c 01 1e 34 19 07 53 20 59 ac f9 |,..4..S Y..| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 f3 a2 5f da 1c 09 70 76 af 14 83 |......._...pv...| 00000010 e5 7f 6f c9 9a 61 7f d9 e6 86 3c |..o..a....<| >>> Flow 6 (server to client) 00000000 16 03 03 00 14 71 23 15 46 93 87 94 38 01 d0 1b |.....q#.F...8...| 00000010 1a 34 db 58 17 d0 ac 62 87 |.4.X...b.| >>> Flow 7 (client to server) 00000000 16 03 03 01 16 46 70 b5 5f 98 fc af a8 cb d6 7c |.....Fp._......|| 00000010 8c 1e 60 c3 68 25 20 7b 95 9a 0c 04 b3 2c 52 b2 |..`.h% {.....,R.| 00000020 30 f9 db cf 64 48 0a 46 9b 7a 11 76 11 5c 22 0c |0...dH.F.z.v.\".| 00000030 ef fa e6 6e a1 90 29 b3 64 aa ff 4d cb 7d 4d 91 |...n..).d..M.}M.| 00000040 c0 05 99 a0 3d 25 b2 1e 7c c4 d2 94 6b bf f0 f7 |....=%..|...k...| 00000050 0f 6a 3b 4c 66 c7 8a 26 9e 4f 79 68 50 5c f9 92 |.j;Lf..&.OyhP\..| 00000060 97 e1 a5 86 aa f2 e9 d5 8a a1 96 a7 37 82 71 7d |............7.q}| 00000070 7d 7e b6 77 a3 3d 84 40 58 0d 66 cd 52 6c 9b 18 |}~.w.=.@X.f.Rl..| 00000080 e2 c4 f0 dc 3d 9e 0e b8 49 ca 64 f3 71 c5 24 34 |....=...I.d.q.$4| 00000090 e7 ca c3 87 f6 b9 2c 6a 95 12 4d 9d 4a 4d fe 8a |......,j..M.JM..| 000000a0 51 16 6e c9 00 64 c0 d1 da ae e6 14 66 d2 a8 80 |Q.n..d......f...| 000000b0 35 ae 86 f6 64 f8 56 87 8a 40 46 43 ae d1 d1 fb |5...d.V..@FC....| 000000c0 64 1d 00 a1 3d e9 d9 7a b5 fb 71 2a db 76 5a 74 |d...=..z..q*.vZt| 000000d0 03 c3 79 df e6 90 e9 7e de f9 0e 70 7a 65 3c 68 |..y....~...pze| 00000100 cc f9 8d a6 56 37 0d ff 92 8f 1b 36 b3 3d 0b f5 |....V7.....6.=..| 00000110 5b fb fb 1e 4d c8 cb 84 39 5b 87 |[...M...9[.| >>> Flow 8 (server to client) 00000000 16 03 03 00 81 25 44 f6 91 ed d5 01 fa 88 d6 74 |.....%D........t| 00000010 f7 cd 6d ba 85 76 1d bd ef 7b 31 51 db b4 42 a3 |..m..v...{1Q..B.| 00000020 0a 89 3f 47 dc ca 18 39 84 5d 5a 4e d2 cd ba 75 |..?G...9.]ZN...u| 00000030 b9 75 53 28 8c 85 6e 84 02 39 0a d2 59 ee ac 2f |.uS(..n..9..Y../| 00000040 fe a3 e4 fb 8c a1 72 e3 9f 28 8b 13 92 a8 5b 70 |......r..(....[p| 00000050 24 f0 1b 6d 19 aa f1 b2 bf 8a 1f e2 3a 3e 3f e2 |$..m........:>?.| 00000060 57 16 12 9e e8 21 11 66 b9 96 71 36 46 e1 2e fc |W....!.f..q6F...| 00000070 1e 40 a2 e2 6a 4d 4b 91 7a 50 0b d0 87 d1 04 16 |.@..jMK.zP......| 00000080 2f 47 4d f2 c9 68 16 03 03 02 69 9a 28 7b f7 fc |/GM..h....i.({..| 00000090 8b e7 2b 40 88 1c 30 c1 5a f6 1d 51 a9 a8 5e 70 |..+@..0.Z..Q..^p| 000000a0 73 1c 43 a7 3c 11 7e d5 92 78 b1 4f fd 5d 55 c6 |s.C.<.~..x.O.]U.| 000000b0 5a ef 83 88 b2 e2 33 2a 27 cd 2e e8 d2 f4 2b d4 |Z.....3*'.....+.| 000000c0 d5 b0 35 54 f6 a1 9c 07 75 10 8b 5d b9 dc bb 83 |..5T....u..]....| 000000d0 76 43 f6 7e 70 2f 7c fe 8e 64 ca 00 65 df a4 e1 |vC.~p/|..d..e...| 000000e0 a9 ad 71 79 d6 83 21 f6 9c 1b 88 d4 bb 51 3c 8a |..qy..!......Q<.| 000000f0 8c e5 c2 13 30 bd 6b 60 29 01 3e a0 cc 19 69 54 |....0.k`).>...iT| 00000100 f0 2d dd a9 a1 24 a3 cc 13 9b 9a 8b f5 06 88 a9 |.-...$..........| 00000110 9d ec c1 6f 0c b2 dd b3 60 be 23 ee 67 26 2d 65 |...o....`.#.g&-e| 00000120 b1 99 9a 5b 92 c5 06 79 47 c6 4d 39 36 83 3b 4b |...[...yG.M96.;K| 00000130 96 f0 03 41 5c f9 fa 7c 3e d5 bf 67 1c a3 cf 6f |...A\..|>..g...o| 00000140 26 98 e0 2a 2d 64 60 c2 71 b1 b3 35 ba 8a 38 00 |&..*-d`.q..5..8.| 00000150 88 cf 5a a5 2b 89 83 f3 04 ad 24 97 fa 34 69 fd |..Z.+.....$..4i.| 00000160 d7 70 00 09 ce 0f 60 f7 84 7d e3 5e 19 a9 1b dd |.p....`..}.^....| 00000170 45 3f 34 ae d4 c5 5c 1f 32 81 69 ea 22 44 1d c6 |E?4...\.2.i."D..| 00000180 a3 ca 99 c5 44 09 76 cb e2 ed 2e fd 23 09 d4 ea |....D.v.....#...| 00000190 62 cf cb 93 88 02 ca 8c 90 05 c9 0e 8d ff 8f e1 |b...............| 000001a0 2d ef 52 1c ed 01 53 ef a6 ee 11 11 b7 2b c8 b4 |-.R...S......+..| 000001b0 6e 32 8c 54 7a 2b 19 e1 32 3e d0 92 87 81 76 04 |n2.Tz+..2>....v.| 000001c0 c0 fd 99 3b 04 00 fb 76 d7 ed b0 81 e3 81 8c 1f |...;...v........| 000001d0 2b a0 59 d6 41 cd 8d 7d b6 62 9d ab 60 33 24 f5 |+.Y.A..}.b..`3$.| 000001e0 ec 70 8b b2 46 60 8f 53 c8 a3 f1 47 df e0 e8 b0 |.p..F`.S...G....| 000001f0 9a cf 61 d4 d0 f5 0b b6 cd 85 47 1b b2 26 7d f2 |..a.......G..&}.| 00000200 0a 32 af 5c 25 2a cc d2 66 9a 36 a1 68 95 34 18 |.2.\%*..f.6.h.4.| 00000210 2d 9a 5a 62 a7 39 be 00 70 59 63 38 6a f9 53 b7 |-.Zb.9..pYc8j.S.| 00000220 6d dd d4 cd c4 d2 12 b0 67 06 b5 d3 28 06 e4 43 |m.......g...(..C| 00000230 98 b5 13 9f 1a d5 5e 07 70 f9 96 3c 66 a0 60 d6 |......^.p.....Z| 00000350 71 82 05 10 8e be 0b 83 39 44 28 45 c6 e1 4a 85 |q.......9D(E..J.| 00000360 c0 bf 3f 80 9b 61 97 82 d1 54 37 5f bc b2 f7 1f |..?..a...T7_....| 00000370 a1 ef 0f c5 be 74 96 3b e8 89 30 3f d7 06 18 77 |.....t.;..0?...w| 00000380 ed 3b aa 6e df 0c 15 e1 3e b1 36 ae 85 23 7d 9a |.;.n....>.6..#}.| 00000390 17 c3 f4 91 3a ac b1 64 03 a9 59 19 89 c2 d9 ad |....:..d..Y.....| 000003a0 82 d7 8e 85 36 cb 81 61 0d 3a 24 a1 84 55 37 bb |....6..a.:$..U7.| 000003b0 13 80 61 38 ef 16 03 03 00 4a 88 8d 13 b9 32 18 |..a8.....J....2.| 000003c0 3c e2 72 b5 5c 0b 81 87 a0 ef 87 53 89 b1 f4 8b |<.r.\......S....| 000003d0 6a 87 68 c4 7d 59 2c 44 46 bb b1 40 8e 0a 45 4e |j.h.}Y,DF..@..EN| 000003e0 b8 a1 ba 72 bb 71 f9 52 55 c7 44 cd b3 56 82 68 |...r.q.RU.D..V.h| 000003f0 8c 57 39 58 0b 40 12 4f 5d a2 91 3a ab 68 55 19 |.W9X.@.O]..:.hU.| 00000400 26 dc ed 30 16 03 03 00 14 52 f8 53 d9 fc a6 a3 |&..0.....R.S....| 00000410 89 c4 5a 2d 66 46 17 16 c3 bb f9 3c ca |..Z-fF.....<.| >>> Flow 9 (client to server) 00000000 16 03 03 02 69 fe 0d 45 cb 57 12 fa 9e 10 d7 b3 |....i..E.W......| 00000010 a5 dd 33 0e 39 41 77 63 8e 99 e0 5b b9 5e 94 0a |..3.9Awc...[.^..| 00000020 48 b2 6b e9 61 ab f2 74 6b 5e a3 f9 3f 9c 29 0b |H.k.a..tk^..?.).| 00000030 6b 34 29 92 d8 c8 2c 61 84 f2 3b 0f c2 5c e5 19 |k4)...,a..;..\..| 00000040 6a f0 e2 03 e3 93 a6 1e 4e 87 79 6b 07 dc 18 d2 |j.......N.yk....| 00000050 9a 25 be f3 d6 ab 2a be f8 68 65 68 92 8a 80 04 |.%....*..heh....| 00000060 26 eb 62 ae 6b bc 81 27 82 76 25 e0 6b ac 04 e9 |&.b.k..'.v%.k...| 00000070 67 68 13 f6 7b 7e 24 c2 75 27 8a c9 3a 7a 2f aa |gh..{~$.u'..:z/.| 00000080 a2 37 d9 73 97 bc 4b 09 ba 1b 2c ba 08 85 c6 82 |.7.s..K...,.....| 00000090 50 a3 e0 00 6e a8 7c 14 ab 38 ae c4 82 ee 05 4b |P...n.|..8.....K| 000000a0 9a c0 19 62 1e de ef 7f 8c a4 a0 0e 29 0f b4 09 |...b........)...| 000000b0 f1 b9 39 ae 09 1b 6e 6f ee 3d 31 72 70 09 51 44 |..9...no.=1rp.QD| 000000c0 1c 33 64 6d ae 8d da a5 e0 7b a3 49 19 2c 3f dd |.3dm.....{.I.,?.| 000000d0 6b 1e d1 a7 bb 8a 13 8c e9 aa 5f b3 fd 88 89 5a |k........._....Z| 000000e0 4a 30 dd d0 1e 6a 8c 8a 0d 35 82 01 64 c1 42 ff |J0...j...5..d.B.| 000000f0 60 ac 3d 62 bf 31 3e ab 42 7e b0 da 4a cc 9c d8 |`.=b.1>.B~..J...| 00000100 0e 92 97 a2 40 48 48 ce 66 49 bd 1b 8a ee ed 46 |....@HH.fI.....F| 00000110 18 98 b9 43 b8 76 e8 93 07 3c 38 6e c2 cd 9c ce |...C.v...<8n....| 00000120 e2 38 f0 d7 ee ad c7 4a c4 ed 3b fd 2e f2 9b 43 |.8.....J..;....C| 00000130 6c fe 75 d7 4d 61 2a c5 16 e2 3d af 98 5b 76 f5 |l.u.Ma*...=..[v.| 00000140 3e 96 b9 81 b3 cb 0c 91 89 44 6e d6 66 c4 f2 dd |>........Dn.f...| 00000150 c9 21 09 91 95 f2 99 29 62 54 44 03 b0 fe 84 bb |.!.....)bTD.....| 00000160 96 86 c4 ca 6e 7f c9 f9 1a 80 38 42 7d 54 b3 6f |....n.....8B}T.o| 00000170 2a 2d c3 19 54 60 3f fb 00 95 65 6a 85 4b a2 8f |*-..T`?...ej.K..| 00000180 6a 3d 38 61 e9 36 c2 25 92 3b 53 f2 ea bb 60 42 |j=8a.6.%.;S...`B| 00000190 ab 83 83 c0 2e 95 6d 5a 19 61 9f b3 29 ee b2 52 |......mZ.a..)..R| 000001a0 5f 27 16 46 d9 ad 62 45 d5 81 9a 93 ef a1 4f e7 |_'.F..bE......O.| 000001b0 0e e0 71 bf cd 49 68 e7 13 f1 71 59 8c f5 2d 05 |..q..Ih...qY..-.| 000001c0 5d 65 c4 6e 2c 91 c5 d3 40 c4 2f df c8 f6 59 55 |]e.n,...@./...YU| 000001d0 05 6b c1 b7 59 15 8e b8 85 1b 75 dd 44 9e b7 f3 |.k..Y.....u.D...| 000001e0 00 73 bf c6 93 d4 43 27 bd 60 79 1a 28 93 2d 64 |.s....C'.`y.(.-d| 000001f0 fb 2f 77 a6 79 22 54 f3 c3 3c 3f cd 4d ea 79 3b |./w.y"T..>> Flow 10 (server to client) 00000000 14 03 03 00 11 00 e4 ef 62 c1 c0 72 f3 98 4d 5a |........b..r..MZ| 00000010 6a c8 7e 29 92 b8 16 03 03 00 20 ff 7e fc cb b5 |j.~)...... .~...| 00000020 07 5f ea 8a 89 2a 46 1b c6 33 41 fe f9 f4 1e 3a |._...*F..3A....:| 00000030 9d 8b 1d 8f 9b 7b 89 07 b4 e8 59 17 03 03 00 19 |.....{....Y.....| 00000040 a3 ba 0c 9b 54 cd 59 6a e1 db 33 80 38 a9 95 a1 |....T.Yj..3.8...| 00000050 95 5b a5 5f ad 3c d0 52 f7 16 03 03 00 14 e6 22 |.[._.<.R......."| 00000060 84 a7 02 10 1e ee 58 88 a5 b8 e8 bf 0a 9b 61 46 |......X.......aF| 00000070 0c ae |..| >>> Flow 11 (client to server) 00000000 15 03 03 00 12 7f 90 91 7b 93 4e 24 25 5e cb 35 |........{.N$%^.5| 00000010 2c eb ee 29 6a b3 a3 15 03 03 00 12 3d b7 30 fe |,..)j.......=.0.| 00000020 63 90 c3 2d 17 a0 e1 ed 8d bb a4 f6 f6 17 |c..-..........| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-RenegotiationRejected000066400000000000000000000157211373277661100304510ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 9c d0 eb d6 42 |....Y...U......B| 00000010 2e ff 6e 5a 19 33 6d 12 97 56 56 2b f5 1b 86 c8 |..nZ.3m..VV+....| 00000020 38 83 59 37 ac 17 46 ed 73 53 43 20 e4 94 9b 71 |8.Y7..F.sSC ...q| 00000030 f4 94 d9 d9 3a a1 e1 99 1e b4 a5 55 46 88 e0 0a |....:......UF...| 00000040 af 0a 0e ff 81 10 e2 e0 63 21 ae 2a cc a8 00 00 |........c!.*....| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 9b 89 08 0d ea c2 d3 |........ .......| 000002d0 4f 73 77 a0 e3 0e 1a 68 13 2c 5c a5 ec 39 75 1b |Osw....h.,\..9u.| 000002e0 c2 95 fe b8 fe 58 f4 bb 16 08 04 00 80 d4 e8 d3 |.....X..........| 000002f0 d4 5b 1f ee ff 60 f5 86 b1 f4 06 c0 a8 ab 90 b0 |.[...`..........| 00000300 26 15 d5 4e 3f d6 a5 e2 a3 3a e0 0f 9a 92 bd 96 |&..N?....:......| 00000310 9d 98 15 f3 95 82 a9 5d 9f 1d 9b 4f 2e 77 58 40 |.......]...O.wX@| 00000320 58 3d fd 8f a6 09 1c fa 61 77 2e 87 df e7 76 8b |X=......aw....v.| 00000330 bf f1 dd 29 f8 70 c0 6d db e5 a0 55 92 77 44 75 |...).p.m...U.wDu| 00000340 d9 95 a6 17 67 93 47 8e 1f 61 50 65 31 94 d3 79 |....g.G..aPe1..y| 00000350 5f 25 a6 f0 3e 19 9a c8 ad b9 1a af 5b 50 2c 97 |_%..>.......[P,.| 00000360 78 1e 71 3a e0 fa 7c 44 1e d1 32 56 4e 16 03 03 |x.q:..|D..2VN...| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 88 fe 97 82 bd a7 99 c6 a6 2f c1 |.... ........./.| 00000040 1a a8 54 8c e5 c6 39 0a 6b 07 9b 1a 05 f4 fb e3 |..T...9.k.......| 00000050 67 f5 c8 6e 17 |g..n.| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 3b 6d ac 1c 8b |.......... ;m...| 00000010 1b 46 3a 4e 03 75 51 9e 99 6e 5a a8 4f 07 91 a3 |.F:N.uQ..nZ.O...| 00000020 18 2c bf 88 92 17 e5 13 65 a3 6c |.,......e.l| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 c7 94 fc be 3d 73 fd ec ce b2 f6 |.........=s.....| 00000010 bf 17 bf 52 3e b4 98 39 43 c0 0a |...R>..9C..| >>> Flow 6 (server to client) 00000000 16 03 03 00 14 cf 01 f5 e6 eb 60 e3 49 c4 fb 84 |..........`.I...| 00000010 e1 11 69 e1 91 c0 02 d2 e3 |..i......| >>> Flow 7 (client to server) 00000000 15 03 03 00 12 4d 7f de 01 23 f7 3f 0d e6 1a f1 |.....M...#.?....| 00000010 19 a2 cd 58 1a 25 f5 15 03 03 00 12 95 78 52 00 |...X.%.......xR.| 00000020 65 aa 6d 77 5a 66 d5 95 c4 5a 9b 1b 05 b2 |e.mwZf...Z....| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-SCT000066400000000000000000000206761373277661100246320ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 01 c6 02 00 01 c2 03 03 d8 a9 75 cc 9a |.............u..| 00000010 81 df 5a a0 3b ba 51 74 52 50 72 08 35 02 35 77 |..Z.;.QtRPr.5.5w| 00000020 28 ff 44 e6 d9 c6 8b f8 54 67 b4 20 62 80 60 cc |(.D.....Tg. b.`.| 00000030 09 90 52 66 75 72 a2 c5 dc 8d 18 ce 9a d5 7e cd |..Rfur........~.| 00000040 a5 36 2a 2e 65 72 6f f0 dd b0 8c 14 cc a8 00 01 |.6*.ero.........| 00000050 7a 00 12 01 69 01 67 00 75 00 a4 b9 09 90 b4 18 |z...i.g.u.......| 00000060 58 14 87 bb 13 a2 cc 67 70 0a 3c 35 98 04 f9 1b |X......gp.<5....| 00000070 df b8 e3 77 cd 0e c8 0d dc 10 00 00 01 47 97 99 |...w.........G..| 00000080 ee 16 00 00 04 03 00 46 30 44 02 20 1c 4b 82 5d |.......F0D. .K.]| 00000090 95 6e 67 5b db 04 95 4b f6 ce f4 32 3e 86 7a 7a |.ng[...K...2>.zz| 000000a0 32 ab 18 60 74 de 08 da 05 91 4c 2f 02 20 73 54 |2..`t.....L/. sT| 000000b0 1b 6e 7f a1 b0 7d 11 bc e6 f3 85 2f 97 66 1a f7 |.n...}...../.f..| 000000c0 8a e4 10 25 8f 12 f4 6f 39 0f d2 9e 18 f0 00 76 |...%...o9......v| 000000d0 00 68 f6 98 f8 1f 64 82 be 3a 8c ee b9 28 1d 4c |.h....d..:...(.L| 000000e0 fc 71 51 5d 67 93 d4 44 d1 0a 67 ac bb 4f 4f fb |.qQ]g..D..g..OO.| 000000f0 c4 00 00 01 47 97 e1 b5 70 00 00 04 03 00 47 30 |....G...p.....G0| 00000100 45 02 20 32 21 14 38 06 d8 72 2e 00 30 64 1a e2 |E. 2!.8..r..0d..| 00000110 e8 6d 4e 5a e1 d9 42 1e 82 4b 96 25 89 d5 26 13 |.mNZ..B..K.%..&.| 00000120 d3 9c fa 02 21 00 8f 12 28 64 51 4f 44 d5 8c 18 |....!...(dQOD...| 00000130 62 23 b2 43 93 33 05 f3 43 55 a1 d9 ee cd c5 71 |b#.C.3..CU.....q| 00000140 35 91 dd 49 d1 0b 00 76 00 ee 4b bd b7 75 ce 60 |5..I...v..K..u.`| 00000150 ba e1 42 69 1f ab e1 9e 66 a3 0f 7e 5f b0 72 d8 |..Bi....f..~_.r.| 00000160 83 00 c4 7b 89 7a a8 fd cb 00 00 01 48 5c 64 8a |...{.z......H\d.| 00000170 87 00 00 04 03 00 47 30 45 02 20 29 89 d6 b0 53 |......G0E. )...S| 00000180 d3 d2 e9 91 bc f1 b5 40 be 1e 2e e7 5c b4 74 27 |.......@....\.t'| 00000190 ed 8f 9b 02 e9 fa c2 4c ba a2 be 02 21 00 af 43 |.......L....!..C| 000001a0 64 52 71 15 29 58 40 91 c7 08 16 96 03 a8 73 a5 |dRq.)X@.......s.| 000001b0 65 a0 6c b8 48 56 5a b6 29 83 64 6d 2a 9d ff 01 |e.l.HVZ.).dm*...| 000001c0 00 01 00 00 0b 00 04 03 00 01 02 16 03 03 02 59 |...............Y| 000001d0 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 82 |...U..R..O0..K0.| 000001e0 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 5b |.............?.[| 000001f0 ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 |..0...*.H.......| 00000200 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 6f |.0.1.0...U....Go| 00000210 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 6f |1.0...U....Go Ro| 00000220 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 30 |ot0...1601010000| 00000230 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 30 |00Z..25010100000| 00000240 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 47 |0Z0.1.0...U....G| 00000250 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 81 |o1.0...U....Go0.| 00000260 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 |.0...*.H........| 00000270 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 2e |....0.......F}..| 00000280 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe 1e |.'.H..(!.~...]..| 00000290 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 be |RE.z6G....B[....| 000002a0 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e 67 |.y.@.Om..+.....g| 000002b0 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 f1 |....."8.J.ts+.4.| 000002c0 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 41 |.....t{.X.la<..A| 000002d0 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 54 |..++$#w[.;.u]. T| 000002e0 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 14 |..c...$....P....| 000002f0 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 01 |C...ub...R......| 00000300 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 ff |...0..0...U.....| 00000310 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 30 |......0...U.%..0| 00000320 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 01 |...+.........+..| 00000330 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff 04 |.....0...U......| 00000340 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f 91 |.0.0...U........| 00000350 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 1b |..CC>I..m....`0.| 00000360 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d 13 |..U.#..0...H.IM.| 00000370 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 55 |~.1......n{0...U| 00000380 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 2e |....0...example.| 00000390 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 0d |golang0...*.H...| 000003a0 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b 50 |..........0.@+[P| 000003b0 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 38 |.a...SX...(.X..8| 000003c0 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b f2 |....1Z..f=C.-...| 000003d0 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 40 |... d8.$:....}.@| 000003e0 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 0c | ._...a..v......| 000003f0 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d 0c |\.....l..s..Cw..| 00000400 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db 46 |.....@.a.Lr+...F| 00000410 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d 13 |..M...>...B...=.| 00000420 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c 00 |`.\!.;..........| 00000430 00 a8 03 00 1d 20 cd 2a 10 ee 97 4a 83 7b 0e 6d |..... .*...J.{.m| 00000440 e7 00 5a ce bc d8 1c 57 fa f6 ec 52 0d 0f be 6d |..Z....W...R...m| 00000450 c8 5d 27 3c 8c 1b 08 04 00 80 a9 4c bb 3a 0a d7 |.]'<.......L.:..| 00000460 db 72 3d 88 49 a6 0b f7 dc d5 e1 d0 07 e8 6c fa |.r=.I.........l.| 00000470 b0 5e 0b 13 27 29 6f 1f 1e b9 05 60 16 cc ea 7b |.^..')o....`...{| 00000480 46 d7 12 58 03 43 b0 fe 8e 7b 83 3b ee 11 78 8c |F..X.C...{.;..x.| 00000490 60 0f 9c 76 63 60 01 78 a0 9b 19 b9 32 99 a9 9d |`..vc`.x....2...| 000004a0 42 b8 1f f1 8b 87 07 32 fa 5e 74 d5 3e 5e ba 21 |B......2.^t.>^.!| 000004b0 ff 63 b7 c6 68 bc b3 f9 52 1a ea 23 c7 f2 ec ff |.c..h...R..#....| 000004c0 d4 10 0d f8 76 2f bc 0d e5 12 7f ee d3 8d 9e 6b |....v/.........k| 000004d0 5e 22 78 d6 fa 5e 6a 53 16 44 16 03 03 00 04 0e |^"x..^jS.D......| 000004e0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 20 5c 1a 1b 0e 7e 83 4f 9b f6 8e 9f |.... \...~.O....| 00000040 ca 95 86 c3 7b 60 73 d3 8d 3c 6d 18 6a eb 70 a3 |....{`s..>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 20 1f a2 50 dd c5 |.......... ..P..| 00000010 ba 96 4a 63 e1 cc b6 45 77 09 c1 49 cb 5f eb 4b |..Jc...Ew..I._.K| 00000020 38 9b b1 40 1c af b1 a2 dc 7c ba |8..@.....|.| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 e7 54 f6 bf 56 39 57 c4 b2 ac f2 |......T..V9W....| 00000010 b1 f4 b1 2f ad ae d7 87 21 ff 1c 15 03 03 00 12 |.../....!.......| 00000020 5d b6 56 77 55 99 b6 7b a4 0b d8 8e 8d 93 b6 35 |].VwU..{.......5| 00000030 ce 9a |..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv12-X25519-ECDHE000066400000000000000000000155001373277661100256120ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 f4 01 00 00 f0 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 75 00 05 00 05 01 00 00 00 00 00 0a 00 |...u............| 00000090 04 00 02 00 1d 00 0b 00 02 01 00 00 0d 00 1a 00 |................| 000000a0 18 08 04 04 03 08 07 08 05 08 06 04 01 05 01 06 |................| 000000b0 01 05 03 06 03 02 01 02 03 ff 01 00 01 00 00 12 |................| 000000c0 00 00 00 2b 00 09 08 03 04 03 03 03 02 03 01 00 |...+............| 000000d0 33 00 26 00 24 00 1d 00 20 2f e5 7d a3 47 cd 62 |3.&.$... /.}.G.b| 000000e0 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......| 000000f0 c2 ed 90 99 5f 58 cb 3b 74 |...._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 59 02 00 00 55 03 03 e0 c7 ce be 3a |....Y...U......:| 00000010 a6 34 5f b7 c5 ec f1 f3 09 df 4d db 39 60 71 93 |.4_.......M.9`q.| 00000020 db 7c 30 e0 81 93 f0 19 57 6b 6b 20 9e 4b e2 1e |.|0.....Wkk .K..| 00000030 27 8d d3 f6 0c f3 3d bc 67 3e 79 33 fd c9 cc 55 |'.....=.g>y3...U| 00000040 36 55 a5 aa 89 94 fe b2 51 cf 24 56 c0 2f 00 00 |6U......Q.$V./..| 00000050 0d ff 01 00 01 00 00 0b 00 04 03 00 01 02 16 03 |................| 00000060 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 |..Y...U..R..O0..| 00000070 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d |K0..............| 00000080 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 |?.[..0...*.H....| 00000090 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 |....0.1.0...U...| 000000a0 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f |.Go1.0...U....Go| 000000b0 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 | Root0...1601010| 000000c0 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 |00000Z..25010100| 000000d0 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a |0000Z0.1.0...U..| 000000e0 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 |..Go1.0...U....G| 000000f0 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |o0..0...*.H.....| 00000100 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 |.......0.......F| 00000110 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 |}...'.H..(!.~...| 00000120 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 |]..RE.z6G....B[.| 00000130 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 |....y.@.Om..+...| 00000140 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b |..g....."8.J.ts+| 00000150 c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c |.4......t{.X.la<| 00000160 c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d |..A..++$#w[.;.u]| 00000170 ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b |. T..c...$....P.| 00000180 aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 |...C...ub...R...| 00000190 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f |......0..0...U..| 000001a0 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 |.........0...U.%| 000001b0 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 |..0...+.........| 000001c0 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 |+.......0...U...| 000001d0 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 |....0.0...U.....| 000001e0 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f |.....CC>I..m....| 000001f0 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 |`0...U.#..0...H.| 00000200 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 |IM.~.1......n{0.| 00000210 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 |..U....0...examp| 00000220 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 |le.golang0...*.H| 00000230 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 |.............0.@| 00000240 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 |+[P.a...SX...(.X| 00000250 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d |..8....1Z..f=C.-| 00000260 d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c |...... d8.$:....| 00000270 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 |}.@ ._...a..v...| 00000280 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 |...\.....l..s..C| 00000290 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d |w.......@.a.Lr+.| 000002a0 ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db |..F..M...>...B..| 000002b0 fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 |.=.`.\!.;.......| 000002c0 ac 0c 00 00 a8 03 00 1d 20 9b 73 58 2f 9a aa 8b |........ .sX/...| 000002d0 3e 80 1c b1 8e e5 d4 54 c2 d0 b1 94 16 86 e2 4b |>......T.......K| 000002e0 9c ab d7 ce 2c e5 26 20 04 08 04 00 80 d8 c0 18 |....,.& ........| 000002f0 90 8e 06 d8 d6 4c af a1 ae 5e ca 4b a1 18 bb 31 |.....L...^.K...1| 00000300 f5 3a 75 c3 d7 73 69 a7 e0 0f 8e f2 c5 92 0a bd |.:u..si.........| 00000310 7f 91 36 6c 01 c3 eb 08 9a 3b 25 2c bd 86 88 05 |..6l.....;%,....| 00000320 64 e0 38 5b 75 01 10 1f 1b d5 34 09 04 2e 34 6d |d.8[u.....4...4m| 00000330 71 d2 6c b6 f3 7a 1e ed a9 9d 28 60 13 fc 02 6f |q.l..z....(`...o| 00000340 f6 17 99 52 7b 19 60 e5 a6 11 d4 b3 4c 52 03 b5 |...R{.`.....LR..| 00000350 3e 28 91 c6 66 87 25 df 10 c6 cf b9 5f 92 0e d7 |>(..f.%....._...| 00000360 b6 19 f0 19 b9 f6 e9 e9 24 74 35 3b c6 16 03 03 |........$t5;....| 00000370 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 2f e5 7d a3 47 cd |....%...! /.}.G.| 00000010 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 00000020 cf c2 ed 90 99 5f 58 cb 3b 74 14 03 03 00 01 01 |....._X.;t......| 00000030 16 03 03 00 28 00 00 00 00 00 00 00 00 01 e4 5a |....(..........Z| 00000040 e9 dc dd 98 cd 5f d2 d2 eb 84 12 c9 96 ca 91 d7 |....._..........| 00000050 ae f4 db 44 a4 37 f3 a3 b2 8d db ed 3d |...D.7......=| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 c2 2d 32 ba 46 |..........(.-2.F| 00000010 27 8d 87 13 7f b9 49 04 64 2f 6e cc 32 81 f8 3c |'.....I.d/n.2..<| 00000020 7f 0f 19 13 5c 11 33 a1 05 5f 91 bc 97 30 64 84 |....\.3.._...0d.| 00000030 57 69 90 |Wi.| >>> Flow 5 (client to server) 00000000 17 03 03 00 1e 00 00 00 00 00 00 00 01 fd 0f a5 |................| 00000010 74 98 c4 98 ee 67 74 d4 c1 d4 fe d3 c7 e2 1b 2c |t....gt........,| 00000020 e5 3c be 15 03 03 00 1a 00 00 00 00 00 00 00 02 |.<..............| 00000030 f8 d4 60 41 13 6a 9c e3 0e 56 e2 ab 96 45 7e 06 |..`A.j...V...E~.| 00000040 87 63 |.c| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-AES128-SHA256000066400000000000000000000154411373277661100257050ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 f7 30 f3 d1 e7 |....z...v...0...| 00000010 eb 94 97 a2 c6 d5 be 74 e0 6c 08 80 2f ad 11 6b |.......t.l../..k| 00000020 b3 ce 22 59 06 a9 eb 41 9c 97 a8 20 00 00 00 00 |.."Y...A... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 c0 |..+.....3.$... .| 00000060 47 7e ad a1 41 53 e5 25 ec 74 46 bc 9e 80 08 3b |G~..AS.%.tF....;| 00000070 0b f5 7e fb 71 1f 00 d5 4b 27 51 22 4a 5e 5f 14 |..~.q...K'Q"J^_.| 00000080 03 03 00 01 01 17 03 03 00 17 e9 e8 56 00 26 9e |............V.&.| 00000090 92 60 84 6c 07 3d b1 ef e4 63 51 ba 48 ee d7 fe |.`.l.=...cQ.H...| 000000a0 57 17 03 03 02 6d 2e d4 bb bf a2 e8 3b 84 47 2e |W....m......;.G.| 000000b0 22 66 c1 98 ea 11 6b a3 4d 1b 64 c0 02 32 76 9b |"f....k.M.d..2v.| 000000c0 29 8a 4a 96 68 5b d1 fd a0 0f a6 9b 70 20 c7 08 |).J.h[......p ..| 000000d0 7b 25 07 d1 54 8c b1 bb 4e ba 32 65 2c 1e 16 29 |{%..T...N.2e,..)| 000000e0 e7 d2 df e3 84 60 e1 43 07 99 35 4d 95 7c 27 96 |.....`.C..5M.|'.| 000000f0 be f4 bf 0a e9 3b 9d 60 7a 6e 34 82 1f 03 ca 17 |.....;.`zn4.....| 00000100 ac d1 a1 b5 dc 3f 20 7b 42 f6 94 43 60 ff 3f 1b |.....? {B..C`.?.| 00000110 b1 2e 2d 71 55 07 fb 65 40 56 59 82 1e 31 83 c9 |..-qU..e@VY..1..| 00000120 35 6c 28 ad c1 bd 88 55 1b b6 1e 89 af 64 7f 11 |5l(....U.....d..| 00000130 53 80 3a 62 ef 34 a7 d0 ce 38 9b 19 d6 5f 78 0d |S.:b.4...8..._x.| 00000140 66 73 b2 bd b6 a6 f8 70 c8 40 f9 aa a2 86 f4 48 |fs.....p.@.....H| 00000150 0d 6c 54 67 c6 3c 91 97 ff 94 4d 9a 01 d5 e1 c9 |.lTg.<....M.....| 00000160 8f 27 d3 8d b3 72 cd 34 eb 7a 6d 48 84 f3 8b 84 |.'...r.4.zmH....| 00000170 34 d2 68 bd 26 bc 6d e5 46 41 cc 86 d4 7a b6 31 |4.h.&.m.FA...z.1| 00000180 05 b3 bc a4 fe e1 5c d4 eb 8b fe 64 0e be 89 c4 |......\....d....| 00000190 ce e0 49 a0 ba 7a 83 b6 fb 31 17 42 fd b4 e3 59 |..I..z...1.B...Y| 000001a0 48 df f6 a8 e4 5c d1 77 77 cb c2 31 85 8a 26 65 |H....\.ww..1..&e| 000001b0 20 fa 05 90 ae 66 95 7a 75 4b bc 93 15 dd a0 13 | ....f.zuK......| 000001c0 61 d5 99 fb b2 27 bd ec fd 10 b5 d2 c7 18 ac b9 |a....'..........| 000001d0 bd bc 35 72 d0 42 6c f7 5a e0 67 46 45 10 f7 50 |..5r.Bl.Z.gFE..P| 000001e0 e4 14 47 ac 39 5a 05 38 b9 25 4a 43 fa 57 b2 51 |..G.9Z.8.%JC.W.Q| 000001f0 b7 3e f7 ef d5 b5 de 2e 2f 5c d0 d7 00 23 ac 4b |.>....../\...#.K| 00000200 65 8d 6c f4 ab 6f ef 1e c2 66 c5 b2 cb 1a 51 4c |e.l..o...f....QL| 00000210 ef 96 8f 28 65 2f 50 9c 91 1f 73 87 fc 81 db 90 |...(e/P...s.....| 00000220 16 69 00 06 98 6b 00 33 41 e1 e6 12 89 cb c9 f3 |.i...k.3A.......| 00000230 23 2c 28 83 00 ca 4f 42 f5 26 bc 94 39 3b 18 31 |#,(...OB.&..9;.1| 00000240 41 a9 19 4a 60 e8 de 8f 1d d0 e8 96 77 c0 49 bd |A..J`.......w.I.| 00000250 a2 98 bd b1 0a 6f bd 27 79 1d c4 33 50 37 a8 eb |.....o.'y..3P7..| 00000260 a5 4e 59 87 58 cd f0 a0 34 4e 2b 9d ee 03 e4 8a |.NY.X...4N+.....| 00000270 24 94 86 11 e1 94 f0 2b 3e 27 9a 92 1c 17 d3 96 |$......+>'......| 00000280 c0 71 ab ee 75 5f 99 ca 0e 42 65 5d ed 48 0c 7a |.q..u_...Be].H.z| 00000290 95 8a d9 da f7 60 ee de 46 f2 f4 7a d6 ce 38 41 |.....`..F..z..8A| 000002a0 fa e8 1f 3e 77 be 02 53 0c 33 96 5b 0d 38 bb 08 |...>w..S.3.[.8..| 000002b0 5e 92 1a 81 f1 be c7 9a e2 02 80 09 3b b7 62 b0 |^...........;.b.| 000002c0 7c a7 85 3a d9 52 34 23 4f a3 04 e7 35 98 9e 18 ||..:.R4#O...5...| 000002d0 13 0b 71 12 6d a4 2e 11 bf 39 8c 94 ef 15 96 27 |..q.m....9.....'| 000002e0 9e be 81 d9 55 5a 8b 14 c5 49 dd 6e 6e 7b 6b c2 |....UZ...I.nn{k.| 000002f0 f3 7d ef 24 88 b9 eb a6 15 3e aa a8 3e eb 37 54 |.}.$.....>..>.7T| 00000300 fc 86 9f 51 30 5f 9c a5 fc 7a af f6 1b a5 a4 27 |...Q0_...z.....'| 00000310 51 78 f7 17 03 03 00 99 79 14 63 10 91 cd 73 f5 |Qx......y.c...s.| 00000320 a8 62 c3 92 a3 04 c2 3d 58 5e d3 6e 93 eb 9b b1 |.b.....=X^.n....| 00000330 11 f0 3c c6 96 9f c6 c8 9b de 2c d5 12 c2 bd d1 |..<.......,.....| 00000340 2a 68 89 4a 07 1e 23 d2 45 ca a1 0f 92 71 b7 f7 |*h.J..#.E....q..| 00000350 d0 2f 2a be d0 5e 0c 5d 13 8f b0 7f df b8 52 2e |./*..^.]......R.| 00000360 7a 5e c8 eb 84 06 46 81 d0 f7 09 18 52 fb ce fd |z^....F.....R...| 00000370 22 d8 74 71 e8 7d 41 5f 3a 5d e5 f9 bb e6 99 03 |".tq.}A_:]......| 00000380 32 d1 58 e8 5a 58 d8 b2 39 61 01 33 72 7d d2 11 |2.X.ZX..9a.3r}..| 00000390 8f f7 58 55 c8 f2 64 63 33 9b 78 36 bf 9b 8b 40 |..XU..dc3.x6...@| 000003a0 8c ec 7b a2 bb 51 ed b1 fe 74 c2 c9 1f b4 2b cb |..{..Q...t....+.| 000003b0 fd 17 03 03 00 35 75 46 88 74 06 9b 5e 88 c2 0d |.....5uF.t..^...| 000003c0 fc 7d 29 bd 6c 1c 23 2f 06 3f 14 b1 55 e4 98 b1 |.}).l.#/.?..U...| 000003d0 ed c3 9a ed ea be 29 60 15 ac 80 c7 a8 f7 9b ce |......)`........| 000003e0 f3 79 b3 be ad ff ab b4 a7 45 57 |.y.......EW| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 b5 22 19 23 49 |..........5.".#I| 00000010 48 33 a5 f3 b2 72 2b 31 ab 89 27 f9 eb 1b b7 b1 |H3...r+1..'.....| 00000020 bc 2b 99 9e 73 24 42 c4 2a 68 2c 76 e1 45 61 09 |.+..s$B.*h,v.Ea.| 00000030 18 c7 44 45 9a 05 86 4c 90 c1 41 c6 fd 6a c2 95 |..DE...L..A..j..| 00000040 17 03 03 00 17 ee 18 4e d9 94 15 50 a9 99 4a 82 |.......N...P..J.| 00000050 10 13 26 7b 74 10 db ef fe b8 96 f6 17 03 03 00 |..&{t...........| 00000060 13 2a 4c 52 8d c3 c5 af d0 cd 5a 7d 0d a5 59 90 |.*LR......Z}..Y.| 00000070 ce 59 3b af |.Y;.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-AES256-SHA384000066400000000000000000000156771373277661100257240ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 dd df 8d 85 da |....z...v.......| 00000010 3c 99 a3 0c 01 90 5f ec b8 3d 28 ce e4 32 c0 e8 |<....._..=(..2..| 00000020 fe 77 03 ad 0f e1 33 1f dc 89 cb 20 00 00 00 00 |.w....3.... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 02 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 03 |..+.....3.$... .| 00000060 6b 91 90 36 f0 54 da 66 8e 47 9b 26 9f 9f ae 30 |k..6.T.f.G.&...0| 00000070 69 9e a2 6a 70 fb ef b2 f1 76 2b 32 90 0e 63 14 |i..jp....v+2..c.| 00000080 03 03 00 01 01 17 03 03 00 17 46 47 2e ae ea 9b |..........FG....| 00000090 78 7b 0c d4 74 e2 b5 bf 7b 64 da c3 d3 c9 55 7f |x{..t...{d....U.| 000000a0 e3 17 03 03 02 6d a8 c1 57 27 66 9d 16 f6 4f 1b |.....m..W'f...O.| 000000b0 17 b6 5d 8c 3c fe f5 d5 4a d3 c6 8d e2 a8 2d d0 |..].<...J.....-.| 000000c0 01 8d db 18 e8 c8 69 74 eb 81 9e 97 20 01 60 d5 |......it.... .`.| 000000d0 96 d1 8f 9c de 09 ff 1d e7 45 97 97 36 fa 89 77 |.........E..6..w| 000000e0 88 20 30 c6 5b 42 d6 0e 85 9a 11 43 60 a1 86 34 |. 0.[B.....C`..4| 000000f0 22 47 25 23 a5 35 87 a9 74 5d fe eb c9 70 32 44 |"G%#.5..t]...p2D| 00000100 17 60 55 99 7a 93 b5 92 8b 66 31 ce dc e0 39 f2 |.`U.z....f1...9.| 00000110 6a b3 db 43 5d 3f ba e5 12 12 1f 0e 3c 35 3b 72 |j..C]?......<5;r| 00000120 9f 9d 69 d5 d6 cb ac b5 9e f4 af f5 74 68 67 f4 |..i.........thg.| 00000130 e9 5f a4 4a d7 27 5b a5 2a 39 b7 30 49 4d 64 bb |._.J.'[.*9.0IMd.| 00000140 5d 89 10 ff a6 2c 42 a1 4a 2a 0c 28 c6 cd 4a e8 |]....,B.J*.(..J.| 00000150 7d 24 d0 75 ff 61 08 3f 3b 05 ec f3 d6 61 ed 43 |}$.u.a.?;....a.C| 00000160 08 5e 07 1c f2 15 96 22 2a c0 3c 5f 04 d1 17 82 |.^....."*.<_....| 00000170 ea ee ee c7 49 cc 3e e4 65 15 97 6e 6f 36 24 a9 |....I.>.e..no6$.| 00000180 27 34 3a 75 dc 07 1e 4c f1 29 d1 e3 22 31 7d 84 |'4:u...L.).."1}.| 00000190 a8 2a 7f 37 03 ab 13 ae 15 e2 74 50 bd 54 5b 32 |.*.7......tP.T[2| 000001a0 ea 75 10 ed 39 5c 69 90 f6 74 09 53 c1 ce 44 49 |.u..9\i..t.S..DI| 000001b0 64 fb f2 c6 bd 93 b2 07 06 96 94 04 a5 9e ed 67 |d..............g| 000001c0 10 cb 01 fc 85 45 d7 22 76 3c c6 2f 14 4c 31 e1 |.....E."v<./.L1.| 000001d0 73 81 7b 8b 6b 54 d6 34 15 d2 eb d0 03 10 c7 3d |s.{.kT.4.......=| 000001e0 f5 07 48 cc 72 9b e9 48 ee 13 9f 80 b5 13 86 77 |..H.r..H.......w| 000001f0 33 91 79 6f f2 13 17 68 ca 72 6b 0d 93 9a 20 30 |3.yo...h.rk... 0| 00000200 70 c3 30 ab 13 7e 14 39 97 4b ce c5 3d 8b 03 7f |p.0..~.9.K..=...| 00000210 cd 4b 67 c4 c5 79 0c bb cd ba 17 c5 d5 15 51 cb |.Kg..y........Q.| 00000220 ac b7 f7 19 43 ff f5 c4 09 8c 44 67 ca e6 a1 5f |....C.....Dg..._| 00000230 1d 27 29 63 f2 0d 75 6d b7 62 52 c9 1d 8e 0e 3b |.')c..um.bR....;| 00000240 6c cb 04 3e f7 13 74 bb 03 35 2e 4e 41 9a b7 72 |l..>..t..5.NA..r| 00000250 15 ed 02 79 c7 bc 38 b3 65 75 0a 8e 82 dc d4 79 |...y..8.eu.....y| 00000260 1c 10 3f 78 8c be 78 b0 73 18 cc 52 1d 3b 91 66 |..?x..x.s..R.;.f| 00000270 33 fe 63 b2 ec 19 92 44 8f 06 4e 20 85 94 5c b4 |3.c....D..N ..\.| 00000280 ad 22 16 a0 b3 76 03 dc 62 e9 0c ac 8c e1 67 c9 |."...v..b.....g.| 00000290 d8 6f 40 51 b5 39 9a 61 b6 63 e0 d5 60 6a 27 78 |.o@Q.9.a.c..`j'x| 000002a0 62 ec 94 1c 75 2c 38 f2 a6 f2 f0 c4 8f 98 ad cc |b...u,8.........| 000002b0 2e ce 7d 13 76 f4 4f 94 78 3f 85 cf ea 52 c4 6e |..}.v.O.x?...R.n| 000002c0 16 65 f9 48 5e f9 0b 07 bc 3e 38 91 06 e1 b0 76 |.e.H^....>8....v| 000002d0 82 60 25 03 36 9c 3e 5e 54 73 8d cf df 91 19 33 |.`%.6.>^Ts.....3| 000002e0 a7 18 96 d4 86 ea 7c 00 88 e6 a3 fe ea a1 14 db |......|.........| 000002f0 ae da 07 ef 1e 6f 16 bb ad fb c0 f4 60 2f 75 5c |.....o......`/u\| 00000300 a4 43 a0 fc 3c d6 5e 89 cf 6e 1a c6 de 61 65 34 |.C..<.^..n...ae4| 00000310 03 e5 cd 17 03 03 00 99 0a f3 a2 45 fe 53 22 37 |...........E.S"7| 00000320 cd 31 9d 67 31 56 f9 99 c2 d1 bc 6d 47 de 9a e7 |.1.g1V.....mG...| 00000330 67 c0 89 84 ac bf 27 b5 32 f0 e9 a5 9d f2 e0 ad |g.....'.2.......| 00000340 fd 12 6a a4 5d 50 4c b9 ed f1 f4 0e c0 c0 6c c4 |..j.]PL.......l.| 00000350 39 9b 10 02 fa 10 64 a6 8b af 9d 6e d9 40 6d 0c |9.....d....n.@m.| 00000360 b0 6c b8 8d d5 b0 14 f0 ed 85 d6 66 8f 6f 61 43 |.l.........f.oaC| 00000370 49 dd 95 08 94 2e a8 a6 19 b9 7b 6b 99 09 af 4c |I.........{k...L| 00000380 5f 41 48 da 10 b6 cf ee 68 b6 6e 03 d7 29 93 8e |_AH.....h.n..)..| 00000390 1a ab d1 ad d4 bf 33 2a 53 87 92 05 d1 1a de c0 |......3*S.......| 000003a0 aa ef b9 9c 4d 2d f6 b1 72 60 22 80 bb 46 24 75 |....M-..r`"..F$u| 000003b0 35 17 03 03 00 45 46 9e b3 7f d0 82 b6 ef 45 1f |5....EF.......E.| 000003c0 18 6d 3b b6 23 f5 c9 f4 54 e3 08 d0 8b 30 c7 31 |.m;.#...T....0.1| 000003d0 af 98 26 69 b7 6e 08 1d 1f be 1a 7e 5b 97 91 28 |..&i.n.....~[..(| 000003e0 fa b7 78 05 ee 3f a1 9e a0 79 fc 45 51 4c 96 fb |..x..?...y.EQL..| 000003f0 03 46 24 7d fe ec a4 40 51 d6 73 |.F$}...@Q.s| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 44 15 b9 ed d8 |..........ED....| 00000010 10 2c 88 80 79 f3 38 a4 bc 42 9b 22 09 44 d9 19 |.,..y.8..B.".D..| 00000020 e1 0a ec 15 aa d5 15 e9 19 6d b8 6b 71 63 86 ce |.........m.kqc..| 00000030 e7 16 0d 8e 3f 9a 3b 52 25 1e 96 f6 d9 d1 6c dd |....?.;R%.....l.| 00000040 e3 20 e9 97 f9 60 81 f5 4a b2 26 b5 d3 9e 84 46 |. ...`..J.&....F| 00000050 17 03 03 00 17 de 4a e9 44 21 88 ef ce 78 35 6d |......J.D!...x5m| 00000060 b2 e4 78 47 39 8d 1f fd 9b 2d a4 47 17 03 03 00 |..xG9....-.G....| 00000070 13 98 f9 1c 9c d4 b1 42 f7 e7 a1 9b 6d b1 b1 cb |.......B....m...| 00000080 86 e3 c2 27 |...'| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ALPN000066400000000000000000000157771373277661100247420ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 0e 01 00 01 0a 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 8f 00 05 00 05 01 00 00 00 00 00 0a 00 |................| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 10 00 10 00 0e 06 70 72 6f 74 6f |...........proto| 000000d0 32 06 70 72 6f 74 6f 31 00 12 00 00 00 2b 00 09 |2.proto1.....+..| 000000e0 08 03 04 03 03 03 02 03 01 00 33 00 26 00 24 00 |..........3.&.$.| 000000f0 1d 00 20 2f e5 7d a3 47 cd 62 43 15 28 da ac 5f |.. /.}.G.bC.(.._| 00000100 bb 29 07 30 ff f6 84 af c4 cf c2 ed 90 99 5f 58 |.).0.........._X| 00000110 cb 3b 74 |.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 23 c5 c4 0c 4a |....z...v..#...J| 00000010 d2 5f 0b f6 ea 21 7a d1 a0 7d 21 26 b5 a3 94 ca |._...!z..}!&....| 00000020 91 6c 13 58 60 4f 39 cc 1a f7 c0 20 00 00 00 00 |.l.X`O9.... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 f9 |..+.....3.$... .| 00000060 64 7e 54 8f 64 ec 3d 7c 17 f1 96 3c 44 ca cd d7 |d~T.d.=|...>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 3e e7 50 e1 d1 |..........5>.P..| 00000010 4d 9f 84 fe ca 83 c4 3b a6 86 45 c2 7e e7 af 00 |M......;..E.~...| 00000020 db e6 23 3c 06 b8 a3 1e 36 2e ab 45 7e d8 07 8c |..#<....6..E~...| 00000030 66 bf 5a 0f ff e6 3f 09 a4 d3 cf 74 1c d6 cf c7 |f.Z...?....t....| 00000040 17 03 03 00 17 4c db af a7 f3 73 b3 84 b9 a7 d1 |.....L....s.....| 00000050 1c 2f cb 27 d8 ba 2c c6 84 48 88 18 17 03 03 00 |./.'..,..H......| 00000060 13 a3 41 6f fb da f5 5a 4d 85 0c e0 ff 3a fb 91 |..Ao...ZM....:..| 00000070 e2 5e ab 96 |.^..| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-CHACHA20-SHA256000066400000000000000000000154411373277661100261130ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 43 b1 e8 d9 c3 |....z...v..C....| 00000010 22 a0 a3 08 df 7f 37 34 7a fe 7a 47 98 ee ed 51 |".....74z.zG...Q| 00000020 c2 ae 5c c6 b1 43 3d ff f7 91 68 20 00 00 00 00 |..\..C=...h ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 03 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 63 |..+.....3.$... c| 00000060 0f 66 ec 2d fa 67 d4 eb 94 47 8d 88 0b eb ed ec |.f.-.g...G......| 00000070 5b ac 22 f7 46 85 c5 1c 2b 5e e8 57 e2 d3 6f 14 |[.".F...+^.W..o.| 00000080 03 03 00 01 01 17 03 03 00 17 d0 f8 1f 06 59 8d |..............Y.| 00000090 a0 40 21 8f 3e 36 3b 1d 6a 6e f7 77 44 fb b3 8e |.@!.>6;.jn.wD...| 000000a0 e2 17 03 03 02 6d 22 6b 63 ae 47 fd 66 f9 95 f6 |.....m"kc.G.f...| 000000b0 63 ea e8 16 61 a3 64 82 39 82 76 1c 2c 04 9b 29 |c...a.d.9.v.,..)| 000000c0 0f 8a ff 77 9b e6 2c ce 04 09 5f 91 f3 b6 2e 8d |...w..,..._.....| 000000d0 be 42 94 7e 5a 28 4b 9f e9 7b 38 0a 3c de 90 77 |.B.~Z(K..{8.<..w| 000000e0 c1 bf 97 bf 35 6c 77 98 4b 38 b4 8d 7f 1f 4b c0 |....5lw.K8....K.| 000000f0 23 c5 73 08 90 fa 21 5c cd cb 84 5b 0e 89 86 ce |#.s...!\...[....| 00000100 83 78 d5 1c 2b b9 b1 24 45 ad ab 9c 68 9f c2 28 |.x..+..$E...h..(| 00000110 40 d6 c2 ac a2 0c 86 cd 75 92 43 d5 22 3f 61 9d |@.......u.C."?a.| 00000120 e8 56 b8 7c 71 db 25 cc 2e 74 52 74 da 6b d4 a1 |.V.|q.%..tRt.k..| 00000130 2c 32 d2 d8 9c 74 41 9d 78 98 94 3b 87 99 8e 17 |,2...tA.x..;....| 00000140 df df d6 c3 6d ef 58 13 5c 1e 20 2d ed 77 bd 5c |....m.X.\. -.w.\| 00000150 d6 5c 9a 6d 0f 19 77 e1 4f 79 b0 ed 9d 0b f5 e8 |.\.m..w.Oy......| 00000160 42 d0 f4 90 88 97 a9 84 af 92 3c 41 fe fd 67 6e |B.........R...| 000002d0 fc ba 9c f0 82 13 ba 25 11 c7 5d 38 00 cf 83 14 |.......%..]8....| 000002e0 30 a9 72 48 d1 e8 4e 1b ed 04 ed cf b7 5b 2e 72 |0.rH..N......[.r| 000002f0 1c a2 03 ae 60 54 d6 cf 2f fb 11 a3 b1 8d d6 47 |....`T../......G| 00000300 e8 9f 96 08 90 ae 3c 3c c0 8c d8 c4 ef 30 18 ea |......<<.....0..| 00000310 2a 1a 15 17 03 03 00 99 85 b3 e4 18 6f 8d 34 c7 |*...........o.4.| 00000320 3d 66 49 b8 f6 f5 aa 7a e1 ca ba cb 48 53 15 bb |=fI....z....HS..| 00000330 e9 ec 74 91 c3 b5 d3 6b bc 84 81 d8 e1 a4 31 62 |..t....k......1b| 00000340 d5 19 6d 2f 15 4c f3 8a 3b ec 41 12 89 be d3 cc |..m/.L..;.A.....| 00000350 ab 08 59 a7 79 5d 77 14 ce b1 98 b4 ce 71 7b ad |..Y.y]w......q{.| 00000360 ba 41 3a 7f 9a f8 23 5c c6 fb b5 7b cc eb 0e 7a |.A:...#\...{...z| 00000370 ee af 3d ff 4d 03 ba c2 2a af ac fd b5 e8 5b 43 |..=.M...*.....[C| 00000380 3e 37 ef 84 3d 66 af 3c 8e 1d 0d 36 bd df 25 dc |>7..=f.<...6..%.| 00000390 74 89 9c e6 da 18 c4 c8 b5 6c 3c 4c a6 ac 10 28 |t........l>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 55 88 37 f3 ee |..........5U.7..| 00000010 c5 1b 20 ac fe bc a3 f8 c9 59 3f 5f c0 81 40 8f |.. ......Y?_..@.| 00000020 1e a9 44 c8 10 16 69 8a 76 45 17 51 06 9e f0 55 |..D...i.vE.Q...U| 00000030 a2 f2 56 98 7d a1 4d 95 5a c3 1f 51 cf 31 20 ca |..V.}.M.Z..Q.1 .| 00000040 17 03 03 00 17 81 2a 8e 32 29 ec 9b 92 c3 fd 98 |......*.2)......| 00000050 64 aa 47 2a a5 0c d6 77 7f b1 8f 12 17 03 03 00 |d.G*...w........| 00000060 13 60 8c fb 98 e1 03 b6 20 c8 45 4e d9 4b a8 17 |.`...... .EN.K..| 00000070 10 79 5f b6 |.y_.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ClientCert-ECDSA-RSA000066400000000000000000000251031373277661100274640ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 98 9a 92 3f c6 |....z...v.....?.| 00000010 67 f5 96 5b 2f 5e 70 89 2d f6 1e ce 6f 6a e5 91 |g..[/^p.-...oj..| 00000020 4b 4b 6f 98 cc f7 78 4a b1 54 4a 20 00 00 00 00 |KKo...xJ.TJ ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 58 |..+.....3.$... X| 00000060 96 37 c3 41 35 73 13 21 fc 31 e3 09 33 48 15 be |.7.A5s.!.1..3H..| 00000070 31 fb 57 61 b2 c9 60 31 2d 68 83 d5 7c d1 3a 14 |1.Wa..`1-h..|.:.| 00000080 03 03 00 01 01 17 03 03 00 17 1d ce 7d b7 ca e3 |............}...| 00000090 10 82 cb f6 1d 52 61 41 29 57 e3 7e e5 88 5c 47 |.....RaA)W.~..\G| 000000a0 16 17 03 03 00 42 1b 49 e1 4a d7 73 57 cd e9 b7 |.....B.I.J.sW...| 000000b0 e2 47 d3 74 21 6a 14 1d 1b 8d f5 aa 4c 1b f8 61 |.G.t!j......L..a| 000000c0 8c 3a e4 2e 9d ff 3f 7d b2 4d 79 6e 1d 02 05 ce |.:....?}.Myn....| 000000d0 c3 ad e6 f9 2b 2b dd 75 3b 6f 3e 0b 29 07 09 74 |....++.u;o>.)..t| 000000e0 d1 37 68 9b 8a b6 8d 2b 17 03 03 02 6d d1 1b 9f |.7h....+....m...| 000000f0 75 ba cf 2d 10 4b f0 4e 09 58 fa ff 06 e8 c9 d5 |u..-.K.N.X......| 00000100 a0 51 c8 d4 6f b2 c5 c1 d5 f3 ff 12 1f 43 d8 74 |.Q..o........C.t| 00000110 33 d9 9b e5 f3 34 26 0e 89 dc 00 54 67 17 d2 f3 |3....4&....Tg...| 00000120 c9 9e be f8 4c 77 8a 63 b1 64 5a b4 d7 57 d2 89 |....Lw.c.dZ..W..| 00000130 ce 68 d1 f7 93 01 6c 36 b7 c9 4d 50 d0 4b df 5e |.h....l6..MP.K.^| 00000140 8a bb 6c d9 54 57 9b b9 c9 ec d8 49 c7 51 3c e5 |..l.TW.....I.Q<.| 00000150 7b fb 48 0f fd 1b dd 0f 57 d3 a8 ee f6 51 ba 78 |{.H.....W....Q.x| 00000160 c0 60 f1 d9 c1 d2 65 b4 a7 98 99 fb 64 83 4c 2c |.`....e.....d.L,| 00000170 a6 e9 19 ef 0e 88 68 f8 21 a4 2b bd 95 e9 52 d5 |......h.!.+...R.| 00000180 fb 12 d3 36 06 a2 13 f9 e2 35 6a 06 dd 49 d9 42 |...6.....5j..I.B| 00000190 89 d9 f0 24 5c 36 b8 6d 95 35 21 b3 9c 3b ee 08 |...$\6.m.5!..;..| 000001a0 06 06 4d aa 74 eb fc 1b c1 fd cf 07 24 74 44 2d |..M.t.......$tD-| 000001b0 54 d5 c5 d3 4e c4 eb 09 6e 90 8f 3d c0 c5 1c 21 |T...N...n..=...!| 000001c0 7c 32 1b bc 4b 85 2b f0 b0 f5 cd 61 3d dd 31 03 ||2..K.+....a=.1.| 000001d0 5e e0 5e 06 1a 37 61 1a 58 fa ed e8 cf 0c 4f da |^.^..7a.X.....O.| 000001e0 73 69 42 3a f4 ed dc ad e5 e7 9b fd 54 16 77 85 |siB:........T.w.| 000001f0 ae 84 41 10 be 84 ad 28 ef e6 13 2a e9 9f 9f 2f |..A....(...*.../| 00000200 c5 d0 65 c6 f5 58 b3 39 9b 5e 07 ba 95 be 5e 75 |..e..X.9.^....^u| 00000210 68 17 ba 9d 2a 69 6d b8 ed d4 4b 6a ce 30 b1 82 |h...*im...Kj.0..| 00000220 ae ec 68 9a 26 13 6b 05 38 0f 38 c9 94 01 d0 0b |..h.&.k.8.8.....| 00000230 7b bb ca 70 86 6c e4 f1 eb 81 05 25 33 c0 3e e3 |{..p.l.....%3.>.| 00000240 2a 25 8e 32 eb d5 03 c7 c4 d8 22 22 ef 99 5a a3 |*%.2......""..Z.| 00000250 01 6a b5 65 9a 55 6e fb 84 83 aa 43 ae 4a 3e da |.j.e.Un....C.J>.| 00000260 40 7e 09 e1 3b 15 ad 33 66 5a 3d 30 62 72 86 54 |@~..;..3fZ=0br.T| 00000270 cd a2 6a bf 82 61 17 87 84 c5 3f f3 1e 86 a2 b1 |..j..a....?.....| 00000280 2c 1a f9 ba 8c a2 21 5b 93 b2 16 b4 81 ae 7d 98 |,.....![......}.| 00000290 d6 db 0a 56 14 c9 f7 48 c1 c7 3c 7e 63 8e bc 50 |...V...H..<~c..P| 000002a0 6a 64 e1 1d 04 ba d3 cc 6a 61 60 4b d2 97 d5 ba |jd......ja`K....| 000002b0 23 1a 69 76 86 db 96 39 04 f6 ec e9 96 79 6a 25 |#.iv...9.....yj%| 000002c0 ff 39 dd 19 08 34 4d c3 f6 7c 91 f2 6b 3a e1 0f |.9...4M..|..k:..| 000002d0 66 6d 14 5d 82 21 0b e3 e0 c3 f1 a1 70 e1 2c bc |fm.].!......p.,.| 000002e0 fb 54 aa 85 3c a0 7c 9a 35 00 e2 a1 4f 83 3e f1 |.T..<.|.5...O.>.| 000002f0 64 83 ab c5 e6 31 c7 00 eb 36 f1 bc 41 f3 eb d4 |d....1...6..A...| 00000300 97 30 4d 7f d2 d1 e7 1a 9e a2 53 31 35 6a 16 d1 |.0M.......S15j..| 00000310 65 be d7 d3 93 2a be d2 27 dc 1b 8c 09 16 30 d4 |e....*..'.....0.| 00000320 cb eb e0 bb 42 50 ff 59 c3 81 81 36 88 09 c2 23 |....BP.Y...6...#| 00000330 dc dd 80 63 bb 78 19 6b 6a 70 4b b5 17 bf ed 6c |...c.x.kjpK....l| 00000340 58 f1 15 a9 16 66 c8 45 f5 5f 99 05 b1 3b be e6 |X....f.E._...;..| 00000350 66 d7 45 df 19 16 9d c7 dd 4d 17 03 03 00 99 38 |f.E......M.....8| 00000360 70 9e 16 94 07 67 7c ce 90 67 99 46 5e d9 61 b5 |p....g|..g.F^.a.| 00000370 9b b8 31 fc cc 80 a3 07 30 c9 f5 f9 90 fb e2 0d |..1.....0.......| 00000380 dc 93 ab de 38 25 83 f8 77 0c 94 53 75 68 c7 71 |....8%..w..Suh.q| 00000390 72 6f 61 77 a7 d7 c7 ed 5c d3 08 18 9f 64 f4 6e |roaw....\....d.n| 000003a0 30 dc 05 b1 65 11 79 08 66 34 8c 06 99 a9 00 26 |0...e.y.f4.....&| 000003b0 86 2c e4 b5 6d cf db b1 03 f0 d0 c5 c0 f5 50 04 |.,..m.........P.| 000003c0 f7 27 97 3e 31 19 aa a8 58 c4 78 43 a9 e3 76 0d |.'.>1...X.xC..v.| 000003d0 98 88 20 07 11 4c d6 8a 66 31 72 2e ed 47 66 71 |.. ..L..f1r..Gfq| 000003e0 9a 3e 9c 0d 1c 17 df ab 6a 52 b4 43 a6 c2 64 30 |.>......jR.C..d0| 000003f0 45 08 b8 de 59 be 3a f9 17 03 03 00 35 94 9b 02 |E...Y.:.....5...| 00000400 47 a6 e3 55 9f 95 8a 8d 35 3b bb 56 ec 10 ab dd |G..U....5;.V....| 00000410 a3 ca fe ad bf 25 90 76 c4 15 a0 c0 73 d5 96 96 |.....%.v....s...| 00000420 44 bc ba e9 09 f5 8e e7 e7 7d db f2 e7 9f 99 d2 |D........}......| 00000430 dc e7 |..| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 02 1e 64 ba 97 ba 8d |...........d....| 00000010 3f 1b d5 5b c5 2e e5 b9 10 01 37 c9 5c e5 ed 39 |?..[......7.\..9| 00000020 7f 9c 8b f8 ef 50 64 5e 30 05 16 ac 80 51 96 78 |.....Pd^0....Q.x| 00000030 2a 50 0f 1e d8 76 ab fd bd 7f 3b 17 7e 1d e9 f5 |*P...v....;.~...| 00000040 03 76 1b 66 3d 15 dc f3 65 a2 aa a9 23 89 09 e9 |.v.f=...e...#...| 00000050 dc de a6 27 fc 21 d9 97 d4 08 05 9a 1c 49 8c ee |...'.!.......I..| 00000060 fc bd f1 9f e2 4e 3a e3 ee 07 39 d0 34 05 cb 18 |.....N:...9.4...| 00000070 83 2b 68 45 df 84 4b b2 c3 79 42 73 b9 f1 1c f2 |.+hE..K..yBs....| 00000080 5f d9 5c f5 7c 4e 86 5e 97 78 ea 0a fa e7 60 68 |_.\.|N.^.x....`h| 00000090 80 c3 17 5f e7 92 9d 6e 9a 92 37 84 92 4b 83 9c |..._...n..7..K..| 000000a0 fa 4c 2a 82 23 eb 67 d0 b2 cc 9e 59 8f 2c e7 bc |.L*.#.g....Y.,..| 000000b0 b3 4f 2a 0c 93 bf 17 b8 48 70 5e 0a 85 92 6d 2a |.O*.....Hp^...m*| 000000c0 ac 81 9e cd 2c 59 fc a7 e3 5b 82 d5 e3 f5 cd c2 |....,Y...[......| 000000d0 8a 68 b8 e9 36 e2 08 0b f7 09 9c 17 95 a3 5e 3d |.h..6.........^=| 000000e0 ef 7c c6 5c fe 32 9e 9d 31 c9 b7 76 5a 71 c3 d7 |.|.\.2..1..vZq..| 000000f0 cd e3 c6 70 e5 2f 07 df 1d b4 34 56 0b ed 52 13 |...p./....4V..R.| 00000100 bc b2 ac 66 0c 84 b0 2e 32 93 08 f2 04 91 8e e3 |...f....2.......| 00000110 7b 7f 22 2a a9 04 50 5c 78 f1 06 c5 fd 2c 4c 77 |{."*..P\x....,Lw| 00000120 a9 17 b5 a8 42 6d f2 0e 87 32 d3 7f be 9e 1d 09 |....Bm...2......| 00000130 50 10 25 9d f1 a5 25 c3 c2 be 0d 8d 8e 96 5e 1c |P.%...%.......^.| 00000140 83 06 45 bc f0 5b 6f b5 0a 02 2a cc ce ac 7e 62 |..E..[o...*...~b| 00000150 f0 b1 89 25 30 bc 12 d2 da f9 1d d0 46 55 97 4c |...%0.......FU.L| 00000160 09 39 e1 a5 1f 4d e1 aa bd 6f 1f 0d 79 4a aa 49 |.9...M...o..yJ.I| 00000170 73 25 dc a5 bd f7 2b 64 3c 84 ed b0 ef 13 c5 6c |s%....+d<......l| 00000180 16 8b 27 bf a5 3d 15 f2 4a 3b 53 ad ba e9 9e 2a |..'..=..J;S....*| 00000190 6d f2 44 5c 66 69 04 94 27 99 08 8e c2 7e c6 69 |m.D\fi..'....~.i| 000001a0 f7 65 1d 0b a5 8c 35 52 0b f1 bd 59 ca d1 bf 44 |.e....5R...Y...D| 000001b0 47 b0 7b f8 3b a0 84 55 73 c2 83 bb 9d e0 bc ed |G.{.;..Us.......| 000001c0 60 07 32 ce 71 b3 60 12 ef ca 28 bb 6c fb bb c7 |`.2.q.`...(.l...| 000001d0 3e eb 05 65 a5 26 1a 6c 40 c8 b4 4e 31 12 a0 96 |>..e.&.l@..N1...| 000001e0 19 66 86 f5 1e f8 bd 6d f4 2e 98 60 fe ff 22 1e |.f.....m...`..".| 000001f0 a9 27 49 87 77 7d b4 5d ea f8 bc 3a 10 15 84 8c |.'I.w}.]...:....| 00000200 cd aa 2c e8 94 93 a5 ee db 7a d8 96 e9 d5 68 e9 |..,......z....h.| 00000210 34 68 40 5b dd 18 dc f0 ef b7 17 72 fd 06 70 d1 |4h@[.......r..p.| 00000220 b6 89 ae 66 40 40 f7 61 0b 17 03 03 00 a4 26 c1 |...f@@.a......&.| 00000230 3c d9 6c 83 52 e3 5e 64 46 7f 12 1d 3d c7 7d 0f |<.l.R.^dF...=.}.| 00000240 a9 8f d3 45 f5 81 46 16 24 c6 c3 7e 5f e4 25 be |...E..F.$..~_.%.| 00000250 00 33 7a 1c 35 d4 5c 64 54 56 08 66 4d 2f 68 15 |.3z.5.\dTV.fM/h.| 00000260 1b 71 d9 aa c9 9e e0 cc d2 73 a9 99 41 9b 08 1f |.q.......s..A...| 00000270 d4 41 de e5 4f 1f 30 65 61 02 8e 6f 79 d7 47 86 |.A..O.0ea..oy.G.| 00000280 2f e6 0e 65 9e 06 e8 98 d1 fe bc 89 b4 bc f4 9b |/..e............| 00000290 70 02 06 e4 9d 37 dd 1b 63 b6 06 62 1a c7 45 30 |p....7..c..b..E0| 000002a0 9d 08 64 35 8b 96 88 9a 1e 58 2f d0 ef 44 39 04 |..d5.....X/..D9.| 000002b0 3c bf e2 e6 c4 73 de f9 b0 10 ed 56 eb 04 bd 4e |<....s.....V...N| 000002c0 89 38 50 3b e7 e5 12 7c 8e 74 b2 a5 79 2d 88 7b |.8P;...|.t..y-.{| 000002d0 e5 1b 17 03 03 00 35 42 b2 61 24 4c 38 b5 d1 42 |......5B.a$L8..B| 000002e0 93 12 66 c5 be 3c f0 b1 b2 6b 86 07 99 7d f3 e4 |..f..<...k...}..| 000002f0 74 2b 43 98 38 df 70 7a e5 f7 67 cf c3 08 23 19 |t+C.8.pz..g...#.| 00000300 4a cf 06 26 fe 56 4a 97 4a 82 70 09 17 03 03 00 |J..&.VJ.J.p.....| 00000310 17 9b 3f bb 09 7d 4f c9 05 42 f7 d1 a7 59 0c a7 |..?..}O..B...Y..| 00000320 c6 9b 36 e1 46 ad 9b 89 17 03 03 00 13 ae a5 51 |..6.F..........Q| 00000330 76 d8 3a 77 a8 a0 38 70 bf be c8 fb ff fe 53 09 |v.:w..8p......S.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ClientCert-Ed25519000066400000000000000000000223731373277661100271660ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 a5 5b a0 2c f5 |....z...v...[.,.| 00000010 57 cc 49 88 64 7d ea 7c ee 61 cf fc 94 9f d4 5c |W.I.d}.|.a.....\| 00000020 bb 83 80 5a f5 7c a3 fc 0a c8 61 20 00 00 00 00 |...Z.|....a ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 fe |..+.....3.$... .| 00000060 e1 43 bd 10 b3 f6 3b 4d 7c 46 8f a3 bc 7d 08 08 |.C....;M|F...}..| 00000070 22 ed aa 9b 7b 89 f3 87 13 7e fe 6c b0 db 3f 14 |"...{....~.l..?.| 00000080 03 03 00 01 01 17 03 03 00 17 2b ce 52 22 34 c5 |..........+.R"4.| 00000090 d9 2c ae d0 23 4d 0c 6e b4 f0 c8 58 11 22 54 bb |.,..#M.n...X."T.| 000000a0 15 17 03 03 00 42 96 b4 72 be f0 6b d3 b0 82 7c |.....B..r..k...|| 000000b0 dc d2 67 69 2c d4 40 a1 7a 3d 9a 39 a5 29 ca 64 |..gi,.@.z=.9.).d| 000000c0 c5 0b d2 ba 7c c3 73 e2 93 0d 44 e3 64 ce ec b2 |....|.s...D.d...| 000000d0 90 ae e2 df 18 f8 f5 93 5f 91 80 c2 b4 00 e7 de |........_.......| 000000e0 f5 3f 4d c8 de 4c 5f f0 17 03 03 02 6d c6 df 33 |.?M..L_.....m..3| 000000f0 1e 12 40 02 7f 46 67 d8 4b 98 d7 5e f7 0a bf dc |..@..Fg.K..^....| 00000100 fe 3c 7f 00 2d 74 31 cb 10 35 e2 eb 16 11 d1 2f |.<..-t1..5...../| 00000110 10 bf 8c 4d 37 c7 1b f6 23 a3 3e 68 87 1a 50 53 |...M7...#.>h..PS| 00000120 64 7c 0d fd 0d 06 32 93 17 85 da e0 d4 86 2c 5f |d|....2.......,_| 00000130 0a 91 9a fd 00 87 f1 f4 fc 18 22 a1 2e 21 44 7d |.........."..!D}| 00000140 6c ca 2c 0d f2 38 15 d1 9d 86 9b 67 b6 b4 06 6d |l.,..8.....g...m| 00000150 30 07 a8 b1 b8 7a 5d 1d 17 d0 c5 1a 40 a3 42 b5 |0....z].....@.B.| 00000160 dc 56 c8 ec c3 c3 4e ff 5f 7c ce 27 fa a6 82 2a |.V....N._|.'...*| 00000170 b9 85 47 4e 0b d1 84 17 92 a6 42 86 9a 65 1c a9 |..GN......B..e..| 00000180 45 be af a7 95 03 0b db 84 fa 5d 1b 7e 57 72 40 |E.........].~Wr@| 00000190 ab a3 9e 46 50 3f c7 03 94 9a 4a 02 bd 9a 90 1c |...FP?....J.....| 000001a0 42 c9 98 e9 81 cd e8 73 a6 82 42 20 24 89 d5 8d |B......s..B $...| 000001b0 48 20 df d4 f4 d2 15 e4 c0 28 ee d8 2a 1b ad b8 |H .......(..*...| 000001c0 1d a4 86 e1 b4 89 97 e8 36 63 aa 9c f4 7e 65 c6 |........6c...~e.| 000001d0 12 86 41 54 b3 4a 79 9f 48 33 fc fc 0d f5 14 47 |..AT.Jy.H3.....G| 000001e0 ba ae d3 20 64 37 f1 cd 9e 1b cc b2 27 68 e6 f2 |... d7......'h..| 000001f0 95 0c 29 59 f2 15 2e 97 60 f3 8d 1b b1 65 cd 4f |..)Y....`....e.O| 00000200 0d a5 0a 34 59 63 20 f0 71 e6 d5 13 f2 4e dc 73 |...4Yc .q....N.s| 00000210 5b 1a 36 d7 6a aa b0 30 f4 ff 68 ad f5 5e f0 12 |[.6.j..0..h..^..| 00000220 0c 34 a8 4d 91 03 8e 4a 30 07 23 49 41 7a fe 19 |.4.M...J0.#IAz..| 00000230 62 5b 6a a0 4d d5 54 a1 1f 45 91 86 b3 a1 c3 32 |b[j.M.T..E.....2| 00000240 62 79 a8 93 b3 d4 43 0c a8 12 10 4f f5 53 c3 3b |by....C....O.S.;| 00000250 d9 73 ef 42 be 1d f5 70 fd 9f ca 54 20 3a 33 c9 |.s.B...p...T :3.| 00000260 f6 e8 55 13 b3 ab 45 c8 bb 5c 6b b9 39 a9 04 ac |..U...E..\k.9...| 00000270 1c 3c 5a aa b7 91 2c 0c f6 74 ea 6b 2d e2 9a 3c |..$.......| 00000360 1b f5 7a dc 63 8d 5e 75 de 72 cf 41 ca 75 ab d9 |..z.c.^u.r.A.u..| 00000370 55 b0 b5 81 a9 6c a9 f6 1d ea 66 dd dd 86 f5 03 |U....l....f.....| 00000380 12 08 9d b4 07 48 eb 8b 45 f1 35 b1 31 bd 5d f3 |.....H..E.5.1.].| 00000390 e2 34 73 9a e5 87 b7 8b 0b 8b ab 7e 05 db 56 db |.4s........~..V.| 000003a0 4f 4c 52 1a 3b 5d 4c 53 b1 49 40 81 5e 73 af 26 |OLR.;]LS.I@.^s.&| 000003b0 21 e6 e3 5c 4a a6 f6 07 56 de f5 76 5c 67 d8 d5 |!..\J...V..v\g..| 000003c0 eb f3 6a fb 6d b7 00 bc 6b 28 c9 63 4d 58 76 97 |..j.m...k(.cMXv.| 000003d0 aa 51 2b f3 03 9c 70 3b 3e b2 a4 16 a0 a0 e0 43 |.Q+...p;>......C| 000003e0 77 da 88 2d 48 3b 07 e2 8d a6 e2 80 85 68 ac dc |w..-H;.......h..| 000003f0 ce 66 2f 97 20 9e 4e 33 17 03 03 00 35 f6 ce 98 |.f/. .N3....5...| 00000400 8b 01 f5 75 8e 98 42 02 b1 b8 90 f3 08 96 e8 5a |...u..B........Z| 00000410 d4 7c ef d1 62 1e b3 36 39 d9 b2 59 1f 1f cc 74 |.|..b..69..Y...t| 00000420 f2 a8 62 11 00 28 31 fa d9 5a 27 10 7b 93 ff de |..b..(1..Z'.{...| 00000430 a0 ec |..| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 01 50 57 2a 94 d7 c1 |..........PW*...| 00000010 40 42 d3 aa e3 d8 b3 e4 13 ff 51 ee 8a 52 9d 9c |@B........Q..R..| 00000020 c4 a4 40 91 72 0f c9 4e fe 56 22 89 ea fb 6d 05 |..@.r..N.V"...m.| 00000030 a2 96 97 4b fa ef ec 13 b6 13 3b 69 6c 65 c0 74 |...K......;ile.t| 00000040 e5 54 df a4 97 50 f7 85 a1 c7 fb 52 84 56 98 16 |.T...P.....R.V..| 00000050 52 b6 eb 5a d0 72 6e 65 98 81 bb f5 2a 4c ed 1a |R..Z.rne....*L..| 00000060 90 e1 01 a6 2b eb e0 1d 06 ba 8a d4 47 45 90 f0 |....+.......GE..| 00000070 91 bd c4 d7 54 ba 44 30 78 42 15 42 74 59 1c c7 |....T.D0xB.BtY..| 00000080 56 34 39 64 8e f8 0a 0f 2b 35 0f 06 97 34 3e 5e |V49d....+5...4>^| 00000090 00 00 5a f0 07 0a f5 66 46 86 94 8c 0b 62 1c fd |..Z....fF....b..| 000000a0 cc cf fd 5d 06 96 1e 21 9e 20 d5 07 5f 5a 00 9f |...]...!. .._Z..| 000000b0 6f 80 36 5e aa 56 d0 07 00 20 08 55 48 fe 6c a1 |o.6^.V... .UH.l.| 000000c0 b1 22 f3 94 54 7e 7e d5 e9 f0 71 69 01 fc bd 14 |."..T~~...qi....| 000000d0 a1 de 38 e4 b4 02 88 3e 66 77 3b f7 aa cd 57 a3 |..8....>fw;...W.| 000000e0 cf 6a 40 7d 93 75 79 3b 95 07 33 69 b2 8d 2a 37 |.j@}.uy;..3i..*7| 000000f0 94 d3 8d d5 b5 8a f0 94 8d 1e b4 9e 02 4f 7d 83 |.............O}.| 00000100 05 c6 c7 c8 a0 74 f1 88 f7 68 bf 4b e4 18 3b 6f |.....t...h.K..;o| 00000110 0c 6c a6 e7 75 50 b9 f6 68 2e 05 67 a3 47 df 22 |.l..uP..h..g.G."| 00000120 fa ae c1 4f a8 3d f3 bb dc 66 c3 b6 98 b7 8c 5b |...O.=...f.....[| 00000130 48 51 57 d7 43 b2 13 25 9e d5 82 6c 70 5c 42 53 |HQW.C..%...lp\BS| 00000140 a9 e8 8a 12 26 cd 3a f8 f8 e5 97 84 55 89 09 d4 |....&.:.....U...| 00000150 d4 20 40 d7 2d 6f 66 36 63 f6 53 17 03 03 00 59 |. @.-of6c.S....Y| 00000160 2f f6 22 ce f3 86 f8 ee b1 f6 49 de c8 bf 91 9c |/.".......I.....| 00000170 bc 2f fa 75 af 51 bc ee b7 a5 a9 82 35 3b 83 9d |./.u.Q......5;..| 00000180 3d 9f 57 10 07 4b af 01 66 f0 39 dd f0 4a a7 90 |=.W..K..f.9..J..| 00000190 f3 6c 28 97 80 0d a5 74 2d 22 a3 81 cd 64 2b 1a |.l(....t-"...d+.