...
Run Format

Source file src/crypto/tls/handshake_messages.go

     1	// Copyright 2009 The Go Authors. All rights reserved.
     2	// Use of this source code is governed by a BSD-style
     3	// license that can be found in the LICENSE file.
     4	
     5	package tls
     6	
     7	import "bytes"
     8	
     9	type clientHelloMsg struct {
    10		raw                          []byte
    11		vers                         uint16
    12		random                       []byte
    13		sessionId                    []byte
    14		cipherSuites                 []uint16
    15		compressionMethods           []uint8
    16		nextProtoNeg                 bool
    17		serverName                   string
    18		ocspStapling                 bool
    19		scts                         bool
    20		supportedCurves              []CurveID
    21		supportedPoints              []uint8
    22		ticketSupported              bool
    23		sessionTicket                []uint8
    24		signatureAndHashes           []signatureAndHash
    25		secureRenegotiation          []byte
    26		secureRenegotiationSupported bool
    27		alpnProtocols                []string
    28	}
    29	
    30	func (m *clientHelloMsg) equal(i interface{}) bool {
    31		m1, ok := i.(*clientHelloMsg)
    32		if !ok {
    33			return false
    34		}
    35	
    36		return bytes.Equal(m.raw, m1.raw) &&
    37			m.vers == m1.vers &&
    38			bytes.Equal(m.random, m1.random) &&
    39			bytes.Equal(m.sessionId, m1.sessionId) &&
    40			eqUint16s(m.cipherSuites, m1.cipherSuites) &&
    41			bytes.Equal(m.compressionMethods, m1.compressionMethods) &&
    42			m.nextProtoNeg == m1.nextProtoNeg &&
    43			m.serverName == m1.serverName &&
    44			m.ocspStapling == m1.ocspStapling &&
    45			m.scts == m1.scts &&
    46			eqCurveIDs(m.supportedCurves, m1.supportedCurves) &&
    47			bytes.Equal(m.supportedPoints, m1.supportedPoints) &&
    48			m.ticketSupported == m1.ticketSupported &&
    49			bytes.Equal(m.sessionTicket, m1.sessionTicket) &&
    50			eqSignatureAndHashes(m.signatureAndHashes, m1.signatureAndHashes) &&
    51			m.secureRenegotiationSupported == m1.secureRenegotiationSupported &&
    52			bytes.Equal(m.secureRenegotiation, m1.secureRenegotiation) &&
    53			eqStrings(m.alpnProtocols, m1.alpnProtocols)
    54	}
    55	
    56	func (m *clientHelloMsg) marshal() []byte {
    57		if m.raw != nil {
    58			return m.raw
    59		}
    60	
    61		length := 2 + 32 + 1 + len(m.sessionId) + 2 + len(m.cipherSuites)*2 + 1 + len(m.compressionMethods)
    62		numExtensions := 0
    63		extensionsLength := 0
    64		if m.nextProtoNeg {
    65			numExtensions++
    66		}
    67		if m.ocspStapling {
    68			extensionsLength += 1 + 2 + 2
    69			numExtensions++
    70		}
    71		if len(m.serverName) > 0 {
    72			extensionsLength += 5 + len(m.serverName)
    73			numExtensions++
    74		}
    75		if len(m.supportedCurves) > 0 {
    76			extensionsLength += 2 + 2*len(m.supportedCurves)
    77			numExtensions++
    78		}
    79		if len(m.supportedPoints) > 0 {
    80			extensionsLength += 1 + len(m.supportedPoints)
    81			numExtensions++
    82		}
    83		if m.ticketSupported {
    84			extensionsLength += len(m.sessionTicket)
    85			numExtensions++
    86		}
    87		if len(m.signatureAndHashes) > 0 {
    88			extensionsLength += 2 + 2*len(m.signatureAndHashes)
    89			numExtensions++
    90		}
    91		if m.secureRenegotiationSupported {
    92			extensionsLength += 1 + len(m.secureRenegotiation)
    93			numExtensions++
    94		}
    95		if len(m.alpnProtocols) > 0 {
    96			extensionsLength += 2
    97			for _, s := range m.alpnProtocols {
    98				if l := len(s); l == 0 || l > 255 {
    99					panic("invalid ALPN protocol")
   100				}
   101				extensionsLength++
   102				extensionsLength += len(s)
   103			}
   104			numExtensions++
   105		}
   106		if m.scts {
   107			numExtensions++
   108		}
   109		if numExtensions > 0 {
   110			extensionsLength += 4 * numExtensions
   111			length += 2 + extensionsLength
   112		}
   113	
   114		x := make([]byte, 4+length)
   115		x[0] = typeClientHello
   116		x[1] = uint8(length >> 16)
   117		x[2] = uint8(length >> 8)
   118		x[3] = uint8(length)
   119		x[4] = uint8(m.vers >> 8)
   120		x[5] = uint8(m.vers)
   121		copy(x[6:38], m.random)
   122		x[38] = uint8(len(m.sessionId))
   123		copy(x[39:39+len(m.sessionId)], m.sessionId)
   124		y := x[39+len(m.sessionId):]
   125		y[0] = uint8(len(m.cipherSuites) >> 7)
   126		y[1] = uint8(len(m.cipherSuites) << 1)
   127		for i, suite := range m.cipherSuites {
   128			y[2+i*2] = uint8(suite >> 8)
   129			y[3+i*2] = uint8(suite)
   130		}
   131		z := y[2+len(m.cipherSuites)*2:]
   132		z[0] = uint8(len(m.compressionMethods))
   133		copy(z[1:], m.compressionMethods)
   134	
   135		z = z[1+len(m.compressionMethods):]
   136		if numExtensions > 0 {
   137			z[0] = byte(extensionsLength >> 8)
   138			z[1] = byte(extensionsLength)
   139			z = z[2:]
   140		}
   141		if m.nextProtoNeg {
   142			z[0] = byte(extensionNextProtoNeg >> 8)
   143			z[1] = byte(extensionNextProtoNeg & 0xff)
   144			// The length is always 0
   145			z = z[4:]
   146		}
   147		if len(m.serverName) > 0 {
   148			z[0] = byte(extensionServerName >> 8)
   149			z[1] = byte(extensionServerName & 0xff)
   150			l := len(m.serverName) + 5
   151			z[2] = byte(l >> 8)
   152			z[3] = byte(l)
   153			z = z[4:]
   154	
   155			// RFC 3546, section 3.1
   156			//
   157			// struct {
   158			//     NameType name_type;
   159			//     select (name_type) {
   160			//         case host_name: HostName;
   161			//     } name;
   162			// } ServerName;
   163			//
   164			// enum {
   165			//     host_name(0), (255)
   166			// } NameType;
   167			//
   168			// opaque HostName<1..2^16-1>;
   169			//
   170			// struct {
   171			//     ServerName server_name_list<1..2^16-1>
   172			// } ServerNameList;
   173	
   174			z[0] = byte((len(m.serverName) + 3) >> 8)
   175			z[1] = byte(len(m.serverName) + 3)
   176			z[3] = byte(len(m.serverName) >> 8)
   177			z[4] = byte(len(m.serverName))
   178			copy(z[5:], []byte(m.serverName))
   179			z = z[l:]
   180		}
   181		if m.ocspStapling {
   182			// RFC 4366, section 3.6
   183			z[0] = byte(extensionStatusRequest >> 8)
   184			z[1] = byte(extensionStatusRequest)
   185			z[2] = 0
   186			z[3] = 5
   187			z[4] = 1 // OCSP type
   188			// Two zero valued uint16s for the two lengths.
