(s, n)
| 88 | this.handshakeProcess = handshakeProtocol.helloRequest.msgType; |
| 89 | } |
| 90 | handshake(s, n) { |
| 91 | let state = 0; |
| 92 | switch (this.handshakeProcess) { |
| 93 | case handshakeProtocol.helloRequest.msgType: { // C |
| 94 | let cache = this.cacheManager && this.cacheManager.getByHost(this.options.tls_server_name); |
| 95 | if (cache) { |
| 96 | this.clientSessionID = cache.id; |
| 97 | this.masterSecret = cache.secret; |
| 98 | } |
| 99 | this.doProtocol(s, handshakeProtocol.clientHello); |
| 100 | } break; |
| 101 | case handshakeProtocol.clientHello.msgType: { // S |
| 102 | let masterSecret = this.clientSessionID && this.cacheManager && this.cacheManager.getByID(this.clientSessionID); |
| 103 | if (masterSecret) { |
| 104 | // resumed handshake |
| 105 | this.serverSessionID = this.clientSessionID; |
| 106 | this.masterSecret = masterSecret; |
| 107 | this.doProtocol(s, handshakeProtocol.serverHello); |
| 108 | this.doProtocol(s, changeCipherSpec); |
| 109 | this.doProtocol(s, handshakeProtocol.finished); |
| 110 | } |
| 111 | else { |
| 112 | // assign a new one |
| 113 | this.serverSessionID = ArrayBuffer.fromBigInt(BigInt(((new Date()).valueOf()).toString())); |
| 114 | this.doProtocol(s, handshakeProtocol.serverHello); |
| 115 | // S -> C: Certificate (always -- i.e. not support anonymous auth.) |
| 116 | let certs = this.certificateManager.getCerts(); |
| 117 | if (!certs || !certs.length) |
| 118 | throw new TLSError("client_hello: no certificate"); |
| 119 | this.doProtocol(s, handshakeProtocol.certificate, certs); |
| 120 | // S -> C: ServerKeyExchange (may not do anything depending on the chosen cipher) |
| 121 | this.doProtocol(s, handshakeProtocol.serverKeyExchange); |
| 122 | if (this.options.clientAuth) |
| 123 | // S -> C: CertificateRequest |
| 124 | this.doProtocol(s, handshakeProtocol.certificateRequest, this.options.clientAuth.cipherSuites, this.options.clientAuth.subjectDN); |
| 125 | // S -> C: ServerHelloDone |
| 126 | this.doProtocol(s, handshakeProtocol.serverHelloDone); |
| 127 | } |
| 128 | } break; |
| 129 | case handshakeProtocol.serverHelloDone.msgType: // C |
| 130 | if (this.clientCerts !== undefined) |
| 131 | this.doProtocol(s, handshakeProtocol.certificate, this.clientCerts); |
| 132 | this.doProtocol(s, handshakeProtocol.clientKeyExchange); |
| 133 | if (this.myCert) // client cert request && and the certs is not empty |
| 134 | this.doProtocol(s, handshakeProtocol.certificateVerify, this.myCert); |
| 135 | this.doProtocol(s, changeCipherSpec); |
| 136 | this.doProtocol(s, handshakeProtocol.finished); |
| 137 | break; |
| 138 | case handshakeProtocol.finished.msgType: { // C, S |
| 139 | let resumed = this.clientSessionID && Bin.comp(this.clientSessionID, this.serverSessionID) == 0; |
| 140 | if (!(this.connectionEnd ^ resumed)) { |
| 141 | this.doProtocol(s, changeCipherSpec); |
| 142 | this.doProtocol(s, handshakeProtocol.finished); |
| 143 | } |
| 144 | state = 2; |
| 145 | if (this.cacheManager) { |
| 146 | if (this.serverSessionID && this.options.tls_server_name) |
| 147 | this.cacheManager.saveSession(this.options.tls_server_name, this.serverSessionID, this.masterSecret); |
nothing calls this directly
no test coverage detected