hashForClientCertificate returns the handshake messages so far, pre-hashed if necessary, suitable for signing by a TLS client certificate.
(sigType uint8, hashAlg crypto.Hash)
| 225 | // hashForClientCertificate returns the handshake messages so far, pre-hashed if |
| 226 | // necessary, suitable for signing by a TLS client certificate. |
| 227 | func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash) []byte { |
| 228 | if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil { |
| 229 | panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer") |
| 230 | } |
| 231 | |
| 232 | if sigType == signatureEd25519 { |
| 233 | return h.buffer |
| 234 | } |
| 235 | |
| 236 | if h.version >= VersionTLS12 { |
| 237 | hash := hashAlg.New() |
| 238 | hash.Write(h.buffer) |
| 239 | return hash.Sum(nil) |
| 240 | } |
| 241 | |
| 242 | if sigType == signatureECDSA { |
| 243 | return h.server.Sum(nil) |
| 244 | } |
| 245 | |
| 246 | return h.Sum() |
| 247 | } |
| 248 | |
| 249 | // discardHandshakeBuffer is called when there is no more need to |
| 250 | // buffer the entirety of the handshake messages. |
no test coverage detected