   189			z = z[9:]
   190		}
   191		if len(m.supportedCurves) > 0 {
   192			// http://tools.ietf.org/html/rfc4492#section-5.5.1
   193			z[0] = byte(extensionSupportedCurves >> 8)
   194			z[1] = byte(extensionSupportedCurves)
   195			l := 2 + 2*len(m.supportedCurves)
   196			z[2] = byte(l >> 8)
   197			z[3] = byte(l)
   198			l -= 2
   199			z[4] = byte(l >> 8)
   200			z[5] = byte(l)
   201			z = z[6:]
   202			for _, curve := range m.supportedCurves {
   203				z[0] = byte(curve >> 8)
   204				z[1] = byte(curve)
   205				z = z[2:]
   206			}
   207		}
   208		if len(m.supportedPoints) > 0 {
   209			// http://tools.ietf.org/html/rfc4492#section-5.5.2
   210			z[0] = byte(extensionSupportedPoints >> 8)
   211			z[1] = byte(extensionSupportedPoints)
   212			l := 1 + len(m.supportedPoints)
   213			z[2] = byte(l >> 8)
   214			z[3] = byte(l)
   215			l--
   216			z[4] = byte(l)
   217			z = z[5:]
   218			for _, pointFormat := range m.supportedPoints {
   219				z[0] = pointFormat
   220				z = z[1:]
   221			}
   222		}
   223		if m.ticketSupported {
   224			// http://tools.ietf.org/html/rfc5077#section-3.2
   225			z[0] = byte(extensionSessionTicket >> 8)
   226			z[1] = byte(extensionSessionTicket)
   227			l := len(m.sessionTicket)
   228			z[2] = byte(l >> 8)
   229			z[3] = byte(l)
   230			z = z[4:]
   231			copy(z, m.sessionTicket)
   232			z = z[len(m.sessionTicket):]
   233		}
   234		if len(m.signatureAndHashes) > 0 {
   235			// https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
   236			z[0] = byte(extensionSignatureAlgorithms >> 8)
   237			z[1] = byte(extensionSignatureAlgorithms)
   238			l := 2 + 2*len(m.signatureAndHashes)
   239			z[2] = byte(l >> 8)
   240			z[3] = byte(l)
   241			z = z[4:]
   242	
   243			l -= 2
   244			z[0] = byte(l >> 8)
   245			z[1] = byte(l)
   246			z = z[2:]
   247			for _, sigAndHash := range m.signatureAndHashes {
   248				z[0] = sigAndHash.hash
   249				z[1] = sigAndHash.signature
   250				z = z[2:]
   251			}
   252		}
   253		if m.secureRenegotiationSupported {
   254			z[0] = byte(extensionRenegotiationInfo >> 8)
   255			z[1] = byte(extensionRenegotiationInfo & 0xff)
   256			z[2] = 0
   257			z[3] = byte(len(m.secureRenegotiation) + 1)
   258			z[4] = byte(len(m.secureRenegotiation))
   259			z = z[5:]
   260			copy(z, m.secureRenegotiation)
   261			z = z[len(m.secureRenegotiation):]
   262		}
   263		if len(m.alpnProtocols) > 0 {
   264			z[0] = byte(extensionALPN >> 8)
   265			z[1] = byte(extensionALPN & 0xff)
   266			lengths := z[2:]
   267			z = z[6:]
   268	
   269			stringsLength := 0
   270			for _, s := range m.alpnProtocols {
   271				l := len(s)
   272				z[0] = byte(l)
   273				copy(z[1:], s)
   274				z = z[1+l:]
   275				stringsLength += 1 + l
   276			}
   277	
   278			lengths[2] = byte(stringsLength >> 8)
   279			lengths[3] = byte(stringsLength)
   280			stringsLength += 2
   281			lengths[0] = byte(stringsLength >> 8)
   282			lengths[1] = byte(stringsLength)
   283		}
   284		if m.scts {
   285			// https://tools.ietf.org/html/rfc6962#section-3.3.1
   286			z[0] = byte(extensionSCT >> 8)
   287			z[1] = byte(extensionSCT)
   288			// zero uint16 for the zero-length extension_data
   289			z = z[4:]
   290		}
   291	
   292		m.raw = x
   293	
   294		return x
   295	}
   296	
   297	func (m *clientHelloMsg) unmarshal(data []byte) bool {
   298		if len(data) < 42 {
   299			return false
   300		}
   301		m.raw = data
   302		m.vers = uint16(data[4])<<8 | uint16(data[5])
   303		m.random = data[6:38]
   304		sessionIdLen := int(data[38])
   305		if sessionIdLen > 32 || len(data) < 39+sessionIdLen {
   306			return false
   307		}
   308		m.sessionId = data[39 : 39+sessionIdLen]
   309		data = data[39+sessionIdLen:]
   310		if len(data) < 2 {
   311			return false
   312		}
   313		// cipherSuiteLen is the number of bytes of cipher suite numbers. Since
   314		// they are uint16s, the number must be even.
