MasterSecret implements the TLS 1.2 extended master secret derivation, as defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2.
(hash func() H, preMasterSecret, transcript []byte)
| 47 | // MasterSecret implements the TLS 1.2 extended master secret derivation, as |
| 48 | // defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2. |
| 49 | func MasterSecret[H hash.Hash](hash func() H, preMasterSecret, transcript []byte) []byte { |
| 50 | // "The TLS 1.2 KDF is an approved KDF when the following conditions are |
| 51 | // satisfied: [...] (3) P_HASH uses either SHA-256, SHA-384 or SHA-512." |
| 52 | //h := hash() |
| 53 | hash() |
| 54 | // switch any(h).(type) { |
| 55 | // case *sha256.Digest: |
| 56 | // if h.Size() != 32 { |
| 57 | // fips140.RecordNonApproved() |
| 58 | // } |
| 59 | // case *sha512.Digest: |
| 60 | // if h.Size() != 46 && h.Size() != 64 { |
| 61 | // fips140.RecordNonApproved() |
| 62 | // } |
| 63 | // default: |
| 64 | // fips140.RecordNonApproved() |
| 65 | // } |
| 66 | |
| 67 | return PRF(hash, preMasterSecret, extendedMasterSecretLabel, transcript, masterSecretLength) |
| 68 | } |
no test coverage detected
searching dependent graphs…