| 000001a0 d1 4e 2d 9e 8e 69 38 f8 11 9c 17 1f e6 c9 01 4e |.N-..i8........N| 000001b0 48 1f 80 43 26 d4 5a 82 30 17 03 03 00 35 e9 25 |H..C&.Z.0....5.%| 000001c0 b9 01 8e 0d 51 be 9d d1 b4 2b 0a ee 36 69 85 1a |....Q....+..6i..| 000001d0 10 a8 ff 36 e7 21 b7 f2 54 75 ca 07 52 88 48 d0 |...6.!..Tu..R.H.| 000001e0 ad 67 0b 92 52 70 fa 14 bc 7e 1d 43 f0 a2 7b df |.g..Rp...~.C..{.| 000001f0 ac 0c 19 17 03 03 00 17 98 76 d7 52 06 90 ef 00 |.........v.R....| 00000200 21 5e ec ed 0e 35 77 ef 5c f1 32 58 33 0f 06 17 |!^...5w.\.2X3...| 00000210 03 03 00 13 05 fb b3 c3 4d b5 a4 9c 52 ea bc d2 |........M...R...| 00000220 86 08 26 b8 df 5c 4c |..&..\L| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ClientCert-RSA-ECDSA000066400000000000000000000242601373277661100274670ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 cc a2 2d 09 42 |....z...v....-.B| 00000010 f0 11 87 04 64 83 e4 d8 80 a5 0f 88 69 ae f1 d2 |....d.......i...| 00000020 12 05 d2 08 75 15 86 b7 d8 69 e7 20 00 00 00 00 |....u....i. ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 c9 |..+.....3.$... .| 00000060 b4 93 8b 5b b0 ae 93 4a 01 26 0c fb db 3f 53 0b |...[...J.&...?S.| 00000070 04 ca 65 63 3f d7 d9 f9 fc ca ea 4c f2 08 3c 14 |..ec?......L..<.| 00000080 03 03 00 01 01 17 03 03 00 17 85 f6 ff f8 58 7f |..............X.| 00000090 2a d9 e0 12 82 d6 31 64 29 70 05 24 0f 17 1e 9f |*.....1d)p.$....| 000000a0 dc 17 03 03 00 42 16 7b d5 fa a6 30 94 8e a0 a7 |.....B.{...0....| 000000b0 24 59 b9 3d 85 b0 2f d9 25 c6 5a b5 7f 51 ca 54 |$Y.=../.%.Z..Q.T| 000000c0 4a f7 f0 72 bb dd 5e 70 14 6d 46 3f b3 86 6f c1 |J..r..^p.mF?..o.| 000000d0 a4 5f 6d ba 97 f3 38 c0 24 4a 9f de 7b b9 49 12 |._m...8.$J..{.I.| 000000e0 71 02 f8 bc bc 65 5a ea 17 03 03 02 22 f9 92 7e |q....eZ....."..~| 000000f0 34 eb b3 a4 03 8e ec 48 30 a0 9b ac a6 7b b3 a5 |4......H0....{..| 00000100 d0 4a 89 2c 92 6a c6 04 de b2 86 72 0a f1 97 61 |.J.,.j.....r...a| 00000110 da 70 ef 25 5a a3 f1 b3 3d 78 f1 ec 2b 8f 34 2b |.p.%Z...=x..+.4+| 00000120 c9 94 e7 d2 9e 2f 09 5d 7a e3 2e fc 6e e1 ef 80 |...../.]z...n...| 00000130 e6 0c e9 3e 07 bb b7 0e 74 0c e8 19 fe 7f d8 d0 |...>....t.......| 00000140 fa 70 03 c1 31 c2 76 51 c3 d0 ed a6 a1 0d 20 74 |.p..1.vQ...... t| 00000150 86 15 99 51 71 f8 3d 8e 1c 8c a8 19 0a 9c ac 4a |...Qq.=........J| 00000160 ab 0e e6 cc 52 a0 a8 ca d9 71 54 aa 2c 8b 6f 5b |....R....qT.,.o[| 00000170 f9 46 07 0d 86 40 d9 54 33 8e de 54 a5 c2 6e 36 |.F...@.T3..T..n6| 00000180 14 0e e3 52 78 05 56 90 98 2c e1 ec 26 f6 bd 6a |...Rx.V..,..&..j| 00000190 e5 0b 31 e1 a4 2a 2a 96 1b d6 57 87 ac a8 07 71 |..1..**...W....q| 000001a0 83 d9 70 1e 5e 63 9b d1 01 83 e7 c9 c8 1c 5a 34 |..p.^c........Z4| 000001b0 05 c0 7b da 1c ca 5f 99 49 9a 04 da c9 1c 9b ed |..{..._.I.......| 000001c0 b4 af 9d ff 36 71 1b 3a 00 e8 6a c4 6e 47 d9 4a |....6q.:..j.nG.J| 000001d0 64 f5 c1 07 ab 19 c8 65 a3 33 26 99 be 53 c3 86 |d......e.3&..S..| 000001e0 97 10 ef c1 54 8e 69 6c b1 29 aa 7d c1 63 67 ba |....T.il.).}.cg.| 000001f0 d7 72 7c 74 83 58 bd 5a a8 a8 5f 49 38 ee 1e 34 |.r|t.X.Z.._I8..4| 00000200 c8 98 19 73 97 2d 76 e6 d7 0d 15 75 a0 98 1f 15 |...s.-v....u....| 00000210 c9 b8 3d 3f cb 92 a1 39 4b 91 ca e0 d2 0e 38 c2 |..=?...9K.....8.| 00000220 20 eb f2 b5 04 64 fa d8 e2 d7 2f ba 88 7e f4 37 | ....d..../..~.7| 00000230 c1 68 c4 2f c9 54 a1 21 5d 4b e7 67 3b 2e 6a 06 |.h./.T.!]K.g;.j.| 00000240 55 ba d4 8d fe 0e b1 b7 2d cf c2 82 ed 27 3d 5b |U.......-....'=[| 00000250 9b 3b 28 a9 d4 c4 3c a0 45 b1 77 37 8b f8 7e f0 |.;(...<.E.w7..~.| 00000260 51 90 fe 7a 74 14 ac f7 59 8b ed be 79 b0 4b 89 |Q..zt...Y...y.K.| 00000270 d9 0c 39 fe 45 9d 15 0c a6 96 26 0d b2 29 b0 a4 |..9.E.....&..)..| 00000280 29 62 df 4b c0 a0 05 f1 e8 8b 16 af ea 42 8b 58 |)b.K.........B.X| 00000290 5a ae f6 28 d8 40 09 d1 1e 21 b3 c7 a8 e2 30 4a |Z..(.@...!....0J| 000002a0 27 e6 c4 ba ff 62 91 7b ab 64 18 65 02 e2 10 68 |'....b.{.d.e...h| 000002b0 87 35 c2 09 5b 23 a4 eb 96 19 a7 1e 75 85 6e 17 |.5..[#......u.n.| 000002c0 0e bc 11 1a f5 49 05 92 f7 0e e4 c7 85 da 4e 26 |.....I........N&| 000002d0 5b de f2 dc 36 fb dc dd c6 42 23 0c a7 de 8d ad |[...6....B#.....| 000002e0 f5 2a 8b ff b4 5d c6 ca ec e3 83 a4 1e 23 3a 2d |.*...].......#:-| 000002f0 1a 52 51 11 f5 3b 93 47 89 c8 fc 21 b0 a3 4f b3 |.RQ..;.G...!..O.| 00000300 6e d2 83 ca 20 75 fc 43 43 e5 1d 5d 57 c9 7c 17 |n... u.CC..]W.|.| 00000310 03 03 00 a4 dc 79 73 47 d4 f5 72 c9 12 46 ed 3c |.....ysG..r..F.<| 00000320 d0 61 20 81 a9 ad 64 f3 f1 77 7f f1 74 09 67 80 |.a ...d..w..t.g.| 00000330 c1 08 07 9c 50 b8 7d f5 70 f5 c6 a1 5f ba 37 78 |....P.}.p..._.7x| 00000340 58 37 e3 f4 3f 03 1d 69 6f af 2f 2b 8b 10 95 5a |X7..?..io./+...Z| 00000350 be a1 5c b8 42 61 65 5a 27 35 f6 b4 57 3d 3a 6b |..\.BaeZ'5..W=:k| 00000360 f4 e9 90 88 7b e3 7c bf be 51 19 0e 51 53 cd 10 |....{.|..Q..QS..| 00000370 2c 70 76 9e d1 32 28 8f c4 6c 01 2c 46 8f 4d 14 |,pv..2(..l.,F.M.| 00000380 21 a2 63 39 44 b3 03 0d a3 9d a0 c8 f4 cf 5d 7e |!.c9D.........]~| 00000390 d2 17 05 ee 9c 5c 1a 2e 43 dc 3f 6d d9 f2 54 5d |.....\..C.?m..T]| 000003a0 64 ff d2 1c 21 73 66 b1 2c 21 9d 3f bf fe f8 a5 |d...!sf.,!.?....| 000003b0 79 54 fe 8a d5 3d 5f f6 17 03 03 00 35 0f 01 eb |yT...=_.....5...| 000003c0 f8 46 f8 07 7a 06 69 45 e2 47 4d b0 eb 9c 82 8b |.F..z.iE.GM.....| 000003d0 5d d0 59 66 d1 b5 a2 7b b2 f0 72 6f 34 8b 2c 05 |].Yf...{..ro4.,.| 000003e0 84 53 1c 7b 24 d8 f0 cd a3 46 d1 ed 08 22 bb e6 |.S.{$....F..."..| 000003f0 38 98 |8.| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 02 11 ce 65 5f 9d 1a |............e_..| 00000010 c6 5f 48 ea da 02 77 1d 79 b2 82 1a da c4 75 aa |._H...w.y.....u.| 00000020 11 af ae 1f e4 7e d7 6f ed 75 48 56 de c8 36 05 |.....~.o.uHV..6.| 00000030 6a 97 5e 49 49 55 25 6f ef 3e ed 40 3f 91 9a ae |j.^IIU%o.>.@?...| 00000040 f4 a1 d3 02 d3 15 60 23 1b 7a 80 ef ef 60 bb 62 |......`#.z...`.b| 00000050 a3 8d 6b 24 1a 11 7d 8e 00 76 54 69 f1 b5 df 77 |..k$..}..vTi...w| 00000060 c0 3a a3 8d 9d a3 56 e7 4d 2d 68 fe 38 49 6d 42 |.:....V.M-h.8ImB| 00000070 3d 2c 69 fd 8c 53 44 af 13 8b 1d cb dc 04 16 6e |=,i..SD........n| 00000080 5a ab 0a 00 19 cf a0 8a ee bd 71 24 68 ee 18 2a |Z.........q$h..*| 00000090 ec 04 fe 0f 12 15 8e 09 e0 87 de 4e c4 2a a1 a5 |...........N.*..| 000000a0 6d be 79 6e 25 15 11 64 8c 35 71 97 fa a4 43 e2 |m.yn%..d.5q...C.| 000000b0 dd cd a1 da b3 75 5d d5 36 fb b4 6b 12 30 a7 f6 |.....u].6..k.0..| 000000c0 d7 7c 72 e1 f8 6a 8b 3e 38 13 9c da ee 07 3d 6a |.|r..j.>8.....=j| 000000d0 f5 1b 26 73 ff 24 03 1f ea dc f3 ed 6b c2 0d fe |..&s.$......k...| 000000e0 3e 03 c4 22 93 c9 9b fe 22 5c 1e fb 07 2b 1b 7f |>.."...."\...+..| 000000f0 34 ff c6 1b 24 32 4b b1 ee 4c 0b 08 b6 3b 1e aa |4...$2K..L...;..| 00000100 49 f3 04 b7 9a 42 e5 42 5a df a2 92 d3 2f 62 54 |I....B.BZ..../bT| 00000110 e1 21 08 ee ce 64 80 48 d3 6a 15 67 8c 5e d1 ac |.!...d.H.j.g.^..| 00000120 a2 64 f9 10 67 2c 27 7e 10 11 d7 09 13 2f 61 a7 |.d..g,'~...../a.| 00000130 d7 9d 2a 18 0f a8 93 c6 fc 75 5c 31 68 42 22 e6 |..*......u\1hB".| 00000140 5c e8 4d 7d 82 73 ba 97 5c d7 6a a2 14 37 85 93 |\.M}.s..\.j..7..| 00000150 48 a7 50 9c fc 66 7b 82 a8 b6 99 0f 8c 9e 40 b5 |H.P..f{.......@.| 00000160 e4 4f 98 01 db 56 03 44 f9 9f 52 a3 33 ac 77 2a |.O...V.D..R.3.w*| 00000170 b6 0a de d5 68 a5 df 67 41 8d 4c 53 9d c4 8d b7 |....h..gA.LS....| 00000180 2e 3d 1f 93 1c 23 e3 81 76 5a 99 7c 90 60 d8 4d |.=...#..vZ.|.`.M| 00000190 e4 a5 00 7d f9 2c c5 19 bc 3c a3 73 c3 83 ff 31 |...}.,...<.s...1| 000001a0 6a 67 88 32 d3 90 7f ab 20 19 1f 55 72 e4 08 bc |jg.2.... ..Ur...| 000001b0 c4 d6 24 e6 00 2d 85 be d4 9b 2c e5 7b ee 26 6b |..$..-....,.{.&k| 000001c0 49 ed 94 3d d6 ee fd 9d da 39 be 02 23 aa b9 78 |I..=.....9..#..x| 000001d0 f2 41 97 0a d9 66 15 1e e1 a2 49 f3 09 f0 25 91 |.A...f....I...%.| 000001e0 8a ea f5 38 87 ea 66 ae dc d2 04 d1 02 92 ab 6c |...8..f........l| 000001f0 a4 1a cc 1b ba 48 d5 8e 27 c4 c5 34 08 8f c2 c8 |.....H..'..4....| 00000200 e1 e6 a8 98 48 9c 43 6c f1 34 ba c0 ff 8e 22 14 |....H.Cl.4....".| 00000210 f7 f9 93 38 96 1e 73 57 28 5b 25 3e 17 03 03 00 |...8..sW([%>....| 00000220 99 c7 8d 1d 62 23 f3 c1 31 3d 45 bc d5 59 ff 47 |....b#..1=E..Y.G| 00000230 8e 34 3d 1d 06 cc e0 05 ea 38 87 f0 fd c3 84 53 |.4=......8.....S| 00000240 47 6b fb 7b 9b c2 a4 f2 1f e0 61 ab 17 32 d0 57 |Gk.{......a..2.W| 00000250 34 dd fb 42 9b ad 4c d7 20 ff b1 58 34 e0 0c b1 |4..B..L. ..X4...| 00000260 44 0c cf d3 05 be 3b 8e a2 d5 39 44 c8 22 64 ad |D.....;...9D."d.| 00000270 61 80 df 5d fd 40 0e c0 c2 41 4f a7 e5 4f b3 7f |a..].@...AO..O..| 00000280 0b db d6 ac fe ba c0 8b 24 8e e8 b2 d6 93 3d 12 |........$.....=.| 00000290 75 41 85 1d b5 4a e2 e0 f8 a1 23 8f 13 24 c6 b6 |uA...J....#..$..| 000002a0 e5 db 06 3f d8 d5 2f b5 e5 24 59 76 53 dd aa 0a |...?../..$YvS...| 000002b0 26 ba 72 23 63 ac 4d 5c 92 13 17 03 03 00 35 47 |&.r#c.M\......5G| 000002c0 59 18 68 11 0a 9a 0b 66 d3 c0 26 72 da 51 0e 00 |Y.h....f..&r.Q..| 000002d0 b0 78 8b 6a ef df 75 94 94 b0 aa 9b 77 e3 9c d8 |.x.j..u.....w...| 000002e0 23 9d 74 ce 85 55 c0 30 4c 96 5b 59 7a f6 03 2e |#.t..U.0L.[Yz...| 000002f0 d8 9c 0e 11 17 03 03 00 17 74 ed 13 0b 6a 15 18 |.........t...j..| 00000300 5e d4 5e 8a c6 e6 5c 0b 3c d0 1b 3d 68 86 2a 07 |^.^...\.<..=h.*.| 00000310 17 03 03 00 13 6f e2 fe a0 b8 95 d4 aa fd 11 2b |.....o.........+| 00000320 e8 6d 42 28 d1 ca 1c 5e |.mB(...^| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ClientCert-RSA-RSAPSS000066400000000000000000000255731373277661100276730ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 6d 36 ae 02 a9 |....z...v..m6...| 00000010 74 ad e5 4d 55 b6 4a 70 c6 f5 cf d5 68 d9 2a 5f |t..MU.Jp....h.*_| 00000020 9b 4b 23 ce 38 9b f3 da 44 72 7d 20 00 00 00 00 |.K#.8...Dr} ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 ba |..+.....3.$... .| 00000060 2a 76 cb fb 6c 6b bb 30 fb ef 87 6f e5 06 5c 6f |*v..lk.0...o..\o| 00000070 78 a7 44 41 93 c0 33 89 be 32 8c 0f fa 5c 43 14 |x.DA..3..2...\C.| 00000080 03 03 00 01 01 17 03 03 00 17 ac 3e 8a 31 22 16 |...........>.1".| 00000090 d3 69 bf 1d b5 2e 18 23 b3 21 00 17 23 a4 3f 9a |.i.....#.!..#.?.| 000000a0 0b 17 03 03 00 20 aa f0 51 64 b5 44 f0 28 ab 56 |..... ..Qd.D.(.V| 000000b0 da 34 2d 62 77 4d 88 07 b6 82 ad 64 df e6 59 c9 |.4-bwM.....d..Y.| 000000c0 91 e5 f8 f2 67 88 17 03 03 02 7a cf 2d 71 db 3f |....g.....z.-q.?| 000000d0 05 45 b8 68 18 1c b9 66 b6 00 f8 dc 9d ae e5 d2 |.E.h...f........| 000000e0 a3 a8 02 5f ac e4 95 a6 fc 96 78 7b fd 0a 21 62 |..._......x{..!b| 000000f0 ff 7c 15 2c fb f1 21 15 1e 8d 9e f9 71 62 43 e4 |.|.,..!.....qbC.| 00000100 c9 69 e4 fe 87 f0 9d 9e aa a4 5c d8 4e ae 3c 38 |.i........\.N.<8| 00000110 e5 76 21 7b 03 a8 70 6f e8 96 39 34 e7 3c b9 51 |.v!{..po..94.<.Q| 00000120 b4 ef ce 7d 0b 1e 57 7d 62 de 47 6a 0a b0 97 6d |...}..W}b.Gj...m| 00000130 49 fe ae 6f c9 d6 e4 4a 54 60 3d 55 53 06 aa 28 |I..o...JT`=US..(| 00000140 7a 3e 7b e0 d1 8a 60 45 87 81 bf fc 98 13 1e de |z>{...`E........| 00000150 7a 90 73 81 13 91 3a c4 da 71 74 e0 1d d5 30 55 |z.s...:..qt...0U| 00000160 46 6a 48 c2 0c 18 91 a3 79 8e c2 b9 5b 24 88 76 |FjH.....y...[$.v| 00000170 5f e6 8f 24 91 95 5b 0d 38 39 5b a4 f6 0e 1a b8 |_..$..[.89[.....| 00000180 e8 2b 0d ac a8 56 10 23 54 a5 78 c9 2a cb ed 24 |.+...V.#T.x.*..$| 00000190 58 16 1a 2f 1c b7 72 fc da ab 56 f6 27 d1 98 39 |X../..r...V.'..9| 000001a0 1f f9 dd e0 1f 1f 23 1a ff 6b af e1 17 9d ec 35 |......#..k.....5| 000001b0 de 0b 4d a4 46 5a fd 07 56 ce 72 19 76 dc 0c 06 |..M.FZ..V.r.v...| 000001c0 99 38 ce 58 3b 9f 13 9a d5 b7 d6 08 a6 05 4d e1 |.8.X;.........M.| 000001d0 75 da 59 4d ab d9 28 e8 af c4 50 f0 b1 49 f8 fd |u.YM..(...P..I..| 000001e0 c9 11 b8 01 70 bb 49 e2 0f 26 1b cb ee c2 7b bd |....p.I..&....{.| 000001f0 2f 72 78 be a1 67 1d 0c d0 bb 4e e7 40 b3 bd 8c |/rx..g....N.@...| 00000200 e2 f4 4f b2 c5 4c 82 49 51 00 44 17 c6 82 72 f5 |..O..L.IQ.D...r.| 00000210 cd 55 c1 43 28 52 85 2b 5d 91 33 9c 15 34 6e ae |.U.C(R.+].3..4n.| 00000220 77 4e 08 0c 9c d2 ae 7f e8 83 af 60 96 10 ae dc |wN.........`....| 00000230 58 6a 3b ae 15 e5 9c a8 25 f3 69 71 f7 94 9c 75 |Xj;.....%.iq...u| 00000240 e0 b5 05 16 ae ce f4 23 20 30 aa 74 a3 63 68 76 |.......# 0.t.chv| 00000250 f6 ec 64 e1 3d f6 0e b6 c4 7d a8 08 44 a9 96 1d |..d.=....}..D...| 00000260 7d c8 22 a8 df 04 2c ad 65 f1 4c 99 7d a1 cb bd |}."...,.e.L.}...| 00000270 b7 d4 d7 b5 ee 88 bd 15 2e 75 76 e2 72 bb 7d e6 |.........uv.r.}.| 00000280 5b eb fc f7 96 96 f0 3c aa b6 a8 58 92 e9 29 f6 |[......<...X..).| 00000290 40 bf 8e 14 23 7c 45 da e9 17 4b 32 16 11 ec 74 |@...#|E...K2...t| 000002a0 78 d5 8c 5a 06 46 e4 dc 90 b9 44 8e d6 8a 4e 43 |x..Z.F....D...NC| 000002b0 7f f9 60 9e a1 46 fa 16 88 ab 3c f1 1e d0 2e 00 |..`..F....<.....| 000002c0 5d 01 e6 a7 b1 27 f7 40 26 17 f3 da fb cd 06 d1 |]....'.@&.......| 000002d0 4e 27 75 9a 6f 0b 63 82 9c 40 07 4c 6e 0d d8 4b |N'u.o.c..@.Ln..K| 000002e0 f1 e6 d5 1c 41 55 72 b5 43 24 53 1e 0e a4 08 d7 |....AUr.C$S.....| 000002f0 44 93 00 c9 8b 49 ba 7a 32 0c d8 e6 46 87 5d 62 |D....I.z2...F.]b| 00000300 9d 4a 11 04 67 21 19 42 50 ad ad ab dd 62 0f f7 |.J..g!.BP....b..| 00000310 0f 57 78 82 71 f6 09 9f 41 bc 8e 34 24 7c b5 d2 |.Wx.q...A..4$|..| 00000320 5d 0c 18 fb d8 f6 62 dc 57 6a 78 2c 21 35 d8 eb |].....b.Wjx,!5..| 00000330 bb f8 7e 01 63 50 c1 98 88 a4 b5 63 1e c0 68 3c |..~.cP.....c..h<| 00000340 41 3c b8 6e 48 17 03 03 00 99 b6 09 37 a6 c2 d9 |A<.nH.......7...| 00000350 5f 39 69 e1 0b ca 40 d8 31 5b 4b 4f c1 33 bf 1f |_9i...@.1[KO.3..| 00000360 db c2 8c 9c d2 14 26 96 4e aa b2 63 30 40 fa 49 |......&.N..c0@.I| 00000370 fb 2d 66 59 70 cb c7 f8 fe 59 19 8b eb d5 5c 6c |.-fYp....Y....\l| 00000380 5c a0 c9 ba e6 4d d9 c3 e0 fe 00 c4 fb ab 8a f1 |\....M..........| 00000390 2b ab 53 86 a7 86 57 01 b8 ae c4 a6 12 6b 7d f8 |+.S...W......k}.| 000003a0 ea 2d df 37 04 01 eb 14 f4 9a d0 e7 67 46 ec 9f |.-.7........gF..| 000003b0 35 f8 d4 2e c6 95 91 10 0e dc 01 60 9a d6 f8 d8 |5..........`....| 000003c0 9e c1 fd f8 2e e2 51 8a e9 2f c3 4a 4f 01 31 52 |......Q../.JO.1R| 000003d0 af cb 4b 52 96 4c 90 57 83 1f 11 97 d6 d6 16 74 |..KR.L.W.......t| 000003e0 77 f8 c4 17 03 03 00 35 b0 61 57 8f 52 7e 93 b1 |w......5.aW.R~..| 000003f0 f0 90 a1 23 09 6e 11 ff a5 6c 38 f3 31 11 be 03 |...#.n...l8.1...| 00000400 ad 59 65 57 1b 60 2b fc 41 98 e0 79 6d 14 26 c8 |.YeW.`+.A..ym.&.| 00000410 fb d6 5f 00 e0 cc 70 46 a3 81 e4 3c ff |.._...pF...<.| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 02 7a 22 a3 3d 18 f8 |..........z".=..| 00000010 a2 c7 8e 62 c3 07 99 b4 e6 bd 94 79 12 82 e9 e0 |...b.......y....| 00000020 96 ff 5f c3 ec 34 02 2f 8d 95 2f 40 80 99 19 a3 |.._..4./../@....| 00000030 bd 64 fd e4 0e b3 81 ad 4c 2e d9 72 d2 a3 bd 00 |.d......L..r....| 00000040 81 42 78 5d f3 70 c3 78 0b fa cd b8 96 17 5e e7 |.Bx].p.x......^.| 00000050 6e 03 b8 c6 ab 2b 2e 63 45 c7 b1 c9 98 71 c9 1d |n....+.cE....q..| 00000060 bb 7b 6e 6d c7 d5 90 b8 b2 4e 62 1a 8f cf 7d 99 |.{nm.....Nb...}.| 00000070 52 3d 70 40 0f 0f 96 1c ee a7 ff 29 2a 53 de d4 |R=p@.......)*S..| 00000080 34 f9 d9 b2 33 2c 69 5e 2d f2 a7 62 dd ec 77 b1 |4...3,i^-..b..w.| 00000090 6c 0f 61 86 8a bc 11 1f 91 ad f4 94 de 96 dd ef |l.a.............| 000000a0 d8 be 5e 45 50 fe af 1a 03 54 20 f6 05 8e a3 b0 |..^EP....T .....| 000000b0 f7 31 93 f3 78 59 4d 54 50 99 a5 a1 53 81 1b 5d |.1..xYMTP...S..]| 000000c0 6d ea 32 e9 52 ab 83 d6 18 3f 2f 43 cd 64 ac 3f |m.2.R....?/C.d.?| 000000d0 11 6c 91 0d fa 86 f8 a5 12 eb 41 ac 24 2d 79 5b |.l........A.$-y[| 000000e0 ee 8e 02 46 f0 37 0a b1 19 c7 97 ed 97 d1 11 18 |...F.7..........| 000000f0 df 80 8f f3 d7 61 a4 fe 6c ec b0 80 4e bc e4 52 |.....a..l...N..R| 00000100 10 2f b1 6f 3f d4 39 08 81 f6 01 4b b4 d4 d5 20 |./.o?.9....K... | 00000110 6b a1 be e6 cf c7 0e 95 e9 d7 00 07 63 25 1b 64 |k...........c%.d| 00000120 4b b7 c4 79 29 84 45 45 5d 0d fe 72 2a 7e c6 bf |K..y).EE]..r*~..| 00000130 5a 98 ec e2 16 26 82 57 eb a6 dc ff 73 b6 e8 4c |Z....&.W....s..L| 00000140 87 52 e5 0a c1 6a 6f 02 69 17 17 ea e0 1c c1 07 |.R...jo.i.......| 00000150 b4 f4 78 a7 99 39 8b 63 61 c2 7e 99 f4 64 16 d6 |..x..9.ca.~..d..| 00000160 0a 84 9a 0f d4 f4 bd 4d d4 4f 16 ec 19 30 a7 34 |.......M.O...0.4| 00000170 f9 b9 60 10 39 25 ee 9d bd 99 37 52 e6 32 a1 c9 |..`.9%....7R.2..| 00000180 68 9b a2 4e 16 91 0e 54 54 d5 c5 77 bb 01 ba af |h..N...TT..w....| 00000190 97 be ea 09 85 91 69 84 4f 2c 04 f0 38 50 93 49 |......i.O,..8P.I| 000001a0 e7 41 cb c1 d6 b6 77 59 09 7c 1e 0a 58 93 1e b4 |.A....wY.|..X...| 000001b0 cf ed 32 85 b0 cd 6f 86 c7 94 8c 30 9d 83 a2 a0 |..2...o....0....| 000001c0 4a de ad 8c b9 d8 58 d3 8c 34 6b 12 54 f1 28 66 |J.....X..4k.T.(f| 000001d0 ea 55 d9 95 d0 b6 b3 aa 68 c3 31 e1 8f 1b f8 43 |.U......h.1....C| 000001e0 51 b9 06 fc 53 69 9b 1c e6 2c f8 b7 f0 47 4a 5a |Q...Si...,...GJZ| 000001f0 82 ca 27 df 0f 3d f8 79 90 8d c2 bd 27 85 74 6b |..'..=.y....'.tk| 00000200 9e 8b eb 74 a8 28 ba 6a 25 16 01 2c 56 3b c0 fa |...t.(.j%..,V;..| 00000210 91 ac af a7 c5 39 8d 2c b1 f3 a2 c9 a5 72 c6 ff |.....9.,.....r..| 00000220 49 a0 78 14 5c 8c d2 71 de b9 4f 55 3a ca b6 a5 |I.x.\..q..OU:...| 00000230 df ce bb f7 c2 d5 af 2c c0 97 08 82 cc b4 02 26 |.......,.......&| 00000240 c3 0c 99 39 4a df 6c d6 59 14 c4 d6 04 9d a4 92 |...9J.l.Y.......| 00000250 d2 53 42 16 56 99 5f c2 82 a0 a8 5a 92 53 e6 b1 |.SB.V._....Z.S..| 00000260 cd fc bc 9a b9 55 0b ae 2c 50 ce a3 bf d2 7d d2 |.....U..,P....}.| 00000270 2b 58 ba 87 65 33 09 cf 74 51 0f 4b 4f a9 53 0d |+X..e3..tQ.KO.S.| 00000280 fa 60 1e ba e6 17 03 03 00 99 aa 43 d9 e2 e4 91 |.`.........C....| 00000290 cf 65 fa 35 0e b0 21 51 9d c4 33 f5 7c 09 ff e5 |.e.5..!Q..3.|...| 000002a0 db fd 6e 96 6d 13 7c 4c ec 90 72 bd 54 6a 3f d8 |..n.m.|L..r.Tj?.| 000002b0 1a a3 e2 a2 01 6b d6 50 a0 b1 d5 67 34 44 42 30 |.....k.P...g4DB0| 000002c0 97 2e 82 07 46 04 56 0a 43 4b 9d 8c 81 64 bb 0b |....F.V.CK...d..| 000002d0 21 62 ea 23 0b 1c a0 c4 b2 cc 2f 51 b5 a2 9a a3 |!b.#....../Q....| 000002e0 37 d3 0c 57 80 85 77 3b 8d 17 f1 a9 d5 ae 72 f9 |7..W..w;......r.| 000002f0 cd 8c c4 2c fb c7 e0 f0 3a 5c d5 6a f7 8f 7e 53 |...,....:\.j..~S| 00000300 c1 d0 7a b0 8d c9 b3 17 7c 99 df 54 d6 43 13 d5 |..z.....|..T.C..| 00000310 78 9c 34 7e c9 11 4e e7 1c 8c f4 0f 82 89 94 61 |x.4~..N........a| 00000320 80 d2 49 17 03 03 00 35 aa cd 97 5a a2 d3 27 78 |..I....5...Z..'x| 00000330 d4 79 28 a7 57 dc 4f b1 2d b8 bd 3c ae ec e6 be |.y(.W.O.-..<....| 00000340 33 be b9 20 3b 69 22 03 31 34 7a 8d 68 39 c7 d5 |3.. ;i".14z.h9..| 00000350 a1 a0 aa 46 15 94 93 d7 54 41 5b 6b 20 17 03 03 |...F....TA[k ...| 00000360 00 17 f2 60 ff 91 c2 85 55 ed ab 39 6f 5d 0f 22 |...`....U..9o]."| 00000370 45 3e 61 07 14 a3 05 f4 94 17 03 03 00 13 01 ea |E>a.............| 00000380 95 52 29 1c 63 71 3a 2d 73 a7 29 31 2c d0 ce 9f |.R).cq:-s.)1,...| 00000390 2b |+| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ECDSA000066400000000000000000000147451373277661100250210ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 e8 ec ee 61 3e |....z...v.....a>| 00000010 c1 43 87 6d f1 61 ed d2 41 1f 7d d7 b7 c0 92 fd |.C.m.a..A.}.....| 00000020 34 17 85 7b c7 ff c4 56 dd 90 bd 20 00 00 00 00 |4..{...V... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 3f |..+.....3.$... ?| 00000060 be 50 e7 f1 b0 30 60 dc 92 50 b8 01 4a d1 3e ff |.P...0`..P..J.>.| 00000070 6e f0 bd e1 17 44 d8 19 1b c6 63 43 e5 c1 58 14 |n....D....cC..X.| 00000080 03 03 00 01 01 17 03 03 00 17 c0 b7 da 01 3e 64 |..............>d| 00000090 6b 57 ba 21 12 79 42 8c 63 1f 45 d1 f2 10 fe 98 |kW.!.yB.c.E.....| 000000a0 b6 17 03 03 02 22 90 87 e6 c3 ba 92 41 a2 96 00 |....."......A...| 000000b0 c7 92 97 ab 4b 80 02 bb 02 83 19 f3 f6 36 d5 23 |....K........6.#| 000000c0 3c c7 bd fb 97 67 86 cb 70 4c 60 9e 6c d4 7a f3 |<....g..pL`.l.z.| 000000d0 03 a5 f1 09 d5 7e 07 74 f3 c8 e4 b8 da 44 a3 94 |.....~.t.....D..| 000000e0 ee 4e 4a 7b ab 4e 92 03 49 04 4e cf 1b b3 0d 91 |.NJ{.N..I.N.....| 000000f0 0f 98 51 5c 56 4d d3 a8 75 4b e0 96 d9 9e dd c8 |..Q\VM..uK......| 00000100 81 c4 37 a0 c6 c9 ec 0f e0 f1 ed 29 ff 5a a2 d4 |..7........).Z..| 00000110 af 61 f7 b1 d5 ee e7 1d 7a e1 7f 33 8d 75 e6 9d |.a......z..3.u..| 00000120 bc 78 56 eb c5 89 d3 19 86 81 09 e1 ee 10 03 7c |.xV............|| 00000130 a4 1b 78 17 51 a3 53 b4 67 5d 29 49 21 b2 51 7b |..x.Q.S.g])I!.Q{| 00000140 f5 dc fd 60 11 ee 8f 50 ea 28 b5 db 57 04 7e 3b |...`...P.(..W.~;| 00000150 ad 6f 29 d4 22 f3 a1 4b 52 ac b8 2b 30 0c 67 16 |.o)."..KR..+0.g.| 00000160 e3 e0 7d a3 03 66 c4 39 70 8e c7 06 cf d2 6f 98 |..}..f.9p.....o.| 00000170 c1 c9 f6 a9 6a 89 b4 3e 38 97 ae e4 f2 97 a4 6f |....j..>8......o| 00000180 e2 05 f8 e9 53 c9 ae f7 87 c3 0f 68 75 9e 07 e9 |....S......hu...| 00000190 45 e9 0d 03 7e c8 79 56 30 77 e3 ea db 92 a2 f8 |E...~.yV0w......| 000001a0 5e 5b ab 77 0d 9b bc 5f 51 40 6c 1b 0d ef b4 cf |^[.w..._Q@l.....| 000001b0 4a 3d a6 8c b6 ab ce 4f 6c 08 0e 23 f0 2a 56 07 |J=.....Ol..#.*V.| 000001c0 f5 88 68 c3 0c fd 63 9b e4 56 12 a6 f5 0a ed 54 |..h...c..V.....T| 000001d0 40 30 ee 36 72 5d ca bb 5a 52 d3 84 14 c1 7e e4 |@0.6r]..ZR....~.| 000001e0 f8 fb e9 c8 10 16 54 16 1f 72 99 8c 7a 69 87 ca |......T..r..zi..| 000001f0 62 53 dc cb a4 26 73 90 fb 11 3c 3c 9f 94 65 cb |bS...&s...<<..e.| 00000200 28 94 65 ca 56 45 a8 c1 ec 08 31 dd eb bc 17 71 |(.e.VE....1....q| 00000210 cd 65 04 95 2e e7 e0 fb 73 fe 70 db 70 31 93 90 |.e......s.p.p1..| 00000220 cf 47 07 ec 92 98 c1 da fc 13 f8 8a 28 4e e8 80 |.G..........(N..| 00000230 a8 96 c2 e2 a6 cd df d4 7f 46 4a 3b e9 dd cf a5 |.........FJ;....| 00000240 75 d5 cc 67 35 81 d5 2e e4 68 c4 56 1a 46 33 5a |u..g5....h.V.F3Z| 00000250 f2 79 32 6b 4e a0 6b 76 53 53 04 73 86 fd bd e2 |.y2kN.kvSS.s....| 00000260 f7 f8 14 0f 0a a8 10 6d a1 bf f8 d0 27 8d cb e8 |.......m....'...| 00000270 a5 51 16 4b 11 a2 8a 6f 22 c5 7c bc c5 7a 0b df |.Q.K...o".|..z..| 00000280 70 1d c4 93 ec 87 78 12 77 e3 85 5a 3c 29 d8 f7 |p.....x.w..Z<)..| 00000290 ab a4 c6 10 50 ed d5 2a 3f b1 84 73 1e 7f 99 eb |....P..*?..s....| 000002a0 31 9c 2c d2 6a 80 4a 5e 7c aa 64 e7 83 df a9 17 |1.,.j.J^|.d.....| 000002b0 c3 4c 13 c8 c1 d7 1b f5 be c9 00 cf ec 7e a5 ab |.L...........~..| 000002c0 89 9c b0 72 fd f0 cb 54 17 03 03 00 a4 28 34 92 |...r...T.....(4.| 000002d0 a7 52 92 5d a0 99 6b e6 22 c5 f6 76 86 1b 0b d6 |.R.]..k."..v....| 000002e0 b7 a8 67 c1 04 b8 1c ac 7b 02 f5 0a 20 41 dd 43 |..g.....{... A.C| 000002f0 25 cc 01 f9 dc 6e c7 f7 4f 67 dd b3 54 81 80 d5 |%....n..Og..T...| 00000300 6d 45 00 42 d0 49 23 d5 12 33 e4 5f fd 58 79 81 |mE.B.I#..3._.Xy.| 00000310 e3 df 67 6d 03 44 58 0f 76 38 c3 de ed 26 90 29 |..gm.DX.v8...&.)| 00000320 45 92 ce 3b fa ea 98 da ea a2 d2 cc c6 0e a8 38 |E..;...........8| 00000330 c1 2d 92 8c 48 79 58 25 75 fd 2d 6d ef 06 32 1a |.-..HyX%u.-m..2.| 00000340 bb 09 fa 66 bc 06 9d c5 fb 46 94 5e b1 73 8d 05 |...f.....F.^.s..| 00000350 e1 90 24 c3 eb 72 7f a8 b7 12 a3 3c 11 29 ea 80 |..$..r.....<.)..| 00000360 10 4e 19 40 25 0b c9 34 70 99 e9 1a 60 17 bb 5b |.N.@%..4p...`..[| 00000370 1a 17 03 03 00 35 91 4b 45 15 d5 2e 33 a7 ba 9b |.....5.KE...3...| 00000380 64 20 bb 72 28 06 27 37 2f ac c9 c0 9e b9 d8 f3 |d .r(.'7/.......| 00000390 86 36 d2 7d df c2 4d 95 a5 a4 4b 64 5f 1a 83 67 |.6.}..M...Kd_..g| 000003a0 f6 6a 21 ff d0 b4 1c 65 23 62 ac |.j!....e#b.| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 10 bd 5d 23 36 |..........5..]#6| 00000010 58 43 f4 bb 5e 4e ee 43 fd 0e a1 d9 de 81 99 54 |XC..^N.C.......T| 00000020 de 6e 82 33 71 8a 45 a7 35 f1 cd fb 5f bf 46 20 |.n.3q.E.5..._.F | 00000030 a5 79 d6 87 aa f4 29 51 02 f5 4e 69 ef a5 d7 d6 |.y....)Q..Ni....| 00000040 17 03 03 00 17 21 1f 90 0b 01 63 89 6a af 53 72 |.....!....c.j.Sr| 00000050 51 c0 11 01 7b 09 dd 40 82 dd e1 32 17 03 03 00 |Q...{..@...2....| 00000060 13 93 5d c1 19 16 5c 17 1a 7b 92 a0 9b f5 14 57 |..]...\..{.....W| 00000070 85 39 4a ac |.9J.| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-Ed25519000066400000000000000000000121321373277661100251240ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 a8 21 4e 51 6a |....z...v...!NQj| 00000010 ce ba 17 cc 2d 25 b3 31 59 6a 3f 81 eb e6 ac a0 |....-%.1Yj?.....| 00000020 91 d9 ef 76 a1 5f bb 63 ab 2c 6b 20 00 00 00 00 |...v._.c.,k ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 81 |..+.....3.$... .| 00000060 4c a8 07 aa 6b 4a f9 44 77 78 a9 57 d0 07 55 07 |L...kJ.Dwx.W..U.| 00000070 9a c2 8e 33 bf c4 09 ee 49 51 5c fe f1 7b 30 14 |...3....IQ\..{0.| 00000080 03 03 00 01 01 17 03 03 00 17 5a 22 a1 07 01 ea |..........Z"....| 00000090 97 bd 5a 59 3a 21 de 9c 45 0c 41 ff 34 45 35 ab |..ZY:!..E.A.4E5.| 000000a0 25 17 03 03 01 50 a1 8c 19 e7 0c 69 d3 e0 f6 53 |%....P.....i...S| 000000b0 95 15 13 4c e3 c3 3f 35 d9 73 c9 fe 24 b0 14 5f |...L..?5.s..$.._| 000000c0 b6 9e 94 20 cf 80 f7 88 7c 0f be 4c 70 16 00 2a |... ....|..Lp..*| 000000d0 55 02 aa a9 4b 7f a7 a5 b8 46 09 9e 18 78 78 66 |U...K....F...xxf| 000000e0 22 c2 31 19 12 f7 e4 7e f3 26 39 7d cd 5e 74 24 |".1....~.&9}.^t$| 000000f0 fb 75 7d b7 2c b5 fb e0 49 bd da 96 e1 c3 63 8f |.u}.,...I.....c.| 00000100 e3 28 43 bb 32 a7 fd 9c ab 54 ba ce 07 4a 23 35 |.(C.2....T...J#5| 00000110 a4 3a ff 43 40 19 ef 38 07 02 ba d6 c4 f0 bf 63 |.:.C@..8.......c| 00000120 aa b3 ea 55 d0 e1 a9 f3 cb 04 6b 1b 8d 35 3a f8 |...U......k..5:.| 00000130 0b 1c 40 99 fe b0 04 5f d1 5b 3f 4b be fe b5 96 |..@...._.[?K....| 00000140 f0 49 3d bf a5 92 f3 bd a6 4c 47 24 f8 b5 7c 45 |.I=......LG$..|E| 00000150 47 85 9b 08 a1 da 51 7a ce 3f 32 66 de 89 c0 c3 |G.....Qz.?2f....| 00000160 ac da 73 0d 15 14 18 e6 a0 7d 07 26 44 df 55 b7 |..s......}.&D.U.| 00000170 6e 4e fa c0 f5 5e 42 3a d9 29 d3 1d e6 cf 3c 8c |nN...^B:.)....<.| 00000180 6d c1 d9 f9 04 f0 57 dc 47 4e d1 e2 a1 f1 a1 c9 |m.....W.GN......| 00000190 2e da 97 4d 65 65 04 54 e7 80 f1 88 b2 34 26 61 |...Mee.T.....4&a| 000001a0 77 8a 1f bb 82 7f 4b ce b3 5a 55 60 e1 3a ef 95 |w.....K..ZU`.:..| 000001b0 bd 34 fc ef 2b 18 4b bb 8a cf ba 3a 69 43 f4 59 |.4..+.K....:iC.Y| 000001c0 98 a1 95 a3 22 f6 b5 1a 84 83 cf cb 90 eb 28 29 |....".........()| 000001d0 b3 84 e1 0d 37 9e 98 96 91 73 f1 7f d7 9b 71 38 |....7....s....q8| 000001e0 6e bc 2e 60 2d 27 0c 18 fd 2a b8 76 01 33 2f 95 |n..`-'...*.v.3/.| 000001f0 6e 0b bf 2b 26 5e 17 03 03 00 59 ed 43 2f e8 df |n..+&^....Y.C/..| 00000200 f3 2f 91 f3 dc 1b aa ff d3 3b 28 1f 78 21 fb e2 |./.......;(.x!..| 00000210 7d 6e 03 09 98 c1 23 09 d7 45 da b8 e0 5a e5 27 |}n....#..E...Z.'| 00000220 38 9a 2f da 9b d3 04 35 f5 b9 31 b0 c0 1f 8a 1e |8./....5..1.....| 00000230 d8 8a 19 f1 38 af a6 74 ac e5 b4 0d 45 83 b4 59 |....8..t....E..Y| 00000240 83 42 97 14 23 55 71 ef 66 8c 35 69 3f 2c 88 63 |.B..#Uq.f.5i?,.c| 00000250 8d 3b 05 fe 17 03 03 00 35 47 82 ec 22 f4 86 6a |.;......5G.."..j| 00000260 b7 c1 d8 64 3b 42 f4 ca 5c 3d ba a3 6a ea 77 6a |...d;B..\=..j.wj| 00000270 d6 52 e3 b0 42 fb c2 f1 2c b1 ef 44 ed 11 29 6d |.R..B...,..D..)m| 00000280 2b 6f 13 0f 42 48 a0 2e 5b ba a1 93 6b de |+o..BH..[...k.| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 11 45 8f b2 e0 |..........5.E...| 00000010 87 3d 09 94 93 16 19 04 3d 84 6c e5 14 5e c6 8b |.=......=.l..^..| 00000020 73 1a 53 4c d0 f4 11 27 0c 0d 05 c7 9d ba d0 04 |s.SL...'........| 00000030 37 ed 8b 8a 65 34 54 b1 07 36 92 8c 8c a8 30 b7 |7...e4T..6....0.| 00000040 17 03 03 00 17 ea fc b8 84 8d f0 9d 8e 1c 2c 65 |..............,e| 00000050 10 a8 69 7f dd 3c a4 80 45 5d c3 38 17 03 03 00 |..i..<..E].8....| 00000060 13 15 4b b7 23 2f 55 b0 ae d3 3f f6 68 c9 b2 ef |..K.#/U...?.h...| 00000070 d7 e2 18 49 |...I| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-ExportKeyingMaterial000066400000000000000000000154411373277661100303030ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 6d fb 70 07 b4 |....z...v..m.p..| 00000010 2d 14 d1 d1 88 17 6a a3 b1 c1 e7 23 4b 06 c4 fa |-.....j....#K...| 00000020 4a 0e e1 2c ce 5a d5 c7 8c ab f2 20 00 00 00 00 |J..,.Z..... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 4e |..+.....3.$... N| 00000060 fe 87 d7 81 71 25 ba 33 de 10 df 19 38 d8 af 43 |....q%.3....8..C| 00000070 58 3f 41 2e b9 b8 cb 1c 65 a7 cd 8d 00 b1 0e 14 |X?A.....e.......| 00000080 03 03 00 01 01 17 03 03 00 17 b3 63 09 54 ad 41 |...........c.T.A| 00000090 24 fe 2c 81 49 c8 86 88 c2 ad ba cd 45 77 51 c0 |$.,.I.......EwQ.| 000000a0 d5 17 03 03 02 6d 74 7d de 53 70 5c 11 d0 a7 68 |.....mt}.Sp\...h| 000000b0 8e 10 c9 cb cd 0c 25 ac 88 e7 17 54 8b 32 2c ee |......%....T.2,.| 000000c0 97 9c 3d f6 ce d1 83 70 ee c0 85 0c fc 61 ba db |..=....p.....a..| 000000d0 6d e0 04 26 6f b7 4e 44 4d 1c 5c 16 9a 57 4f e6 |m..&o.NDM.\..WO.| 000000e0 52 89 27 53 88 f8 93 91 ed b2 42 b4 4c f0 58 a3 |R.'S......B.L.X.| 000000f0 50 a7 af 2c 47 ac ad 8b 14 a0 9f d4 28 2e 7b 28 |P..,G.......(.{(| 00000100 8e ec d1 bb 7d d9 78 fb 24 82 9f 2a ac 4e 85 83 |....}.x.$..*.N..| 00000110 35 25 75 8f 9e 6d 4c 8a dd 6f 9f 9a 34 93 a2 9d |5%u..mL..o..4...| 00000120 d0 26 4c 7b a8 72 a3 12 b9 ef 6b c8 d0 4f 44 5b |.&L{.r....k..OD[| 00000130 dd f1 72 3a b4 5c 7e a8 8d d4 68 bc 6d 54 2c ee |..r:.\~...h.mT,.| 00000140 c1 f7 78 f1 15 cd 57 b5 54 89 08 f0 d8 56 ef 8d |..x...W.T....V..| 00000150 14 d1 e8 fd 83 bd ab 64 c1 99 36 4e af 81 27 52 |.......d..6N..'R| 00000160 0f 5e 31 5e c0 70 21 fb 05 40 d4 d2 71 df 0c 09 |.^1^.p!..@..q...| 00000170 31 83 b0 71 82 84 d9 90 6b 25 5a 67 03 30 c4 80 |1..q....k%Zg.0..| 00000180 2c 99 41 3f fa 51 ce a8 b4 b8 98 2a bc e9 cc ce |,.A?.Q.....*....| 00000190 f7 0c 69 a3 c3 02 dc b9 4f 00 ac 4f 29 d5 e5 df |..i.....O..O)...| 000001a0 df 67 3b ed 94 8e 80 3f aa 6e a8 b7 e0 7f 4d fd |.g;....?.n....M.| 000001b0 95 80 54 89 57 ff d7 73 86 bd e8 98 11 d5 09 c6 |..T.W..s........| 000001c0 ab af 1a a4 a0 cc 30 40 bc 63 dc d0 db 92 41 f5 |......0@.c....A.| 000001d0 5c 1e f1 92 03 5b 3f 27 23 1f 9c 8e f8 8b 4f 69 |\....[?'#.....Oi| 000001e0 0c 3d 09 e5 95 d8 ba 8c 90 cd ac 53 ed 77 8d 75 |.=.........S.w.u| 000001f0 3a 56 b4 f3 21 a5 4e c2 6e 1f 87 74 56 69 32 95 |:V..!.N.n..tVi2.| 00000200 29 56 07 2c 0d b3 74 47 28 6d 8f ef 56 f6 68 7f |)V.,..tG(m..V.h.| 00000210 25 e4 76 06 7c 82 40 11 f8 eb 3c ec 62 fa be 60 |%.v.|.@...<.b..`| 00000220 d3 11 98 e2 d4 b1 d0 72 3d e6 4a da f0 d6 c0 42 |.......r=.J....B| 00000230 8e a6 63 cc a1 41 e3 18 21 00 ac cc 98 f8 8d 78 |..c..A..!......x| 00000240 ab 9b 39 16 ad 4c fd 11 15 79 0c fd 0e 87 45 d6 |..9..L...y....E.| 00000250 81 30 bb 3a 72 89 92 c1 fa e8 ad 59 3b 8b b0 38 |.0.:r......Y;..8| 00000260 2d c3 6e 87 a8 b8 1f 7d a0 b3 e6 91 83 97 78 94 |-.n....}......x.| 00000270 f0 01 66 a2 c8 89 45 8e 2e a0 7e 89 4d 7f 49 ee |..f...E...~.M.I.| 00000280 2a 69 c0 ec 77 db 85 df 01 d9 02 36 df 94 81 01 |*i..w......6....| 00000290 aa 43 a2 3d 76 8c c3 21 bf 05 c3 b2 c4 28 85 65 |.C.=v..!.....(.e| 000002a0 7b 4a ac e3 45 40 77 1d a9 ee 1e e9 97 7c 2f 45 |{J..E@w......|/E| 000002b0 45 18 58 47 ab 51 0f 26 eb d5 bb ac c2 8b a9 ae |E.XG.Q.&........| 000002c0 65 6a 91 9b 13 93 69 c6 9d bc 61 23 20 d2 ad a0 |ej....i...a# ...| 000002d0 d3 f9 2d 32 79 e3 4b 07 90 32 9e e1 f3 13 18 b0 |..-2y.K..2......| 000002e0 65 6e 89 a5 45 c6 a1 9b f0 f6 d1 66 d3 e7 49 1a |en..E......f..I.| 000002f0 b8 e2 17 cd d0 13 9c e6 e1 77 87 a4 8b 6a d3 74 |.........w...j.t| 00000300 0e 85 b1 2c f3 c8 a8 f3 65 b3 71 c2 bb f5 95 d7 |...,....e.q.....| 00000310 81 78 45 17 03 03 00 99 1e 53 96 f9 b9 97 ec 53 |.xE......S.....S| 00000320 4e 97 a9 8c 01 06 ee 6b 31 47 93 4b ac f7 b6 4a |N......k1G.K...J| 00000330 15 bb 28 d7 87 73 7c 1d 3b d3 6b 9d 48 77 df 09 |..(..s|.;.k.Hw..| 00000340 c9 97 98 b6 d6 20 94 8a ed 71 08 2d 56 af b2 b8 |..... ...q.-V...| 00000350 20 fc d7 81 e4 53 eb 57 6a bd 9b 1c 11 4f 2e fb | ....S.Wj....O..| 00000360 9a 0e 65 08 69 df 28 70 a7 50 21 62 9f 63 39 db |..e.i.(p.P!b.c9.| 00000370 9e 73 40 5d 73 77 a7 1d 2e 79 61 fa b9 50 f0 70 |.s@]sw...ya..P.p| 00000380 1e 71 d1 9e c6 2f 8c 4c 5f e0 b1 37 d7 c9 ab fc |.q.../.L_..7....| 00000390 5f 6a ca a9 9e 27 38 42 78 ba fb e6 8e c2 3f a6 |_j...'8Bx.....?.| 000003a0 a0 c6 04 b6 d8 b7 3a 68 83 15 3b 70 f9 0a 27 4a |......:h..;p..'J| 000003b0 0a 17 03 03 00 35 d0 88 b7 b8 cf 81 4e 97 76 96 |.....5......N.v.| 000003c0 c2 ed e8 15 e4 01 54 2b 1f 0e 34 08 52 6c a8 6a |......T+..4.Rl.j| 000003d0 cf 04 29 7b 27 fb e9 1e d1 6c d2 28 15 03 2a 58 |..){'....l.(..*X| 000003e0 d4 eb 67 18 83 3f d4 2a ab 9f aa |..g..?.*...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 02 ed 34 8f 83 |..........5..4..| 00000010 44 27 8b 71 af c1 06 33 0b 25 aa 22 85 96 41 75 |D'.q...3.%."..Au| 00000020 4f fe 46 82 ba 95 91 4c cc a9 99 60 5c f7 72 7f |O.F....L...`\.r.| 00000030 e4 1f e4 99 6a c2 25 db d0 11 5d fc d6 28 8f 56 |....j.%...]..(.V| 00000040 17 03 03 00 17 fe e8 cf ed a0 7a ce 77 57 e6 aa |..........z.wW..| 00000050 f0 ce 6d 2f 5c e5 1f 7d 37 c8 91 cf 17 03 03 00 |..m/\..}7.......| 00000060 13 a4 a9 4c b5 33 38 4a 1e b7 65 9d 72 85 1b 79 |...L.38J..e.r..y| 00000070 79 87 e3 bf |y...| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-HelloRetryRequest000066400000000000000000000216301373277661100276330ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 f6 01 00 00 f2 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 77 00 05 00 05 01 00 00 00 00 00 0a 00 |...w............| 00000090 06 00 04 00 1d 00 17 00 0b 00 02 01 00 00 0d 00 |................| 000000a0 1a 00 18 08 04 04 03 08 07 08 05 08 06 04 01 05 |................| 000000b0 01 06 01 05 03 06 03 02 01 02 03 ff 01 00 01 00 |................| 000000c0 00 12 00 00 00 2b 00 09 08 03 04 03 03 03 02 03 |.....+..........| 000000d0 01 00 33 00 26 00 24 00 1d 00 20 2f e5 7d a3 47 |..3.&.$... /.}.G| 000000e0 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af |.bC.(.._.).0....| 000000f0 c4 cf c2 ed 90 99 5f 58 cb 3b 74 |......_X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 58 02 00 00 54 03 03 cf 21 ad 74 e5 |....X...T...!.t.| 00000010 9a 61 11 be 1d 8c 02 1e 65 b8 91 c2 a2 11 16 7a |.a......e......z| 00000020 bb 8c 5e 07 9e 09 e2 c8 a8 33 9c 20 00 00 00 00 |..^......3. ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 0c 00 2b 00 02 03 04 00 33 00 02 00 17 14 03 03 |..+.....3.......| 00000060 00 01 01 |...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 16 03 03 01 17 01 00 01 13 03 |................| 00000010 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000030 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |. ..............| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000050 00 00 00 32 cc a8 cc a9 c0 2f c0 2b c0 30 c0 2c |...2...../.+.0.,| 00000060 c0 27 c0 13 c0 23 c0 09 c0 14 c0 0a 00 9c 00 9d |.'...#..........| 00000070 00 3c 00 2f 00 35 c0 12 00 0a 00 05 c0 11 c0 07 |.<./.5..........| 00000080 13 01 13 03 13 02 01 00 00 98 00 05 00 05 01 00 |................| 00000090 00 00 00 00 0a 00 06 00 04 00 1d 00 17 00 0b 00 |................| 000000a0 02 01 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 |................| 000000b0 05 08 06 04 01 05 01 06 01 05 03 06 03 02 01 02 |................| 000000c0 03 ff 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 |...........+....| 000000d0 04 03 03 03 02 03 01 00 33 00 47 00 45 00 17 00 |........3.G.E...| 000000e0 41 04 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 |A...7...Q.5uq..T| 000000f0 5b 12 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 |[....g..$ >.V...| 00000100 28 5e f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 |(^.+-O....lK[.V.| 00000110 32 42 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc |2B.X..I..h.A.Vk.| 00000120 5a 89 |Z.| >>> Flow 4 (server to client) 00000000 16 03 03 00 9b 02 00 00 97 03 03 b5 7c 4a c4 82 |............|J..| 00000010 67 2c 0d e4 cf 12 5a 8c fc 44 10 da 7e ef ec ae |g,....Z..D..~...| 00000020 bc 59 6c 7d 62 b1 d8 95 5d 9d 3b 20 00 00 00 00 |.Yl}b...].; ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 4f 00 2b 00 02 03 04 00 33 00 45 00 17 00 41 04 |O.+.....3.E...A.| 00000060 51 c8 a4 d2 63 ec a1 b7 72 7e 42 30 8e d2 eb b0 |Q...c...r~B0....| 00000070 3c e0 06 d0 69 39 b7 55 ee 47 c3 b3 b6 56 2d df |<...i9.U.G...V-.| 00000080 3e 0c 1c 92 cf f6 c4 52 13 90 fa e6 52 13 e6 6d |>......R....R..m| 00000090 35 46 de 60 05 a1 85 a9 ec 86 dc da 19 4d 21 67 |5F.`.........M!g| 000000a0 17 03 03 00 17 d7 59 69 75 49 13 ac 27 ad 1c a9 |......YiuI..'...| 000000b0 17 68 46 77 a2 22 0a f5 6f ce 70 67 17 03 03 02 |.hFw."..o.pg....| 000000c0 6d ee 92 51 b3 07 0f 46 be 24 a1 12 02 7e d1 d4 |m..Q...F.$...~..| 000000d0 b1 2e f5 87 f5 96 ed 00 77 f1 ad 1b 8e cd 1d 01 |........w.......| 000000e0 41 78 6a ff 68 9f 6d ac fe 92 8a c5 43 d2 c9 1d |Axj.h.m.....C...| 000000f0 a8 d8 0f 00 7e c1 06 a9 16 ba 13 94 e7 d9 cd e1 |....~...........| 00000100 01 fd 52 12 be b0 04 14 85 d3 06 a2 63 d7 16 7a |..R.........c..z| 00000110 06 5f 1f c2 31 ea 27 1a a5 1d f6 39 d2 b1 99 8c |._..1.'....9....| 00000120 e0 71 32 3b ef 4e d3 1c 21 3f 30 59 5b 3e 1f 64 |.q2;.N..!?0Y[>.d| 00000130 3c 27 35 0f ee f4 75 5c 53 38 f8 43 87 55 88 28 |<'5...u\S8.C.U.(| 00000140 17 8f 4c 2d 73 d0 bd db 43 25 2f da fb f3 f7 b4 |..L-s...C%/.....| 00000150 63 90 08 24 c6 b3 ae 91 00 2d 4f bd af bc 22 82 |c..$.....-O...".| 00000160 08 ef 29 c9 49 d2 73 97 ce 6c 8d 1e a2 cb 53 ff |..).I.s..l....S.| 00000170 fe 9c b1 14 58 6f 45 bf ee 93 c0 9b 96 86 54 1a |....XoE.......T.| 00000180 fc fe 84 c3 88 13 92 d4 d7 de 00 07 d4 f7 ef 8e |................| 00000190 5e 5f b0 12 c9 6a 81 df 05 e6 c3 a1 f6 8a bc 06 |^_...j..........| 000001a0 bc 45 47 06 d4 45 70 78 f9 16 0f d2 f4 ae b5 94 |.EG..Epx........| 000001b0 e6 ac b5 bf e3 40 d1 fe 20 07 23 f8 65 fe 57 b2 |.....@.. .#.e.W.| 000001c0 63 a0 db 7b fa 12 25 2b 1f 1c df 66 ee c4 84 80 |c..{..%+...f....| 000001d0 4a 95 64 3d 9f c2 e9 eb 7c 59 72 1c 52 68 fa 5a |J.d=....|Yr.Rh.Z| 000001e0 b3 d6 9e dc 51 d6 ac 0b 34 f1 66 42 4b 99 1d cb |....Q...4.fBK...| 000001f0 94 f4 08 c6 57 f9 97 87 54 9c 3b ba 4e 21 c7 b3 |....W...T.;.N!..| 00000200 a0 d9 41 33 22 c4 3f a4 29 e4 7a 3c a1 86 e0 65 |..A3".?.).z<...e| 00000210 f4 ff 67 c5 32 ae 16 01 67 8e 16 d7 28 5e b3 19 |..g.2...g...(^..| 00000220 c6 18 c7 27 0d 01 8e 04 87 fb 6b f9 72 ee 00 ff |...'......k.r...| 00000230 25 f9 c5 dd bc 30 45 63 2d 4d 2d 9d ea 7f 54 aa |%....0Ec-M-...T.| 00000240 ac 9e d8 a2 ae c2 e3 64 b7 3d 54 56 67 39 e8 96 |.......d.=TVg9..| 00000250 a5 5d fd 1e 01 2a 0c 7d ee f1 4e fc 1b 19 f9 ef |.]...*.}..N.....| 00000260 60 dd e1 b2 94 f3 5f 54 d4 05 f7 86 83 6f 97 43 |`....._T.....o.C| 00000270 4e 30 c1 49 cc 5e 98 10 5c 4e 32 84 97 70 c8 b9 |N0.I.^..\N2..p..| 00000280 6d 0b c2 23 ab f9 e8 85 6f 0a 2a 99 e7 12 33 e8 |m..#....o.*...3.| 00000290 f2 62 6f 65 0c 3d ff 9f e6 15 eb 1d 24 0e e9 8a |.boe.=......$...| 000002a0 28 e0 09 31 23 a4 5c 2c 25 49 b4 0c 5f 18 e1 12 |(..1#.\,%I.._...| 000002b0 82 16 6e 79 68 21 fb 5a 68 73 dd f7 2f aa e2 f9 |..nyh!.Zhs../...| 000002c0 85 8d af c6 84 50 af 84 95 12 c8 32 a6 eb f0 93 |.....P.....2....| 000002d0 a2 bd 97 d3 ba 76 a8 2e a2 44 2f 98 23 ca 78 cd |.....v...D/.#.x.| 000002e0 7a 5f bf ab 19 00 72 b5 b3 e0 a7 b5 da 47 05 c8 |z_....r......G..| 000002f0 44 0b 6c 7f 0b 4c 99 79 3c 47 7e e9 25 bd a8 4d |D.l..L.yOh.'.%..| 00000390 1f 89 9e 21 34 97 b9 7e 6e 2a c2 df 47 22 7d a6 |...!4..~n*..G"}.| 000003a0 aa 7a 4a fd 11 b0 73 10 f5 16 8b 2c 3a af a6 7a |.zJ...s....,:..z| 000003b0 cc 3d 4b f0 36 43 60 db 53 2a 4e 2c 1b 2c 0a 54 |.=K.6C`.S*N,.,.T| 000003c0 01 ff ad 7e 93 a8 d0 76 da 5a 88 88 17 03 03 00 |...~...v.Z......| 000003d0 35 d0 36 70 7c 4c 6a 10 bd 43 50 2c 47 74 f9 ed |5.6p|Lj..CP,Gt..| 000003e0 9f 0b d7 33 82 74 2f fd 81 4d 08 d6 cf f4 13 4e |...3.t/..M.....N| 000003f0 de ec 84 bf 79 35 ee 72 8a a3 d0 61 29 94 ad 79 |....y5.r...a)..y| 00000400 04 42 0f 2b 65 a1 |.B.+e.| >>> Flow 5 (client to server) 00000000 17 03 03 00 35 4b f7 dd b6 64 32 61 42 e7 b2 93 |....5K...d2aB...| 00000010 b8 4b dd 7c 25 c6 57 5b 68 d5 f2 d9 27 85 ee cf |.K.|%.W[h...'...| 00000020 09 44 79 8d 8e 14 0f 84 44 e5 16 a9 bf d9 14 bb |.Dy.....D.......| 00000030 22 73 c7 a9 24 c1 dd 38 1e 63 17 03 03 00 17 63 |"s..$..8.c.....c| 00000040 56 45 91 62 9c 00 4b d6 ae f4 dc 17 a2 89 55 0d |VE.b..K.......U.| 00000050 c3 d4 f3 12 8b bf 17 03 03 00 13 1f ac ed f8 80 |................| 00000060 31 7f 75 9f 6c a1 48 6e 20 89 b8 45 08 33 |1.u.l.Hn ..E.3| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-KeyUpdate000066400000000000000000000170101373277661100260610ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 fa 01 00 00 f6 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 7b 00 05 00 05 01 00 00 00 00 00 0a 00 |...{............| 00000090 0a 00 08 00 1d 00 17 00 18 00 19 00 0b 00 02 01 |................| 000000a0 00 00 0d 00 1a 00 18 08 04 04 03 08 07 08 05 08 |................| 000000b0 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 ff |................| 000000c0 01 00 01 00 00 12 00 00 00 2b 00 09 08 03 04 03 |.........+......| 000000d0 03 03 02 03 01 00 33 00 26 00 24 00 1d 00 20 2f |......3.&.$... /| 000000e0 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 000000f0 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 |.........._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 a2 49 b5 61 fe |....z...v...I.a.| 00000010 e3 52 ca 87 58 57 0f ec bc 71 51 a9 50 7c ac 5e |.R..XW...qQ.P|.^| 00000020 af 4e 47 56 81 6c 92 d9 10 3d d0 20 00 00 00 00 |.NGV.l...=. ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 75 |..+.....3.$... u| 00000060 c4 ba b0 c4 9b a0 57 6a ca e4 9c c6 eb f8 66 5a |......Wj......fZ| 00000070 d4 64 36 34 71 9d 6d 0f 2f 34 b8 ad b7 4a 55 14 |.d64q.m./4...JU.| 00000080 03 03 00 01 01 17 03 03 00 17 ec 4c 36 aa 81 cf |...........L6...| 00000090 61 2c 2f 6c 35 e8 25 62 54 17 ae 9b 46 b0 96 f5 |a,/l5.%bT...F...| 000000a0 0f 17 03 03 02 6d 6f 6c 27 e5 53 42 db 32 b4 2c |.....mol'.SB.2.,| 000000b0 6a 70 56 a7 0d 3a 7f a3 d7 fe 04 4f 0a 3e 52 8c |jpV..:.....O.>R.| 000000c0 52 1e 3a 26 5d 47 b1 6b da 90 e2 74 50 0d 6e fa |R.:&]G.k...tP.n.| 000000d0 1b 3f 17 3b 21 f7 fa f7 c7 c3 e3 14 05 09 76 b2 |.?.;!.........v.| 000000e0 27 66 bc 42 7e 49 4b ff 3a f1 3f a3 1a d4 9e 03 |'f.B~IK.:.?.....| 000000f0 3f b6 a8 87 98 50 f3 d8 cb 8b a2 e9 2a ea ff bc |?....P......*...| 00000100 50 18 d0 57 58 c5 e9 c8 96 67 01 8b e2 a3 f4 77 |P..WX....g.....w| 00000110 5e 1d 93 89 b6 f6 57 7d 93 b6 62 86 0a 21 18 56 |^.....W}..b..!.V| 00000120 8c 14 25 df 47 1a b3 23 e6 99 d1 fc dc 07 0a 38 |..%.G..#.......8| 00000130 9a 05 c8 3f 23 5c c5 d3 c4 48 fb b2 fd 9f 83 37 |...?#\...H.....7| 00000140 1d 0c 85 9c 2b e6 ae 42 aa ad d4 5a 9e 49 89 b7 |....+..B...Z.I..| 00000150 b0 c2 c5 ec 42 89 88 87 6e 54 3d 73 b2 f1 5f 0f |....B...nT=s.._.| 00000160 4b 49 3f 6b a3 8f 5f 99 bf fe af e9 25 ac 27 b7 |KI?k.._.....%.'.| 00000170 e7 96 bb 4a c8 e8 9e f1 2c 23 c2 e7 96 ba b4 fe |...J....,#......| 00000180 d5 94 b5 72 82 bd 7f c2 e1 af b4 bd db c7 15 20 |...r........... | 00000190 85 60 bb 02 f6 4b ef 09 3e a1 4e b9 77 64 0a 4a |.`...K..>.N.wd.J| 000001a0 2c 05 82 96 91 be 23 44 50 c1 c5 6c 05 55 51 42 |,.....#DP..l.UQB| 000001b0 84 87 20 71 65 8d 09 86 66 fa 88 8b 54 21 44 34 |.. qe...f...T!D4| 000001c0 df 6f ce a3 e9 12 4a e0 90 76 bb 1a f5 00 79 cb |.o....J..v....y.| 000001d0 d8 82 3b 88 c8 6a 5b a1 49 49 a0 c0 f7 d9 8f 89 |..;..j[.II......| 000001e0 f2 04 59 2b 0c 6f e2 3f b8 a8 c9 aa bf 2e 18 74 |..Y+.o.?.......t| 000001f0 45 b5 35 34 9a bb fa 77 e8 46 b2 f8 6d 41 65 36 |E.54...w.F..mAe6| 00000200 d9 f8 64 81 a6 50 63 b4 73 3e fb f9 b3 3e 03 3d |..d..Pc.s>...>.=| 00000210 d1 f4 b5 c1 ac f8 3f 4d 73 b7 da 16 8a 37 c9 a7 |......?Ms....7..| 00000220 51 33 b1 68 69 19 0b 26 de a6 42 4d 22 a3 e8 c0 |Q3.hi..&..BM"...| 00000230 7b 1d 66 e7 70 26 44 f7 62 3f 3d 0d e2 02 50 61 |{.f.p&D.b?=...Pa| 00000240 db 9b 5e e4 49 e8 32 32 7a c0 03 37 a8 c6 85 80 |..^.I.22z..7....| 00000250 4a 7e 39 b5 ba 6c cb 6f 53 e5 90 d0 0d 9c 2e e5 |J~9..l.oS.......| 00000260 90 df 9b b1 c5 3f 16 98 a9 dd a1 b5 7a 48 04 0e |.....?......zH..| 00000270 15 f9 60 a7 35 0b 33 a1 93 4b 73 5f b3 46 a6 43 |..`.5.3..Ks_.F.C| 00000280 ea a3 6e 4c fa bb 24 44 cd 48 85 c1 9f ea c2 14 |..nL..$D.H......| 00000290 92 48 2e 35 43 30 dc e6 76 23 0b e4 2f 28 13 c1 |.H.5C0..v#../(..| 000002a0 e1 bb 2d 9f de cf 10 8f c3 8f 48 eb 64 eb 6d ef |..-.......H.d.m.| 000002b0 2a b3 c5 d6 85 db a2 05 b2 46 f8 77 aa 2c fb 14 |*........F.w.,..| 000002c0 be 09 e7 11 33 88 cb 71 1b ca 46 cb 79 c6 99 eb |....3..q..F.y...| 000002d0 43 bb 59 c6 91 3b 0f 1a 76 cb c7 3b ef 07 c9 cb |C.Y..;..v..;....| 000002e0 3a 75 ac 14 d9 53 08 ca 4d 45 48 24 4a af 4e 94 |:u...S..MEH$J.N.| 000002f0 0e 81 31 63 d1 f6 67 25 7d c0 dd 02 05 1b ce 38 |..1c..g%}......8| 00000300 69 cf e7 6a bb b5 02 85 00 82 71 a6 e3 c0 33 b8 |i..j......q...3.| 00000310 78 51 55 17 03 03 00 99 b3 5c cb a4 a3 6c e9 fa |xQU......\...l..| 00000320 33 25 04 21 28 66 e7 d4 22 02 8f d4 3e cc e1 20 |3%.!(f.."...>.. | 00000330 15 5b 5a 55 14 d3 2b a5 de 7b 95 48 3c 26 68 22 |.[ZU..+..{.H<&h"| 00000340 a3 0d c6 ac 7f ec d3 7b fa 4d 51 20 6f 32 97 bc |.......{.MQ o2..| 00000350 fa 0c d6 8e bf ee 13 ca b3 cf 00 c5 f5 87 f1 cb |................| 00000360 9b 63 22 e6 61 99 83 78 69 1d 03 f1 0b 66 c5 c4 |.c".a..xi....f..| 00000370 2e 6f d8 b5 59 93 f7 40 3c 40 4e 1a 58 af b5 37 |.o..Y..@<@N.X..7| 00000380 ce dd 83 dd b1 78 a8 ba a3 35 f8 9f 0c 47 1e fb |.....x...5...G..| 00000390 aa 9b b5 5f 11 4c b9 0c c1 a0 01 47 87 f9 e6 1f |..._.L.....G....| 000003a0 d5 e5 3f a7 15 4d c8 a5 79 9c e5 bc 62 6f cb cd |..?..M..y...bo..| 000003b0 86 17 03 03 00 35 e7 4d 67 3a 39 5b ac 13 89 cc |.....5.Mg:9[....| 000003c0 c4 dc 20 2b a4 b2 3c 5d 96 f1 45 17 52 12 ed 85 |.. +..<]..E.R...| 000003d0 00 f0 7e 73 3a 6d a2 46 b8 59 7f e8 6f 46 06 e1 |..~s:m.F.Y..oF..| 000003e0 43 c9 ca af a9 3e ca d6 42 4b 41 |C....>..BKA| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 4d ad c5 c7 cc |..........5M....| 00000010 5a 34 8a f8 5f 71 83 af fa 94 df 2a 94 a0 c4 8e |Z4.._q.....*....| 00000020 5e 00 f7 02 e1 30 62 a5 49 27 58 0b 1f fa 46 98 |^....0b.I'X...F.| 00000030 f0 b8 6f 42 e3 3a 7f 26 77 b6 46 8f ab c6 5d d6 |..oB.:.&w.F...].| 00000040 17 03 03 00 17 90 81 68 7a 48 8d 3b 59 9e 11 6f |.......hzH.;Y..o| 00000050 86 b5 24 e4 d9 e0 60 9f c2 4f 3d 33 |..$...`..O=3| >>> Flow 4 (server to client) 00000000 17 03 03 00 16 94 83 fa cc 66 b4 60 c0 c7 6d b3 |.........f.`..m.| 00000010 6e 8c 84 9d 89 76 61 3d 69 fd 29 |n....va=i.)| >>> Flow 5 (client to server) 00000000 17 03 03 00 16 60 cb 39 3d 7d 79 01 88 93 bd bf |.....`.9=}y.....| 00000010 23 3b d1 f3 a4 5e 78 ea cd 0f 5e |#;...^x...^| >>> Flow 6 (server to client) 00000000 17 03 03 00 1a 88 13 b4 f1 5f cc 63 1e 99 9f 85 |........._.c....| 00000010 60 ff 0e 97 13 59 64 2a c3 0d 2b ac ca a2 25 |`....Yd*..+...%| >>> Flow 7 (client to server) 00000000 17 03 03 00 1d 4f f2 48 ea b8 d6 75 8e 97 ab 54 |.....O.H...u...T| 00000010 29 57 50 5b 59 40 59 d3 7a 3c 01 43 6a 33 30 bb |)WP[Y@Y.z<.Cj30.| 00000020 d4 40 17 03 03 00 13 18 fc b7 ac eb e7 52 6d f0 |.@...........Rm.| 00000030 d4 d3 03 c6 5f 4e ea e3 7b 4e |...._N..{N| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-P256-ECDHE000066400000000000000000000161311373277661100254330ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 15 01 00 01 11 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 96 00 05 00 05 01 00 00 00 00 00 0a 00 |................| 00000090 04 00 02 00 17 00 0b 00 02 01 00 00 0d 00 1a 00 |................| 000000a0 18 08 04 04 03 08 07 08 05 08 06 04 01 05 01 06 |................| 000000b0 01 05 03 06 03 02 01 02 03 ff 01 00 01 00 00 12 |................| 000000c0 00 00 00 2b 00 09 08 03 04 03 03 03 02 03 01 00 |...+............| 000000d0 33 00 47 00 45 00 17 00 41 04 1e 18 37 ef 0d 19 |3.G.E...A...7...| 000000e0 51 88 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 |Q.5uq..T[....g..| 000000f0 24 20 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 |$ >.V...(^.+-O..| 00000100 07 9f 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 |..lK[.V.2B.X..I.| 00000110 b5 68 1a 41 03 56 6b dc 5a 89 |.h.A.Vk.Z.| >>> Flow 2 (server to client) 00000000 16 03 03 00 9b 02 00 00 97 03 03 b5 3c c8 fe 64 |............<..d| 00000010 f6 04 7d 28 a4 25 7c 1b f5 0b e6 6d 0b f5 2f ec |..}(.%|....m../.| 00000020 78 c1 bd 5a cf c8 19 d9 5c 54 72 20 00 00 00 00 |x..Z....\Tr ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 4f 00 2b 00 02 03 04 00 33 00 45 00 17 00 41 04 |O.+.....3.E...A.| 00000060 d7 63 55 0e 0d 7b fb 09 a9 61 92 70 2b 52 9c 38 |.cU..{...a.p+R.8| 00000070 2d e8 2a 68 27 b7 15 3e 4a 1e 92 c8 08 7b 5c c9 |-.*h'..>J....{\.| 00000080 8d d4 aa 97 63 42 a5 3e 4b e8 7d 37 98 d9 8c a6 |....cB.>K.}7....| 00000090 e7 c7 45 9f 73 48 bd c3 14 82 67 5b bb 19 bd a5 |..E.sH....g[....| 000000a0 14 03 03 00 01 01 17 03 03 00 17 67 d9 cb 2b d1 |...........g..+.| 000000b0 d2 30 7d b3 3f c1 77 5a 6c 87 41 2c 29 83 36 19 |.0}.?.wZl.A,).6.| 000000c0 74 38 17 03 03 02 6d ac 0c 4f fe b5 93 6a fa 9f |t8....m..O...j..| 000000d0 e9 76 a7 c3 8a bb 4a 64 7a 04 35 58 e6 a2 d8 7a |.v....Jdz.5X...z| 000000e0 cf 99 1c 60 13 1a ca c6 e6 10 11 7a f1 f4 be ec |...`.......z....| 000000f0 1d 2d db b1 a5 3a dd 7e 10 2b 65 ca 40 b2 5f fc |.-...:.~.+e.@._.| 00000100 3f c9 df 7d 26 c1 fc b7 2d 67 a1 2d a2 22 b3 40 |?..}&...-g.-.".@| 00000110 79 d4 c8 b6 73 f7 93 8a 97 4f b7 ab b6 0c ca 14 |y...s....O......| 00000120 3c 1e 6c 27 c0 be 01 d7 98 ef 93 78 f5 14 15 21 |<.l'.......x...!| 00000130 4c f8 8e a6 f7 72 b2 b7 bc c2 3e 9b b7 e4 0d 15 |L....r....>.....| 00000140 b5 69 75 e9 61 10 e4 d5 8e 60 44 88 bf 5f df f9 |.iu.a....`D.._..| 00000150 8d 70 54 4e f6 0f 37 70 ff b8 6b c0 4f fb 61 c1 |.pTN..7p..k.O.a.| 00000160 48 00 96 9b da 05 0f 78 7a 87 f5 b1 69 f6 4f 8e |H......xz...i.O.| 00000170 80 74 7b e0 e5 b7 0f ba 7d 9d 4c ff c9 d7 7c b9 |.t{.....}.L...|.| 00000180 f0 bd dd 34 8e 77 5f 3b 48 10 10 6f ed c7 84 15 |...4.w_;H..o....| 00000190 7a 0c 26 3e 5d 9d 58 07 02 8c e3 fa f0 6b 86 df |z.&>].X......k..| 000001a0 76 af 3c 13 c4 93 28 7a 17 04 98 91 26 72 5f aa |v.<...(z....&r_.| 000001b0 cf b2 9e 37 a9 93 12 bd 1d 92 64 b8 82 60 b0 b5 |...7......d..`..| 000001c0 1d 2c 4e 18 24 11 3b 52 33 05 f0 3b f2 27 ed a6 |.,N.$.;R3..;.'..| 000001d0 f6 4a 82 b6 df 05 a0 07 a3 9d 73 0a 3c 7f 02 47 |.J........s.<..G| 000001e0 60 c8 aa 20 b4 9c cd 48 12 a3 82 fe 99 4e 0c bb |`.. ...H.....N..| 000001f0 ec 4f 10 75 26 99 a4 ed 5e 4a 34 51 38 88 2c 3c |.O.u&...^J4Q8.,<| 00000200 0b 8d f8 65 84 38 47 c8 31 30 82 71 3f 54 e3 3f |...e.8G.10.q?T.?| 00000210 f1 e6 2c ef a3 fe 02 34 16 58 21 55 6e 0f 95 d3 |..,....4.X!Un...| 00000220 3e 18 e5 c4 fa 95 65 07 d8 4b 31 4b fa a7 85 74 |>.....e..K1K...t| 00000230 6c 1c a3 7c 7b c6 20 e0 1f 28 33 6d 61 93 d0 7d |l..|{. ..(3ma..}| 00000240 e7 c4 5c 27 c9 d9 ca f9 fe 21 6f 7f 05 34 37 54 |..\'.....!o..47T| 00000250 30 59 68 e1 04 36 60 52 d7 fc 4f 8c 67 f6 42 88 |0Yh..6`R..O.g.B.| 00000260 bc 41 5f 8e 2c 05 dd 6a b0 49 6c d8 8e 9c 9e 06 |.A_.,..j.Il.....| 00000270 35 f9 f1 33 f2 54 b0 3f 9e bd 4f c7 48 aa a3 9e |5..3.T.?..O.H...| 00000280 fe 69 79 16 e0 5a ca 48 72 fe 52 4a f1 6f f1 e0 |.iy..Z.Hr.RJ.o..| 00000290 8c fe 16 15 ce c9 87 dc 9b 66 4d 3a bb 05 21 82 |.........fM:..!.| 000002a0 21 65 cb 7b da 06 1a 0b 53 ee 60 e4 79 0f bc 5d |!e.{....S.`.y..]| 000002b0 b6 52 fd 3b 33 28 97 6c 67 d7 ab 3d b0 da bb ac |.R.;3(.lg..=....| 000002c0 0d d9 06 81 a3 6c 1f ad b8 05 20 63 2b c7 cb 4b |.....l.... c+..K| 000002d0 e2 96 6e 3d f1 9c 0a 6a c6 01 3e 3a d0 54 c8 09 |..n=...j..>:.T..| 000002e0 9b 17 a0 cc d6 d0 82 d1 02 a8 eb 9d 91 7e 30 b9 |.............~0.| 000002f0 3d 5e 6d 43 fc 50 f8 9f 80 67 7a e3 33 30 cd b7 |=^mC.P...gz.30..| 00000300 00 b3 bc 17 50 82 6c 80 67 bd c4 12 11 b1 53 22 |....P.l.g.....S"| 00000310 96 67 07 90 d4 54 5c f1 5d ca cd f8 b5 35 94 e0 |.g...T\.]....5..| 00000320 21 e6 58 d7 b0 32 ca 24 90 11 30 f5 2b 1d ca 3d |!.X..2.$..0.+..=| 00000330 6a 6d 35 fa 17 03 03 00 99 ad ab 79 79 28 a0 a9 |jm5........yy(..| 00000340 9a cd 6d 8d 8c 92 2e 83 3d d4 be c7 50 61 f5 49 |..m.....=...Pa.I| 00000350 97 6c ab 92 d4 a7 1a 6f fc 5b dd 6e 73 0d bd d2 |.l.....o.[.ns...| 00000360 09 52 9f c9 de bb 8d 09 0a 4f e0 c5 9a 08 79 4c |.R.......O....yL| 00000370 fc 01 b3 94 45 f6 1d bd 8d 23 62 14 14 65 4c 2a |....E....#b..eL*| 00000380 d9 ad 8f 76 5a 5e 9d da 68 37 c7 b1 54 1e b4 bd |...vZ^..h7..T...| 00000390 d3 15 b8 89 94 87 8b 17 17 0f 4c dc db a8 3b 2f |..........L...;/| 000003a0 e5 e2 25 d6 ec f6 f4 bb ab d0 c5 7f 2a cb c6 57 |..%.........*..W| 000003b0 84 50 3a e7 62 8b 76 ae 6a 06 6b 85 1c 23 f1 d1 |.P:.b.v.j.k..#..| 000003c0 10 e2 6f 57 8c 20 7d da 2d f8 bc c5 df 4e 7c 22 |..oW. }.-....N|"| 000003d0 d8 36 17 03 03 00 35 62 fa d4 65 7f 9a 97 5b ec |.6....5b..e...[.| 000003e0 25 4a 3a 43 18 08 08 fb 7f 9d 3b 73 64 9e f3 7a |%J:C......;sd..z| 000003f0 28 f1 a0 0e 00 7a 51 74 0e 6b 90 c6 39 7a 09 98 |(....zQt.k..9z..| 00000400 6e d8 63 cc 1f f0 8f bc 37 66 27 a0 |n.c.....7f'.| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 ba 59 57 3e a3 |..........5.YW>.| 00000010 cd 02 7f 7c c2 16 f5 6b ec 42 66 aa a2 7a 3d 47 |...|...k.Bf..z=G| 00000020 43 c9 02 4b a3 72 d0 4d fa f8 32 28 1a 19 16 6a |C..K.r.M..2(...j| 00000030 7c 0e 4a 75 80 94 34 fe 30 7b d0 52 15 48 10 30 ||.Ju..4.0{.R.H.0| 00000040 17 03 03 00 17 5d de 53 df 00 21 ca 6d 69 ff 45 |.....].S..!.mi.E| 00000050 2e 53 57 db 3f 8d d8 6c 5a e1 f8 cc 17 03 03 00 |.SW.?..lZ.......| 00000060 13 43 d9 94 95 41 af 1d 80 a7 f2 28 2a 44 50 8d |.C...A.....(*DP.| 00000070 41 8f 82 09 |A...| golang-github-marten-seemann-qtls-0.10.0/testdata/Client-TLSv13-X25519-ECDHE000066400000000000000000000154331373277661100256200ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 f4 01 00 00 f0 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 |........... ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 32 cc a8 |.............2..| 00000050 cc a9 c0 2f c0 2b c0 30 c0 2c c0 27 c0 13 c0 23 |.../.+.0.,.'...#| 00000060 c0 09 c0 14 c0 0a 00 9c 00 9d 00 3c 00 2f 00 35 |...........<./.5| 00000070 c0 12 00 0a 00 05 c0 11 c0 07 13 01 13 03 13 02 |................| 00000080 01 00 00 75 00 05 00 05 01 00 00 00 00 00 0a 00 |...u............| 00000090 04 00 02 00 1d 00 0b 00 02 01 00 00 0d 00 1a 00 |................| 000000a0 18 08 04 04 03 08 07 08 05 08 06 04 01 05 01 06 |................| 000000b0 01 05 03 06 03 02 01 02 03 ff 01 00 01 00 00 12 |................| 000000c0 00 00 00 2b 00 09 08 03 04 03 03 03 02 03 01 00 |...+............| 000000d0 33 00 26 00 24 00 1d 00 20 2f e5 7d a3 47 cd 62 |3.&.$... /.}.G.b| 000000e0 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf |C.(.._.).0......| 000000f0 c2 ed 90 99 5f 58 cb 3b 74 |...._X.;t| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 5d 2e e6 ba 34 |....z...v..]...4| 00000010 6c 42 bb 48 58 fe c5 f0 95 f9 34 11 04 b5 2a f4 |lB.HX.....4...*.| 00000020 f1 16 41 db 14 a0 19 d8 43 7c 09 20 00 00 00 00 |..A.....C|. ....| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000040 00 00 00 00 00 00 00 00 00 00 00 00 13 01 00 00 |................| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 82 |..+.....3.$... .| 00000060 de 1b d1 83 7a e1 46 cc c7 36 15 62 48 07 6b f6 |....z.F..6.bH.k.| 00000070 eb 0a 53 a3 34 cd 34 ee cc 0c d0 c9 02 d5 38 14 |..S.4.4.......8.| 00000080 03 03 00 01 01 17 03 03 00 17 3d 0c 61 12 1b 55 |..........=.a..U| 00000090 6e f4 13 59 c8 4a e7 12 63 5d bf be 34 9f d7 2a |n..Y.J..c]..4..*| 000000a0 c2 17 03 03 02 6d 82 e8 43 93 e4 80 4d a7 d2 cf |.....m..C...M...| 000000b0 43 9d 71 8d cc 78 e8 e9 58 7e 28 53 57 6d 95 1e |C.q..x..X~(SWm..| 000000c0 fb 98 05 ec 66 47 d9 a1 6a b5 f4 28 09 4a 6c 4c |....fG..j..(.JlL| 000000d0 ee a0 1a 86 e7 29 c0 0e d8 e0 ca 2d bb 50 e4 34 |.....).....-.P.4| 000000e0 8d 66 be 54 b5 df 94 fc 69 0e a6 9a 76 8b 8f f5 |.f.T....i...v...