()
| 752 | } |
| 753 | |
| 754 | func (hs *clientHandshakeStateTLS13) sendClientCertificate() error { |
| 755 | c := hs.c |
| 756 | |
| 757 | if hs.certReq == nil { |
| 758 | return nil |
| 759 | } |
| 760 | |
| 761 | if hs.echContext != nil && hs.echContext.echRejected { |
| 762 | if _, err := hs.c.writeHandshakeRecord(&certificateMsgTLS13{}, hs.transcript); err != nil { |
| 763 | return err |
| 764 | } |
| 765 | return nil |
| 766 | } |
| 767 | |
| 768 | cert, err := c.getClientCertificate(&CertificateRequestInfo{ |
| 769 | AcceptableCAs: hs.certReq.certificateAuthorities, |
| 770 | SignatureSchemes: hs.certReq.supportedSignatureAlgorithms, |
| 771 | Version: c.vers, |
| 772 | ctx: hs.ctx, |
| 773 | }) |
| 774 | if err != nil { |
| 775 | return err |
| 776 | } |
| 777 | |
| 778 | certMsg := new(certificateMsgTLS13) |
| 779 | |
| 780 | certMsg.certificate = *cert |
| 781 | certMsg.scts = hs.certReq.scts && len(cert.SignedCertificateTimestamps) > 0 |
| 782 | certMsg.ocspStapling = hs.certReq.ocspStapling && len(cert.OCSPStaple) > 0 |
| 783 | |
| 784 | if _, err := hs.c.writeHandshakeRecord(certMsg, hs.transcript); err != nil { |
| 785 | return err |
| 786 | } |
| 787 | |
| 788 | // If we sent an empty certificate message, skip the CertificateVerify. |
| 789 | if len(cert.Certificate) == 0 { |
| 790 | return nil |
| 791 | } |
| 792 | |
| 793 | certVerifyMsg := new(certificateVerifyMsg) |
| 794 | certVerifyMsg.hasSignatureAlgorithm = true |
| 795 | |
| 796 | certVerifyMsg.signatureAlgorithm, err = selectSignatureScheme(c.vers, cert, hs.certReq.supportedSignatureAlgorithms) |
| 797 | if err != nil { |
| 798 | // getClientCertificate returned a certificate incompatible with the |
| 799 | // CertificateRequestInfo supported signature algorithms. |
| 800 | c.sendAlert(alertHandshakeFailure) |
| 801 | return err |
| 802 | } |
| 803 | |
| 804 | sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerifyMsg.signatureAlgorithm) |
| 805 | if err != nil { |
| 806 | return c.sendAlert(alertInternalError) |
| 807 | } |
| 808 | |
| 809 | signed := signedMessage(sigHash, clientSignatureContext, hs.transcript) |
| 810 | signOpts := crypto.SignerOpts(sigHash) |
| 811 | if sigType == signatureRSAPSS { |
no test coverage detected