   315		cipherSuiteLen := int(data[0])<<8 | int(data[1])
   316		if cipherSuiteLen%2 == 1 || len(data) < 2+cipherSuiteLen {
   317			return false
   318		}
   319		numCipherSuites := cipherSuiteLen / 2
   320		m.cipherSuites = make([]uint16, numCipherSuites)
   321		for i := 0; i < numCipherSuites; i++ {
   322			m.cipherSuites[i] = uint16(data[2+2*i])<<8 | uint16(data[3+2*i])
   323			if m.cipherSuites[i] == scsvRenegotiation {
   324				m.secureRenegotiationSupported = true
   325			}
   326		}
   327		data = data[2+cipherSuiteLen:]
   328		if len(data) < 1 {
   329			return false
   330		}
   331		compressionMethodsLen := int(data[0])
   332		if len(data) < 1+compressionMethodsLen {
   333			return false
   334		}
   335		m.compressionMethods = data[1 : 1+compressionMethodsLen]
   336	
   337		data = data[1+compressionMethodsLen:]
   338	
   339		m.nextProtoNeg = false
   340		m.serverName = ""
   341		m.ocspStapling = false
   342		m.ticketSupported = false
   343		m.sessionTicket = nil
   344		m.signatureAndHashes = nil
   345		m.alpnProtocols = nil
   346		m.scts = false
   347	
   348		if len(data) == 0 {
   349			// ClientHello is optionally followed by extension data
   350			return true
   351		}
   352		if len(data) < 2 {
   353			return false
   354		}
   355	
   356		extensionsLength := int(data[0])<<8 | int(data[1])
   357		data = data[2:]
   358		if extensionsLength != len(data) {
   359			return false
   360		}
   361	
   362		for len(data) != 0 {
   363			if len(data) < 4 {
   364				return false
   365			}
   366			extension := uint16(data[0])<<8 | uint16(data[1])
   367			length := int(data[2])<<8 | int(data[3])
   368			data = data[4:]
   369			if len(data) < length {
   370				return false
   371			}
   372	
   373			switch extension {
   374			case extensionServerName:
   375				d := data[:length]
   376				if len(d) < 2 {
   377					return false
   378				}
   379				namesLen := int(d[0])<<8 | int(d[1])
   380				d = d[2:]
   381				if len(d) != namesLen {
   382					return false
   383				}
   384				for len(d) > 0 {
   385					if len(d) < 3 {
   386						return false
   387					}
   388					nameType := d[0]
   389					nameLen := int(d[1])<<8 | int(d[2])
   390					d = d[3:]
   391					if len(d) < nameLen {
   392						return false
   393					}
   394					if nameType == 0 {
   395						m.serverName = string(d[:nameLen])
   396						break
   397					}
   398					d = d[nameLen:]
   399				}
   400			case extensionNextProtoNeg:
   401				if length > 0 {
   402					return false
   403				}
   404				m.nextProtoNeg = true
   405			case extensionStatusRequest:
   406				m.ocspStapling = length > 0 && data[0] == statusTypeOCSP
   407			case extensionSupportedCurves:
   408				// http://tools.ietf.org/html/rfc4492#section-5.5.1
   409				if length < 2 {
   410					return false
   411				}
   412				l := int(data[0])<<8 | int(data[1])
   413				if l%2 == 1 || length != l+2 {
   414					return false
   415				}
   416				numCurves := l / 2
   417				m.supportedCurves = make([]CurveID, numCurves)
   418				d := data[2:]
   419				for i := 0; i < numCurves; i++ {
   420					m.supportedCurves[i] = CurveID(d[0])<<8 | CurveID(d[1])
   421					d = d[2:]
   422				}
   423			case extensionSupportedPoints:
   424				// http://tools.ietf.org/html/rfc4492#section-5.5.2
   425				if length < 1 {
   426					return false
   427				}
   428				l := int(data[0])
   429				if length != l+1 {
   430					return false
   431				}
   432				m.supportedPoints = make([]uint8, l)
   433				copy(m.supportedPoints, data[1:])
   434			case extensionSessionTicket:
   435				// http://tools.ietf.org/html/rfc5077#section-3.2
   436				m.ticketSupported = true
   437				m.sessionTicket = data[:length]
   438			case extensionSignatureAlgorithms:
   439				// https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
   440				if length < 2 || length&1 != 0 {
   441					return false
   442				}
   443				l := int(data[0])<<8 | int(data[1])
   444				if l != length-2 {
   445					return false
   446				}
   447				n := l / 2
   448				d := data[2:]
   449				m.signatureAndHashes = make([]signatureAndHash, n)
   450				for i := range m.signatureAndHashes {
   451					m.signatureAndHashes[i].hash = d[0]
   452					m.signatureAndHashes[i].signature = d[1]
   453					d = d[2:]
   454				}
   455			case extensionRenegotiationInfo:
   456				if length == 0 {
   457					return false
   458				}
   459				d := data[:length]
   460				l := int(d[0])
   461				d = d[1:]
   462				if l != len(d) {
   463					return false
   464				}
   465	
   466				m.secureRenegotiation = d
   467				m.secureRenegotiationSupported = true
   468			case extensionALPN:
   469				if length < 2 {
   470					return false
   471				}
   472				l := int(data[0])<<8 | int(data[1])
   473				if l != length-2 {
   474					return false
   475				}
   476				d := data[2:length]
   477				for len(d) != 0 {
   478					stringLen := int(d[0])
   479					d = d[1:]
   480					if stringLen == 0 || stringLen > len(d) {
   481						return false
   482					}
   483					m.alpnProtocols = append(m.alpnProtocols, string(d[:stringLen]))
   484					d = d[stringLen:]
   485				}
   486			case extensionSCT:
   487				m.scts = true
   488				if length != 0 {
   489					return false
   490				}
   491			}
   492			data = data[length:]
   493		}
   494	
   495		return true
   496	}
   497	
   498	type serverHelloMsg struct {
   499		raw                          []byte
   500		vers                         uint16
   501		random                       []byte
   502		sessionId                    []byte
   503		cipherSuite                  uint16
   504		compressionMethod            uint8
   505		nextProtoNeg                 bool
   506		nextProtos                   []string
   507		ocspStapling                 bool
   508		scts                         [][]byte
   509		ticketSupported              bool
   510		secureRenegotiation          []byte
   511		secureRenegotiationSupported bool
   512		alpnProtocol                 string
