Plan 9 from Bell Labs’s /usr/web/sources/contrib/ericvh/go-plan9/src/pkg/crypto/tls/record_write.go

Copyright © 2021 Plan 9 Foundation.
Distributed under the MIT License.
Download the Plan 9 distribution.


// Copyright 2009 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package tls

import (
	"fmt";
	"hash";
	"io";
)

// writerEnableApplicationData is a message which instructs recordWriter to
// start reading and transmitting data from the application data channel.
type writerEnableApplicationData struct{}

// writerChangeCipherSpec updates the encryption and MAC functions and resets
// the sequence count.
type writerChangeCipherSpec struct {
	encryptor	encryptor;
	mac		hash.Hash;
}

// writerSetVersion sets the version number bytes that we included in the
// record header for future records.
type writerSetVersion struct {
	major, minor uint8;
}

// A recordWriter accepts messages from the handshake processor and
// application data. It writes them to the outgoing connection and blocks on
// writing. It doesn't read from the application data channel until the
// handshake processor has signaled that the handshake is complete.
type recordWriter struct {
	writer		io.Writer;
	encryptor	encryptor;
	mac		hash.Hash;
	seqNum		uint64;
	major, minor	uint8;
	shutdown	bool;
	appChan		<-chan []byte;
	controlChan	<-chan interface{};
	header		[13]byte;
}

func (w *recordWriter) loop(writer io.Writer, appChan <-chan []byte, controlChan <-chan interface{}) {
	w.writer = writer;
	w.encryptor = nop{};
	w.mac = nop{};
	w.appChan = appChan;
	w.controlChan = controlChan;

	for !w.shutdown {
		msg := <-controlChan;
		if _, ok := msg.(writerEnableApplicationData); ok {
			break
		}
		w.processControlMessage(msg);
	}

	for !w.shutdown {
		// Always process control messages first.
		if controlMsg, ok := <-controlChan; ok {
			w.processControlMessage(controlMsg);
			continue;
		}

		select {
		case controlMsg := <-controlChan:
			w.processControlMessage(controlMsg)
		case appMsg := <-appChan:
			w.processAppMessage(appMsg)
		}
	}

	if !closed(appChan) {
		go func() {
			for _ = range appChan {
			}
		}()
	}
	if !closed(controlChan) {
		go func() {
			for _ = range controlChan {
			}
		}()
	}
}

// fillMACHeader generates a MAC header. See RFC 4346, section 6.2.3.1.
func fillMACHeader(header *[13]byte, seqNum uint64, length int, r *record) {
	header[0] = uint8(seqNum >> 56);
	header[1] = uint8(seqNum >> 48);
	header[2] = uint8(seqNum >> 40);
	header[3] = uint8(seqNum >> 32);
	header[4] = uint8(seqNum >> 24);
	header[5] = uint8(seqNum >> 16);
	header[6] = uint8(seqNum >> 8);
	header[7] = uint8(seqNum);
	header[8] = uint8(r.contentType);
	header[9] = r.major;
	header[10] = r.minor;
	header[11] = uint8(length >> 8);
	header[12] = uint8(length);
}

func (w *recordWriter) writeRecord(r *record) {
	w.mac.Reset();

	fillMACHeader(&w.header, w.seqNum, len(r.payload), r);

	w.mac.Write(w.header[0:13]);
	w.mac.Write(r.payload);
	macBytes := w.mac.Sum();

	w.encryptor.XORKeyStream(r.payload);
	w.encryptor.XORKeyStream(macBytes);

	length := len(r.payload) + len(macBytes);
	w.header[11] = uint8(length >> 8);
	w.header[12] = uint8(length);
	w.writer.Write(w.header[8:13]);
	w.writer.Write(r.payload);
	w.writer.Write(macBytes);

	w.seqNum++;
}

func (w *recordWriter) processControlMessage(controlMsg interface{}) {
	if controlMsg == nil {
		w.shutdown = true;
		return;
	}

	switch msg := controlMsg.(type) {
	case writerChangeCipherSpec:
		w.writeRecord(&record{recordTypeChangeCipherSpec, w.major, w.minor, []byte{0x01}});
		w.encryptor = msg.encryptor;
		w.mac = msg.mac;
		w.seqNum = 0;
	case writerSetVersion:
		w.major = msg.major;
		w.minor = msg.minor;
	case alert:
		w.writeRecord(&record{recordTypeAlert, w.major, w.minor, []byte{byte(msg.level), byte(msg.error)}})
	case handshakeMessage:
		// TODO(agl): marshal may return a slice too large for a single record.
		w.writeRecord(&record{recordTypeHandshake, w.major, w.minor, msg.marshal()})
	default:
		fmt.Printf("processControlMessage: unknown %#v\n", msg)
	}
}

func (w *recordWriter) processAppMessage(appMsg []byte) {
	if closed(w.appChan) {
		w.writeRecord(&record{recordTypeApplicationData, w.major, w.minor, []byte{byte(alertCloseNotify)}});
		w.shutdown = true;
		return;
	}

	var done int;
	for done < len(appMsg) {
		todo := len(appMsg);
		if todo > maxTLSPlaintext {
			todo = maxTLSPlaintext
		}
		w.writeRecord(&record{recordTypeApplicationData, w.major, w.minor, appMsg[done : done+todo]});
		done += todo;
	}
}

Bell Labs OSI certified Powered by Plan 9

(Return to Plan 9 Home Page)

Copyright © 2021 Plan 9 Foundation. All Rights Reserved.
Comments to webmaster@9p.io.