| 000000f0 a9 01 1a 1d 8d b0 ae a9 0c 10 58 13 f9 91 80 43 |..........X....C| 00000100 69 f8 3f 03 14 8e 73 1a ce 52 72 86 3d 60 8b 0f |i.?...s..Rr.=`..| 00000110 38 e7 4b 43 f0 b3 4b 12 3a a7 cd 4b ac ef 7d fb |8.KC..K.:..K..}.| 00000120 27 3a 38 36 ad a5 90 eb 57 80 47 99 bc c6 58 55 |':86....W.G...XU| 00000130 15 6f 53 f7 83 ca 2b 89 ae be 23 9a 83 3c 6b b1 |.oS...+...#..>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 7d 5e 95 38 a2 |..........5}^.8.| 00000010 d3 f4 04 59 57 2a 1a 86 ac 12 8e 17 88 fb 52 25 |...YW*........R%| 00000020 1d 19 2c c5 ac 57 c9 bf af 07 e7 c1 4d f3 dd f0 |..,..W......M...| 00000030 13 ad a1 73 07 32 a4 c5 7c 9e ad 5a 88 59 57 4b |...s.2..|..Z.YWK| 00000040 17 03 03 00 17 e2 65 4f bd 1f bb 00 a1 6b ae a4 |......eO.....k..| 00000050 9d d3 d2 6e 7b 62 b5 09 19 d6 8f 1b 17 03 03 00 |...n{b..........| 00000060 13 96 de 94 2b a7 bb c5 4b 7e 02 b2 27 07 4d 49 |....+...K~..'.MI| 00000070 32 2b 83 48 |2+.H| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv10-ECDHE-ECDSA-AES000066400000000000000000000137051373277661100262550ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 63 01 00 00 5f 03 01 38 de f5 d6 ae |....c..._..8....| 00000010 46 71 e8 02 f2 45 88 b8 64 fb 6e 68 67 d1 7f e8 |Fq...E..d.nhg...| 00000020 49 71 1e a9 ec 8e 54 06 bb 2b 16 00 00 04 c0 0a |Iq....T..+......| 00000030 00 ff 01 00 00 32 00 00 00 0e 00 0c 00 00 09 31 |.....2.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 |........| >>> Flow 2 (server to client) 00000000 16 03 01 00 37 02 00 00 33 03 01 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 00 00 c0 0a 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 01 02 |................| 00000040 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 00 30 |...........0...0| 00000050 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 30 09 |..b.....-G....0.| 00000060 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 09 06 |..*.H.=..0E1.0..| 00000070 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 04 |.U....AU1.0...U.| 00000080 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 |...Some-State1!0| 00000090 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 |...U....Internet| 000000a0 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 64 | Widgits Pty Ltd| 000000b0 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 33 32 |0...121122150632| 000000c0 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 32 5a |Z..221120150632Z| 000000d0 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 |0E1.0...U....AU1| 000000e0 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 |.0...U....Some-S| 000000f0 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 |tate1!0...U....I| 00000100 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 |nternet Widgits | 00000110 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 2a 86 |Pty Ltd0..0...*.| 00000120 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 00000130 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 16 56 |.........Hs6~..V| 00000140 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 f6 b0 |.".=S.;M!=.ku...| 00000150 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 2f 1c |...&.....r2|.d/.| 00000160 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 e0 28 |...h#.~..%.H:i.(| 00000170 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 d8 81 |m.7...b....pb...| 00000180 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 de 76 |.d1...1...h..#.v| 00000190 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd 9b d8 |d?.\....XX._p...| 000001a0 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a 20 e2 |.........0f[f. .| 000001b0 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d 04 01 |'...;0...*.H.=..| 000001c0 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb e2 45 |....0...B...O..E| 000001d0 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e 1b b6 |.H}.......Gp.^..| 000001e0 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b 7e 92 |/...M.a@......~.| 000001f0 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 ec 47 |~.v..;~.?....Y.G| 00000200 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 4d fc |-|..N....o..B.M.| 00000210 be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 13 83 |.g..-...?..%.3..| 00000220 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd d7 11 |.....7z..z......| 00000230 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d ae cb |i..|V..1x+..x...| 00000240 be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f 2a 16 |..N6$1{j.9....*.| 00000250 03 01 00 b5 0c 00 00 b1 03 00 1d 20 2f e5 7d a3 |........... /.}.| 00000260 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000270 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 00 8b 30 81 |......._X.;t..0.| 00000280 88 02 42 01 ad 26 fd 16 9a 93 5f 87 ce 29 8c d2 |..B..&...._..)..| 00000290 56 a7 d2 59 56 bd d3 1f 90 54 bd af 91 81 25 ff |V..YV....T....%.| 000002a0 66 74 57 16 2f 31 f2 5a 48 97 03 b9 41 4c 8e bb |ftW./1.ZH...AL..| 000002b0 87 31 ed 71 84 37 63 78 9f 0a c7 9d 5e f3 5a 53 |.1.q.7cx....^.ZS| 000002c0 88 89 46 ba a7 02 42 00 92 74 15 1c 0e 1f 2f 95 |..F...B..t..../.| 000002d0 e5 79 d5 e9 90 ce d8 96 0d fd b8 42 55 00 94 08 |.y.........BU...| 000002e0 4e 47 a9 ea bd 67 0b 02 a6 9e 8b d3 09 e5 53 ea |NG...g........S.| 000002f0 03 22 2e 2d 78 2c 69 1d 28 ab 13 3d 0a 46 15 09 |.".-x,i.(..=.F..| 00000300 b6 0b 74 69 2d 5a 96 bf b6 16 03 01 00 04 0e 00 |..ti-Z..........| 00000310 00 00 |..| >>> Flow 3 (client to server) 00000000 16 03 01 00 25 10 00 00 21 20 82 c0 dd 83 c2 45 |....%...! .....E| 00000010 a2 bc 3a 2a ec ab 60 8e 02 e0 db 7c 59 83 c1 62 |..:*..`....|Y..b| 00000020 c7 cc 61 1e de dc 40 e4 65 6c 14 03 01 00 01 01 |..a...@.el......| 00000030 16 03 01 00 30 3e 26 56 0b a2 10 47 00 55 27 21 |....0>&V...G.U'!| 00000040 63 33 f2 7d 4b ba 77 5f e7 a7 09 7a 1f 51 85 f2 |c3.}K.w_...z.Q..| 00000050 46 a5 af 80 79 1a c7 72 bb 3d f9 dd 1d 83 05 22 |F...y..r.=....."| 00000060 c9 6c dd 91 d9 |.l...| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 38 fa fd 42 8f |..........08..B.| 00000010 80 5a 7c 33 d4 6c 72 f7 4e 2f 00 ab c2 86 58 9d |.Z|3.lr.N/....X.| 00000020 fc a5 43 fa ea 5b a1 ee a9 df df 9d 90 4c c0 e3 |..C..[.......L..| 00000030 10 09 c4 23 21 f9 e9 69 f5 f8 fa 17 03 01 00 20 |...#!..i....... | 00000040 1e 57 17 e4 96 06 32 d4 00 a3 98 ed bd 1c 61 78 |.W....2.......ax| 00000050 e7 0d 89 ec 84 c3 56 fa 75 73 87 6f 47 35 80 3f |......V.us.oG5.?| 00000060 17 03 01 00 30 4d 51 0a dd 70 6d b0 c2 d1 46 5c |....0MQ..pm...F\| 00000070 b5 03 87 de e6 65 d3 e2 83 e0 33 f8 a2 0a 29 7f |.....e....3...).| 00000080 6c 24 2b 1f 7b 2b 53 19 21 e9 62 6c 31 75 9c be |l$+.{+S.!.bl1u..| 00000090 5b b0 3d 5b 1a 15 03 01 00 20 19 51 64 4b 5a 9b |[.=[..... .QdKZ.| 000000a0 c8 2a 1c e7 9e 29 d9 df ad 1d 08 09 82 a3 b1 1d |.*...)..........| 000000b0 60 99 00 25 30 51 a1 72 b6 27 |`..%0Q.r.'| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv10-ExportKeyingMaterial000066400000000000000000000160241373277661100303260ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 75 01 00 00 71 03 01 a0 fd 51 a6 77 |....u...q....Q.w| 00000010 69 ee 39 14 8d 0f be a6 9c f7 95 aa 63 14 d2 90 |i.9.........c...| 00000020 1e 39 34 2c df d8 e4 92 2b a0 36 00 00 12 c0 0a |.94,....+.6.....| 00000030 c0 14 00 39 c0 09 c0 13 00 33 00 35 00 2f 00 ff |...9.....3.5./..| 00000040 01 00 00 36 00 00 00 0e 00 0c 00 00 09 31 32 37 |...6.........127| 00000050 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 00 0a |.0.0.1..........| 00000060 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 23 |...............#| 00000070 00 00 00 16 00 00 00 17 00 00 |..........| >>> Flow 2 (server to client) 00000000 16 03 01 00 3b 02 00 00 37 03 01 00 00 00 00 00 |....;...7.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 00 00 c0 14 00 00 |...DOWNGRD......| 00000030 0f 00 23 00 00 ff 01 00 01 00 00 0b 00 02 01 00 |..#.............| 00000040 16 03 01 02 59 0b 00 02 55 00 02 52 00 02 4f 30 |....Y...U..R..O0| 00000050 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 |..K0............| 00000060 f0 9d 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 |..?.[..0...*.H..| 00000070 0d 01 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 |......0.1.0...U.| 00000080 0a 13 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 |...Go1.0...U....| 00000090 47 6f 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 |Go Root0...16010| 000000a0 31 30 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 |1000000Z..250101| 000000b0 30 30 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 |000000Z0.1.0...U| 000000c0 04 0a 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 |....Go1.0...U...| 000000d0 02 47 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d |.Go0..0...*.H...| 000000e0 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 |.........0......| 000000f0 db 46 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 |.F}...'.H..(!.~.| 00000100 b6 a2 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 |..]..RE.z6G....B| 00000110 5b c2 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 |[.....y.@.Om..+.| 00000120 8b c2 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 |....g....."8.J.t| 00000130 73 2b c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c |s+.4......t{.X.l| 00000140 61 3c c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd |a<..A..++$#w[.;.| 00000150 75 5d ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a |u]. T..c...$....| 00000160 50 8b aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 |P....C...ub...R.| 00000170 02 03 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 |........0..0...U| 00000180 1d 0f 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 |...........0...U| 00000190 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 000001a0 06 08 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d |..+.......0...U.| 000001b0 13 01 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 |......0.0...U...| 000001c0 12 04 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 |.......CC>I..m..| 000001d0 d7 9f 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 |..`0...U.#..0...| 000001e0 48 13 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b |H.IM.~.1......n{| 000001f0 30 19 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 |0...U....0...exa| 00000200 6d 70 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a |mple.golang0...*| 00000210 86 48 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 |.H.............0| 00000220 cc 40 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 |.@+[P.a...SX...(| 00000230 a9 58 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 |.X..8....1Z..f=C| 00000240 d3 2d d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc |.-...... d8.$:..| 00000250 cf 9c 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd |..}.@ ._...a..v.| 00000260 13 c3 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb |.....\.....l..s.| 00000270 b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 |.Cw.......@.a.Lr| 00000280 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 |+...F..M...>...B| 00000290 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 |...=.`.\!.;.....| 000002a0 01 00 aa 0c 00 00 a6 03 00 1d 20 2f e5 7d a3 47 |.......... /.}.G| 000002b0 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af |.bC.(.._.).0....| 000002c0 c4 cf c2 ed 90 99 5f 58 cb 3b 74 00 80 00 9f b3 |......_X.;t.....| 000002d0 fa c1 71 14 e3 1a 6c 3f b6 61 15 e2 7b 99 c5 4c |..q...l?.a..{..L| 000002e0 39 e0 45 f8 9d d3 84 1a c4 fc 7c 51 32 3d 67 0b |9.E.......|Q2=g.| 000002f0 28 b8 8c 6d 66 7e ab 82 c9 f6 d0 49 62 96 2c af |(..mf~.....Ib.,.| 00000300 4f 0a d1 21 54 b8 3e ae 09 fd d8 85 10 cb da c4 |O..!T.>.........| 00000310 6f 42 16 cd 70 cd 33 b0 a5 e5 a1 c7 9a 35 41 3f |oB..p.3......5A?| 00000320 59 db a1 b3 f4 ae f6 72 9c a8 db f5 86 99 43 b3 |Y......r......C.| 00000330 8f bc 0f d9 0a 50 49 58 3b 17 fa 51 27 11 e9 95 |.....PIX;..Q'...| 00000340 8c bb 1a 31 11 bc a2 fa 2c 6b c2 6a 40 16 03 01 |...1....,k.j@...| 00000350 00 04 0e 00 00 00 |......| >>> Flow 3 (client to server) 00000000 16 03 01 00 25 10 00 00 21 20 bf 0c 33 f5 6a 06 |....%...! ..3.j.| 00000010 18 0a 74 ad 8b bd ef 9c 00 a3 c0 03 20 5b ea 69 |..t......... [.i| 00000020 09 18 b8 4a 30 13 c7 10 30 3a 14 03 01 00 01 01 |...J0...0:......| 00000030 16 03 01 00 30 04 6d f7 66 e9 7f 72 80 32 24 93 |....0.m.f..r.2$.| 00000040 2f 74 5e 34 c5 fb 19 a0 64 31 1e cb 63 03 fb 51 |/t^4....d1..c..Q| 00000050 5c d9 17 a8 b0 8a b6 74 e8 84 86 a5 33 d2 75 4a |\......t....3.uJ| 00000060 c0 bb 6a bb f3 |..j..| >>> Flow 4 (server to client) 00000000 16 03 01 00 82 04 00 00 7e 00 00 00 00 00 78 50 |........~.....xP| 00000010 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000030 6d ec a4 83 61 28 8e b8 1b 0e dd 7d 71 4a 36 c3 |m...a(.....}qJ6.| 00000040 6d cb c7 88 ed 19 c5 08 72 b9 25 fb 6c 29 b8 b2 |m.......r.%.l)..| 00000050 72 f8 27 c0 1e f2 86 16 54 0f 72 a9 6e 15 69 9e |r.'.....T.r.n.i.| 00000060 66 fe d1 05 20 33 94 32 40 82 bb e3 61 47 3a 8e |f... 3.2@...aG:.| 00000070 b7 45 92 8a 5c 84 64 eb 6c 1a 3c bb 2f be ce b2 |.E..\.d.l.<./...| 00000080 5f cb c9 be c4 ff d6 14 03 01 00 01 01 16 03 01 |_...............| 00000090 00 30 5e ff 91 82 d5 30 a4 fb cd 20 90 c1 2d 08 |.0^....0... ..-.| 000000a0 aa 19 d6 72 fa 74 07 95 df 14 eb 59 bb 0c 81 3f |...r.t.....Y...?| 000000b0 75 77 45 96 d8 3e 45 a7 42 1c f1 82 c0 04 4d 2e |uwE..>E.B.....M.| 000000c0 3f 07 17 03 01 00 20 54 90 60 76 16 5f 6b d0 3e |?..... T.`v._k.>| 000000d0 f6 bf f3 0a 5c b9 3b 19 cb df a6 94 28 04 24 ea |....\.;.....(.$.| 000000e0 73 1f 49 5e 23 f6 91 17 03 01 00 30 b5 97 eb 85 |s.I^#......0....| 000000f0 cc 17 86 b0 0d 24 bf 64 6d 4f 16 55 b0 f3 64 7c |.....$.dmO.U..d|| 00000100 75 3f e4 16 94 41 56 64 12 50 0e 7c 0c 1c e7 58 |u?...AVd.P.|...X| 00000110 4d 9c 82 d8 f5 5a 61 a3 d8 3c f5 04 15 03 01 00 |M....Za..<......| 00000120 20 59 6c e6 9e 4e 14 94 5d 61 94 b2 ba 0f eb 18 | Yl..N..]a......| 00000130 cf 10 5b f6 90 27 58 8e 10 54 36 d4 c7 52 37 2e |..[..'X..T6..R7.| 00000140 a0 |.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv10-RSA-3DES000066400000000000000000000132231373277661100253360ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 63 01 00 00 5f 03 01 25 03 63 bf 34 |....c..._..%.c.4| 00000010 89 c8 9e f6 e0 46 f8 30 5c e8 62 0a f7 db 68 c9 |.....F.0\.b...h.| 00000020 50 54 0e c2 15 f1 cb 07 66 06 3d 00 00 04 00 0a |PT......f.=.....| 00000030 00 ff 01 00 00 32 00 00 00 0e 00 0c 00 00 09 31 |.....2.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 |........| >>> Flow 2 (server to client) 00000000 16 03 01 00 37 02 00 00 33 03 01 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 00 00 00 0a 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 01 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 01 00 86 10 00 00 82 00 80 0f e9 83 ca 77 |...............w| 00000010 c8 26 16 24 00 b7 09 d2 73 aa c1 d9 77 f3 fc 38 |.&.$....s...w..8| 00000020 1c 2e c0 26 b4 a6 40 e1 1b 93 39 8f a2 1f f2 f9 |...&..@...9.....| 00000030 18 2a 7b 0e cd 9b 9b 9c 49 86 43 3d 48 fd 40 d7 |.*{.....I.C=H.@.| 00000040 af f9 2b 5e c6 cc c6 2d 8d 36 fe b1 75 c1 b5 a0 |..+^...-.6..u...| 00000050 57 97 0f 01 ee b4 6a af 0c fe f0 68 78 04 6a 3e |W.....j....hx.j>| 00000060 83 d0 72 34 80 d8 7d cd 8b 83 06 5b 36 50 10 8e |..r4..}....[6P..| 00000070 b4 27 3d 6a ae b7 7f 8b 2a b1 0b 51 49 05 b5 01 |.'=j....*..QI...| 00000080 3c 27 9a 59 e3 41 18 38 d6 8f 7a 14 03 01 00 01 |<'.Y.A.8..z.....| 00000090 01 16 03 01 00 28 c0 46 65 9f 7f d8 c3 c4 a7 33 |.....(.Fe......3| 000000a0 50 f9 07 41 95 12 a6 f3 ca 53 b9 96 f8 a8 a6 5f |P..A.....S....._| 000000b0 1e c8 20 e5 8b 87 4e 12 73 13 e0 e4 c6 89 |.. ...N.s.....| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 28 e2 47 2b 57 fe |..........(.G+W.| 00000010 74 71 95 6a ee 68 2b f3 48 40 13 52 35 46 58 d4 |tq.j.h+.H@.R5FX.| 00000020 ee aa 4c a8 53 0f 3a 19 ed 18 37 2d e4 b9 1e e6 |..L.S.:...7-....| 00000030 28 42 a1 17 03 01 00 18 d8 7c 20 f2 03 6d a9 ed |(B.......| ..m..| 00000040 c9 73 50 d7 56 4f 0b d8 4b 44 f6 80 e4 c1 a9 f5 |.sP.VO..KD......| 00000050 17 03 01 00 28 f5 b2 11 6b a6 4b 22 30 42 3c cc |....(...k.K"0B<.| 00000060 07 0d ed 10 d0 c7 7b ec b3 60 0b 2b 3c fb ec 3a |......{..`.+<..:| 00000070 c0 be 44 e7 76 b6 9e db 17 36 92 df 88 15 03 01 |..D.v....6......| 00000080 00 18 7a d9 2f 46 2e 0f ec c5 ee 7b ef bd fb e5 |..z./F.....{....| 00000090 26 40 0a a2 4e eb 56 0e ca 03 |&@..N.V...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv10-RSA-AES000066400000000000000000000135701373277661100252550ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 63 01 00 00 5f 03 01 78 91 f6 ad 9e |....c..._..x....| 00000010 79 23 92 10 d9 c5 43 52 8f f6 f4 3f f4 eb ac 6b |y#....CR...?...k| 00000020 f3 ce a9 76 a2 bf c3 5b 9d bc 52 00 00 04 00 2f |...v...[..R..../| 00000030 00 ff 01 00 00 32 00 00 00 0e 00 0c 00 00 09 31 |.....2.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 |........| >>> Flow 2 (server to client) 00000000 16 03 01 00 37 02 00 00 33 03 01 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 00 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 01 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 01 00 86 10 00 00 82 00 80 73 aa be d1 21 |...........s...!| 00000010 67 e9 9c 20 40 cf 0a 47 31 61 e9 2b ba 06 4f aa |g.. @..G1a.+..O.| 00000020 ce 15 6a b7 df 0d 0e b0 fe b5 f2 c0 26 81 39 6e |..j.........&.9n| 00000030 5b 96 3c 2f 42 4f 08 92 48 a3 95 c8 ad 0d 0e 8f |[....2.>....| 00000080 36 99 9f b7 53 ef 34 e8 d6 13 3b 14 03 01 00 01 |6...S.4...;.....| 00000090 01 16 03 01 00 30 c6 d2 a6 85 cf 2a e4 9e 9e e1 |.....0.....*....| 000000a0 d0 82 d0 2a f8 e5 bd f6 9a 67 0b c6 47 07 9c 14 |...*.....g..G...| 000000b0 7e 73 9e 4c 8b d2 55 4f b2 32 9a 16 16 a5 e8 25 |~s.L..UO.2.....%| 000000c0 62 e2 e9 88 b6 44 |b....D| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 30 21 7a ee 62 6a |..........0!z.bj| 00000010 20 39 2a 39 d1 d3 f7 bd 53 05 4f 1a 36 71 3b b6 | 9*9....S.O.6q;.| 00000020 c5 5a b7 3b c3 0b 3f b9 2f ac 62 1c c2 2f fa 29 |.Z.;..?./.b../.)| 00000030 dd f3 bc ff 35 28 7f 86 b8 0f 33 17 03 01 00 20 |....5(....3.... | 00000040 3a 6c 47 23 37 5a 15 bd 03 c6 64 c5 59 2f 91 e8 |:lG#7Z....d.Y/..| 00000050 a6 1b d5 04 c2 a7 80 0e 94 6c 3c e4 70 2c ea 81 |.........l<.p,..| 00000060 17 03 01 00 30 60 14 bc 6b 84 16 9f 53 b6 ee c9 |....0`..k...S...| 00000070 43 cf f3 46 97 45 e1 2f 86 96 26 cc ef ea 09 72 |C..F.E./..&....r| 00000080 36 92 4e 9e 2a 8e a2 d7 9a cd 5f 38 a8 07 c4 54 |6.N.*....._8...T| 00000090 a1 4d 6e 7a 36 15 03 01 00 20 1e c2 df a3 3e 8e |.Mnz6.... ....>.| 000000a0 15 c4 c0 90 8f 7c 5a e0 68 d7 ea 86 76 8d d1 27 |.....|Z.h...v..'| 000000b0 c1 d9 32 55 f9 ce f5 92 e6 51 |..2U.....Q| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv10-RSA-RC4000066400000000000000000000126501373277661100252330ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 63 01 00 00 5f 03 01 55 31 1a ed 02 |....c..._..U1...| 00000010 35 fe 3c ea 62 08 52 96 93 bc 2a 1b 82 fe b9 8f |5.<.b.R...*.....| 00000020 7a 47 0e 6a 9b e8 86 ca 89 a0 e6 00 00 04 00 05 |zG.j............| 00000030 00 ff 01 00 00 32 00 00 00 0e 00 0c 00 00 09 31 |.....2.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 |........| >>> Flow 2 (server to client) 00000000 16 03 01 00 37 02 00 00 33 03 01 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 00 00 00 05 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 01 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 01 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 01 00 86 10 00 00 82 00 80 75 7d be e3 5b |...........u}..[| 00000010 66 4b 58 09 f7 86 6a ca 93 8e ba 3c 18 11 47 5e |fKX...j....<..G^| 00000020 7e c2 b1 0c 5e a4 c1 07 ef 25 00 d7 bf c7 b0 03 |~...^....%......| 00000030 0d f6 ff a9 c2 73 a2 c0 dc 8d db f9 5a a9 18 7d |.....s......Z..}| 00000040 1f 8e 0b 9c 24 6c c8 49 99 e1 42 e0 86 d5 e1 e1 |....$l.I..B.....| 00000050 d1 ae fd d2 c4 ef 07 8c 28 95 b7 54 25 57 40 1c |........(..T%W@.| 00000060 c6 af 85 46 a0 31 d4 39 b8 47 43 88 a0 a6 5d d7 |...F.1.9.GC...].| 00000070 95 fb 88 64 ce 36 2b c5 56 85 56 40 f8 d4 d3 90 |...d.6+.V.V@....| 00000080 d1 25 53 06 d8 ab a0 f2 21 8f 88 14 03 01 00 01 |.%S.....!.......| 00000090 01 16 03 01 00 24 26 50 7a 2c ab 3f db 41 06 cf |.....$&Pz,.?.A..| 000000a0 8b 7b f8 46 ad a4 77 b6 06 f0 44 23 04 34 88 9d |.{.F..w...D#.4..| 000000b0 48 d7 5e cc 9e e6 46 a3 04 69 |H.^...F..i| >>> Flow 4 (server to client) 00000000 14 03 01 00 01 01 16 03 01 00 24 57 fc eb dd 40 |..........$W...@| 00000010 83 1d 9a 9a 80 a3 62 a0 08 23 c3 97 fd d5 fb d7 |......b..#......| 00000020 98 f8 14 ae 61 c7 21 fb 8a 18 1e c8 15 05 e7 17 |....a.!.........| 00000030 03 01 00 21 7c 2b 2d 72 2f 63 56 3a 09 51 4e ab |...!|+-r/cV:.QN.| 00000040 31 25 c8 7e 34 5b a4 ab 30 87 50 07 ed 32 3f 79 |1%.~4[..0.P..2?y| 00000050 f1 db c0 17 f3 15 03 01 00 16 fc ce c9 0c b6 0c |................| 00000060 c5 2d d9 3f 2a 9e 9a 83 40 e1 a3 b9 5f 89 aa 75 |.-.?*...@..._..u| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv11-FallbackSCSV000066400000000000000000000013661373277661100264210ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 77 01 00 00 73 03 02 0a 6b c9 55 9d |....w...s...k.U.| 00000010 bf 4e 61 b2 0a c7 c6 96 9f eb 90 91 87 ca d3 d3 |.Na.............| 00000020 62 dc b6 b4 db ea 41 fe 43 3e a3 00 00 14 c0 0a |b.....A.C>......| 00000030 c0 14 00 39 c0 09 c0 13 00 33 00 35 00 2f 00 ff |...9.....3.5./..| 00000040 56 00 01 00 00 36 00 00 00 0e 00 0c 00 00 09 31 |V....6.........1| 00000050 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000060 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000070 00 23 00 00 00 16 00 00 00 17 00 00 |.#..........| >>> Flow 2 (server to client) 00000000 15 03 02 00 02 02 56 |......V| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv11-RSA-RC4000066400000000000000000000126501373277661100252340ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 63 01 00 00 5f 03 02 2b b6 22 28 e3 |....c..._..+."(.| 00000010 1f 42 f4 2e d0 43 4b 9a ea 2b 36 44 ca 93 6c 71 |.B...CK..+6D..lq| 00000020 b9 4d 52 44 64 57 b2 05 9b 41 da 00 00 04 00 05 |.MRDdW...A......| 00000030 00 ff 01 00 00 32 00 00 00 0e 00 0c 00 00 09 31 |.....2.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 |........| >>> Flow 2 (server to client) 00000000 16 03 02 00 37 02 00 00 33 03 02 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 00 00 00 05 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 02 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 02 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 02 00 86 10 00 00 82 00 80 3d 47 85 0a ef |...........=G...| 00000010 47 7c c5 93 bb 6f 7c 57 dc 2b 3f f4 e7 da 4e fc |G|...o|W.+?...N.| 00000020 04 52 36 71 c5 63 1f 6f e6 43 91 06 bc 5c 14 b0 |.R6q.c.o.C...\..| 00000030 ee 83 ed 3d 7a d2 4e 2c d2 2c bb f0 0c b5 82 d5 |...=z.N,.,......| 00000040 9d c2 5a 03 12 b6 70 20 3c 89 84 af 1b 2c 2f b7 |..Z...p <....,/.| 00000050 9b fe dd 71 06 ac 46 30 a7 b5 9f 0b aa 6e 58 50 |...q..F0.....nXP| 00000060 9d da 6b ba 00 51 e9 2a e9 d2 e9 0f 83 62 73 19 |..k..Q.*.....bs.| 00000070 91 a4 46 bd 53 42 f7 15 ab ab 6b 8f f3 6f d1 07 |..F.SB....k..o..| 00000080 44 41 97 4c 7d 89 4b 33 55 30 30 14 03 02 00 01 |DA.L}.K3U00.....| 00000090 01 16 03 02 00 24 54 fe a0 7c 16 47 de 0b 8f 7d |.....$T..|.G...}| 000000a0 51 68 05 da 1e 6d 96 c9 e1 94 68 fa 79 46 02 db |Qh...m....h.yF..| 000000b0 03 4e 2e 70 9f 7e 14 85 fd 1d |.N.p.~....| >>> Flow 4 (server to client) 00000000 14 03 02 00 01 01 16 03 02 00 24 4b c5 cf 20 3f |..........$K.. ?| 00000010 0a 13 1f 55 25 26 9b 33 fd 14 61 0f 44 32 26 b3 |...U%&.3..a.D2&.| 00000020 ab 01 ee c2 1f d3 38 08 f0 af 76 6a 0d e1 b7 17 |......8...vj....| 00000030 03 02 00 21 97 16 df 99 06 81 f2 00 d3 fd b4 03 |...!............| 00000040 be 16 b6 aa 74 d4 c7 25 67 94 14 34 25 ec 0d 12 |....t..%g..4%...| 00000050 c7 43 2d a2 1d 15 03 02 00 16 94 58 af 6b 55 5f |.C-........X.kU_| 00000060 25 0c 80 28 99 2d 75 1a ce 24 cd 75 0d 7f b9 71 |%..(.-u..$.u...q| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ALPN000066400000000000000000000164101373277661100247520ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 e3 01 00 00 df 03 03 e7 33 0d 6a 2d |............3.j-| 00000010 87 bc b4 a1 11 ee 1a 4e 91 f5 fb ad 29 70 d4 6d |.......N....)p.m| 00000020 05 be ec f3 e2 b1 0d 4e da a4 b5 00 00 38 c0 2c |.......N.....8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 7e 00 00 00 0e 00 0c |.5./.....~......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 23 00 00 00 10 00 10 00 0e 06 70 |.....#.........p| 000000a0 72 6f 74 6f 32 06 70 72 6f 74 6f 31 00 16 00 00 |roto2.proto1....| 000000b0 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 |.......0........| 000000c0 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 |................| 000000d0 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 |................| 000000e0 02 02 04 02 05 02 06 02 |........| >>> Flow 2 (server to client) 00000000 16 03 03 00 48 02 00 00 44 03 03 00 00 00 00 00 |....H...D.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 1c 00 23 00 00 ff 01 00 01 00 00 10 00 09 00 07 |..#.............| 00000040 06 70 72 6f 74 6f 31 00 0b 00 02 01 00 16 03 03 |.proto1.........| 00000050 02 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b |.Y...U..R..O0..K| 00000060 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f |0..............?| 00000070 e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |.[..0...*.H.....| 00000080 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 |...0.1.0...U....| 00000090 47 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 |Go1.0...U....Go | 000000a0 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 |Root0...16010100| 000000b0 30 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 |0000Z..250101000| 000000c0 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 |000Z0.1.0...U...| 000000d0 02 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f |.Go1.0...U....Go| 000000e0 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 |0..0...*.H......| 000000f0 05 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d |......0.......F}| 00000100 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d |...'.H..(!.~...]| 00000110 fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 |..RE.z6G....B[..| 00000120 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 |...y.@.Om..+....| 00000130 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 |.g....."8.J.ts+.| 00000140 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 |4......t{.X.la<.| 00000150 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce |.A..++$#w[.;.u].| 00000160 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa | T..c...$....P..| 00000170 b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 |..C...ub...R....| 00000180 00 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 |.....0..0...U...| 00000190 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 |........0...U.%.| 000001a0 16 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b |.0...+.........+| 000001b0 06 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 |.......0...U....| 000001c0 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 |...0.0...U......| 000001d0 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 |....CC>I..m....`| 000001e0 30 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 |0...U.#..0...H.I| 000001f0 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 |M.~.1......n{0..| 00000200 03 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c |.U....0...exampl| 00000210 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 |e.golang0...*.H.| 00000220 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b |............0.@+| 00000230 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a |[P.a...SX...(.X.| 00000240 a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 |.8....1Z..f=C.-.| 00000250 0b f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d |..... d8.$:....}| 00000260 b7 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc |.@ ._...a..v....| 00000270 e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 |..\.....l..s..Cw| 00000280 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae |.......@.a.Lr+..| 00000290 db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe |.F..M...>...B...| 000002a0 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac |=.`.\!.;........| 000002b0 0c 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 |....... /.}.G.bC| 000002c0 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 |.(.._.).0.......| 000002d0 ed 90 99 5f 58 cb 3b 74 08 04 00 80 b6 a2 61 f9 |..._X.;t......a.| 000002e0 30 40 0b 5c 2c 92 b4 7b e3 42 79 00 11 4d 6b 85 |0@.\,..{.By..Mk.| 000002f0 df 2e 19 c2 fc a8 bc 16 0b c0 8d 02 55 99 a7 06 |............U...| 00000300 fa 4c 4d 4c 27 de 6d 3d 1e 7a 6f 2c fc eb 9e 15 |.LML'.m=.zo,....| 00000310 40 6f 0c 81 b3 e1 4d 78 b7 38 c6 50 8f 5b 63 ac |@o....Mx.8.P.[c.| 00000320 20 4f a6 06 aa 00 84 f5 01 f4 68 7a 5a 16 c5 da | O........hzZ...| 00000330 71 b2 4f 04 6e 59 88 14 8c 81 01 91 a8 e8 c1 18 |q.O.nY..........| 00000340 a8 07 e8 7a f4 dc b9 e7 7f c5 ce 2c 32 8d fe d6 |...z.......,2...| 00000350 1f 0e a5 f0 f4 c7 dd 39 13 a1 ca 6d 16 03 03 00 |.......9...m....| 00000360 04 0e 00 00 00 |.....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 d7 fa 22 66 b4 c8 |....%...! .."f..| 00000010 67 2c 45 93 bf 38 3a 13 21 45 d5 29 95 5b 0d 5c |g,E..8:.!E.).[.\| 00000020 79 d2 d6 9b ef bd 7d eb a9 21 14 03 03 00 01 01 |y.....}..!......| 00000030 16 03 03 00 28 a2 81 84 32 29 01 69 28 f9 56 cc |....(...2).i(.V.| 00000040 c9 72 51 5c 22 38 51 12 e1 55 a1 d6 8c cf 66 75 |.rQ\"8Q..U....fu| 00000050 b4 bd 49 60 d0 e4 7e 9e fe 56 d1 62 36 |..I`..~..V.b6| >>> Flow 4 (server to client) 00000000 16 03 03 00 82 04 00 00 7e 00 00 00 00 00 78 50 |........~.....xP| 00000010 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000030 6f ec 80 83 61 cf 87 48 45 0d 9d a5 bf 38 b4 9f |o...a..HE....8..| 00000040 19 a9 cd ca 63 79 2d c3 ae 70 74 56 44 99 fb cc |....cy-..ptVD...| 00000050 7d 31 c2 67 75 fe 57 1b fd 6b 2f cd df ec fa 5b |}1.gu.W..k/....[| 00000060 23 47 19 7e 84 33 94 d7 de e2 b9 ff 75 7d dc 80 |#G.~.3......u}..| 00000070 9e 55 94 8e 15 94 70 8f b5 21 0e 4e f7 4c e6 44 |.U....p..!.N.L.D| 00000080 01 a3 9d 67 5f 05 73 14 03 03 00 01 01 16 03 03 |...g_.s.........| 00000090 00 28 00 00 00 00 00 00 00 00 3a 49 dc e2 aa ce |.(........:I....| 000000a0 a8 43 27 08 a8 6b 7c ae 3f 07 18 e1 04 a9 e6 24 |.C'..k|.?......$| 000000b0 0e 9e 0a 0f af a4 c3 6e 90 2d 17 03 03 00 25 00 |.......n.-....%.| 000000c0 00 00 00 00 00 00 01 41 e1 9b 4c 8a 1a e8 10 bf |.......A..L.....| 000000d0 9f fd 76 e4 43 c2 cf 04 ee 68 6a 02 3c 97 fc ec |..v.C....hj.<...| 000000e0 c4 0a 74 1d 15 03 03 00 1a 00 00 00 00 00 00 00 |..t.............| 000000f0 02 1c 9b b1 b6 07 fa 33 a8 70 03 d9 27 29 ea 61 |.......3.p..').a| 00000100 96 c2 48 |..H| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ALPN-NoMatch000066400000000000000000000162741373277661100263110ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 e3 01 00 00 df 03 03 ed dd 7f 68 1d |..............h.| 00000010 9e 83 bc 08 01 39 8e 97 76 91 cb cb 24 73 15 f5 |.....9..v...$s..| 00000020 17 17 db 78 69 ca e1 ed 0f fc bc 00 00 38 c0 2c |...xi........8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 7e 00 00 00 0e 00 0c |.5./.....~......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 23 00 00 00 10 00 10 00 0e 06 70 |.....#.........p| 000000a0 72 6f 74 6f 32 06 70 72 6f 74 6f 31 00 16 00 00 |roto2.proto1....| 000000b0 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 |.......0........| 000000c0 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 |................| 000000d0 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 |................| 000000e0 02 02 04 02 05 02 06 02 |........| >>> Flow 2 (server to client) 00000000 16 03 03 00 3b 02 00 00 37 03 03 00 00 00 00 00 |....;...7.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 0f 00 23 00 00 ff 01 00 01 00 00 0b 00 02 01 00 |..#.............| 00000040 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 |....Y...U..R..O0| 00000050 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 |..K0............| 00000060 f0 9d 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 |..?.[..0...*.H..| 00000070 0d 01 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 |......0.1.0...U.| 00000080 0a 13 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 |...Go1.0...U....| 00000090 47 6f 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 |Go Root0...16010| 000000a0 31 30 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 |1000000Z..250101| 000000b0 30 30 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 |000000Z0.1.0...U| 000000c0 04 0a 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 |....Go1.0...U...| 000000d0 02 47 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d |.Go0..0...*.H...| 000000e0 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 |.........0......| 000000f0 db 46 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 |.F}...'.H..(!.~.| 00000100 b6 a2 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 |..]..RE.z6G....B| 00000110 5b c2 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 |[.....y.@.Om..+.| 00000120 8b c2 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 |....g....."8.J.t| 00000130 73 2b c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c |s+.4......t{.X.l| 00000140 61 3c c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd |a<..A..++$#w[.;.| 00000150 75 5d ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a |u]. T..c...$....| 00000160 50 8b aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 |P....C...ub...R.| 00000170 02 03 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 |........0..0...U| 00000180 1d 0f 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 |...........0...U| 00000190 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 000001a0 06 08 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d |..+.......0...U.| 000001b0 13 01 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 |......0.0...U...| 000001c0 12 04 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 |.......CC>I..m..| 000001d0 d7 9f 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 |..`0...U.#..0...| 000001e0 48 13 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b |H.IM.~.1......n{| 000001f0 30 19 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 |0...U....0...exa| 00000200 6d 70 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a |mple.golang0...*| 00000210 86 48 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 |.H.............0| 00000220 cc 40 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 |.@+[P.a...SX...(| 00000230 a9 58 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 |.X..8....1Z..f=C| 00000240 d3 2d d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc |.-...... d8.$:..| 00000250 cf 9c 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd |..}.@ ._...a..v.| 00000260 13 c3 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb |.....\.....l..s.| 00000270 b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 |.Cw.......@.a.Lr| 00000280 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 |+...F..M...>...B| 00000290 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 |...=.`.\!.;.....| 000002a0 03 00 ac 0c 00 00 a8 03 00 1d 20 2f e5 7d a3 47 |.......... /.}.G| 000002b0 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af |.bC.(.._.).0....| 000002c0 c4 cf c2 ed 90 99 5f 58 cb 3b 74 08 04 00 80 59 |......_X.;t....Y| 000002d0 85 20 dc b1 4c d2 17 4d 20 73 1a a7 f7 ab 40 52 |. ..L..M s....@R| 000002e0 73 e7 02 21 eb 55 e2 c9 73 c0 c2 8a ed a3 fd 07 |s..!.U..s.......| 000002f0 0b 5b 30 c2 1e 63 a1 c2 27 41 6c 5a ca 6e 12 d3 |.[0..c..'AlZ.n..| 00000300 4a 87 15 29 7f 44 06 3d 14 76 98 45 e5 27 84 09 |J..).D.=.v.E.'..| 00000310 44 be f3 c4 ce 79 31 e9 92 06 b6 d2 d9 19 d1 24 |D....y1........$| 00000320 7d 44 6a 57 ea 9d 12 e3 e7 a1 16 86 10 fc 7a 66 |}DjW..........zf| 00000330 00 3a f0 f0 ed e7 7c 20 82 0a 26 5d 92 79 8a 5b |.:....| ..&].y.[| 00000340 55 98 fc 1a c1 2f c0 07 ce b8 03 3a 01 da 62 16 |U..../.....:..b.| 00000350 03 03 00 04 0e 00 00 00 |........| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 d9 f2 e4 c5 cf 38 |....%...! .....8| 00000010 23 30 2e b6 d9 0f 3b a2 d7 2f eb d5 74 a8 29 12 |#0....;../..t.).| 00000020 5f 27 bc 81 96 6b 12 5a bb 2f 14 03 03 00 01 01 |_'...k.Z./......| 00000030 16 03 03 00 28 4b a1 12 ce 11 2a 0f 79 7c 56 eb |....(K....*.y|V.| 00000040 bb 9f 7d 91 c7 53 25 d6 ae 0b 98 f1 b5 ea ef 51 |..}..S%........Q| 00000050 8b 3a fb d1 6c ae 3d bb b7 67 d9 ba 36 |.:..l.=..g..6| >>> Flow 4 (server to client) 00000000 16 03 03 00 82 04 00 00 7e 00 00 00 00 00 78 50 |........~.....xP| 00000010 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000030 6f ec 80 83 61 40 f9 2b 9e a7 30 60 fb 46 36 c4 |o...a@.+..0`.F6.| 00000040 0e b3 2a c4 73 64 2e 12 6c 0d f5 b9 6f 05 ae 27 |..*.sd..l...o..'| 00000050 d7 a3 47 c5 67 31 3e 95 84 bf 42 e1 b9 0d 90 40 |..G.g1>...B....@| 00000060 01 50 0d 32 4b 33 94 5c a3 1d b9 db e5 c5 24 02 |.P.2K3.\......$.| 00000070 48 31 ad 70 8e c7 e9 60 a5 7e ea 91 7b 01 79 06 |H1.p...`.~..{.y.| 00000080 66 f9 c4 9d bd 65 a5 14 03 03 00 01 01 16 03 03 |f....e..........| 00000090 00 28 00 00 00 00 00 00 00 00 32 be b5 c5 4d 83 |.(........2...M.| 000000a0 41 97 f6 26 0f aa 06 35 d5 9e f8 12 1c 04 f7 b6 |A..&...5........| 000000b0 16 9f f9 a4 43 b8 56 ea 4a 82 17 03 03 00 25 00 |....C.V.J.....%.| 000000c0 00 00 00 00 00 00 01 1a 8e 6b 4a 69 02 56 46 eb |.........kJi.VF.| 000000d0 26 12 47 a3 9d 9a 8a 09 20 4a 6c b2 d0 6a 14 48 |&.G..... Jl..j.H| 000000e0 be d5 f0 48 15 03 03 00 1a 00 00 00 00 00 00 00 |...H............| 000000f0 02 0e 01 9d 60 90 01 60 99 a0 f5 df 6d 38 e5 76 |....`..`....m8.v| 00000100 4d d7 d7 |M..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-CipherSuiteCertPreferenceECDSA000066400000000000000000000151021373277661100320160ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 cb 01 00 00 c7 03 03 3f 5d 09 25 4e |...........?].%N| 00000010 82 83 13 89 ba 89 43 d5 43 4f f1 c3 2f 08 77 39 |......C.CO../.w9| 00000020 bf eb c7 1d 4b d6 85 c8 17 2f 83 00 00 38 c0 2c |....K..../...8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 66 00 00 00 0e 00 0c |.5./.....f......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 |...............0| 000000a0 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................| 000000b0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................| 000000c0 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 0a 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 00 30 |...........0...0| 00000050 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 30 09 |..b.....-G....0.| 00000060 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 09 06 |..*.H.=..0E1.0..| 00000070 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 04 |.U....AU1.0...U.| 00000080 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 |...Some-State1!0| 00000090 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 |...U....Internet| 000000a0 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 64 | Widgits Pty Ltd| 000000b0 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 33 32 |0...121122150632| 000000c0 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 32 5a |Z..221120150632Z| 000000d0 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 |0E1.0...U....AU1| 000000e0 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 |.0...U....Some-S| 000000f0 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 |tate1!0...U....I| 00000100 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 |nternet Widgits | 00000110 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 2a 86 |Pty Ltd0..0...*.| 00000120 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 00000130 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 16 56 |.........Hs6~..V| 00000140 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 f6 b0 |.".=S.;M!=.ku...| 00000150 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 2f 1c |...&.....r2|.d/.| 00000160 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 e0 28 |...h#.~..%.H:i.(| 00000170 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 d8 81 |m.7...b....pb...| 00000180 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 de 76 |.d1...1...h..#.v| 00000190 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd 9b d8 |d?.\....XX._p...| 000001a0 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a 20 e2 |.........0f[f. .| 000001b0 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d 04 01 |'...;0...*.H.=..| 000001c0 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb e2 45 |....0...B...O..E| 000001d0 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e 1b b6 |.H}.......Gp.^..| 000001e0 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b 7e 92 |/...M.a@......~.| 000001f0 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 ec 47 |~.v..;~.?....Y.G| 00000200 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 4d fc |-|..N....o..B.M.| 00000210 be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 13 83 |.g..-...?..%.3..| 00000220 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd d7 11 |.....7z..z......| 00000230 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d ae cb |i..|V..1x+..x...| 00000240 be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f 2a 16 |..N6$1{j.9....*.| 00000250 03 03 00 b7 0c 00 00 b3 03 00 1d 20 2f e5 7d a3 |........... /.}.| 00000260 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000270 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 04 03 00 8b |......._X.;t....| 00000280 30 81 88 02 42 01 5c 2a 30 4f 9f dc df a8 33 06 |0...B.\*0O....3.| 00000290 3b bc 35 46 6a 9c a3 a1 26 ec 42 29 bf 63 b3 9b |;.5Fj...&.B).c..| 000002a0 8c bf 7b 07 8d 28 eb 41 68 7a 8a 1b f3 de a9 dc |..{..(.Ahz......| 000002b0 1e d1 21 3c 4d 24 df 89 90 b6 f2 fb ad 60 d2 27 |..!V..F.| 000002e0 b4 e5 90 72 ed af 71 0d fb e6 39 2f d5 4b 73 ba |...r..q...9/.Ks.| 000002f0 85 d2 a4 bf 99 74 d7 81 eb 3e 69 4d f0 12 1e 3c |.....t...>iM...<| 00000300 53 ca f0 35 85 ef ff ed cc 0f f7 16 03 03 00 04 |S..5............| 00000310 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 b8 a6 ed 33 20 59 |....%...! ...3 Y| 00000010 76 0b 7c 87 53 f1 12 c1 46 d9 db 68 c0 6f d6 30 |v.|.S...F..h.o.0| 00000020 ea e0 64 04 54 7a 4c 95 03 41 14 03 03 00 01 01 |..d.TzL..A......| 00000030 16 03 03 00 40 c0 70 29 39 a0 8a bd 59 58 88 44 |....@.p)9...YX.D| 00000040 ea 10 b4 79 3e 0e 72 b7 2a 03 6d 4d 5a 24 f5 c0 |...y>.r.*.mMZ$..| 00000050 4e e5 19 f0 fb 66 ca 97 89 4b 67 dc bb 19 cd 0b |N....f...Kg.....| 00000060 6e 74 01 d3 a4 9a ab af 8e 44 10 99 ac ff 9e 9e |nt.......D......| 00000070 17 04 56 78 55 |..VxU| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 01 a0 6b 2c c5 |.............k,.| 00000020 7e 83 70 b5 2c 8c 43 b6 8b 2e 18 2a 1d be 11 6d |~.p.,.C....*...m| 00000030 13 f9 ba b5 de db 01 2a 64 d9 5b 24 c9 61 a1 4d |.......*d.[$.a.M| 00000040 11 bb fc b1 86 61 b0 04 a9 cd 1e 17 03 03 00 40 |.....a.........@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 d8 98 85 b4 cb 61 39 69 2f b1 1f 24 c1 5a 4f e3 |.....a9i/..$.ZO.| 00000070 0b 20 5d 6c 3f 3f 82 3a a3 8a b3 cf e9 41 bb 60 |. ]l??.:.....A.`| 00000080 ed b6 67 a0 76 39 ab 93 a5 35 d0 42 b3 a7 4c 92 |..g.v9...5.B..L.| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 c7 0d 06 b2 2b 73 ab ed 16 88 6f |.........+s....o| 000000b0 62 77 fb 48 e4 5e 6d 7e 24 02 b6 08 fa 46 c8 76 |bw.H.^m~$....F.v| 000000c0 18 fc f4 c4 08 |.....| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-CipherSuiteCertPreferenceRSA000066400000000000000000000155761373277661100316430ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 cb 01 00 00 c7 03 03 27 8a e9 f3 58 |...........'...X| 00000010 5a 08 90 d6 d4 97 23 b6 a7 92 73 3a a3 3c c1 a1 |Z.....#...s:.<..| 00000020 ca 06 23 c8 ed 4a 19 26 73 c9 62 00 00 38 c0 2c |..#..J.&s.b..8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 66 00 00 00 0e 00 0c |.5./.....f......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 |...............0| 000000a0 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................| 000000b0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................| 000000c0 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 14 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c |.`.\!.;.........| 000002a0 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 |...... /.}.G.bC.| 000002b0 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed |(.._.).0........| 000002c0 90 99 5f 58 cb 3b 74 08 04 00 80 42 86 d0 0a 5b |.._X.;t....B...[| 000002d0 d7 97 20 4d be 16 b8 eb 51 66 28 3b f9 45 35 f5 |.. M....Qf(;.E5.| 000002e0 de 1d 28 c9 36 63 5b 7b f6 a7 64 79 fb 39 20 c3 |..(.6c[{..dy.9 .| 000002f0 dd db 38 3e af 89 ce 91 f7 bd 51 b4 5e 01 d8 9b |..8>......Q.^...| 00000300 54 62 58 24 3b c2 43 59 a4 11 1a 2b 67 c5 5f 79 |TbX$;.CY...+g._y| 00000310 fe 68 9d c7 e6 8b 36 8b f9 cb 00 b0 b3 0f 52 fb |.h....6.......R.| 00000320 fe a5 e6 c6 26 9b d1 a2 17 4e e2 58 7f b2 80 78 |....&....N.X...x| 00000330 10 b4 0a 47 e1 18 92 d4 a5 5a 86 06 36 ca f7 b6 |...G.....Z..6...| 00000340 1c 83 81 0e eb 32 7d fe 06 c5 03 16 03 03 00 04 |.....2}.........| 00000350 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 14 7f fb 7d 0c ef |....%...! ...}..| 00000010 48 c4 8f 75 24 19 5f ee 5f 51 08 35 74 cf c3 ea |H..u$._._Q.5t...| 00000020 67 20 c4 f9 49 b2 cf 69 5a 77 14 03 03 00 01 01 |g ..I..iZw......| 00000030 16 03 03 00 40 2b d2 f4 dc 36 98 ef 1d 43 f9 3e |....@+...6...C.>| 00000040 83 33 c0 71 a6 e3 ac f1 3c cc 94 e4 d0 fe 81 bc |.3.q....<.......| 00000050 94 56 15 eb 6a 7b 17 33 e1 a0 ef d5 7a 86 af ea |.V..j{.3....z...| 00000060 1f bb d5 8c 80 56 d5 e4 08 cd 68 bf c0 53 c2 56 |.....V....h..S.V| 00000070 aa b3 38 1e 4e |..8.N| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 45 07 c3 ba 8c |...........E....| 00000020 d8 9f b6 f1 6a 14 bb b1 4e 84 3f 25 6a 3d ef f6 |....j...N.?%j=..| 00000030 88 89 1a 91 22 ef e3 ed ba 2a a3 7c 5b db e0 1d |...."....*.|[...| 00000040 b5 8d 7a ed e7 ad e1 31 b2 12 f5 17 03 03 00 40 |..z....1.......@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 a6 f3 0b 33 f7 7a 7c fb fb b5 e6 eb 6e 0a 26 aa |...3.z|.....n.&.| 00000070 06 3b a6 bc 08 e5 3a b6 c9 a3 f3 77 28 93 45 08 |.;....:....w(.E.| 00000080 1d 54 5e a3 92 cd 89 a3 e6 34 ec 52 70 c0 97 3c |.T^......4.Rp..<| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 2d 0d 96 57 b8 6f 90 1e 84 4d 35 |.....-..W.o...M5| 000000b0 91 52 42 6b 8d a3 6b 21 22 60 1a c9 38 7f 5a ef |.RBk..k!"`..8.Z.| 000000c0 6e dd 84 06 79 |n...y| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ClientAuthRequestedAndECDSAGiven000066400000000000000000000232441373277661100323210ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 a8 4e d1 44 14 |............N.D.| 00000010 46 11 b2 4f 03 b6 6f 89 cf fd dd 9b 6a dd 4d 1e |F..O..o.....j.M.| 00000020 51 02 a2 10 d9 d3 a1 d8 54 a2 4a 00 00 04 00 2f |Q.......T.J..../| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 23 0d |.`.\!.;.......#.| 000002a0 00 00 1f 02 01 40 00 18 08 04 04 03 08 07 08 05 |.....@..........| 000002b0 08 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 |................| 000002c0 00 00 16 03 03 00 04 0e 00 00 00 |...........| >>> Flow 3 (client to server) 00000000 16 03 03 02 0a 0b 00 02 06 00 02 03 00 02 00 30 |...............0| 00000010 82 01 fc 30 82 01 5e 02 09 00 9a 30 84 6c 26 35 |...0..^....0.l&5| 00000020 d9 17 30 09 06 07 2a 86 48 ce 3d 04 01 30 45 31 |..0...*.H.=..0E1| 00000030 0b 30 09 06 03 55 04 06 13 02 41 55 31 13 30 11 |.0...U....AU1.0.| 00000040 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 74 61 74 |..U....Some-Stat| 00000050 65 31 21 30 1f 06 03 55 04 0a 13 18 49 6e 74 65 |e1!0...U....Inte| 00000060 72 6e 65 74 20 57 69 64 67 69 74 73 20 50 74 79 |rnet Widgits Pty| 00000070 20 4c 74 64 30 1e 17 0d 31 32 31 31 31 34 31 33 | Ltd0...12111413| 00000080 32 35 35 33 5a 17 0d 32 32 31 31 31 32 31 33 32 |2553Z..221112132| 00000090 35 35 33 5a 30 41 31 0b 30 09 06 03 55 04 06 13 |553Z0A1.0...U...| 000000a0 02 41 55 31 0c 30 0a 06 03 55 04 08 13 03 4e 53 |.AU1.0...U....NS| 000000b0 57 31 10 30 0e 06 03 55 04 07 13 07 50 79 72 6d |W1.0...U....Pyrm| 000000c0 6f 6e 74 31 12 30 10 06 03 55 04 03 13 09 4a 6f |ont1.0...U....Jo| 000000d0 65 6c 20 53 69 6e 67 30 81 9b 30 10 06 07 2a 86 |el Sing0..0...*.| 000000e0 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 000000f0 04 00 95 8c 91 75 14 c0 5e c4 57 b4 d4 c3 6f 8d |.....u..^.W...o.| 00000100 ae 68 1e dd 6f ce 86 e1 7e 6e b2 48 3e 81 e5 4e |.h..o...~n.H>..N| 00000110 e2 c6 88 4b 64 dc f5 30 bb d3 ff 65 cc 5b f4 dd |...Kd..0...e.[..| 00000120 b5 6a 3e 3e d0 1d de 47 c3 76 ad 19 f6 45 2c 8c |.j>>...G.v...E,.| 00000130 bc d8 1d 01 4c 1f 70 90 46 76 48 8b 8f 83 cc 4a |....L.p.FvH....J| 00000140 5c 8f 40 76 da e0 89 ec 1d 2b c4 4e 30 76 28 41 |\.@v.....+.N0v(A| 00000150 b2 62 a8 fb 5b f1 f9 4e 7a 8d bd 09 b8 ae ea 8b |.b..[..Nz.......| 00000160 18 27 4f 2e 70 fe 13 96 ba c3 d3 40 16 cd 65 4e |.'O.p......@..eN| 00000170 ac 11 1e e6 f1 30 09 06 07 2a 86 48 ce 3d 04 01 |.....0...*.H.=..| 00000180 03 81 8c 00 30 81 88 02 42 00 e0 14 c4 60 60 0b |....0...B....``.| 00000190 72 68 b0 32 5d 61 4a 02 74 5c c2 81 b9 16 a8 3f |rh.2]aJ.t\.....?| 000001a0 29 c8 36 c7 81 ff 6c b6 5b d9 70 f1 38 3b 50 48 |).6...l.[.p.8;PH| 000001b0 28 94 cb 09 1a 52 f1 5d ee 8d f2 b9 f0 f0 da d9 |(....R.]........| 000001c0 15 3a f9 bd 03 7a 87 a2 23 35 ec 02 42 01 a3 d4 |.:...z..#5..B...| 000001d0 8a 78 35 1c 4a 9a 23 d2 0a be 2b 10 31 9d 9c 5f |.x5.J.#...+.1.._| 000001e0 be e8 91 b3 da 1a f5 5d a3 23 f5 26 8b 45 70 8d |.......].#.&.Ep.| 000001f0 65 62 9b 7e 01 99 3d 18 f6 10 9a 38 61 9b 2e 57 |eb.~..=....8a..W| 00000200 e4 fa cc b1 8a ce e2 23 a0 87 f0 e1 67 51 eb 16 |.......#....gQ..| 00000210 03 03 00 86 10 00 00 82 00 80 94 7b c5 f9 b7 fa |...........{....| 00000220 08 d2 59 d4 d5 ae 30 7f 9b d6 97 8e f8 ab 5c dc |..Y...0.......\.| 00000230 b2 f2 f7 c2 f3 4a 2d c0 88 11 84 42 bf fe b9 ca |.....J-....B....| 00000240 6f 6e b2 a4 c3 50 f1 bc 22 6e 12 bf 18 e2 12 1c |on...P.."n......| 00000250 c2 53 f5 b4 03 f2 c8 a4 a6 29 da cd 3e 62 6d c0 |.S.......)..>bm.| 00000260 34 58 5d 3b 1c 84 6e a6 d7 7c 63 67 0c 1a 7c a4 |4X];..n..|cg..|.| 00000270 ea 66 ce 70 6c 6d fd c9 d5 b5 63 38 93 02 7c 3b |.f.plm....c8..|;| 00000280 b2 0b 62 ff 32 2d 6a d0 59 27 e6 34 cc a6 25 aa |..b.2-j.Y'.4..%.| 00000290 5b 77 4a f6 79 72 1f bf 30 f1 16 03 03 00 92 0f |[wJ.yr..0.......| 000002a0 00 00 8e 04 03 00 8a 30 81 87 02 42 01 dc 84 5b |.......0...B...[| 000002b0 f3 56 ac 18 07 45 f0 3d 2c 96 e8 ff 12 c0 59 0e |.V...E.=,.....Y.| 000002c0 de ef 93 98 88 09 dd 82 14 65 20 72 a9 f2 bc 2d |.........e r...-| 000002d0 7a d1 d7 f0 fe 99 f1 80 54 b8 30 b2 b9 01 3d a6 |z.......T.0...=.| 000002e0 f2 c0 cd 8e 68 a2 e7 92 85 aa 13 8f 49 1c 02 41 |....h.......I..A| 000002f0 2c 4c 7d f6 27 ea 31 e1 4d 68 b3 39 4a 2d 26 ae |,L}.'.1.Mh.9J-&.| 00000300 42 4a 6c 4e cc fb bf b7 0b 1a bf df 57 0c fe b1 |BJlN........W...| 00000310 fd fc bd a2 08 a2 fc 4f 91 89 ec e0 ea e3 b3 38 |.......O.......8| 00000320 2f ba 17 8e 07 0a 4d cd a8 73 a4 e9 a3 02 ee 42 |/.....M..s.....B| 00000330 07 14 03 03 00 01 01 16 03 03 00 40 75 26 df cd |...........@u&..| 00000340 34 27 db 19 2f da d4 0d 0a ec b4 d5 03 1a a1 34 |4'../..........4| 00000350 fa fd df a9 31 1e e0 78 87 f6 9b 31 4a 27 4d 4e |....1..x...1J'MN| 00000360 54 d4 b0 a2 1a 72 52 02 89 47 93 a6 c4 57 d3 b8 |T....rR..G...W..| 00000370 60 e5 1e db 60 ea fd 08 6f 13 fc 9d |`...`...o...| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 b7 39 51 e9 91 |............9Q..| 00000020 8a f0 d0 a9 6d fb 0e 30 bd 74 44 94 48 b0 6e a7 |....m..0.tD.H.n.| 00000030 ab a8 8c ce 87 da 93 73 e1 da cc 53 e8 32 03 fe |.......s...S.2..| 00000040 57 66 cf e1 ed ef e6 6f 80 32 eb 17 03 03 00 40 |Wf.....o.2.....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 37 8f 8a d3 8e 0a f5 24 28 95 5e 19 e1 40 b8 2a |7......$(.^..@.*| 00000070 eb 4f 2a ec 6d 4d 7f f3 fb 63 52 46 52 57 c1 4a |.O*.mM...cRFRW.J| 00000080 ec cc a0 6b 2e 49 41 51 38 25 e3 af 82 53 2a 15 |...k.IAQ8%...S*.| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 83 24 3c 9d 31 f3 41 a5 35 8c 01 |......$<.1.A.5..| 000000b0 70 f4 b7 6e 2b 9e 1a 48 cf ce a4 68 2a 2c 53 18 |p..n+..H...h*,S.| 000000c0 1e 26 24 50 92 |.&$P.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ClientAuthRequestedAndEd25519Given000066400000000000000000000206771373277661100324470ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 cb 01 00 00 c7 03 03 6e 46 fb 23 fe |...........nF.#.| 00000010 6d b0 f4 4f bf fb c6 93 f8 29 f8 93 0e 13 51 9e |m..O.....)....Q.| 00000020 d7 cc e8 bb d1 c1 69 06 66 4f 45 00 00 38 c0 2c |......i.fOE..8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 66 00 00 00 0e 00 0c |.5./.....f......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 |...............0| 000000a0 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................| 000000b0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................| 000000c0 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c |.`.\!.;.........| 000002a0 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 |...... /.}.G.bC.| 000002b0 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed |(.._.).0........| 000002c0 90 99 5f 58 cb 3b 74 08 04 00 80 17 9f 15 d6 26 |.._X.;t........&| 000002d0 36 78 d9 7f e6 48 27 56 a5 96 22 9f 9c f6 92 a0 |6x...H'V..".....| 000002e0 dc 7d eb 66 6e b8 94 34 74 ac 96 50 63 f1 cd 92 |.}.fn..4t..Pc...| 000002f0 bc 31 d2 f5 30 70 b2 d6 f3 09 0c 87 6a 8b f5 46 |.1..0p......j..F| 00000300 0d 9a 87 4c de 94 80 49 43 26 28 e9 67 fa a8 1f |...L...IC&(.g...| 00000310 dd 36 5c b1 49 05 37 ac 2d db b8 22 bf ed 64 dc |.6\.I.7.-.."..d.| 00000320 50 53 12 3e e6 5a 78 fc b2 c5 6f 4c a9 86 40 da |PS.>.Zx...oL..@.| 00000330 0a 9b 71 62 6d 12 c9 b7 9a 8b ca bd a5 77 37 0c |..qbm........w7.| 00000340 1c f1 66 2c 63 2d 7b c6 6b f1 48 16 03 03 00 23 |..f,c-{.k.H....#| 00000350 0d 00 00 1f 02 01 40 00 18 08 04 04 03 08 07 08 |......@.........| 00000360 05 08 06 04 01 05 01 06 01 05 03 06 03 02 01 02 |................| 00000370 03 00 00 16 03 03 00 04 0e 00 00 00 |............| >>> Flow 3 (client to server) 00000000 16 03 03 01 3c 0b 00 01 38 00 01 35 00 01 32 30 |....<...8..5..20| 00000010 82 01 2e 30 81 e1 a0 03 02 01 02 02 10 17 d1 81 |...0............| 00000020 93 be 2a 8c 21 20 10 25 15 e8 34 23 4f 30 05 06 |..*.! .%..4#O0..| 00000030 03 2b 65 70 30 12 31 10 30 0e 06 03 55 04 0a 13 |.+ep0.1.0...U...| 00000040 07 41 63 6d 65 20 43 6f 30 1e 17 0d 31 39 30 35 |.Acme Co0...1905| 00000050 31 36 32 31 35 34 32 36 5a 17 0d 32 30 30 35 31 |16215426Z..20051| 00000060 35 32 31 35 34 32 36 5a 30 12 31 10 30 0e 06 03 |5215426Z0.1.0...| 00000070 55 04 0a 13 07 41 63 6d 65 20 43 6f 30 2a 30 05 |U....Acme Co0*0.| 00000080 06 03 2b 65 70 03 21 00 0b e0 b5 60 b5 e2 79 30 |..+ep.!....`..y0| 00000090 3d be e3 1e e0 50 b1 04 c8 6d c7 78 6c 69 2f c5 |=....P...m.xli/.| 000000a0 14 ad 9a 63 6f 79 12 91 a3 4d 30 4b 30 0e 06 03 |...coy...M0K0...| 000000b0 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 |U...........0...