Skip to content

Commit

Permalink
Fix: marshalRandomized must retain at least one TLS 1.3 cipher suite
Browse files Browse the repository at this point in the history
  • Loading branch information
@rod-hynes @adotkhan
rod-hynes authored and adotkhan committed Jun 8, 2023
1 parent 051107f commit dd57d67
Showing 1 changed file with 29 additions and 10 deletions.
39 changes: 29 additions & 10 deletions handshake_messages.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -336,24 +336,43 @@ func (m *clientHelloMsg) marshalRandomized() []byte {
// all slices before truncating.

cipherSuites := make([]uint16, len(m.cipherSuites))
perm := m.PRNG.Perm(len(m.cipherSuites))
for i, j := range perm {
cipherSuites[j] = m.cipherSuites[i]
}
cut := len(cipherSuites)
for ; cut > 1; cut-- {
if !m.PRNG.FlipCoin() {
for {
perm := m.PRNG.Perm(len(m.cipherSuites))
for i, j := range perm {
cipherSuites[j] = m.cipherSuites[i]
}
cut := len(cipherSuites)
for ; cut > 1; cut-- {
if !m.PRNG.FlipCoin() {
break
}
}

// Must contain at least one of defaultCipherSuitesTLS13.
containsDefault := false
for _, suite := range cipherSuites[:cut] {
for _, defaultSuite := range defaultCipherSuitesTLS13 {
if suite == defaultSuite {
containsDefault = true
break
}
}
if containsDefault {
break
}
}
if containsDefault {
cipherSuites = cipherSuites[:cut]
break
}
}
cipherSuites = cipherSuites[:cut]

compressionMethods := make([]uint8, len(m.compressionMethods))
perm = m.PRNG.Perm(len(m.compressionMethods))
perm := m.PRNG.Perm(len(m.compressionMethods))
for i, j := range perm {
compressionMethods[j] = m.compressionMethods[i]
}
cut = len(compressionMethods)
cut := len(compressionMethods)
for ; cut > 1; cut-- {
if !m.PRNG.FlipCoin() {
break
Expand Down

0 comments on commit dd57d67

Please sign in to comment.