   513	}
   514	
   515	func (m *serverHelloMsg) equal(i interface{}) bool {
   516		m1, ok := i.(*serverHelloMsg)
   517		if !ok {
   518			return false
   519		}
   520	
   521		if len(m.scts) != len(m1.scts) {
   522			return false
   523		}
   524		for i, sct := range m.scts {
   525			if !bytes.Equal(sct, m1.scts[i]) {
   526				return false
   527			}
   528		}
   529	
   530		return bytes.Equal(m.raw, m1.raw) &&
   531			m.vers == m1.vers &&
   532			bytes.Equal(m.random, m1.random) &&
   533			bytes.Equal(m.sessionId, m1.sessionId) &&
   534			m.cipherSuite == m1.cipherSuite &&
   535			m.compressionMethod == m1.compressionMethod &&
   536			m.nextProtoNeg == m1.nextProtoNeg &&
   537			eqStrings(m.nextProtos, m1.nextProtos) &&
   538			m.ocspStapling == m1.ocspStapling &&
   539			m.ticketSupported == m1.ticketSupported &&
   540			m.secureRenegotiationSupported == m1.secureRenegotiationSupported &&
   541			bytes.Equal(m.secureRenegotiation, m1.secureRenegotiation) &&
   542			m.alpnProtocol == m1.alpnProtocol
   543	}
   544	
   545	func (m *serverHelloMsg) marshal() []byte {
   546		if m.raw != nil {
   547			return m.raw
   548		}
   549	
   550		length := 38 + len(m.sessionId)
   551		numExtensions := 0
   552		extensionsLength := 0
   553	
   554		nextProtoLen := 0
   555		if m.nextProtoNeg {
   556			numExtensions++
   557			for _, v := range m.nextProtos {
   558				nextProtoLen += len(v)
   559			}
   560			nextProtoLen += len(m.nextProtos)
   561			extensionsLength += nextProtoLen
   562		}
   563		if m.ocspStapling {
   564			numExtensions++
   565		}
   566		if m.ticketSupported {
   567			numExtensions++
   568		}
   569		if m.secureRenegotiationSupported {
   570			extensionsLength += 1 + len(m.secureRenegotiation)
   571			numExtensions++
   572		}
   573		if alpnLen := len(m.alpnProtocol); alpnLen > 0 {
   574			if alpnLen >= 256 {
   575				panic("invalid ALPN protocol")
   576			}
   577			extensionsLength += 2 + 1 + alpnLen
   578			numExtensions++
   579		}
   580		sctLen := 0
   581		if len(m.scts) > 0 {
   582			for _, sct := range m.scts {
   583				sctLen += len(sct) + 2
   584			}
   585			extensionsLength += 2 + sctLen
   586			numExtensions++
   587		}
   588	
   589		if numExtensions > 0 {
   590			extensionsLength += 4 * numExtensions
   591			length += 2 + extensionsLength
   592		}
   593	
   594		x := make([]byte, 4+length)
   595		x[0] = typeServerHello
   596		x[1] = uint8(length >> 16)
   597		x[2] = uint8(length >> 8)
   598		x[3] = uint8(length)
   599		x[4] = uint8(m.vers >> 8)
   600		x[5] = uint8(m.vers)
   601		copy(x[6:38], m.random)
   602		x[38] = uint8(len(m.sessionId))
   603		copy(x[39:39+len(m.sessionId)], m.sessionId)
   604		z := x[39+len(m.sessionId):]
   605		z[0] = uint8(m.cipherSuite >> 8)
   606		z[1] = uint8(m.cipherSuite)
   607		z[2] = m.compressionMethod
   608	
   609		z = z[3:]
   610		if numExtensions > 0 {
   611			z[0] = byte(extensionsLength >> 8)
   612			z[1] = byte(extensionsLength)
   613			z = z[2:]
   614		}
   615		if m.nextProtoNeg {
   616			z[0] = byte(extensionNextProtoNeg >> 8)
   617			z[1] = byte(extensionNextProtoNeg & 0xff)
   618			z[2] = byte(nextProtoLen >> 8)
   619			z[3] = byte(nextProtoLen)
   620			z = z[4:]
   621	
   622			for _, v := range m.nextProtos {
   623				l := len(v)
   624				if l > 255 {
   625					l = 255
   626				}
   627				z[0] = byte(l)
   628				copy(z[1:], []byte(v[0:l]))
   629				z = z[1+l:]
   630			}
   631		}
   632		if m.ocspStapling {
   633			z[0] = byte(extensionStatusRequest >> 8)
   634			z[1] = byte(extensionStatusRequest)
   635			z = z[4:]
   636		}
   637		if m.ticketSupported {
   638			z[0] = byte(extensionSessionTicket >> 8)
   639			z[1] = byte(extensionSessionTicket)
   640			z = z[4:]
   641		}
   642		if m.secureRenegotiationSupported {
   643			z[0] = byte(extensionRenegotiationInfo >> 8)
   644			z[1] = byte(extensionRenegotiationInfo & 0xff)
   645			z[2] = 0
   646			z[3] = byte(len(m.secureRenegotiation) + 1)
   647			z[4] = byte(len(m.secureRenegotiation))
   648			z = z[5:]
   649			copy(z, m.secureRenegotiation)
   650			z = z[len(m.secureRenegotiation):]
   651		}
   652		if alpnLen := len(m.alpnProtocol); alpnLen > 0 {
   653			z[0] = byte(extensionALPN >> 8)
   654			z[1] = byte(extensionALPN & 0xff)
   655			l := 2 + 1 + alpnLen
   656			z[2] = byte(l >> 8)
   657			z[3] = byte(l)
   658			l -= 2
   659			z[4] = byte(l >> 8)
   660			z[5] = byte(l)
   661			l -= 1
   662			z[6] = byte(l)
   663			copy(z[7:], []byte(m.alpnProtocol))
   664			z = z[7+alpnLen:]
   665		}
   666		if sctLen > 0 {
   667			z[0] = byte(extensionSCT >> 8)
   668			z[1] = byte(extensionSCT)
   669			l := sctLen + 2
   670			z[2] = byte(l >> 8)
   671			z[3] = byte(l)
   672			z[4] = byte(sctLen >> 8)
   673			z[5] = byte(sctLen)
   674	
   675			z = z[6:]
   676			for _, sct := range m.scts {
   677				z[0] = byte(len(sct) >> 8)
   678				z[1] = byte(len(sct))
   679				copy(z[2:], sct)
   680				z = z[len(sct)+2:]
   681			}
   682		}
   683	
   684		m.raw = x
   685	
   686		return x
   687	}
   688	
   689	func (m *serverHelloMsg) unmarshal(data []byte) bool {
   690		if len(data) < 42 {
   691			return false
   692		}
   693		m.raw = data
   694		m.vers = uint16(data[4])<<8 | uint16(data[5])
   695		m.random = data[6:38]
   696		sessionIdLen := int(data[38])
   697		if sessionIdLen > 32 || len(data) < 39+sessionIdLen {
   698			return false
   699		}
   700		m.sessionId = data[39 : 39+sessionIdLen]
   701		data = data[39+sessionIdLen:]
   702		if len(data) < 3 {
   703			return false
   704		}
   705		m.cipherSuite = uint16(data[0])<<8 | uint16(data[1])
   706		m.compressionMethod = data[2]
   707		data = data[3:]
   708	
   709		m.nextProtoNeg = false
   710		m.nextProtos = nil
   711		m.ocspStapling = false
   712		m.scts = nil
   713		m.ticketSupported = false
   714		m.alpnProtocol = ""
   715	
   716		if len(data) == 0 {
   717			// ServerHello is optionally followed by extension data