| 000000c0 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 |U.%..0...+......| 000000d0 02 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 |.0...U.......0.0| 000000e0 16 06 03 55 1d 11 04 0f 30 0d 82 0b 65 78 61 6d |...U....0...exam| 000000f0 70 6c 65 2e 63 6f 6d 30 05 06 03 2b 65 70 03 41 |ple.com0...+ep.A| 00000100 00 fc 19 17 2a 94 a5 31 fa 29 c8 2e 7f 5b a0 5d |....*..1.)...[.]| 00000110 8a 4e 34 40 39 d6 b3 10 dc 19 fe a0 22 71 b3 f5 |.N4@9......."q..| 00000120 8f a1 58 0d cd f4 f1 85 24 bf e6 3d 14 df df ed |..X.....$..=....| 00000130 0e e1 17 d8 11 a2 60 d0 8a 37 23 2a c2 46 aa 3a |......`..7#*.F.:| 00000140 08 16 03 03 00 25 10 00 00 21 20 87 e9 7b d5 6c |.....%...! ..{.l| 00000150 ed 43 f2 56 e4 00 5c 30 8b ec 63 cb ef da 90 aa |.C.V..\0..c.....| 00000160 e2 eb 0e ad 23 db 90 c5 02 47 7c 16 03 03 00 48 |....#....G|....H| 00000170 0f 00 00 44 08 07 00 40 71 03 0f a9 ed a8 cf 3c |...D...@q......<| 00000180 73 e6 ae 21 92 93 68 10 bc e0 fd 07 d8 58 30 7c |s..!..h......X0|| 00000190 8d f2 1d ee e6 20 4c a4 6a 4b b8 66 6c 51 b5 1a |..... L.jK.flQ..| 000001a0 06 f1 5d 13 83 43 60 6f b1 f7 56 97 b2 ef c6 b8 |..]..C`o..V.....| 000001b0 97 0b 9a fe 46 3e 9a 00 14 03 03 00 01 01 16 03 |....F>..........| 000001c0 03 00 28 de 17 73 c1 91 60 06 3d 0c 9c d0 5a c9 |..(..s..`.=...Z.| 000001d0 f2 2b f4 80 8b e8 01 dc 84 ff a1 16 08 1e af 76 |.+.............v| 000001e0 f2 fc 34 52 3f 87 60 9e 06 ff c2 |..4R?.`....| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 db 9b a0 e5 96 0d ca 2b ce 8a 3c 9e bc |..........+..<..| 00000020 43 1a ad 0d fb a1 7e 0d 39 7d 3f b4 79 bd ee 7a |C.....~.9}?.y..z| 00000030 e4 a1 6e 17 03 03 00 25 00 00 00 00 00 00 00 01 |..n....%........| 00000040 05 bd 7f 40 dd 89 b2 fd 3c ef a6 72 a0 dd 9f be |...@....<..r....| 00000050 ee 27 ca a6 e0 f1 c8 3c 69 3c 35 02 48 15 03 03 |.'.....>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 b1 ad 52 31 a1 |.............R1.| 00000010 0a ff 18 7f 32 d2 83 f2 e2 9d 54 03 6f fc 58 66 |....2.....T.o.Xf| 00000020 29 e8 3e bc c3 4d d9 75 6e 06 53 00 00 04 00 2f |).>..M.un.S..../| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 23 0d |.`.\!.;.......#.| 000002a0 00 00 1f 02 01 40 00 18 08 04 04 03 08 07 08 05 |.....@..........| 000002b0 08 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 |................| 000002c0 00 00 16 03 03 00 04 0e 00 00 00 |...........| >>> Flow 3 (client to server) 00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 03 00 86 10 00 00 82 00 80 48 d4 42 |.5...........H.B| 00000210 f3 7f 89 ce 32 5a 89 32 c4 4e 6a 66 f7 0d 3d 63 |....2Z.2.Njf..=c| 00000220 e9 69 74 b5 f4 5e cb 99 74 6c c5 85 39 a3 24 ab |.it..^..tl..9.$.| 00000230 a0 0c 16 1b 9b 0f b5 57 8f 97 30 de ae 44 fd da |.......W..0..D..| 00000240 9f 0d 09 47 d7 a1 f7 aa 88 1d a5 e2 6d de 5b 92 |...G........m.[.| 00000250 25 8e 84 7e fd 21 fe 00 c2 c7 d8 4c df 0c 40 07 |%..~.!.....L..@.| 00000260 7a e6 61 45 37 6d 36 fd e8 44 8e 9c c7 04 31 46 |z.aE7m6..D....1F| 00000270 6b 24 51 37 e0 09 84 ba 56 39 5e df 99 9f 6e 8a |k$Q7....V9^...n.| 00000280 35 b2 27 a1 29 83 fb f7 c9 06 88 c5 6a 16 03 03 |5.'.).......j...| 00000290 00 88 0f 00 00 84 08 04 00 80 01 b3 d6 d0 58 c4 |..............X.| 000002a0 bc 36 b2 c5 6e a2 90 77 52 33 19 a1 9c 2f a4 ed |.6..n..wR3.../..| 000002b0 76 b7 7b 67 ce 36 e2 37 b3 23 68 78 c0 2f 80 d4 |v.{g.6.7.#hx./..| 000002c0 58 0e fc 11 dc 85 b6 9c 25 7f 02 48 b9 a3 24 8c |X.......%..H..$.| 000002d0 26 94 8c 6d 8d 87 6c 9b 20 97 b2 49 ea b6 4c 16 |&..m..l. ..I..L.| 000002e0 03 96 0a 93 e7 15 e4 cb 5a 43 5c 11 77 0e a9 cb |........ZC\.w...| 000002f0 5e c6 4a d3 84 9a 27 e7 81 84 56 ad fa 4b b3 fe |^.J...'...V..K..| 00000300 03 d9 91 1a cf 6e 5b 5e f9 b0 fb 59 27 29 e2 09 |.....n[^...Y')..| 00000310 db 63 69 05 28 7c 95 45 7b da 14 03 03 00 01 01 |.ci.(|.E{.......| 00000320 16 03 03 00 40 20 4f 52 fa e4 4b 92 8e 3f 52 18 |....@ OR..K..?R.| 00000330 42 ba 07 93 fe 1d 11 ee d9 2f 37 55 88 cd 03 18 |B......../7U....| 00000340 e7 44 95 b4 c2 69 91 38 f1 39 ba 14 f6 59 98 22 |.D...i.8.9...Y."| 00000350 64 a1 a0 a3 b9 2e ec cb 14 dc 85 60 b4 95 3a 5a |d..........`..:Z| 00000360 77 a7 65 eb 02 |w.e..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 56 f9 31 18 46 |...........V.1.F| 00000020 ce f2 b8 78 c8 34 ec b4 33 d4 ee 42 9f cc a1 40 |...x.4..3..B...@| 00000030 45 fc 81 bd 33 86 93 6e 0d 59 01 15 2e 71 ae 8d |E...3..n.Y...q..| 00000040 18 1a 10 6d 86 d5 17 7d 80 3f a3 17 03 03 00 40 |...m...}.?.....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 c1 b4 84 5e 61 48 33 a2 91 ae 7c d9 ee 9a fc 78 |...^aH3...|....x| 00000070 57 c9 7d 1f fa c8 16 dc 6b c1 ec ff 1b 3f 4d d2 |W.}.....k....?M.| 00000080 69 57 aa e2 95 13 c5 92 81 14 63 bd ba 29 b9 3f |iW........c..).?| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 b8 22 70 50 65 d6 ae 00 6b f7 e1 |......"pPe...k..| 000000b0 76 1d 03 d7 f7 80 56 74 73 af f2 6c 70 6f cb 4a |v.....Vts..lpo.J| 000000c0 b3 2a 18 1b b5 |.*...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ClientAuthRequestedAndPKCS1v15Given000066400000000000000000000231161373277661100326550ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 a1 ef 12 cf c0 |................| 00000010 c2 32 71 56 71 e0 e9 24 ae 63 20 58 0f c0 39 b3 |.2qVq..$.c X..9.| 00000020 74 89 9d 9c 00 96 e5 78 9c 0a 84 00 00 04 00 2f |t......x......./| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 23 0d |.`.\!.;.......#.| 000002a0 00 00 1f 02 01 40 00 18 08 04 04 03 08 07 08 05 |.....@..........| 000002b0 08 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 |................| 000002c0 00 00 16 03 03 00 04 0e 00 00 00 |...........| >>> Flow 3 (client to server) 00000000 16 03 03 01 fd 0b 00 01 f9 00 01 f6 00 01 f3 30 |...............0| 00000010 82 01 ef 30 82 01 58 a0 03 02 01 02 02 10 5c 19 |...0..X.......\.| 00000020 c1 89 65 83 55 6f dc 0b c9 b9 93 9f e9 bc 30 0d |..e.Uo........0.| 00000030 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 12 31 |..*.H........0.1| 00000040 10 30 0e 06 03 55 04 0a 13 07 41 63 6d 65 20 43 |.0...U....Acme C| 00000050 6f 30 1e 17 0d 31 36 30 38 31 37 32 31 35 32 33 |o0...16081721523| 00000060 31 5a 17 0d 31 37 30 38 31 37 32 31 35 32 33 31 |1Z..170817215231| 00000070 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 |Z0.1.0...U....Ac| 00000080 6d 65 20 43 6f 30 81 9f 30 0d 06 09 2a 86 48 86 |me Co0..0...*.H.| 00000090 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 |...........0....| 000000a0 81 00 ba 6f aa 86 bd cf bf 9f f2 ef 5c 94 60 78 |...o........\.`x| 000000b0 6f e8 13 f2 d1 96 6f cd d9 32 6e 22 37 ce 41 f9 |o.....o..2n"7.A.| 000000c0 ca 5d 29 ac e1 27 da 61 a2 ee 81 cb 10 c7 df 34 |.])..'.a.......4| 000000d0 58 95 86 e9 3d 19 e6 5c 27 73 60 c8 8d 78 02 f4 |X...=..\'s`..x..| 000000e0 1d a4 98 09 a3 19 70 69 3c 25 62 66 2a ab 22 23 |......pi<%bf*."#| 000000f0 c5 7b 85 38 4f 2e 09 73 32 a7 bd 3e 9b ad ca 84 |.{.8O..s2..>....| 00000100 07 e6 0f 3a ff 77 c5 9d 41 85 00 8a b6 9b ee b0 |...:.w..A.......| 00000110 a4 3f 2d 4c 4c e6 42 3e bb 51 c8 dd 48 54 f4 0c |.?-LL.B>.Q..HT..| 00000120 8e 47 02 03 01 00 01 a3 46 30 44 30 0e 06 03 55 |.G......F0D0...U| 00000130 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 |...........0...U| 00000140 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 00000150 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00 30 0f |0...U.......0.0.| 00000160 06 03 55 1d 11 04 08 30 06 87 04 7f 00 00 01 30 |..U....0.......0| 00000170 0d 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 81 |...*.H..........| 00000180 81 00 46 ab 44 a2 fb 28 54 f8 5a 67 f8 62 94 f1 |..F.D..(T.Zg.b..| 00000190 9a b2 18 9e f2 b1 de 1d 7e 6f 76 95 a9 ba e7 5d |........~ov....]| 000001a0 a8 16 6c 9c f7 09 d3 37 e4 4b 2b 36 7c 01 ad 41 |..l....7.K+6|..A| 000001b0 d2 32 d8 c3 d2 93 f9 10 6b 8e 95 b9 2c 17 8a a3 |.2......k...,...| 000001c0 44 48 bc 59 13 83 16 04 88 a4 81 5c 25 0d 98 0c |DH.Y.......\%...| 000001d0 ac 11 b1 28 56 be 1d cd 61 62 84 09 bf d6 80 c6 |...(V...ab......| 000001e0 45 8d 82 2c b4 d8 83 9b db c9 22 b7 2a 12 11 7b |E..,......".*..{| 000001f0 fa 02 3b c1 c9 ff ea c9 9d a8 49 d3 95 d7 d5 0e |..;.......I.....| 00000200 e5 35 16 03 03 00 86 10 00 00 82 00 80 64 8b 67 |.5...........d.g| 00000210 fe b0 0e a0 a6 2b 95 2b 35 24 91 d0 29 6e 0a 3b |.....+.+5$..)n.;| 00000220 bc 32 5f 28 30 a9 6e f3 b8 4a 1d 7c 11 7c c5 03 |.2_(0.n..J.|.|..| 00000230 70 51 99 8f f5 2e 91 78 b9 65 23 3c 3a 7f a7 63 |pQ.....x.e#<:..c| 00000240 1f ad 30 3c 91 b1 d8 79 76 b4 94 a7 76 26 20 c7 |..0<...yv...v& .| 00000250 f1 93 17 13 8a 25 6e 9e 84 9e e5 21 b8 87 46 8d |.....%n....!..F.| 00000260 46 37 7f ef 25 e2 8f 6e 52 58 cc a9 5c 40 ee 5e |F7..%..nRX..\@.^| 00000270 f8 25 04 e9 e1 1e 33 31 ea 9e bd 79 e8 d8 f8 0b |.%....31...y....| 00000280 a5 5d 63 79 1f 83 bc df 14 c9 92 a6 82 16 03 03 |.]cy............| 00000290 00 88 0f 00 00 84 04 01 00 80 06 8a 73 2b 2d 45 |............s+-E| 000002a0 09 3c cf 66 d9 ef d0 44 d0 89 07 03 67 56 b5 c9 |.<.f...D....gV..| 000002b0 de 89 49 32 6e 44 b0 01 db 10 8b 1a 68 5c 2e 0b |..I2nD......h\..| 000002c0 38 e7 75 60 0b 68 96 2e 3b ba bd a8 ce 1e ee 3d |8.u`.h..;......=| 000002d0 e6 a4 c4 3a 5c d0 14 3b 64 52 56 ef 5b 74 45 3c |...:\..;dRV.[tE<| 000002e0 2b eb f6 0b 6c 15 37 5c c3 d3 6d 4c 32 ea 3d 40 |+...l.7\..mL2.=@| 000002f0 7b 60 35 16 44 a4 3c 4a 2e 85 d9 a2 a5 a6 79 11 |{`5.D.>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 1a 60 c5 8b a5 |............`...| 00000020 6d be c2 a0 c7 23 e6 f8 e8 fb e7 31 7c 7f 37 67 |m....#.....1|.7g| 00000030 7c 1e 39 2b ea cd 26 47 5c 7f 19 ad 78 be 11 3d ||.9+..&G\...x..=| 00000040 98 f5 c8 97 22 1d 23 45 55 2b 25 17 03 03 00 40 |....".#EU+%....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 e0 a5 72 92 b6 6c ee e8 2d 7f cf d9 df 2d 4f 70 |..r..l..-....-Op| 00000070 18 8a c3 9c 10 89 0f 11 df 83 d7 4c 35 ea 4e 19 |...........L5.N.| 00000080 7f ab 8b f0 0e de 32 6e 86 d1 e9 78 90 f6 3b e7 |......2n...x..;.| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 db 5e ed de c0 26 10 13 a8 18 46 |......^...&....F| 000000b0 70 3e a4 bd b7 df a1 bd 86 06 c6 97 ae cb ca f6 |p>..............| 000000c0 8d 0f 85 82 f7 |.....| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ClientAuthRequestedNotGiven000066400000000000000000000147631373277661100316250ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 07 72 d5 84 85 |............r...| 00000010 48 68 f6 83 2f 1d 22 96 61 9d 27 60 b9 70 d2 5f |Hh../.".a.'`.p._| 00000020 5e 9e 41 cb 82 9b 61 c6 ae af a7 00 00 04 00 2f |^.A...a......../| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 23 0d |.`.\!.;.......#.| 000002a0 00 00 1f 02 01 40 00 18 08 04 04 03 08 07 08 05 |.....@..........| 000002b0 08 06 04 01 05 01 06 01 05 03 06 03 02 01 02 03 |................| 000002c0 00 00 16 03 03 00 04 0e 00 00 00 |...........| >>> Flow 3 (client to server) 00000000 16 03 03 00 07 0b 00 00 03 00 00 00 16 03 03 00 |................| 00000010 86 10 00 00 82 00 80 60 6d 7c a2 1e 90 d3 14 55 |.......`m|.....U| 00000020 2b 65 e6 14 10 59 51 ba f0 55 89 1d f6 d2 6e 85 |+e...YQ..U....n.| 00000030 58 16 fc 45 a2 88 ae 24 b6 77 c0 f4 9e 6f de 76 |X..E...$.w...o.v| 00000040 d4 9c 06 a3 6c 4f 54 da e5 41 e4 f8 fd 2d ca c6 |....lOT..A...-..| 00000050 c4 7f 5a d4 c5 7b 3e 04 30 3e 64 b1 f5 c2 24 8f |..Z..{>.0>d...$.| 00000060 49 98 2c f7 29 89 06 7e 5e 8f 9e 8e 6c fc 4c 08 |I.,.)..~^...l.L.| 00000070 3e 05 f9 90 86 d9 38 b8 04 ff 7e a1 c2 a5 38 66 |>.....8...~...8f| 00000080 41 63 7a 8e d2 7b 27 22 0e a1 0c 17 1e d7 9f 29 |Acz..{'".......)| 00000090 5c fa fe 2d 11 b3 4a 14 03 03 00 01 01 16 03 03 |\..-..J.........| 000000a0 00 40 e3 e5 62 d6 c9 93 bd 91 a4 60 2e 2d 9d 0b |.@..b......`.-..| 000000b0 ce 75 2a e9 19 ed 36 03 ff 97 ee b7 b9 61 04 1b |.u*...6......a..| 000000c0 a9 a3 4c 8a a0 c9 40 c4 92 55 bb ed 17 1f 38 c4 |..L...@..U....8.| 000000d0 45 46 1f d6 53 b7 3b 6b 09 b6 d7 f1 a4 0e 25 21 |EF..S.;k......%!| 000000e0 10 21 |.!| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 17 ce 12 8e 1a |................| 00000020 1f c2 d2 9c c9 28 c0 89 cb fa 8c 48 28 a2 d2 93 |.....(.....H(...| 00000030 a6 aa 43 35 5f 29 ab e2 c6 f9 70 f6 8f d9 da af |..C5_)....p.....| 00000040 da 2a 02 24 9c 74 57 3d a2 0f 6d 17 03 03 00 40 |.*.$.tW=..m....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 58 99 9f 9b 65 fd 53 7e 4a 82 47 99 d7 16 b7 4f |X...e.S~J.G....O| 00000070 84 7d 49 c0 af 42 84 54 e1 31 dc 01 00 de 8c 08 |.}I..B.T.1......| 00000080 a3 ee 9b 32 b4 f0 30 d1 ae 8e f5 5d 11 ad eb fb |...2..0....]....| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 94 b8 23 55 00 7e 3a ba 67 86 03 |.......#U.~:.g..| 000000b0 e6 19 11 4a 7d 58 69 6f 79 bb be 6d ba a7 9f a2 |...J}Xioy..m....| 000000c0 1a 30 b7 83 2e |.0...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ECDHE-ECDSA-AES000066400000000000000000000145211373277661100262540ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 86 3b 10 1e 5f |............;.._| 00000010 81 eb 21 bd 77 47 61 e9 3f 82 85 14 91 8c ab 7d |..!.wGa.?......}| 00000020 84 bd b1 f0 06 20 8a 7b 06 d6 78 00 00 04 c0 0a |..... .{..x.....| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 0a 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 0e 0b 00 02 0a 00 02 07 00 02 04 30 82 02 00 30 |...........0...0| 00000050 82 01 62 02 09 00 b8 bf 2d 47 a0 d2 eb f4 30 09 |..b.....-G....0.| 00000060 06 07 2a 86 48 ce 3d 04 01 30 45 31 0b 30 09 06 |..*.H.=..0E1.0..| 00000070 03 55 04 06 13 02 41 55 31 13 30 11 06 03 55 04 |.U....AU1.0...U.| 00000080 08 13 0a 53 6f 6d 65 2d 53 74 61 74 65 31 21 30 |...Some-State1!0| 00000090 1f 06 03 55 04 0a 13 18 49 6e 74 65 72 6e 65 74 |...U....Internet| 000000a0 20 57 69 64 67 69 74 73 20 50 74 79 20 4c 74 64 | Widgits Pty Ltd| 000000b0 30 1e 17 0d 31 32 31 31 32 32 31 35 30 36 33 32 |0...121122150632| 000000c0 5a 17 0d 32 32 31 31 32 30 31 35 30 36 33 32 5a |Z..221120150632Z| 000000d0 30 45 31 0b 30 09 06 03 55 04 06 13 02 41 55 31 |0E1.0...U....AU1| 000000e0 13 30 11 06 03 55 04 08 13 0a 53 6f 6d 65 2d 53 |.0...U....Some-S| 000000f0 74 61 74 65 31 21 30 1f 06 03 55 04 0a 13 18 49 |tate1!0...U....I| 00000100 6e 74 65 72 6e 65 74 20 57 69 64 67 69 74 73 20 |nternet Widgits | 00000110 50 74 79 20 4c 74 64 30 81 9b 30 10 06 07 2a 86 |Pty Ltd0..0...*.| 00000120 48 ce 3d 02 01 06 05 2b 81 04 00 23 03 81 86 00 |H.=....+...#....| 00000130 04 00 c4 a1 ed be 98 f9 0b 48 73 36 7e c3 16 56 |.........Hs6~..V| 00000140 11 22 f2 3d 53 c3 3b 4d 21 3d cd 6b 75 e6 f6 b0 |.".=S.;M!=.ku...| 00000150 dc 9a df 26 c1 bc b2 87 f0 72 32 7c b3 64 2f 1c |...&.....r2|.d/.| 00000160 90 bc ea 68 23 10 7e fe e3 25 c0 48 3a 69 e0 28 |...h#.~..%.H:i.(| 00000170 6d d3 37 00 ef 04 62 dd 0d a0 9c 70 62 83 d8 81 |m.7...b....pb...| 00000180 d3 64 31 aa 9e 97 31 bd 96 b0 68 c0 9b 23 de 76 |.d1...1...h..#.v| 00000190 64 3f 1a 5c 7f e9 12 0e 58 58 b6 5f 70 dd 9b d8 |d?.\....XX._p...| 000001a0 ea d5 d7 f5 d5 cc b9 b6 9f 30 66 5b 66 9a 20 e2 |.........0f[f. .| 000001b0 27 e5 bf fe 3b 30 09 06 07 2a 86 48 ce 3d 04 01 |'...;0...*.H.=..| 000001c0 03 81 8c 00 30 81 88 02 42 01 88 a2 4f eb e2 45 |....0...B...O..E| 000001d0 c5 48 7d 1b ac f5 ed 98 9d ae 47 70 c0 5e 1b b6 |.H}.......Gp.^..| 000001e0 2f bd f1 b6 4d b7 61 40 d3 11 a2 ce ee 0b 7e 92 |/...M.a@......~.| 000001f0 7e ff 76 9d c3 3b 7e a5 3f ce fa 10 e2 59 ec 47 |~.v..;~.?....Y.G| 00000200 2d 7c ac da 4e 97 0e 15 a0 6f d0 02 42 01 4d fc |-|..N....o..B.M.| 00000210 be 67 13 9c 2d 05 0e bd 3f a3 8c 25 c1 33 13 83 |.g..-...?..%.3..| 00000220 0d 94 06 bb d4 37 7a f6 ec 7a c9 86 2e dd d7 11 |.....7z..z......| 00000230 69 7f 85 7c 56 de fb 31 78 2b e4 c7 78 0d ae cb |i..|V..1x+..x...| 00000240 be 9e 4e 36 24 31 7b 6a 0f 39 95 12 07 8f 2a 16 |..N6$1{j.9....*.| 00000250 03 03 00 b7 0c 00 00 b3 03 00 1d 20 2f e5 7d a3 |........... /.}.| 00000260 47 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 |G.bC.(.._.).0...| 00000270 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 04 03 00 8b |......._X.;t....| 00000280 30 81 88 02 42 01 c5 d1 36 97 5b 0e 5e a6 90 50 |0...B...6.[.^..P| 00000290 a0 2e 80 b5 df d7 5a f6 95 0d a4 c6 f0 da 2e e7 |......Z.........| 000002a0 91 79 9f 85 2e ef ca 66 3c f7 c4 7b bd 61 70 bb |.y.....f<..{.ap.| 000002b0 16 c5 aa 00 35 33 ae 58 00 b3 f1 fe 0f 77 52 23 |....53.X.....wR#| 000002c0 f4 40 ba 4b c7 e5 43 02 42 01 64 af ab 8a 87 38 |.@.K..C.B.d....8| 000002d0 a1 7f b8 ae 84 0e a4 ff ad 16 09 44 0b 65 67 70 |...........D.egp| 000002e0 12 7f 1a 37 9a 1d 5e b7 3b 63 df f9 6b f1 b9 ba |...7..^.;c..k...| 000002f0 6b 35 8f b3 03 da 3d 61 00 3d 4e 75 b4 d0 92 d5 |k5....=a.=Nu....| 00000300 ee 50 9d d7 f9 26 69 e6 ec cf 3b 16 03 03 00 04 |.P...&i...;.....| 00000310 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 54 db 5b a1 4c e0 |....%...! T.[.L.| 00000010 0e 52 a2 45 e3 b4 ac 91 3d e1 de a9 3e eb 80 9e |.R.E....=...>...| 00000020 f5 04 7b fc 82 10 2f d9 d1 41 14 03 03 00 01 01 |..{.../..A......| 00000030 16 03 03 00 40 47 68 cc 5e 68 3f 05 d6 f8 5c 11 |....@Gh.^h?...\.| 00000040 08 a3 91 72 ae 4c 98 67 2f 45 ee 16 6b 8b 2d 28 |...r.L.g/E..k.-(| 00000050 15 34 43 47 f9 46 f2 96 c2 85 d5 cc 03 e0 84 de |.4CG.F..........| 00000060 9c 03 fe bf c9 73 23 15 d0 0f 85 3a 76 db 9f 5d |.....s#....:v..]| 00000070 95 b7 de 9c c2 |.....| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 98 34 52 f3 44 |............4R.D| 00000020 18 69 23 61 ef 8f e9 c0 88 9c ad 1f cb e4 8d 55 |.i#a...........U| 00000030 bd bb 77 9c 65 9d 21 f0 54 4c 46 db 4f e6 e8 ab |..w.e.!.TLF.O...| 00000040 6b 1d 60 38 7f e0 2c 38 ef e7 43 17 03 03 00 40 |k.`8..,8..C....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 44 68 90 07 1e 8c 7f db 3e 3f 8c 28 e1 d7 41 38 |Dh......>?.(..A8| 00000070 e2 78 04 e3 42 c2 a9 76 bb 0a ae b9 93 df 81 d7 |.x..B..v........| 00000080 9b 0f 1d 44 19 79 ff 7c 21 8f 75 ca e2 82 cc c4 |...D.y.|!.u.....| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 82 1f e6 2c 3f c7 55 19 01 0b 62 |........,?.U...b| 000000b0 1a 99 fc f8 d3 b0 38 21 41 92 1a d1 e0 43 96 da |......8!A....C..| 000000c0 80 4b 58 91 c8 |.KX..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-Ed25519000066400000000000000000000112351373277661100251560ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 cb 01 00 00 c7 03 03 b8 0c b4 c2 92 |................| 00000010 d9 b6 77 56 d9 9f 2b 94 c9 2f c8 28 4f bf 69 bc |..wV..+../.(O.i.| 00000020 8f 4c 81 46 a6 43 4b e7 e5 70 b2 00 00 38 c0 2c |.L.F.CK..p...8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 66 00 00 00 0e 00 0c |.5./.....f......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 |...............0| 000000a0 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................| 000000b0 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................| 000000c0 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 2c 00 00 |...DOWNGRD...,..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 01 |................| 00000040 3c 0b 00 01 38 00 01 35 00 01 32 30 82 01 2e 30 |<...8..5..20...0| 00000050 81 e1 a0 03 02 01 02 02 10 0f 43 1c 42 57 93 94 |..........C.BW..| 00000060 1d e9 87 e4 f1 ad 15 00 5d 30 05 06 03 2b 65 70 |........]0...+ep| 00000070 30 12 31 10 30 0e 06 03 55 04 0a 13 07 41 63 6d |0.1.0...U....Acm| 00000080 65 20 43 6f 30 1e 17 0d 31 39 30 35 31 36 32 31 |e Co0...19051621| 00000090 33 38 30 31 5a 17 0d 32 30 30 35 31 35 32 31 33 |3801Z..200515213| 000000a0 38 30 31 5a 30 12 31 10 30 0e 06 03 55 04 0a 13 |801Z0.1.0...U...| 000000b0 07 41 63 6d 65 20 43 6f 30 2a 30 05 06 03 2b 65 |.Acme Co0*0...+e| 000000c0 70 03 21 00 3f e2 15 2e e6 e3 ef 3f 4e 85 4a 75 |p.!.?......?N.Ju| 000000d0 77 a3 64 9e ed e0 bf 84 2c cc 92 26 8f fa 6f 34 |w.d.....,..&..o4| 000000e0 83 aa ec 8f a3 4d 30 4b 30 0e 06 03 55 1d 0f 01 |.....M0K0...U...| 000000f0 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 |........0...U.%.| 00000100 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0c 06 |.0...+.......0..| 00000110 03 55 1d 13 01 01 ff 04 02 30 00 30 16 06 03 55 |.U.......0.0...U| 00000120 1d 11 04 0f 30 0d 82 0b 65 78 61 6d 70 6c 65 2e |....0...example.| 00000130 63 6f 6d 30 05 06 03 2b 65 70 03 41 00 63 44 ed |com0...+ep.A.cD.| 00000140 9c c4 be 53 24 53 9f d2 10 8d 9f e8 21 08 90 95 |...S$S......!...| 00000150 39 e5 0d c1 55 ff 2c 16 b7 1d fc ab 7d 4d d4 e0 |9...U.,.....}M..| 00000160 93 13 d0 a9 42 e0 b6 6b fe 5d 67 48 d7 9f 50 bc |....B..k.]gH..P.| 00000170 6c cd 4b 03 83 7c f2 08 58 cd ac cf 0c 16 03 03 |l.K..|..X.......| 00000180 00 6c 0c 00 00 68 03 00 1d 20 2f e5 7d a3 47 cd |.l...h... /.}.G.| 00000190 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af c4 |bC.(.._.).0.....| 000001a0 cf c2 ed 90 99 5f 58 cb 3b 74 08 07 00 40 b6 c5 |....._X.;t...@..| 000001b0 00 07 5f 16 0d c5 5a 13 26 8e 74 09 1a 16 7f d2 |.._...Z.&.t.....| 000001c0 4c 90 b5 ee 29 00 7b d6 d0 59 fe 79 1f f2 d9 66 |L...).{..Y.y...f| 000001d0 e2 5e 22 c9 27 b8 09 e5 f3 b6 c4 be 46 4a c2 a9 |.^".'.......FJ..| 000001e0 34 f8 ba ad b6 86 8d 47 58 00 55 d9 3c 03 16 03 |4......GX.U.<...| 000001f0 03 00 04 0e 00 00 00 |.......| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 6e 1a be aa e4 ca |....%...! n.....| 00000010 43 15 88 b6 fe f7 6c 69 26 1c 99 1c a9 01 75 e3 |C.....li&.....u.| 00000020 32 ef 37 85 6c 2e 15 6e 37 24 14 03 03 00 01 01 |2.7.l..n7$......| 00000030 16 03 03 00 28 e8 ca d2 ac 7b 38 5e 23 0a c0 62 |....(....{8^#..b| 00000040 05 c5 ec 9a 3b 99 48 6e 72 c0 30 b3 3c 69 a1 fd |....;.Hnr.0.>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 09 61 1e 91 05 79 fe d3 ea 62 2c 4e 62 |....a...y...b,Nb| 00000020 42 b4 68 20 ca 47 e3 a4 4f 33 ce ba 8c d7 ea 63 |B.h .G..O3.....c| 00000030 54 c7 8c 17 03 03 00 25 00 00 00 00 00 00 00 01 |T......%........| 00000040 fb 97 f4 60 38 95 26 f2 69 ea c7 91 99 08 73 7a |...`8.&.i.....sz| 00000050 ca 96 97 6f 9f a6 be c2 ca 1d f1 2e 08 15 03 03 |...o............| 00000060 00 1a 00 00 00 00 00 00 00 02 b4 06 50 09 ec 73 |............P..s| 00000070 06 83 b4 fa bb 40 21 7f 4c d9 61 8a |.....@!.L.a.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ExportKeyingMaterial000066400000000000000000000161511373277661100303310ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 cf 01 00 00 cb 03 03 62 4c 73 03 fd |...........bLs..| 00000010 24 98 d0 f6 41 49 83 94 04 c8 17 51 3e 18 5d 6d |$...AI.....Q>.]m| 00000020 8a b8 52 c0 cf 0b 60 1e 02 53 d2 00 00 38 c0 2c |..R...`..S...8.,| 00000030 c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 9e |.0.........+./..| 00000040 c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 14 |.$.(.k.#.'.g....| 00000050 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 3c |.9.....3.....=.<| 00000060 00 35 00 2f 00 ff 01 00 00 6a 00 00 00 0e 00 0c |.5./.....j......| 00000070 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000080 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000090 00 19 00 18 00 23 00 00 00 16 00 00 00 17 00 00 |.....#..........| 000000a0 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 |...0............| 000000b0 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 |................| 000000c0 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 |................| 000000d0 05 02 06 02 |....| >>> Flow 2 (server to client) 00000000 16 03 03 00 3b 02 00 00 37 03 03 00 00 00 00 00 |....;...7.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 0f 00 23 00 00 ff 01 00 01 00 00 0b 00 02 01 00 |..#.............| 00000040 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 |....Y...U..R..O0| 00000050 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 |..K0............| 00000060 f0 9d 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 |..?.[..0...*.H..| 00000070 0d 01 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 |......0.1.0...U.| 00000080 0a 13 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 |...Go1.0...U....| 00000090 47 6f 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 |Go Root0...16010| 000000a0 31 30 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 |1000000Z..250101| 000000b0 30 30 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 |000000Z0.1.0...U| 000000c0 04 0a 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 |....Go1.0...U...| 000000d0 02 47 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d |.Go0..0...*.H...| 000000e0 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 |.........0......| 000000f0 db 46 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 |.F}...'.H..(!.~.| 00000100 b6 a2 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 |..]..RE.z6G....B| 00000110 5b c2 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 |[.....y.@.Om..+.| 00000120 8b c2 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 |....g....."8.J.t| 00000130 73 2b c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c |s+.4......t{.X.l| 00000140 61 3c c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd |a<..A..++$#w[.;.| 00000150 75 5d ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a |u]. T..c...$....| 00000160 50 8b aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 |P....C...ub...R.| 00000170 02 03 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 |........0..0...U| 00000180 1d 0f 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 |...........0...U| 00000190 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 000001a0 06 08 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d |..+.......0...U.| 000001b0 13 01 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 |......0.0...U...| 000001c0 12 04 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 |.......CC>I..m..| 000001d0 d7 9f 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 |..`0...U.#..0...| 000001e0 48 13 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b |H.IM.~.1......n{| 000001f0 30 19 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 |0...U....0...exa| 00000200 6d 70 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a |mple.golang0...*| 00000210 86 48 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 |.H.............0| 00000220 cc 40 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 |.@+[P.a...SX...(| 00000230 a9 58 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 |.X..8....1Z..f=C| 00000240 d3 2d d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc |.-...... d8.$:..| 00000250 cf 9c 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd |..}.@ ._...a..v.| 00000260 13 c3 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb |.....\.....l..s.| 00000270 b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 |.Cw.......@.a.Lr| 00000280 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 |+...F..M...>...B| 00000290 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 |...=.`.\!.;.....| 000002a0 03 00 ac 0c 00 00 a8 03 00 1d 20 2f e5 7d a3 47 |.......... /.}.G| 000002b0 cd 62 43 15 28 da ac 5f bb 29 07 30 ff f6 84 af |.bC.(.._.).0....| 000002c0 c4 cf c2 ed 90 99 5f 58 cb 3b 74 08 04 00 80 2d |......_X.;t....-| 000002d0 54 87 fa c9 e5 97 ad a0 6d 54 89 b1 37 24 af df |T.......mT..7$..| 000002e0 0f 3e ef 34 f7 6a 5f 1b 06 a5 b9 b4 6d 46 7f b1 |.>.4.j_.....mF..| 000002f0 ab e4 5c dd c1 3f 98 93 61 e5 81 8a 6c 3d 2f b3 |..\..?..a...l=/.| 00000300 3c 59 b9 78 45 ba bd 02 b1 a0 72 cb c3 59 b1 55 |>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 37 47 1b 8d ef 6c |....%...! 7G...l| 00000010 dc 59 b2 a5 a2 f6 8e 1b f6 1b ab da ec 9c a7 ff |.Y..............| 00000020 4a f9 0e 9b 02 b0 8f bc a1 55 14 03 03 00 01 01 |J........U......| 00000030 16 03 03 00 28 a2 53 52 8b df 86 63 d9 f8 a8 7e |....(.SR...c...~| 00000040 f5 b4 19 1a 5d 02 9a 48 94 68 6d a2 90 13 93 42 |....]..H.hm....B| 00000050 87 52 92 50 7c 45 91 b9 91 49 83 66 a6 |.R.P|E...I.f.| >>> Flow 4 (server to client) 00000000 16 03 03 00 82 04 00 00 7e 00 00 00 00 00 78 50 |........~.....xP| 00000010 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000030 6f ec 80 83 61 a2 90 f4 4c 03 c8 09 b9 a6 c6 6f |o...a...L......o| 00000040 c7 52 57 3f 3f 92 71 f3 f8 02 43 69 19 f0 bf 78 |.RW??.q...Ci...x| 00000050 6a 00 cc 0a 96 6f 80 5d 62 42 9b 6b 7c 00 e0 26 |j....o.]bB.k|..&| 00000060 90 ef d9 26 f1 33 94 6e 13 9a ec be 91 00 1e 64 |...&.3.n.......d| 00000070 eb 12 ae b9 74 f9 85 d1 b7 91 bd e1 e2 da ac b0 |....t...........| 00000080 71 ca 1b 65 1a e7 83 14 03 03 00 01 01 16 03 03 |q..e............| 00000090 00 28 00 00 00 00 00 00 00 00 fa e4 1b 3b 28 9b |.(...........;(.| 000000a0 f8 28 d7 26 d7 6a 67 33 1f 4a 39 d9 ac 59 6f fc |.(.&.jg3.J9..Yo.| 000000b0 2b 84 6c b9 73 70 9b 30 8c d0 17 03 03 00 25 00 |+.l.sp.0......%.| 000000c0 00 00 00 00 00 00 01 0c 6e 13 cf 3d 10 65 2f e5 |........n..=.e/.| 000000d0 4f fd f9 b6 34 11 c2 05 60 d5 16 66 68 65 29 fa |O...4...`..fhe).| 000000e0 e6 97 e4 dc 15 03 03 00 1a 00 00 00 00 00 00 00 |................| 000000f0 02 58 9a 0d 41 6f 0f 72 c7 43 16 46 83 dd 26 5f |.X..Ao.r.C.F..&_| 00000100 3a ee 1a |:..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-IssueTicket000066400000000000000000000156111373277661100264560ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 9b 01 00 00 97 03 03 22 89 61 60 36 |...........".a`6| 00000010 06 c6 00 3f af 09 28 13 d8 7e ae 18 55 40 4a 4e |...?..(..~..U@JN| 00000020 40 13 e2 f8 43 5f be e5 f6 51 04 00 00 04 00 2f |@...C_...Q...../| 00000030 00 ff 01 00 00 6a 00 00 00 0e 00 0c 00 00 09 31 |.....j.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 23 00 00 00 16 00 00 00 17 00 00 00 0d 00 30 |.#.............0| 00000070 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................| 00000080 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................| 00000090 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................| >>> Flow 2 (server to client) 00000000 16 03 03 00 3b 02 00 00 37 03 03 00 00 00 00 00 |....;...7.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0f 00 23 00 00 ff 01 00 01 00 00 0b 00 02 01 00 |..#.............| 00000040 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 |....Y...U..R..O0| 00000050 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 |..K0............| 00000060 f0 9d 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 |..?.[..0...*.H..| 00000070 0d 01 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 |......0.1.0...U.| 00000080 0a 13 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 |...Go1.0...U....| 00000090 47 6f 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 |Go Root0...16010| 000000a0 31 30 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 |1000000Z..250101| 000000b0 30 30 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 |000000Z0.1.0...U| 000000c0 04 0a 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 |....Go1.0...U...| 000000d0 02 47 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d |.Go0..0...*.H...| 000000e0 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 |.........0......| 000000f0 db 46 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 |.F}...'.H..(!.~.| 00000100 b6 a2 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 |..]..RE.z6G....B| 00000110 5b c2 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 |[.....y.@.Om..+.| 00000120 8b c2 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 |....g....."8.J.t| 00000130 73 2b c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c |s+.4......t{.X.l| 00000140 61 3c c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd |a<..A..++$#w[.;.| 00000150 75 5d ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a |u]. T..c...$....| 00000160 50 8b aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 |P....C...ub...R.| 00000170 02 03 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 |........0..0...U| 00000180 1d 0f 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 |...........0...U| 00000190 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 000001a0 06 08 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d |..+.......0...U.| 000001b0 13 01 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 |......0.0...U...| 000001c0 12 04 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 |.......CC>I..m..| 000001d0 d7 9f 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 |..`0...U.#..0...| 000001e0 48 13 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b |H.IM.~.1......n{| 000001f0 30 19 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 |0...U....0...exa| 00000200 6d 70 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a |mple.golang0...*| 00000210 86 48 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 |.H.............0| 00000220 cc 40 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 |.@+[P.a...SX...(| 00000230 a9 58 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 |.X..8....1Z..f=C| 00000240 d3 2d d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc |.-...... d8.$:..| 00000250 cf 9c 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd |..}.@ ._...a..v.| 00000260 13 c3 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb |.....\.....l..s.| 00000270 b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 |.Cw.......@.a.Lr| 00000280 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 |+...F..M...>...B| 00000290 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 |...=.`.\!.;.....| 000002a0 03 00 04 0e 00 00 00 |.......| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 d0 71 60 6a 92 |............q`j.| 00000010 9b 01 87 1b d3 7d 28 a8 50 aa b9 c3 0e a3 b0 2d |.....}(.P......-| 00000020 2f 29 1d f1 42 39 6f 65 bb 1a 0e bc 82 43 e9 c6 |/)..B9oe.....C..| 00000030 c6 cc df 4e c6 f2 2b 85 26 cb 63 12 f7 a1 84 a1 |...N..+.&.c.....| 00000040 25 8b 8f 02 f2 c1 fe 09 79 89 ba da b7 b1 32 4c |%.......y.....2L| 00000050 56 4e d6 02 14 1a ed 03 87 ad d1 3e f1 5d 41 c5 |VN.........>.]A.| 00000060 c0 fe 8e ce 6c c2 ce 2e 4a f6 4f a0 f9 d7 a9 2d |....l...J.O....-| 00000070 22 62 78 5a a6 cb bb 62 98 20 fe f6 3d d3 b6 f8 |"bxZ...b. ..=...| 00000080 7f 1a 5a e5 59 32 93 bd f0 82 e5 14 03 03 00 01 |..Z.Y2..........| 00000090 01 16 03 03 00 40 96 3c c7 3f 87 d7 2e fb fb 2f |.....@.<.?...../| 000000a0 a0 0f 60 fc a9 9c 27 c2 0d e0 a6 f9 76 8c 94 59 |..`...'.....v..Y| 000000b0 02 ae 5c a3 b2 20 6f c7 a5 a3 ad 98 87 cf 29 02 |..\.. o.......).| 000000c0 87 ce db 09 ee b7 eb f4 81 59 37 13 15 5b 91 fe |.........Y7..[..| 000000d0 e7 b3 6f 69 fd d2 |..oi..| >>> Flow 4 (server to client) 00000000 16 03 03 00 82 04 00 00 7e 00 00 00 00 00 78 50 |........~.....xP| 00000010 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000030 6f 2c 9f 83 61 5c 5f 43 13 c2 76 91 3a c1 1a 8c |o,..a\_C..v.:...| 00000040 51 00 5c a0 93 a9 06 e2 0c b0 65 e3 8c 0d 4b 7b |Q.\.......e...K{| 00000050 7e 52 32 b8 3c b3 76 c5 bf 95 4d 29 71 50 81 e3 |~R2.<.v...M)qP..| 00000060 2b 6f 4a 32 dc 33 94 15 c5 fe 38 b4 0a fc 03 38 |+oJ2.3....8....8| 00000070 90 32 db c0 7f 99 62 a9 89 15 d0 f6 79 64 79 38 |.2....b.....ydy8| 00000080 b0 e2 19 07 82 82 0a 14 03 03 00 01 01 16 03 03 |................| 00000090 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.@..............| 000000a0 00 00 69 6f c8 63 ce 7b d5 82 6e f8 5f 59 ab ad |..io.c.{..n._Y..| 000000b0 55 0c 76 8b 11 56 77 ea 33 20 fd 0b 33 9d 72 12 |U.v..Vw.3 ..3.r.| 000000c0 85 fe 99 38 2a 70 49 fe 27 35 9d 43 5b 32 2b 77 |...8*pI.'5.C[2+w| 000000d0 31 66 17 03 03 00 40 00 00 00 00 00 00 00 00 00 |1f....@.........| 000000e0 00 00 00 00 00 00 00 05 36 d1 49 58 00 4d 5c bc |........6.IX.M\.| 000000f0 a8 c4 be 76 5d f7 cc 88 c7 5a 44 8c f6 d0 30 e6 |...v]....ZD...0.| 00000100 87 03 84 77 60 6c 47 70 2a 80 51 38 a8 8a fb 9f |...w`lGp*.Q8....| 00000110 31 45 f0 ab c9 e5 94 15 03 03 00 30 00 00 00 00 |1E.........0....| 00000120 00 00 00 00 00 00 00 00 00 00 00 00 19 f0 c7 ce |................| 00000130 92 87 25 dd 5b c3 68 3b dd ec 5c 26 c6 90 36 31 |..%.[.h;..\&..61| 00000140 a5 3c 9a 89 be 49 30 37 3b a5 5f 13 |.<...I07;._.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-IssueTicketPreDisable000066400000000000000000000156111373277661100304110ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 9b 01 00 00 97 03 03 55 4e 24 f5 fd |...........UN$..| 00000010 2b 70 d1 b4 9c fd eb 53 1d 2f 7e f7 59 fe 20 c6 |+p.....S./~.Y. .| 00000020 4f 47 72 0f 7a 01 71 48 8a 21 9a 00 00 04 00 2f |OGr.z.qH.!...../| 00000030 00 ff 01 00 00 6a 00 00 00 0e 00 0c 00 00 09 31 |.....j.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 23 00 00 00 16 00 00 00 17 00 00 00 0d 00 30 |.#.............0| 00000070 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a |................| 00000080 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 |................| 00000090 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |................| >>> Flow 2 (server to client) 00000000 16 03 03 00 3b 02 00 00 37 03 03 00 00 00 00 00 |....;...7.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0f 00 23 00 00 ff 01 00 01 00 00 0b 00 02 01 00 |..#.............| 00000040 16 03 03 02 59 0b 00 02 55 00 02 52 00 02 4f 30 |....Y...U..R..O0| 00000050 82 02 4b 30 82 01 b4 a0 03 02 01 02 02 09 00 e8 |..K0............| 00000060 f0 9d 3f e2 5b ea a6 30 0d 06 09 2a 86 48 86 f7 |..?.[..0...*.H..| 00000070 0d 01 01 0b 05 00 30 1f 31 0b 30 09 06 03 55 04 |......0.1.0...U.| 00000080 0a 13 02 47 6f 31 10 30 0e 06 03 55 04 03 13 07 |...Go1.0...U....| 00000090 47 6f 20 52 6f 6f 74 30 1e 17 0d 31 36 30 31 30 |Go Root0...16010| 000000a0 31 30 30 30 30 30 30 5a 17 0d 32 35 30 31 30 31 |1000000Z..250101| 000000b0 30 30 30 30 30 30 5a 30 1a 31 0b 30 09 06 03 55 |000000Z0.1.0...U| 000000c0 04 0a 13 02 47 6f 31 0b 30 09 06 03 55 04 03 13 |....Go1.0...U...| 000000d0 02 47 6f 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d |.Go0..0...*.H...| 000000e0 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 |.........0......| 000000f0 db 46 7d 93 2e 12 27 06 48 bc 06 28 21 ab 7e c4 |.F}...'.H..(!.~.| 00000100 b6 a2 5d fe 1e 52 45 88 7a 36 47 a5 08 0d 92 42 |..]..RE.z6G....B| 00000110 5b c2 81 c0 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 |[.....y.@.Om..+.| 00000120 8b c2 a5 2e 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 |....g....."8.J.t| 00000130 73 2b c2 34 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c |s+.4......t{.X.l| 00000140 61 3c c0 b0 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd |a<..A..++$#w[.;.| 00000150 75 5d ce 20 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a |u]. T..c...$....| 00000160 50 8b aa b6 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 |P....C...ub...R.| 00000170 02 03 01 00 01 a3 81 93 30 81 90 30 0e 06 03 55 |........0..0...U| 00000180 1d 0f 01 01 ff 04 04 03 02 05 a0 30 1d 06 03 55 |...........0...U| 00000190 1d 25 04 16 30 14 06 08 2b 06 01 05 05 07 03 01 |.%..0...+.......| 000001a0 06 08 2b 06 01 05 05 07 03 02 30 0c 06 03 55 1d |..+.......0...U.| 000001b0 13 01 01 ff 04 02 30 00 30 19 06 03 55 1d 0e 04 |......0.0...U...| 000001c0 12 04 10 9f 91 16 1f 43 43 3e 49 a6 de 6d b6 80 |.......CC>I..m..| 000001d0 d7 9f 60 30 1b 06 03 55 1d 23 04 14 30 12 80 10 |..`0...U.#..0...| 000001e0 48 13 49 4d 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b |H.IM.~.1......n{| 000001f0 30 19 06 03 55 1d 11 04 12 30 10 82 0e 65 78 61 |0...U....0...exa| 00000200 6d 70 6c 65 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a |mple.golang0...*| 00000210 86 48 86 f7 0d 01 01 0b 05 00 03 81 81 00 9d 30 |.H.............0| 00000220 cc 40 2b 5b 50 a0 61 cb ba e5 53 58 e1 ed 83 28 |.@+[P.a...SX...(| 00000230 a9 58 1a a9 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 |.X..8....1Z..f=C| 00000240 d3 2d d9 0b f2 97 df d3 20 64 38 92 24 3a 00 bc |.-...... d8.$:..| 00000250 cf 9c 7d b7 40 20 01 5f aa d3 16 61 09 a2 76 fd |..}.@ ._...a..v.| 00000260 13 c3 cc e1 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb |.....\.....l..s.| 00000270 b3 43 77 8d 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 |.Cw.......@.a.Lr| 00000280 2b 9d ae db 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 |+...F..M...>...B| 00000290 d4 db fe 3d 13 60 84 5c 21 d3 3b e9 fa e7 16 03 |...=.`.\!.;.....| 000002a0 03 00 04 0e 00 00 00 |.......| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 29 31 85 e2 ce |...........)1...| 00000010 42 63 7f 16 3a 0b 67 19 64 da bb 7a bc fe c7 a9 |Bc..:.g.d..z....| 00000020 fb f1 d0 c1 7e 3d 2e 69 f8 97 43 7e 73 8a eb 9a |....~=.i..C~s...| 00000030 e4 f4 d0 e8 93 47 ec c1 89 a0 d3 93 65 47 1c 33 |.....G......eG.3| 00000040 75 af 90 07 bb 46 27 09 c6 0c 4f 43 10 87 c9 a6 |u....F'...OC....| 00000050 da 58 02 a7 61 4b 67 40 05 72 9b 07 aa 9b 04 18 |.X..aKg@.r......| 00000060 6a 35 d1 54 f8 fc 08 f5 9f 49 8d aa aa 4c 2c bf |j5.T.....I...L,.| 00000070 55 85 ed 6b ae 7e cd 77 a2 9b e3 a7 03 8d 9e d9 |U..k.~.w........| 00000080 12 12 ce 1c c4 ba 10 f3 d5 f4 c2 14 03 03 00 01 |................| 00000090 01 16 03 03 00 40 2c 57 5d 8b 73 4f 31 ed 16 e5 |.....@,W].sO1...| 000000a0 17 bd 08 a9 26 95 51 0d f6 0c 82 af f2 26 9e 5e |....&.Q......&.^| 000000b0 31 71 e5 7c dc 41 62 10 da d5 20 f1 dc 00 ea 25 |1q.|.Ab... ....%| 000000c0 5a 4b 15 e1 ba 46 c1 5f 64 a6 59 58 55 2a 01 41 |ZK...F._d.YXU*.A| 000000d0 3e 6b 22 b8 79 27 |>k".y'| >>> Flow 4 (server to client) 00000000 16 03 03 00 82 04 00 00 7e 00 00 00 00 00 78 50 |........~.....xP| 00000010 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000030 6f 2c 9f 83 61 31 33 93 70 cd 6a 19 a2 67 e8 7d |o,..a13.p.j..g.}| 00000040 cb a4 dc bb 80 d9 23 20 05 4d 53 1f b6 9f 48 01 |......# .MS...H.| 00000050 e4 84 75 10 25 f9 ed 98 bb 39 7e fc 8b 16 d8 bc |..u.%....9~.....| 00000060 c7 e9 88 e8 1c 33 94 10 13 6b d4 3d fa d7 73 b2 |.....3...k.=..s.| 00000070 d4 ea 89 58 ed 38 f8 f3 6a e0 5f 1e f7 49 ed f7 |...X.8..j._..I..| 00000080 5f 64 39 6b b5 6c fb 14 03 03 00 01 01 16 03 03 |_d9k.l..........| 00000090 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.@..............| 000000a0 00 00 fa f3 aa 48 54 5f 5b 88 69 fb 01 75 2a 90 |.....HT_[.i..u*.| 000000b0 49 46 7c 6a 3a aa 72 4e 35 db 8f 38 a3 4d 05 53 |IF|j:.rN5..8.M.S| 000000c0 38 93 63 ae 0d b9 e0 b4 81 2e ee 40 d5 2b 58 2a |8.c........@.+X*| 000000d0 18 9b 17 03 03 00 40 00 00 00 00 00 00 00 00 00 |......@.........| 000000e0 00 00 00 00 00 00 00 3c 84 3f 45 03 b0 60 ed 8f |.......<.?E..`..| 000000f0 d2 e5 10 98 03 1a 00 8a aa 19 d0 e9 03 fb 42 fc |..............B.| 00000100 cd 4d 13 3e 7d 39 0b 5f cf 2d b7 87 3a bf 43 d4 |.M.>}9._.-..:.C.| 00000110 ac 71 68 29 bf f8 ac 15 03 03 00 30 00 00 00 00 |.qh).......0....| 00000120 00 00 00 00 00 00 00 00 00 00 00 00 81 49 eb 3b |.............I.;| 00000130 28 e7 88 94 8b 6a cc 67 4d c4 03 66 80 af d7 c2 |(....j.gM..f....| 00000140 07 37 36 3b f0 a4 5d 16 2b 5f 5b 27 |.76;..].+_['| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-P256000066400000000000000000000146511373277661100246610ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 8f 01 00 00 8b 03 03 49 de 51 77 8e |...........I.Qw.| 00000010 58 03 e9 25 0b 9a 88 ef 35 2d 35 a8 30 29 22 61 |X..%....5-5.0)"a| 00000020 ae b4 af 8a a1 2c 45 59 40 5f aa 00 00 04 c0 2f |.....,EY@_...../| 00000030 00 ff 01 00 00 5e 00 00 00 0e 00 0c 00 00 09 31 |.....^.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 04 00 02 00 17 00 16 00 00 00 17 00 00 |................| 00000060 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 |...0............| 00000070 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 |................| 00000080 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 |................| 00000090 05 02 06 02 |....| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 cd 0c |.`.\!.;.........| 000002a0 00 00 c9 03 00 17 41 04 1e 18 37 ef 0d 19 51 88 |......A...7...Q.| 000002b0 35 75 71 b5 e5 54 5b 12 2e 8f 09 67 fd a7 24 20 |5uq..T[....g..$ | 000002c0 3e b2 56 1c ce 97 28 5e f8 2b 2d 4f 9e f1 07 9f |>.V...(^.+-O....| 000002d0 6c 4b 5b 83 56 e2 32 42 e9 58 b6 d7 49 a6 b5 68 |lK[.V.2B.X..I..h| 000002e0 1a 41 03 56 6b dc 5a 89 08 04 00 80 7b bd 89 a1 |.A.Vk.Z.....{...| 000002f0 d8 9d cf e4 75 ac 15 60 a9 49 0c c7 68 61 4e e4 |....u..`.I..haN.| 00000300 2b 51 37 5a 65 38 a4 52 6a d0 4f 8b 76 93 a4 7c |+Q7Ze8.Rj.O.v..|| 00000310 ac 30 6b 89 f1 c7 88 8f f3 5c c7 e9 d6 7c 33 94 |.0k......\...|3.| 00000320 f7 fc f8 69 35 f3 f7 e0 ea fc 51 5c b2 e2 dc 9e |...i5.....Q\....| 00000330 57 03 af e6 19 0d 0d e4 25 b6 52 19 12 ad 35 fc |W.......%.R...5.| 00000340 7f c3 6a 1f ed 06 82 34 81 13 d7 c1 67 a9 18 88 |..j....4....g...| 00000350 2f bb 00 54 5d d9 01 16 29 dd 03 3c 69 f7 46 52 |/..T]...)..>> Flow 3 (client to server) 00000000 16 03 03 00 46 10 00 00 42 41 04 a6 c3 8d d1 32 |....F...BA.....2| 00000010 8e b4 ac 27 75 4a 57 26 7f 6a 52 a7 82 ee c2 b1 |...'uJW&.jR.....| 00000020 a3 68 0a 8d 09 ff 82 61 57 f3 32 5e ec 1a 2f 20 |.h.....aW.2^../ | 00000030 8c c1 d4 cf 27 7b f0 1d f9 5d f6 24 80 6a 45 d2 |....'{...].$.jE.| 00000040 97 cf f1 5d a2 e3 b0 15 7d e6 a4 14 03 03 00 01 |...]....}.......| 00000050 01 16 03 03 00 28 21 36 fe 82 d2 4a b4 da f8 14 |.....(!6...J....| 00000060 d6 d6 8c be 56 1f ca 82 7f 20 bb 01 be fb 2a 0d |....V.... ....*.| 00000070 a8 31 ee 79 f7 8a 8b 4a 1b a7 66 3a 89 67 |.1.y...J..f:.g| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 00 0a 97 89 c3 74 09 63 25 2a fc e1 29 |........t.c%*..)| 00000020 18 b1 bc d6 75 2e 3b 2a fb 90 17 b9 b8 ea e2 c4 |....u.;*........| 00000030 29 94 16 17 03 03 00 25 00 00 00 00 00 00 00 01 |)......%........| 00000040 8c 30 76 b7 fd b1 96 0b 2a 8f f3 e1 b3 38 16 15 |.0v.....*....8..| 00000050 10 3d 32 ee 29 b5 12 cb cb cf 98 a3 c5 15 03 03 |.=2.)...........| 00000060 00 1a 00 00 00 00 00 00 00 02 9e 4a 55 8e 91 ff |...........JU...| 00000070 13 0b 56 be 3c 5d b8 26 42 f1 c8 28 |..V.<].&B..(| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-3DES000066400000000000000000000137061373277661100253460ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 e2 8f 43 82 4c |.............C.L| 00000010 13 33 88 d2 53 5d b6 02 d2 b6 b2 a1 11 f0 30 14 |.3..S]........0.| 00000020 41 1e 8c 79 85 38 75 cd e8 a6 a7 00 00 04 00 0a |A..y.8u.........| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 0a 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 57 ce 41 c0 4d |...........W.A.M| 00000010 b1 69 27 6e cb 92 a5 71 52 85 e7 a8 69 b0 31 d1 |.i'n...qR...i.1.| 00000020 0a b0 3d a6 9d ab 04 e8 a2 4c d8 67 95 97 da 63 |..=......L.g...c| 00000030 f7 0b 6e 62 29 5b 8b cf 77 f1 80 a5 1f 67 08 71 |..nb)[..w....g.q| 00000040 50 c3 a9 90 ea b8 11 3d 5d c9 f5 1c 37 fa 67 b1 |P......=]...7.g.| 00000050 64 b0 04 3e c1 0d db 77 fe b9 a0 ea f2 0f 1d af |d..>...w........| 00000060 9a 77 b3 96 4f 3f 3c 52 a7 ed c4 3f 48 ef ff f8 |.w..O?>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 30 00 00 00 00 00 |..........0.....| 00000010 00 00 00 0d 0f 3c 6a 28 f0 97 90 1a c3 7e c8 63 |...........su.| 00000070 15 03 03 00 20 00 00 00 00 00 00 00 00 5c 30 63 |.... ........\0c| 00000080 23 55 26 ee 8d 81 9a 2e b4 e7 38 6b 04 e7 42 43 |#U&.......8k..BC| 00000090 50 de 1e 40 2d |P..@-| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-AES000066400000000000000000000144021373277661100252520ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 dd 28 eb 68 4a |............(.hJ| 00000010 8a 71 d2 98 d0 2d 21 c7 e9 19 19 de c8 13 0b 67 |.q...-!........g| 00000020 f4 ff 4c d0 37 f5 72 9f 2d fb b3 00 00 04 00 2f |..L.7.r.-....../| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 c0 37 ef f3 d9 |............7...| 00000010 6b 7b 3f c4 9f 46 d2 6b 8f 7f 8d ce 89 cf 8e 2b |k{?..F.k.......+| 00000020 1f 0d 86 f9 90 5a 23 28 6c d3 14 ce 2a 0b f1 0e |.....Z#(l...*...| 00000030 96 1c 11 7d c0 b8 fb 4b 2e cb 07 1c fe b9 e1 62 |...}...K.......b| 00000040 2c 38 1c 46 21 74 23 a9 f2 0b 15 36 ef 88 32 e8 |,8.F!t#....6..2.| 00000050 28 66 8e ab 14 be e9 02 04 9d 92 99 cc 6e 28 d0 |(f...........n(.| 00000060 f9 3d dc 61 7f f7 17 59 ab 1c 86 94 9a 28 7b 46 |.=.a...Y.....({F| 00000070 3c 36 ff d3 26 3c ad 2d 33 ef 99 83 09 a5 a8 2f |<6..&<.-3....../| 00000080 b3 a3 74 7f 49 a3 f1 47 7d 8c 12 14 03 03 00 01 |..t.I..G}.......| 00000090 01 16 03 03 00 40 32 68 cb ea 32 cb f2 7a 0e 4b |.....@2h..2..z.K| 000000a0 63 72 96 93 e8 2d 5b 22 a6 3a 05 9d 60 50 e5 d0 |cr...-[".:..`P..| 000000b0 f3 f8 14 ed 81 fe 17 a0 ee 3f 7b aa ca dc 06 bc |.........?{.....| 000000c0 28 90 73 33 84 0c 92 39 b7 cb da 06 08 05 0b 03 |(.s3...9........| 000000d0 86 be cc 70 0e c2 |...p..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 10 a0 48 48 86 |.............HH.| 00000020 ac 1f f4 05 4d 12 9d 90 54 26 ec c8 1f 6d e7 d5 |....M...T&...m..| 00000030 0c 92 61 88 2f 43 77 75 0c 08 0f 33 ac c3 d3 b0 |..a./Cwu...3....| 00000040 94 68 e3 3f 9f c9 43 a5 8b ee ed 17 03 03 00 40 |.h.?..C........@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 fd 7d d3 d6 3f a5 10 37 a1 93 20 ca c8 8c 9d c3 |.}..?..7.. .....| 00000070 90 df 2f 40 e6 83 af b6 be e4 3d 07 ff 0d 24 97 |../@......=...$.| 00000080 c2 ff af 81 eb b5 91 72 6b 6d 70 8c af 3f 9f 76 |.......rkmp..?.v| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 6b 80 aa 88 45 8c 39 a8 4c ca 33 |.....k...E.9.L.3| 000000b0 f2 33 85 a0 74 6a 64 a3 43 17 4c 5c 9b 50 e5 8d |.3..tjd.C.L\.P..| 000000c0 ff 26 03 e1 07 |.&...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-AES-GCM000066400000000000000000000141631373277661100256620ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 8a ca f1 8f ad |................| 00000010 fe 0b a3 e1 b8 08 10 1a 40 57 b6 f7 f7 e3 72 c4 |........@W....r.| 00000020 57 4a 71 f8 30 cd 62 62 c7 0f 2d 00 00 04 c0 2f |WJq.0.bb..-..../| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c |.`.\!.;.........| 000002a0 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 |...... /.}.G.bC.| 000002b0 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed |(.._.).0........| 000002c0 90 99 5f 58 cb 3b 74 08 04 00 80 50 0b d9 1c 03 |.._X.;t....P....| 000002d0 6f 08 05 a6 39 cc 9f 7e 3d f1 fb af 8e 0b 9a ef |o...9..~=.......| 000002e0 39 d3 b6 e3 71 9c 5a 37 a1 86 f2 f0 59 01 fc b2 |9...q.Z7....Y...| 000002f0 51 1c 0e 22 42 24 3e c6 db fb a1 39 9d 75 f4 79 |Q.."B$>....9.u.y| 00000300 55 dd e5 99 0b 22 5b ed c7 19 ac db ed d3 ee 23 |U...."[........#| 00000310 b9 37 2b 51 ea 7f 39 4d 8b 0a bc a2 2e f2 ef 9e |.7+Q..9M........| 00000320 a5 8c 99 77 ff d2 fb 46 e4 10 4e a9 b2 a9 ce b6 |...w...F..N.....| 00000330 50 d4 0a 28 a5 3f 0e 2c 60 cd 0f 07 9c 7e 60 c3 |P..(.?.,`....~`.| 00000340 79 a5 cf f3 cd 77 5a 16 8d fc 14 16 03 03 00 04 |y....wZ.........| 00000350 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 ef 3b b1 d2 a3 f6 |....%...! .;....| 00000010 be f2 fc 2e b5 ed d3 ec 6a fb 2f 0d 5a 04 98 61 |........j./.Z..a| 00000020 92 26 59 ba 17 26 1b 60 27 2b 14 03 03 00 01 01 |.&Y..&.`'+......| 00000030 16 03 03 00 28 e2 94 22 bb 71 70 c8 a6 63 e5 6f |....(..".qp..c.o| 00000040 2e 00 0f b9 bf 6b 54 34 dc ce b0 12 0b 16 e5 ac |.....kT4........| 00000050 8f 6b 1e 96 a1 e3 86 b7 6f 8c 76 09 da |.k......o.v..| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 f5 dc 00 28 06 03 50 9b b2 db 4d 89 25 |......(..P...M.%| 00000020 3a 94 04 85 5b 7a 3f 16 fb 55 8f e0 c3 a3 33 21 |:...[z?..U....3!| 00000030 65 84 c5 17 03 03 00 25 00 00 00 00 00 00 00 01 |e......%........| 00000040 a9 35 62 24 4b 63 6e 62 1c 8f 99 e4 e0 3e f0 a2 |.5b$Kcnb.....>..| 00000050 e3 02 34 6f 10 71 9c 6b b3 4a 2d 7f 71 15 03 03 |..4o.q.k.J-.q...| 00000060 00 1a 00 00 00 00 00 00 00 02 91 43 07 98 b1 ba |...........C....| 00000070 06 1b dd 21 46 82 63 67 8b bb 1f b5 |...!F.cg....| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-AES256-GCM-SHA384000066400000000000000000000141631373277661100267670ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 0f 13 d8 49 94 |..............I.| 00000010 b9 cc 41 1d d4 3d bb d2 c9 a3 2c 74 11 ca 01 e8 |..A..=....,t....| 00000020 5b b0 2e 57 60 b5 30 37 2d b9 f0 00 00 04 c0 30 |[..W`.07-......0| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c |.`.\!.;.........| 000002a0 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 |...... /.}.G.bC.| 000002b0 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed |(.._.).0........| 000002c0 90 99 5f 58 cb 3b 74 08 04 00 80 40 f3 67 86 41 |.._X.;t....@.g.A| 000002d0 93 17 f7 db b2 80 ca 73 f9 f8 45 24 cc 46 57 47 |.......s..E$.FWG| 000002e0 28 83 19 df e8 63 e7 19 c4 a2 04 85 25 7d ec 55 |(....c......%}.U| 000002f0 91 d4 df eb 77 53 c2 3b d5 71 1a f7 39 d2 ee b4 |....wS.;.q..9...| 00000300 06 4b e4 07 b7 fa 8a 8e fa 64 22 83 dd 22 8b b8 |.K.......d".."..| 00000310 4d a5 1a f5 e3 81 01 81 6a a1 6e 62 54 3a 3a 09 |M.......j.nbT::.| 00000320 ed 76 f2 5a d3 4e 4b 74 be 46 50 0d 51 77 34 f6 |.v.Z.NKt.FP.Qw4.| 00000330 02 ef 57 39 29 bf d9 64 ad 65 06 ae a6 8d 94 86 |..W9)..d.e......| 00000340 84 76 cf 2c 36 98 04 5b a1 59 6c 16 03 03 00 04 |.v.,6..[.Yl.....| 00000350 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 d5 2b 0e 3c e9 3e |....%...! .+.<.>| 00000010 e9 b0 3d 86 a9 85 b5 68 af cf 27 cf 4b d4 49 2e |..=....h..'.K.I.| 00000020 68 f2 9e 3c 32 7c cb fb dc 57 14 03 03 00 01 01 |h..<2|...W......| 00000030 16 03 03 00 28 5a cc f4 77 38 94 46 7b 39 5d 81 |....(Z..w8.F{9].| 00000040 be 77 a5 4a 76 c9 46 62 17 0b 2b ea 89 c2 29 bd |.w.Jv.Fb..+...).| 00000050 4b b0 dd 51 1e b8 7b a9 55 f5 fb b3 6a |K..Q..{.U...j| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 b9 9b c0 b1 2b 71 af 0b 44 4e 4a cd e8 |.......+q..DNJ..| 00000020 c6 68 b8 2a d9 67 6f 7f 18 12 22 5c 4b 5c ca 43 |.h.*.go..."\K\.C| 00000030 ff c1 9d 17 03 03 00 25 00 00 00 00 00 00 00 01 |.......%........| 00000040 3c ae 33 dd 69 6c 01 a0 d2 a7 91 52 43 f3 78 38 |<.3.il.....RC.x8| 00000050 94 f4 24 0b 3d c9 bb 5f 02 27 89 bb 9b 15 03 03 |..$.=.._.'......| 00000060 00 1a 00 00 00 00 00 00 00 02 68 8d d7 d8 2f 95 |..........h.../.| 00000070 61 09 59 52 0d b8 12 fc 6a 07 28 37 |a.YR....j.(7| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-RC4000066400000000000000000000132311373277661100252310ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 97 01 00 00 93 03 03 2c 3c 18 04 94 |...........,<...| 00000010 e0 bb 10 99 7c 0c cd 0e e7 72 bc 83 4d f0 cf d7 |....|....r..M...| 00000020 4b 8e 2c 8b 52 bf ed 86 65 d2 a3 00 00 04 00 05 |K.,.R...e.......| 00000030 00 ff 01 00 00 66 00 00 00 0e 00 0c 00 00 09 31 |.....f.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000060 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 |...........0....| 00000070 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000080 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 |................| 00000090 02 01 03 02 02 02 04 02 05 02 06 02 |............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 05 00 00 |...DOWNGRD......| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 a2 43 45 e6 1e |............CE..| 00000010 08 d3 29 62 0b 40 75 98 a3 f6 68 d7 78 31 b0 c9 |..)b.@u...h.x1..| 00000020 f4 f8 a6 98 dc d8 72 c1 2a 68 80 26 54 1c 16 af |......r.*h.&T...| 00000030 9f 67 cf ee 74 de 9e 29 b6 cd 0d eb df aa ea 44 |.g..t..).......D| 00000040 72 c9 aa fc ff c9 2d 9d bf bc f0 9b c1 7b 0d 5c |r.....-......{.\| 00000050 69 0c 75 d8 23 09 29 97 f6 38 9c f9 4f 1b 4a d5 |i.u.#.)..8..O.J.| 00000060 bd 04 d4 15 b3 a6 80 02 a4 11 32 d7 c0 cf 89 1f |..........2.....| 00000070 93 80 2b 48 49 51 44 b7 77 3c bf b1 a6 87 a3 ff |..+HIQD.w<......| 00000080 39 37 4a 42 49 92 93 25 0a 51 9a 14 03 03 00 01 |97JBI..%.Q......| 00000090 01 16 03 03 00 24 b5 c9 d6 9c ec 77 38 d2 30 79 |.....$.....w8.0y| 000000a0 f1 00 77 31 78 9b e6 ab ed 46 7c c6 e5 26 0b 44 |..w1x....F|..&.D| 000000b0 fd 30 b0 fe 0c 84 6f 9a cf 57 |.0....o..W| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 24 58 cc 9f 3f ac |..........$X..?.