()
| 591 | } |
| 592 | |
| 593 | func (hs *serverHandshakeStateTLS13) pickCertificate() error { |
| 594 | c := hs.c |
| 595 | |
| 596 | // Only one of PSK and certificates are used at a time. |
| 597 | if hs.usingPSK { |
| 598 | return nil |
| 599 | } |
| 600 | |
| 601 | // signature_algorithms is required in TLS 1.3. See RFC 8446, Section 4.2.3. |
| 602 | if len(hs.clientHello.supportedSignatureAlgorithms) == 0 { |
| 603 | return c.sendAlert(alertMissingExtension) |
| 604 | } |
| 605 | |
| 606 | certificate, err := c.config.getCertificate(clientHelloInfo(hs.ctx, c, hs.clientHello)) |
| 607 | if err != nil { |
| 608 | if err == errNoCertificates { |
| 609 | c.sendAlert(alertUnrecognizedName) |
| 610 | } else { |
| 611 | c.sendAlert(alertInternalError) |
| 612 | } |
| 613 | return err |
| 614 | } |
| 615 | hs.sigAlg, err = selectSignatureScheme(c.vers, certificate, hs.clientHello.supportedSignatureAlgorithms) |
| 616 | if err != nil { |
| 617 | // getCertificate returned a certificate that is unsupported or |
| 618 | // incompatible with the client's signature algorithms. |
| 619 | c.sendAlert(alertHandshakeFailure) |
| 620 | return err |
| 621 | } |
| 622 | hs.cert = certificate |
| 623 | |
| 624 | return nil |
| 625 | } |
| 626 | |
| 627 | // sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility |
| 628 | // with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4. |
nothing calls this directly
no test coverage detected