MCPcopy Index your code
hub / github.com/XTLS/Go / processServerKeyExchange

Method processServerKeyExchange

key_agreement.go:270–349  ·  view source on GitHub ↗
(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg)

Source from the content-addressed store, hash-verified

268}
269
270func (ka *ecdheKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
271 if len(skx.key) < 4 {
272 return errServerKeyExchange
273 }
274 if skx.key[0] != 3 { // named curve
275 return errors.New("tls: server selected unsupported curve")
276 }
277 curveID := CurveID(skx.key[1])<<8 | CurveID(skx.key[2])
278
279 publicLen := int(skx.key[3])
280 if publicLen+4 > len(skx.key) {
281 return errServerKeyExchange
282 }
283 serverECDHEParams := skx.key[:4+publicLen]
284 publicKey := serverECDHEParams[4:]
285
286 sig := skx.key[4+publicLen:]
287 if len(sig) < 2 {
288 return errServerKeyExchange
289 }
290
291 if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
292 return errors.New("tls: server selected unsupported curve")
293 }
294
295 params, err := generateECDHEParameters(config.rand(), curveID)
296 if err != nil {
297 return err
298 }
299 ka.params = params
300
301 ka.preMasterSecret = params.SharedKey(publicKey)
302 if ka.preMasterSecret == nil {
303 return errServerKeyExchange
304 }
305
306 ourPublicKey := params.PublicKey()
307 ka.ckx = new(clientKeyExchangeMsg)
308 ka.ckx.ciphertext = make([]byte, 1+len(ourPublicKey))
309 ka.ckx.ciphertext[0] = byte(len(ourPublicKey))
310 copy(ka.ckx.ciphertext[1:], ourPublicKey)
311
312 var sigType uint8
313 var sigHash crypto.Hash
314 if ka.version >= VersionTLS12 {
315 signatureAlgorithm := SignatureScheme(sig[0])<<8 | SignatureScheme(sig[1])
316 sig = sig[2:]
317 if len(sig) < 2 {
318 return errServerKeyExchange
319 }
320
321 if !isSupportedSignatureAlgorithm(signatureAlgorithm, clientHello.supportedSignatureAlgorithms) {
322 return errors.New("tls: certificate used with invalid signature algorithm")
323 }
324 sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
325 if err != nil {
326 return err
327 }

Callers

nothing calls this directly

Calls 13

CurveIDTypeAlias · 0.85
curveForCurveIDFunction · 0.85
generateECDHEParametersFunction · 0.85
SignatureSchemeTypeAlias · 0.85
hashForServerKeyExchangeFunction · 0.85
verifyHandshakeSignatureFunction · 0.85
randMethod · 0.80
SharedKeyMethod · 0.65
PublicKeyMethod · 0.65

Tested by

no test coverage detected