| 00000010 2e 20 73 c9 5e 13 d3 12 3a 63 1e a9 ee 13 3d 0d |. s.^...:c....=.| 00000020 51 e9 15 5b 7b 33 92 85 6c fa d6 8a 15 16 dc 17 |Q..[{3..l.......| 00000030 03 03 00 21 bc af 01 72 48 0c 16 c9 7a c0 3c 27 |...!...rH...z.<'| 00000040 63 0a f8 34 e4 54 6a 39 39 61 02 bc c2 a0 07 03 |c..4.Tj99a......| 00000050 fb 2c d0 1b 6a 15 03 03 00 16 98 71 13 a6 5d f5 |.,..j......q..].| 00000060 7d aa 6d 05 2d a2 dc c0 7b 41 88 36 a2 49 a4 8b |}.m.-...{A.6.I..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-RSAPKCS1v15000066400000000000000000000141551373277661100263720ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 91 01 00 00 8d 03 03 84 aa e5 17 f4 |................| 00000010 80 c4 fb ca 14 f7 c9 d9 55 f0 8e 63 f9 e1 7e ad |........U..c..~.| 00000020 e7 5e 60 e9 2b dd 22 dd d1 11 93 00 00 2a c0 30 |.^`.+."......*.0| 00000030 00 9f cc a8 cc aa c0 2f 00 9e c0 28 00 6b c0 27 |......./...(.k.'| 00000040 00 67 c0 14 00 39 c0 13 00 33 00 9d 00 9c 00 3d |.g...9...3.....=| 00000050 00 3c 00 35 00 2f 00 ff 01 00 00 3a 00 00 00 0e |.<.5./.....:....| 00000060 00 0c 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b |.....127.0.0.1..| 00000070 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 |................| 00000080 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d |................| 00000090 00 04 00 02 04 01 |......| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c |.`.\!.;.........| 000002a0 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 |...... /.}.G.bC.| 000002b0 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed |(.._.).0........| 000002c0 90 99 5f 58 cb 3b 74 04 01 00 80 2c d2 21 86 4f |.._X.;t....,.!.O| 000002d0 e0 b7 f1 7d f8 8f ca b3 e7 ef 34 e5 ea 78 12 b1 |...}......4..x..| 000002e0 92 1b 1b 7f 35 da 38 cb a9 1a 52 97 0e df 33 83 |....5.8...R...3.| 000002f0 e2 10 cb 72 78 41 66 9b 55 c9 a3 0b de ef b5 f3 |...rxAf.U.......| 00000300 8e 11 fa 5c a5 2a 93 29 b0 e2 42 9b 07 55 bd 6c |...\.*.)..B..U.l| 00000310 fa 3e a5 5b 2c 5b 3e d8 fa 76 6b d4 63 2c 47 22 |.>.[,[>..vk.c,G"| 00000320 17 92 9c 40 a4 f3 b3 a4 6d 12 da f7 d9 58 11 3f |...@....m....X.?| 00000330 1a 12 8a c8 19 a6 f8 e0 49 b8 6b 79 34 5f f2 46 |........I.ky4_.F| 00000340 27 62 e2 0e 13 93 74 b5 0b 63 8a 16 03 03 00 04 |'b....t..c......| 00000350 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 0a 81 a9 76 78 5f |....%...! ...vx_| 00000010 f2 35 87 19 ed 3d 0b 1c 51 ff b7 51 c9 03 5a de |.5...=..Q..Q..Z.| 00000020 04 e6 47 3c d0 fe 32 75 64 28 14 03 03 00 01 01 |..G<..2ud(......| 00000030 16 03 03 00 28 90 38 86 3b 34 cf 30 74 00 91 55 |....(.8.;4.0t..U| 00000040 82 bd 9b 3a 78 34 09 3f a6 33 3f 7a 77 a5 53 67 |...:x4.?.3?zw.Sg| 00000050 30 94 30 cb 19 0c a8 ac 10 54 b8 90 57 |0.0......T..W| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 e5 08 6e 55 df 84 0e 16 f9 e2 b0 44 3c |.....nU.......D<| 00000020 e7 e4 a1 e2 61 ee 18 cb bd c1 71 8f aa 23 c7 e1 |....a.....q..#..| 00000030 de ab 86 17 03 03 00 25 00 00 00 00 00 00 00 01 |.......%........| 00000040 6d 0c 13 09 51 5e 5b e8 2a 85 c6 99 7e 9a 7d 79 |m...Q^[.*...~.}y| 00000050 45 9b 63 18 d0 41 3d e7 78 24 93 52 11 15 03 03 |E.c..A=.x$.R....| 00000060 00 1a 00 00 00 00 00 00 00 02 ec a4 cf b9 7a 35 |..............z5| 00000070 9b 64 01 f4 7e 7d f0 08 05 79 7b 46 |.d..~}...y{F| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-RSA-RSAPSS000066400000000000000000000101761373277661100256610ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 91 01 00 00 8d 03 03 6d d9 a6 ff 3e |...........m...>| 00000010 4b 00 33 67 b4 8c c6 e8 07 ee f3 77 83 31 81 e9 |K.3g.......w.1..| 00000020 8f 3e 9e 77 8b 5c 8b 84 47 b4 33 00 00 2a c0 30 |.>.w.\..G.3..*.0| 00000030 00 9f cc a8 cc aa c0 2f 00 9e c0 28 00 6b c0 27 |......./...(.k.'| 00000040 00 67 c0 14 00 39 c0 13 00 33 00 9d 00 9c 00 3d |.g...9...3.....=| 00000050 00 3c 00 35 00 2f 00 ff 01 00 00 3a 00 00 00 0e |.<.5./.....:....| 00000060 00 0c 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b |.....127.0.0.1..| 00000070 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 |................| 00000080 00 1e 00 19 00 18 00 16 00 00 00 17 00 00 00 0d |................| 00000090 00 04 00 02 08 06 |......| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 |...DOWNGRD...0..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 15 03 03 00 02 02 |.`.\!.;.........| 000002a0 28 |(| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-Resume000066400000000000000000000067601373277661100254670ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 33 01 00 01 2f 03 03 c0 ac ee 47 eb |....3.../.....G.| 00000010 75 70 12 a9 b7 d9 29 03 ba dd 0c 26 ef 07 cd c1 |up....)....&....| 00000020 ac 2b b5 14 8a 59 3a d7 58 7d 20 20 eb 74 37 f4 |.+...Y:.X} .t7.| 00000030 79 3b 34 ed e4 b1 51 00 b9 09 04 bc 48 82 07 a2 |y;4...Q.....H...| 00000040 cc 47 2d dc 16 54 a6 02 0c 5e f2 23 00 04 00 2f |.G-..T...^.#.../| 00000050 00 ff 01 00 00 e2 00 00 00 0e 00 0c 00 00 09 31 |...............1| 00000060 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000070 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000080 00 23 00 78 50 46 ad c1 db a8 38 86 7b 2b bb fd |.#.xPF....8.{+..| 00000090 d0 c3 42 3e 00 00 00 00 00 00 00 00 00 00 00 00 |..B>............| 000000a0 00 00 00 00 94 6f 2c 9f 83 61 5c 5f 43 13 c2 76 |.....o,..a\_C..v| 000000b0 91 3a c1 1a 8c 51 00 5c a0 93 a9 06 e2 0c b0 65 |.:...Q.\.......e| 000000c0 e3 8c 0d 4b 7b 7e 52 32 b8 3c b3 76 c5 bf 95 4d |...K{~R2.<.v...M| 000000d0 29 71 50 81 e3 2b 6f 4a 32 dc 33 94 15 c5 fe 38 |)qP..+oJ2.3....8| 000000e0 b4 0a fc 03 38 90 32 db c0 7f 99 62 a9 89 15 d0 |....8.2....b....| 000000f0 f6 79 64 79 38 b0 e2 19 07 82 82 0a 00 16 00 00 |.ydy8...........| 00000100 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 |.......0........| 00000110 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 |................| 00000120 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 |................| 00000130 02 02 04 02 05 02 06 02 |........| >>> Flow 2 (server to client) 00000000 16 03 03 00 57 02 00 00 53 03 03 00 00 00 00 00 |....W...S.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 20 eb 74 37 f4 |...DOWNGRD. .t7.| 00000030 79 3b 34 ed e4 b1 51 00 b9 09 04 bc 48 82 07 a2 |y;4...Q.....H...| 00000040 cc 47 2d dc 16 54 a6 02 0c 5e f2 23 00 2f 00 00 |.G-..T...^.#./..| 00000050 0b ff 01 00 01 00 00 0b 00 02 01 00 14 03 03 00 |................| 00000060 01 01 16 03 03 00 40 00 00 00 00 00 00 00 00 00 |......@.........| 00000070 00 00 00 00 00 00 00 a6 49 4b 9d e0 3c e1 58 b4 |........IK..<.X.| 00000080 f9 50 e6 a6 32 ce 65 74 14 95 07 05 0c ef be 7d |.P..2.et.......}| 00000090 74 8c 46 3e 2a 07 de 5f 7a 08 b9 a0 80 f0 52 90 |t.F>*.._z.....R.| 000000a0 d4 6b c5 0f c5 ae 54 |.k....T| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 16 03 03 00 40 8c 59 48 06 01 |..........@.YH..| 00000010 a4 c6 35 ad a6 f5 a9 d3 31 ea 58 64 0e 45 91 4c |..5.....1.Xd.E.L| 00000020 fb e7 c6 6e 27 e8 92 a9 9c c3 c6 29 e9 6c 55 3a |...n'......).lU:| 00000030 2a fe 0f 40 d9 aa 3e fe ab 66 e1 38 91 d1 db ac |*..@..>..f.8....| 00000040 58 13 f0 3c 5e f1 a9 9c fd 07 04 |X..<^......| >>> Flow 4 (server to client) 00000000 17 03 03 00 40 00 00 00 00 00 00 00 00 00 00 00 |....@...........| 00000010 00 00 00 00 00 a6 4f 7a f8 b0 6e 25 13 fb b6 68 |......Oz..n%...h| 00000020 2d 1e 22 1b 95 93 63 e8 e1 9c 93 3e 53 78 bb aa |-."...c....>Sx..| 00000030 9f 6e 84 56 28 31 a0 ed a9 a3 06 fd e6 f9 c4 c4 |.n.V(1..........| 00000040 56 5f 5f c2 fb 15 03 03 00 30 00 00 00 00 00 00 |V__......0......| 00000050 00 00 00 00 00 00 00 00 00 00 c9 98 24 06 26 73 |............$.&s| 00000060 87 27 73 bd 7a 30 b5 85 28 f7 c4 b6 7a b0 96 9f |.'s.z0..(...z...| 00000070 a8 d4 43 1d 8e f5 a5 9f f3 f3 |..C.......| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-ResumeDisabled000066400000000000000000000160241373277661100271110ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 33 01 00 01 2f 03 03 3a 1d a7 55 e5 |....3.../..:..U.| 00000010 e7 ab ac 09 74 a3 4e e1 b9 cf 90 92 74 83 13 1c |....t.N.....t...| 00000020 e7 0b 57 c7 4a 48 bb a6 86 f0 93 20 29 15 61 8f |..W.JH..... ).a.| 00000030 f1 20 4a 95 e5 ce 8b 8d 60 4c 3c d6 2e 40 22 f4 |. J.....`L<..@".| 00000040 8d 4e 07 f7 76 c7 28 e8 b0 5d 79 4f 00 04 00 2f |.N..v.(..]yO.../| 00000050 00 ff 01 00 00 e2 00 00 00 0e 00 0c 00 00 09 31 |...............1| 00000060 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000070 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 |................| 00000080 00 23 00 78 50 46 ad c1 db a8 38 86 7b 2b bb fd |.#.xPF....8.{+..| 00000090 d0 c3 42 3e 00 00 00 00 00 00 00 00 00 00 00 00 |..B>............| 000000a0 00 00 00 00 94 6f 2c 9f 83 61 31 33 93 70 cd 6a |.....o,..a13.p.j| 000000b0 19 a2 67 e8 7d cb a4 dc bb 80 d9 23 20 05 4d 53 |..g.}......# .MS| 000000c0 1f b6 9f 48 01 e4 84 75 10 25 f9 ed 98 bb 39 7e |...H...u.%....9~| 000000d0 fc 8b 16 d8 bc c7 e9 88 e8 1c 33 94 10 13 6b d4 |..........3...k.| 000000e0 3d fa d7 73 b2 d4 ea 89 58 ed 38 f8 f3 6a e0 5f |=..s....X.8..j._| 000000f0 1e f7 49 ed f7 5f 64 39 6b b5 6c fb 00 16 00 00 |..I.._d9k.l.....| 00000100 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 |.......0........| 00000110 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 |................| 00000120 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 |................| 00000130 02 02 04 02 05 02 06 02 |........| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 70 09 52 14 dc |...........p.R..| 00000010 cd 33 63 59 1e 37 b2 30 ce 49 02 81 54 0e 94 ba |.3cY.7.0.I..T...| 00000020 9f a3 72 48 48 9d 52 65 a6 31 88 59 7d 23 26 78 |..rHH.Re.1.Y}#&x| 00000030 91 25 f7 35 81 b0 9f 7a 4f 3e df 6d f9 be 25 f2 |.%.5...zO>.m..%.| 00000040 05 ce d7 72 0c 2f b8 84 7f 05 ec 40 ba 06 b8 b2 |...r./.....@....| 00000050 a3 eb 3d 50 7d e0 23 c7 3e 4f cb 93 93 46 97 ee |..=P}.#.>O...F..| 00000060 ca 63 21 79 83 c6 24 6d 44 5c f5 a3 f0 5e 2c f5 |.c!y..$mD\...^,.| 00000070 33 f3 06 a9 9a 1a f9 b0 8a f1 21 38 2c 9e cd ba |3.........!8,...| 00000080 3c 63 07 76 dd 9c e7 19 a0 97 2a 14 03 03 00 01 |>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 e2 e1 27 2b 83 |.............'+.| 00000020 17 2e 96 bc 84 93 99 10 b3 98 cc 1b 8e 2b 08 29 |.............+.)| 00000030 b1 fc 2d e6 33 78 11 82 a5 c7 e5 7d 28 8a e4 e3 |..-.3x.....}(...| 00000040 8a 5b 37 21 49 1b 45 b8 24 3a 24 17 03 03 00 40 |.[7!I.E.$:$....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 e8 cd 9a 90 f9 0c c7 cb 89 83 2c 0c fa 5b 02 d2 |..........,..[..| 00000070 d9 d3 0d a8 e8 60 ca 53 bd 8a d9 fb 70 6e a2 71 |.....`.S....pn.q| 00000080 46 b3 18 21 60 2d 4a 4a ee 14 40 99 3d 6f f6 bc |F..!`-JJ..@.=o..| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 85 19 88 1d 3b 91 b4 ed 20 6c 24 |.........;... l$| 000000b0 de a3 ce 3f d6 3c 1a 8c db 28 56 6b df 55 ca 38 |...?.<...(Vk.U.8| 000000c0 61 7b 44 33 b1 |a{D3.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-SNI000066400000000000000000000144041373277661100246520ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 99 01 00 00 95 03 03 fb d6 71 b2 32 |.............q.2| 00000010 74 6c e1 56 19 42 e6 46 a2 0e 37 1f ad 96 4b af |tl.V.B.F..7...K.| 00000020 8b 4c aa 71 2a 53 d8 df 74 7d 39 00 00 04 00 2f |.L.q*S..t}9..../| 00000030 00 ff 01 00 00 68 00 00 00 10 00 0e 00 00 0b 73 |.....h.........s| 00000040 6e 69 74 65 73 74 2e 63 6f 6d 00 0b 00 04 03 00 |nitest.com......| 00000050 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000060 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e |.............0..| 00000070 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000080 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 |................| 00000090 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |..............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 a4 48 88 75 7b |............H.u{| 00000010 a2 04 19 14 69 30 12 d6 14 00 0c 44 e4 68 06 c6 |....i0.....D.h..| 00000020 11 56 53 0c e5 52 fb 84 e2 6e b7 c6 eb 0d 79 25 |.VS..R...n....y%| 00000030 19 f0 bf e4 51 73 85 d5 82 5a 07 53 b2 65 97 6a |....Qs...Z.S.e.j| 00000040 a1 1b 56 bb 23 35 15 83 0f 60 ee de 16 a2 ea 61 |..V.#5...`.....a| 00000050 23 10 e1 5e cf 73 fe 5d 5a 53 16 42 0c 29 a5 ff |#..^.s.]ZS.B.)..| 00000060 06 e5 c4 87 11 d6 24 91 25 e5 58 81 40 80 9e 71 |......$.%.X.@..q| 00000070 49 40 47 50 37 28 7b ed 76 cc 5a fb 04 ba 9c f8 |I@GP7({.v.Z.....| 00000080 be ce 87 07 75 d2 30 88 09 cf bc 14 03 03 00 01 |....u.0.........| 00000090 01 16 03 03 00 40 60 1c 31 95 7d c2 a9 9b 29 c2 |.....@`.1.}...).| 000000a0 ef 59 58 dd fb 26 34 81 60 dc 17 19 c1 23 8d 8f |.YX..&4.`....#..| 000000b0 a8 d2 62 31 96 3d d2 61 b9 c8 7e bf 47 4c 04 fd |..b1.=.a..~.GL..| 000000c0 7c 30 05 37 8e 03 df 13 a1 4d f1 81 05 d7 4c 49 ||0.7.....M....LI| 000000d0 88 d6 c0 21 52 e3 |...!R.| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 73 15 54 76 ad |...........s.Tv.| 00000020 c4 38 b0 40 45 32 a8 ca 05 19 bd ce 6e 39 77 6b |.8.@E2......n9wk| 00000030 46 a7 f8 45 a8 cd cd 98 8c aa cf 46 83 f0 20 93 |F..E.......F.. .| 00000040 0d 18 99 d4 2a f9 15 4a 2b f6 bf 17 03 03 00 40 |....*..J+......@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 79 8d 24 ef 72 b3 2c e2 10 a5 6d 3d 61 6c df c1 |y.$.r.,...m=al..| 00000070 26 bf 7e b5 cd b2 8e 87 b9 54 bf ee 35 07 bc 55 |&.~......T..5..U| 00000080 6c cd a2 d3 b4 bb 8c 63 fd ef b1 f0 2f 6d aa d9 |l......c..../m..| 00000090 15 03 03 00 30 00 00 00 00 00 00 00 00 00 00 00 |....0...........| 000000a0 00 00 00 00 00 7b f7 81 e6 5c f2 5c 9d 45 ec 1f |.....{...\.\.E..| 000000b0 7b 0d f8 62 19 d4 83 a8 e5 90 71 03 6e 6a 72 4b |{..b......q.njrK| 000000c0 7e 64 c4 c4 1a |~d...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-SNI-GetCertificate000066400000000000000000000144041373277661100275320ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 99 01 00 00 95 03 03 cf 09 e7 0d ce |................| 00000010 ce d4 72 66 9d 30 e8 ee 39 b3 95 4c 3b 59 25 66 |..rf.0..9..L;Y%f| 00000020 d2 f5 d3 82 68 7d e7 26 2e 38 97 00 00 04 00 2f |....h}.&.8...../| 00000030 00 ff 01 00 00 68 00 00 00 10 00 0e 00 00 0b 73 |.....h.........s| 00000040 6e 69 74 65 73 74 2e 63 6f 6d 00 0b 00 04 03 00 |nitest.com......| 00000050 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000060 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e |.............0..| 00000070 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000080 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 |................| 00000090 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |..............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 04 57 b2 56 f0 |............W.V.| 00000010 a5 fb c3 4d 4e 7d ba 29 18 04 ea 6e 66 d3 97 68 |...MN}.)...nf..h| 00000020 58 4e c1 47 fe 30 42 4d bf 5b 10 38 6a 01 83 98 |XN.G.0BM.[.8j...| 00000030 2b e3 3a ac c8 67 e5 41 0c 5c 3f 88 d5 15 a2 ab |+.:..g.A.\?.....| 00000040 6a 2b 70 24 d8 40 78 c1 d9 58 78 04 4d 90 03 eb |j+p$.@x..Xx.M...| 00000050 3c b1 61 da 26 62 db b3 41 ab dc 94 22 44 66 b8 |<.a.&b..A..."Df.| 00000060 49 2c fa 59 de c0 69 3c 20 f8 2f a5 e0 47 1d ec |I,.Y..i< ./..G..| 00000070 3c 49 2d 39 f6 41 09 06 79 5f 26 c4 12 3d 9c 8d |>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 5e ea d1 03 d7 |...........^....| 00000020 de 82 9a b4 07 52 46 16 fd 28 86 fe 17 2e 77 52 |.....RF..(....wR| 00000030 67 8f ec 64 93 1e 8e c9 fc fb 69 61 47 78 1a 1b |g..d......iaGx..| 00000040 97 8d fc 56 76 f6 53 8b 62 53 4f 17 03 03 00 40 |...Vv.S.bSO....@| 00000050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000060 f8 17 e8 ba c4 fb 0b 76 f5 a8 2d 3c 48 44 73 da |.......v..->> Flow 1 (client to server) 00000000 16 03 01 00 99 01 00 00 95 03 03 34 7d 89 eb 2a |...........4}..*| 00000010 19 64 32 17 5d 37 0e dd 51 2c 7e 08 56 47 f3 2c |.d2.]7..Q,~.VG.,| 00000020 ca d0 08 51 86 a6 a3 10 85 5a 41 00 00 04 00 2f |...Q.....ZA..../| 00000030 00 ff 01 00 00 68 00 00 00 10 00 0e 00 00 0b 73 |.....h.........s| 00000040 6e 69 74 65 73 74 2e 63 6f 6d 00 0b 00 04 03 00 |nitest.com......| 00000050 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000060 00 18 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e |.............0..| 00000070 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000080 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 |................| 00000090 03 01 02 01 03 02 02 02 04 02 05 02 06 02 |..............| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 00 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 04 0e |.`.\!.;.........| 000002a0 00 00 00 |...| >>> Flow 3 (client to server) 00000000 16 03 03 00 86 10 00 00 82 00 80 38 86 92 3e 9a |...........8..>.| 00000010 54 2d 44 46 76 d1 7c 07 04 83 2f 19 6d 89 c6 95 |T-DFv.|.../.m...| 00000020 07 63 17 7d ac e5 f7 95 7f f7 f2 3a f6 eb 38 26 |.c.}.......:..8&| 00000030 e5 c9 32 b1 27 88 46 85 f8 f6 eb 27 a8 9e de 5b |..2.'.F....'...[| 00000040 92 f7 3f 03 be 73 f0 de 2e b4 44 a8 89 4a 5a 6f |..?..s....D..JZo| 00000050 dc e7 16 9c dc f7 9f ca 40 9e 34 4b c2 45 58 7a |........@.4K.EXz| 00000060 6d 5c 4c 58 6a 45 10 21 fb b5 2a 58 17 7d d9 c4 |m\LXjE.!..*X.}..| 00000070 c9 7d d1 3b df 39 1b 59 6a 49 18 e1 fd 02 a2 1d |.}.;.9.YjI......| 00000080 5a 2d 3d c5 ab e7 f6 60 0d aa 38 14 03 03 00 01 |Z-=....`..8.....| 00000090 01 16 03 03 00 40 0e 2a fd e7 cd d0 72 ce 06 5c |.....@.*....r..\| 000000a0 40 c1 81 ef eb 27 e9 77 a8 d4 cc 5c 1e 15 7c 62 |@....'.w...\..|b| 000000b0 87 bd c5 8e b4 e6 6a 3f be 37 9d c0 fe f7 65 8b |......j?.7....e.| 000000c0 b1 3a b8 b4 76 67 ca 58 1c f5 3f f1 10 7c 5b 57 |.:..vg.X..?..|[W| 000000d0 90 e6 43 de d6 25 |..C..%| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 40 00 00 00 00 00 |..........@.....| 00000010 00 00 00 00 00 00 00 00 00 00 00 8b 11 9a 67 af |..............g.| 00000020 5b 0e c9 01 dc 76 e8 48 2f 40 5c 76 13 ca 28 63 |[....v.H/@\v..(c| 00000030 a9 6d 3c 6b c1 d4 79 4d 39 17 55 a5 b9 0e b6 fd |.m.| 000000c0 b2 ea 47 71 1f |..Gq.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv12-X25519000066400000000000000000000141531373277661100250370ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 8f 01 00 00 8b 03 03 5d ff d6 27 db |...........]..'.| 00000010 3b e5 2b 79 3a a6 cf 75 3d f7 c9 d9 0a d4 8c b2 |;.+y:..u=.......| 00000020 af 3c 29 84 65 a2 d6 98 52 e2 eb 00 00 04 c0 2f |.<).e...R....../| 00000030 00 ff 01 00 00 5e 00 00 00 0e 00 0c 00 00 09 31 |.....^.........1| 00000040 32 37 2e 30 2e 30 2e 31 00 0b 00 04 03 00 01 02 |27.0.0.1........| 00000050 00 0a 00 04 00 02 00 1d 00 16 00 00 00 17 00 00 |................| 00000060 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 |...0............| 00000070 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 |................| 00000080 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 |................| 00000090 05 02 06 02 |....| >>> Flow 2 (server to client) 00000000 16 03 03 00 37 02 00 00 33 03 03 00 00 00 00 00 |....7...3.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 |...DOWNGRD.../..| 00000030 0b ff 01 00 01 00 00 0b 00 02 01 00 16 03 03 02 |................| 00000040 59 0b 00 02 55 00 02 52 00 02 4f 30 82 02 4b 30 |Y...U..R..O0..K0| 00000050 82 01 b4 a0 03 02 01 02 02 09 00 e8 f0 9d 3f e2 |..............?.| 00000060 5b ea a6 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b |[..0...*.H......| 00000070 05 00 30 1f 31 0b 30 09 06 03 55 04 0a 13 02 47 |..0.1.0...U....G| 00000080 6f 31 10 30 0e 06 03 55 04 03 13 07 47 6f 20 52 |o1.0...U....Go R| 00000090 6f 6f 74 30 1e 17 0d 31 36 30 31 30 31 30 30 30 |oot0...160101000| 000000a0 30 30 30 5a 17 0d 32 35 30 31 30 31 30 30 30 30 |000Z..2501010000| 000000b0 30 30 5a 30 1a 31 0b 30 09 06 03 55 04 0a 13 02 |00Z0.1.0...U....| 000000c0 47 6f 31 0b 30 09 06 03 55 04 03 13 02 47 6f 30 |Go1.0...U....Go0| 000000d0 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 |..0...*.H.......| 000000e0 00 03 81 8d 00 30 81 89 02 81 81 00 db 46 7d 93 |.....0.......F}.| 000000f0 2e 12 27 06 48 bc 06 28 21 ab 7e c4 b6 a2 5d fe |..'.H..(!.~...].| 00000100 1e 52 45 88 7a 36 47 a5 08 0d 92 42 5b c2 81 c0 |.RE.z6G....B[...| 00000110 be 97 79 98 40 fb 4f 6d 14 fd 2b 13 8b c2 a5 2e |..y.@.Om..+.....| 00000120 67 d8 d4 09 9e d6 22 38 b7 4a 0b 74 73 2b c2 34 |g....."8.J.ts+.4| 00000130 f1 d1 93 e5 96 d9 74 7b f3 58 9f 6c 61 3c c0 b0 |......t{.X.la<..| 00000140 41 d4 d9 2b 2b 24 23 77 5b 1c 3b bd 75 5d ce 20 |A..++$#w[.;.u]. | 00000150 54 cf a1 63 87 1d 1e 24 c4 f3 1d 1a 50 8b aa b6 |T..c...$....P...| 00000160 14 43 ed 97 a7 75 62 f4 14 c8 52 d7 02 03 01 00 |.C...ub...R.....| 00000170 01 a3 81 93 30 81 90 30 0e 06 03 55 1d 0f 01 01 |....0..0...U....| 00000180 ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16 |.......0...U.%..| 00000190 30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06 |0...+.........+.| 000001a0 01 05 05 07 03 02 30 0c 06 03 55 1d 13 01 01 ff |......0...U.....| 000001b0 04 02 30 00 30 19 06 03 55 1d 0e 04 12 04 10 9f |..0.0...U.......| 000001c0 91 16 1f 43 43 3e 49 a6 de 6d b6 80 d7 9f 60 30 |...CC>I..m....`0| 000001d0 1b 06 03 55 1d 23 04 14 30 12 80 10 48 13 49 4d |...U.#..0...H.IM| 000001e0 13 7e 16 31 bb a3 01 d5 ac ab 6e 7b 30 19 06 03 |.~.1......n{0...| 000001f0 55 1d 11 04 12 30 10 82 0e 65 78 61 6d 70 6c 65 |U....0...example| 00000200 2e 67 6f 6c 61 6e 67 30 0d 06 09 2a 86 48 86 f7 |.golang0...*.H..| 00000210 0d 01 01 0b 05 00 03 81 81 00 9d 30 cc 40 2b 5b |...........0.@+[| 00000220 50 a0 61 cb ba e5 53 58 e1 ed 83 28 a9 58 1a a9 |P.a...SX...(.X..| 00000230 38 a4 95 a1 ac 31 5a 1a 84 66 3d 43 d3 2d d9 0b |8....1Z..f=C.-..| 00000240 f2 97 df d3 20 64 38 92 24 3a 00 bc cf 9c 7d b7 |.... d8.$:....}.| 00000250 40 20 01 5f aa d3 16 61 09 a2 76 fd 13 c3 cc e1 |@ ._...a..v.....| 00000260 0c 5c ee b1 87 82 f1 6c 04 ed 73 bb b3 43 77 8d |.\.....l..s..Cw.| 00000270 0c 1c f1 0f a1 d8 40 83 61 c9 4c 72 2b 9d ae db |......@.a.Lr+...| 00000280 46 06 06 4d f4 c1 b3 3e c0 d1 bd 42 d4 db fe 3d |F..M...>...B...=| 00000290 13 60 84 5c 21 d3 3b e9 fa e7 16 03 03 00 ac 0c |.`.\!.;.........| 000002a0 00 00 a8 03 00 1d 20 2f e5 7d a3 47 cd 62 43 15 |...... /.}.G.bC.| 000002b0 28 da ac 5f bb 29 07 30 ff f6 84 af c4 cf c2 ed |(.._.).0........| 000002c0 90 99 5f 58 cb 3b 74 08 04 00 80 73 d6 a4 35 5f |.._X.;t....s..5_| 000002d0 3f 46 ad de 81 13 a8 d9 21 17 25 37 61 cb 62 0d |?F......!.%7a.b.| 000002e0 e2 bf 95 51 0e 9e e7 b1 ab bc be f6 ec 80 b1 f4 |...Q............| 000002f0 3e 9c 69 3f c8 1e a4 02 82 fd 57 01 e7 0c 18 be |>.i?......W.....| 00000300 c6 1b 01 68 cb ef dc d8 16 92 fb 1b 07 fd 98 f8 |...h............| 00000310 00 77 a9 8e 71 2a e0 6c 68 d5 83 f9 36 c3 3b 99 |.w..q*.lh...6.;.| 00000320 44 98 a0 96 00 1a 02 95 c5 7c ea ae 51 81 89 94 |D........|..Q...| 00000330 57 b6 37 c5 88 56 9f 49 bf 36 26 48 08 36 a1 69 |W.7..V.I.6&H.6.i| 00000340 48 a2 c4 b2 6f 0f 43 70 91 1e 8a 16 03 03 00 04 |H...o.Cp........| 00000350 0e 00 00 00 |....| >>> Flow 3 (client to server) 00000000 16 03 03 00 25 10 00 00 21 20 0a 1b 78 c4 bb eb |....%...! ..x...| 00000010 a4 01 33 3b 69 95 c2 06 5d c9 3e b3 13 51 4b 93 |..3;i...].>..QK.| 00000020 5e 3c 3e a7 42 12 22 e8 7e 49 14 03 03 00 01 01 |^<>.B.".~I......| 00000030 16 03 03 00 28 fc c7 a1 45 50 e0 fe 27 fd ac a4 |....(...EP..'...| 00000040 d8 a2 c6 54 df e1 d3 6f e7 d8 45 a6 57 16 2f 1f |...T...o..E.W./.| 00000050 cf 89 26 c6 0a c3 4f 63 df ac bc c9 79 |..&...Oc....y| >>> Flow 4 (server to client) 00000000 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 |..........(.....| 00000010 00 00 00 37 25 28 76 4e 31 dd 5e b0 5b 39 87 fc |...7%(vN1.^.[9..| 00000020 0f 10 3c bc 6d 12 9a dd 59 89 0b 09 bc f2 2c d8 |..<.m...Y.....,.| 00000030 05 a7 77 17 03 03 00 25 00 00 00 00 00 00 00 01 |..w....%........| 00000040 fe 79 9d dd d9 e3 bc 48 47 65 30 64 c7 74 82 0a |.y.....HGe0d.t..| 00000050 9f b7 45 a2 62 40 b5 dd 79 b9 ce 06 83 15 03 03 |..E.b@..y.......| 00000060 00 1a 00 00 00 00 00 00 00 02 58 ed 37 40 33 e4 |..........X.7@3.| 00000070 75 f0 a6 fa 14 f5 6b 93 9e 54 f2 a4 |u.....k..T..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-AES128-SHA256000066400000000000000000000165561373277661100257450ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ca 01 00 00 c6 03 03 63 d9 8d 33 1b |...........c..3.| 00000010 45 ec 64 b0 d8 98 a5 ab a7 92 8d 52 dd 8d c9 6a |E.d........R...j| 00000020 3a 9f 3d 2d ba d8 41 15 da ff ed 20 c8 e3 df 7b |:.=-..A.... ...{| 00000030 92 42 42 0e 23 9a 23 2f b3 a2 1c de 73 78 9d fd |.BB.#.#/....sx..| 00000040 f4 d6 7b 19 b5 e1 16 27 16 8f ee 76 00 04 13 01 |..{....'...v....| 00000050 00 ff 01 00 00 79 00 0b 00 04 03 00 01 02 00 0a |.....y..........| 00000060 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 |................| 00000070 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 05 03 |................| 00000080 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000090 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 04 00 |.........+......| 000000a0 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 20 e8 |-.....3.&.$... .| 000000b0 59 38 d6 77 70 93 2c d3 cd 60 15 e1 06 28 57 2e |Y8.wp.,..`...(W.| 000000c0 57 fa d8 22 ed e6 53 89 43 60 50 60 5e 65 13 |W.."..S.C`P`^e.| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 c8 e3 df 7b |........... ...{| 00000030 92 42 42 0e 23 9a 23 2f b3 a2 1c de 73 78 9d fd |.BB.#.#/....sx..| 00000040 f4 d6 7b 19 b5 e1 16 27 16 8f ee 76 13 01 00 00 |..{....'...v....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 b8 a7 eb c1 04 5a |...............Z| 00000090 f0 43 0a f1 14 42 30 19 22 0c 80 91 7c 53 22 62 |.C...B0."...|S"b| 000000a0 2a 17 03 03 02 6d a2 9c c3 a1 e2 2a 20 24 c2 ff |*....m.....* $..| 000000b0 cf 31 98 a5 6c 38 2a 77 f3 e3 cf a9 e3 5b 42 2d |.1..l8*w.....[B-| 000000c0 2d 1c fb 36 49 bb 7c 15 05 f8 21 32 90 95 b6 fa |-..6I.|...!2....| 000000d0 82 5d 33 30 4a 71 48 89 7e 5d 6f fc a9 5e d4 3e |.]30JqH.~]o..^.>| 000000e0 56 8e fa 26 57 27 d3 14 97 d9 e8 0e ed c9 4d 7a |V..&W'........Mz| 000000f0 e8 ab 72 a9 4a fb 9a de d0 5f cc 45 b3 53 b8 8f |..r.J...._.E.S..| 00000100 9e 58 4e ec 42 cb f8 f7 a0 ee 75 08 cf 72 6f 71 |.XN.B.....u..roq| 00000110 1d f4 da 0b 7a fd c2 e2 18 40 00 48 82 98 fd 02 |....z....@.H....| 00000120 b0 c5 a7 c3 72 7d 4f 16 bd 03 16 2d 7c 68 14 0c |....r}O....-|h..| 00000130 e5 3e 44 6b 05 d4 39 21 88 f6 e9 21 c8 2a 47 e6 |.>Dk..9!...!.*G.| 00000140 c9 d4 75 47 3c 46 cb 02 62 d4 8c cd 74 62 d1 b8 |..uG...a....| 00000250 dd 81 a1 82 95 35 8c 09 1c b1 ea 35 16 78 6a 36 |.....5.....5.xj6| 00000260 cd 89 ca 8b 5f 14 90 ef 2f cf 15 53 5a 35 f3 65 |...._.../..SZ5.e| 00000270 3c 5a aa 36 67 3d 31 4e a4 13 4c 5a 89 62 c6 68 |>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 69 2b 45 b4 ee |..........5i+E..| 00000010 d0 23 68 15 03 0c 0f 41 ee 84 6c c3 e9 57 19 82 |.#h....A..l..W..| 00000020 a4 bd 72 ae a6 62 fa 20 c6 f8 6a b4 3c f2 b0 9d |..r..b. ..j.<...| 00000030 9d d0 b5 e2 f9 1a 9f 87 1f b8 5c 72 72 40 dd a6 |..........\rr@..| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e c7 4a 4d 6e 6d aa 1d b6 93 7e 48 |......JMnm....~H| 00000010 a9 ac 37 b0 16 ee 0d 4a 43 df 57 8f f1 d4 53 92 |..7....JC.W...S.| 00000020 da 39 77 17 03 03 00 13 1e db 52 f4 db 74 70 fe |.9w.......R..tp.| 00000030 1a 67 7c 97 a7 8d 34 08 58 f6 1a |.g|...4.X..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-AES256-SHA384000066400000000000000000000171331373277661100257410ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ca 01 00 00 c6 03 03 fd e0 d1 c4 82 |................| 00000010 5a 75 39 a0 c1 ff e5 5d 3e 89 7c dc cc 6d 2b 20 |Zu9....]>.|..m+ | 00000020 72 b1 91 cb 4c ce 54 91 b6 bc 38 20 35 b8 55 c0 |r...L.T...8 5.U.| 00000030 c9 4a 89 9c 85 27 6c 20 f4 6a 25 52 74 dd 7a 45 |.J...'l .j%Rt.zE| 00000040 c6 1e ce be 01 1b 71 c4 49 fc 94 20 00 04 13 02 |......q.I.. ....| 00000050 00 ff 01 00 00 79 00 0b 00 04 03 00 01 02 00 0a |.....y..........| 00000060 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 |................| 00000070 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 05 03 |................| 00000080 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000090 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 04 00 |.........+......| 000000a0 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 20 cb |-.....3.&.$... .| 000000b0 aa 82 26 82 3f 76 95 bd a5 26 81 fc fb 32 1a af |..&.?v...&...2..| 000000c0 2d 2b 55 fa c0 24 7b df 20 4b a5 13 0f 08 2a |-+U..${. K....*| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 35 b8 55 c0 |........... 5.U.| 00000030 c9 4a 89 9c 85 27 6c 20 f4 6a 25 52 74 dd 7a 45 |.J...'l .j%Rt.zE| 00000040 c6 1e ce be 01 1b 71 c4 49 fc 94 20 13 02 00 00 |......q.I.. ....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 ba 78 82 d8 ff b4 |...........x....| 00000090 ae 89 4c 4a fc 61 7e 18 37 fd 14 7b 7d d1 c2 4e |..LJ.a~.7..{}..N| 000000a0 ba 17 03 03 02 6d 51 6b c4 d8 cb ca 65 96 6c cf |.....mQk....e.l.| 000000b0 e3 23 e4 d9 d7 e3 1f 2d f6 55 aa 7a ca 31 a8 f2 |.#.....-.U.z.1..| 000000c0 74 af ca 80 cf 80 78 33 4d f0 92 bb fa 3a b0 84 |t.....x3M....:..| 000000d0 9c 41 aa 38 32 bd df e1 b4 c5 30 9f 97 9f 2a d9 |.A.82.....0...*.| 000000e0 c7 b8 8e 5f 19 e7 ef 55 b9 9c 00 89 3d 56 55 9d |..._...U....=VU.| 000000f0 0e 1a ec 5c 7b 1a 1b 28 e5 0a 70 6b df f7 ba 41 |...\{..(..pk...A| 00000100 00 2e 21 5b 89 09 c5 2f 5e 42 67 e4 31 27 75 b3 |..![.../^Bg.1'u.| 00000110 d7 3f ba 5e ce af 1f c4 cb 19 41 60 36 97 54 88 |.?.^......A`6.T.| 00000120 00 4d 7b 24 a6 89 29 cd 73 bd 6c 64 b6 3e 8d ea |.M{$..).s.ld.>..| 00000130 d3 f1 71 32 50 e7 9c c6 4f 8c 7d cb ee 24 b0 de |..q2P...O.}..$..| 00000140 c7 89 d6 a0 be 11 70 99 24 41 6c ff 6c 3d df 9a |......p.$Al.l=..| 00000150 13 5b ee 6c a9 e3 33 02 36 29 c5 71 85 5f 01 e0 |.[.l..3.6).q._..| 00000160 b2 80 42 79 5b 48 57 35 19 38 97 1c ef 6c 58 ac |..By[HW5.8...lX.| 00000170 d5 01 90 3b ae 65 cc 85 11 b6 e9 aa 52 b9 99 3d |...;.e......R..=| 00000180 a2 27 37 f2 99 ff 50 bc a2 0f a5 b4 3f 28 50 a9 |.'7...P.....?(P.| 00000190 dd 67 bd 93 cb 2b 19 d9 1a 8d cc 87 8a cf 0a fe |.g...+..........| 000001a0 fc a7 a2 e9 ee 38 79 3b 12 8f 55 3d 33 8e 33 88 |.....8y;..U=3.3.| 000001b0 10 cb 3a 12 d9 36 87 d2 3b f3 5b a1 4c 7f 92 cb |..:..6..;.[.L...| 000001c0 26 6b cc a4 6b 60 b6 25 6f 28 35 65 aa 13 07 61 |&k..k`.%o(5e...a| 000001d0 d7 0e e0 9d 10 1b 49 49 45 e3 4f a8 c2 e5 70 41 |......IIE.O...pA| 000001e0 04 d9 40 9d ff 3d 5a c7 89 97 79 fb 2e c0 c1 3c |..@..=Z...y....<| 000001f0 dc f9 48 d1 fd 3e c6 fb 03 57 a8 b0 d8 27 06 c4 |..H..>...W...'..| 00000200 8d d9 65 72 82 a0 ba 47 cc ce c0 65 15 9a 02 17 |..er...G...e....| 00000210 72 f3 ce 97 37 78 05 25 1a 56 b3 18 64 61 d5 06 |r...7x.%.V..da..| 00000220 fe e7 91 ae cd c8 43 4f 11 64 e4 c7 d1 7e 23 03 |......CO.d...~#.| 00000230 bf ee ce 11 d3 3a 05 b2 81 35 12 01 4c 1d 6d 57 |.....:...5..L.mW| 00000240 0c c7 41 c1 4b d6 c5 32 c7 b6 09 a9 f5 34 86 bb |..A.K..2.....4..| 00000250 1b fd 9d ce 26 e6 ca e9 93 83 91 a4 f0 a1 76 bf |....&.........v.| 00000260 3d ae 05 32 97 4a 31 ca c0 46 6a 45 a2 09 c1 0e |=..2.J1..FjE....| 00000270 48 9d bc 28 0a a7 26 bd 2b 4d 84 4c 6b a6 6e 74 |H..(..&.+M.Lk.nt| 00000280 8f 9c f1 0e 28 41 71 eb 26 c6 bf 31 1e 4d d1 17 |....(Aq.&..1.M..| 00000290 f3 e6 b1 78 fa 15 c2 42 a7 53 6e c1 36 8c a3 19 |...x...B.Sn.6...| 000002a0 94 3a 98 47 04 07 55 94 5c d8 98 ef 39 ef f0 bf |.:.G..U.\...9...| 000002b0 e3 c9 fd cf 95 ac 58 ee 83 19 c4 cf e5 4f a3 62 |......X......O.b| 000002c0 bd 1c 3f 59 7a fd a8 e9 e4 f5 a2 0c 68 05 72 dd |..?Yz.......h.r.| 000002d0 47 e9 cf 19 fe 5b 74 4d 7c 79 44 63 e0 99 46 8e |G....[tM|yDc..F.| 000002e0 99 e7 3a 2c c7 84 de 14 49 60 9e 36 c9 c9 e7 60 |..:,....I`.6...`| 000002f0 b7 b2 aa e4 9d 45 6c c0 0b 40 7c 01 7e ff 66 d8 |.....El..@|.~.f.| 00000300 6e 2f c2 0d d0 af 7e a2 18 f9 3a e6 75 ac 57 c3 |n/....~...:.u.W.| 00000310 8d 3a b4 17 03 03 00 99 d5 88 e9 da 38 f9 f8 be |.:..........8...| 00000320 0f b4 b5 56 9d 44 e9 13 e3 db 36 11 a9 96 0d c5 |...V.D....6.....| 00000330 09 8a ab 75 ad 6f f3 67 4c b0 9d 53 42 1a 80 a6 |...u.o.gL..SB...| 00000340 1b 22 61 e8 d8 cd 90 1c 40 85 0a 7a 54 c9 97 ca |."a.....@..zT...| 00000350 f9 db db ad d2 4a 9a fc 4f fc 1e 88 44 52 9e 43 |.....J..O...DR.C| 00000360 01 87 40 2c 8f 22 eb e9 58 fa c3 57 c5 bb e1 c0 |..@,."..X..W....| 00000370 ec 98 bb a9 67 c7 4e 45 b1 1c 86 8a 9d 35 e5 39 |....g.NE.....5.9| 00000380 45 a2 a8 ba 75 a6 a1 4b 9d 8d 6f 8f cc 61 a3 6b |E...u..K..o..a.k| 00000390 77 6b f0 e2 48 78 65 27 b0 57 80 40 6a d5 ec 92 |wk..Hxe'.W.@j...| 000003a0 36 76 d9 e5 4b 31 fb f6 15 ca 16 da e0 31 2f 99 |6v..K1.......1/.| 000003b0 86 17 03 03 00 45 12 8a 66 c2 06 ee 5b 27 21 e4 |.....E..f...['!.| 000003c0 ae b0 a1 93 94 fb 6b 6e 5b d6 a9 19 cf 29 e0 8f |......kn[....)..| 000003d0 b2 79 d5 58 4b 8f 06 21 cb 2b 9d 64 f0 89 51 7a |.y.XK..!.+.d..Qz| 000003e0 06 df cb f0 ef db 1b 5c 93 5e 65 d6 18 7e c4 36 |.......\.^e..~.6| 000003f0 51 2d 37 84 a6 cc ca c7 9d d9 52 17 03 03 00 aa |Q-7.......R.....| 00000400 0e 97 7f 47 b8 c6 65 d7 18 5c 5a 30 84 90 d7 44 |...G..e..\Z0...D| 00000410 9a 84 49 6c c3 3f ca 33 f6 10 e8 03 a0 1b c5 d6 |..Il.?.3........| 00000420 3f 01 34 2f 3d ad 05 51 74 9c 0c 28 75 3a 23 7c |?.4/=..Qt..(u:#|| 00000430 35 5c ce 85 f0 78 07 bf 50 ac 72 6a 62 7d af 03 |5\...x..P.rjb}..| 00000440 a9 e4 36 b3 6c 2f 16 3d fa c2 10 27 ec b6 a2 7f |..6.l/.=...'....| 00000450 94 36 ae 87 25 16 06 b5 4f f0 d2 80 d0 c0 70 45 |.6..%...O.....pE| 00000460 54 4e bd e1 8f 06 f8 53 5a b7 f3 9e ee ec 6f 04 |TN.....SZ.....o.| 00000470 16 7d 7a b7 aa 3d f0 61 b0 ee 59 e8 44 f1 8d 11 |.}z..=.a..Y.D...| 00000480 4f 75 04 3c 5d a4 ea 3f 3f cb ae 6e 7c a3 01 69 |Ou.<]..??..n|..i| 00000490 72 2b 9e 40 99 e1 bf e1 ca 77 98 c2 a7 16 f4 fa |r+.@.....w......| 000004a0 a2 ae c1 7c 04 73 59 c5 aa e9 |...|.sY...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 3f bf 4c cf 36 |..........E?.L.6| 00000010 94 f5 d0 6c 7f 60 e2 94 9f 85 5d d5 e9 2d 4f b4 |...l.`....]..-O.| 00000020 65 94 03 56 b9 f5 f8 79 2b cc 69 6b 93 e4 96 fb |e..V...y+.ik....| 00000030 5c 42 d0 ff 92 e4 6b 20 4e 53 65 e4 b1 32 f4 f4 |\B....k NSe..2..| 00000040 98 79 28 29 ee 48 41 04 3a b5 38 6a dc 9e 33 3c |.y().HA.:.8j..3<| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e c7 06 19 3d 5b ba b6 57 4d f9 52 |........=[..WM.R| 00000010 31 02 1d 3c 4b 2b 91 20 2d c8 55 0a e1 e0 b8 24 |1..>> Flow 1 (client to server) 00000000 16 03 01 00 e6 01 00 00 e2 03 03 53 c9 35 ee 18 |...........S.5..| 00000010 0a 8c 14 8d 9a db 72 c2 71 ee 6b a8 03 15 5d f6 |......r.q.k...].| 00000020 68 f2 58 9e 66 47 47 40 a5 5b a9 20 89 79 40 9a |h.X.fGG@.[. .y@.| 00000030 4c a3 79 54 db bf 52 64 9e dd eb 85 6f 3c fe 11 |L.yT..Rd....o<..| 00000040 a9 f5 a9 ac aa b1 82 c4 bf ea 71 ec 00 08 13 02 |..........q.....| 00000050 13 03 13 01 00 ff 01 00 00 91 00 0b 00 04 03 00 |................| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 23 00 00 00 10 00 10 00 0e 06 70 72 6f |...#.........pro| 00000080 74 6f 32 06 70 72 6f 74 6f 31 00 16 00 00 00 17 |to2.proto1......| 00000090 00 00 00 0d 00 1e 00 1c 04 03 05 03 06 03 08 07 |................| 000000a0 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 |................| 000000b0 05 01 06 01 00 2b 00 03 02 03 04 00 2d 00 02 01 |.....+......-...| 000000c0 01 00 33 00 26 00 24 00 1d 00 20 3d 9c 45 31 94 |..3.&.$... =.E1.| 000000d0 b0 2a 92 e7 4e af 35 fa 8f 1b 14 bc 49 9d 4f a8 |.*..N.5.....I.O.| 000000e0 2d ee fe e5 12 70 b2 65 ab 94 35 |-....p.e..5| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 89 79 40 9a |........... .y@.| 00000030 4c a3 79 54 db bf 52 64 9e dd eb 85 6f 3c fe 11 |L.yT..Rd....o<..| 00000040 a9 f5 a9 ac aa b1 82 c4 bf ea 71 ec 13 02 00 00 |..........q.....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 24 6b ad 42 76 66 53 |.........$k.BvfS| 00000090 7d 5c e1 67 7f 11 90 d6 51 64 17 81 55 13 90 47 |}\.g....Qd..U..G| 000000a0 f9 79 50 fc 2f 2c 03 03 91 8d 42 c9 0f a7 17 03 |.yP./,....B.....| 000000b0 03 02 6d 29 15 f6 ae ad 86 47 1b 8e 49 fe b5 88 |..m).....G..I...| 000000c0 f7 d4 bb 44 33 0a 0e 93 7f 5e 12 0f 52 74 e9 fe |...D3....^..Rt..| 000000d0 04 ba 6c e9 3a 36 8c a2 9c 4b b9 d0 2f fe c1 a5 |..l.:6...K../...| 000000e0 d1 d4 c1 57 be 43 e9 f5 4d ba 79 48 8e cd d9 d6 |...W.C..M.yH....| 000000f0 fd b1 89 6f 2c 62 b8 97 0a 92 c9 a9 05 25 46 34 |...o,b.......%F4| 00000100 d7 ce de 80 f7 96 b3 9d c1 1d 3c 5d af 47 7a 2e |..........<].Gz.| 00000110 77 7c 0f ad 74 85 2f 23 98 42 03 92 ae 31 1d a7 |w|..t./#.B...1..| 00000120 e7 53 7f 40 6f 4e 82 56 b8 06 19 aa 90 98 fa b8 |.S.@oN.V........| 00000130 38 e5 72 9f 82 d9 66 9a c6 07 16 60 55 97 cb a1 |8.r...f....`U...| 00000140 0e 2f ae 2f 5c d3 b1 14 9b b9 b1 74 21 54 9c c8 |././\......t!T..| 00000150 81 6f e4 28 fc 64 41 b1 d2 da 86 83 97 1a 5c ba |.o.(.dA.......\.| 00000160 9b 27 31 f8 3c fe 36 2e 8c dd 5a e6 19 3c 5e 46 |.'1.<.6...Z..<^F| 00000170 02 a0 cf 8b 16 91 0b b0 94 93 e8 dc bd 82 cb 67 |...............g| 00000180 2d 6b f2 f5 22 30 cc 74 85 e6 63 e3 03 8b 98 a8 |-k.."0.t..c.....| 00000190 8f ce 68 9b 27 67 1b 2f 9d ad cf 25 63 99 1e df |..h.'g./...%c...| 000001a0 4e c2 2c cf 1b 07 a9 c2 9e 51 28 36 5e 27 3b 23 |N.,......Q(6^';#| 000001b0 87 f8 a8 63 c1 6f f2 b5 f3 7d d1 5e 67 62 10 49 |...c.o...}.^gb.I| 000001c0 0d eb 7c e9 04 2e 63 69 5f 8d bb 9a d9 fa 23 8f |..|...ci_.....#.| 000001d0 6f 18 a6 98 43 83 0e 05 41 1b 76 7a 6d 63 4b ab |o...C...A.vzmcK.| 000001e0 1e 31 f2 ee 95 5c 09 65 1f ed 89 ac 87 51 9a 30 |.1...\.e.....Q.0| 000001f0 09 80 61 a1 6c f5 45 2a a0 7e b6 e7 ba 51 4a 83 |..a.l.E*.~...QJ.| 00000200 29 12 54 7f e5 00 a9 c0 29 87 68 8a 48 01 40 98 |).T.....).h.H.@.| 00000210 32 e6 9b 1d b6 03 53 94 e7 1e 83 c4 09 69 69 a9 |2.....S......ii.| 00000220 97 92 6a 51 9f 5d cb 12 b6 ba 37 97 90 2d e4 ac |..jQ.]....7..-..| 00000230 12 02 48 12 30 9b 8c 41 d0 59 0e 88 1c c5 00 ee |..H.0..A.Y......| 00000240 38 7c 3d fc 2c c3 46 df e5 0e ae ed c6 78 04 ed |8|=.,.F......x..| 00000250 84 1a 0c a2 2c 67 ee 85 25 d3 81 01 3d ae db 83 |....,g..%...=...| 00000260 82 d6 23 a4 9e 83 b0 c3 60 1f ac 2c c9 f1 b1 98 |..#.....`..,....| 00000270 73 f2 ec cd 18 2f 6a 8b ea e7 0c 70 16 fa a2 e3 |s..../j....p....| 00000280 cf 55 65 20 95 cd 5b 91 ef 1a 18 56 5c 2e c7 8f |.Ue ..[....V\...| 00000290 c1 0b 31 af 24 5f 28 64 71 4d ae 7c 25 72 90 49 |..1.$_(dqM.|%r.I| 000002a0 a8 e2 95 82 19 3e e0 29 df f7 10 a9 de 19 83 c2 |.....>.)........| 000002b0 ab a0 46 a0 aa 48 81 cb c0 6c b6 d6 0a ce 15 71 |..F..H...l.....q| 000002c0 65 be 85 5c 39 cc 17 15 57 99 71 e4 71 33 cd 94 |e..\9...W.q.q3..| 000002d0 97 50 bd dc 9e 3f a9 19 1e 53 fb db b7 e1 a0 b0 |.P...?...S......| 000002e0 7d 10 18 b0 8e a5 3b c0 37 eb fa 1b 4b 64 94 43 |}.....;.7...Kd.C| 000002f0 61 da 19 66 28 ed 58 79 de 12 40 58 8a 36 61 53 |a..f(.Xy..@X.6aS| 00000300 b1 f6 32 e3 a3 f1 5a d3 0a bd ef 90 84 53 3a 8b |..2...Z......S:.| 00000310 94 aa e0 13 63 b4 17 51 cc b2 14 bd 4f 18 96 63 |....c..Q....O..c| 00000320 17 03 03 00 99 a1 a4 04 1a a8 27 24 c6 54 e8 0f |..........'$.T..| 00000330 4e cc 25 47 d2 46 83 69 ec ef 6a fb 41 5c d3 c4 |N.%G.F.i..j.A\..| 00000340 d7 bf 3b 5a c7 2e 20 e3 34 0e e5 ff 56 83 ff 09 |..;Z.. .4...V...| 00000350 81 7b 73 d5 46 e0 7f db d8 42 31 bf 74 3e a9 23 |.{s.F....B1.t>.#| 00000360 dc de e7 40 e1 51 11 14 eb dd 7d 28 1b 57 0d 9a |...@.Q....}(.W..| 00000370 bd 04 08 5e 32 2a fb 52 03 fe 0c 75 1c 5f 96 42 |...^2*.R...u._.B| 00000380 20 f9 b5 08 21 dd 84 2b 6a 34 86 5a e9 e2 26 cd | ...!..+j4.Z..&.| 00000390 df 81 79 31 60 6e 2a f0 d5 c8 df 74 8d 7c 3f 89 |..y1`n*....t.|?.| 000003a0 cd 69 d5 a7 09 43 81 8f a3 3d bc e5 ff 67 ea 0d |.i...C...=...g..| 000003b0 d0 44 e5 8e 23 64 b1 25 c8 2f 05 fc f2 22 17 03 |.D..#d.%./..."..| 000003c0 03 00 45 b2 7a 4c cc 1d 5f 3e df 86 17 be a2 5c |..E.zL.._>.....\| 000003d0 a2 90 cc c8 2c 53 79 db 51 bd 8c 09 d4 46 32 65 |....,Sy.Q....F2e| 000003e0 85 6f 9f 7f 14 50 36 e0 59 72 55 d4 0c ea 3a a5 |.o...P6.YrU...:.| 000003f0 82 34 68 0c 6e 89 a5 56 af b4 36 ba 25 fb 9b aa |.4h.n..V..6.%...| 00000400 bf c3 d9 51 f9 40 a4 7b 17 03 03 00 b0 ab 29 04 |...Q.@.{......).| 00000410 33 2b a3 8f fa 47 84 59 26 44 73 0a 16 23 ac 63 |3+...G.Y&Ds..#.c| 00000420 8e 48 e3 c0 7a fe c0 93 6d d4 ac d7 64 b0 36 61 |.H..z...m...d.6a| 00000430 75 85 fc ab eb fc 76 75 98 c8 a9 10 4f cd c9 32 |u.....vu....O..2| 00000440 10 04 c7 9a 7d 72 96 f9 84 3e 80 e6 c7 fe d3 7b |....}r...>.....{| 00000450 e5 59 74 84 66 fe 06 75 36 a8 40 29 1c 4b fe fe |.Yt.f..u6.@).K..| 00000460 94 92 d8 98 ea dd b1 1f de b7 1f 86 64 ff f6 15 |............d...| 00000470 28 60 49 f5 ab 6b 7d c3 58 3d 9f bb 7d d2 9a b5 |(`I..k}.X=..}...| 00000480 7d fd 48 8e bd 27 80 16 04 4c a0 17 06 7d 8d 07 |}.H..'...L...}..| 00000490 60 b3 8b 0e 54 c5 ec 01 fa 49 be aa ef 82 f6 28 |`...T....I.....(| 000004a0 d4 d4 6b a4 8a a8 a8 78 77 1b 4d 27 3c 78 df 90 |..k....xw.M'>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 82 86 8d e8 e0 |..........E.....| 00000010 c3 92 53 67 06 d4 f3 98 74 6c ef b4 80 5c 21 50 |..Sg....tl...\!P| 00000020 8b 37 a4 20 1f 9e 0f 8b e9 89 d6 5b c9 bd 41 ba |.7. .......[..A.| 00000030 40 b4 3b fd 24 10 3d c4 ec 6a a4 8e ef 16 32 77 |@.;.$.=..j....2w| 00000040 82 46 0e 10 71 88 3f 0d 2f ce cf 64 b3 44 84 63 |.F..q.?./..d.D.c| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e fe 39 df 91 97 e6 e5 a8 80 ba 79 |......9........y| 00000010 cb 2d ab b6 1c a6 69 24 aa 27 13 87 98 95 a7 5e |.-....i$.'.....^| 00000020 41 08 be 17 03 03 00 13 20 f8 82 77 57 45 7f d6 |A....... ..wWE..| 00000030 05 00 00 8b ab b6 fc 99 21 01 6e |........!.n| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ALPN-NoMatch000066400000000000000000000173651373277661100263140ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 e6 01 00 00 e2 03 03 b0 99 e4 55 a3 |..............U.| 00000010 c9 e3 66 35 ca 63 52 24 50 2d eb d1 7c f2 a2 b1 |..f5.cR$P-..|...| 00000020 17 86 66 8b 64 9e 14 81 77 43 5f 20 d5 63 4e 9d |..f.d...wC_ .cN.| 00000030 89 6d eb 4c 75 e4 76 f6 f1 cf 72 3b 72 dc 72 a2 |.m.Lu.v...r;r.r.| 00000040 df f7 72 05 65 a1 8a 0f ba a2 c8 38 00 08 13 02 |..r.e......8....| 00000050 13 03 13 01 00 ff 01 00 00 91 00 0b 00 04 03 00 |................| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 23 00 00 00 10 00 10 00 0e 06 70 72 6f |...#.........pro| 00000080 74 6f 32 06 70 72 6f 74 6f 31 00 16 00 00 00 17 |to2.proto1......| 00000090 00 00 00 0d 00 1e 00 1c 04 03 05 03 06 03 08 07 |................| 000000a0 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 |................| 000000b0 05 01 06 01 00 2b 00 03 02 03 04 00 2d 00 02 01 |.....+......-...| 000000c0 01 00 33 00 26 00 24 00 1d 00 20 65 8f 45 f1 76 |..3.&.$... e.E.v| 000000d0 44 68 a9 ed 7e 2c c7 47 fb 4b 07 46 2c d1 bc d2 |Dh..~,.G.K.F,...| 000000e0 a5 c6 04 f7 3c 38 22 8c 28 4c 1e |....<8".(L.| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 d5 63 4e 9d |........... .cN.| 00000030 89 6d eb 4c 75 e4 76 f6 f1 cf 72 3b 72 dc 72 a2 |.m.Lu.v...r;r.r.| 00000040 df f7 72 05 65 a1 8a 0f ba a2 c8 38 13 02 00 00 |..r.e......8....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 40 38 d2 08 fb 83 |..........@8....| 00000090 ff de c2 76 9e 5a 22 74 fd 2f d1 19 d9 b2 40 6c |...v.Z"t./....@l| 000000a0 40 17 03 03 02 6d 8f f1 db 29 b2 b5 aa e9 5b ef |@....m...)....[.| 000000b0 cc 30 44 01 6c ce 68 bc eb ee ed 8f 73 10 9f e8 |.0D.l.h.....s...| 000000c0 26 c4 8e e3 f2 3f dc cf 14 7e 29 d9 d8 62 10 30 |&....?...~)..b.0| 000000d0 5a 12 fb c0 8d 31 40 62 b1 73 a4 86 73 c5 21 8f |Z....1@b.s..s.!.| 000000e0 73 7c 9d be 72 7a 19 c2 7f 28 b4 42 fc 79 5e 38 |s|..rz...(.B.y^8| 000000f0 9f 7f 80 34 3a 82 74 8c ae 71 f7 cf 93 b9 60 1f |...4:.t..q....`.| 00000100 a0 e7 8b 94 1d 7d 1d 5b 70 84 d3 d1 81 0b 3c 03 |.....}.[p.....<.| 00000110 ce fb 9a 18 8b ff fe e4 c2 d4 80 b1 06 08 bc 36 |...............6| 00000120 c1 b0 05 0c b6 1d 14 13 1e 52 2b e3 81 df 4a 51 |.........R+...JQ| 00000130 ba 96 24 8f 05 4c d2 ad bc e8 50 ef b5 ab 17 d6 |..$..L....P.....| 00000140 38 47 93 c8 73 1b 8f a6 39 3c 1a 83 0c c8 14 47 |8G..s...9<.....G| 00000150 4f 09 09 94 fa 73 d2 85 9e b6 28 0e 39 52 91 2e |O....s....(.9R..| 00000160 f4 b1 7c 3f e3 2e 91 11 d5 9f f8 6e c5 c2 79 a0 |..|?.......n..y.| 00000170 ee d9 95 82 5d 5b 98 04 4d aa 2b 34 db 3c 5f dd |....][..M.+4.<_.| 00000180 40 69 43 44 5e ff 65 21 a5 dc 3e 58 07 91 b8 bb |@iCD^.e!..>X....| 00000190 4e 59 d3 05 a2 af bd 3c 8b ef 86 d7 e4 95 13 cb |NY.....<........| 000001a0 35 9f 0e f7 e9 bd 0a bd 94 bc 21 09 54 df 0b 6d |5.........!.T..m| 000001b0 6d 3a 1b af 02 7b d6 47 72 44 21 31 88 83 fe cc |m:...{.GrD!1....| 000001c0 a7 9a 68 df 0d f8 c9 f2 14 f2 97 bb e0 b4 07 ba |..h.............| 000001d0 55 99 58 1a 62 57 b0 27 1c 63 84 71 4a 56 7b ad |U.X.bW.'.c.qJV{.| 000001e0 18 44 66 73 a3 63 5c 8b a0 cc 9f de 43 54 fa 36 |.Dfs.c\.....CT.6| 000001f0 70 52 21 42 18 7f f1 94 dc b9 9e a7 f4 ae 1e 8d |pR!B............| 00000200 93 84 64 35 52 dd cc c7 52 62 06 1e af 2c f8 b0 |..d5R...Rb...,..| 00000210 c5 16 bc d9 6d 4c 14 c9 d9 17 72 85 9d eb 72 ad |....mL....r...r.| 00000220 81 68 44 b1 04 b7 bc 01 3d 43 54 d9 35 61 6a 6a |.hD.....=CT.5ajj| 00000230 0e 67 c7 06 82 74 09 1e 07 ef 0f a6 10 c4 b4 ba |.g...t..........| 00000240 53 51 57 56 e8 28 cb 43 15 ce b5 b3 15 21 f1 da |SQWV.(.C.....!..| 00000250 29 a2 b4 cc 56 4b d3 d9 38 a7 cf f1 38 ae bd fb |)...VK..8...8...| 00000260 91 2c d4 2a e8 f9 21 3c e2 ec e1 2a 8c 34 95 a5 |.,.*..!<...*.4..| 00000270 d1 51 cf 55 8c 2b 46 dd 6b 26 96 10 ea 8b 99 2a |.Q.U.+F.k&.....*| 00000280 9a b2 79 4e d8 4f ab 4a 8a ea 81 63 9e f2 6f 0e |..yN.O.J...c..o.| 00000290 db 1f e3 3e ea 92 d1 56 fa 9e 18 ef d8 ea 11 68 |...>...V.......h| 000002a0 9e 36 be 96 bb 09 ea 63 a0 b2 ef 6b 9d 77 e1 12 |.6.....c...k.w..| 000002b0 57 12 f5 02 9b f5 d1 f7 f3 8f 06 ad 13 5c ce d9 |W............\..| 000002c0 32 b9 16 88 1f 97 0d a6 b6 ca 42 8a f0 62 f9 f7 |2.........B..b..| 000002d0 df 0b 16 99 1d 95 16 07 b0 d5 25 0e bc 01 9e 3d |..........%....=| 000002e0 14 8b 65 8a ed fd 3d 9a ab 04 ab 4e 26 9f 42 52 |..e...=....N&.BR| 000002f0 54 54 68 51 54 47 5b 7e aa 0d 74 88 de 4c c6 f6 |TThQTG[~..t..L..| 00000300 ac 75 7f 13 bc 0b ea 4a 72 15 c8 ba 20 3a 2f 93 |.u.....Jr... :/.| 00000310 37 25 a6 17 03 03 00 99 30 1b 93 37 10 b6 00 3f |7%......0..7...?| 00000320 1f 8b a7 97 2e a7 a8 26 c0 49 60 7a 20 61 42 f1 |.......&.I`z aB.| 00000330 a4 62 52 87 d2 d4 6c b0 46 d0 a1 44 86 14 e2 40 |.bR...l.F..D...@| 00000340 78 e1 42 f0 3b c8 87 05 6a 0e 07 6a d0 16 f4 2f |x.B.;...j..j.../| 00000350 91 c1 aa 8a 70 d6 fc df bb b6 a6 b1 d2 44 7c b9 |....p........D|.| 00000360 35 2a 54 c9 0c e3 82 71 b9 7e a9 ab 42 38 7c 3b |5*T....q.~..B8|;| 00000370 f1 3d f5 5b ec 2e f5 0a cb 4c bd 44 0d 31 a7 3b |.=.[.....L.D.1.;| 00000380 4f 48 9c 43 4b fc 89 ac 72 ed bc 71 7a 0f 0e d2 |OH.CK...r..qz...| 00000390 5e 06 15 36 7c 0a 64 70 66 7e f3 7b 8a 22 7b 62 |^..6|.dpf~.{."{b| 000003a0 d3 ca 97 24 64 26 5c 74 29 bd 49 6c 44 b0 e4 9a |...$d&\t).IlD...| 000003b0 9f 17 03 03 00 45 b1 e7 66 10 a5 b3 9a da 8b cc |.....E..f.......| 000003c0 a4 74 19 2c 3b 86 be 6a 12 62 cc 1e 0a 2a 9d c8 |.t.,;..j.b...*..| 000003d0 24 0b 9e 65 c9 de 1d 58 13 61 a8 59 a5 50 5c 77 |$..e...X.a.Y.P\w| 000003e0 06 48 98 57 58 ae 4a 08 65 4a 95 5b fb da 41 ff |.H.WX.J.eJ.[..A.| 000003f0 c9 fb 1c 0c ac dc 37 a7 0b d5 f8 17 03 03 00 aa |......7.........| 00000400 da 42 17 da 31 ee c0 0c 77 08 2b 63 ff aa 3f 2d |.B..1...w.+c..?-| 00000410 3e 41 e8 dd 98 67 7e 7c 9f bc af f5 2c ff 41 0a |>A...g~|....,.A.| 00000420 b7 a6 dd dc 1c cb b8 5b fd eb e0 db f5 f7 33 22 |.......[......3"| 00000430 cd 43 a4 85 24 6b fe a6 7f 96 7f 08 ec 02 d2 97 |.C..$k..........| 00000440 59 4f b7 da 19 0e a9 5d 4a e0 c4 a8 62 3c 42 20 |YO.....]J...b>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 47 b6 7d 2b 00 |..........EG.}+.| 00000010 9f bb ef 1e bd 0e ef d8 07 9e 2e 82 7f 6a 41 55 |.............jAU| 00000020 9a 61 81 a4 12 03 eb 0c 39 1d d6 00 02 c5 58 d6 |.a......9.....X.| 00000030 8f 96 c0 17 09 08 d3 27 17 6b 83 a9 22 2f 84 ad |.......'.k.."/..| 00000040 cf 00 3b 5e 42 68 d2 29 45 00 26 b8 ca cf c4 8a |..;^Bh.)E.&.....| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e e8 15 71 bc 83 fe 0b ae e4 10 4a |.......q.......J| 00000010 d2 5b 79 61 c6 50 b1 39 18 e6 da ea 48 c4 bd d3 |.[ya.P.9....H...| 00000020 50 fb 6b 17 03 03 00 13 e7 88 fb 10 6f 38 76 8a |P.k.........o8v.| 00000030 05 59 f6 39 83 d8 fb 4e 52 9a 18 |.Y.9...NR..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-CHACHA20-SHA256000066400000000000000000000165561373277661100261530ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ca 01 00 00 c6 03 03 97 f2 3f 1b 61 |.............?.a| 00000010 55 8f c8 28 05 38 73 01 66 70 e0 82 3b a3 e1 97 |U..(.8s.fp..;...| 00000020 41 4b 70 66 78 8e dd 71 a7 d1 93 20 1b fa 2b 2c |AKpfx..q... ..+,| 00000030 be 6f 7b 91 b9 9f a7 37 6a 0b 2e 96 af 49 4a fd |.o{....7j....IJ.| 00000040 0e 33 63 12 07 ae 73 7b 4c 94 06 88 00 04 13 03 |.3c...s{L.......| 00000050 00 ff 01 00 00 79 00 0b 00 04 03 00 01 02 00 0a |.....y..........| 00000060 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 |................| 00000070 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 05 03 |................| 00000080 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000090 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 04 00 |.........+......| 000000a0 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 20 62 |-.....3.&.$... b| 000000b0 dc 8c db bc 08 60 e5 f2 4e 21 fa 38 8a 49 b7 8b |.....`..N!.8.I..| 000000c0 2e 0a cb f3 2b e3 9d 3e 73 cd e2 4b 08 94 17 |....+..>s..K...| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 1b fa 2b 2c |........... ..+,| 00000030 be 6f 7b 91 b9 9f a7 37 6a 0b 2e 96 af 49 4a fd |.o{....7j....IJ.| 00000040 0e 33 63 12 07 ae 73 7b 4c 94 06 88 13 03 00 00 |.3c...s{L.......| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 83 fd 7a 76 1c bb |............zv..| 00000090 f0 50 48 e2 8c 43 f3 e9 5b 22 2c 75 b9 7d df b8 |.PH..C..[",u.}..| 000000a0 b0 17 03 03 02 6d 1b 06 db 53 73 91 b3 fa 2e 05 |.....m...Ss.....| 000000b0 03 d8 bf 34 74 e3 f0 76 75 d3 d1 be 68 d0 f1 cc |...4t..vu...h...| 000000c0 b1 a1 b9 5f 80 30 9d e3 40 d2 3d 73 1f 8a 7f 00 |..._.0..@.=s....| 000000d0 b5 a3 5c 4d 2e ff 27 d3 8b cb a9 93 2d ca f5 a4 |..\M..'.....-...| 000000e0 90 94 37 7e d3 dd 84 61 c4 72 61 80 eb 3c 5d 5c |..7~...a.ra..<]\| 000000f0 58 a5 dd 99 72 a0 e4 ca 6d 2b 4f 7c dc 98 d4 4d |X...r...m+O|...M| 00000100 f8 f9 49 11 be 1a 76 77 49 c7 9a 1f 0d 54 69 8d |..I...vwI....Ti.| 00000110 79 15 86 f1 70 c5 4a eb 30 22 f1 27 b0 f5 59 19 |y...p.J.0".'..Y.| 00000120 87 bc 99 80 3f 53 c8 80 f5 e4 ea 95 13 9e ba b2 |....?S..........| 00000130 92 e8 7d a1 16 53 33 2a 25 d3 ed a9 83 ee 9a f3 |..}..S3*%.......| 00000140 55 2e ff d4 c8 72 6f 15 30 a0 46 7e 6c c8 a1 3b |U....ro.0.F~l..;| 00000150 e0 0e 5e 39 c6 9d 2d de f0 bb 89 15 5b 06 f7 68 |..^9..-.....[..h| 00000160 67 c8 4e ad fb 18 c8 fd 86 7d d0 3a 02 58 ea 23 |g.N......}.:.X.#| 00000170 ba bd 2f 32 64 7a 3c 7d 66 5a ff b7 98 e0 45 af |../2dz<}fZ....E.| 00000180 aa 48 7c 7d 07 86 f9 c3 6b d1 81 cd bd ee 55 77 |.H|}....k.....Uw| 00000190 6f 28 78 4a 96 5d 88 2f 10 ac ad b9 66 77 e9 10 |o(xJ.]./....fw..| 000001a0 07 9c 02 98 77 08 c9 3c 88 c4 56 15 f7 d6 2d fc |....w..<..V...-.| 000001b0 69 4b c5 a1 69 4f bb d4 f0 d9 b9 3e 36 87 f4 e4 |iK..iO.....>6...| 000001c0 d4 b1 2a 60 04 4f f7 74 79 18 31 83 9c ba f4 a1 |..*`.O.ty.1.....| 000001d0 d6 88 3a 6f a2 62 01 51 b2 47 81 f0 63 a1 b7 aa |..:o.b.Q.G..c...| 000001e0 ee 0f 13 18 0c 02 61 4a 0e f8 46 8b 35 46 84 24 |......aJ..F.5F.$| 000001f0 85 53 b5 88 67 5f 5d c8 6f d1 ef 3f 3c 23 c1 76 |.S..g_].o..?<#.v| 00000200 e6 bd b9 bb 5f 28 9f 7b 84 3b bd 77 05 83 e0 dd |...._(.{.;.w....| 00000210 5d 92 82 d8 e0 2c da b0 cf 06 4b a6 00 16 7b 0a |]....,....K...{.| 00000220 fd 2c 2e c1 c9 f3 0a 57 30 5a 7e 3e 57 bf a2 cb |.,.....W0Z~>W...| 00000230 28 5b 35 5f f5 12 2f 02 78 94 7c 69 ca d4 16 6a |([5_../.x.|i...j| 00000240 67 05 27 4e 8d 27 79 32 ee c2 dd 07 03 93 81 23 |g.'N.'y2.......#| 00000250 67 35 2a 5c 3b d5 cf 3b 5b 90 0e b5 77 a6 29 80 |g5*\;..;[...w.).| 00000260 f5 34 7f 8f fe 0c ee eb 67 24 ec ee b8 c0 5c 6f |.4......g$....\o| 00000270 e4 0f 4a 9c b3 ad fe 90 d0 ad 60 82 e5 48 ab 45 |..J.......`..H.E| 00000280 fc a6 fb 5e 49 df db fa c3 47 44 70 f7 d2 1d cb |...^I....GDp....| 00000290 d3 fd 9d db 3e 68 57 4c d5 e8 97 2e ad a8 40 86 |....>hWL......@.| 000002a0 33 f6 8c 08 7c d8 a0 7a 92 f5 df 60 c0 88 d6 d1 |3...|..z...`....| 000002b0 d9 32 a8 fd 65 44 db a5 73 fb da 31 09 13 7f 73 |.2..eD..s..1...s| 000002c0 31 12 a1 37 b3 8d b3 86 ad 6a c3 6e 73 40 ba bf |1..7.....j.ns@..| 000002d0 67 31 8b 9c 83 29 28 f0 e9 e9 b7 cf c3 9f 49 7d |g1...)(.......I}| 000002e0 4d b2 ab 23 69 a3 78 22 85 08 36 46 ef 65 68 b0 |M..#i.x"..6F.eh.| 000002f0 43 1f 24 d2 04 d7 80 8b cb b1 6a e4 74 ba db 9a |C.$.......j.t...| 00000300 bc 79 de 35 37 0d 9b 4b 3c 4a 75 e6 f4 e2 25 c1 |.y.57..K>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 11 da e6 21 fb |..........5...!.| 00000010 75 8f 29 fb 89 1d 22 4f eb a2 21 2e 05 c7 bb b9 |u.)..."O..!.....| 00000020 5d ee 1e fa 9f 1a 96 ee 32 57 59 d6 d0 f8 78 f5 |].......2WY...x.| 00000030 28 3f 5c 81 07 9c ca 6b a9 e3 8a 9a b5 fa 08 b4 |(?\....k........| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e ec bc b8 08 08 3e 41 9d 26 a7 08 |..........>A.&..| 00000010 15 f4 f1 c9 fe 68 51 8d 10 7e f4 24 dc d5 07 e7 |.....hQ..~.$....| 00000020 09 5e 27 17 03 03 00 13 b1 e0 7d e1 9b f9 c5 e2 |.^'.......}.....| 00000030 65 47 1e 1c 5c 45 05 74 cb 7d 51 |eG..\E.t.}Q| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ClientAuthRequestedAndECDSAGiven000066400000000000000000000336411373277661100323240ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ce 01 00 00 ca 03 03 6c b1 d8 ec 28 |...........l...(| 00000010 79 66 a7 cb de 70 ad 37 e3 d9 01 96 b7 8e 11 12 |yf...p.7........| 00000020 64 73 87 29 98 f0 80 40 7c 4c 4a 20 ce 6c aa 3a |ds.)...@|LJ .l.:| 00000030 f0 c3 c0 03 37 08 fb 21 b8 42 38 06 74 27 59 f1 |....7..!.B8.t'Y.| 00000040 01 ec 61 b2 d9 ff ef cf ac ad 81 0c 00 08 13 02 |..a.............| 00000050 13 03 13 01 00 ff 01 00 00 79 00 0b 00 04 03 00 |.........y......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c |................| 00000080 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000090 08 04 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 |.............+..| 000000a0 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 |....-.....3.&.$.| 000000b0 1d 00 20 1d 81 39 f2 dc 87 de 3d cb 5c ab b6 8a |.. ..9....=.\...| 000000c0 ad 08 49 bc 46 43 05 f4 ef fe 94 ba 67 c1 23 92 |..I.FC......g.#.| 000000d0 fc 20 36 |. 6| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 ce 6c aa 3a |........... .l.:| 00000030 f0 c3 c0 03 37 08 fb 21 b8 42 38 06 74 27 59 f1 |....7..!.B8.t'Y.| 00000040 01 ec 61 b2 d9 ff ef cf ac ad 81 0c 13 02 00 00 |..a.............| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 b9 ae 6b c3 bb f9 |............k...| 00000090 b9 e9 46 d9 b2 91 2d d4 11 3e 2f 9f e8 97 26 6d |..F...-..>/...&m| 000000a0 34 17 03 03 00 3e c2 62 ee 6d c8 57 27 5b 40 c6 |4....>.b.m.W'[@.| 000000b0 cc 84 24 d9 8d 4a 10 37 c2 ec 20 d4 43 f5 30 8c |..$..J.7.. .C.0.| 000000c0 db 6c 61 88 8c 3e 0f 5d 97 de 93 6f bf 1b 74 fe |.la..>.]...o..t.| 000000d0 38 68 3e 20 b4 1b 81 ee 22 80 99 6d 56 39 7d c6 |8h> ...."..mV9}.| 000000e0 4c de 3e ed 17 03 03 02 6d f3 54 af 8e 83 cc 7b |L.>.....m.T....{| 000000f0 f4 fb 0f f4 53 3c 4b 50 0b 13 be 36 54 96 78 92 |....S.m.E..k....^..| 00000190 86 39 14 33 28 b2 6f 54 c2 67 25 bf e1 26 cb 6a |.9.3(.oT.g%..