   718			return true
   719		}
   720		if len(data) < 2 {
   721			return false
   722		}
   723	
   724		extensionsLength := int(data[0])<<8 | int(data[1])
   725		data = data[2:]
   726		if len(data) != extensionsLength {
   727			return false
   728		}
   729	
   730		for len(data) != 0 {
   731			if len(data) < 4 {
   732				return false
   733			}
   734			extension := uint16(data[0])<<8 | uint16(data[1])
   735			length := int(data[2])<<8 | int(data[3])
   736			data = data[4:]
   737			if len(data) < length {
   738				return false
   739			}
   740	
   741			switch extension {
   742			case extensionNextProtoNeg:
   743				m.nextProtoNeg = true
   744				d := data[:length]
   745				for len(d) > 0 {
   746					l := int(d[0])
   747					d = d[1:]
   748					if l == 0 || l > len(d) {
   749						return false
   750					}
   751					m.nextProtos = append(m.nextProtos, string(d[:l]))
   752					d = d[l:]
   753				}
   754			case extensionStatusRequest:
   755				if length > 0 {
   756					return false
   757				}
   758				m.ocspStapling = true
   759			case extensionSessionTicket:
   760				if length > 0 {
   761					return false
   762				}
   763				m.ticketSupported = true
   764			case extensionRenegotiationInfo:
   765				if length == 0 {
   766					return false
   767				}
   768				d := data[:length]
   769				l := int(d[0])
   770				d = d[1:]
   771				if l != len(d) {
   772					return false
   773				}
   774	
   775				m.secureRenegotiation = d
   776				m.secureRenegotiationSupported = true
   777			case extensionALPN:
   778				d := data[:length]
   779				if len(d) < 3 {
   780					return false
   781				}
   782				l := int(d[0])<<8 | int(d[1])
   783				if l != len(d)-2 {
   784					return false
   785				}
   786				d = d[2:]
   787				l = int(d[0])
   788				if l != len(d)-1 {
   789					return false
   790				}
   791				d = d[1:]
   792				if len(d) == 0 {
   793					// ALPN protocols must not be empty.
   794					return false
   795				}
   796				m.alpnProtocol = string(d)
   797			case extensionSCT:
   798				d := data[:length]
   799	
   800				if len(d) < 2 {
   801					return false
   802				}
   803				l := int(d[0])<<8 | int(d[1])
   804				d = d[2:]
   805				if len(d) != l || l == 0 {
   806					return false
   807				}
   808	
   809				m.scts = make([][]byte, 0, 3)
   810				for len(d) != 0 {
   811					if len(d) < 2 {
   812						return false
   813					}
   814					sctLen := int(d[0])<<8 | int(d[1])
   815					d = d[2:]
   816					if sctLen == 0 || len(d) < sctLen {
   817						return false
   818					}
   819					m.scts = append(m.scts, d[:sctLen])
   820					d = d[sctLen:]
   821				}
   822			}
   823			data = data[length:]
   824		}
   825	
   826		return true
   827	}
   828	
   829	type certificateMsg struct {
   830		raw          []byte
   831		certificates [][]byte
   832	}
   833	
   834	func (m *certificateMsg) equal(i interface{}) bool {
   835		m1, ok := i.(*certificateMsg)
   836		if !ok {
   837			return false
   838		}
   839	
   840		return bytes.Equal(m.raw, m1.raw) &&
   841			eqByteSlices(m.certificates, m1.certificates)
   842	}
   843	
   844	func (m *certificateMsg) marshal() (x []byte) {
   845		if m.raw != nil {
   846			return m.raw
   847		}
   848	
   849		var i int
   850		for _, slice := range m.certificates {
   851			i += len(slice)
   852		}
   853	
   854		length := 3 + 3*len(m.certificates) + i
   855		x = make([]byte, 4+length)
   856		x[0] = typeCertificate
   857		x[1] = uint8(length >> 16)
   858		x[2] = uint8(length >> 8)
   859		x[3] = uint8(length)
   860	
   861		certificateOctets := length - 3
   862		x[4] = uint8(certificateOctets >> 16)
   863		x[5] = uint8(certificateOctets >> 8)
   864		x[6] = uint8(certificateOctets)
   865	
   866		y := x[7:]
   867		for _, slice := range m.certificates {
   868			y[0] = uint8(len(slice) >> 16)
   869			y[1] = uint8(len(slice) >> 8)
   870			y[2] = uint8(len(slice))
   871			copy(y[3:], slice)
   872			y = y[3+len(slice):]
   873		}
   874	
   875		m.raw = x
   876		return
   877	}
   878	
   879	func (m *certificateMsg) unmarshal(data []byte) bool {
   880		if len(data) < 7 {
   881			return false
   882		}
   883	
   884		m.raw = data
   885		certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6])
   886		if uint32(len(data)) != certsLen+7 {
   887			return false
   888		}
   889	
   890		numCerts := 0
   891		d := data[7:]
   892		for certsLen > 0 {
   893			if len(d) < 4 {
   894				return false
   895			}
   896			certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
   897			if uint32(len(d)) < 3+certLen {
   898				return false
   899			}
   900			d = d[3+certLen:]
   901			certsLen -= 3 + certLen
   902			numCerts++
   903		}
   904	
   905		m.certificates = make([][]byte, numCerts)
   906		d = data[7:]
   907		for i := 0; i < numCerts; i++ {
   908			certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
   909			m.certificates[i] = d[3 : 3+certLen]
   910			d = d[3+certLen:]
   911		}
   912	
   913		return true
   914	}
   915	
   916	type serverKeyExchangeMsg struct {
   917		raw []byte
   918		key []byte
   919	}
   920	
   921	func (m *serverKeyExchangeMsg) equal(i interface{}) bool {
   922		m1, ok := i.(*serverKeyExchangeMsg)
   923		if !ok {
   924			return false
   925		}
   926	
   927		return bytes.Equal(m.raw, m1.raw) &&
   928			bytes.Equal(m.key, m1.key)
   929	}
   930	
   931	func (m *serverKeyExchangeMsg) marshal() []byte {
   932		if m.raw != nil {
   933			return m.raw
   934		}
   935		length := len(m.key)
   936		x := make([]byte, length+4)
   937		x[0] = typeServerKeyExchange
   938		x[1] = uint8(length >> 16)
   939		x[2] = uint8(length >> 8)
   940		x[3] = uint8(length)
   941		copy(x[4:], m.key)
   942	
   943		m.raw = x
   944		return x
   945	}
   946	
   947	func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool {
   948		m.raw = data
   949		if len(data) < 4 {
   950			return false
   951		}
   952		m.key = data[4:]
   953		return true
