signedMessage returns the pre-hashed (if necessary) message to be signed by certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3.
(sigHash crypto.Hash, context string, transcript hash.Hash)
| 80 | // signedMessage returns the pre-hashed (if necessary) message to be signed by |
| 81 | // certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3. |
| 82 | func signedMessage(sigHash crypto.Hash, context string, transcript hash.Hash) []byte { |
| 83 | if sigHash == directSigning { |
| 84 | b := &bytes.Buffer{} |
| 85 | b.Write(signaturePadding) |
| 86 | io.WriteString(b, context) |
| 87 | b.Write(transcript.Sum(nil)) |
| 88 | return b.Bytes() |
| 89 | } |
| 90 | h := sigHash.New() |
| 91 | h.Write(signaturePadding) |
| 92 | io.WriteString(h, context) |
| 93 | h.Write(transcript.Sum(nil)) |
| 94 | return h.Sum(nil) |
| 95 | } |
| 96 | |
| 97 | // typeAndHashFromSignatureScheme returns the corresponding signature type and |
| 98 | // crypto.Hash for a given TLS SignatureScheme. |
no test coverage detected
searching dependent graphs…