&.j| 000001a0 0d c0 00 56 01 5c b6 cc 35 1f c1 05 06 76 e7 89 |...V.\..5....v..| 000001b0 95 44 98 95 9f 8d 48 26 3b e2 4f 15 58 92 1e c8 |.D....H&;.O.X...| 000001c0 ec ee c5 4f 21 50 8e 36 2d 30 54 11 68 ae fc 8f |...O!P.6-0T.h...| 000001d0 15 b8 41 3c b1 9d c8 7c da 8c 87 5b 6b 84 0b 1c |..A<...|...[k...| 000001e0 22 52 e5 58 0f 2d a1 51 fa 07 da 09 c8 6a 2d 32 |"R.X.-.Q.....j-2| 000001f0 01 f9 84 fd 1c af 19 d9 0d 11 de ce 93 d0 7e 59 |..............~Y| 00000200 07 72 c1 eb e5 a0 4c 25 ce 69 73 83 ff 2b 9e d2 |.r....L%.is..+..| 00000210 43 a7 94 28 ac 0c c1 37 44 83 23 ea f4 26 dc 8f |C..(...7D.#..&..| 00000220 c3 be f3 d0 87 19 ca 7e 58 df a9 d6 c1 22 6b ed |.......~X...."k.| 00000230 9a 4b 61 18 2d 65 52 7a 3a 10 b0 84 13 dd ef c4 |.Ka.-eRz:.......| 00000240 88 8d 0c 02 97 e9 ac b6 d2 7d 1d 9e 7f 00 42 3f |.........}....B?| 00000250 75 7d 31 37 b4 9f 61 b0 e1 74 7e ec 02 35 99 41 |u}17..a..t~..5.A| 00000260 f1 f3 1d f9 21 72 44 27 4a ae 2b 18 73 86 ef 36 |....!rD'J.+.s..6| 00000270 94 25 97 e1 0f 7c 74 b4 f5 52 a8 45 3d d7 10 3a |.%...|t..R.E=..:| 00000280 54 36 17 33 67 13 34 a8 89 02 e2 7e 53 8a 3d 97 |T6.3g.4....~S.=.| 00000290 be 27 14 5d 09 09 2c e0 63 a3 e2 c6 26 40 94 6e |.'.]..,.c...&@.n| 000002a0 55 90 ac d7 1d 4e b8 87 cf 58 c0 93 a3 60 02 97 |U....N...X...`..| 000002b0 08 6d 80 b2 04 7c ea e2 b2 0c 87 0e 83 c6 33 4f |.m...|........3O| 000002c0 1b 03 30 18 df b2 7a 49 d4 c0 df df e9 71 f1 25 |..0...zI.....q.%| 000002d0 3f 69 3e d5 6c 77 92 15 b0 e4 1e 2d 98 c7 6c 84 |?i>.lw.....-..l.| 000002e0 19 4d 3e cf 3f c9 b0 be 77 30 52 24 65 ad 89 73 |.M>.?...w0R$e..s| 000002f0 ff c2 6b 3d e1 89 93 42 00 87 db 57 dd 39 be a5 |..k=...B...W.9..| 00000300 10 15 8f 8b cf e1 98 f3 b7 6a 9f 54 23 71 5e 16 |.........j.T#q^.| 00000310 56 cd a2 4b 54 48 d2 9c 07 4d 1c 4e 6a 75 d2 db |V..KTH...M.Nju..| 00000320 d1 7f 59 7d c3 d7 99 42 79 c6 26 93 2a ca 22 38 |..Y}...By.&.*."8| 00000330 e5 89 1f 09 a0 e1 70 64 84 d3 ae 0c f6 b3 fd 65 |......pd.......e| 00000340 5c c3 d1 0c 42 6c df 4f 75 43 1d 31 df eb a2 2a |\...Bl.OuC.1...*| 00000350 c7 a0 02 63 51 40 17 03 03 00 99 54 81 a4 6d 19 |...cQ@.....T..m.| 00000360 5a 58 01 77 fc e7 96 09 63 29 dd d7 90 11 9c 29 |ZX.w....c).....)| 00000370 e4 29 60 b4 aa 02 d8 ce 7e ce eb cd dc 20 44 bd |.)`.....~.... D.| 00000380 b8 59 7d 64 fc 81 76 ac 4a 2d 0e 29 71 29 cf 92 |.Y}d..v.J-.)q)..| 00000390 1a a3 6e 33 61 36 ae c4 9d 52 28 72 ff 11 e1 76 |..n3a6...R(r...v| 000003a0 36 03 63 85 87 ea af 09 58 63 b4 b2 79 f8 f8 8b |6.c.....Xc..y...| 000003b0 1c 3f 9f 9f 5d c5 9d 76 89 b0 ac bd 32 5e 3b 10 |.?..]..v....2^;.| 000003c0 fe a9 db ab 2e a2 1a f2 2b 6a 39 3f 29 f7 b4 73 |........+j9?)..s| 000003d0 ad e4 ee d6 f5 e0 c0 74 f7 11 31 1c 68 1e a6 33 |.......t..1.h..3| 000003e0 83 f2 d5 1a f3 8a 7d 53 42 3a a8 d5 0a 7f f0 ab |......}SB:......| 000003f0 40 8f 72 d1 17 03 03 00 45 0a 68 73 2a 49 84 91 |@.r.....E.hs*I..| 00000400 45 23 0d 5c 84 3f f0 c8 8e d5 97 12 5f 8c a6 82 |E#.\.?......_...| 00000410 48 0b 8a b2 9b 0e 1a 91 dc 68 4a 0a c9 13 2f 54 |H........hJ.../T| 00000420 53 12 0d 50 2c 11 1e 20 9f 21 a6 6d b3 dd 27 c3 |S..P,.. .!.m..'.| 00000430 02 16 ed 43 9a 62 0a 94 c2 bd 56 cc 1a 57 |...C.b....V..W| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 02 1e 9d 35 71 7a 37 |............5qz7| 00000010 81 34 2e 13 06 40 d6 e5 4e 29 c5 11 bd 16 97 b1 |.4...@..N)......| 00000020 d4 f1 46 dd c6 08 a2 42 1d b9 3c ba 3a fd c9 d7 |..F....B..<.:...| 00000030 9d 3a cd 79 f6 a3 e1 e6 30 63 b1 95 fc 02 6c 96 |.:.y....0c....l.| 00000040 4d d5 97 c4 31 77 37 bb 39 82 e2 64 f5 15 8c 86 |M...1w7.9..d....| 00000050 03 82 f5 45 88 2d 19 58 c0 6c e4 b1 2a c6 df 17 |...E.-.X.l..*...| 00000060 20 21 da c7 b9 c2 1e bf 9f 31 16 2f b7 10 8f 24 | !.......1./...$| 00000070 f9 5a e5 a0 25 77 9d b7 aa d1 bd f9 d5 d6 c9 07 |.Z..%w..........| 00000080 5e 1f 7c 58 ee 23 c7 5b 36 d1 5a e3 a1 79 92 db |^.|X.#.[6.Z..y..| 00000090 6b 5d da 99 02 e2 21 6a 13 ca 28 cb 09 df e6 6e |k]....!j..(....n| 000000a0 98 b0 eb 06 87 bb 11 d9 40 ca 71 b9 41 75 64 3f |........@.q.Aud?| 000000b0 45 a1 1e d1 13 09 66 91 c7 a3 56 2b 29 99 04 ee |E.....f...V+)...| 000000c0 53 4b 4d 05 d3 04 04 e1 2a ad 61 b5 a9 69 38 a2 |SKM.....*.a..i8.| 000000d0 9b e7 0b 0a 49 8c 11 49 86 65 85 d5 9b 7d 9f d0 |....I..I.e...}..| 000000e0 cc 1b fb 73 1e 9b ab 71 e9 0c fa 01 42 ea 35 cd |...s...q....B.5.| 000000f0 ed df fb 26 c8 e2 62 c0 6d 75 02 b1 1c f3 46 01 |...&..b.mu....F.| 00000100 9a c1 ad e6 36 dc c6 b7 98 87 ea e3 ab 74 29 5c |....6........t)\| 00000110 7c 95 8d ca d4 67 14 9f 99 14 f1 af 1b f0 7a 06 ||....g........z.| 00000120 cc c9 24 31 85 a0 73 d7 ac f4 e4 1a a1 2b 1f bd |..$1..s......+..| 00000130 ef f1 3b 10 ba 60 53 16 ef eb fc 0a b6 7f 7b 84 |..;..`S.......{.| 00000140 15 ec b0 9b f6 3f 92 15 a1 a0 00 bf 4e 8e 42 2c |.....?......N.B,| 00000150 fc 1c c9 c4 35 53 8b 6e 0a 6d 77 d1 15 7d e7 87 |....5S.n.mw..}..| 00000160 ff c7 dd 0a b6 32 01 8d b3 5e 25 bb d6 22 b4 0a |.....2...^%.."..| 00000170 81 a8 ca 2c 5f 5f 13 98 e7 ac 46 8c 74 9b 28 2d |...,__....F.t.(-| 00000180 d0 3d c4 f8 8e e0 76 53 43 c1 36 a9 41 56 24 38 |.=....vSC.6.AV$8| 00000190 5e 40 07 21 75 6c 52 38 7b f0 e2 52 93 70 59 14 |^@.!ulR8{..R.pY.| 000001a0 ae d0 2b aa 33 23 70 db 86 a9 31 8d 14 65 87 35 |..+.3#p...1..e.5| 000001b0 45 78 ba d4 37 4f 41 25 40 93 86 b0 ab 7e 4c be |Ex..7OA%@....~L.| 000001c0 c1 93 7d 9b 6a 91 f0 11 d3 9d 1d 75 f2 a7 4d b7 |..}.j......u..M.| 000001d0 c3 f8 8e af f8 1b 47 fe d0 e4 90 e5 ea df 31 dc |......G.......1.| 000001e0 97 ac 98 e7 40 27 94 ba de 9b cc ef fd 33 11 62 |....@'.......3.b| 000001f0 aa 9c 22 25 9e 2d 70 9f c8 ab 8b e2 98 21 b5 04 |.."%.-p......!..| 00000200 94 e7 0e 5c 55 a6 12 ee 77 32 82 1f ea 50 fe 82 |...\U...w2...P..| 00000210 8e 0e de 28 f4 7d be e9 cb bb fa 31 2f 27 2f 1a |...(.}.....1/'/.| 00000220 66 cd b4 c7 cb 0c ee b6 c1 17 03 03 00 a4 b7 e6 |f...............| 00000230 99 07 76 ed 69 39 e4 15 76 bb a4 5e 58 6e 88 87 |..v.i9..v..^Xn..| 00000240 e5 54 55 4e f1 5e 3f 96 aa 57 a6 8b 93 3f 07 fc |.TUN.^?..W...?..| 00000250 cd 36 78 a4 90 2c aa 69 44 97 fc 83 c6 5f d6 bf |.6x..,.iD...._..| 00000260 cf d0 de 1c 92 eb 38 03 4b b1 4e 6c 90 80 c7 5f |......8.K.Nl..._| 00000270 4f d2 93 4f a2 9f b5 94 18 a3 1a d1 a8 20 42 2d |O..O......... B-| 00000280 a3 60 75 43 f5 f1 73 0b f8 4d 92 8e a7 68 6c ed |.`uC..s..M...hl.| 00000290 5e 7a ae 2b 45 b2 34 35 91 48 e8 fe 1f 3f 0a c5 |^z.+E.45.H...?..| 000002a0 73 b3 23 95 b4 08 9e 56 68 24 13 fc c4 e1 c6 dc |s.#....Vh$......| 000002b0 c0 25 c3 61 a2 d1 b0 28 2c 42 d5 e8 fa 65 7d b7 |.%.a...(,B...e}.| 000002c0 7c 38 f6 6d 20 8f a8 fd 08 35 e1 b0 99 c2 38 89 ||8.m ....5....8.| 000002d0 d9 b0 17 03 03 00 45 38 f2 0d 46 65 cc aa d8 66 |......E8..Fe...f| 000002e0 b6 53 65 d2 29 83 9a ef 63 a9 5f e3 cc 67 06 53 |.Se.)...c._..g.S| 000002f0 11 38 9f d0 bc 3c 21 9d e7 a0 7f 4c 8e 26 77 f5 |.8...>> Flow 4 (server to client) 00000000 17 03 03 02 af 77 76 55 f1 29 5e b7 14 d1 6a 54 |.....wvU.)^...jT| 00000010 14 c0 e1 46 fe 4b dc 97 c2 86 79 dd 7d 82 9c 4c |...F.K....y.}..L| 00000020 3b 65 88 1a c0 d0 b6 03 b6 52 d6 36 76 3a e7 eb |;e.......R.6v:..| 00000030 56 c4 7b d7 b5 49 d3 71 9d 16 f9 fc fd 1e e3 c1 |V.{..I.q........| 00000040 63 32 13 61 6e 63 7c 9c 8a 25 f9 ef 6c 2c e4 56 |c2.anc|..%..l,.V| 00000050 0d 93 1f 96 c8 cb c1 22 00 dc 1f 24 47 ff be 5c |......."...$G..\| 00000060 bb 89 9d 78 2b 24 2e 7e 80 08 6e f6 26 ad e3 93 |...x+$.~..n.&...| 00000070 0f 79 08 e2 1e 52 b3 bf 57 19 1e 21 b5 d5 af 9f |.y...R..W..!....| 00000080 ec c8 41 5f c7 2f 8f d6 55 15 9a 93 02 cd 82 92 |..A_./..U.......| 00000090 5d dd 93 70 04 8e d7 44 7f 48 58 4e 5b fb d7 59 |]..p...D.HXN[..Y| 000000a0 28 de 23 f6 22 ab f1 be 3c 16 fa 97 3b f7 c7 ac |(.#."...<...;...| 000000b0 0a 04 90 b1 49 4e ab ff 80 c7 8d 42 79 7f f3 b2 |....IN.....By...| 000000c0 25 b3 8d 9f de f1 4b 4c 87 e4 e3 43 cd e6 6d 7b |%.....KL...C..m{| 000000d0 cb 1f d6 12 0c 24 1f 6f fb 63 74 ea 90 9f 20 ee |.....$.o.ct... .| 000000e0 61 67 ff 4d d8 f8 58 e9 47 13 73 be 3e c6 35 5f |ag.M..X.G.s.>.5_| 000000f0 1e 8c 0c 21 c4 09 49 7c f3 d9 04 bd 86 d8 dd 72 |...!..I|.......r| 00000100 74 51 08 b2 ed 29 d3 64 c5 79 dd 95 21 83 33 5a |tQ...).d.y..!.3Z| 00000110 8e 2b 13 cc 61 d6 2f 14 fd d0 58 7e a7 96 db 99 |.+..a./...X~....| 00000120 cf 59 ff 28 88 8f 02 10 9f 57 59 78 56 4f 84 ec |.Y.(.....WYxVO..| 00000130 c7 7b da a8 50 1d 7c 72 5c 2d a9 ae 00 3f 17 3e |.{..P.|r\-...?.>| 00000140 59 a2 54 9d 0b 6c 8d fe 0b 57 c7 9b ae f4 1c ac |Y.T..l...W......| 00000150 a2 9e 14 78 e6 74 b5 c8 8b 0a 0e 8e 7b 9f f5 11 |...x.t......{...| 00000160 78 f2 8c 97 21 7a c1 23 60 41 15 23 55 26 3b 25 |x...!z.#`A.#U&;%| 00000170 d4 0e 25 76 a5 b2 b3 71 35 86 b7 f3 17 dc f5 0f |..%v...q5.......| 00000180 bc 4b 43 bd 93 73 1f c1 cc 92 c8 7f 62 d4 91 a2 |.KC..s......b...| 00000190 1c 04 73 4c 0f c5 f4 63 58 c5 24 fe 46 7e 66 38 |..sL...cX.$.F~f8| 000001a0 73 00 62 d4 73 e1 5b 0d 29 38 e1 c1 07 91 6c ef |s.b.s.[.)8....l.| 000001b0 54 fa e1 29 50 90 4a fa 2f 24 55 7b cf f0 d5 44 |T..)P.J./$U{...D| 000001c0 0a 83 fb f3 e5 4c d7 ac 3e e3 11 4e 74 1b 3f b0 |.....L..>..Nt.?.| 000001d0 4a 21 40 71 41 67 6a 11 39 15 ab 2f 83 38 fe 96 |J!@qAgj.9../.8..| 000001e0 1c bf 2a a2 f4 d6 5b 4d d3 21 d9 69 97 8c 2d 5c |..*...[M.!.i..-\| 000001f0 2c 8d 7c f2 63 7b 64 47 e1 c8 35 eb 9a 37 c4 45 |,.|.c{dG..5..7.E| 00000200 54 91 d0 3a 46 07 df 0c 44 ab 27 97 77 ba b3 24 |T..:F...D.'.w..$| 00000210 0e ba e6 ea 64 41 d9 b4 2a 05 24 30 0b 4f be 3f |....dA..*.$0.O.?| 00000220 68 9e 24 80 5d 33 ff 3c cb cf 46 fe ae bb d0 34 |h.$.]3.<..F....4| 00000230 b6 ad 51 fd 25 28 fa c6 81 2f 98 37 3a fa 35 22 |..Q.%(.../.7:.5"| 00000240 7c 77 4b 87 4c 7f 6a a6 30 49 df 74 62 88 5f 9c ||wK.L.j.0I.tb._.| 00000250 84 63 53 31 65 6e f5 96 81 e5 38 e4 e7 fe 68 47 |.cS1en....8...hG| 00000260 c4 5c d2 34 e9 41 36 af d2 eb 47 79 95 a1 e1 45 |.\.4.A6...Gy...E| 00000270 64 b6 4d 56 43 17 62 c0 bd a1 f5 e6 9d 28 7e e4 |d.MVC.b......(~.| 00000280 4f bd e3 d9 45 49 8d 87 b0 c9 18 c7 1b 66 08 15 |O...EI.......f..| 00000290 47 d5 c5 fc 23 18 a8 9a f1 f4 8e a6 4d c3 e4 b6 |G...#.......M...| 000002a0 66 e4 40 24 12 af 51 f5 a7 98 3c 0f 9d 99 0a 13 |f.@$..Q...<.....| 000002b0 cf 1c 10 d3 17 03 03 00 1e 00 c0 ce 7d f7 d8 24 |............}..$| 000002c0 2e fc 47 d2 bc a6 27 a0 e7 95 35 c4 2e ec 73 87 |..G...'...5...s.| 000002d0 56 fc 6d eb 30 32 95 17 03 03 00 13 51 69 bb 43 |V.m.02......Qi.C| 000002e0 e9 1a 58 44 5e 21 f3 1c 1c 24 a0 bc f9 1a f9 |..XD^!...$.....| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ClientAuthRequestedAndEd25519Given000066400000000000000000000272311373277661100324410ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ce 01 00 00 ca 03 03 42 7f e9 1f 9f |...........B....| 00000010 c9 c2 b4 45 30 37 a3 b4 0e 8d f1 19 c4 3f a1 d0 |...E07.......?..| 00000020 47 40 67 a5 a7 0a 4d f9 1f 72 ba 20 76 90 17 b4 |G@g...M..r. v...| 00000030 5e 29 35 41 ba b5 12 80 64 b3 bd 0c 3e 68 66 53 |^)5A....d...>hfS| 00000040 f9 8d 14 3f a3 d8 58 bf 4d a6 fa 6d 00 08 13 02 |...?..X.M..m....| 00000050 13 03 13 01 00 ff 01 00 00 79 00 0b 00 04 03 00 |.........y......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c |................| 00000080 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000090 08 04 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 |.............+..| 000000a0 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 |....-.....3.&.$.| 000000b0 1d 00 20 c6 ea 73 28 ff c3 db e6 69 1a 85 34 bf |.. ..s(....i..4.| 000000c0 6b f8 a4 ec 4b b5 f0 59 d6 28 b1 0d 0b a3 32 72 |k...K..Y.(....2r| 000000d0 65 be 47 |e.G| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 76 90 17 b4 |........... v...| 00000030 5e 29 35 41 ba b5 12 80 64 b3 bd 0c 3e 68 66 53 |^)5A....d...>hfS| 00000040 f9 8d 14 3f a3 d8 58 bf 4d a6 fa 6d 13 02 00 00 |...?..X.M..m....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 39 aa 9e ab b6 b1 |..........9.....| 00000090 90 1a 3e 98 f4 26 3e 49 92 d6 68 c7 4f 81 ec e7 |..>..&>I..h.O...| 000000a0 ac 17 03 03 00 3e e2 75 e8 ac e6 60 be e6 d0 50 |.....>.u...`...P| 000000b0 2c 14 72 5f 20 60 ed 7b 97 3a b1 ae e4 97 d4 f5 |,.r_ `.{.:......| 000000c0 aa 35 35 2b d4 ee 11 e6 7b 1b 82 bf 59 43 5c 62 |.55+....{...YC\b| 000000d0 a5 fb 36 3c af 67 0d be e0 37 86 d3 37 fb e3 ad |..6<.g...7..7...| 000000e0 be c4 0b a4 17 03 03 02 6d 9a fc fc c5 13 93 b7 |........m.......| 000000f0 72 5c 2b a3 be 57 96 ba 4b 4d 35 94 7a 5c 67 88 |r\+..W..KM5.z\g.| 00000100 78 3b 4e 56 7b c1 90 d6 0e c5 48 c1 b9 c6 6d 5d |x;NV{.....H...m]| 00000110 52 c6 35 6d c5 16 90 84 33 c1 b1 76 e1 a5 5e 79 |R.5m....3..v..^y| 00000120 a6 f0 5d 12 15 b9 cc c3 44 a9 10 68 55 3d bb f0 |..].....D..hU=..| 00000130 89 92 ba c3 65 91 2b 9d 1c cd ac d2 a6 8b 95 ca |....e.+.........| 00000140 f3 58 b3 86 c1 86 d4 74 fa e1 9a dc 67 94 37 2c |.X.....t....g.7,| 00000150 35 f2 a0 23 e2 6f 61 01 b6 b6 9d ab e6 55 25 7b |5..#.oa......U%{| 00000160 da d9 9b 7a f8 e1 2a 16 3b 08 95 63 78 75 05 8b |...z..*.;..cxu..| 00000170 05 3d ad 4f dd 95 35 ea 40 36 8e 9c f6 38 c8 87 |.=.O..5.@6...8..| 00000180 ff 6c 27 aa ca 70 e8 8a aa a4 8e 71 a9 f6 6f 9b |.l'..p.....q..o.| 00000190 57 9d 1e ba 43 ac 62 4c 7b 33 7c af be 7d 81 7b |W...C.bL{3|..}.{| 000001a0 1f 96 ad fa 1b 3e a6 25 bd ec f9 c8 bc b1 67 14 |.....>.%......g.| 000001b0 55 44 20 c2 c9 e0 17 45 9a c5 d2 2e f2 79 d2 ae |UD ....E.....y..| 000001c0 e0 f2 66 d6 05 a4 3e f4 9c 9c 06 73 a0 fd 3a a9 |..f...>....s..:.| 000001d0 fa 9a a0 c3 a7 bd e6 f8 49 de 91 a7 10 e6 82 52 |........I......R| 000001e0 a3 84 49 bd 9b 05 e3 63 ec b8 cb 94 18 8f a2 b4 |..I....c........| 000001f0 5a bd 75 bb 9a 65 5d f6 4e 91 83 cd 3e c4 1c ce |Z.u..e].N...>...| 00000200 89 a0 44 1d 6a e0 99 29 0b b1 25 eb 14 57 11 3a |..D.j..)..%..W.:| 00000210 11 67 73 df 78 e0 c1 1b 15 08 f4 9a 6b 52 db 27 |.gs.x.......kR.'| 00000220 10 7c 02 65 27 4a 41 eb 4d f3 d2 96 13 f3 fd c6 |.|.e'JA.M.......| 00000230 2b 5e 44 12 50 be f0 98 82 1b 46 51 09 8f 96 3c |+^D.P.....FQ...<| 00000240 a4 ae 8b 51 48 01 78 ec 2b ce 91 ad 38 6a 97 83 |...QH.x.+...8j..| 00000250 9c b8 a3 56 2c ff 4e f5 f4 35 51 c9 aa 75 92 d3 |...V,.N..5Q..u..| 00000260 d9 9a 7d 79 a4 e2 7c 64 8f 12 15 fc 5d 1d d4 2e |..}y..|d....]...| 00000270 ce 99 94 4f c4 03 48 f5 ed 61 77 db 84 9e 56 e3 |...O..H..aw...V.| 00000280 ed 1c 79 18 7e e4 fa b1 f5 c4 ee b3 9d ab e8 6a |..y.~..........j| 00000290 75 e2 d1 32 f9 e2 cb 01 bc 5e e0 ba ce c3 6d 19 |u..2.....^....m.| 000002a0 bf 89 6b a0 18 16 34 6e fc 7c c1 c6 bf b3 5c de |..k...4n.|....\.| 000002b0 f2 ee a8 5c 44 8c 6c 91 64 41 24 f1 67 9c e9 9c |...\D.l.dA$.g...| 000002c0 25 63 63 90 25 47 a4 26 9a e6 85 a1 91 7c 64 ff |%cc.%G.&.....|d.| 000002d0 55 3a 0c a5 72 6c c5 47 dc e2 47 5a e4 84 2a 46 |U:..rl.G..GZ..*F| 000002e0 7a 45 0d b5 34 25 73 76 6f 6d 67 85 bf 87 e8 25 |zE..4%svomg....%| 000002f0 1d a6 9a 5b bb 56 59 50 bb 75 e6 a5 e2 fc db 22 |...[.VYP.u....."| 00000300 15 bc e1 cd 6e 88 48 bb a5 0e 00 b0 e6 fd 44 a0 |....n.H.......D.| 00000310 ce 6d 0a 86 3c f2 ec e8 24 c2 ee cf bf 98 7c 7a |.m..<...$.....|z| 00000320 8e 1b 19 d6 70 7a bf d5 87 43 dd b2 15 3d ef 57 |....pz...C...=.W| 00000330 c3 11 87 60 ab b2 af db 26 29 bf 76 7f 1a 8b b4 |...`....&).v....| 00000340 25 fe 93 93 65 bb f8 b2 d8 70 03 24 05 f2 d7 ba |%...e....p.$....| 00000350 4a 27 bc e4 86 f2 17 03 03 00 99 8f a3 e3 2d c2 |J'............-.| 00000360 47 c6 9e bc e4 2c 7e c3 be 29 f4 38 1d 04 a4 a6 |G....,~..).8....| 00000370 d8 27 be 98 bb 32 54 c3 1d 7e a3 2b 9a 00 71 18 |.'...2T..~.+..q.| 00000380 0b 96 50 ab b7 db a3 b9 b0 00 25 82 46 4e b0 34 |..P.......%.FN.4| 00000390 11 7a 61 bf e8 a2 79 56 f4 21 55 c1 0d 9a 37 b7 |.za...yV.!U...7.| 000003a0 8b 60 ca 5a 33 65 2b 6d e0 6f e4 60 54 4e ba 71 |.`.Z3e+m.o.`TN.q| 000003b0 1f b7 a6 63 ab 1d 88 10 b9 3f 07 04 85 4e a9 dd |...c.....?...N..| 000003c0 3d 81 e4 56 2c 39 87 59 33 26 ac 05 d5 ec c8 9d |=..V,9.Y3&......| 000003d0 38 c5 05 33 d0 89 d7 86 cc 03 cb 79 fd 04 ba 82 |8..3.......y....| 000003e0 c5 72 12 90 d4 c6 97 49 46 7d 95 61 47 bd f2 f1 |.r.....IF}.aG...| 000003f0 2f 68 34 76 17 03 03 00 45 72 b5 b6 7a c0 5f 2e |/h4v....Er..z._.| 00000400 16 11 12 a0 b8 88 2f 68 86 af f1 9b a6 d6 91 f8 |....../h........| 00000410 1e da 23 bd bf 51 b5 be eb a0 e5 87 57 a7 53 19 |..#..Q......W.S.| 00000420 65 8f ee 28 d6 ac b5 34 cd 19 51 35 7c bc 83 24 |e..(...4..Q5|..$| 00000430 e6 6a 22 5a f0 44 38 40 70 4f ae 07 23 33 |.j"Z.D8@pO..#3| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 01 50 d2 b7 37 96 bd |..........P..7..| 00000010 4b c6 62 93 a7 db d5 77 df 01 c9 b2 c1 b5 53 da |K.b....w......S.| 00000020 1d f3 d6 c5 89 ce 55 96 15 47 28 c9 13 e4 1f ca |......U..G(.....| 00000030 75 35 ce e6 91 02 f8 2a b7 c0 04 f8 77 da 24 d3 |u5.....*....w.$.| 00000040 cd 6f 58 eb a1 c8 c1 be 59 8f b0 f5 22 79 ca 44 |.oX.....Y..."y.D| 00000050 0d 51 7d 87 78 5b 47 ec 91 c0 26 ea 51 82 07 16 |.Q}.x[G...&.Q...| 00000060 ee b8 31 8a b3 7f cd fc 91 64 bc 60 2f 07 c8 49 |..1......d.`/..I| 00000070 6d a6 38 77 48 1e 36 14 4a 70 8e 2a 0d a8 9b 21 |m.8wH.6.Jp.*...!| 00000080 35 bb 46 d7 7f 1d 19 57 5a a3 b9 32 02 90 41 df |5.F....WZ..2..A.| 00000090 80 90 44 8d 8f 44 62 59 6f 39 39 d9 db 5e 09 83 |..D..DbYo99..^..| 000000a0 11 cb a5 aa 3c ed b1 c9 dd 82 e4 a4 2b f7 3d ad |....<.......+.=.| 000000b0 6e f8 e0 5d 3e 96 2d 75 18 6b 10 a8 bb 0a b7 ee |n..]>.-u.k......| 000000c0 a2 6d be 33 d6 cf ac ce 3b a5 5c 28 c1 8d f3 60 |.m.3....;.\(...`| 000000d0 37 f9 1a ce f5 f0 f7 c2 51 dc 96 4b 10 39 46 d6 |7.......Q..K.9F.| 000000e0 af 95 63 8c 9c 3d 2c a6 e7 88 f2 26 47 34 35 9b |..c..=,....&G45.| 000000f0 d9 26 58 b5 92 ec 28 85 74 f3 80 0b de 0a c1 d6 |.&X...(.t.......| 00000100 20 61 0d 16 04 fc f2 08 05 ed 5e a3 f4 ce f8 4c | a........^....L| 00000110 8f 79 50 09 0b f9 84 a5 18 6b 06 19 32 53 cd 80 |.yP......k..2S..| 00000120 5e 55 9c 71 f5 20 2a 5d 20 6b 7e d1 6a 65 ff 80 |^U.q. *] k~.je..| 00000130 2e d3 47 06 21 1c dc 58 e4 0d 6d db d3 4f c5 6b |..G.!..X..m..O.k| 00000140 c4 34 fd 9b 7a 01 17 2f a4 42 ce c3 ed 22 2f 67 |.4..z../.B..."/g| 00000150 b1 b0 5f 60 4d 4a 87 22 cc d2 6f 17 03 03 00 59 |.._`MJ."..o....Y| 00000160 4c f0 d0 8a e8 24 89 90 8a c6 69 b2 be 1d e4 a3 |L....$....i.....| 00000170 6e c0 5c 51 69 1f e7 73 b3 ec 90 0e 39 61 21 30 |n.\Qi..s....9a!0| 00000180 e5 c0 69 b0 e4 fe 2f f6 3b 99 6b 8f 31 00 e9 b5 |..i.../.;.k.1...| 00000190 3d d7 32 cb 52 e9 21 a7 cf b0 77 6c 53 ea 21 d8 |=.2.R.!...wlS.!.| 000001a0 19 a3 11 d5 d0 54 d2 64 1b 2f 91 bc cb 5a 39 5a |.....T.d./...Z9Z| 000001b0 cf cc b6 ca ce 7d b1 05 a6 17 03 03 00 45 08 64 |.....}.......E.d| 000001c0 e7 0e 13 a7 3f 29 83 2b 3e e7 7b d2 99 c3 39 03 |....?).+>.{...9.| 000001d0 ed 90 30 5a 3b 97 d3 5e 8c 96 70 1e e1 a7 71 d5 |..0Z;..^..p...q.| 000001e0 ab 6f 6a b1 e7 02 5d 34 25 91 be da 59 f7 9e 1c |.oj...]4%...Y...| 000001f0 3d 00 cd c1 e0 62 64 42 07 94 53 fd 51 e6 3f cc |=....bdB..S.Q.?.| 00000200 6b 54 d1 17 03 |kT...| >>> Flow 4 (server to client) 00000000 17 03 03 01 e1 ca 72 4d 83 17 06 ff c8 f8 8a 60 |......rM.......`| 00000010 03 f8 4b 44 e3 2b 0b 1f 3b 45 51 cc 31 88 6c dd |..KD.+..;EQ.1.l.| 00000020 5a b7 55 0f 5d 5b c1 ee ba 98 6a 09 13 2f ee 43 |Z.U.][....j../.C| 00000030 e9 98 9e 95 c8 40 fe f0 d7 27 e3 6e 75 d0 55 0a |.....@...'.nu.U.| 00000040 ea 72 a9 56 67 61 5e 41 6c b2 d9 25 2f 54 b6 e1 |.r.Vga^Al..%/T..| 00000050 1f 6c 2c 6c 94 33 7e a7 db 41 b8 1f 03 35 9a 33 |.l,l.3~..A...5.3| 00000060 cc c7 8c 97 54 bb de 27 04 af 20 19 7d f7 49 17 |....T..'.. .}.I.| 00000070 80 91 b6 88 d1 07 15 89 4c 28 f9 5a 42 29 ff 52 |........L(.ZB).R| 00000080 82 79 21 3e 19 31 a2 d4 02 d9 2a c5 d1 10 27 31 |.y!>.1....*...'1| 00000090 36 0f 91 6d e6 20 54 a5 eb a1 8c db ea 46 48 05 |6..m. T......FH.| 000000a0 7a 01 c0 50 1a 9c 7f 28 19 e1 8e 4e a9 e1 02 18 |z..P...(...N....| 000000b0 cd 45 ec 4b 94 75 31 97 e3 12 7c 6e 7f 36 b4 a6 |.E.K.u1...|n.6..| 000000c0 63 f8 e5 4e eb a4 68 fe 38 bc 51 e8 d3 9d 32 16 |c..N..h.8.Q...2.| 000000d0 f4 74 8f 98 9d 2c f0 ff 69 09 22 e7 a5 f8 ef 23 |.t...,..i."....#| 000000e0 e1 da 2f 39 81 ec 0b 8a e7 4d 57 f5 23 b1 b8 dd |../9.....MW.#...| 000000f0 58 41 92 4b 39 8c c7 04 cc 0e d0 5d 85 df df 72 |XA.K9......]...r| 00000100 4a 2f 06 a5 03 e7 fc e8 56 68 a5 3d e4 98 59 8a |J/......Vh.=..Y.| 00000110 77 12 3c 88 ef f8 89 71 ee 09 97 e5 0a f4 7e b8 |w.<....q......~.| 00000120 41 a4 84 3e 1c f8 41 91 b3 05 04 91 23 d9 78 cb |A..>..A.....#.x.| 00000130 da 28 87 5d b0 bc 0f cb 50 a1 28 cf eb 90 5b 3d |.(.]....P.(...[=| 00000140 36 22 5f f4 ad 57 3e c1 9f 7d f5 1b 91 00 ac f6 |6"_..W>..}......| 00000150 a1 12 72 88 d6 8c ec 06 50 42 74 ab f9 3b 2b 1f |..r.....PBt..;+.| 00000160 5a 76 21 68 23 f9 99 96 ce 61 22 db c1 09 9e 30 |Zv!h#....a"....0| 00000170 32 f6 83 59 ff 72 da 24 97 a4 f9 01 c1 91 ec 4a |2..Y.r.$.......J| 00000180 c8 38 fc 7d 1c 37 5c 64 f4 10 d2 36 72 09 29 a6 |.8.}.7\d...6r.).| 00000190 7d d9 6e b8 32 d0 11 1c 22 f9 65 da cd 3d 4d ef |}.n.2...".e..=M.| 000001a0 07 84 7c 53 90 af 87 22 a5 d7 8f d9 5f 20 33 a6 |..|S..."...._ 3.| 000001b0 1f 7c 24 43 5f ff e0 2b ea 34 f6 3f 70 cb 37 aa |.|$C_..+.4.?p.7.| 000001c0 14 49 22 39 b3 60 3c 41 e7 51 21 53 73 3e 4b 0f |.I"9.`K.| 000001d0 9a 83 57 83 71 c3 cd af d9 1a 6b be cf 04 ed 1c |..W.q.....k.....| 000001e0 4a e2 9c d4 e8 3e 17 03 03 00 1e 8e 3c 3a 06 ae |J....>......<:..| 000001f0 c2 13 2f 45 09 72 8e cd 1f 84 cf 5c 49 7c 77 1a |../E.r.....\I|w.| 00000200 f3 05 c9 40 e3 27 25 fe a8 17 03 03 00 13 94 b5 |...@.'%.........| 00000210 36 b8 96 3e d8 a6 70 72 c6 03 0c e8 ee 79 76 17 |6..>..pr.....yv.| 00000220 3f |?| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ClientAuthRequestedAndGiven000066400000000000000000000334751373277661100315710ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ce 01 00 00 ca 03 03 5c 7f 22 d1 68 |...........\.".h| 00000010 cd b4 91 ea f3 2b 8d 11 47 ee 8a fa 43 34 c9 4b |.....+..G...C4.K| 00000020 1f be 70 f5 24 3f 6d ef e6 1c 24 20 a2 49 8d 61 |..p.$?m...$ .I.a| 00000030 7e 74 2e e6 cd bb 2e 0a 1a a0 e2 e7 ad ff fa 57 |~t.............W| 00000040 29 60 44 70 80 a4 87 eb 94 40 3a 79 00 08 13 02 |)`Dp.....@:y....| 00000050 13 03 13 01 00 ff 01 00 00 79 00 0b 00 04 03 00 |.........y......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c |................| 00000080 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000090 08 04 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 |.............+..| 000000a0 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 |....-.....3.&.$.| 000000b0 1d 00 20 1e 89 50 f3 47 f0 35 aa f1 84 66 13 da |.. ..P.G.5...f..| 000000c0 38 11 da 53 56 5e bd b7 09 60 fe 4f 7d bb 78 40 |8..SV^...`.O}.x@| 000000d0 c6 04 5a |..Z| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 a2 49 8d 61 |........... .I.a| 00000030 7e 74 2e e6 cd bb 2e 0a 1a a0 e2 e7 ad ff fa 57 |~t.............W| 00000040 29 60 44 70 80 a4 87 eb 94 40 3a 79 13 02 00 00 |)`Dp.....@:y....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 1f 53 4a c0 36 63 |...........SJ.6c| 00000090 eb e3 f5 00 03 42 f3 08 42 20 01 89 75 cc f3 d0 |.....B..B ..u...| 000000a0 f5 17 03 03 00 3e 69 82 54 5b 39 af 91 69 d6 d6 |.....>i.T[9..i..| 000000b0 3b c3 c1 2f ac f7 02 d4 e0 0d 8c 10 a0 ba ec c4 |;../............| 000000c0 65 41 43 5c 4c 3b 94 0a e3 7a bd 83 62 d2 3a 49 |eAC\L;...z..b.:I| 000000d0 2c e6 e8 ab 17 43 91 50 d9 67 f3 72 7d c9 0d 03 |,....C.P.g.r}...| 000000e0 37 cf 57 d4 17 03 03 02 6d 62 5c 3a 74 fe 99 1b |7.W.....mb\:t...| 000000f0 4c 10 12 1c 51 c1 b4 44 e7 e2 38 ff 08 d8 ba 28 |L...Q..D..8....(| 00000100 f3 35 e2 31 08 8d 4e 69 ff 27 e9 d9 ef eb c1 fb |.5.1..Ni.'......| 00000110 ec ae b0 49 3d bd bd 5e 7c 7b 6e 1e 7e f2 a4 02 |...I=..^|{n.~...| 00000120 6d 9b d6 f4 13 ca a3 10 1a 3b 1b b1 82 26 62 ab |m........;...&b.| 00000130 74 05 d5 ec b2 82 be d3 5b 93 70 93 34 42 40 7e |t.......[.p.4B@~| 00000140 91 c7 47 c8 fb 24 55 c4 fe 0e 2b 6a b0 bf 06 3d |..G..$U...+j...=| 00000150 b8 51 8d 31 3f 31 ca cf d9 ee 6e 7e 1c af 9e 71 |.Q.1?1....n~...q| 00000160 b8 e8 97 7e 9c c9 de 75 0d 84 3a 50 5b 58 83 7a |...~...u..:P[X.z| 00000170 59 ea 7c 18 71 82 84 b5 19 78 ab ce 37 0f d5 88 |Y.|.q....x..7...| 00000180 29 67 bc e6 e1 f9 ef 53 5c 29 cf 3e fe 44 fa 23 |)g.....S\).>.D.#| 00000190 df 87 63 9f 28 e4 c6 11 7c e3 c5 50 04 10 e6 d0 |..c.(...|..P....| 000001a0 af e6 5b 8a 15 44 21 5d fb ff 5b e2 63 3b 94 3b |..[..D!]..[.c;.;| 000001b0 e4 18 91 7e 28 bc 23 01 b6 1b 0e 35 93 29 67 44 |...~(.#....5.)gD| 000001c0 cc 66 af ab f2 33 77 00 e3 55 0c 98 18 5c 96 b9 |.f...3w..U...\..| 000001d0 ca 09 78 2b c6 b6 e9 9f 90 56 e3 c3 33 eb 02 61 |..x+.....V..3..a| 000001e0 48 07 ec 22 c1 0d 5e f2 96 3a 78 a6 cb 88 02 2a |H.."..^..:x....*| 000001f0 75 01 f8 d9 7b 8f 16 f8 25 0b 7f f4 56 85 33 22 |u...{...%...V.3"| 00000200 47 34 fc 6c a5 0c 14 85 55 1e 07 50 1f 75 b0 58 |G4.l....U..P.u.X| 00000210 ef c7 a2 52 09 cc 39 98 17 0f 8a d9 2c 4f f5 8e |...R..9.....,O..| 00000220 c2 a8 d9 eb 2e 8d d4 57 13 88 3d 32 dc 2f 74 cf |.......W..=2./t.| 00000230 dc 70 91 94 0f 60 dc af 96 f7 ec 7a 0d c8 ff 60 |.p...`.....z...`| 00000240 32 fe 1c e6 70 da c4 7e ba 72 99 eb a0 67 19 93 |2...p..~.r...g..| 00000250 05 5c 94 64 ad 46 45 78 1f fc 77 32 d8 09 36 53 |.\.d.FEx..w2..6S| 00000260 bc 37 b2 dc 9c ee 33 83 38 27 24 e6 70 7c ca b7 |.7....3.8'$.p|..| 00000270 11 43 5a 05 3d 8c 4b 14 46 96 84 b4 59 08 a8 a1 |.CZ.=.K.F...Y...| 00000280 fa d5 06 f0 37 f3 fe 60 ee ce 1f 37 68 fb 27 4d |....7..`...7h.'M| 00000290 d3 95 b6 d8 1d 45 5b 78 b9 0e 8b 81 29 50 12 e4 |.....E[x....)P..| 000002a0 6e b6 40 e1 c6 f6 64 04 2c 28 45 fd d9 ad e2 38 |n.@...d.,(E....8| 000002b0 b0 c5 2d 2d 07 5b b5 e0 48 f2 83 14 69 14 f3 c9 |..--.[..H...i...| 000002c0 42 6b b1 6f 45 84 67 01 ec fd 92 e9 d8 93 09 81 |Bk.oE.g.........| 000002d0 d6 27 04 6c f9 cb d6 1c 15 b0 6e 4e 49 f4 6a 88 |.'.l......nNI.j.| 000002e0 4e 3a 15 ef 27 65 7e cc f7 ac ea 39 2b b6 10 d9 |N:..'e~....9+...| 000002f0 53 0c 47 21 22 07 e5 92 04 10 f5 ca 3f 3f 69 a1 |S.G!".......??i.| 00000300 18 34 6b 56 fc cf 04 5b b2 9f 1b fd dc 9d 5b e2 |.4kV...[......[.| 00000310 69 b1 67 73 8f 9e c1 e0 a1 49 fc 0c 4b 84 8d 1a |i.gs.....I..K...| 00000320 10 f3 43 99 c0 35 1e d4 1e 1d b4 3d 23 00 a1 c7 |..C..5.....=#...| 00000330 6d cb 94 0d 31 ff f5 4b fb b6 51 25 e5 93 d7 12 |m...1..K..Q%....| 00000340 b8 cf 5f f3 18 9f 7f 89 75 2e 16 69 8c a8 c4 8a |.._.....u..i....| 00000350 dd 8b 9f ce 11 3d 17 03 03 00 99 b1 9f c6 88 11 |.....=..........| 00000360 ea ee 8e 4d cc 00 59 21 e6 78 87 97 dc 08 d6 ae |...M..Y!.x......| 00000370 be b1 fe ae 2a be f5 81 cb 24 7e fc 8e bd d0 93 |....*....$~.....| 00000380 61 0f cd 5a 81 02 be 35 46 21 d8 f7 2d ed d0 6e |a..Z...5F!..-..n| 00000390 b4 32 5e 02 8c f2 58 b6 77 c1 11 6c e7 18 d4 bf |.2^...X.w..l....| 000003a0 87 20 ed fe e4 d1 d9 7c 68 3a 9f ad 5d e3 6d c4 |. .....|h:..].m.| 000003b0 77 dc 3b 0c 36 4d 57 44 70 09 6f 36 cc eb f7 2f |w.;.6MWDp.o6.../| 000003c0 fa 43 36 c2 aa b3 e5 de b2 32 6f cf 4b b6 7c 75 |.C6......2o.K.|u| 000003d0 15 e6 e0 2b 83 a3 14 80 a5 02 93 96 e1 0a 99 40 |...+...........@| 000003e0 5c 3a 51 af d3 e1 74 c7 16 09 f6 3f 55 d7 a5 bb |\:Q...t....?U...| 000003f0 af e0 aa 71 17 03 03 00 45 42 8c ef 0b fe 46 7d |...q....EB....F}| 00000400 36 40 d1 f3 dc 66 f0 b5 82 f0 f8 68 78 aa a8 ca |6@...f.....hx...| 00000410 71 be f7 0e c2 5a ed 4f b0 41 22 cc b4 42 dc a0 |q....Z.O.A"..B..| 00000420 aa c1 5d d8 9b 94 27 a6 0a 77 f7 b9 97 75 f4 48 |..]...'..w...u.H| 00000430 41 df 6d ec 08 37 b6 8d 7f 46 79 fb 95 84 |A.m..7...Fy...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 02 11 37 64 87 a0 ed |...........7d...| 00000010 85 07 5a 05 e5 f2 7f 93 43 63 aa 1b f4 df 08 b0 |..Z.....Cc......| 00000020 fc a2 0d fb b3 8c 41 d7 e6 0f bf 28 18 50 cd cc |......A....(.P..| 00000030 10 1e 92 49 f5 8f 95 95 dd b9 63 89 b2 69 9a 73 |...I......c..i.s| 00000040 d0 30 f9 e9 56 90 49 67 4e da 1d 3b e6 3b fa 36 |.0..V.IgN..;.;.6| 00000050 42 04 ae f3 0c 29 0d 17 98 b6 1f 7c d4 fd 7a e4 |B....).....|..z.| 00000060 a4 27 93 0f 85 e5 d1 b7 d0 25 e7 23 09 98 dd 3c |.'.......%.#...<| 00000070 39 c1 23 45 43 43 82 7d bb c7 19 92 49 c6 e5 62 |9.#ECC.}....I..b| 00000080 42 bc d1 9e f5 eb 9e 71 5a ba c3 c0 65 1f 9c 9b |B......qZ...e...| 00000090 ff 8d 05 1b 6e 84 ec 8a ca 3f f9 b1 d1 43 6f d4 |....n....?...Co.| 000000a0 8b 22 80 88 25 9e a0 0c 20 55 82 fe bd 5c 42 02 |."..%... U...\B.| 000000b0 e3 53 9f 3f 28 64 f1 eb f6 b1 0b 6a 18 83 98 d5 |.S.?(d.....j....| 000000c0 bb 06 53 64 9d 7f cb 9c 25 64 99 7a 42 c1 35 9a |..Sd....%d.zB.5.| 000000d0 f9 a4 5a 2d 74 89 f7 fa 97 8c 32 0c 64 8d 00 d4 |..Z-t.....2.d...| 000000e0 6b 99 c5 d2 6a 39 21 ef 05 1e 5b 6a 46 31 36 f2 |k...j9!...[jF16.| 000000f0 19 4c 79 4d 00 4d 38 9b 23 c0 b6 6d 8e 4a 27 8e |.LyM.M8.#..m.J'.| 00000100 20 3d f5 08 5c 39 62 ac 66 f5 93 b1 67 59 e6 09 | =..\9b.f...gY..| 00000110 22 c8 ec 97 b0 5e d2 8e ae 22 78 9f af 33 24 6e |"....^..."x..3$n| 00000120 7b c2 32 6c 18 a9 61 38 33 38 36 48 a1 94 ea 4e |{.2l..a8386H...N| 00000130 10 74 87 30 a2 6a 0c ab 2a 36 cd ff ad de 56 2b |.t.0.j..*6....V+| 00000140 fa c6 c3 d8 11 66 fa f5 8c 64 9e 66 f2 4e 55 54 |.....f...d.f.NUT| 00000150 12 20 b0 93 87 3d 1c 62 9a 32 4b ff 58 53 f9 39 |. ...=.b.2K.XS.9| 00000160 ad 4a 3a be 49 3e 58 ac da 32 35 24 60 31 ae c8 |.J:.I>X..25$`1..| 00000170 54 55 bb eb d5 ac d1 d6 12 af 40 6d eb b2 89 09 |TU........@m....| 00000180 69 92 e0 cb ee b7 b2 86 cb de c9 ac c2 45 bf 62 |i............E.b| 00000190 bb 2f 27 82 65 83 28 42 ea 68 3d 54 a9 e6 99 9b |./'.e.(B.h=T....| 000001a0 ef 2c 9a 32 55 c6 01 eb 19 8a 62 38 b3 f3 22 a0 |.,.2U.....b8..".| 000001b0 aa 30 1b 78 55 88 51 39 33 1f a5 51 32 5c d3 75 |.0.xU.Q93..Q2\.u| 000001c0 12 29 d1 9d 1d ca 81 28 d5 3f 08 90 dd 30 e7 a0 |.).....(.?...0..| 000001d0 b5 a0 c6 31 77 dc 08 72 91 5a 51 2d d0 ec 55 fd |...1w..r.ZQ-..U.| 000001e0 9b 8f 0a ac d1 e3 af 28 07 66 0e 26 b5 c0 1f 60 |.......(.f.&...`| 000001f0 9c 78 f2 19 fd 32 07 ab 01 63 df f4 a2 83 09 91 |.x...2...c......| 00000200 d9 88 c5 54 f7 60 2f ca 96 47 9a b5 55 7f a2 bd |...T.`/..G..U...| 00000210 b2 82 e1 db 83 d2 21 f3 82 7f 01 d9 17 03 03 00 |......!.........| 00000220 99 03 16 6a 82 81 2b ca 43 3a ca ce fb c3 28 ca |...j..+.C:....(.| 00000230 4a 20 f7 73 c8 ae 33 69 21 2f f2 b5 63 0d 0e b3 |J .s..3i!/..c...| 00000240 b2 0e 41 67 f4 db 98 48 b8 86 4d 27 5b 14 eb e3 |..Ag...H..M'[...| 00000250 93 71 1e 69 5f 53 f8 b5 9a 63 52 70 e9 08 e4 10 |.q.i_S...cRp....| 00000260 76 91 96 e9 94 37 f4 1b 03 52 e3 69 2c 3e a4 2f |v....7...R.i,>./| 00000270 8c 67 ed 72 c8 3e ab 3a 1a cc 8e b5 28 96 3c b1 |.g.r.>.:....(.<.| 00000280 02 cd bb 88 4f 19 a4 b7 cd f6 a0 2b f7 c0 d3 fc |....O......+....| 00000290 da df a1 a8 12 45 42 d5 33 18 d4 34 c8 3b dd c6 |.....EB.3..4.;..| 000002a0 56 7a d2 29 91 cd 40 6b c7 ed 9d 1d 91 44 22 fb |Vz.)..@k.....D".| 000002b0 d5 7c c0 67 b2 f4 55 07 47 95 17 03 03 00 45 89 |.|.g..U.G.....E.| 000002c0 84 a5 56 2c 19 8c 88 b0 98 c1 59 1d 24 19 03 7c |..V,......Y.$..|| 000002d0 60 82 f0 61 c8 74 04 7b 5f 63 f3 98 24 dc 8e 6e |`..a.t.{_c..$..n| 000002e0 d4 ca e4 b9 84 3a af bf 37 33 8b fc a4 fd 02 ef |.....:..73......| 000002f0 e8 68 47 f4 e2 54 ac a2 d4 06 bf 64 e0 8d 82 cc |.hG..T.....d....| 00000300 f5 b9 69 17 |..i.| >>> Flow 4 (server to client) 00000000 17 03 03 02 a2 6b 12 22 bd b2 39 38 c6 d7 3f 05 |.....k."..98..?.| 00000010 66 4f c3 e4 38 51 f5 03 b9 ee fc 35 61 f4 a7 f6 |fO..8Q.....5a...| 00000020 1e be 8b 82 5f 2c f4 f2 9c 5b 87 ce a7 bf 5b 37 |...._,...[....[7| 00000030 86 cf 85 ba d6 cb 38 92 47 3f 3a d8 09 ba eb 9a |......8.G?:.....| 00000040 39 d7 89 68 d2 27 f8 89 52 2e 8f 86 19 a8 26 e9 |9..h.'..R.....&.| 00000050 c4 2d de b7 28 6f b2 06 1a f4 b6 a7 d0 f9 4a 9f |.-..(o........J.| 00000060 a0 17 93 51 0f a1 fe fc bf 65 9d 4b ae ab 84 00 |...Q.....e.K....| 00000070 a2 de eb 2a 2b 90 0f 5c 71 e6 c6 db 8d 14 73 7c |...*+..\q.....s|| 00000080 ef 13 58 c0 f5 2e ae ae 92 b6 16 7e a1 f4 c7 36 |..X........~...6| 00000090 2c 52 85 03 34 2a ca 07 75 04 a8 f7 f9 74 52 52 |,R..4*..u....tRR| 000000a0 19 f6 e9 93 70 f8 ca 97 7e d2 a1 7f e2 ff 37 74 |....p...~.....7t| 000000b0 26 15 07 d9 78 99 d0 12 5d 06 73 35 8d 4d dc 51 |&...x...].s5.M.Q| 000000c0 5f df 5e b4 30 03 6f e4 0b 00 3a 5c f2 af ad e6 |_.^.0.o...:\....| 000000d0 1c 64 c9 fa 2d 8e 14 d0 db 98 2d f3 72 cf 20 83 |.d..-.....-.r. .| 000000e0 3f 80 30 61 9c 9e cd c7 e7 57 6f bb 2c 99 10 84 |?.0a.....Wo.,...| 000000f0 fb 19 7a e8 73 ed 37 d7 87 be 54 61 dc ad eb ce |..z.s.7...Ta....| 00000100 01 50 8d c5 dd 23 33 f1 fd 47 91 1e 31 e4 78 57 |.P...#3..G..1.xW| 00000110 20 58 3f a2 92 12 77 82 e6 0b f3 7d f2 83 02 7f | X?...w....}....| 00000120 bc 66 93 1e a2 96 bf 92 38 10 8b 1f a1 3a 11 cc |.f......8....:..| 00000130 32 ff fd 66 b1 bc 59 95 4b 34 00 b5 65 71 be e6 |2..f..Y.K4..eq..| 00000140 bd f6 f7 f7 35 12 2f a1 f6 e1 49 01 80 50 5c 5a |....5./...I..P\Z| 00000150 35 0b 04 87 be 8c d1 fa ef b7 27 f9 6c 1a 18 8d |5.........'.l...| 00000160 94 e6 af 5d 83 bd 11 89 c2 fd 99 fc fe 6f 23 87 |...].........o#.| 00000170 a9 64 8f 53 0d 01 ec 84 bb 4c 19 ea dd 2b 05 0d |.d.S.....L...+..| 00000180 ec 5d e2 17 e0 24 23 16 41 eb d5 e5 ec 3a 6a f4 |.]...$#.A....:j.| 00000190 56 27 ce f4 45 e3 4d ec 1a 6e 6b 4a d8 fe 51 59 |V'..E.M..nkJ..QY| 000001a0 dc a4 69 9f 2d 3a 44 38 55 d0 51 cd 21 77 61 10 |..i.-:D8U.Q.!wa.| 000001b0 49 df fa 05 b9 b3 81 de 1c 2c be 2b 93 2f 6e 60 |I........,.+./n`| 000001c0 8a 77 04 9c f8 72 b6 d0 e0 95 50 9e a9 41 7b 8a |.w...r....P..A{.| 000001d0 d1 c0 88 d7 bf f9 d0 54 34 67 62 e5 38 4c fe 21 |.......T4gb.8L.!| 000001e0 8c 29 45 96 04 a4 35 23 f3 6f 18 c4 6a 1b e1 bb |.)E...5#.o..j...| 000001f0 8d 87 2f 8b a1 96 3b d1 c1 ad d2 35 b0 da b0 08 |../...;....5....| 00000200 74 78 80 33 65 58 c5 71 2c bb e0 66 7f 09 1f 22 |tx.3eX.q,..f..."| 00000210 d9 0d 12 35 8e 4f 91 18 13 e8 22 24 9c bf f7 5a |...5.O...."$...Z| 00000220 82 c8 d3 8a 50 51 29 ee 31 e4 74 fb 53 9a 30 d8 |....PQ).1.t.S.0.| 00000230 e4 df 86 93 3d 93 53 1c c4 e9 5e e3 48 65 5b ea |....=.S...^.He[.| 00000240 a3 0e 65 26 cf 24 f5 c8 58 db 86 f5 7b f7 7f c3 |..e&.$..X...{...| 00000250 cd 16 5d b2 03 df f7 ad ee ca 37 ac 11 9b 05 20 |..].......7.... | 00000260 88 99 d9 ba 02 28 86 8c b5 20 3c 21 3a 8d 28 88 |.....(... *.| 000002e0 a2 4f |.O| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ClientAuthRequestedNotGiven000066400000000000000000000201711373277661100316140ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ce 01 00 00 ca 03 03 73 fb 75 3c 4b |...........s.u>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 4d 31 d0 c7 |........... M1..| 00000030 25 f3 b0 3b b6 a7 68 65 63 2a 75 88 43 ad d5 12 |%..;..hec*u.C...| 00000040 f8 7b 21 8a 36 a5 a4 43 fb d4 2c 0f 13 02 00 00 |.{!.6..C..,.....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 8a d0 d7 77 d5 8c |.............w..| 00000090 58 fa 27 5b d6 62 b8 b8 19 d8 c7 fc 0e c9 be c8 |X.'[.b..........| 000000a0 3c 17 03 03 00 3e f2 78 bd 0d 70 f6 21 ae 07 f0 |<....>.x..p.!...| 000000b0 75 6b 03 1e 74 74 bb 87 6f fb d9 89 4d b7 68 d0 |uk..tt..o...M.h.| 000000c0 64 2e 95 60 84 60 04 b4 23 17 da 53 fe ca 68 81 |d..`.`..#..S..h.| 000000d0 15 a8 6d c8 62 aa 56 99 b4 33 95 7a 73 8a a8 16 |..m.b.V..3.zs...| 000000e0 56 42 80 3d 17 03 03 02 6d 42 9a 80 68 c8 07 5e |VB.=....mB..h..^| 000000f0 eb b5 56 48 69 70 ce db cd 66 de 4e e0 6d fd e0 |..VHip...f.N.m..| 00000100 1e 20 34 19 71 8c cf 1d 4e 42 c0 1a 6b 5c 06 29 |. 4.q...NB..k\.)| 00000110 1b 90 9c 1d 56 9d 71 f1 5d 90 f9 43 03 bd 26 ec |....V.q.]..C..&.| 00000120 06 5f c0 16 12 b2 53 f4 27 60 96 1c dc 97 81 51 |._....S.'`.....Q| 00000130 01 b1 46 f3 67 55 88 24 03 e0 6a a3 b4 89 26 15 |..F.gU.$..j...&.| 00000140 45 f4 60 82 a3 5a b8 80 fd ac 81 e6 18 f3 4a d5 |E.`..Z........J.| 00000150 fd c9 3c 11 d8 a1 fa c0 d8 19 66 7d 7a 76 a8 16 |..<.......f}zv..| 00000160 5c 13 c6 dd 82 d1 93 56 ee 37 1e e2 0e 5e c0 bc |\......V.7...^..| 00000170 65 68 71 c3 2a 35 87 2d 90 26 5e 35 ca 44 1e 10 |ehq.*5.-.&^5.D..| 00000180 20 07 18 ce 19 c9 aa 04 4c a6 83 4d 29 04 85 3f | .......L..M)..?| 00000190 46 9a f4 92 f5 eb db 9f ed e8 4a 91 8d a2 84 03 |F.........J.....| 000001a0 80 cf 58 07 59 67 3b ef fa f6 06 5d 29 52 df 81 |..X.Yg;....])R..| 000001b0 45 e0 fc 7e 29 6a ad 55 da 68 19 2f e6 fe 1f 94 |E..~)j.U.h./....| 000001c0 f6 49 07 e1 44 1a 40 db bc 89 2b 9e 0e 7f 1a 6c |.I..D.@...+....l| 000001d0 77 ed 24 dd db 94 6f 9c e0 bf 00 a9 9f 91 9a c6 |w.$...o.........| 000001e0 d8 66 7b d7 01 e2 cd c4 77 aa 17 f4 bd 9b 00 51 |.f{.....w......Q| 000001f0 ca 73 9c 15 0b 2a 3f a6 10 4c d6 d5 f7 9e c1 0a |.s...*?..L......| 00000200 ed 69 fc bb f1 d6 bc 5e 5d ce 7e 5c ce 1a 3b 08 |.i.....^].~\..;.| 00000210 20 42 3e 38 d7 60 bd f5 21 67 f9 c4 6c 3d c0 3c | B>8.`..!g..l=.<| 00000220 82 c8 f8 79 89 1d 66 cd 1a 90 49 68 a4 1b 85 6b |...y..f...Ih...k| 00000230 c8 3c 8e e0 06 6e f3 05 fd 18 f9 5b 29 3f 24 21 |.<...n.....[)?$!| 00000240 12 fb cd f9 a0 03 da c0 53 31 43 a3 18 a8 3b e1 |........S1C...;.| 00000250 bc df 4d 3e 18 f2 74 a5 10 5f 86 d8 52 e0 7e bf |..M>..t.._..R.~.| 00000260 65 7b 2d 19 4c 2f 5e ed 04 ed 84 d5 4f bf db b2 |e{-.L/^.....O...| 00000270 82 20 bd 68 e3 2f 52 08 e9 27 1b 24 be c8 4a 98 |. .h./R..'.$..J.| 00000280 5d ba ad 84 d4 8c c4 82 b7 d7 fb 5e 3c e6 28 82 |]..........^<.(.| 00000290 ce 4e 90 56 49 21 ac 01 59 02 e0 58 9c c2 4c 07 |.N.VI!..Y..X..L.| 000002a0 8b 29 0e 6e fc e2 9c 4c fe 1e 8c ff f2 b1 d9 9a |.).n...L........| 000002b0 86 51 81 75 e2 90 b9 ae 3a 18 48 49 9c 8d 2b a2 |.Q.u....:.HI..+.| 000002c0 9f 8c 0a 4d 88 31 1b 64 d2 62 b8 65 6d ef f2 02 |...M.1.d.b.em...| 000002d0 cf 72 bb 8c f2 20 24 2f 0b 88 a8 30 4f a9 2c d8 |.r... $/...0O.,.| 000002e0 6c 02 34 fd 68 03 e9 ab d8 61 ee f7 16 98 17 08 |l.4.h....a......| 000002f0 a0 37 ef b5 3a bf b2 65 93 88 52 8c c8 b8 6f c7 |.7..:..e..R...o.| 00000300 4a 37 19 8f b5 a6 1e 0e 6e 76 1e e0 a6 6c 2e 72 |J7......nv...l.r| 00000310 b6 b4 ac 3f 11 a7 4e 28 2e 9c f4 36 55 08 ef 9a |...?..N(...6U...| 00000320 fc 29 d3 ad 9a 8e c7 25 93 4d 27 66 9b b9 4d 12 |.).....%.M'f..M.| 00000330 9d 8b 8f e0 83 64 20 e2 d7 c5 96 26 97 00 78 fe |.....d ....&..x.| 00000340 de 76 bb ba ce cf 8b dd 01 b0 4c 01 3e f7 15 1a |.v........L.>...| 00000350 d3 63 18 2b 9c f0 17 03 03 00 99 5a 0f e5 27 8d |.c.+.......Z..'.| 00000360 ed 14 ca 2c fb 41 ea 94 fe a4 e5 c7 2f 29 fb f8 |...,.A....../)..| 00000370 60 0c 45 81 41 64 cc d8 1d 4e cc 4f f4 77 e8 7a |`.E.Ad...N.O.w.z| 00000380 d4 3d e7 90 5e d3 c4 84 cc df 26 49 be 4c 47 c2 |.=..^.....&I.LG.| 00000390 1a 17 4a a0 47 82 06 94 c3 c9 a7 d9 1d 50 63 5e |..J.G........Pc^| 000003a0 e6 fb 31 3e b6 8c 7f 24 9e 1c f1 0a 4a a5 cc 91 |..1>...$....J...| 000003b0 52 25 39 53 b8 5a 78 50 22 d0 9f dc c3 08 01 92 |R%9S.ZxP".......| 000003c0 69 ca 59 45 75 0b 94 49 86 a9 c1 c2 25 df c1 31 |i.YEu..I....%..1| 000003d0 81 cc 3c c3 31 11 42 0c f0 3f 2c 03 d0 73 16 b6 |..<.1.B..?,..s..| 000003e0 90 9f 80 5d da 22 df 13 76 00 0e 16 9d 9b f8 57 |...]."..v......W| 000003f0 35 a6 2e e6 17 03 03 00 45 e1 d9 c7 7e 01 55 54 |5.......E...~.UT| 00000400 3c 57 e6 2b 20 48 b7 e8 eb b3 3b d2 72 eb 95 2f |>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 19 5e 6e f7 21 5d |...........^n.!]| 00000010 51 6e f4 0c 99 91 99 a5 4f c9 f3 26 41 54 5b cd |Qn......O..&AT[.| 00000020 77 bf 6f bd 17 03 03 00 45 3e 3f 9e 1f b0 07 62 |w.o.....E>?....b| 00000030 95 56 f7 f3 07 79 8a f7 b6 dc e6 43 8e 1f da b9 |.V...y.....C....| 00000040 44 84 2e fa d2 83 95 3e 7d 06 91 53 6b 4d 33 71 |D......>}..SkM3q| 00000050 e2 ae 2f d9 6a 12 ed a9 fc 46 19 69 b4 d2 f9 a2 |../.j....F.i....| 00000060 70 8e 75 e5 a1 5e 1c 55 4a 90 22 a9 f7 5a |p.u..^.UJ."..Z| >>> Flow 4 (server to client) 00000000 17 03 03 00 aa 42 a0 17 24 31 e2 6b f6 58 2b 5f |.....B..$1.k.X+_| 00000010 ac b9 ba c5 a6 d8 66 0e ff 0b 5e a0 91 29 c1 a5 |......f...^..)..| 00000020 b7 b1 77 a3 7d 3a ce bd 57 4a 63 b7 c3 08 23 cd |..w.}:..WJc...#.| 00000030 e5 d2 1e af f9 7d 1c 62 59 63 16 b8 4f a9 52 e4 |.....}.bYc..O.R.| 00000040 12 b1 47 e1 d7 85 7c f5 11 a0 4f 45 a0 82 40 7c |..G...|...OE..@|| 00000050 35 92 7d 31 4f ba de f9 f3 8c 7c 18 5c c8 aa 7f |5.}1O.....|.\...| 00000060 d8 dc 9e bd 1a b3 99 f3 cd 4e db 9d a9 55 2e 1e |.........N...U..| 00000070 cf e0 f3 4a 6f 89 5f 59 80 fb 6f a6 ef 4f 65 61 |...Jo._Y..o..Oea| 00000080 19 e3 64 72 13 37 7b d7 2d 37 37 5c 61 f9 24 98 |..dr.7{.-77\a.$.| 00000090 cb 0d 58 95 26 02 9d 98 7a fe 52 f6 55 f9 da 5e |..X.&...z.R.U..^| 000000a0 75 38 28 5c 61 25 ec bf 76 80 e9 65 53 21 80 17 |u8(\a%..v..eS!..| 000000b0 03 03 00 1e bc 6c bd a3 32 a3 68 96 0b 34 1c b7 |.....l..2.h..4..| 000000c0 b6 de ab 7f 90 d3 19 5e 35 79 28 a2 58 44 59 8a |.......^5y(.XDY.| 000000d0 f4 41 17 03 03 00 13 13 b8 03 d8 4a 11 24 86 3d |.A.........J.$.=| 000000e0 a3 dc b6 bb 88 57 cd c7 8a ac |.....W....| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ECDHE-ECDSA-AES000066400000000000000000000163101373277661100262530ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ca 01 00 00 c6 03 03 0b 34 c2 e1 3a |............4..:| 00000010 21 64 ac d2 9b 5e 0f 96 68 69 43 1c ba fe dd 70 |!d...^..hiC....p| 00000020 85 ca 25 9b 26 ec 3d 2d 9f 0d bc 20 21 64 a3 32 |..%.&.=-... !d.2| 00000030 07 9c e4 18 31 5e b5 2c 18 7f 29 5c ff 94 50 aa |....1^.,..)\..P.| 00000040 cd df bd 80 b6 82 ce 62 1b d4 7d b3 00 04 13 01 |.......b..}.....| 00000050 00 ff 01 00 00 79 00 0b 00 04 03 00 01 02 00 0a |.....y..........| 00000060 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 16 |................| 00000070 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 05 03 |................| 00000080 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 |................| 00000090 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 04 00 |.........+......| 000000a0 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 20 6d |-.....3.&.$... m| 000000b0 27 a8 51 8c 55 b2 f8 e8 01 75 2d 00 a8 31 32 93 |'.Q.U....u-..12.| 000000c0 52 2b 92 42 27 8d 3e e3 63 2a 44 f3 64 de 67 |R+.B'.>.c*D.d.g| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 21 64 a3 32 |........... !d.2| 00000030 07 9c e4 18 31 5e b5 2c 18 7f 29 5c ff 94 50 aa |....1^.,..)\..P.| 00000040 cd df bd 80 b6 82 ce 62 1b d4 7d b3 13 01 00 00 |.......b..}.....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 36 eb 21 bf 5b b3 |..........6.!.[.| 00000090 4a 42 b0 dd c9 eb dc a8 0a c1 a5 3b c8 95 04 5a |JB.........;...Z| 000000a0 72 17 03 03 02 22 00 79 75 c0 60 89 66 0a f9 0d |r....".yu.`.f...| 000000b0 33 7f 1e ee 84 13 bd f8 9b 33 f5 b6 43 91 8c ad |3........3..C...| 000000c0 8a bb 00 dc e8 dd 26 a4 9e b8 6e 0d 1c ed 44 5f |......&...n...D_| 000000d0 d8 a9 16 bb df 3f a7 aa ce f2 e4 f4 e0 bc e2 5a |.....?.........Z| 000000e0 37 35 b8 a5 f6 b1 12 91 1c b1 2e fb a5 3a 34 c5 |75...........:4.| 000000f0 7c c0 df 4b 5e ec d1 90 6a f0 ef 80 a0 fc 0b 6f ||..K^...j......o| 00000100 d5 36 5d 6b 7e c9 7b 58 2c 1a 91 af 13 4c 3b f1 |.6]k~.{X,....L;.| 00000110 bb 99 84 28 d9 37 86 36 7a 17 0c 61 66 13 c4 98 |...(.7.6z..af...| 00000120 7d 14 fb e8 41 0d 3a 0f 00 0c 31 4d e7 97 34 45 |}...A.:...1M..4E| 00000130 8d 0c 08 60 2a 87 c1 db 31 24 56 a8 f2 f7 c1 5c |...`*...1$V....\| 00000140 ef 68 c4 33 d7 ea 04 d6 7d f8 6a a8 14 92 97 60 |.h.3....}.j....`| 00000150 9b f2 7e aa 06 12 9e 97 02 31 16 78 75 8e 06 dc |..~......1.xu...| 00000160 44 a1 f6 95 76 5b 3a 55 ac aa 17 13 98 33 ab 4b |D...v[:U.....3.K| 00000170 3c 05 fb d9 67 1b a3 79 e5 71 43 3d f0 dc f4 7f |<...g..y.qC=....| 00000180 66 84 3e 21 dd af e2 e1 dc 23 ee 46 f3 be d3 10 |f.>!.....#.F....| 00000190 25 82 48 85 07 47 17 79 f5 d3 3d 66 86 78 41 34 |%.H..G.y..=f.xA4| 000001a0 bc fe af d6 39 5c d3 d0 a4 e2 a6 27 ef 3d 3e e4 |....9\.....'.=>.| 000001b0 07 c1 90 1e 70 10 1c 9f 30 57 1f 8c 4d 19 3d 65 |....p...0W..M.=e| 000001c0 be 07 78 40 1b 14 38 54 53 e3 a8 e0 09 72 c0 7c |..x@..8TS....r.|| 000001d0 29 ad 0b 96 98 fa c9 e4 57 25 02 04 41 98 63 6c |).......W%..A.cl| 000001e0 d0 f8 8f 5d a7 d9 71 ed 2a 34 e1 2b 6f ec 99 5b |...]..q.*4.+o..[| 000001f0 e1 b3 94 bb 45 bf 17 cb 7c d8 77 2b c6 a7 2b 58 |....E...|.w+..+X| 00000200 47 9e f3 67 a5 88 6e a9 6a f7 c7 26 fd 38 5d 3a |G..g..n.j..&.8]:| 00000210 4c 6d 40 9b aa f6 cc 38 0c 18 9e 9f 83 0f d2 c3 |Lm@....8........| 00000220 0f 62 e5 8a 0c 83 35 6f b1 d0 d4 b1 6c dc c0 f4 |.b....5o....l...| 00000230 17 1f 2c 2f 06 4a 88 69 44 7c 67 ff f6 2f c8 cf |..,/.J.iD|g../..| 00000240 89 59 83 ff b0 c8 9b 52 e6 19 60 ad c7 81 e2 23 |.Y.....R..`....#| 00000250 d7 31 a6 a4 e5 f2 1f ac 81 97 dd 95 2d a2 a3 4b |.1..........-..K| 00000260 1b 9d d8 1b 37 30 84 bc 88 65 d5 29 30 a1 29 67 |....70...e.)0.)g| 00000270 14 e7 39 8b c6 83 98 05 84 58 72 11 99 cd ba 06 |..9......Xr.....| 00000280 2d 8b bf 6d 5b 95 ee a7 44 4b 83 f9 4e cf 84 04 |-..m[...DK..N...| 00000290 c3 a5 16 88 6a 40 f5 7e d0 10 8d 2d 57 41 13 51 |....j@.~...-WA.Q| 000002a0 9b a8 56 3d c4 8e f9 c8 85 fa ae 20 44 e7 31 b5 |..V=....... D.1.| 000002b0 32 45 3b db a1 7d bc 53 64 07 c6 28 6c 55 fd 70 |2E;..}.Sd..(lU.p| 000002c0 70 e2 7d f3 42 f8 4a 90 17 03 03 00 a4 d2 fc fb |p.}.B.J.........| 000002d0 52 75 ff 9a 65 ff 50 07 28 1f 0c 77 e4 95 f8 c7 |Ru..e.P.(..w....| 000002e0 4e 34 e8 1d fd 61 30 72 b7 a9 eb 62 3d c1 6b 28 |N4...a0r...b=.k(| 000002f0 59 de 11 cc cc 34 b4 7e 87 92 d7 83 23 e5 db 99 |Y....4.~....#...| 00000300 3f fc 40 c8 43 7f 65 61 c5 3d c1 38 52 f3 77 12 |?.@.C.ea.=.8R.w.| 00000310 1f 8a 18 5a fa 6c 72 20 0c c2 39 b2 34 f0 c6 68 |...Z.lr ..9.4..h| 00000320 7a 28 fd 9e 95 88 b3 a1 27 40 16 df b1 db 8f f1 |z(......'@......| 00000330 f1 ff 31 25 29 2f f7 20 1d 42 d9 0e 0a 2c b8 ca |..1%)/. .B...,..| 00000340 c4 ab f3 55 c8 3e 0b 8e 6c ff e3 13 4d 56 4e 14 |...U.>..l...MVN.| 00000350 98 e2 b2 1c 41 a0 83 8d fd b2 01 03 b4 59 97 ed |....A........Y..| 00000360 cb 80 41 f2 98 4f af e7 5e ca c2 c0 6a f9 9d 91 |..A..O..^...j...| 00000370 88 17 03 03 00 35 a7 72 8e db 21 e2 cd e2 ac c0 |.....5.r..!.....| 00000380 e4 7a 52 b0 54 b4 17 1b 20 f7 eb f4 e2 80 d2 5c |.zR.T... ......\| 00000390 d0 fc 51 14 1d f5 48 79 7c d6 8a 37 10 c1 66 a0 |..Q...Hy|..7..f.| 000003a0 f1 36 dc 22 35 f2 07 85 41 e0 e2 17 03 03 00 9a |.6."5...A.......| 000003b0 2a 97 f0 bb b0 98 6b 2f 52 d5 d5 d2 1c ac 3e df |*.....k/R.....>.| 000003c0 2a c3 12 1e 8e dd 2d 53 cf e6 93 63 38 ea f9 49 |*.....-S...c8..I| 000003d0 75 de 96 c6 e2 3c 66 ab 81 1b 2e b6 4d 4f e3 67 |u....>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 35 5e 87 b3 b1 34 |..........5^...4| 00000010 06 f5 e6 86 b9 a1 72 6c 6e ac cc 02 95 cd 07 27 |......rln......'| 00000020 ea 23 20 7e e5 97 a1 cd 8f 4e 4e b5 15 ed ec 15 |.# ~.....NN.....| 00000030 25 7c 39 d2 54 b4 2a e7 46 f8 78 37 40 a5 df c7 |%|9.T.*.F.x7@...| 00000040 17 03 03 00 13 3f 77 62 14 3a 5f d4 37 ed 3f c1 |.....?wb.:_.7.?.| 00000050 a0 fb 6c c5 49 ee 1f bd |..l.I...| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e cf 65 51 94 de fc 6b b6 78 4e e9 |......eQ...k.xN.| 00000010 c7 5a 66 0a be ce 66 b8 ab d4 63 9c da 0a 17 0f |.Zf...f...c.....| 00000020 89 08 ab 17 03 03 00 13 e4 87 44 24 af 7e b1 86 |..........D$.~..| 00000030 29 7c 0a 87 f4 1b 59 c5 e2 0d 38 |)|....Y...8| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-Ed25519000066400000000000000000000137271373277661100251670ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 ce 01 00 00 ca 03 03 0b f8 bd 6a ba |..............j.| 00000010 d2 85 b4 a6 2a 95 f9 5d 45 7d 21 5f 78 56 dc 30 |....*..]E}!_xV.0| 00000020 fd e5 7c 57 1a d4 bc 90 bc 6a 90 20 98 ac 1e ba |..|W.....j. ....| 00000030 06 97 e4 8a 25 b6 94 2f 55 29 b2 73 61 4d 61 66 |....%../U).saMaf| 00000040 89 7f 59 15 01 3a 8f 3b 43 a8 36 dd 00 08 13 02 |..Y..:.;C.6.....| 00000050 13 03 13 01 00 ff 01 00 00 79 00 0b 00 04 03 00 |.........y......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c |................| 00000080 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000090 08 04 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 |.............+..| 000000a0 02 03 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 |....-.....3.&.$.| 000000b0 1d 00 20 52 28 46 1d 3d 38 6a 9d 13 c6 c1 66 fe |.. R(F.=8j....f.| 000000c0 e8 89 ff 7d 93 bb 59 ac d5 4a 69 66 dc 58 ee 8d |...}..Y..Jif.X..| 000000d0 24 f4 5d |$.]| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 98 ac 1e ba |........... ....| 00000030 06 97 e4 8a 25 b6 94 2f 55 29 b2 73 61 4d 61 66 |....%../U).saMaf| 00000040 89 7f 59 15 01 3a 8f 3b 43 a8 36 dd 13 02 00 00 |..Y..:.;C.6.....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 66 da 47 cb 7f 25 |..........f.G..%| 00000090 12 c7 29 59 e3 8a 1e d5 e7 d4 1d 87 11 77 7b 55 |..)Y.........w{U| 000000a0 c1 17 03 03 01 50 bc e9 fd 6f f3 7f 2e 29 75 9c |.....P...o...)u.| 000000b0 74 7a 4a 09 51 38 84 ab d4 d1 55 07 e9 e9 91 a1 |tzJ.Q8....U.....| 000000c0 2b 36 9d 71 2e f9 6a b2 15 82 b3 b0 64 6d f9 69 |+6.q..j.....dm.i| 000000d0 08 dd 9a 49 07 1f 10 b9 bb 6b a4 97 9a 44 b0 bc |...I.....k...D..| 000000e0 af 03 8b e5 cc fa 73 e0 cc 8d 5f 57 77 6e e8 50 |......s..._Wwn.P| 000000f0 73 2e ad 14 ca 60 77 8f eb ad b1 60 96 20 a5 89 |s....`w....`. ..| 00000100 f0 fd 90 8c 7c c0 c8 44 ff 2b 63 16 dc f5 38 9a |....|..D.+c...8.| 00000110 15 33 02 35 72 bf c1 0c b6 37 68 53 37 9a f7 7c |.3.5r....7hS7..|| 00000120 91 98 9a e2 95 bd ef cc ba 1e 4c 27 d9 e2 c9 4c |..........L'...L| 00000130 82 4a 05 47 8e 27 5a 05 e8 ee fd 98 38 23 97 e0 |.J.G.'Z.....8#..| 00000140 1c b7 45 03 2c 19 3c 0b 9b c2 8c 1f 9d 69 87 1c |..E.,.<......i..| 00000150 97 55 95 0b ae 14 3d 8e d9 59 a2 45 cb f3 96 db |.U....=..Y.E....| 00000160 92 bc 89 f1 8e e1 6c d4 23 42 1b 5b 09 c0 ae c2 |......l.#B.[....| 00000170 c2 97 39 54 c1 2c e0 f9 2f 9c 5b ca 63 ff 5c fb |..9T.,../.[.c.\.| 00000180 3e 85 34 97 fb 41 5b 2d c9 8e 19 e1 41 1b e8 79 |>.4..A[-....A..y| 00000190 c9 c8 c0 bf f0 bd 84 80 e0 2c 54 69 49 d1 94 8c |.........,TiI...| 000001a0 16 a7 dc 80 b5 22 cd 74 b8 ee 56 8a 1a 77 a5 7c |.....".t..V..w.|| 000001b0 fd ce 94 a4 df 6b 83 35 b6 bb 62 b7 9a e0 60 20 |.....k.5..b...` | 000001c0 6c 46 a6 6d 70 c1 ed c2 c8 2d 69 13 e3 fb 35 d6 |lF.mp....-i...5.| 000001d0 d7 8b ab 8b 12 37 e3 c8 74 87 f1 30 ca 61 51 41 |.....7..t..0.aQA| 000001e0 75 3b dc 30 5b 01 9b 87 32 35 b2 79 8e ae dd 55 |u;.0[...25.y...U| 000001f0 07 86 c2 d3 e9 30 17 03 03 00 59 7e f0 a8 a3 e4 |.....0....Y~....| 00000200 d8 b0 1a 56 5e c4 fa d2 05 53 ee f3 6a b7 1d 7f |...V^....S..j...| 00000210 58 42 d0 f8 5a fd b8 7f 0f e2 20 fb 16 0a 8f a2 |XB..Z..... .....| 00000220 b0 01 7d b5 73 95 f1 76 0b 5c 9b 4b 6e 6c 59 d9 |..}.s..v.\.KnlY.| 00000230 68 01 d5 bc 14 4f 94 d3 7a ac 0b 33 a9 fd 33 83 |h....O..z..3..3.| 00000240 9f 14 63 f1 b2 2e c5 e1 4b cb 24 95 79 b6 85 37 |..c.....K.$.y..7| 00000250 ff 62 5a 0c 17 03 03 00 45 01 5b a6 11 84 43 ff |.bZ.....E.[...C.| 00000260 84 92 58 8b b3 39 65 88 93 32 be 8c 4b 1f 8f 6f |..X..9e..2..K..o| 00000270 00 9e f9 2b c8 70 ad 85 9f c3 f2 3e 8a 9a 0a 56 |...+.p.....>...V| 00000280 de b2 86 12 b6 1f 1a be 10 d2 d0 d9 39 48 35 72 |............9H5r| 00000290 f7 a5 06 1d dd 68 ca 04 b1 80 e7 f2 4c c3 17 03 |.....h......L...| 000002a0 03 00 aa a6 3b 4d d1 52 37 b7 46 f9 e2 72 85 ca |....;M.R7.F..r..| 000002b0 ee 45 1e eb fd e3 c8 b4 40 52 4f 4f 33 81 27 eb |.E......@ROO3.'.| 000002c0 1e 2a 7a f7 6d 73 0d bd 08 76 ea 65 ab 1b 36 a5 |.*z.ms...v.e..6.| 000002d0 d9 78 ad e4 6b 85 06 e0 71 b4 30 61 8f 02 83 75 |.x..k...q.0a...u| 000002e0 7b 11 6c 7c ae 04 ae 5a d7 fc 92 31 70 a8 10 c6 |{.l|...Z...1p...| 000002f0 90 37 1c 0b 86 ac 9e 56 78 01 ad 70 01 ff b5 1f |.7.....Vx..p....| 00000300 d9 bc 16 99 3c 90 6c af 4a 73 4a 9d 3f f5 7b 0c |....<.l.JsJ.?.{.| 00000310 2e 0b c0 92 bf 7f 13 ab 20 2c e0 17 6b ea 54 b0 |........ ,..k.T.| 00000320 05 bd 80 b0 f5 6a 13 cc c6 96 86 86 3b 50 e9 67 |.....j......;P.g| 00000330 c8 36 5c 62 1e f2 72 aa e9 61 43 a9 e8 5f 7b 1e |.6\b..r..aC.._{.| 00000340 b9 0a 05 83 1f 42 79 e3 45 22 06 54 94 |.....By.E".T.| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 03 21 a9 ca cb |..........E.!...| 00000010 96 04 ba 8d c7 01 d9 ff d2 3d 49 87 65 74 b9 be |.........=I.et..| 00000020 93 00 3b 61 b3 d9 c2 6a e2 91 b1 c3 34 c6 f8 f5 |..;a...j....4...| 00000030 de 56 03 d4 5c ab e3 2c 4d f1 54 e4 84 94 a1 ae |.V..\..,M.T.....| 00000040 9c cb f7 fc 05 7b 4b af 1f 80 5a c5 1a 1f 45 67 |.....{K...Z...Eg| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e df 99 91 f4 a0 2e 78 5a 29 5f b0 |...........xZ)_.| 00000010 a9 7f fb 57 e9 25 50 96 af af b9 aa 4c 6c 3b 0b |...W.%P.....Ll;.| 00000020 55 9f f4 17 03 03 00 13 f4 7e a3 c7 0b c6 14 b4 |U........~......| 00000030 dc d8 97 cb 80 7e d4 ca 7b 9c 1b |.....~..{..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ExportKeyingMaterial000066400000000000000000000172421373277661100303340ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 d2 01 00 00 ce 03 03 98 f9 1c bb a1 |................| 00000010 6c cf 24 68 e0 25 3c 42 d7 0e b7 a6 a5 5d 68 5a |l.$h.%.| 000000c0 e0 30 54 3c 18 9f 68 45 93 b5 0e b4 6e 91 22 fd |.0T<..hE....n.".| 000000d0 91 01 ae 8f 9e 8d 3e |......>| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 7d 11 97 a3 |........... }...| 00000030 27 f6 a7 5b 45 7c 8f d3 67 89 7b d4 88 80 40 55 |'..[E|..g.{...@U| 00000040 95 06 4e 8c 45 29 60 d8 20 3b 51 94 13 02 00 00 |..N.E)`. ;Q.....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 30 80 35 82 5f ca |..........0.5._.| 00000090 8b 97 5c d1 b7 49 d5 0b fa a3 aa 40 38 83 ed 9c |..\..I.....@8...| 000000a0 79 17 03 03 02 6d c5 b4 b5 a3 e1 87 df 7c 4f 82 |y....m.......|O.| 000000b0 81 60 71 9c 9c 17 1a db a5 76 39 ad 50 bc 3d 4b |.`q......v9.P.=K| 000000c0 bd d6 b4 6b 24 cd b3 cd 82 9e fb 79 c7 cb 86 3a |...k$......y...:| 000000d0 fb a3 15 1e a1 52 eb ba 21 44 d2 9a 7c a9 d0 aa |.....R..!D..|...| 000000e0 57 c6 e3 5d 82 52 39 a9 e3 6a c8 b1 8e 0f 07 a5 |W..].R9..j......| 000000f0 6c 97 c6 61 36 ab c3 85 7f 3d 77 64 96 5f 84 14 |l..a6....=wd._..| 00000100 7b 19 14 bf 60 37 ba b1 a8 db e1 5c 22 87 17 75 |{...`7.....\"..u| 00000110 9a d0 25 fd 4b 2b bc ed b7 14 d4 73 44 f5 73 72 |..%.K+.....sD.sr| 00000120 d4 11 05 bd 1d 43 fc 7d c2 69 1e b6 28 a9 ce f7 |.....C.}.i..(...| 00000130 51 49 67 51 80 28 14 a2 75 2b 32 da 43 4c 55 b8 |QIgQ.(..u+2.CLU.| 00000140 c4 6d f4 52 1d 36 81 07 57 bc 0f ca 21 f7 04 11 |.m.R.6..W...!...| 00000150 06 79 44 e8 bf 95 ea ad b5 35 a0 cf 96 7e f6 b5 |.yD......5...~..| 00000160 00 b1 75 fa 66 c2 97 6d 3c 50 76 bb 7f f3 bd 05 |..u.f..m7p...:.Q..X.s7x| 00000220 8d 1e 0d 66 33 b8 46 7b de d0 7f 21 af d9 0d ae |...f3.F{...!....| 00000230 eb 23 e9 36 cc 2a 3d 49 58 e6 d7 cd a6 4d e3 c0 |.#.6.*=IX....M..| 00000240 90 a8 11 53 06 12 6a 3d 01 02 f7 00 04 ca 0f be |...S..j=........| 00000250 89 41 a0 a0 33 01 02 73 9d 9b 02 eb 6b 72 b9 31 |.A..3..s....kr.1| 00000260 61 27 49 37 25 63 c3 6a d1 b5 71 ff c2 46 97 08 |a'I7%c.j..q..F..| 00000270 a1 6e eb 13 80 a6 4f 4f fe f3 a5 fa 73 ec bd 2b |.n....OO....s..+| 00000280 f9 82 0b 39 f8 08 0a f2 0c f8 c4 0e 6e d6 2c 4c |...9........n.,L| 00000290 fe 70 a4 27 5f f4 ef 0c 1c b2 a7 63 43 74 e8 07 |.p.'_......cCt..| 000002a0 cf 5d fb f8 0f 5a 1d 72 d4 eb 8d 0b 5b 09 6a d8 |.]...Z.r....[.j.| 000002b0 a8 5f 06 96 da a5 40 ed fc a0 5a eb b4 31 60 c5 |._....@...Z..1`.| 000002c0 31 95 fc 80 46 2b b9 0c b5 ab 4e da f1 4a 24 d1 |1...F+....N..J$.| 000002d0 fb 35 fb 7a 6b 6c 42 c5 00 95 1f ff d7 66 d6 8f |.5.zklB......f..| 000002e0 51 60 b6 dd c4 f9 a2 f2 54 31 8b be cc 20 31 b0 |Q`......T1... 1.| 000002f0 67 9d 4b ba d7 b8 dd 32 8b 74 6f 49 5f bd 32 95 |g.K....2.toI_.2.| 00000300 4e 3d 7f 3f 04 fc 88 19 59 60 10 b5 35 c4 16 a0 |N=.?....Y`..5...| 00000310 bd 57 e6 17 03 03 00 99 1b a5 1c 39 54 72 e6 94 |.W.........9Tr..