   954	}
   955	
   956	type certificateStatusMsg struct {
   957		raw        []byte
   958		statusType uint8
   959		response   []byte
   960	}
   961	
   962	func (m *certificateStatusMsg) equal(i interface{}) bool {
   963		m1, ok := i.(*certificateStatusMsg)
   964		if !ok {
   965			return false
   966		}
   967	
   968		return bytes.Equal(m.raw, m1.raw) &&
   969			m.statusType == m1.statusType &&
   970			bytes.Equal(m.response, m1.response)
   971	}
   972	
   973	func (m *certificateStatusMsg) marshal() []byte {
   974		if m.raw != nil {
   975			return m.raw
   976		}
   977	
   978		var x []byte
   979		if m.statusType == statusTypeOCSP {
   980			x = make([]byte, 4+4+len(m.response))
   981			x[0] = typeCertificateStatus
   982			l := len(m.response) + 4
   983			x[1] = byte(l >> 16)
   984			x[2] = byte(l >> 8)
   985			x[3] = byte(l)
   986			x[4] = statusTypeOCSP
   987	
   988			l -= 4
   989			x[5] = byte(l >> 16)
   990			x[6] = byte(l >> 8)
   991			x[7] = byte(l)
   992			copy(x[8:], m.response)
   993		} else {
   994			x = []byte{typeCertificateStatus, 0, 0, 1, m.statusType}
   995		}
   996	
   997		m.raw = x
   998		return x
   999	}
  1000	
  1001	func (m *certificateStatusMsg) unmarshal(data []byte) bool {
  1002		m.raw = data
  1003		if len(data) < 5 {
  1004			return false
  1005		}
  1006		m.statusType = data[4]
  1007	
  1008		m.response = nil
  1009		if m.statusType == statusTypeOCSP {
  1010			if len(data) < 8 {
  1011				return false
  1012			}
  1013			respLen := uint32(data[5])<<16 | uint32(data[6])<<8 | uint32(data[7])
  1014			if uint32(len(data)) != 4+4+respLen {
  1015				return false
  1016			}
  1017			m.response = data[8:]
  1018		}
  1019		return true
  1020	}
  1021	
  1022	type serverHelloDoneMsg struct{}
  1023	
  1024	func (m *serverHelloDoneMsg) equal(i interface{}) bool {
  1025		_, ok := i.(*serverHelloDoneMsg)
  1026		return ok
  1027	}
  1028	
  1029	func (m *serverHelloDoneMsg) marshal() []byte {
  1030		x := make([]byte, 4)
  1031		x[0] = typeServerHelloDone
  1032		return x
  1033	}
  1034	
  1035	func (m *serverHelloDoneMsg) unmarshal(data []byte) bool {
  1036		return len(data) == 4
  1037	}
  1038	
  1039	type clientKeyExchangeMsg struct {
  1040		raw        []byte
  1041		ciphertext []byte
  1042	}
  1043	
  1044	func (m *clientKeyExchangeMsg) equal(i interface{}) bool {
  1045		m1, ok := i.(*clientKeyExchangeMsg)
  1046		if !ok {
  1047			return false
  1048		}
  1049	
  1050		return bytes.Equal(m.raw, m1.raw) &&
  1051			bytes.Equal(m.ciphertext, m1.ciphertext)
  1052	}
  1053	
  1054	func (m *clientKeyExchangeMsg) marshal() []byte {
  1055		if m.raw != nil {
  1056			return m.raw
  1057		}
  1058		length := len(m.ciphertext)
  1059		x := make([]byte, length+4)
  1060		x[0] = typeClientKeyExchange
  1061		x[1] = uint8(length >> 16)
  1062		x[2] = uint8(length >> 8)
  1063		x[3] = uint8(length)
  1064		copy(x[4:], m.ciphertext)
  1065	
  1066		m.raw = x
  1067		return x
  1068	}
  1069	
  1070	func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool {
  1071		m.raw = data
  1072		if len(data) < 4 {
  1073			return false
  1074		}
  1075		l := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
  1076		if l != len(data)-4 {
  1077			return false
  1078		}
  1079		m.ciphertext = data[4:]
  1080		return true
  1081	}
  1082	
  1083	type finishedMsg struct {
  1084		raw        []byte
  1085		verifyData []byte
  1086	}
  1087	
  1088	func (m *finishedMsg) equal(i interface{}) bool {
  1089		m1, ok := i.(*finishedMsg)
  1090		if !ok {
  1091			return false
  1092		}
  1093	
  1094		return bytes.Equal(m.raw, m1.raw) &&
  1095			bytes.Equal(m.verifyData, m1.verifyData)
  1096	}
  1097	
  1098	func (m *finishedMsg) marshal() (x []byte) {
  1099		if m.raw != nil {
  1100			return m.raw
  1101		}
  1102	
  1103		x = make([]byte, 4+len(m.verifyData))
  1104		x[0] = typeFinished
  1105		x[3] = byte(len(m.verifyData))
  1106		copy(x[4:], m.verifyData)
  1107		m.raw = x
  1108		return
  1109	}
  1110	
  1111	func (m *finishedMsg) unmarshal(data []byte) bool {
  1112		m.raw = data
  1113		if len(data) < 4 {
  1114			return false
  1115		}
  1116		m.verifyData = data[4:]
  1117		return true
  1118	}
  1119	
  1120	type nextProtoMsg struct {
  1121		raw   []byte
  1122		proto string
  1123	}
  1124	
  1125	func (m *nextProtoMsg) equal(i interface{}) bool {
  1126		m1, ok := i.(*nextProtoMsg)
  1127		if !ok {
  1128			return false
  1129		}
  1130	
  1131		return bytes.Equal(m.raw, m1.raw) &&
  1132			m.proto == m1.proto
  1133	}
  1134	
  1135	func (m *nextProtoMsg) marshal() []byte {
  1136		if m.raw != nil {
  1137			return m.raw
  1138		}
  1139		l := len(m.proto)
  1140		if l > 255 {
  1141			l = 255
  1142		}
  1143	
  1144		padding := 32 - (l+2)%32
  1145		length := l + padding + 2
  1146		x := make([]byte, length+4)
  1147		x[0] = typeNextProtocol
  1148		x[1] = uint8(length >> 16)
  1149		x[2] = uint8(length >> 8)
  1150		x[3] = uint8(length)
  1151	
  1152		y := x[4:]
  1153		y[0] = byte(l)
  1154		copy(y[1:], []byte(m.proto[0:l]))
  1155		y = y[1+l:]
  1156		y[0] = byte(padding)
  1157	
  1158		m.raw = x
  1159	
  1160		return x
  1161	}
  1162	
  1163	func (m *nextProtoMsg) unmarshal(data []byte) bool {
  1164		m.raw = data
  1165	
  1166		if len(data) < 5 {
  1167			return false
  1168		}
  1169		data = data[4:]
  1170		protoLen := int(data[0])
  1171		data = data[1:]
  1172		if len(data) < protoLen {
  1173			return false
  1174		}
  1175		m.proto = string(data[0:protoLen])
  1176		data = data[protoLen:]
  1177	
  1178		if len(data) < 1 {
  1179			return false
  1180		}
  1181		paddingLen := int(data[0])
  1182		data = data[1:]
  1183		if len(data) != paddingLen {
  1184			return false
  1185		}
  1186	
  1187		return true
  1188	}
  1189	
  1190	type certificateRequestMsg struct {
  1191		raw []byte
  1192		// hasSignatureAndHash indicates whether this message includes a list
  1193		// of signature and hash functions. This change was introduced with TLS
  1194		// 1.2.
