()
| 653 | } |
| 654 | |
| 655 | func (hs *clientHandshakeState) establishKeys() error { |
| 656 | c := hs.c |
| 657 | |
| 658 | clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV := |
| 659 | keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen) |
| 660 | var clientCipher, serverCipher any |
| 661 | var clientHash, serverHash hash.Hash |
| 662 | if hs.suite.cipher != nil { |
| 663 | clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */) |
| 664 | clientHash = hs.suite.mac(clientMAC) |
| 665 | serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */) |
| 666 | serverHash = hs.suite.mac(serverMAC) |
| 667 | } else { |
| 668 | clientCipher = hs.suite.aead(clientKey, clientIV) |
| 669 | serverCipher = hs.suite.aead(serverKey, serverIV) |
| 670 | } |
| 671 | |
| 672 | c.in.prepareCipherSpec(c.vers, serverCipher, serverHash) |
| 673 | c.out.prepareCipherSpec(c.vers, clientCipher, clientHash) |
| 674 | return nil |
| 675 | } |
| 676 | |
| 677 | func (hs *clientHandshakeState) serverResumedSession() bool { |
| 678 | // If the server responded with the same sessionId then it means the |
no test coverage detected