| 00000320 5a a9 62 8b bb c8 4b 5b f3 e7 8c bd b6 b8 77 9f |Z.b...K[......w.| 00000330 fc 43 2b 32 75 3c 19 e4 86 47 91 59 67 ea ed b8 |.C+2u<...G.Yg...| 00000340 4e 6c aa 24 53 f6 b0 86 de 9e 91 03 aa 30 0a c0 |Nl.$S........0..| 00000350 e5 83 74 2c 02 04 2b 38 31 d5 db f4 32 43 b9 df |..t,..+81...2C..| 00000360 68 76 0b 63 e5 0d c7 89 ca bb 9c 8e 47 fb bb e2 |hv.c........G...| 00000370 34 62 8d 3b 9f ba 55 82 45 cd 54 ea 59 b8 ab 63 |4b.;..U.E.T.Y..c| 00000380 4f d3 77 cf 1e 45 3e 30 c7 b4 be 5c 06 70 1d 2a |O.w..E>0...\.p.*| 00000390 e1 22 16 bf b2 39 c8 d5 62 28 6d 69 47 61 1d 7f |."...9..b(miGa..| 000003a0 58 7a 8c 9b af e4 e5 bc 83 7b dc bc 27 b6 86 bc |Xz.......{..'...| 000003b0 3b 17 03 03 00 45 e6 5d ec da 3b e2 bd 86 6a d4 |;....E.]..;...j.| 000003c0 7c 97 6e 34 67 9e 0a 35 95 32 b4 c7 d1 2f 1a 31 ||.n4g..5.2.../.1| 000003d0 88 c0 9b 8c b2 08 57 27 9b 87 44 57 65 a8 7a 20 |......W'..DWe.z | 000003e0 03 d2 45 03 4c e0 79 40 f4 15 9f 25 a3 8c 50 26 |..E.L.y@...%..P&| 000003f0 68 7f d3 bd 99 f1 8b c7 ad 7e 15 17 03 03 00 aa |h........~......| 00000400 92 7c c3 a3 8d 63 b0 df e4 26 80 fe 16 4d 44 e9 |.|...c...&...MD.| 00000410 e4 7d de 96 4c 49 a1 58 88 7a 0a b9 9c ab db 5b |.}..LI.X.z.....[| 00000420 7a c0 f0 c0 58 6a a1 8e be 76 87 99 66 5e a3 93 |z...Xj...v..f^..| 00000430 c7 04 c7 57 57 70 71 91 c1 73 28 7b c8 b1 50 04 |...WWpq..s({..P.| 00000440 6f ba 1b 9d e8 21 90 a6 9d 79 fd 76 35 ea 65 12 |o....!...y.v5.e.| 00000450 b1 92 2b 9e 50 9b 37 fd 93 07 5d 1a 66 fa 28 09 |..+.P.7...].f.(.| 00000460 9b 89 28 64 b5 55 b5 9b 02 02 b2 9e 6f e8 c9 38 |..(d.U......o..8| 00000470 44 f3 46 71 a5 4c 3a b5 db cf f2 76 73 eb 31 5e |D.Fq.L:....vs.1^| 00000480 61 2f 93 85 d5 d3 0a 43 bb 65 50 37 ac 28 55 a9 |a/.....C.eP7.(U.| 00000490 71 22 53 1e 0f 3c 3a 03 d8 94 8f 15 66 7a 47 91 |q"S..<:.....fzG.| 000004a0 55 67 a8 c3 e4 1a a3 c6 bf 80 |Ug........| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 9c 8b 08 66 fe |..........E...f.| 00000010 79 e1 99 53 02 27 6a 1a 42 d1 32 bb 6a 38 fc 0d |y..S.'j.B.2.j8..| 00000020 53 28 c5 3e 80 75 6e 33 05 1a 23 29 f0 17 a6 eb |S(.>.un3..#)....| 00000030 85 91 50 9b 43 70 54 80 52 9c bf 4c 1d d7 80 c3 |..P.CpT.R..L....| 00000040 a0 ae c5 8d d8 f0 bb 40 c8 5c 98 d3 ea 0a 29 08 |.......@.\....).| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e f7 f5 e3 40 d4 a5 1b c4 0e af e7 |........@.......| 00000010 7c ce 8e 5a 0a 30 0e 9d 02 53 95 82 ab 03 fc 81 ||..Z.0...S......| 00000020 fd 77 66 17 03 03 00 13 f2 49 51 b3 bf 63 25 b0 |.wf......IQ..c%.| 00000030 cb 52 8a a4 ea e5 2b 88 7b 30 05 |.R....+.{0.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-HelloRetryRequest000066400000000000000000000230501373277661100276610ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 c8 01 00 00 c4 03 03 33 06 82 d0 2d |...........3...-| 00000010 af e9 da b2 f5 52 c2 c1 0b 23 cd 0b bf 77 6e 35 |.....R...#...wn5| 00000020 6d c1 49 f9 c0 c1 c8 9b b1 c2 fe 20 59 3e cd b6 |m.I........ Y>..| 00000030 a5 0b e9 f9 4b a8 5b 10 52 fd 25 82 04 a7 3e 6b |....K.[.R.%...>k| 00000040 4d 86 f6 1e cb 2a 8d 2c 82 38 5e 7a 00 08 13 02 |M....*.,.8^z....| 00000050 13 03 13 01 00 ff 01 00 00 73 00 0b 00 04 03 00 |.........s......| 00000060 01 02 00 0a 00 06 00 04 00 1d 00 17 00 16 00 00 |................| 00000070 00 17 00 00 00 0d 00 1e 00 1c 04 03 05 03 06 03 |................| 00000080 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 |................| 00000090 04 01 05 01 06 01 00 2b 00 03 02 03 04 00 2d 00 |.......+......-.| 000000a0 02 01 01 00 33 00 26 00 24 00 1d 00 20 e2 9e 26 |....3.&.$... ..&| 000000b0 05 bc 0d 49 54 32 29 81 42 a1 d2 d0 35 b0 79 41 |...IT2).B...5.yA| 000000c0 45 83 62 f9 75 7c 90 31 d2 99 aa 89 1c |E.b.u|.1.....| >>> Flow 2 (server to client) 00000000 16 03 03 00 58 02 00 00 54 03 03 cf 21 ad 74 e5 |....X...T...!.t.| 00000010 9a 61 11 be 1d 8c 02 1e 65 b8 91 c2 a2 11 16 7a |.a......e......z| 00000020 bb 8c 5e 07 9e 09 e2 c8 a8 33 9c 20 59 3e cd b6 |..^......3. Y>..| 00000030 a5 0b e9 f9 4b a8 5b 10 52 fd 25 82 04 a7 3e 6b |....K.[.R.%...>k| 00000040 4d 86 f6 1e cb 2a 8d 2c 82 38 5e 7a 13 02 00 00 |M....*.,.8^z....| 00000050 0c 00 2b 00 02 03 04 00 33 00 02 00 17 14 03 03 |..+.....3.......| 00000060 00 01 01 |...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 16 03 03 00 e9 01 00 00 e5 03 |................| 00000010 03 33 06 82 d0 2d af e9 da b2 f5 52 c2 c1 0b 23 |.3...-.....R...#| 00000020 cd 0b bf 77 6e 35 6d c1 49 f9 c0 c1 c8 9b b1 c2 |...wn5m.I.......| 00000030 fe 20 59 3e cd b6 a5 0b e9 f9 4b a8 5b 10 52 fd |. Y>......K.[.R.| 00000040 25 82 04 a7 3e 6b 4d 86 f6 1e cb 2a 8d 2c 82 38 |%...>kM....*.,.8| 00000050 5e 7a 00 08 13 02 13 03 13 01 00 ff 01 00 00 94 |^z..............| 00000060 00 0b 00 04 03 00 01 02 00 0a 00 06 00 04 00 1d |................| 00000070 00 17 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c |................| 00000080 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b |................| 00000090 08 04 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 |.............+..| 000000a0 02 03 04 00 2d 00 02 01 01 00 33 00 47 00 45 00 |....-.....3.G.E.| 000000b0 17 00 41 04 f6 d0 86 25 3e 92 51 f7 dc 18 e1 6c |..A....%>.Q....l| 000000c0 e0 90 d1 fc 71 b7 17 eb b4 03 b3 8f 26 c6 25 e1 |....q.......&.%.| 000000d0 25 79 15 56 3a a1 2c 71 41 c9 db 07 a6 d0 8a f7 |%y.V:.,qA.......| 000000e0 84 44 17 4a 00 e9 0b 1c 34 92 57 48 58 b8 2b 74 |.D.J....4.WHX.+t| 000000f0 77 c6 7a 54 |w.zT| >>> Flow 4 (server to client) 00000000 16 03 03 00 9b 02 00 00 97 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 59 3e cd b6 |........... Y>..| 00000030 a5 0b e9 f9 4b a8 5b 10 52 fd 25 82 04 a7 3e 6b |....K.[.R.%...>k| 00000040 4d 86 f6 1e cb 2a 8d 2c 82 38 5e 7a 13 02 00 00 |M....*.,.8^z....| 00000050 4f 00 2b 00 02 03 04 00 33 00 45 00 17 00 41 04 |O.+.....3.E...A.| 00000060 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 5b 12 |..7...Q.5uq..T[.| 00000070 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 28 5e |...g..$ >.V...(^| 00000080 f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 32 42 |.+-O....lK[.V.2B| 00000090 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc 5a 89 |.X..I..h.A.Vk.Z.| 000000a0 17 03 03 00 17 78 06 35 21 5c b5 3e fe 21 e5 4e |.....x.5!\.>.!.N| 000000b0 1b 4a 60 8c ac ba 2a 89 c9 70 e8 eb 17 03 03 02 |.J`...*..p......| 000000c0 6d e0 c9 2c 11 57 f1 4a cc 0f c3 cd 13 ac a8 7c |m..,.W.J.......|| 000000d0 fc 62 06 4d 0f b0 1d 70 86 fc c1 3a a4 85 3e e3 |.b.M...p...:..>.| 000000e0 8c 79 03 b1 ba f4 b2 ca 29 d0 1c 9b e9 a7 d7 ad |.y......).......| 000000f0 dc 87 d7 96 f3 92 be 18 ca 6b 1b fe 6c af 16 c0 |.........k..l...| 00000100 b9 a0 fa 3f 9e 3e 25 c7 51 58 ce 82 82 26 9e 80 |...?.>%.QX...&..| 00000110 20 f1 e4 1c 1f 9a 9c 8a 78 ae e0 a6 53 a3 74 03 | .......x...S.t.| 00000120 2c 5c 3e 2f 65 ca dd d9 5d 2c 48 38 7f 4a 99 67 |,\>/e...],H8.J.g| 00000130 63 3f ac 6d 32 28 2b 2e 9a 26 53 21 5c 15 8f 0e |c?.m2(+..&S!\...| 00000140 77 6f 64 b4 02 ad fd f7 f3 cc 57 b8 d8 1d 9d 22 |wod.......W...."| 00000150 fe 9a 3b 73 f9 3b 89 f7 fe 0b e0 48 fc 56 85 0b |..;s.;.....H.V..| 00000160 b0 18 7c b0 55 8c 20 3a 7e ff 8d ff 0e b4 94 04 |..|.U. :~.......| 00000170 58 69 9c 4e c6 d9 d6 04 4b 53 10 f6 22 79 28 3d |Xi.N....KS.."y(=| 00000180 30 57 b1 1e be 04 40 02 c2 bc e2 cb ed b3 3d 03 |0W....@.......=.| 00000190 b5 25 c3 ca 8d 67 d9 34 84 97 42 c5 68 fd 89 df |.%...g.4..B.h...| 000001a0 51 fc 83 8e 7e c5 00 b3 47 d5 5d 47 36 d5 dc 1a |Q...~...G.]G6...| 000001b0 52 ad 23 9c dc 62 73 fe 14 65 7d 17 0f 6e d5 49 |R.#..bs..e}..n.I| 000001c0 04 65 5e 7c 04 5c 34 0b fc 47 68 68 0f 01 74 54 |.e^|.\4..Ghh..tT| 000001d0 96 0f 2c 88 2d 31 9b 4a ea 56 85 83 77 6a ce a7 |..,.-1.J.V..wj..| 000001e0 01 63 ec 0b 15 64 1f 06 05 06 c2 8b 78 35 df b0 |.c...d......x5..| 000001f0 f8 f3 02 c9 17 a1 3c 5b e0 4d b7 50 5b b9 70 f9 |......<[.M.P[.p.| 00000200 b8 87 43 b0 4d e8 28 b6 d2 31 3c e3 b3 96 c4 9f |..C.M.(..1<.....| 00000210 59 12 b9 57 60 48 64 1f ae b1 8b d4 c5 2a 8a ab |Y..W`Hd......*..| 00000220 11 0f d0 5b 86 52 1c 22 04 c0 a0 b8 2d 35 ac 67 |...[.R."....-5.g| 00000230 6b 44 c8 d6 cc c1 bc f9 17 7d 76 66 d3 38 da cf |kD.......}vf.8..| 00000240 9f c9 fd b4 12 42 19 76 0b 61 cf da f5 bb f3 b3 |.....B.v.a......| 00000250 e6 44 ee aa db d3 5e 2f 2e 2b 1d 1c 1a 22 3f dc |.D....^/.+..."?.| 00000260 11 a6 26 ee bb c8 f6 83 ce 3e 3c c2 36 94 24 22 |..&......><.6.$"| 00000270 23 e6 66 8f b5 93 35 dc 16 83 51 36 dd 37 9b e7 |#.f...5...Q6.7..| 00000280 2d a0 43 cf 9d df 07 67 59 d8 6a 9a 9e 5a cb 56 |-.C....gY.j..Z.V| 00000290 1c 39 f1 16 0f a1 3c ce f8 0c 20 19 6b 1e fc 5e |.9....<... .k..^| 000002a0 3d d9 32 f6 e2 21 7f e3 35 19 c1 d6 ec ac 01 74 |=.2..!..5......t| 000002b0 99 1a c4 b2 4e 57 5f 24 19 40 54 1a 1a 10 6e 51 |....NW_$.@T...nQ| 000002c0 1d 30 c5 c0 8a 08 20 c1 a1 b4 04 97 f7 ed 22 13 |.0.... .......".| 000002d0 5d 14 f7 41 5a 92 0a 04 2f 07 ec 79 01 33 a5 c4 |]..AZ.../..y.3..| 000002e0 fb ca 04 2f b1 e4 0a 81 7e 74 1b e3 ab 38 d6 1b |.../....~t...8..| 000002f0 ee 11 3e 13 6c 1e 16 c0 30 b4 d4 41 0e 2d 78 e9 |..>.l...0..A.-x.| 00000300 85 00 15 8a 3a 8b 79 0d cd 21 76 51 4b 06 cb 32 |....:.y..!vQK..2| 00000310 8c 89 be d6 72 1d 06 31 08 74 1a 3d d1 d2 69 a1 |....r..1.t.=..i.| 00000320 58 29 06 56 ce cb 3a 3a e9 92 69 ed da 32 17 03 |X).V..::..i..2..| 00000330 03 00 99 8f 16 fd 9c 4a 9c a4 47 a7 71 2e 55 c2 |.......J..G.q.U.| 00000340 22 c3 78 45 eb 1b db 4a fd df 64 4e 02 b4 87 f2 |".xE...J..dN....| 00000350 12 d8 46 d5 ea f7 00 ed e0 f9 99 6c f4 20 fb ad |..F........l. ..| 00000360 57 99 18 71 b0 e2 c6 02 c1 41 38 a4 38 93 6e fc |W..q.....A8.8.n.| 00000370 d6 11 69 82 8a e7 5f 87 18 ca 18 fb 49 91 6d e1 |..i..._.....I.m.| 00000380 76 30 5c a5 43 c3 6f ee 25 2e b4 cd 99 bf 2c 37 |v0\.C.o.%.....,7| 00000390 0f a7 2f 8d 2e 98 22 f5 da 10 05 22 11 f0 bd a3 |../..."...."....| 000003a0 c7 a1 53 38 99 36 ac b9 80 8e 20 3b 02 7d 0c 57 |..S8.6.... ;.}.W| 000003b0 14 3a 22 de 16 31 70 27 ff b5 d6 c0 db 38 8d 03 |.:"..1p'.....8..| 000003c0 3e fd ab b4 f2 bb 28 6c 88 a1 cb c8 17 03 03 00 |>.....(l........| 000003d0 45 15 28 48 6b a6 08 c3 18 57 e0 b0 63 bb 94 48 |E.(Hk....W..c..H| 000003e0 0d 70 6e f0 32 fc 90 ac e7 af 3c 6a a6 c7 76 b8 |.pn.2......| 00000460 bb 9e be cf 5b 16 05 d1 97 46 37 be 43 70 ca b9 |....[....F7.Cp..| 00000470 c1 5f c2 05 48 2c b8 35 16 4b 0b 20 d0 dd 51 8b |._..H,.5.K. ..Q.| 00000480 d3 ca 5a 2e 16 98 64 08 fa b6 b6 b3 26 86 a3 47 |..Z...d.....&..G| 00000490 f3 4f 52 d7 15 58 48 7b 11 e8 47 98 4b 85 22 cf |.OR..XH{..G.K.".| 000004a0 ec e7 e8 a2 86 b5 c1 02 19 ec 26 03 30 d4 5b 46 |..........&.0.[F| 000004b0 47 c1 ac 77 3c e5 41 65 41 5c 0e e6 25 4e 0d 92 |G..w<.AeA\..%N..| 000004c0 b1 4e 2b 16 3e |.N+.>| >>> Flow 5 (client to server) 00000000 17 03 03 00 45 b9 33 ae 04 d5 bc dc d0 ac 59 d9 |....E.3.......Y.| 00000010 36 c3 6c 1c ca 78 4f 97 1b 2d 68 3b df 66 e7 9c |6.l..xO..-h;.f..| 00000020 d4 9c 12 9b 4a 68 ac 68 7e 9a c9 79 ff 41 ef 69 |....Jh.h~..y.A.i| 00000030 24 67 43 7f bb 2c 34 a9 70 62 15 41 c2 a9 c7 44 |$gC..,4.pb.A...D| 00000040 4f df 63 ab e4 83 d9 7e de a6 |O.c....~..| >>> Flow 6 (server to client) 00000000 17 03 03 00 1e 3e d2 e1 4f ab af 2a d4 be 41 69 |.....>..O..*..Ai| 00000010 4b 62 59 93 46 23 a4 bd 1a 99 bf 0a ab c7 1b d5 |KbY.F#..........| 00000020 18 9d b6 17 03 03 00 13 af 32 be 52 2c cd b7 d7 |.........2.R,...| 00000030 f4 58 ff 90 17 ab e0 9b 82 a9 6f |.X........o| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-IssueTicket000066400000000000000000000172421373277661100264610ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 d2 01 00 00 ce 03 03 3b 9c 34 3a 47 |...........;.4:G| 00000010 d5 69 6b a3 91 6e 6b 89 30 0d f3 8a ac 07 be cf |.ik..nk.0.......| 00000020 05 3f fd 14 ae 0f 21 06 8e f4 d9 20 ee 76 3d f1 |.?....!.... .v=.| 00000030 54 97 df b8 41 8a cd 98 d0 3a a4 2a 92 3f bb 40 |T...A....:.*.?.@| 00000040 8c 16 a8 2f 04 4d b1 e7 02 90 bf fb 00 08 13 02 |.../.M..........| 00000050 13 03 13 01 00 ff 01 00 00 7d 00 0b 00 04 03 00 |.........}......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 23 00 00 00 16 00 00 00 17 00 00 00 0d |...#............| 00000080 00 1e 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 |................| 00000090 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 |................| 000000a0 00 2b 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 |.+......-.....3.| 000000b0 26 00 24 00 1d 00 20 2e 29 ae dd 7c ae 0f aa 0c |&.$... .)..|....| 000000c0 8e fa 94 5c 91 b6 e6 35 7a 6c 3f c6 7a 15 22 fb |...\...5zl?.z.".| 000000d0 cc ad 5c b2 d7 92 40 |..\...@| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 ee 76 3d f1 |........... .v=.| 00000030 54 97 df b8 41 8a cd 98 d0 3a a4 2a 92 3f bb 40 |T...A....:.*.?.@| 00000040 8c 16 a8 2f 04 4d b1 e7 02 90 bf fb 13 02 00 00 |.../.M..........| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 07 7b fd d4 38 bd |...........{..8.| 00000090 7d 17 bb 91 95 6e ca 63 66 e0 e0 f7 d5 f4 54 b8 |}....n.cf.....T.| 000000a0 0c 17 03 03 02 6d 26 3e 20 99 c1 d9 3e 1d a6 42 |.....m&> ...>..B| 000000b0 2a 31 95 c1 e0 ab 8e d3 ec 9f 90 15 b0 ce a8 92 |*1..............| 000000c0 72 af f4 07 99 91 30 c0 3b 94 9b 13 c5 9f f5 64 |r.....0.;......d| 000000d0 72 8f 1d 80 6e ac 0f a2 cd 75 52 18 c3 4d f2 ec |r...n....uR..M..| 000000e0 1c b8 eb 4f 8a 02 30 4f 7e 35 92 cb e7 b1 c4 cf |...O..0O~5......| 000000f0 e2 48 91 d5 f5 a4 f5 dc e2 ed 4e c7 6e ec dd 5d |.H........N.n..]| 00000100 d7 3e c5 45 4c 1d 4c cb 40 15 80 e6 ea 80 75 0a |.>.EL.L.@.....u.| 00000110 b0 6e 29 23 e8 75 5e 35 9a 5c 1b a9 3b 10 89 46 |.n)#.u^5.\..;..F| 00000120 24 c6 b4 61 ae 63 05 f7 46 04 f9 49 00 66 30 bf |$..a.c..F..I.f0.| 00000130 4d 20 2e d6 7e af 81 4d 52 9e c9 2b e0 f6 db c4 |M ..~..MR..+....| 00000140 3d 8f 0b 8d 09 94 80 60 04 04 bb e0 44 47 1a f7 |=......`....DG..| 00000150 94 16 8c c2 01 38 d9 c5 3c 5c 62 6b ea a0 cc fd |.....8..<\bk....| 00000160 46 a6 b8 a0 a5 4b 11 2e f0 40 6f f2 91 47 47 4b |F....K...@o..GGK| 00000170 fe 27 df 17 75 e0 5a f1 c8 09 5a 02 a0 ea bc d8 |.'..u.Z...Z.....| 00000180 e1 b9 c3 ce 06 1c 63 d5 ea c3 b4 2c 5a 93 08 33 |......c....,Z..3| 00000190 d1 79 a9 96 8b 99 95 13 f9 52 9e a2 a2 0b 86 bd |.y.......R......| 000001a0 82 4d f2 cf b2 55 e8 91 48 fe 82 06 57 dc 26 14 |.M...U..H...W.&.| 000001b0 0f ec 1f 2c f5 54 4e 0d a8 3f ee fc bf 52 be b5 |...,.TN..?...R..| 000001c0 57 bd a5 c2 5f b8 13 97 47 a4 06 15 60 17 7e bd |W..._...G...`.~.| 000001d0 17 29 08 09 c2 0b 31 39 31 b0 28 b7 1c 67 bd 8f |.)....191.(..g..| 000001e0 b9 6e 59 da b3 aa e5 9d 34 4f 51 9f 99 da f8 ae |.nY.....4OQ.....| 000001f0 e0 02 5a 84 65 3c 1d 11 da 44 bf 6e d4 9f 30 0f |..Z.e<...D.n..0.| 00000200 c9 3d f7 5f 96 e6 4e 9c 94 ea da 7e 37 2b b4 08 |.=._..N....~7+..| 00000210 96 62 cd 42 fc 42 72 92 20 0e 93 e6 fe ea 02 f4 |.b.B.Br. .......| 00000220 7f 45 e4 03 22 61 c1 f9 5b a0 d3 b8 6c d0 5a ef |.E.."a..[...l.Z.| 00000230 90 ef d4 31 55 4b b5 df 79 bb d0 4e 24 97 c4 6a |...1UK..y..N$..j| 00000240 df 52 ba 58 39 7c 85 2a 82 a5 0a b1 cd bd fc e4 |.R.X9|.*........| 00000250 f2 ab d3 98 8e 09 92 0d 64 29 e3 71 a5 75 ff 97 |........d).q.u..| 00000260 16 93 29 0f 72 bb 9c 3c 70 15 87 fc ab b4 a5 b3 |..).r....Y..i../... | 00000280 8c 46 4a cf 99 d3 ca 72 c9 68 fb bb 41 55 bf f7 |.FJ....r.h..AU..| 00000290 94 47 32 96 a1 ed 20 eb 07 56 22 af c4 1c dc 79 |.G2... ..V"....y| 000002a0 8d 22 16 39 71 41 8c 55 98 03 80 17 07 39 04 10 |.".9qA.U.....9..| 000002b0 a8 71 f2 fa b5 a5 a8 da 74 18 35 45 4f db 63 e0 |.q......t.5EO.c.| 000002c0 18 15 b7 ef 62 23 f3 80 7c 4a e3 10 3d 1e ce f8 |....b#..|J..=...| 000002d0 68 ab 5e df 08 08 59 8a 43 58 8d ae 4a 77 d1 e8 |h.^...Y.CX..Jw..| 000002e0 e9 1e 22 de 51 d2 30 05 a2 16 9f 64 33 63 e3 79 |..".Q.0....d3c.y| 000002f0 66 f4 c8 1f 9e ff 3a cd 32 f3 4c 88 1d 76 92 fb |f.....:.2.L..v..| 00000300 72 6f 75 5e e1 0b 40 b3 6c 7f 8c b4 bd 26 d1 58 |rou^..@.l....&.X| 00000310 bc 7e da 17 03 03 00 99 eb 47 24 9b b5 69 75 5f |.~.......G$..iu_| 00000320 3b e5 e6 44 0c fb 3c d2 8d 8f 48 a9 e2 1a b5 a5 |;..D..<...H.....| 00000330 c4 2d 5f f4 e0 40 6b 37 20 a2 f5 cc 14 d8 2e e1 |.-_..@k7 .......| 00000340 c0 e3 e0 dd 67 fe c2 7f eb 46 f2 28 6e 72 b0 1d |....g....F.(nr..| 00000350 8a 12 72 98 98 b9 01 c2 01 e7 ff 98 a5 d3 80 1c |..r.............| 00000360 83 33 3a 9a c9 f3 16 5c 93 cf 5e a7 3d c0 27 9d |.3:....\..^.=.'.| 00000370 21 f4 8c ea 3b 11 52 e3 69 4b 07 4c 21 69 15 58 |!...;.R.iK.L!i.X| 00000380 1e a2 55 88 80 b1 00 f5 f6 dd 1a a8 db 3d 52 06 |..U..........=R.| 00000390 5a 86 b0 74 2f 54 4f 42 31 e7 62 8f 8e c9 25 1b |Z..t/TOB1.b...%.| 000003a0 d5 30 f9 94 c6 30 fd ba 8e 2a 34 48 92 0b bf 44 |.0...0...*4H...D| 000003b0 cf 17 03 03 00 45 da 18 8d 59 4d cb 7f ec 57 ce |.....E...YM...W.| 000003c0 4f 1a 7b 3c f9 a8 97 c9 aa 54 95 f5 a5 0f a6 ec |O.{<.....T......| 000003d0 a8 42 93 ed a0 1f 86 48 e3 53 0e 1f 3f ff 27 61 |.B.....H.S..?.'a| 000003e0 2c 42 e7 f1 85 47 68 3f 06 47 8e e5 d4 c7 8a 3e |,B...Gh?.G.....>| 000003f0 85 9a 48 c4 27 a8 bd 11 a7 dd f7 17 03 03 00 aa |..H.'...........| 00000400 93 61 22 fc 30 ca 22 a0 a9 7f 8d cf 30 b7 d2 a9 |.a".0.".....0...| 00000410 0d 88 8d 3d f3 4d 28 df 8c 00 f9 ae 70 a7 89 c2 |...=.M(.....p...| 00000420 f3 67 bd bb 59 6d 72 05 22 08 de d6 c1 c2 d6 a2 |.g..Ymr.".......| 00000430 c1 b2 20 10 af 3a c0 5c 57 c9 3b 20 8e 73 c7 7c |.. ..:.\W.; .s.|| 00000440 58 26 05 c8 a4 ee 9f 58 fa 51 bc c1 72 34 e2 6f |X&.....X.Q..r4.o| 00000450 c5 26 de fe 88 90 f3 50 56 d1 51 d6 53 fc 3d e3 |.&.....PV.Q.S.=.| 00000460 57 c5 61 8f 3f 7d d9 15 98 31 53 24 df fe 2a 1f |W.a.?}...1S$..*.| 00000470 ba ab 24 37 14 64 0d b4 c1 79 95 a4 a4 5e 4f e9 |..$7.d...y...^O.| 00000480 e1 fe d4 c6 79 89 26 40 8b 65 12 07 28 91 68 0d |....y.&@.e..(.h.| 00000490 2b a1 9e 2e 49 ac 14 eb f9 d4 3d 26 d1 b4 61 05 |+...I.....=&..a.| 000004a0 e2 5c f4 6d 53 95 aa 8e af 02 |.\.mS.....| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 65 f7 5e 7e e8 |..........Ee.^~.| 00000010 d0 90 1d 17 7c 56 fe 07 72 f9 ce 01 d9 e4 f1 f7 |....|V..r.......| 00000020 2e e1 e8 a2 8a 28 60 3f 1a 4d 0b f7 c4 ae 64 69 |.....(`?.M....di| 00000030 1c 43 3e 42 cf ce 4f 64 b0 f9 ea dc f7 75 b5 e0 |.C>B..Od.....u..| 00000040 6f d9 f7 76 e1 7b 29 b9 70 14 f4 00 9b 71 d7 16 |o..v.{).p....q..| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e 1f ca 4f ed 82 f3 81 be e2 45 f6 |.......O......E.| 00000010 9f 10 f6 8c af 86 97 40 e8 6b 42 4b 7c 9c ad d1 |.......@.kBK|...| 00000020 7d e7 87 17 03 03 00 13 ec bc 51 65 b6 5b 04 4a |}.........Qe.[.J| 00000030 fe 90 0a 7e ef 91 63 35 f9 78 ee |...~..c5.x.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-IssueTicketPreDisable000066400000000000000000000172421373277661100304140ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 d2 01 00 00 ce 03 03 45 73 46 7b 90 |...........EsF{.| 00000010 1c 0d 56 f7 f5 b3 60 73 30 c0 91 4c 44 59 e8 60 |..V...`s0..LDY.`| 00000020 4b 67 6a 6c 38 b6 f8 4f 07 1e b5 20 f9 61 ca 33 |Kgjl8..O... .a.3| 00000030 67 ba 3f 83 5f d3 7d 3a 48 65 99 59 38 cf f7 9f |g.?._.}:He.Y8...| 00000040 ec bd ed e2 4a 75 bc 1e a9 f4 48 5c 00 08 13 02 |....Ju....H\....| 00000050 13 03 13 01 00 ff 01 00 00 7d 00 0b 00 04 03 00 |.........}......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 23 00 00 00 16 00 00 00 17 00 00 00 0d |...#............| 00000080 00 1e 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 |................| 00000090 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 |................| 000000a0 00 2b 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 |.+......-.....3.| 000000b0 26 00 24 00 1d 00 20 2b 4d 55 97 55 d9 a8 3b 51 |&.$... +MU.U..;Q| 000000c0 96 93 41 c0 98 75 6b 0b ad 97 9f 8b d4 e9 e8 de |..A..uk.........| 000000d0 57 a6 66 ec af 40 21 |W.f..@!| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 f9 61 ca 33 |........... .a.3| 00000030 67 ba 3f 83 5f d3 7d 3a 48 65 99 59 38 cf f7 9f |g.?._.}:He.Y8...| 00000040 ec bd ed e2 4a 75 bc 1e a9 f4 48 5c 13 02 00 00 |....Ju....H\....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 3e ca 45 a3 5c 06 |..........>.E.\.| 00000090 8d 58 63 b1 3e 39 46 5b b1 fd 28 40 57 59 70 f7 |.Xc.>9F[..(@WYp.| 000000a0 a3 17 03 03 02 6d 10 4a 6b 8b 9e 03 9a 95 28 aa |.....m.Jk.....(.| 000000b0 58 06 76 79 c7 31 dc 61 a3 09 cf c2 67 ae f4 c0 |X.vy.1.a....g...| 000000c0 6f 43 52 24 2a a6 87 6a d0 6f e0 58 a0 b5 f5 e3 |oCR$*..j.o.X....| 000000d0 ba e4 6a 5a 17 81 e6 6b 59 23 8f 8d 93 ee bb b5 |..jZ...kY#......| 000000e0 23 b2 60 1c 03 be 5f b2 45 be af 6f 60 e6 73 ad |#.`..._.E..o`.s.| 000000f0 7d 0a 44 0b b4 20 d8 3c ba a8 4a 2e 5a a1 84 a7 |}.D.. .<..J.Z...| 00000100 1f 87 a5 00 75 b2 73 1d 6f e2 d2 dd ce eb 51 c5 |....u.s.o.....Q.| 00000110 04 5b ec ff 65 19 36 25 8e c8 97 56 f6 10 d8 cc |.[..e.6%...V....| 00000120 5d c2 2a 4b 76 46 df b6 13 c2 cd db a0 62 e2 10 |].*KvF.......b..| 00000130 ff e5 9a 7e a9 8f b4 8c 95 72 aa 85 0d f9 82 9a |...~.....r......| 00000140 75 8d d7 3e 14 02 ea 8c 12 e0 90 0a a2 df 99 2a |u..>...........*| 00000150 89 f6 e0 da bd 75 f1 35 aa 95 44 c3 af ee 6e d2 |.....u.5..D...n.| 00000160 99 1d 32 b9 3d 90 c1 00 66 2a 49 b0 40 ee c1 ec |..2.=...f*I.@...| 00000170 2e fc 01 14 5a 61 73 86 3d fc be 7a 4f f8 7a e7 |....Zas.=..zO.z.| 00000180 29 ea e8 3f 58 52 3b 97 29 34 f7 d1 97 92 ff b0 |)..?XR;.)4......| 00000190 6c 58 c1 f1 9e 53 de c8 7e ec 32 c6 d6 a8 ed 31 |lX...S..~.2....1| 000001a0 de e1 e9 d4 f2 a6 42 03 a8 bc 6b c9 70 76 34 3d |......B...k.pv4=| 000001b0 50 6c 33 6c 83 08 fb 75 0e fb 82 a4 b7 35 0c 0d |Pl3l...u.....5..| 000001c0 b5 43 fe 74 3c 44 8a b8 4f 6d 9c f0 df 40 c1 94 |.C.tv#..FI.| 00000340 3a 95 0d 89 de 8c 24 ca 26 b9 a1 e5 b1 95 09 20 |:.....$.&...... | 00000350 01 e7 62 2e 27 98 e0 fa 56 43 e8 e7 27 f5 5c 29 |..b.'...VC..'.\)| 00000360 b2 4d 6e 66 d5 dd 0a a3 47 39 88 78 e2 c2 87 d9 |.Mnf....G9.x....| 00000370 63 7e d9 32 03 9b 1d 2a 23 73 69 de 0f da e2 cb |c~.2...*#si.....| 00000380 50 b8 a3 5c 76 5e a8 d0 cd 11 ed 0c c0 cd 41 2e |P..\v^........A.| 00000390 06 f4 d2 01 1d ab 10 d7 f9 3a 9d 1a 4b a0 3a 02 |.........:..K.:.| 000003a0 7a 0c b1 87 6a 78 d1 8d d6 a7 19 4a ef 88 d9 49 |z...jx.....J...I| 000003b0 53 17 03 03 00 45 fc de 83 07 b8 50 77 71 64 0a |S....E.....Pwqd.| 000003c0 02 0a d3 ac b6 06 6c 04 e8 d0 e8 89 66 ea b3 05 |......l.....f...| 000003d0 42 9c 7e 2b 6a bd 86 2c 2c 5d 28 b8 b5 e9 69 80 |B.~+j..,,](...i.| 000003e0 ef 3b 55 96 cb 8a a1 7c e8 ff 95 d9 de d5 ab 8e |.;U....|........| 000003f0 79 a6 e0 31 8c 2c 63 d4 51 03 dd 17 03 03 00 aa |y..1.,c.Q.......| 00000400 f3 f8 01 6f 89 26 cc dc cf c0 ef 2f 80 8c 87 35 |...o.&...../...5| 00000410 b8 e6 ae e0 4a 07 80 ba 9b 3d 10 c6 14 08 c9 60 |....J....=.....`| 00000420 79 53 e1 91 6f 89 68 c7 85 40 42 11 38 6e b3 50 |yS..o.h..@B.8n.P| 00000430 02 0e 8b c3 c7 e4 ca c6 58 0a 95 6a 1b ca 95 73 |........X..j...s| 00000440 7d 37 64 68 02 99 d1 97 6b e7 29 d9 42 d2 2e b6 |}7dh....k.).B...| 00000450 8a af 29 8f cf eb cb 0f 0f a2 c9 d8 33 b8 fc 49 |..).........3..I| 00000460 d3 f4 ff a5 f6 61 89 2c e0 66 5c 42 04 45 9a e1 |.....a.,.f\B.E..| 00000470 02 47 f1 48 8b 13 da 3c d9 e9 b4 15 0d 58 76 02 |.G.H...<.....Xv.| 00000480 48 fb 58 63 ac 75 3a 82 25 9e 24 1d 10 56 a6 2a |H.Xc.u:.%.$..V.*| 00000490 6b 8d a3 1e f9 af ca 4e ab c4 3c 42 63 6a 9e 45 |k......N..>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 7b 39 31 b9 2c |..........E{91.,| 00000010 29 43 c5 f7 0c a6 26 b6 76 4f cb 0f 23 58 0c 04 |)C....&.vO..#X..| 00000020 8d 04 0d 07 a0 f3 67 0a 60 e8 cd e0 cb ee e7 3a |......g.`......:| 00000030 54 2b d2 63 95 f5 90 87 70 92 b3 60 1a b3 d4 44 |T+.c....p..`...D| 00000040 c2 b2 39 1a c9 f3 d0 a2 d4 e6 c1 73 51 b0 7f 74 |..9........sQ..t| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e 9d da 58 6c a5 83 d5 28 36 87 7f |.......Xl...(6..| 00000010 fd e1 a2 6e e2 65 e1 66 ce 6d 25 de 8c 8b ca f7 |...n.e.f.m%.....| 00000020 21 f5 d5 17 03 03 00 13 f9 bf 8f e4 33 9b 94 0b |!...........3...| 00000030 f0 a4 0f 99 b4 c5 c3 3b ff e3 b8 |.......;...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-P256000066400000000000000000000176251373277661100246660ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 e7 01 00 00 e3 03 03 d5 19 8d f4 88 |................| 00000010 a0 98 e4 72 76 3d c1 00 cc 78 3f 71 67 01 f3 96 |...rv=...x?qg...| 00000020 bc a7 bf 6b cc 99 c7 24 db b7 08 20 df c5 af 85 |...k...$... ....| 00000030 98 94 bd b6 18 47 8e b0 da e2 b2 59 a3 64 45 99 |.....G.....Y.dE.| 00000040 d6 c4 4d cf da 13 2a f4 01 e6 8e 75 00 08 13 02 |..M...*....u....| 00000050 13 03 13 01 00 ff 01 00 00 92 00 0b 00 04 03 00 |................| 00000060 01 02 00 0a 00 04 00 02 00 17 00 16 00 00 00 17 |................| 00000070 00 00 00 0d 00 1e 00 1c 04 03 05 03 06 03 08 07 |................| 00000080 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 |................| 00000090 05 01 06 01 00 2b 00 03 02 03 04 00 2d 00 02 01 |.....+......-...| 000000a0 01 00 33 00 47 00 45 00 17 00 41 04 26 a3 b5 53 |..3.G.E...A.&..S| 000000b0 0c a1 38 d4 df 25 19 f5 05 59 cd ea 49 19 af 15 |..8..%...Y..I...| 000000c0 7d e8 be 60 08 08 ce 06 57 20 e6 b9 84 bd 88 8b |}..`....W ......| 000000d0 90 05 b0 c1 19 b3 b6 32 87 37 7a 5f 7d 50 11 14 |.......2.7z_}P..| 000000e0 e0 02 a4 1d cd 9d 6e c8 05 85 96 b0 |......n.....| >>> Flow 2 (server to client) 00000000 16 03 03 00 9b 02 00 00 97 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 df c5 af 85 |........... ....| 00000030 98 94 bd b6 18 47 8e b0 da e2 b2 59 a3 64 45 99 |.....G.....Y.dE.| 00000040 d6 c4 4d cf da 13 2a f4 01 e6 8e 75 13 02 00 00 |..M...*....u....| 00000050 4f 00 2b 00 02 03 04 00 33 00 45 00 17 00 41 04 |O.+.....3.E...A.| 00000060 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 5b 12 |..7...Q.5uq..T[.| 00000070 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 28 5e |...g..$ >.V...(^| 00000080 f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 32 42 |.+-O....lK[.V.2B| 00000090 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc 5a 89 |.X..I..h.A.Vk.Z.| 000000a0 14 03 03 00 01 01 17 03 03 00 17 69 25 4b 64 a0 |...........i%Kd.| 000000b0 f0 94 80 87 a3 75 7b ff d9 8f af 35 20 14 a2 86 |.....u{....5 ...| 000000c0 8b 63 17 03 03 02 6d 50 01 8d 1e 05 f0 d4 f7 a5 |.c....mP........| 000000d0 1a cd df 6a aa ca 96 f4 5f 76 4c 0f ba 9b 59 17 |...j...._vL...Y.| 000000e0 e2 1a f4 64 8f c0 ce cc 22 46 3e 0c 64 cc 0f 70 |...d...."F>.d..p| 000000f0 4e 47 45 31 d3 7d 51 61 45 6d 95 7f 11 80 b4 69 |NGE1.}QaEm.....i| 00000100 70 ef be f4 1d 33 11 34 e7 c3 59 e7 e8 bb 14 32 |p....3.4..Y....2| 00000110 9c 79 ca 9f 73 a0 5c 67 7d 56 c4 f9 74 a6 2a 1e |.y..s.\g}V..t.*.| 00000120 c7 f3 6b ec 3e 55 1c ad 74 d5 85 ed 0e 23 0a 74 |..k.>U..t....#.t| 00000130 76 c5 52 ae a0 95 17 af 88 2b 10 a6 d8 db 74 b8 |v.R......+....t.| 00000140 32 c1 03 03 67 16 f1 3c 08 f4 09 ca 2e d6 4a fd |2...g..<......J.| 00000150 07 e0 a4 23 a6 ff dd 3c a0 9d 8a 08 80 a8 49 9c |...#...<......I.| 00000160 9c fa 06 17 93 50 87 81 65 32 f1 0f 49 41 89 bc |.....P..e2..IA..| 00000170 f0 bb 54 00 0f 07 03 19 6b 4f 7b ae 09 a4 44 f8 |..T.....kO{...D.| 00000180 9d f9 fc 72 6a 6e 8a 65 c3 08 06 e1 fa d2 44 79 |...rjn.e......Dy| 00000190 3f 01 e9 58 e6 4a a2 59 a2 73 0d ba 80 22 78 c0 |?..X.J.Y.s..."x.| 000001a0 56 08 e6 81 81 dc 9a f0 34 91 be ac e0 ed 98 0a |V.......4.......| 000001b0 9b 96 ec 27 47 cc 3d da 25 4d df 6f ab c9 88 cf |...'G.=.%M.o....| 000001c0 3f 10 d5 ed 98 09 13 98 40 09 6e a3 07 c7 12 4a |?.......@.n....J| 000001d0 7e e3 76 0d f6 52 72 fc e8 75 ec d1 5c 2e ad 17 |~.v..Rr..u..\...| 000001e0 de 04 aa 6f 57 be 72 02 63 40 ad 66 f7 7d d6 f9 |...oW.r.c@.f.}..| 000001f0 d7 a8 11 d3 3a 97 15 ab 45 01 0e 30 18 a6 4d 20 |....:...E..0..M | 00000200 bf 41 74 7b 0d 43 bb 71 de cf 83 62 c2 8a 4d d0 |.At{.C.q...b..M.| 00000210 5b 88 5e 15 aa ae fb 98 a0 ab 1c 5d e0 6e 99 7b |[.^........].n.{| 00000220 e6 c0 a7 4f 73 f5 05 a8 f3 ee 28 d1 07 aa 93 7d |...Os.....(....}| 00000230 00 f1 e1 f1 bd 1e 90 7b d5 d5 c3 77 f2 b3 22 4e |.......{...w.."N| 00000240 9f 34 e6 8f ac 84 1d 72 c2 ba 38 e1 bd 1e c2 5d |.4.....r..8....]| 00000250 1c 33 af 11 77 b6 48 5e 45 42 97 c7 0b 06 33 d4 |.3..w.H^EB....3.| 00000260 21 c2 cc 25 39 ee 15 cc f6 5e 66 af bf 02 9d 33 |!..%9....^f....3| 00000270 b9 57 f6 10 91 72 c6 db 1c 9d a6 8a c0 41 8a 33 |.W...r.......A.3| 00000280 a9 22 56 69 a0 4d 9a 50 97 0e e6 2c 8a 8c 44 7b |."Vi.M.P...,..D{| 00000290 9a df 8e e4 cb 61 df b4 22 11 3a 46 fb 0b 20 d8 |.....a..".:F.. .| 000002a0 16 ae 15 c0 d8 00 2c 3e 1f 79 f1 57 af cf 4a 66 |......,>.y.W..Jf| 000002b0 22 b0 7f 7b 8d f6 d5 db 68 aa a4 c5 3e 76 3d 57 |"..{....h...>v=W| 000002c0 3d 29 e8 ba ae 4d bb 5c 27 94 96 63 c7 37 22 f1 |=)...M.\'..c.7".| 000002d0 19 71 0f 10 e1 ae 14 31 b6 e9 b0 2d 84 3a c6 ad |.q.....1...-.:..| 000002e0 dd 49 cd 16 3f eb 58 d6 d4 ce 14 f3 d6 8c f1 ea |.I..?.X.........| 000002f0 4a 2b 93 3d 3e e8 c9 7b 26 dd 85 f2 39 0b 0b 39 |J+.=>..{&...9..9| 00000300 dd bd 0c 40 96 4e 56 84 de f6 c4 3d cd d9 75 93 |...@.NV....=..u.| 00000310 1c 54 c0 8b 86 92 5c c6 91 98 5a 3d a3 fb 0c e8 |.T....\...Z=....| 00000320 78 7e 87 ad a7 80 c5 32 14 b9 f1 5c b3 2c 6d 76 |x~.....2...\.,mv| 00000330 0e 21 9a ee 17 03 03 00 99 42 74 85 89 4d 28 c3 |.!.......Bt..M(.| 00000340 1e 74 cc bb e6 5d 0b 4b a7 a7 9c cc ae f2 c1 44 |.t...].K.......D| 00000350 62 db 73 fa f9 79 c1 9e a1 36 52 5e e5 6d 47 1f |b.s..y...6R^.mG.| 00000360 67 22 b1 9a 08 4e 6d f5 34 f8 e2 e3 b6 3d 0e 6d |g"...Nm.4....=.m| 00000370 10 45 23 c0 91 63 be 02 9e 6a 59 05 4c 7f 02 97 |.E#..c...jY.L...| 00000380 14 c1 e1 1f 85 5f 40 c6 c5 17 4f 8b 7f cc 73 80 |....._@...O...s.| 00000390 ee c4 cb 96 23 ad 4d 33 44 50 f9 6b 20 39 38 17 |....#.M3DP.k 98.| 000003a0 30 61 3f 38 50 fb d0 7a d4 9e d2 88 37 63 8e 0f |0a?8P..z....7c..| 000003b0 84 d3 a6 27 6b ac 26 43 28 92 c5 ff 9e 16 11 5a |...'k.&C(......Z| 000003c0 b3 82 d3 73 46 07 3c 73 f1 30 81 86 93 9a f2 ff |...sF.,...Z.8b.5;.| 00000470 ce b8 a6 66 a7 f1 97 c9 50 37 08 0f ce 2c bb ca |...f....P7...,..| 00000480 18 fd 79 1f 50 b6 74 2d 5f b2 fb 9f 82 89 99 8a |..y.P.t-_.......| 00000490 23 5c 11 a0 ac ba d5 bb 45 40 1d 67 6b 90 e2 e3 |#\......E@.gk...| 000004a0 31 07 07 2e 4d a7 3d b7 85 ed e2 1c 01 9d 60 10 |1...M.=.......`.| 000004b0 e2 cb fc e8 24 c3 38 8c 98 09 00 e3 b0 ca a7 35 |....$.8........5| 000004c0 49 e8 d3 05 a4 71 95 02 3d be 48 |I....q..=.H| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 93 f9 6e 22 91 |..........E..n".| 00000010 19 ff 1f b1 aa bf 16 9a 3a f3 6c 6b 0a f9 a9 a1 |........:.lk....| 00000020 c9 c5 b9 3c c2 dd 60 c7 72 ac 18 a2 87 e9 bc b7 |...<..`.r.......| 00000030 8d 88 14 91 da 34 cc a7 01 e8 96 1b 63 43 f7 d3 |.....4......cC..| 00000040 5f f4 0a c1 2e fa 50 d7 fd 15 ec 34 d9 4b f1 78 |_.....P....4.K.x| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e d6 7d eb ca e2 d4 44 78 24 5e 49 |......}....Dx$^I| 00000010 5b ba bb 16 9e 10 99 e8 d4 a4 68 d8 63 3e c3 7e |[.........h.c>.~| 00000020 c6 d4 73 17 03 03 00 13 54 be b1 70 51 cf 10 b6 |..s.....T..pQ...| 00000030 ce bb fc c4 ff 8a fc 40 ab 3c 93 |.......@.<.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-RSA-RSAPSS000066400000000000000000000170061373277661100256610ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 b4 01 00 00 b0 03 03 f1 11 04 c9 35 |...............5| 00000010 fe 2e e3 f0 b3 57 2c 46 dc 2d 83 22 1a 74 1d 48 |.....W,F.-.".t.H| 00000020 3b 4b b6 4e fc e9 2c f6 19 f2 c6 20 07 42 bc 16 |;K.N..,.... .B..| 00000030 d2 a5 ed 58 83 00 89 c1 4f 66 56 ed 1f 4a fd 20 |...X....OfV..J. | 00000040 23 cf b2 15 71 ff 9b c3 17 1b 92 18 00 08 13 02 |#...q...........| 00000050 13 03 13 01 00 ff 01 00 00 5f 00 0b 00 04 03 00 |........._......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 16 00 00 00 17 00 00 00 0d 00 04 00 02 |................| 00000080 08 04 00 2b 00 03 02 03 04 00 2d 00 02 01 01 00 |...+......-.....| 00000090 33 00 26 00 24 00 1d 00 20 76 f0 23 bf c4 19 3c |3.&.$... v.#...<| 000000a0 1f 6b 80 60 15 16 3f c4 a1 e6 35 be c3 6a 08 54 |.k.`..?...5..j.T| 000000b0 2a df 47 25 a5 81 e3 5a 31 |*.G%...Z1| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 07 42 bc 16 |........... .B..| 00000030 d2 a5 ed 58 83 00 89 c1 4f 66 56 ed 1f 4a fd 20 |...X....OfV..J. | 00000040 23 cf b2 15 71 ff 9b c3 17 1b 92 18 13 02 00 00 |#...q...........| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 55 56 5a fe 66 b7 |..........UVZ.f.| 00000090 73 9a 8d 6d 54 d1 4d 7d 30 e0 cb db d4 9f 7b ab |s..mT.M}0.....{.| 000000a0 92 17 03 03 02 6d 31 5b d7 32 6a 8f a0 da 05 47 |.....m1[.2j....G| 000000b0 21 c6 e2 ad 07 cd ac 0f 63 d3 72 62 66 38 7f 52 |!.......c.rbf8.R| 000000c0 d8 0f 30 ac b5 ac f7 cd eb 43 24 4c 82 2e 5e 18 |..0......C$L..^.| 000000d0 aa 01 29 53 6b c6 0d 9c ec fc f7 0f 26 d8 43 b7 |..)Sk.......&.C.| 000000e0 48 6d 8c d8 7c 96 f0 7a 96 85 88 c2 9b 3b 5e 7a |Hm..|..z.....;^z| 000000f0 9e 16 ec e0 3f 21 23 24 cc fe ed 98 11 99 71 3f |....?!#$......q?| 00000100 e8 e9 d1 73 fd 0e a3 3f ab 9b 37 6a 18 a1 0a b0 |...s...?..7j....| 00000110 80 ee 6b 89 65 8c 35 7c db d5 31 36 44 87 b9 8f |..k.e.5|..16D...| 00000120 d1 e7 f6 0b bc b7 c7 56 d5 00 20 e2 22 af 9c 60 |.......V.. ."..`| 00000130 01 55 2f 19 2c d1 3f 6a 61 f2 93 80 17 24 6a bf |.U/.,.?ja....$j.| 00000140 9f c9 6b 22 bf ca ae 07 00 c9 ef ab ae b8 f9 65 |..k"...........e| 00000150 7b f2 f3 bd 76 09 cc 65 9b 3d 55 6d 70 2e 09 1e |{...v..e.=Ump...| 00000160 eb 22 77 e8 00 62 cf 1d 3a 06 a8 98 c1 6b 7c 5b |."w..b..:....k|[| 00000170 d8 c9 ed ed f8 1e 7d 4a 29 b0 fc 2e 88 f0 68 dc |......}J).....h.| 00000180 df 6e cd 26 f5 51 18 a1 01 d4 19 b9 50 55 8c 4b |.n.&.Q......PU.K| 00000190 2b 8e fd 50 5e 29 59 ec 79 f8 26 e2 c6 46 ad 07 |+..P^)Y.y.&..F..| 000001a0 ed 4e 46 3e 9c 3a 90 a6 4f b1 86 88 06 82 ea 0f |.NF>.:..O.......| 000001b0 da 1e b1 d9 0e fd 7c 4f c6 8f 41 c8 9a 6a db 8b |......|O..A..j..| 000001c0 11 fa 2b 33 22 6a 32 cd 28 79 28 92 bb 0f 53 f4 |..+3"j2.(y(...S.| 000001d0 55 ed 67 10 66 a5 ca 2a a1 f9 7a 37 45 4c 43 38 |U.g.f..*..z7ELC8| 000001e0 df 73 13 f5 70 7c 69 92 95 81 99 4d 67 0d 66 c7 |.s..p|i....Mg.f.| 000001f0 38 45 7c 2d 45 14 b5 a2 fe bc ab 75 ee 8b 64 0c |8E|-E......u..d.| 00000200 21 ce 18 27 f3 9d 39 8c ce 2e 4d 36 66 9f 1e b9 |!..'..9...M6f...| 00000210 a1 15 e6 12 ae 25 93 35 74 80 42 5d b7 84 93 d1 |.....%.5t.B]....| 00000220 dc 06 f7 15 a4 f3 e3 61 f2 4a b6 d4 e5 51 70 b2 |.......a.J...Qp.| 00000230 b9 f7 0a e2 1d da 0c eb a9 63 ff 97 ff 2e b8 45 |.........c.....E| 00000240 c0 f3 32 50 ac 6b 6a 2e 10 e5 6e e9 06 8f 4f b4 |..2P.kj...n...O.| 00000250 0b 82 42 84 8d 22 23 bb 93 d4 36 d0 93 70 d7 e0 |..B.."#...6..p..| 00000260 40 31 2d 12 21 17 07 8d b1 6d 93 ad 2b fc 89 05 |@1-.!....m..+...| 00000270 79 87 1f b5 cf 88 d5 91 f3 93 d5 98 19 d9 31 28 |y.............1(| 00000280 05 8c 46 0c e4 55 86 e7 86 61 07 5e 60 d6 aa c9 |..F..U...a.^`...| 00000290 db 70 66 86 d3 e3 44 a7 5a f9 7e 63 0a f4 c2 bd |.pf...D.Z.~c....| 000002a0 88 fd a6 4b 5b 46 f1 66 1b ec d7 63 01 c7 88 1d |...K[F.f...c....| 000002b0 03 e0 e7 4c 13 1e 43 2d db 56 c1 a0 0a 43 66 b6 |...L..C-.V...Cf.| 000002c0 76 d6 dc 20 8f 06 1e bc de 3f b8 d8 af 72 36 d7 |v.. .....?...r6.| 000002d0 81 84 ec 7b f1 4d cb 83 b0 4f d9 48 ac 43 d3 ca |...{.M...O.H.C..| 000002e0 4f 3b 5d ed ea 0e c6 f6 d5 8a 0c dc 62 c3 68 a9 |O;].........b.h.| 000002f0 53 46 b5 6e 42 b5 57 35 eb 84 f6 00 46 37 f1 43 |SF.nB.W5....F7.C| 00000300 1d 30 d3 b5 b3 47 6d 56 ca 3e 13 47 73 60 45 6d |.0...GmV.>.Gs`Em| 00000310 8f 90 5d 17 03 03 00 99 7f df 34 7e cf 2e 24 92 |..].......4~..$.| 00000320 15 40 7a bb 95 f8 9d d0 90 d5 21 28 ba 26 24 da |.@z.......!(.&$.| 00000330 11 19 88 bd f9 76 fb 49 52 8c e6 60 e3 00 d3 3c |.....v.IR..`...<| 00000340 45 aa 0a 01 0a 8f cb 6d b0 41 17 2b 35 70 71 49 |E......m.A.+5pqI| 00000350 b4 bd dd ee a5 5e 29 08 98 bc c5 80 c1 d0 96 f1 |.....^).........| 00000360 49 fc d0 d6 24 2b 27 3d a1 f8 03 82 ce 30 16 70 |I...$+'=.....0.p| 00000370 ba 21 5b 12 02 87 fe 02 a3 fe ca e0 9f 22 88 47 |.![..........".G| 00000380 f4 1d 21 89 da 24 26 3c 95 db 7a 16 88 74 a3 22 |..!..$&<..z..t."| 00000390 90 81 85 fe 9e 46 e5 ff 03 47 89 43 29 e3 44 67 |.....F...G.C).Dg| 000003a0 43 af 75 14 ec 1e 8f 1f 18 c6 b8 9f 1d 9e e3 11 |C.u.............| 000003b0 8a 17 03 03 00 45 08 b9 94 54 2e f3 77 3f 41 e7 |.....E...T..w?A.| 000003c0 a3 43 07 9f 7c 5c bd 63 d6 27 6b c6 42 dc bf 05 |.C..|\.c.'k.B...| 000003d0 7c 4e 6a 7f df 80 1f 7d 07 02 bf d8 9c 9d c7 9d ||Nj....}........| 000003e0 4b 55 8b 45 be ae f1 4d 88 05 4a f0 1a d0 3e ba |KU.E...M..J...>.| 000003f0 f9 d0 92 6f ff 3b 2d 77 74 92 61 17 03 03 00 aa |...o.;-wt.a.....| 00000400 a6 7f 6c a3 0e 46 fe dc b6 39 96 c9 9d e6 cf a8 |..l..F...9......| 00000410 d9 1b e4 a1 68 50 11 3c dd 49 0a bf 60 bb 47 08 |....hP.<.I..`.G.| 00000420 e0 b4 04 3d bb 1b 4c 4d 02 f2 c4 11 40 28 0e bd |...=..LM....@(..| 00000430 ad af 6e 45 fa 39 61 b0 78 6b cf 24 df dc 14 56 |..nE.9a.xk.$...V| 00000440 9e ee ba 9b c4 ef 09 91 26 96 8d 62 cc 9f 25 a8 |........&..b..%.| 00000450 0c 31 e9 68 31 da 09 80 7c 4e bb 03 b8 c6 fb d2 |.1.h1...|N......| 00000460 8d 5b 77 3c 1c 14 90 ab 31 cf 30 3d 6c f1 69 4e |.[w<....1.0=l.iN| 00000470 09 b3 67 88 e3 55 e0 ce d9 22 93 ab 22 a3 59 c2 |..g..U..."..".Y.| 00000480 1c 19 4e 21 ad 3e 5b c6 d1 b7 ae f5 f4 1b 99 e5 |..N!.>[.........| 00000490 af d3 b3 c6 35 7e e6 65 37 cd 3f 94 4a b0 ef da |....5~.e7.?.J...| 000004a0 80 ac 04 a9 5f 39 24 98 a9 15 |...._9$...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 1d e4 18 dc d6 |..........E.....| 00000010 08 6d 25 b1 9c 22 88 02 26 9d 4d 1f bf 40 30 f9 |.m%.."..&.M..@0.| 00000020 48 f9 d3 20 34 fc ad 88 c2 3a 4c 64 6c 2c ca 00 |H.. 4....:Ldl,..| 00000030 b3 f6 c2 e2 ca ca a0 2f a8 10 88 07 8c 44 9c 38 |......./.....D.8| 00000040 fe ab 2c 4d 65 0d e7 91 8e 1a 69 53 1b cb bd 77 |..,Me.....iS...w| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e 4e 8a 65 08 e7 df 9a 11 1b b5 73 |.....N.e.......s| 00000010 9f 86 51 40 c1 0f 1c b6 0e 6e f8 9d 2e 36 47 53 |..Q@.....n...6GS| 00000020 04 02 cc 17 03 03 00 13 1a 9d c8 bd 0e c0 9a 03 |................| 00000030 8e a4 9a 3e fa 3b f8 83 74 16 d6 |...>.;..t..| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-RSA-RSAPSS-TooSmall000066400000000000000000000022001373277661100273770ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 c6 01 00 00 c2 03 03 7c a4 3e 3b dd |...........|.>;.| 00000010 d4 90 de 04 87 40 12 a6 f8 63 d9 9d b3 44 7b 52 |.....@...c...D{R| 00000020 9b b2 2d e2 da 0a 6b 87 30 2e 1f 20 38 be 06 6e |..-...k.0.. 8..n| 00000030 b8 2d 46 93 8d ed 31 ea 5c 44 5a 3a 6e 3a bd 3c |.-F...1.\DZ:n:.<| 00000040 0d 69 99 2c 5d 59 30 85 1a bc ce 59 00 08 13 02 |.i.,]Y0....Y....| 00000050 13 03 13 01 00 ff 01 00 00 71 00 00 00 0e 00 0c |.........q......| 00000060 00 00 09 31 32 37 2e 30 2e 30 2e 31 00 0b 00 04 |...127.0.0.1....| 00000070 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e |................| 00000080 00 19 00 18 00 16 00 00 00 17 00 00 00 0d 00 04 |................| 00000090 00 02 08 06 00 2b 00 03 02 03 04 00 2d 00 02 01 |.....+......-...| 000000a0 01 00 33 00 26 00 24 00 1d 00 20 d9 cb e9 03 27 |..3.&.$... ....'| 000000b0 59 f0 bd 7a 1f 17 88 c7 35 2b 92 0c d9 0c 0f 9a |Y..z....5+......| 000000c0 b5 47 c7 e2 97 aa 92 04 c6 63 2d |.G.......c-| >>> Flow 2 (server to client) 00000000 15 03 03 00 02 02 28 |......(| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-Resume000066400000000000000000000115041373277661100254600ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 99 01 00 01 95 03 03 29 bb 10 58 95 |...........)..X.| 00000010 1e 89 b0 97 4f 37 86 8a 95 37 77 2c 09 82 d8 36 |....O7...7w,...6| 00000020 4b b2 e6 a1 a6 ed 0b 2e 3b de 7d 20 ad 52 fb 8a |K.......;.} .R..| 00000030 01 23 b5 e3 4e 8b a4 93 8c 42 e4 4f 28 cd f8 e1 |.#..N....B.O(...| 00000040 dc f2 00 bc 5c cc ec 1b 71 1e c9 88 00 08 13 02 |....\...q.......| 00000050 13 03 13 01 00 ff 01 00 01 44 00 0b 00 04 03 00 |.........D......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 23 00 00 00 16 00 00 00 17 00 00 00 0d |...#............| 00000080 00 1e 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 |................| 00000090 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 |................| 000000a0 00 2b 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 |.+......-.....3.| 000000b0 26 00 24 00 1d 00 20 45 48 75 6f 9c b8 26 24 5b |&.$... EHuo..&$[| 000000c0 46 f1 fe 71 18 b1 19 83 4a e8 12 57 4a ff d7 29 |F..q....J..WJ..)| 000000d0 dd ea 9d ee 06 3a 63 00 29 00 c3 00 8e 00 88 50 |.....:c.)......P| 000000e0 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 000000f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000100 68 2e a3 81 51 ed 14 ef 68 ca 42 c5 4c 51 6c db |h...Q...h.B.LQl.| 00000110 ee c9 2a b2 8e 62 15 7b f7 9a 04 37 e0 54 0e 5f |..*..b.{...7.T._| 00000120 5f 52 64 19 05 40 6d 58 57 76 4d ab 6b 5f 75 5c |_Rd..@mXWvM.k_u\| 00000130 a6 2b e4 c4 bc c5 40 9f 16 39 66 5f b5 49 38 16 |.+....@..9f_.I8.| 00000140 7f 51 5c e5 15 c0 58 ad 8f 40 5c cf 50 7a a3 51 |.Q\...X..@\.Pz.Q| 00000150 11 71 aa da 23 1d cf 09 68 2a 4a d3 40 ad b1 a4 |.q..#...h*J.@...| 00000160 fa ae 06 16 73 91 9d 00 00 00 00 00 31 30 54 55 |....s.......10TU| 00000170 91 f2 98 29 1f 07 0e 17 12 8d a3 8e cf 3d b8 75 |...).........=.u| 00000180 19 89 48 f0 09 a1 6d ed 16 5f 63 03 4f b7 da b3 |..H...m.._c.O...| 00000190 84 3b 27 08 55 0d 26 08 8d 02 be d0 4e e0 |.;'.U.&.....N.| >>> Flow 2 (server to client) 00000000 16 03 03 00 80 02 00 00 7c 03 03 00 00 00 00 00 |........|.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 ad 52 fb 8a |........... .R..| 00000030 01 23 b5 e3 4e 8b a4 93 8c 42 e4 4f 28 cd f8 e1 |.#..N....B.O(...| 00000040 dc f2 00 bc 5c cc ec 1b 71 1e c9 88 13 02 00 00 |....\...q.......| 00000050 34 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |4.+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 00 |.........._X.;t.| 00000080 29 00 02 00 00 14 03 03 00 01 01 17 03 03 00 17 |)...............| 00000090 82 41 35 d0 ec 5e 0e aa cb 13 e1 ee 05 de 5d 04 |.A5..^........].| 000000a0 fb 64 79 b7 5f 88 b9 17 03 03 00 45 53 e4 77 a9 |.dy._......ES.w.| 000000b0 14 27 59 1b ca 23 db 80 1e 24 bd a0 d0 5f a4 16 |.'Y..#...$..._..| 000000c0 bd 78 95 12 d0 1a 47 34 00 af 5c 2a 63 47 21 f7 |.x....G4..\*cG!.| 000000d0 d7 59 80 0e 1f 48 10 ff 30 c2 51 7b 44 cf 29 71 |.Y...H..0.Q{D.)q| 000000e0 f4 39 a3 42 3b d6 26 d1 49 10 7f 65 74 d7 e3 40 |.9.B;.&.I..et..@| 000000f0 77 17 03 03 00 aa 70 ed 38 6c a2 b2 b9 fa 11 25 |w.....p.8l.....%| 00000100 61 5e c5 1a e4 32 ba b8 53 b8 e8 b6 a9 63 15 ee |a^...2..S....c..| 00000110 f1 4b 3b 8d a3 de 2f 73 72 91 dd 01 8e 4b a4 e3 |.K;.../sr....K..| 00000120 66 ac d4 8b 56 fa 44 cd a3 6c 6a 56 9a 40 e0 60 |f...V.D..ljV.@.`| 00000130 d9 62 8b 16 79 b7 6a ad 7f ef 0a 0f be 03 ce 80 |.b..y.j.........| 00000140 09 8e 2a 54 74 a4 f2 16 c0 6e e4 e0 09 c3 ce 6f |..*Tt....n.....o| 00000150 a3 ad 6f ee e2 be ee ea 8a 0a ff 35 2d 24 f0 cd |..o........5-$..| 00000160 0b 24 4c cc bf fc d0 e1 9b ba c7 ad ce b3 cd 42 |.$L............B| 00000170 e9 64 e4 04 c0 46 b0 43 96 eb 66 20 a5 f8 90 89 |.d...F.C..f ....| 00000180 08 4b 9a a2 9d fd a2 61 bd a1 83 45 f8 46 4e 25 |.K.....a...E.FN%| 00000190 93 97 c0 c1 a6 c7 91 95 98 9c f3 14 8b 52 03 44 |.............R.D| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 5a b8 26 96 8e |..........EZ.&..| 00000010 2b f2 29 19 0b bc 12 07 14 45 8e e9 03 f4 41 78 |+.)......E....Ax| 00000020 ab f1 83 5f 8c 76 8c f7 09 f5 80 92 82 55 81 c9 |..._.v.......U..| 00000030 d9 35 41 08 5f 8d 50 4f f1 09 fa ed e6 34 ca 3a |.5A._.PO.....4.:| 00000040 13 af 59 00 c2 ac 92 21 05 37 fd 37 a0 5e 46 4c |..Y....!.7.7.^FL| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e 1c 3d 28 5a 78 f9 42 a9 b7 d0 64 |......=(Zx.B...d| 00000010 b3 55 7c de c4 96 b7 82 cb 61 f5 ab 0f 4f 26 5e |.U|......a...O&^| 00000020 f2 b9 61 17 03 03 00 13 82 6f a2 c0 18 c2 15 69 |..a......o.....i| 00000030 22 0c 9a 8f b7 32 02 d5 7b 61 8b |"....2..{a.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-Resume-HelloRetryRequest000066400000000000000000000173141373277661100311250ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 93 01 00 01 8f 03 03 bf c7 79 7b b1 |.............y{.| 00000010 e8 a9 d7 c7 e0 08 a3 0e 78 6e f6 7c 22 6a cd 52 |........xn.|"j.R| 00000020 a2 65 08 f2 f8 eb 86 f9 4f be 8d 20 bf c2 61 41 |.e......O.. ..aA| 00000030 62 bc 0d 73 08 30 29 9d 95 d1 9a 8b 7d 25 61 7d |b..s.0).....}%a}| 00000040 6c eb cf a4 2c ef 0a b0 e9 15 5d 5a 00 08 13 02 |l...,.....]Z....| 00000050 13 03 13 01 00 ff 01 00 01 3e 00 0b 00 04 03 00 |.........>......| 00000060 01 02 00 0a 00 06 00 04 00 1d 00 17 00 23 00 00 |.............#..| 00000070 00 16 00 00 00 17 00 00 00 0d 00 1e 00 1c 04 03 |................| 00000080 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 |................| 00000090 08 05 08 06 04 01 05 01 06 01 00 2b 00 03 02 03 |...........+....| 000000a0 04 00 2d 00 02 01 01 00 33 00 26 00 24 00 1d 00 |..-.....3.&.$...| 000000b0 20 42 75 13 f0 ce 49 b4 3c 1c 50 45 1d d6 9e cc | Bu...I.<.PE....| 000000c0 02 ea 12 6b 28 74 eb c7 41 7f 49 01 3b 05 66 a1 |...k(t..A.I.;.f.| 000000d0 3a 00 29 00 c3 00 8e 00 88 50 46 ad c1 db a8 38 |:.)......PF....8| 000000e0 86 7b 2b bb fd d0 c3 42 3e 00 00 00 00 00 00 00 |.{+....B>.......| 000000f0 00 00 00 00 00 00 00 00 00 94 68 2e a3 81 51 ed |..........h...Q.| 00000100 14 ef 68 ca 42 c5 4c 51 6c db ee c9 2a b2 8e 62 |..h.B.LQl...*..b| 00000110 15 7b f7 9a 04 37 e0 54 0e 5f 5f 52 64 19 05 40 |.{...7.T.__Rd..@| 00000120 6d 58 57 76 4d ab 6b 5f 75 5c a6 2b e4 c4 bc c5 |mXWvM.k_u\.+....| 00000130 40 9f 16 39 66 5f b5 49 38 16 7f 51 5c e5 15 c0 |@..9f_.I8..Q\...| 00000140 58 ad 8f 40 5c cf 50 7a a3 51 11 71 aa da 23 1d |X..@\.Pz.Q.q..#.| 00000150 cf 09 68 2a 4a d3 40 ad b1 a4 fa ae 06 16 73 91 |..h*J.@.......s.| 00000160 9d 00 00 00 00 00 31 30 82 c7 f7 da 25 76 72 2c |......10....%vr,| 00000170 85 29 c5 8c a7 8e 44 cb 56 87 b5 ee 1e 46 07 82 |.)....D.V....F..| 00000180 2c 76 c1 e5 c3 f4 e2 80 5c 89 3b a7 20 08 f2 18 |,v......\.;. ...| 00000190 4a cb a8 4e a3 87 62 ed |J..N..b.| >>> Flow 2 (server to client) 00000000 16 03 03 00 58 02 00 00 54 03 03 cf 21 ad 74 e5 |....X...T...!.t.| 00000010 9a 61 11 be 1d 8c 02 1e 65 b8 91 c2 a2 11 16 7a |.a......e......z| 00000020 bb 8c 5e 07 9e 09 e2 c8 a8 33 9c 20 bf c2 61 41 |..^......3. ..aA| 00000030 62 bc 0d 73 08 30 29 9d 95 d1 9a 8b 7d 25 61 7d |b..s.0).....}%a}| 00000040 6c eb cf a4 2c ef 0a b0 e9 15 5d 5a 13 02 00 00 |l...,.....]Z....| 00000050 0c 00 2b 00 02 03 04 00 33 00 02 00 17 14 03 03 |..+.....3.......| 00000060 00 01 01 |...| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 16 03 03 01 b4 01 00 01 b0 03 |................| 00000010 03 bf c7 79 7b b1 e8 a9 d7 c7 e0 08 a3 0e 78 6e |...y{.........xn| 00000020 f6 7c 22 6a cd 52 a2 65 08 f2 f8 eb 86 f9 4f be |.|"j.R.e......O.| 00000030 8d 20 bf c2 61 41 62 bc 0d 73 08 30 29 9d 95 d1 |. ..aAb..s.0)...| 00000040 9a 8b 7d 25 61 7d 6c eb cf a4 2c ef 0a b0 e9 15 |..}%a}l...,.....| 00000050 5d 5a 00 08 13 02 13 03 13 01 00 ff 01 00 01 5f |]Z............._| 00000060 00 0b 00 04 03 00 01 02 00 0a 00 06 00 04 00 1d |................| 00000070 00 17 00 23 00 00 00 16 00 00 00 17 00 00 00 0d |...#............| 00000080 00 1e 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 |................| 00000090 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 |................| 000000a0 00 2b 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 |.+......-.....3.| 000000b0 47 00 45 00 17 00 41 04 28 c5 ca 90 f0 30 4d 7f |G.E...A.(....0M.| 000000c0 f6 32 0d 02 da 29 e4 59 be 5a 71 9d b2 25 f4 b9 |.2...).Y.Zq..%..| 000000d0 0b 08 6c ad ce d7 bf ce 0c 1c de f3 05 32 79 80 |..l..........2y.| 000000e0 8c 91 7e fc 92 bf a9 ea 20 c5 21 9c 25 48 72 1a |..~..... .!.%Hr.| 000000f0 b9 e8 1b 4f b1 c8 27 c1 00 29 00 c3 00 8e 00 88 |...O..'..)......| 00000100 50 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e |PF....8.{+....B>| 00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000120 94 68 2e a3 81 51 ed 14 ef 68 ca 42 c5 4c 51 6c |.h...Q...h.B.LQl| 00000130 db ee c9 2a b2 8e 62 15 7b f7 9a 04 37 e0 54 0e |...*..b.{...7.T.| 00000140 5f 5f 52 64 19 05 40 6d 58 57 76 4d ab 6b 5f 75 |__Rd..@mXWvM.k_u| 00000150 5c a6 2b e4 c4 bc c5 40 9f 16 39 66 5f b5 49 38 |\.+....@..9f_.I8| 00000160 16 7f 51 5c e5 15 c0 58 ad 8f 40 5c cf 50 7a a3 |..Q\...X..@\.Pz.| 00000170 51 11 71 aa da 23 1d cf 09 68 2a 4a d3 40 ad b1 |Q.q..#...h*J.@..| 00000180 a4 fa ae 06 16 73 91 9d 00 00 00 00 00 31 30 2b |.....s.......10+| 00000190 a4 b8 cb 01 69 75 7f 1f 5a bc 4d cd 98 1f 93 c9 |....iu..Z.M.....| 000001a0 f8 be 02 eb f3 81 57 95 89 16 fd a0 10 20 39 a7 |......W...... 9.| 000001b0 81 cd 89 6c 21 49 80 69 00 31 1a 8a 61 82 da |...l!I.i.1..a..| >>> Flow 4 (server to client) 00000000 16 03 03 00 a1 02 00 00 9d 03 03 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 bf c2 61 41 |........... ..aA| 00000030 62 bc 0d 73 08 30 29 9d 95 d1 9a 8b 7d 25 61 7d |b..s.0).....}%a}| 00000040 6c eb cf a4 2c ef 0a b0 e9 15 5d 5a 13 02 00 00 |l...,.....]Z....| 00000050 55 00 2b 00 02 03 04 00 33 00 45 00 17 00 41 04 |U.+.....3.E...A.| 00000060 1e 18 37 ef 0d 19 51 88 35 75 71 b5 e5 54 5b 12 |..7...Q.5uq..T[.| 00000070 2e 8f 09 67 fd a7 24 20 3e b2 56 1c ce 97 28 5e |...g..$ >.V...(^| 00000080 f8 2b 2d 4f 9e f1 07 9f 6c 4b 5b 83 56 e2 32 42 |.+-O....lK[.V.2B| 00000090 e9 58 b6 d7 49 a6 b5 68 1a 41 03 56 6b dc 5a 89 |.X..I..h.A.Vk.Z.| 000000a0 00 29 00 02 00 00 17 03 03 00 17 08 fe c8 1c b0 |.)..............| 000000b0 1e 9a 36 e1 2e 30 e4 03 de 8c 20 da 7a a5 b6 2f |..6..0.... .z../| 000000c0 52 9b 17 03 03 00 45 ba a5 98 e4 da 91 ea c9 3e |R.....E........>| 000000d0 f3 de 92 5d 8b 16 f4 cf 60 8e 57 f5 4d d3 67 32 |...]....`.W.M.g2| 000000e0 20 96 d0 48 0d f1 f3 93 1a 0e 36 41 5b 2b 5c f2 | ..H......6A[+\.| 000000f0 06 93 7e 57 c6 aa 4d 16 09 25 ef f8 a6 d4 15 2f |..~W..M..%...../| 00000100 3c 38 5f 83 1a f5 45 94 e0 7b 86 33 17 03 03 00 |<8_...E..{.3....| 00000110 aa 21 7c 39 1f b6 95 32 ed 10 c2 78 ef 33 ab 05 |.!|9...2...x.3..| 00000120 f6 38 90 f0 0f ba de 70 65 94 29 b7 07 15 fa f5 |.8.....pe.).....| 00000130 25 41 5c 2a d3 59 b5 c7 39 4a 0f ad 11 78 46 bf |%A\*.Y..9J...xF.| 00000140 3d ef fd 59 82 50 ed 9e 3a 9e 6c 68 f1 02 e9 c7 |=..Y.P..:.lh....| 00000150 1e ec a5 54 46 6a 04 7f 0a f9 4f 6b 42 f1 3c 8f |...TFj....OkB.<.| 00000160 d5 29 be bf ee 6f ba cf c5 25 ac f5 9d 76 de 97 |.)...o...%...v..| 00000170 8d d1 e3 78 74 49 ed 69 91 b4 60 b4 6d 77 cb a6 |...xtI.i..`.mw..| 00000180 ec 4c c3 81 28 97 1d 8a e9 41 e2 b3 28 20 37 66 |.L..(....A..( 7f| 00000190 f1 93 01 0e 19 1f ae d5 79 3b 2e 77 f3 b2 8b 30 |........y;.w...0| 000001a0 0b 60 ad d1 c7 a4 52 c8 2d dd 41 fb c8 49 4f 5c |.`....R.-.A..IO\| 000001b0 10 f9 0c 39 5d 3e 96 8f 61 8e ef |...9]>..a..| >>> Flow 5 (client to server) 00000000 17 03 03 00 45 67 51 e5 23 04 0f 02 4b da 36 a3 |....EgQ.#...K.6.| 00000010 f0 24 2f e9 e3 30 c5 b3 3c f1 0b aa 18 00 51 fe |.$/..0..<.....Q.| 00000020 85 c4 a0 43 6c 52 2c 5d 00 45 99 97 1d 29 40 70 |...ClR,].E...)@p| 00000030 8b e5 58 fe 78 06 3a d4 82 fc 10 10 50 8f 91 c0 |..X.x.:.....P...| 00000040 0c 3d 17 64 31 0b 02 d3 54 38 |.=.d1...T8| >>> Flow 6 (server to client) 00000000 17 03 03 00 1e fa 5c fc 85 d9 dc 11 0f 7f 49 11 |......\.......I.| 00000010 4b 45 a3 67 1a 6a d6 7e 89 06 06 00 9b ac 0e cb |KE.g.j.~........| 00000020 4b 19 6a 17 03 03 00 13 f7 54 b4 e9 6b 3b b5 9f |K.j......T..k;..| 00000030 4d 95 e6 ad cd 9f f1 8b c2 7c 15 |M........|.| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-ResumeDisabled000066400000000000000000000173711373277661100271200ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 01 99 01 00 01 95 03 03 98 d1 12 0c d6 |................| 00000010 bf 5c ba 09 92 35 01 d3 5f b3 67 c4 54 ba a0 91 |.\...5.._.g.T...| 00000020 de be c5 9a 3f 3d 53 f2 09 48 26 20 1f 60 7b 1b |....?=S..H& .`{.| 00000030 73 cb 1a 0a 48 00 bb 6a 43 f4 dc 83 10 1d 26 84 |s...H..jC.....&.| 00000040 bd 7f eb 6b b2 14 3d 62 25 84 f8 88 00 08 13 02 |...k..=b%.......| 00000050 13 03 13 01 00 ff 01 00 01 44 00 0b 00 04 03 00 |.........D......| 00000060 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 |................| 00000070 00 18 00 23 00 00 00 16 00 00 00 17 00 00 00 0d |...#............| 00000080 00 1e 00 1c 04 03 05 03 06 03 08 07 08 08 08 09 |................| 00000090 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 |................| 000000a0 00 2b 00 03 02 03 04 00 2d 00 02 01 01 00 33 00 |.+......-.....3.| 000000b0 26 00 24 00 1d 00 20 86 aa bf ed d0 98 e8 82 2c |&.$... ........,| 000000c0 0b 0d 79 ed b0 5a f5 c3 d8 1d 74 35 16 02 4c 16 |..y..Z....t5..L.| 000000d0 07 fd 42 6e d9 01 67 00 29 00 c3 00 8e 00 88 50 |..Bn..g.)......P| 000000e0 46 ad c1 db a8 38 86 7b 2b bb fd d0 c3 42 3e 00 |F....8.{+....B>.| 000000f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 |................| 00000100 68 2e a3 81 51 ed 14 ef 68 ca 42 c5 4c fc 8a a3 |h...Q...h.B.L...| 00000110 85 ea 29 e0 46 38 82 3f 6e 8f ee 4c 7d a2 6d bb |..).F8.?n..L}.m.| 00000120 5d 11 b7 63 01 36 3f 41 97 c3 85 3a a9 6f 91 98 |]..c.6?A...:.o..| 00000130 c8 03 62 db 7d 86 f4 0a 8e 45 98 2e bc 49 38 16 |..b.}....E...I8.| 00000140 7f 51 5c e5 15 c0 58 92 70 ad bf 8d 85 9a 0f 0e |.Q\...X.p.......| 00000150 2d 8a d5 65 bc 27 3e f4 6b b2 7a f2 c6 75 ad 84 |-..e.'>.k.z..u..| 00000160 5f 93 b6 3a 7d 02 5c 00 00 00 00 00 31 30 4e c8 |_..:}.\.....10N.| 00000170 27 d9 21 0b 98 5d 7c 52 af b9 2a 7b 57 53 40 01 |'.!..]|R..*{WS@.| 00000180 ff c9 f5 8a 42 ee fb 30 e4 28 9c 73 81 00 4a f8 |....B..0.(.s..J.| 00000190 38 58 2b bb 48 33 e2 c7 11 57 63 fd 40 7a |8X+.H3...Wc.@z| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 1f 60 7b 1b |........... .`{.| 00000030 73 cb 1a 0a 48 00 bb 6a 43 f4 dc 83 10 1d 26 84 |s...H..jC.....&.| 00000040 bd 7f eb 6b b2 14 3d 62 25 84 f8 88 13 02 00 00 |...k..=b%.......| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 3e 96 eb 00 38 23 |..........>...8#| 00000090 64 f8 15 9a 09 1d b9 27 17 30 38 ed a8 ad c5 95 |d......'.08.....| 000000a0 17 17 03 03 02 6d 71 4f d2 5f 5e 4d ca 1f 93 89 |.....mqO._^M....| 000000b0 88 02 f7 f1 5b b6 02 63 75 44 4c 56 9a 32 07 8c |....[..cuDLV.2..| 000000c0 3d 39 41 6e e8 b6 8b 20 7b 39 c5 9a 92 5d b8 ad |=9An... {9...]..| 000000d0 56 b2 de 8d 17 37 ab 13 6d 1f f3 85 db 30 e0 d9 |V....7..m....0..| 000000e0 7e 5a 63 79 05 e5 ec ff 82 d4 3e 57 6b 36 11 8f |~Zcy......>Wk6..| 000000f0 c7 e9 98 5c 48 36 c8 61 a9 e4 88 7d 80 b1 8a 3c |...\H6.a...}...<| 00000100 ab 2e 0f 02 ef 8d 1f 67 ee dd ed b7 bd 1c fa fb |.......g........| 00000110 73 f0 a5 e1 5d 68 76 e1 c9 e8 8a a4 3b 50 b9 50 |s...]hv.....;P.P| 00000120 a2 99 88 5e 52 10 24 5c b5 2a 1a 0e 61 14 a3 b8 |...^R.$\.*..a...| 00000130 c1 37 8b 18 2b c4 13 e3 b2 58 4b f6 1d a6 01 fd |.7..+....XK.....| 00000140 42 cb 55 9f e2 35 7e b6 d0 d9 29 15 ca d7 4a ae |B.U..5~...)...J.| 00000150 c5 45 34 2e 30 5b 45 c2 81 e0 50 a7 5e 62 52 46 |.E4.0[E...P.^bRF| 00000160 72 06 76 2b c9 23 02 62 eb a4 10 08 1d fd 08 9b |r.v+.#.b........| 00000170 19 8f b3 40 2b 59 f4 d9 ff 94 47 86 24 c8 47 94 |...@+Y....G.$.G.| 00000180 5b 59 2b f3 6d 12 88 2d c7 5d 8c 3d 3c 50 73 f1 |[Y+.m..-.].==..\...K../Z..| 000002f0 7e c7 d4 ad 28 69 bd 4d 1b 2e 37 a1 a3 e8 dc d9 |~...(i.M..7.....| 00000300 2a 35 06 38 9a 42 4f 55 5d b3 17 42 21 5e 41 1c |*5.8.BOU]..B!^A.| 00000310 e7 e8 9e 17 03 03 00 99 48 c9 55 46 9a 1b 78 2a |........H.UF..x*| 00000320 5c 3f a3 ff bd ef 2c ed 0f 43 61 42 91 27 87 24 |\?....,..CaB.'.$| 00000330 24 40 de b7 f9 ce 11 93 29 92 e1 1e 4e 07 68 39 |$@......)