-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathkey.go
More file actions
48 lines (38 loc) · 1.09 KB
/
Copy pathkey.go
File metadata and controls
48 lines (38 loc) · 1.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package ktls
import (
"encoding/hex"
"fmt"
"strings"
)
// client_random is always 32 bytes = 64 hex chars
const clientRandomHexLen = 64
// max secret is 48 bytes (SHA-384 for AES-256-GCM)
const maxSecretHexLen = 96
// parseTrafficSecret decodes the secret into dst and returns the
// populated slice. dst must be at least 48 bytes
// using this approach to avoid an extra allocation for the decoded secret
// <label> <client_random> <hex secret>\n
func parseTrafficSecret(keyLog, prefix string, dst []byte) ([]byte, error) {
for line := range strings.SplitSeq(keyLog, "\n") {
if len(line) == 0 || line[0] == '#' {
continue
}
if len(line) < len(prefix) || line[:len(prefix)] != prefix {
continue
}
rest := line[len(prefix):]
if len(rest) < clientRandomHexLen+1 || rest[clientRandomHexLen] != ' ' {
continue
}
hexSecret := rest[clientRandomHexLen+1:]
if len(hexSecret) > maxSecretHexLen {
continue
}
n, err := hex.Decode(dst, []byte(hexSecret))
if err != nil {
continue
}
return dst[:n], nil
}
return nil, fmt.Errorf("ktls: %snot found in key log", prefix)
}