MCPcopy Index your code
hub / github.com/XTLS/REALITY / MasterSecret

Function MasterSecret

tls12/tls12.go:49–68  ·  view source on GitHub ↗

MasterSecret implements the TLS 1.2 extended master secret derivation, as defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2.

(hash func() H, preMasterSecret, transcript []byte)

Source from the content-addressed store, hash-verified

47// MasterSecret implements the TLS 1.2 extended master secret derivation, as
48// defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2.
49func MasterSecret[H hash.Hash](hash func() H, preMasterSecret, transcript []byte) []byte {
50 // "The TLS 1.2 KDF is an approved KDF when the following conditions are
51 // satisfied: [...] (3) P_HASH uses either SHA-256, SHA-384 or SHA-512."
52 //h := hash()
53 hash()
54 // switch any(h).(type) {
55 // case *sha256.Digest:
56 // if h.Size() != 32 {
57 // fips140.RecordNonApproved()
58 // }
59 // case *sha512.Digest:
60 // if h.Size() != 46 && h.Size() != 64 {
61 // fips140.RecordNonApproved()
62 // }
63 // default:
64 // fips140.RecordNonApproved()
65 // }
66
67 return PRF(hash, preMasterSecret, extendedMasterSecretLabel, transcript, masterSecretLength)
68}

Callers 1

Calls 1

PRFFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…