...N.h9| 00000340 90 24 2d ee 97 35 f0 5b 9a ae df 42 26 43 cb a6 |.$-..5.[...B&C..| 00000350 18 64 3a 01 36 2b 3e 6d f3 cd 27 14 27 44 4f cf |.d:.6+>m..'.'DO.| 00000360 d9 74 84 80 d0 8c 1f 8b 3e 94 a9 68 58 fb 2f 6d |.t......>..hX./m| 00000370 4c 51 3b fd 69 bc 73 46 a9 7e b0 c7 4c de 18 73 |LQ;.i.sF.~..L..s| 00000380 34 6c 81 71 a9 b6 11 57 3c 82 ee 94 de 4d 71 d0 |4l.q...W<....Mq.| 00000390 33 a7 de 53 d3 3b 41 3a 1e 9e 3a c0 57 cd 8b 0f |3..S.;A:..:.W...| 000003a0 d4 89 47 a4 05 e7 7a b2 a1 01 9a a7 a1 bb e7 da |..G...z.........| 000003b0 37 17 03 03 00 45 3d ab f9 79 8b 3e bc 78 50 e6 |7....E=..y.>.xP.| 000003c0 05 5c 41 21 3f b6 ca c4 a6 20 1f ee 0b 91 fb 7f |.\A!?.... ......| 000003d0 3f fe 82 10 87 ac 75 0e 0b 31 ee ad a3 dd 5c 8f |?.....u..1....\.| 000003e0 04 cd d8 2f 78 2f fc b7 b4 6e d7 a1 4f d3 eb e1 |.../x/...n..O...| 000003f0 03 9f 89 01 08 99 27 60 71 60 33 |......'`q`3| >>> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 ae 11 96 0a 46 |..........E....F| 00000010 a2 93 dd b3 29 37 51 19 6c 64 3b 14 a9 b0 a2 80 |....)7Q.ld;.....| 00000020 7c 51 b6 ff 71 2f 80 56 97 e4 03 4c 9b 1b ab 60 ||Q..q/.V...L...`| 00000030 a5 c7 50 93 26 c6 fb 35 e3 94 2a 4c c4 f1 9b 51 |..P.&..5..*L...Q| 00000040 8f 08 09 0b 66 93 7b 8f be 81 77 94 8e d1 17 1d |....f.{...w.....| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e b7 05 c1 09 2e 7e 14 5a d8 14 9b |..........~.Z...| 00000010 4e 35 a4 40 e4 9b 3c a0 66 ad 4d 0e f1 3f 15 0f |N5.@..<.f.M..?..| 00000020 38 12 7a 17 03 03 00 13 30 d5 ab a1 f8 9d 59 75 |8.z.....0.....Yu| 00000030 5a c9 8d b5 0b 69 09 53 c7 99 d7 |Z....i.S...| golang-github-marten-seemann-qtls-0.10.0/testdata/Server-TLSv13-X25519000066400000000000000000000171271373277661100250440ustar00rootroot00000000000000>>> Flow 1 (client to server) 00000000 16 03 01 00 c6 01 00 00 c2 03 03 ab 41 fc 26 4b |............A.&K| 00000010 cf 06 24 18 dd da 22 d9 11 a6 c8 a4 14 53 c7 fe |..$..."......S..| 00000020 c7 b9 f4 e4 fa f4 13 5e 0c 01 9d 20 41 ca e0 3a |.......^... A..:| 00000030 88 45 8d a3 94 85 ce aa d9 3b b6 cf ce a6 c4 b1 |.E.......;......| 00000040 b4 33 e8 3a 03 0d 38 9a d7 48 6f a5 00 08 13 02 |.3.:..8..Ho.....| 00000050 13 03 13 01 00 ff 01 00 00 71 00 0b 00 04 03 00 |.........q......| 00000060 01 02 00 0a 00 04 00 02 00 1d 00 16 00 00 00 17 |................| 00000070 00 00 00 0d 00 1e 00 1c 04 03 05 03 06 03 08 07 |................| 00000080 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 |................| 00000090 05 01 06 01 00 2b 00 03 02 03 04 00 2d 00 02 01 |.....+......-...| 000000a0 01 00 33 00 26 00 24 00 1d 00 20 17 08 94 83 1a |..3.&.$... .....| 000000b0 7a bf 38 cb c6 50 92 92 3c 5b dd b5 34 73 b2 4b |z.8..P..<[..4s.K| 000000c0 19 a7 9b 52 03 7b 1b 61 c1 86 54 |...R.{.a..T| >>> Flow 2 (server to client) 00000000 16 03 03 00 7a 02 00 00 76 03 03 00 00 00 00 00 |....z...v.......| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 00 00 00 00 00 00 00 00 00 00 00 20 41 ca e0 3a |........... A..:| 00000030 88 45 8d a3 94 85 ce aa d9 3b b6 cf ce a6 c4 b1 |.E.......;......| 00000040 b4 33 e8 3a 03 0d 38 9a d7 48 6f a5 13 02 00 00 |.3.:..8..Ho.....| 00000050 2e 00 2b 00 02 03 04 00 33 00 24 00 1d 00 20 2f |..+.....3.$... /| 00000060 e5 7d a3 47 cd 62 43 15 28 da ac 5f bb 29 07 30 |.}.G.bC.(.._.).0| 00000070 ff f6 84 af c4 cf c2 ed 90 99 5f 58 cb 3b 74 14 |.........._X.;t.| 00000080 03 03 00 01 01 17 03 03 00 17 54 96 90 b1 90 56 |..........T....V| 00000090 88 93 2a b8 84 b6 89 2e c9 95 6b 52 35 6b 29 83 |..*.......kR5k).| 000000a0 83 17 03 03 02 6d 72 12 0f dd 8a 20 1a d0 f0 e7 |.....mr.... ....| 000000b0 c3 f6 67 e3 94 54 4a 93 13 72 fe 7a 20 f9 fe ad |..g..TJ..r.z ...| 000000c0 67 55 91 95 a3 a8 f1 31 a5 8b d7 61 6b 19 a0 cb |gU.....1...ak...| 000000d0 39 ca 16 e5 fa d0 d4 ac 70 0c b4 9d a6 e6 ed 9c |9.......p.......| 000000e0 0e eb cf ce 34 07 0c 7b de 73 36 ab 80 87 ec 88 |....4..{.s6.....| 000000f0 5b dd c8 7f 0c cf 5a 5a 8d cb 58 53 3e 40 ba df |[.....ZZ..XS>@..| 00000100 3c cb 99 22 cb f6 1b 4a 82 41 7f 8e d7 e7 ff b6 |<.."...J.A......| 00000110 5b c2 c5 9f 7d d3 b7 ac 65 88 22 ea 7a 81 5a 6c |[...}...e.".z.Zl| 00000120 8f 4f 53 c7 42 c2 2e 09 48 34 de d4 86 a1 ca ea |.OS.B...H4......| 00000130 4f dd 78 1d 8a 73 3c d9 38 9a ff 9c da 87 d5 c9 |O.x..s<.8.......| 00000140 df 64 d3 3f 2e 9f fa 4d 6b 7d aa 43 17 42 d7 fa |.d.?...Mk}.C.B..| 00000150 4b 5e f5 df b7 7a 10 d9 8e fc 05 08 11 fd 74 33 |K^...z........t3| 00000160 0b 9a 6f b2 30 b5 07 0d f4 df 81 c3 48 73 c8 92 |..o.0.......Hs..| 00000170 8b 9a 57 5e e1 c3 cb 17 69 ae ad 0e fd 3d f8 31 |..W^....i....=.1| 00000180 2d 36 28 2e 89 5b 72 d5 05 9e 92 ed 29 a6 62 79 |-6(..[r.....).by| 00000190 e7 5f 93 52 f5 3b e1 e5 0b ec a9 9f 96 cb 90 9a |._.R.;..........| 000001a0 28 1d 52 da 11 9f 80 03 bd 01 49 96 40 85 ad 75 |(.R.......I.@..u| 000001b0 6a e3 fe dc b4 4b 76 92 e5 e7 c6 b6 f5 78 53 2d |j....Kv......xS-| 000001c0 80 0f 99 56 06 df 99 0f 17 4c 07 a6 40 40 ce 12 |...V.....L..@@..| 000001d0 aa 85 2d 00 0b 0a e8 07 66 9b 91 50 ce 30 84 e8 |..-.....f..P.0..| 000001e0 22 6c b7 2d a2 8e f3 90 53 5b 37 fc 23 19 09 c1 |"l.-....S[7.#...| 000001f0 b4 de ef 00 14 c6 97 2e ad c8 66 40 2b 20 3c 77 |..........f@+ >> Flow 3 (client to server) 00000000 14 03 03 00 01 01 17 03 03 00 45 17 fc ed de 40 |..........E....@| 00000010 74 87 2a ab 06 75 3d 1c 6e bd 7d b6 70 b7 77 0f |t.*..u=.n.}.p.w.| 00000020 7b 51 19 42 e4 4a e8 73 01 e2 22 6c 0d 4f 2b 75 |{Q.B.J.s.."l.O+u| 00000030 74 e9 ce ac 1f c7 72 72 85 26 bb 71 fb 65 f6 df |t.....rr.&.q.e..| 00000040 a3 53 cf b5 af 38 b4 b2 0e 75 fa 1c 39 bf 6a 62 |.S...8...u..9.jb| >>> Flow 4 (server to client) 00000000 17 03 03 00 1e 81 0d a9 fa 3b 70 9a 35 6b c1 28 |.........;p.5k.(| 00000010 b7 8a 74 91 27 ca 63 1c ea 4c 8a 8b ee e9 f2 98 |..t.'.c..L......| 00000020 45 e4 1c 17 03 03 00 13 51 3c 99 af ff 35 4e 16 |E.......Q<...5N.| 00000030 43 b2 e6 b1 7e 67 a6 e9 e2 95 fc |C...~g.....| golang-github-marten-seemann-qtls-0.10.0/testdata/example-cert.pem000066400000000000000000000011131373277661100251230ustar00rootroot00000000000000-----BEGIN CERTIFICATE----- MIIBhTCCASugAwIBAgIQIRi6zePL6mKjOipn+dNuaTAKBggqhkjOPQQDAjASMRAw DgYDVQQKEwdBY21lIENvMB4XDTE3MTAyMDE5NDMwNloXDTE4MTAyMDE5NDMwNlow EjEQMA4GA1UEChMHQWNtZSBDbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABD0d 7VNhbWvZLWPuj/RtHFjvtJBEwOkhbN/BnnE8rnZR8+sbwnc/KhCk3FhnpHZnQz7B 5aETbbIgmuvewdjvSBSjYzBhMA4GA1UdDwEB/wQEAwICpDATBgNVHSUEDDAKBggr BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdEQQiMCCCDmxvY2FsaG9zdDo1 NDUzgg4xMjcuMC4wLjE6NTQ1MzAKBggqhkjOPQQDAgNIADBFAiEA2zpJEPQyz6/l Wf86aX6PepsntZv2GYlA5UpabfT2EZICICpJ5h/iI+i341gBmLiAFQOyTDT+/wQc 6MF9+Yw1Yy0t -----END CERTIFICATE----- golang-github-marten-seemann-qtls-0.10.0/testdata/example-key.pem000066400000000000000000000003431373277661100247620ustar00rootroot00000000000000-----BEGIN EC PRIVATE KEY----- MHcCAQEEIIrYSSNQFaA2Hwf1duRSxKtLYX5CB04fSeQ6tF1aY/PuoAoGCCqGSM49 AwEHoUQDQgAEPR3tU2Fta9ktY+6P9G0cWO+0kETA6SFs38GecTyudlHz6xvCdz8q EKTcWGekdmdDPsHloRNtsiCa697B2O9IFA== -----END EC PRIVATE KEY----- golang-github-marten-seemann-qtls-0.10.0/ticket.go000066400000000000000000000173241373277661100220460ustar00rootroot00000000000000// Copyright 2012 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto/aes" "crypto/cipher" "crypto/hmac" "crypto/sha256" "crypto/subtle" "errors" "io" "time" "golang.org/x/crypto/cryptobyte" ) // sessionState contains the information that is serialized into a session // ticket in order to later resume a connection. type sessionState struct { vers uint16 cipherSuite uint16 masterSecret []byte certificates [][]byte // usedOldKey is true if the ticket from which this session came from // was encrypted with an older key and thus should be refreshed. usedOldKey bool } func (s *sessionState) marshal() []byte { length := 2 + 2 + 2 + len(s.masterSecret) + 2 for _, cert := range s.certificates { length += 4 + len(cert) } ret := make([]byte, length) x := ret x[0] = byte(s.vers >> 8) x[1] = byte(s.vers) x[2] = byte(s.cipherSuite >> 8) x[3] = byte(s.cipherSuite) x[4] = byte(len(s.masterSecret) >> 8) x[5] = byte(len(s.masterSecret)) x = x[6:] copy(x, s.masterSecret) x = x[len(s.masterSecret):] x[0] = byte(len(s.certificates) >> 8) x[1] = byte(len(s.certificates)) x = x[2:] for _, cert := range s.certificates { x[0] = byte(len(cert) >> 24) x[1] = byte(len(cert) >> 16) x[2] = byte(len(cert) >> 8) x[3] = byte(len(cert)) copy(x[4:], cert) x = x[4+len(cert):] } return ret } func (s *sessionState) unmarshal(data []byte) bool { if len(data) < 8 { return false } s.vers = uint16(data[0])<<8 | uint16(data[1]) s.cipherSuite = uint16(data[2])<<8 | uint16(data[3]) masterSecretLen := int(data[4])<<8 | int(data[5]) data = data[6:] if len(data) < masterSecretLen { return false } s.masterSecret = data[:masterSecretLen] data = data[masterSecretLen:] if len(data) < 2 { return false } numCerts := int(data[0])<<8 | int(data[1]) data = data[2:] s.certificates = make([][]byte, numCerts) for i := range s.certificates { if len(data) < 4 { return false } certLen := int(data[0])<<24 | int(data[1])<<16 | int(data[2])<<8 | int(data[3]) data = data[4:] if certLen < 0 { return false } if len(data) < certLen { return false } s.certificates[i] = data[:certLen] data = data[certLen:] } return len(data) == 0 } // sessionStateTLS13 is the content of a TLS 1.3 session ticket. Its first // version (revision = 0) doesn't carry any of the information needed for 0-RTT // validation and the nonce is always empty. // version (revision = 1) carries the max_early_data_size sent in the ticket. // version (revision = 2) carries the ALPN sent in the ticket. type sessionStateTLS13 struct { // uint8 version = 0x0304; // uint8 revision = 2; cipherSuite uint16 createdAt uint64 resumptionSecret []byte // opaque resumption_master_secret<1..2^8-1>; certificate Certificate // CertificateEntry certificate_list<0..2^24-1>; maxEarlyData uint32 alpn string appData []byte } func (m *sessionStateTLS13) marshal() []byte { var b cryptobyte.Builder b.AddUint16(VersionTLS13) b.AddUint8(2) // revision b.AddUint16(m.cipherSuite) addUint64(&b, m.createdAt) b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.resumptionSecret) }) marshalCertificate(&b, m.certificate) b.AddUint32(m.maxEarlyData) b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes([]byte(m.alpn)) }) b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) { b.AddBytes(m.appData) }) return b.BytesOrPanic() } func (m *sessionStateTLS13) unmarshal(data []byte) bool { *m = sessionStateTLS13{} s := cryptobyte.String(data) var version uint16 var revision uint8 var alpn []byte ret := s.ReadUint16(&version) && version == VersionTLS13 && s.ReadUint8(&revision) && revision == 2 && s.ReadUint16(&m.cipherSuite) && readUint64(&s, &m.createdAt) && readUint8LengthPrefixed(&s, &m.resumptionSecret) && len(m.resumptionSecret) != 0 && unmarshalCertificate(&s, &m.certificate) && s.ReadUint32(&m.maxEarlyData) && readUint8LengthPrefixed(&s, &alpn) && readUint16LengthPrefixed(&s, &m.appData) && s.Empty() m.alpn = string(alpn) return ret } func (c *Conn) encryptTicket(state []byte) ([]byte, error) { encrypted := make([]byte, ticketKeyNameLen+aes.BlockSize+len(state)+sha256.Size) keyName := encrypted[:ticketKeyNameLen] iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize] macBytes := encrypted[len(encrypted)-sha256.Size:] if _, err := io.ReadFull(c.config.rand(), iv); err != nil { return nil, err } key := c.config.ticketKeys()[0] copy(keyName, key.keyName[:]) block, err := aes.NewCipher(key.aesKey[:]) if err != nil { return nil, errors.New("tls: failed to create cipher while encrypting ticket: " + err.Error()) } cipher.NewCTR(block, iv).XORKeyStream(encrypted[ticketKeyNameLen+aes.BlockSize:], state) mac := hmac.New(sha256.New, key.hmacKey[:]) mac.Write(encrypted[:len(encrypted)-sha256.Size]) mac.Sum(macBytes[:0]) return encrypted, nil } func (c *Conn) decryptTicket(encrypted []byte) (plaintext []byte, usedOldKey bool) { if len(encrypted) < ticketKeyNameLen+aes.BlockSize+sha256.Size { return nil, false } keyName := encrypted[:ticketKeyNameLen] iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize] macBytes := encrypted[len(encrypted)-sha256.Size:] ciphertext := encrypted[ticketKeyNameLen+aes.BlockSize : len(encrypted)-sha256.Size] keys := c.config.ticketKeys() keyIndex := -1 for i, candidateKey := range keys { if bytes.Equal(keyName, candidateKey.keyName[:]) { keyIndex = i break } } if keyIndex == -1 { return nil, false } key := &keys[keyIndex] mac := hmac.New(sha256.New, key.hmacKey[:]) mac.Write(encrypted[:len(encrypted)-sha256.Size]) expected := mac.Sum(nil) if subtle.ConstantTimeCompare(macBytes, expected) != 1 { return nil, false } block, err := aes.NewCipher(key.aesKey[:]) if err != nil { return nil, false } plaintext = make([]byte, len(ciphertext)) cipher.NewCTR(block, iv).XORKeyStream(plaintext, ciphertext) return plaintext, keyIndex > 0 } func (c *Conn) getSessionTicketMsg(appData []byte) (*newSessionTicketMsgTLS13, error) { m := new(newSessionTicketMsgTLS13) var certsFromClient [][]byte for _, cert := range c.peerCertificates { certsFromClient = append(certsFromClient, cert.Raw) } state := sessionStateTLS13{ cipherSuite: c.cipherSuite, createdAt: uint64(c.config.time().Unix()), resumptionSecret: c.resumptionSecret, certificate: Certificate{ Certificate: certsFromClient, OCSPStaple: c.ocspResponse, SignedCertificateTimestamps: c.scts, }, maxEarlyData: c.config.MaxEarlyData, alpn: c.clientProtocol, appData: appData, } var err error m.label, err = c.encryptTicket(state.marshal()) if err != nil { return nil, err } m.lifetime = uint32(maxSessionTicketLifetime / time.Second) m.maxEarlyData = c.config.MaxEarlyData return m, nil } // GetSessionTicket generates a new session ticket. // It should only be called after the handshake completes. // It can only be used for servers, and only if the alternative record layer is set. // The ticket may be nil if config.SessionTicketsDisabled is set, // or if the client isn't able to receive session tickets. func (c *Conn) GetSessionTicket(appData []byte) ([]byte, error) { if c.isClient || !c.handshakeComplete() || c.config.AlternativeRecordLayer == nil { return nil, errors.New("GetSessionTicket is only valid for servers after completion of the handshake, and if an alternative record layer is set.") } if c.config.SessionTicketsDisabled { return nil, nil } m, err := c.getSessionTicketMsg(appData) if err != nil { return nil, err } return m.marshal(), nil } golang-github-marten-seemann-qtls-0.10.0/tls.go000066400000000000000000000236741373277661100213720ustar00rootroot00000000000000// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // package qtls partially implements TLS 1.2, as specified in RFC 5246, // and TLS 1.3, as specified in RFC 8446. package qtls // BUG(agl): The crypto/tls package only implements some countermeasures // against Lucky13 attacks on CBC-mode encryption, and only on SHA1 // variants. See http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and // https://www.imperialviolet.org/2013/02/04/luckythirteen.html. import ( "bytes" "crypto" "crypto/ecdsa" "crypto/ed25519" "crypto/rsa" "crypto/x509" "encoding/pem" "errors" "fmt" "io/ioutil" "net" "strings" "time" ) // Server returns a new TLS server side connection // using conn as the underlying transport. // The configuration config must be non-nil and must include // at least one certificate or else set GetCertificate. func Server(conn net.Conn, config *Config) *Conn { return &Conn{conn: conn, config: config} } // Client returns a new TLS client side connection // using conn as the underlying transport. // The config cannot be nil: users must set either ServerName or // InsecureSkipVerify in the config. func Client(conn net.Conn, config *Config) *Conn { return &Conn{conn: conn, config: config, isClient: true} } // A listener implements a network listener (net.Listener) for TLS connections. type listener struct { net.Listener config *Config } // Accept waits for and returns the next incoming TLS connection. // The returned connection is of type *Conn. func (l *listener) Accept() (net.Conn, error) { c, err := l.Listener.Accept() if err != nil { return nil, err } return Server(c, l.config), nil } // NewListener creates a Listener which accepts connections from an inner // Listener and wraps each connection with Server. // The configuration config must be non-nil and must include // at least one certificate or else set GetCertificate. func NewListener(inner net.Listener, config *Config) net.Listener { l := new(listener) l.Listener = inner l.config = config return l } // Listen creates a TLS listener accepting connections on the // given network address using net.Listen. // The configuration config must be non-nil and must include // at least one certificate or else set GetCertificate. func Listen(network, laddr string, config *Config) (net.Listener, error) { if config == nil || len(config.Certificates) == 0 && config.GetCertificate == nil && config.GetConfigForClient == nil { return nil, errors.New("tls: neither Certificates, GetCertificate, nor GetConfigForClient set in Config") } l, err := net.Listen(network, laddr) if err != nil { return nil, err } return NewListener(l, config), nil } type timeoutError struct{} func (timeoutError) Error() string { return "tls: DialWithDialer timed out" } func (timeoutError) Timeout() bool { return true } func (timeoutError) Temporary() bool { return true } // DialWithDialer connects to the given network address using dialer.Dial and // then initiates a TLS handshake, returning the resulting TLS connection. Any // timeout or deadline given in the dialer apply to connection and TLS // handshake as a whole. // // DialWithDialer interprets a nil configuration as equivalent to the zero // configuration; see the documentation of Config for the defaults. func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config) (*Conn, error) { // We want the Timeout and Deadline values from dialer to cover the // whole process: TCP connection and TLS handshake. This means that we // also need to start our own timers now. timeout := dialer.Timeout if !dialer.Deadline.IsZero() { deadlineTimeout := time.Until(dialer.Deadline) if timeout == 0 || deadlineTimeout < timeout { timeout = deadlineTimeout } } var errChannel chan error if timeout != 0 { errChannel = make(chan error, 2) timer := time.AfterFunc(timeout, func() { errChannel <- timeoutError{} }) defer timer.Stop() } rawConn, err := dialer.Dial(network, addr) if err != nil { return nil, err } colonPos := strings.LastIndex(addr, ":") if colonPos == -1 { colonPos = len(addr) } hostname := addr[:colonPos] if config == nil { config = defaultConfig() } // If no ServerName is set, infer the ServerName // from the hostname we're connecting to. if config.ServerName == "" { // Make a copy to avoid polluting argument or default. c := config.Clone() c.ServerName = hostname config = c } conn := Client(rawConn, config) if timeout == 0 { err = conn.Handshake() } else { go func() { errChannel <- conn.Handshake() }() err = <-errChannel } if err != nil { rawConn.Close() return nil, err } return conn, nil } // Dial connects to the given network address using net.Dial // and then initiates a TLS handshake, returning the resulting // TLS connection. // Dial interprets a nil configuration as equivalent to // the zero configuration; see the documentation of Config // for the defaults. func Dial(network, addr string, config *Config) (*Conn, error) { return DialWithDialer(new(net.Dialer), network, addr, config) } // LoadX509KeyPair reads and parses a public/private key pair from a pair // of files. The files must contain PEM encoded data. The certificate file // may contain intermediate certificates following the leaf certificate to // form a certificate chain. On successful return, Certificate.Leaf will // be nil because the parsed form of the certificate is not retained. func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) { certPEMBlock, err := ioutil.ReadFile(certFile) if err != nil { return Certificate{}, err } keyPEMBlock, err := ioutil.ReadFile(keyFile) if err != nil { return Certificate{}, err } return X509KeyPair(certPEMBlock, keyPEMBlock) } // X509KeyPair parses a public/private key pair from a pair of // PEM encoded data. On successful return, Certificate.Leaf will be nil because // the parsed form of the certificate is not retained. func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) { fail := func(err error) (Certificate, error) { return Certificate{}, err } var cert Certificate var skippedBlockTypes []string for { var certDERBlock *pem.Block certDERBlock, certPEMBlock = pem.Decode(certPEMBlock) if certDERBlock == nil { break } if certDERBlock.Type == "CERTIFICATE" { cert.Certificate = append(cert.Certificate, certDERBlock.Bytes) } else { skippedBlockTypes = append(skippedBlockTypes, certDERBlock.Type) } } if len(cert.Certificate) == 0 { if len(skippedBlockTypes) == 0 { return fail(errors.New("tls: failed to find any PEM data in certificate input")) } if len(skippedBlockTypes) == 1 && strings.HasSuffix(skippedBlockTypes[0], "PRIVATE KEY") { return fail(errors.New("tls: failed to find certificate PEM data in certificate input, but did find a private key; PEM inputs may have been switched")) } return fail(fmt.Errorf("tls: failed to find \"CERTIFICATE\" PEM block in certificate input after skipping PEM blocks of the following types: %v", skippedBlockTypes)) } skippedBlockTypes = skippedBlockTypes[:0] var keyDERBlock *pem.Block for { keyDERBlock, keyPEMBlock = pem.Decode(keyPEMBlock) if keyDERBlock == nil { if len(skippedBlockTypes) == 0 { return fail(errors.New("tls: failed to find any PEM data in key input")) } if len(skippedBlockTypes) == 1 && skippedBlockTypes[0] == "CERTIFICATE" { return fail(errors.New("tls: found a certificate rather than a key in the PEM for the private key")) } return fail(fmt.Errorf("tls: failed to find PEM block with type ending in \"PRIVATE KEY\" in key input after skipping PEM blocks of the following types: %v", skippedBlockTypes)) } if keyDERBlock.Type == "PRIVATE KEY" || strings.HasSuffix(keyDERBlock.Type, " PRIVATE KEY") { break } skippedBlockTypes = append(skippedBlockTypes, keyDERBlock.Type) } // We don't need to parse the public key for TLS, but we so do anyway // to check that it looks sane and matches the private key. x509Cert, err := x509.ParseCertificate(cert.Certificate[0]) if err != nil { return fail(err) } cert.PrivateKey, err = parsePrivateKey(keyDERBlock.Bytes) if err != nil { return fail(err) } switch pub := x509Cert.PublicKey.(type) { case *rsa.PublicKey: priv, ok := cert.PrivateKey.(*rsa.PrivateKey) if !ok { return fail(errors.New("tls: private key type does not match public key type")) } if pub.N.Cmp(priv.N) != 0 { return fail(errors.New("tls: private key does not match public key")) } case *ecdsa.PublicKey: priv, ok := cert.PrivateKey.(*ecdsa.PrivateKey) if !ok { return fail(errors.New("tls: private key type does not match public key type")) } if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 { return fail(errors.New("tls: private key does not match public key")) } case ed25519.PublicKey: priv, ok := cert.PrivateKey.(ed25519.PrivateKey) if !ok { return fail(errors.New("tls: private key type does not match public key type")) } if !bytes.Equal(priv.Public().(ed25519.PublicKey), pub) { return fail(errors.New("tls: private key does not match public key")) } default: return fail(errors.New("tls: unknown public key algorithm")) } return cert, nil } // Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates // PKCS#1 private keys by default, while OpenSSL 1.0.0 generates PKCS#8 keys. // OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three. func parsePrivateKey(der []byte) (crypto.PrivateKey, error) { if key, err := x509.ParsePKCS1PrivateKey(der); err == nil { return key, nil } if key, err := x509.ParsePKCS8PrivateKey(der); err == nil { switch key := key.(type) { case *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey: return key, nil default: return nil, errors.New("tls: found unknown private key type in PKCS#8 wrapping") } } if key, err := x509.ParseECPrivateKey(der); err == nil { return key, nil } return nil, errors.New("tls: failed to parse private key") } golang-github-marten-seemann-qtls-0.10.0/tls_test.go000066400000000000000000001176071373277661100224310ustar00rootroot00000000000000// Copyright 2012 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package qtls import ( "bytes" "crypto" "crypto/x509" "encoding/json" "errors" "fmt" "io" "io/ioutil" "math" "net" "os" "reflect" "strings" "testing" "time" ) var rsaCertPEM = `-----BEGIN CERTIFICATE----- MIIB0zCCAX2gAwIBAgIJAI/M7BYjwB+uMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX aWRnaXRzIFB0eSBMdGQwHhcNMTIwOTEyMjE1MjAyWhcNMTUwOTEyMjE1MjAyWjBF MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50 ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANLJ hPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wok/4xIA+ui35/MmNa rtNuC+BdZ1tMuVCPFZcCAwEAAaNQME4wHQYDVR0OBBYEFJvKs8RfJaXTH08W+SGv zQyKn0H8MB8GA1UdIwQYMBaAFJvKs8RfJaXTH08W+SGvzQyKn0H8MAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQEFBQADQQBJlffJHybjDGxRMqaRmDhX0+6v02TUKZsW r5QuVbpQhH6u+0UgcW0jp9QwpxoPTLTWGXEWBBBurxFwiCBhkQ+V -----END CERTIFICATE----- ` var rsaKeyPEM = testingKey(`-----BEGIN RSA TESTING KEY----- MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G 6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g== -----END RSA TESTING KEY----- `) // keyPEM is the same as rsaKeyPEM, but declares itself as just // "PRIVATE KEY", not "RSA PRIVATE KEY". https://golang.org/issue/4477 var keyPEM = testingKey(`-----BEGIN TESTING KEY----- MIIBOwIBAAJBANLJhPHhITqQbPklG3ibCVxwGMRfp/v4XqhfdQHdcVfHap6NQ5Wo k/4xIA+ui35/MmNartNuC+BdZ1tMuVCPFZcCAwEAAQJAEJ2N+zsR0Xn8/Q6twa4G 6OB1M1WO+k+ztnX/1SvNeWu8D6GImtupLTYgjZcHufykj09jiHmjHx8u8ZZB/o1N MQIhAPW+eyZo7ay3lMz1V01WVjNKK9QSn1MJlb06h/LuYv9FAiEA25WPedKgVyCW SmUwbPw8fnTcpqDWE3yTO3vKcebqMSsCIBF3UmVue8YU3jybC3NxuXq3wNm34R8T xVLHwDXh/6NJAiEAl2oHGGLz64BuAfjKrqwz7qMYr9HCLIe/YsoWq/olzScCIQDi D2lWusoe2/nEqfDVVWGWlyJ7yOmqaVm/iNUN9B2N2g== -----END TESTING KEY----- `) var ecdsaCertPEM = `-----BEGIN CERTIFICATE----- MIIB/jCCAWICCQDscdUxw16XFDAJBgcqhkjOPQQBMEUxCzAJBgNVBAYTAkFVMRMw EQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0 eSBMdGQwHhcNMTIxMTE0MTI0MDQ4WhcNMTUxMTE0MTI0MDQ4WjBFMQswCQYDVQQG EwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lk Z2l0cyBQdHkgTHRkMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBY9+my9OoeSUR lDQdV/x8LsOuLilthhiS1Tz4aGDHIPwC1mlvnf7fg5lecYpMCrLLhauAc1UJXcgl 01xoLuzgtAEAgv2P/jgytzRSpUYvgLBt1UA0leLYBy6mQQbrNEuqT3INapKIcUv8 XxYP0xMEUksLPq6Ca+CRSqTtrd/23uTnapkwCQYHKoZIzj0EAQOBigAwgYYCQXJo A7Sl2nLVf+4Iu/tAX/IF4MavARKC4PPHK3zfuGfPR3oCCcsAoz3kAzOeijvd0iXb H5jBImIxPL4WxQNiBTexAkF8D1EtpYuWdlVQ80/h/f4pBcGiXPqX5h2PQSQY7hP1 +jwM1FGS4fREIOvlBYr/SzzQRtwrvrzGYxDEDbsC0ZGRnA== -----END CERTIFICATE----- ` var ecdsaKeyPEM = testingKey(`-----BEGIN EC PARAMETERS----- BgUrgQQAIw== -----END EC PARAMETERS----- -----BEGIN EC TESTING KEY----- MIHcAgEBBEIBrsoKp0oqcv6/JovJJDoDVSGWdirrkgCWxrprGlzB9o0X8fV675X0 NwuBenXFfeZvVcwluO7/Q9wkYoPd/t3jGImgBwYFK4EEACOhgYkDgYYABAFj36bL 06h5JRGUNB1X/Hwuw64uKW2GGJLVPPhoYMcg/ALWaW+d/t+DmV5xikwKssuFq4Bz VQldyCXTXGgu7OC0AQCC/Y/+ODK3NFKlRi+AsG3VQDSV4tgHLqZBBus0S6pPcg1q kohxS/xfFg/TEwRSSws+roJr4JFKpO2t3/be5OdqmQ== -----END EC TESTING KEY----- `) var keyPairTests = []struct { algo string cert string key string }{ {"ECDSA", ecdsaCertPEM, ecdsaKeyPEM}, {"RSA", rsaCertPEM, rsaKeyPEM}, {"RSA-untyped", rsaCertPEM, keyPEM}, // golang.org/issue/4477 } func TestX509KeyPair(t *testing.T) { t.Parallel() var pem []byte for _, test := range keyPairTests { pem = []byte(test.cert + test.key) if _, err := X509KeyPair(pem, pem); err != nil { t.Errorf("Failed to load %s cert followed by %s key: %s", test.algo, test.algo, err) } pem = []byte(test.key + test.cert) if _, err := X509KeyPair(pem, pem); err != nil { t.Errorf("Failed to load %s key followed by %s cert: %s", test.algo, test.algo, err) } } } func TestX509KeyPairErrors(t *testing.T) { _, err := X509KeyPair([]byte(rsaKeyPEM), []byte(rsaCertPEM)) if err == nil { t.Fatalf("X509KeyPair didn't return an error when arguments were switched") } if subStr := "been switched"; !strings.Contains(err.Error(), subStr) { t.Fatalf("Expected %q in the error when switching arguments to X509KeyPair, but the error was %q", subStr, err) } _, err = X509KeyPair([]byte(rsaCertPEM), []byte(rsaCertPEM)) if err == nil { t.Fatalf("X509KeyPair didn't return an error when both arguments were certificates") } if subStr := "certificate"; !strings.Contains(err.Error(), subStr) { t.Fatalf("Expected %q in the error when both arguments to X509KeyPair were certificates, but the error was %q", subStr, err) } const nonsensePEM = ` -----BEGIN NONSENSE----- Zm9vZm9vZm9v -----END NONSENSE----- ` _, err = X509KeyPair([]byte(nonsensePEM), []byte(nonsensePEM)) if err == nil { t.Fatalf("X509KeyPair didn't return an error when both arguments were nonsense") } if subStr := "NONSENSE"; !strings.Contains(err.Error(), subStr) { t.Fatalf("Expected %q in the error when both arguments to X509KeyPair were nonsense, but the error was %q", subStr, err) } } func TestX509MixedKeyPair(t *testing.T) { if _, err := X509KeyPair([]byte(rsaCertPEM), []byte(ecdsaKeyPEM)); err == nil { t.Error("Load of RSA certificate succeeded with ECDSA private key") } if _, err := X509KeyPair([]byte(ecdsaCertPEM), []byte(rsaKeyPEM)); err == nil { t.Error("Load of ECDSA certificate succeeded with RSA private key") } } func newLocalListener(t testing.TB) net.Listener { ln, err := net.Listen("tcp", "127.0.0.1:0") if err != nil { ln, err = net.Listen("tcp6", "[::1]:0") } if err != nil { t.Fatal(err) } return ln } func TestDialTimeout(t *testing.T) { if testing.Short() { t.Skip("skipping in short mode") } listener := newLocalListener(t) addr := listener.Addr().String() defer listener.Close() complete := make(chan bool) defer close(complete) go func() { conn, err := listener.Accept() if err != nil { t.Error(err) return } <-complete conn.Close() }() dialer := &net.Dialer{ Timeout: 10 * time.Millisecond, } var err error if _, err = DialWithDialer(dialer, "tcp", addr, nil); err == nil { t.Fatal("DialWithTimeout completed successfully") } if !isTimeoutError(err) { t.Errorf("resulting error not a timeout: %v\nType %T: %#v", err, err, err) } } func isTimeoutError(err error) bool { if ne, ok := err.(net.Error); ok { return ne.Timeout() } return false } // tests that Conn.Read returns (non-zero, io.EOF) instead of // (non-zero, nil) when a Close (alertCloseNotify) is sitting right // behind the application data in the buffer. func TestConnReadNonzeroAndEOF(t *testing.T) { // This test is racy: it assumes that after a write to a // localhost TCP connection, the peer TCP connection can // immediately read it. Because it's racy, we skip this test // in short mode, and then retry it several times with an // increasing sleep in between our final write (via srv.Close // below) and the following read. if testing.Short() { t.Skip("skipping in short mode") } var err error for delay := time.Millisecond; delay <= 64*time.Millisecond; delay *= 2 { if err = testConnReadNonzeroAndEOF(t, delay); err == nil { return } } t.Error(err) } func testConnReadNonzeroAndEOF(t *testing.T, delay time.Duration) error { ln := newLocalListener(t) defer ln.Close() srvCh := make(chan *Conn, 1) var serr error go func() { sconn, err := ln.Accept() if err != nil { serr = err srvCh <- nil return } serverConfig := testConfig.Clone() srv := Server(sconn, serverConfig) if err := srv.Handshake(); err != nil { serr = fmt.Errorf("handshake: %v", err) srvCh <- nil return } srvCh <- srv }() clientConfig := testConfig.Clone() // In TLS 1.3, alerts are encrypted and disguised as application data, so // the opportunistic peek won't work. clientConfig.MaxVersion = VersionTLS12 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) if err != nil { t.Fatal(err) } defer conn.Close() srv := <-srvCh if srv == nil { return serr } buf := make([]byte, 6) srv.Write([]byte("foobar")) n, err := conn.Read(buf) if n != 6 || err != nil || string(buf) != "foobar" { return fmt.Errorf("Read = %d, %v, data %q; want 6, nil, foobar", n, err, buf) } srv.Write([]byte("abcdef")) srv.Close() time.Sleep(delay) n, err = conn.Read(buf) if n != 6 || string(buf) != "abcdef" { return fmt.Errorf("Read = %d, buf= %q; want 6, abcdef", n, buf) } if err != io.EOF { return fmt.Errorf("Second Read error = %v; want io.EOF", err) } return nil } func TestTLSUniqueMatches(t *testing.T) { ln := newLocalListener(t) defer ln.Close() serverTLSUniques := make(chan []byte) go func() { for i := 0; i < 2; i++ { sconn, err := ln.Accept() if err != nil { t.Error(err) return } serverConfig := testConfig.Clone() serverConfig.MaxVersion = VersionTLS12 // TLSUnique is not defined in TLS 1.3 srv := Server(sconn, serverConfig) if err := srv.Handshake(); err != nil { t.Error(err) return } serverTLSUniques <- srv.ConnectionState().TLSUnique } }() clientConfig := testConfig.Clone() clientConfig.ClientSessionCache = NewLRUClientSessionCache(1) conn, err := Dial("tcp", ln.Addr().String(), clientConfig) if err != nil { t.Fatal(err) } if !bytes.Equal(conn.ConnectionState().TLSUnique, <-serverTLSUniques) { t.Error("client and server channel bindings differ") } conn.Close() conn, err = Dial("tcp", ln.Addr().String(), clientConfig) if err != nil { t.Fatal(err) } defer conn.Close() if !conn.ConnectionState().DidResume { t.Error("second session did not use resumption") } if !bytes.Equal(conn.ConnectionState().TLSUnique, <-serverTLSUniques) { t.Error("client and server channel bindings differ when session resumption is used") } } func TestVerifyHostname(t *testing.T) { // testenv.MustHaveExternalNetwork is part of an external package // Skip this test in qtls. return c, err := Dial("tcp", "www.google.com:https", nil) if err != nil { t.Fatal(err) } if err := c.VerifyHostname("www.google.com"); err != nil { t.Fatalf("verify www.google.com: %v", err) } if err := c.VerifyHostname("www.yahoo.com"); err == nil { t.Fatalf("verify www.yahoo.com succeeded") } c, err = Dial("tcp", "www.google.com:https", &Config{InsecureSkipVerify: true}) if err != nil { t.Fatal(err) } if err := c.VerifyHostname("www.google.com"); err == nil { t.Fatalf("verify www.google.com succeeded with InsecureSkipVerify=true") } } func TestConnCloseBreakingWrite(t *testing.T) { ln := newLocalListener(t) defer ln.Close() srvCh := make(chan *Conn, 1) var serr error var sconn net.Conn go func() { var err error sconn, err = ln.Accept() if err != nil { serr = err srvCh <- nil return } serverConfig := testConfig.Clone() srv := Server(sconn, serverConfig) if err := srv.Handshake(); err != nil { serr = fmt.Errorf("handshake: %v", err) srvCh <- nil return } srvCh <- srv }() cconn, err := net.Dial("tcp", ln.Addr().String()) if err != nil { t.Fatal(err) } defer cconn.Close() conn := &changeImplConn{ Conn: cconn, } clientConfig := testConfig.Clone() tconn := Client(conn, clientConfig) if err := tconn.Handshake(); err != nil { t.Fatal(err) } srv := <-srvCh if srv == nil { t.Fatal(serr) } defer sconn.Close() connClosed := make(chan struct{}) conn.closeFunc = func() error { close(connClosed) return nil } inWrite := make(chan bool, 1) var errConnClosed = errors.New("conn closed for test") conn.writeFunc = func(p []byte) (n int, err error) { inWrite <- true <-connClosed return 0, errConnClosed } closeReturned := make(chan bool, 1) go func() { <-inWrite tconn.Close() // test that this doesn't block forever. closeReturned <- true }() _, err = tconn.Write([]byte("foo")) if err != errConnClosed { t.Errorf("Write error = %v; want errConnClosed", err) } <-closeReturned if err := tconn.Close(); err != errClosed { t.Errorf("Close error = %v; want errClosed", err) } } func TestConnCloseWrite(t *testing.T) { ln := newLocalListener(t) defer ln.Close() clientDoneChan := make(chan struct{}) serverCloseWrite := func() error { sconn, err := ln.Accept() if err != nil { return fmt.Errorf("accept: %v", err) } defer sconn.Close() serverConfig := testConfig.Clone() srv := Server(sconn, serverConfig) if err := srv.Handshake(); err != nil { return fmt.Errorf("handshake: %v", err) } defer srv.Close() data, err := ioutil.ReadAll(srv) if err != nil { return err } if len(data) > 0 { return fmt.Errorf("Read data = %q; want nothing", data) } if err := srv.CloseWrite(); err != nil { return fmt.Errorf("server CloseWrite: %v", err) } // Wait for clientCloseWrite to finish, so we know we // tested the CloseWrite before we defer the // sconn.Close above, which would also cause the // client to unblock like CloseWrite. <-clientDoneChan return nil } clientCloseWrite := func() error { defer close(clientDoneChan) clientConfig := testConfig.Clone() conn, err := Dial("tcp", ln.Addr().String(), clientConfig) if err != nil { return err } if err := conn.Handshake(); err != nil { return err } defer conn.Close() if err := conn.CloseWrite(); err != nil { return fmt.Errorf("client CloseWrite: %v", err) } if _, err := conn.Write([]byte{0}); err != errShutdown { return fmt.Errorf("CloseWrite error = %v; want errShutdown", err) } data, err := ioutil.ReadAll(conn) if err != nil { return err } if len(data) > 0 { return fmt.Errorf("Read data = %q; want nothing", data) } return nil } errChan := make(chan error, 2) go func() { errChan <- serverCloseWrite() }() go func() { errChan <- clientCloseWrite() }() for i := 0; i < 2; i++ { select { case err := <-errChan: if err != nil { t.Fatal(err) } case <-time.After(10 * time.Second): t.Fatal("deadlock") } } // Also test CloseWrite being called before the handshake is // finished: { ln2 := newLocalListener(t) defer ln2.Close() netConn, err := net.Dial("tcp", ln2.Addr().String()) if err != nil { t.Fatal(err) } defer netConn.Close() conn := Client(netConn, testConfig.Clone()) if err := conn.CloseWrite(); err != errEarlyCloseWrite { t.Errorf("CloseWrite error = %v; want errEarlyCloseWrite", err) } } } func TestWarningAlertFlood(t *testing.T) { ln := newLocalListener(t) defer ln.Close() server := func() error { sconn, err := ln.Accept() if err != nil { return fmt.Errorf("accept: %v", err) } defer sconn.Close() serverConfig := testConfig.Clone() srv := Server(sconn, serverConfig) if err := srv.Handshake(); err != nil { return fmt.Errorf("handshake: %v", err) } defer srv.Close() _, err = ioutil.ReadAll(srv) if err == nil { return errors.New("unexpected lack of error from server") } const expected = "too many ignored" if str := err.Error(); !strings.Contains(str, expected) { return fmt.Errorf("expected error containing %q, but saw: %s", expected, str) } return nil } errChan := make(chan error, 1) go func() { errChan <- server() }() clientConfig := testConfig.Clone() clientConfig.MaxVersion = VersionTLS12 // there are no warning alerts in TLS 1.3 conn, err := Dial("tcp", ln.Addr().String(), clientConfig) if err != nil { t.Fatal(err) } defer conn.Close() if err := conn.Handshake(); err != nil { t.Fatal(err) } for i := 0; i < maxUselessRecords+1; i++ { conn.sendAlert(alertNoRenegotiation) } if err := <-errChan; err != nil { t.Fatal(err) } } func TestCloneFuncFields(t *testing.T) { const expectedCount = 11 called := 0 c1 := Config{ Time: func() time.Time { called |= 1 << 0 return time.Time{} }, GetCertificate: func(*ClientHelloInfo) (*Certificate, error) { called |= 1 << 1 return nil, nil }, GetClientCertificate: func(*CertificateRequestInfo) (*Certificate, error) { called |= 1 << 2 return nil, nil }, GetConfigForClient: func(*ClientHelloInfo) (*Config, error) { called |= 1 << 3 return nil, nil }, VerifyPeerCertificate: func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error { called |= 1 << 4 return nil }, GetExtensions: func(handshakeMessageType uint8) []Extension { called |= 1 << 5 return nil }, ReceivedExtensions: func(handshakeMessageType uint8, exts []Extension) { called |= 1 << 6 }, Accept0RTT: func([]byte) bool { called |= 1 << 7 return true }, Rejected0RTT: func() { called |= 1 << 8 }, GetAppDataForSessionState: func() []byte { called |= 1 << 9 return nil }, SetAppDataFromSessionState: func([]byte) { called |= 1 << 10 }, } c2 := c1.Clone() c2.Time() c2.GetCertificate(nil) c2.GetClientCertificate(nil) c2.GetConfigForClient(nil) c2.VerifyPeerCertificate(nil, nil) c2.GetExtensions(0) c2.ReceivedExtensions(0, nil) c2.Accept0RTT(nil) c2.Rejected0RTT() c2.GetAppDataForSessionState() c2.SetAppDataFromSessionState(nil) if called != (1< len(p) { allowed = len(p) } if wrote < allowed { n, err := c.Conn.Write(p[wrote:allowed]) wrote += n if err != nil { return wrote, err } } } return len(p), nil } func latency(b *testing.B, version uint16, bps int, dynamicRecordSizingDisabled bool) { ln := newLocalListener(b) defer ln.Close() N := b.N go func() { for i := 0; i < N; i++ { sconn, err := ln.Accept() if err != nil { // panic rather than synchronize to avoid benchmark overhead // (cannot call b.Fatal in goroutine) panic(fmt.Errorf("accept: %v", err)) } serverConfig := testConfig.Clone() serverConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled srv := Server(&slowConn{sconn, bps}, serverConfig) if err := srv.Handshake(); err != nil { panic(fmt.Errorf("handshake: %v", err)) } io.Copy(srv, srv) } }() clientConfig := testConfig.Clone() clientConfig.DynamicRecordSizingDisabled = dynamicRecordSizingDisabled clientConfig.MaxVersion = version buf := make([]byte, 16384) peek := make([]byte, 1) for i := 0; i < N; i++ { conn, err := Dial("tcp", ln.Addr().String(), clientConfig) if err != nil { b.Fatal(err) } // make sure we're connected and previous connection has stopped if _, err := conn.Write(buf[:1]); err != nil { b.Fatal(err) } if _, err := io.ReadFull(conn, peek); err != nil { b.Fatal(err) } if _, err := conn.Write(buf); err != nil { b.Fatal(err) } if _, err = io.ReadFull(conn, peek); err != nil { b.Fatal(err) } conn.Close() } } func BenchmarkLatency(b *testing.B) { for _, mode := range []string{"Max", "Dynamic"} { for _, kbps := range []int{200, 500, 1000, 2000, 5000} { name := fmt.Sprintf("%sPacket/%dkbps", mode, kbps) b.Run(name, func(b *testing.B) { b.Run("TLSv12", func(b *testing.B) { latency(b, VersionTLS12, kbps*1000, mode == "Max") }) b.Run("TLSv13", func(b *testing.B) { latency(b, VersionTLS13, kbps*1000, mode == "Max") }) }) } } } func TestConnectionStateMarshal(t *testing.T) { cs := &ConnectionState{} _, err := json.Marshal(cs) if err != nil { t.Errorf("json.Marshal failed on ConnectionState: %v", err) } } func TestConnectionState(t *testing.T) { issuer, err := x509.ParseCertificate(testRSACertificateIssuer) if err != nil { panic(err) } rootCAs := x509.NewCertPool() rootCAs.AddCert(issuer) now := func() time.Time { return time.Unix(1476984729, 0) } const alpnProtocol = "golang" const serverName = "example.golang" var scts = [][]byte{[]byte("dummy sct 1"), []byte("dummy sct 2")} var ocsp = []byte("dummy ocsp") for _, v := range []uint16{VersionTLS12, VersionTLS13} { var name string switch v { case VersionTLS12: name = "TLSv12" case VersionTLS13: name = "TLSv13" } t.Run(name, func(t *testing.T) { config := &Config{ Time: now, Rand: zeroSource{}, Certificates: make([]Certificate, 1), MaxVersion: v, RootCAs: rootCAs, ClientCAs: rootCAs, ClientAuth: RequireAndVerifyClientCert, NextProtos: []string{alpnProtocol}, ServerName: serverName, } config.Certificates[0].Certificate = [][]byte{testRSACertificate} config.Certificates[0].PrivateKey = testRSAPrivateKey config.Certificates[0].SignedCertificateTimestamps = scts config.Certificates[0].OCSPStaple = ocsp ss, cs, err := testHandshake(t, config, config) if err != nil { t.Fatalf("Handshake failed: %v", err) } if ss.Version != v || cs.Version != v { t.Errorf("Got versions %x (server) and %x (client), expected %x", ss.Version, cs.Version, v) } if !ss.HandshakeComplete || !cs.HandshakeComplete { t.Errorf("Got HandshakeComplete %v (server) and %v (client), expected true", ss.HandshakeComplete, cs.HandshakeComplete) } if ss.DidResume || cs.DidResume { t.Errorf("Got DidResume %v (server) and %v (client), expected false", ss.DidResume, cs.DidResume) } if ss.CipherSuite == 0 || cs.CipherSuite == 0 { t.Errorf("Got invalid cipher suite: %v (server) and %v (client)", ss.CipherSuite, cs.CipherSuite) } if ss.NegotiatedProtocol != alpnProtocol || cs.NegotiatedProtocol != alpnProtocol { t.Errorf("Got negotiated protocol %q (server) and %q (client), expected %q", ss.NegotiatedProtocol, cs.NegotiatedProtocol, alpnProtocol) } if !cs.NegotiatedProtocolIsMutual { t.Errorf("Got false NegotiatedProtocolIsMutual on the client side") } // NegotiatedProtocolIsMutual on the server side is unspecified. if ss.ServerName != serverName { t.Errorf("Got server name %q, expected %q", ss.ServerName, serverName) } if cs.ServerName != "" { t.Errorf("Got unexpected server name on the client side") } if len(ss.PeerCertificates) != 1 || len(cs.PeerCertificates) != 1 { t.Errorf("Got %d (server) and %d (client) peer certificates, expected %d", len(ss.PeerCertificates), len(cs.PeerCertificates), 1) } if len(ss.VerifiedChains) != 1 || len(cs.VerifiedChains) != 1 { t.Errorf("Got %d (server) and %d (client) verified chains, expected %d", len(ss.VerifiedChains), len(cs.VerifiedChains), 1) } else if len(ss.VerifiedChains[0]) != 2 || len(cs.VerifiedChains[0]) != 2 { t.Errorf("Got %d (server) and %d (client) long verified chain, expected %d", len(ss.VerifiedChains[0]), len(cs.VerifiedChains[0]), 2) } if len(cs.SignedCertificateTimestamps) != 2 { t.Errorf("Got %d SCTs, expected %d", len(cs.SignedCertificateTimestamps), 2) } if !bytes.Equal(cs.OCSPResponse, ocsp) { t.Errorf("Got OCSPs %x, expected %x", cs.OCSPResponse, ocsp) } // Only TLS 1.3 supports OCSP and SCTs on client certs. if v == VersionTLS13 { if len(ss.SignedCertificateTimestamps) != 2 { t.Errorf("Got %d client SCTs, expected %d", len(ss.SignedCertificateTimestamps), 2) } if !bytes.Equal(ss.OCSPResponse, ocsp) { t.Errorf("Got client OCSPs %x, expected %x", ss.OCSPResponse, ocsp) } } if v == VersionTLS13 { if ss.TLSUnique != nil || cs.TLSUnique != nil { t.Errorf("Got TLSUnique %x (server) and %x (client), expected nil in TLS 1.3", ss.TLSUnique, cs.TLSUnique) } } else { if ss.TLSUnique == nil || cs.TLSUnique == nil { t.Errorf("Got TLSUnique %x (server) and %x (client), expected non-nil", ss.TLSUnique, cs.TLSUnique) } } }) } } // Issue 28744: Ensure that we don't modify memory // that Config doesn't own such as Certificates. func TestBuildNameToCertificate_doesntModifyCertificates(t *testing.T) { c0 := Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, } c1 := Certificate{ Certificate: [][]byte{testSNICertificate}, PrivateKey: testRSAPrivateKey, } config := testConfig.Clone() config.Certificates = []Certificate{c0, c1} config.BuildNameToCertificate() got := config.Certificates want := []Certificate{c0, c1} if !reflect.DeepEqual(got, want) { t.Fatalf("Certificates were mutated by BuildNameToCertificate\nGot: %#v\nWant: %#v\n", got, want) } } func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") } func TestClientHelloInfo_SupportsCertificate(t *testing.T) { rsaCert := &Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, } pkcs1Cert := &Certificate{ Certificate: [][]byte{testRSACertificate}, PrivateKey: testRSAPrivateKey, SupportedSignatureAlgorithms: []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256}, } ecdsaCert := &Certificate{ // ECDSA P-256 certificate Certificate: [][]byte{testP256Certificate}, PrivateKey: testP256PrivateKey, } ed25519Cert := &Certificate{ Certificate: [][]byte{testEd25519Certificate}, PrivateKey: testEd25519PrivateKey, } tests := []struct { c *Certificate chi *ClientHelloInfo wantErr string }{ {rsaCert, &ClientHelloInfo{ ServerName: "example.golang", SignatureSchemes: []SignatureScheme{PSSWithSHA256}, SupportedVersions: []uint16{VersionTLS13}, }, ""}, {ecdsaCert, &ClientHelloInfo{ SignatureSchemes: []SignatureScheme{PSSWithSHA256, ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS13, VersionTLS12}, }, ""}, {rsaCert, &ClientHelloInfo{ ServerName: "example.com", SignatureSchemes: []SignatureScheme{PSSWithSHA256}, SupportedVersions: []uint16{VersionTLS13}, }, "not valid for requested server name"}, {ecdsaCert, &ClientHelloInfo{ SignatureSchemes: []SignatureScheme{ECDSAWithP384AndSHA384}, SupportedVersions: []uint16{VersionTLS13}, }, "signature algorithms"}, {pkcs1Cert, &ClientHelloInfo{ SignatureSchemes: []SignatureScheme{PSSWithSHA256, ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS13}, }, "signature algorithms"}, {rsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, SignatureSchemes: []SignatureScheme{PKCS1WithSHA1}, SupportedVersions: []uint16{VersionTLS13, VersionTLS12}, }, "signature algorithms"}, {rsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, SignatureSchemes: []SignatureScheme{PKCS1WithSHA1}, SupportedVersions: []uint16{VersionTLS13, VersionTLS12}, config: &Config{ MaxVersion: VersionTLS12, }, }, ""}, // Check that mutual version selection works. {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS12}, }, ""}, {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{ECDSAWithP384AndSHA384}, SupportedVersions: []uint16{VersionTLS12}, }, ""}, // TLS 1.2 does not restrict curves based on the SignatureScheme. {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: nil, SupportedVersions: []uint16{VersionTLS12}, }, ""}, // TLS 1.2 comes with default signature schemes. {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS12}, }, "cipher suite"}, {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS12}, config: &Config{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, }, }, "cipher suite"}, {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP384}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS12}, }, "certificate curve"}, {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{1}, SignatureSchemes: []SignatureScheme{ECDSAWithP256AndSHA256}, SupportedVersions: []uint16{VersionTLS12}, }, "doesn't support ECDHE"}, {ecdsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{PSSWithSHA256}, SupportedVersions: []uint16{VersionTLS12}, }, "signature algorithms"}, {ed25519Cert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, // only relevant for ECDHE support SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{Ed25519}, SupportedVersions: []uint16{VersionTLS12}, }, ""}, {ed25519Cert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{CurveP256}, // only relevant for ECDHE support SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{Ed25519}, SupportedVersions: []uint16{VersionTLS10}, }, "doesn't support Ed25519"}, {ed25519Cert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256}, SupportedCurves: []CurveID{}, SupportedPoints: []uint8{pointFormatUncompressed}, SignatureSchemes: []SignatureScheme{Ed25519}, SupportedVersions: []uint16{VersionTLS12}, }, "doesn't support ECDHE"}, {rsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA}, SupportedCurves: []CurveID{CurveP256}, // only relevant for ECDHE support SupportedPoints: []uint8{pointFormatUncompressed}, SupportedVersions: []uint16{VersionTLS10}, }, ""}, {rsaCert, &ClientHelloInfo{ CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, SupportedVersions: []uint16{VersionTLS12}, }, ""}, // static RSA fallback } for i, tt := range tests { err := tt.chi.SupportsCertificate(tt.c) switch { case tt.wantErr == "" && err != nil: t.Errorf("%d: unexpected error: %v", i, err) case tt.wantErr != "" && err == nil: t.Errorf("%d: unexpected success", i) case tt.wantErr != "" && !strings.Contains(err.Error(), tt.wantErr): t.Errorf("%d: got error %q, expected %q", i, err, tt.wantErr) } } } func TestCipherSuites(t *testing.T) { var lastID uint16 for _, c := range CipherSuites() { if lastID > c.ID { t.Errorf("CipherSuites are not ordered by ID: got %#04x after %#04x", c.ID, lastID) } else { lastID = c.ID } if c.Insecure { t.Errorf("%#04x: Insecure CipherSuite returned by CipherSuites()", c.ID) } } lastID = 0 for _, c := range InsecureCipherSuites() { if lastID > c.ID { t.Errorf("InsecureCipherSuites are not ordered by ID: got %#04x after %#04x", c.ID, lastID) } else { lastID = c.ID } if !c.Insecure { t.Errorf("%#04x: not Insecure CipherSuite returned by InsecureCipherSuites()", c.ID) } } cipherSuiteByID := func(id uint16) *CipherSuite { for _, c := range CipherSuites() { if c.ID == id { return c } } for _, c := range InsecureCipherSuites() { if c.ID == id { return c } } return nil } for _, c := range cipherSuites { cc := cipherSuiteByID(c.id) if cc == nil { t.Errorf("%#04x: no CipherSuite entry", c.id) continue } if defaultOff := c.flags&suiteDefaultOff != 0; defaultOff != cc.Insecure { t.Errorf("%#04x: Insecure %v, expected %v", c.id, cc.Insecure, defaultOff) } if tls12Only := c.flags&suiteTLS12 != 0; tls12Only && len(cc.SupportedVersions) != 1 { t.Errorf("%#04x: suite is TLS 1.2 only, but SupportedVersions is %v", c.id, cc.SupportedVersions) } else if !tls12Only && len(cc.SupportedVersions) != 3 { t.Errorf("%#04x: suite TLS 1.0-1.2, but SupportedVersions is %v", c.id, cc.SupportedVersions) } if got := CipherSuiteName(c.id); got != cc.Name { t.Errorf("%#04x: unexpected CipherSuiteName: got %q, expected %q", c.id, got, cc.Name) } } for _, c := range cipherSuitesTLS13 { cc := cipherSuiteByID(c.id) if cc == nil { t.Errorf("%#04x: no CipherSuite entry", c.id) continue } if cc.Insecure { t.Errorf("%#04x: Insecure %v, expected false", c.id, cc.Insecure) } if len(cc.SupportedVersions) != 1 || cc.SupportedVersions[0] != VersionTLS13 { t.Errorf("%#04x: suite is TLS 1.3 only, but SupportedVersions is %v", c.id, cc.SupportedVersions) } if got := CipherSuiteName(c.id); got != cc.Name { t.Errorf("%#04x: unexpected CipherSuiteName: got %q, expected %q", c.id, got, cc.Name) } } if got := CipherSuiteName(0xabc); got != "0x0ABC" { t.Errorf("unexpected fallback CipherSuiteName: got %q, expected 0x0ABC", got) } } type brokenSigner struct{ crypto.Signer } func (s brokenSigner) Sign(rand io.Reader, digest []byte, opts crypto.SignerOpts) (signature []byte, err error) { // Replace opts with opts.HashFunc(), so rsa.PSSOptions are discarded. return s.Signer.Sign(rand, digest, opts.HashFunc()) } // TestPKCS1OnlyCert uses a client certificate with a broken crypto.Signer that // always makes PKCS#1 v1.5 signatures, so can't be used with RSA-PSS. func TestPKCS1OnlyCert(t *testing.T) { clientConfig := testConfig.Clone() clientConfig.Certificates = []Certificate{{ Certificate: [][]byte{testRSACertificate}, PrivateKey: brokenSigner{testRSAPrivateKey}, }} serverConfig := testConfig.Clone() serverConfig.MaxVersion = VersionTLS12 // TLS 1.3 doesn't support PKCS#1 v1.5 serverConfig.ClientAuth = RequireAnyClientCert // If RSA-PSS is selected, the handshake should fail. if _, _, err := testHandshake(t, clientConfig, serverConfig); err == nil { t.Fatal("expected broken certificate to cause connection to fail") } clientConfig.Certificates[0].SupportedSignatureAlgorithms = []SignatureScheme{PKCS1WithSHA1, PKCS1WithSHA256} // But if the certificate restricts supported algorithms, RSA-PSS should not // be selected, and the handshake should succeed. if _, _, err := testHandshake(t, clientConfig, serverConfig); err != nil { t.Error(err) } }