  1195		hasSignatureAndHash bool
  1196	
  1197		certificateTypes       []byte
  1198		signatureAndHashes     []signatureAndHash
  1199		certificateAuthorities [][]byte
  1200	}
  1201	
  1202	func (m *certificateRequestMsg) equal(i interface{}) bool {
  1203		m1, ok := i.(*certificateRequestMsg)
  1204		if !ok {
  1205			return false
  1206		}
  1207	
  1208		return bytes.Equal(m.raw, m1.raw) &&
  1209			bytes.Equal(m.certificateTypes, m1.certificateTypes) &&
  1210			eqByteSlices(m.certificateAuthorities, m1.certificateAuthorities) &&
  1211			eqSignatureAndHashes(m.signatureAndHashes, m1.signatureAndHashes)
  1212	}
  1213	
  1214	func (m *certificateRequestMsg) marshal() (x []byte) {
  1215		if m.raw != nil {
  1216			return m.raw
  1217		}
  1218	
  1219		// See http://tools.ietf.org/html/rfc4346#section-7.4.4
  1220		length := 1 + len(m.certificateTypes) + 2
  1221		casLength := 0
  1222		for _, ca := range m.certificateAuthorities {
  1223			casLength += 2 + len(ca)
  1224		}
  1225		length += casLength
  1226	
  1227		if m.hasSignatureAndHash {
  1228			length += 2 + 2*len(m.signatureAndHashes)
  1229		}
  1230	
  1231		x = make([]byte, 4+length)
  1232		x[0] = typeCertificateRequest
  1233		x[1] = uint8(length >> 16)
  1234		x[2] = uint8(length >> 8)
  1235		x[3] = uint8(length)
  1236	
  1237		x[4] = uint8(len(m.certificateTypes))
  1238	
  1239		copy(x[5:], m.certificateTypes)
  1240		y := x[5+len(m.certificateTypes):]
  1241	
  1242		if m.hasSignatureAndHash {
  1243			n := len(m.signatureAndHashes) * 2
  1244			y[0] = uint8(n >> 8)
  1245			y[1] = uint8(n)
  1246			y = y[2:]
  1247			for _, sigAndHash := range m.signatureAndHashes {
  1248				y[0] = sigAndHash.hash
  1249				y[1] = sigAndHash.signature
  1250				y = y[2:]
  1251			}
  1252		}
  1253	
  1254		y[0] = uint8(casLength >> 8)
  1255		y[1] = uint8(casLength)
  1256		y = y[2:]
  1257		for _, ca := range m.certificateAuthorities {
  1258			y[0] = uint8(len(ca) >> 8)
  1259			y[1] = uint8(len(ca))
  1260			y = y[2:]
  1261			copy(y, ca)
  1262			y = y[len(ca):]
  1263		}
  1264	
  1265		m.raw = x
  1266		return
  1267	}
  1268	
  1269	func (m *certificateRequestMsg) unmarshal(data []byte) bool {
  1270		m.raw = data
  1271	
  1272		if len(data) < 5 {
  1273			return false
  1274		}
  1275	
  1276		length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
  1277		if uint32(len(data))-4 != length {
  1278			return false
  1279		}
  1280	
  1281		numCertTypes := int(data[4])
  1282		data = data[5:]
  1283		if numCertTypes == 0 || len(data) <= numCertTypes {
  1284			return false
  1285		}
  1286	
  1287		m.certificateTypes = make([]byte, numCertTypes)
  1288		if copy(m.certificateTypes, data) != numCertTypes {
  1289			return false
  1290		}
  1291	
  1292		data = data[numCertTypes:]
  1293	
  1294		if m.hasSignatureAndHash {
  1295			if len(data) < 2 {
  1296				return false
  1297			}
  1298			sigAndHashLen := uint16(data[0])<<8 | uint16(data[1])
  1299			data = data[2:]
  1300			if sigAndHashLen&1 != 0 {
  1301				return false
  1302			}
  1303			if len(data) < int(sigAndHashLen) {
  1304				return false
  1305			}
  1306			numSigAndHash := sigAndHashLen / 2
  1307			m.signatureAndHashes = make([]signatureAndHash, numSigAndHash)
  1308			for i := range m.signatureAndHashes {
  1309				m.signatureAndHashes[i].hash = data[0]
  1310				m.signatureAndHashes[i].signature = data[1]
  1311				data = data[2:]
  1312			}
  1313		}
  1314	
  1315		if len(data) < 2 {
  1316			return false
  1317		}
  1318		casLength := uint16(data[0])<<8 | uint16(data[1])
  1319		data = data[2:]
  1320		if len(data) < int(casLength) {
  1321			return false
  1322		}
  1323		cas := make([]byte, casLength)
  1324		copy(cas, data)
  1325		data = data[casLength:]
  1326	
  1327		m.certificateAuthorities = nil
  1328		for len(cas) > 0 {
  1329			if len(cas) < 2 {
  1330				return false
  1331			}
  1332			caLen := uint16(cas[0])<<8 | uint16(cas[1])
  1333			cas = cas[2:]
  1334	
  1335			if len(cas) < int(caLen) {
  1336				return false
  1337			}
  1338	
  1339			m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen])
  1340			cas = cas[caLen:]
  1341		}
  1342	
  1343		return len(data) == 0
  1344	}
  1345	
  1346	type certificateVerifyMsg struct {
  1347		raw                 []byte
  1348		hasSignatureAndHash bool
  1349		signatureAndHash    signatureAndHash
  1350		signature           []byte
  1351	}
  1352	
  1353	func (m *certificateVerifyMsg) equal(i interface{}) bool {
  1354		m1, ok := i.(*certificateVerifyMsg)
  1355		if !ok {
  1356			return false
  1357		}
  1358	
  1359		return bytes.Equal(m.raw, m1.raw) &&
  1360			m.hasSignatureAndHash == m1.hasSignatureAndHash &&
  1361			m.signatureAndHash.hash == m1.signatureAndHash.hash &&
