()
| 851 | } |
| 852 | |
| 853 | func (hs *clientHandshakeState) establishKeys() error { |
| 854 | c := hs.c |
| 855 | |
| 856 | clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV := |
| 857 | keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen) |
| 858 | var clientCipher, serverCipher any |
| 859 | var clientHash, serverHash hash.Hash |
| 860 | if hs.suite.cipher != nil { |
| 861 | clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */) |
| 862 | clientHash = hs.suite.mac(clientMAC) |
| 863 | serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */) |
| 864 | serverHash = hs.suite.mac(serverMAC) |
| 865 | } else { |
| 866 | clientCipher = hs.suite.aead(clientKey, clientIV) |
| 867 | serverCipher = hs.suite.aead(serverKey, serverIV) |
| 868 | } |
| 869 | |
| 870 | c.in.prepareCipherSpec(c.vers, serverCipher, serverHash) |
| 871 | c.out.prepareCipherSpec(c.vers, clientCipher, clientHash) |
| 872 | return nil |
| 873 | } |
| 874 | |
| 875 | func (hs *clientHandshakeState) serverResumedSession() bool { |
| 876 | // If the server responded with the same sessionId then it means the |
no test coverage detected