()
| 481 | } |
| 482 | |
| 483 | func (hs *serverHandshakeState) doFullHandshake() error { |
| 484 | c := hs.c |
| 485 | |
| 486 | if hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 { |
| 487 | hs.hello.ocspStapling = true |
| 488 | } |
| 489 | |
| 490 | hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled |
| 491 | hs.hello.cipherSuite = hs.suite.id |
| 492 | |
| 493 | hs.finishedHash = newFinishedHash(hs.c.vers, hs.suite) |
| 494 | if c.config.ClientAuth == NoClientCert { |
| 495 | // No need to keep a full record of the handshake if client |
| 496 | // certificates won't be used. |
| 497 | hs.finishedHash.discardHandshakeBuffer() |
| 498 | } |
| 499 | hs.finishedHash.Write(hs.clientHello.marshal()) |
| 500 | hs.finishedHash.Write(hs.hello.marshal()) |
| 501 | if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil { |
| 502 | return err |
| 503 | } |
| 504 | |
| 505 | certMsg := new(certificateMsg) |
| 506 | certMsg.certificates = hs.cert.Certificate |
| 507 | hs.finishedHash.Write(certMsg.marshal()) |
| 508 | if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil { |
| 509 | return err |
| 510 | } |
| 511 | |
| 512 | if hs.hello.ocspStapling { |
| 513 | certStatus := new(certificateStatusMsg) |
| 514 | certStatus.response = hs.cert.OCSPStaple |
| 515 | hs.finishedHash.Write(certStatus.marshal()) |
| 516 | if _, err := c.writeRecord(recordTypeHandshake, certStatus.marshal()); err != nil { |
| 517 | return err |
| 518 | } |
| 519 | } |
| 520 | |
| 521 | keyAgreement := hs.suite.ka(c.vers) |
| 522 | skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello) |
| 523 | if err != nil { |
| 524 | c.sendAlert(alertHandshakeFailure) |
| 525 | return err |
| 526 | } |
| 527 | if skx != nil { |
| 528 | hs.finishedHash.Write(skx.marshal()) |
| 529 | if _, err := c.writeRecord(recordTypeHandshake, skx.marshal()); err != nil { |
| 530 | return err |
| 531 | } |
| 532 | } |
| 533 | |
| 534 | var certReq *certificateRequestMsg |
| 535 | if c.config.ClientAuth >= RequestClientCert { |
| 536 | // Request a client certificate |
| 537 | certReq = new(certificateRequestMsg) |
| 538 | certReq.certificateTypes = []byte{ |
| 539 | byte(certTypeRSASign), |
| 540 | byte(certTypeECDSASign), |
no test coverage detected