  1362			m.signatureAndHash.signature == m1.signatureAndHash.signature &&
  1363			bytes.Equal(m.signature, m1.signature)
  1364	}
  1365	
  1366	func (m *certificateVerifyMsg) marshal() (x []byte) {
  1367		if m.raw != nil {
  1368			return m.raw
  1369		}
  1370	
  1371		// See http://tools.ietf.org/html/rfc4346#section-7.4.8
  1372		siglength := len(m.signature)
  1373		length := 2 + siglength
  1374		if m.hasSignatureAndHash {
  1375			length += 2
  1376		}
  1377		x = make([]byte, 4+length)
  1378		x[0] = typeCertificateVerify
  1379		x[1] = uint8(length >> 16)
  1380		x[2] = uint8(length >> 8)
  1381		x[3] = uint8(length)
  1382		y := x[4:]
  1383		if m.hasSignatureAndHash {
  1384			y[0] = m.signatureAndHash.hash
  1385			y[1] = m.signatureAndHash.signature
  1386			y = y[2:]
  1387		}
  1388		y[0] = uint8(siglength >> 8)
  1389		y[1] = uint8(siglength)
  1390		copy(y[2:], m.signature)
  1391	
  1392		m.raw = x
  1393	
  1394		return
  1395	}
  1396	
  1397	func (m *certificateVerifyMsg) unmarshal(data []byte) bool {
  1398		m.raw = data
  1399	
  1400		if len(data) < 6 {
  1401			return false
  1402		}
  1403	
  1404		length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
  1405		if uint32(len(data))-4 != length {
  1406			return false
  1407		}
  1408	
  1409		data = data[4:]
  1410		if m.hasSignatureAndHash {
  1411			m.signatureAndHash.hash = data[0]
  1412			m.signatureAndHash.signature = data[1]
  1413			data = data[2:]
  1414		}
  1415	
  1416		if len(data) < 2 {
  1417			return false
  1418		}
  1419		siglength := int(data[0])<<8 + int(data[1])
  1420		data = data[2:]
  1421		if len(data) != siglength {
  1422			return false
  1423		}
  1424	
  1425		m.signature = data
  1426	
  1427		return true
  1428	}
  1429	
  1430	type newSessionTicketMsg struct {
  1431		raw    []byte
  1432		ticket []byte
  1433	}
  1434	
  1435	func (m *newSessionTicketMsg) equal(i interface{}) bool {
  1436		m1, ok := i.(*newSessionTicketMsg)
  1437		if !ok {
  1438			return false
  1439		}
  1440	
  1441		return bytes.Equal(m.raw, m1.raw) &&
  1442			bytes.Equal(m.ticket, m1.ticket)
  1443	}
  1444	
  1445	func (m *newSessionTicketMsg) marshal() (x []byte) {
  1446		if m.raw != nil {
  1447			return m.raw
  1448		}
  1449	
  1450		// See http://tools.ietf.org/html/rfc5077#section-3.3
  1451		ticketLen := len(m.ticket)
  1452		length := 2 + 4 + ticketLen
  1453		x = make([]byte, 4+length)
  1454		x[0] = typeNewSessionTicket
  1455		x[1] = uint8(length >> 16)
  1456		x[2] = uint8(length >> 8)
  1457		x[3] = uint8(length)
  1458		x[8] = uint8(ticketLen >> 8)
  1459		x[9] = uint8(ticketLen)
  1460		copy(x[10:], m.ticket)
  1461	
  1462		m.raw = x
  1463	
  1464		return
  1465	}
  1466	
  1467	func (m *newSessionTicketMsg) unmarshal(data []byte) bool {
  1468		m.raw = data
  1469	
  1470		if len(data) < 10 {
  1471			return false
  1472		}
  1473	
  1474		length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
  1475		if uint32(len(data))-4 != length {
  1476			return false
  1477		}
  1478	
  1479		ticketLen := int(data[8])<<8 + int(data[9])
  1480		if len(data)-10 != ticketLen {
  1481			return false
  1482		}
  1483	
  1484		m.ticket = data[10:]
  1485	
  1486		return true
  1487	}
  1488	
  1489	type helloRequestMsg struct {
  1490	}
  1491	
  1492	func (*helloRequestMsg) marshal() []byte {
  1493		return []byte{typeHelloRequest, 0, 0, 0}
  1494	}
  1495	
  1496	func (*helloRequestMsg) unmarshal(data []byte) bool {
  1497		return len(data) == 4
  1498	}
  1499	
  1500	func eqUint16s(x, y []uint16) bool {
  1501		if len(x) != len(y) {
  1502			return false
  1503		}
  1504		for i, v := range x {
  1505			if y[i] != v {
  1506				return false
  1507			}
  1508		}
  1509		return true
  1510	}
  1511	
  1512	func eqCurveIDs(x, y []CurveID) bool {
  1513		if len(x) != len(y) {
  1514			return false
  1515		}
  1516		for i, v := range x {
  1517			if y[i] != v {
  1518				return false
  1519			}
  1520		}
  1521		return true
  1522	}
  1523	
  1524	func eqStrings(x, y []string) bool {
  1525		if len(x) != len(y) {
  1526			return false
  1527		}
  1528		for i, v := range x {
  1529			if y[i] != v {
  1530				return false
  1531			}
  1532		}
  1533		return true
  1534	}
  1535	
  1536	func eqByteSlices(x, y [][]byte) bool {
  1537		if len(x) != len(y) {
  1538			return false
  1539		}
  1540		for i, v := range x {
  1541			if !bytes.Equal(v, y[i]) {
  1542				return false
  1543			}
  1544		}
  1545		return true
  1546	}
  1547	
  1548	func eqSignatureAndHashes(x, y []signatureAndHash) bool {
  1549		if len(x) != len(y) {
  1550			return false
  1551		}
  1552		for i, v := range x {
  1553			v2 := y[i]
  1554			if v.hash != v2.hash || v.signature != v2.signature {
  1555				return false
  1556			}
  1557		}
  1558		return true
  1559	}
  1560	

View as plain text