MCPcopy
hub / github.com/XTLS/REALITY / hashForClientCertificate

Method hashForClientCertificate

prf.go:227–247  ·  view source on GitHub ↗

hashForClientCertificate returns the handshake messages so far, pre-hashed if necessary, suitable for signing by a TLS client certificate.

(sigType uint8, hashAlg crypto.Hash)

Source from the content-addressed store, hash-verified

225// hashForClientCertificate returns the handshake messages so far, pre-hashed if
226// necessary, suitable for signing by a TLS client certificate.
227func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash) []byte {
228 if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil {
229 panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer")
230 }
231
232 if sigType == signatureEd25519 {
233 return h.buffer
234 }
235
236 if h.version >= VersionTLS12 {
237 hash := hashAlg.New()
238 hash.Write(h.buffer)
239 return hash.Sum(nil)
240 }
241
242 if sigType == signatureECDSA {
243 return h.server.Sum(nil)
244 }
245
246 return h.Sum()
247}
248
249// discardHandshakeBuffer is called when there is no more need to
250// buffer the entirety of the handshake messages.

Callers 2

doFullHandshakeMethod · 0.80
doFullHandshakeMethod · 0.80

Calls 2

SumMethod · 0.95
WriteMethod · 0.65

Tested by

no test coverage detected