()
| 168 | } |
| 169 | |
| 170 | func (hs *clientHandshakeStateGM) doFullHandshake() error { |
| 171 | c := hs.c |
| 172 | |
| 173 | msg, err := c.readHandshake() |
| 174 | if err != nil { |
| 175 | return err |
| 176 | } |
| 177 | certMsg, ok := msg.(*certificateMsg) |
| 178 | if !ok || len(certMsg.certificates) == 0 { |
| 179 | c.sendAlert(alertUnexpectedMessage) |
| 180 | return unexpectedMessageError(certMsg, msg) |
| 181 | } |
| 182 | |
| 183 | // mod by syl only one cert |
| 184 | // Thanks to dual certificates mechanism, length of certificates in GMT0024 must great than 2 |
| 185 | if len(certMsg.certificates) < 2 { |
| 186 | c.sendAlert(alertInsufficientSecurity) |
| 187 | return fmt.Errorf("tls: length of certificates in GMT0024 must great than 2") |
| 188 | } |
| 189 | |
| 190 | hs.finishedHash.Write(certMsg.marshal()) |
| 191 | |
| 192 | if c.handshakes == 0 { |
| 193 | // If this is the first handshake on a connection, process and |
| 194 | // (optionally) verify the server's certificates. |
| 195 | certs := make([]*x509.Certificate, len(certMsg.certificates)) |
| 196 | for i, asn1Data := range certMsg.certificates { |
| 197 | cert, err := x509.ParseCertificate(asn1Data) |
| 198 | if err != nil { |
| 199 | c.sendAlert(alertBadCertificate) |
| 200 | return errors.New("tls: failed to parse certificate from server: " + err.Error()) |
| 201 | } |
| 202 | |
| 203 | pubKey, _ := cert.PublicKey.(*ecdsa.PublicKey) |
| 204 | if pubKey.Curve != sm2.P256Sm2() { |
| 205 | c.sendAlert(alertUnsupportedCertificate) |
| 206 | return fmt.Errorf("tls: pubkey type of cert is error, expect sm2.publicKey") |
| 207 | } |
| 208 | |
| 209 | //cert[0] is for signature while cert[1] is for encipher, refer to GMT0024 |
| 210 | //check key usage |
| 211 | switch i { |
| 212 | case 0: |
| 213 | if cert.KeyUsage == 0 || (cert.KeyUsage&(x509.KeyUsageDigitalSignature|cert.KeyUsage&x509.KeyUsageContentCommitment)) == 0 { |
| 214 | c.sendAlert(alertInsufficientSecurity) |
| 215 | return fmt.Errorf("tls: the keyusage of cert[0] does not exist or is not for KeyUsageDigitalSignature/KeyUsageContentCommitment, value:%d", cert.KeyUsage) |
| 216 | } |
| 217 | case 1: |
| 218 | if cert.KeyUsage == 0 || (cert.KeyUsage&(x509.KeyUsageDataEncipherment|x509.KeyUsageKeyEncipherment|x509.KeyUsageKeyAgreement)) == 0 { |
| 219 | c.sendAlert(alertInsufficientSecurity) |
| 220 | return fmt.Errorf("tls: the keyusage of cert[1] does not exist or is not for KeyUsageDataEncipherment/KeyUsageKeyEncipherment/KeyUsageKeyAgreement, value:%d", cert.KeyUsage) |
| 221 | } |
| 222 | } |
| 223 | |
| 224 | certs[i] = cert |
| 225 | } |
| 226 | |
| 227 | if !c.config.InsecureSkipVerify { |
no test coverage detected