()
| 730 | } |
| 731 | |
| 732 | func (hs *serverHandshakeState) sendSessionTicket() error { |
| 733 | // ticketSupported is set in a resumption handshake if the |
| 734 | // ticket from the client was encrypted with an old session |
| 735 | // ticket key and thus a refreshed ticket should be sent. |
| 736 | if !hs.hello.ticketSupported { |
| 737 | return nil |
| 738 | } |
| 739 | |
| 740 | c := hs.c |
| 741 | m := new(newSessionTicketMsg) |
| 742 | |
| 743 | createdAt := uint64(c.config.time().Unix()) |
| 744 | if hs.sessionState != nil { |
| 745 | // If this is re-wrapping an old key, then keep |
| 746 | // the original time it was created. |
| 747 | createdAt = hs.sessionState.createdAt |
| 748 | } |
| 749 | |
| 750 | var certsFromClient [][]byte |
| 751 | for _, cert := range c.peerCertificates { |
| 752 | certsFromClient = append(certsFromClient, cert.Raw) |
| 753 | } |
| 754 | state := sessionState{ |
| 755 | vers: c.vers, |
| 756 | cipherSuite: hs.suite.id, |
| 757 | createdAt: createdAt, |
| 758 | masterSecret: hs.masterSecret, |
| 759 | certificates: certsFromClient, |
| 760 | } |
| 761 | var err error |
| 762 | m.ticket, err = c.encryptTicket(state.marshal()) |
| 763 | if err != nil { |
| 764 | return err |
| 765 | } |
| 766 | |
| 767 | hs.finishedHash.Write(m.marshal()) |
| 768 | if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil { |
| 769 | return err |
| 770 | } |
| 771 | |
| 772 | return nil |
| 773 | } |
| 774 | |
| 775 | func (hs *serverHandshakeState) sendFinished(out []byte) error { |
| 776 | c := hs.c |
no test coverage detected