()
| 1233 | } |
| 1234 | |
| 1235 | func (hs *serverHandshakeStateTLS13) readClientFinished() error { |
| 1236 | c := hs.c |
| 1237 | |
| 1238 | // finishedMsg is not included in the transcript. |
| 1239 | msg, err := c.readHandshake(nil) |
| 1240 | if err != nil { |
| 1241 | return err |
| 1242 | } |
| 1243 | |
| 1244 | finished, ok := msg.(*finishedMsg) |
| 1245 | if !ok { |
| 1246 | c.sendAlert(alertUnexpectedMessage) |
| 1247 | return unexpectedMessageError(finished, msg) |
| 1248 | } |
| 1249 | |
| 1250 | if !hmac.Equal(hs.clientFinished, finished.verifyData) { |
| 1251 | c.sendAlert(alertDecryptError) |
| 1252 | return errors.New("tls: invalid client finished hash") |
| 1253 | } |
| 1254 | |
| 1255 | c.in.setTrafficSecret(hs.suite, QUICEncryptionLevelApplication, hs.trafficSecret) |
| 1256 | |
| 1257 | return nil |
| 1258 | } |
no test coverage detected