MCPcopy
hub / github.com/tjfoc/gmsm / handshake

Method handshake

gmtls/gm_handshake_client_double.go:67–158  ·  view source on GitHub ↗

Does the handshake, either a full one or resumes old session. Requires hs.c, hs.hello, and, optionally, hs.session to be set.

()

Source from the content-addressed store, hash-verified

65// Does the handshake, either a full one or resumes old session.
66// Requires hs.c, hs.hello, and, optionally, hs.session to be set.
67func (hs *clientHandshakeStateGM) handshake() error {
68 c := hs.c
69
70 // send ClientHello
71 if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
72 return err
73 }
74
75 msg, err := c.readHandshake()
76 if err != nil {
77 return err
78 }
79
80 var ok bool
81 if hs.serverHello, ok = msg.(*serverHelloMsg); !ok {
82 c.sendAlert(alertUnexpectedMessage)
83 return unexpectedMessageError(hs.serverHello, msg)
84 }
85
86 if hs.serverHello.vers != VersionGMSSL {
87 hs.c.sendAlert(alertProtocolVersion)
88 return fmt.Errorf("tls: server selected unsupported protocol version %x, while expecting %x", hs.serverHello.vers, VersionGMSSL)
89 }
90
91 if err = hs.pickCipherSuite(); err != nil {
92 return err
93 }
94
95 isResume, err := hs.processServerHello()
96 if err != nil {
97 return err
98 }
99
100 hs.finishedHash = newFinishedHashGM(hs.suite)
101
102 // No signatures of the handshake are needed in a resumption.
103 // Otherwise, in a full handshake, if we don't have any certificates
104 // configured then we will never send a CertificateVerify message and
105 // thus no signatures are needed in that case either.
106 if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
107 hs.finishedHash.discardHandshakeBuffer()
108 }
109
110 hs.finishedHash.Write(hs.hello.marshal())
111 hs.finishedHash.Write(hs.serverHello.marshal())
112
113 c.buffering = true
114 if isResume {
115 if err := hs.establishKeys(); err != nil {
116 return err
117 }
118 if err := hs.readSessionTicket(); err != nil {
119 return err
120 }
121 if err := hs.readFinished(c.serverFinished[:]); err != nil {
122 return err
123 }
124 c.clientFinishedIsFirst = false

Callers

nothing calls this directly

Calls 15

pickCipherSuiteMethod · 0.95
processServerHelloMethod · 0.95
establishKeysMethod · 0.95
readSessionTicketMethod · 0.95
readFinishedMethod · 0.95
sendFinishedMethod · 0.95
doFullHandshakeMethod · 0.95
unexpectedMessageErrorFunction · 0.85
newFinishedHashGMFunction · 0.85
ekmFromMasterSecretFunction · 0.85
writeRecordMethod · 0.80
readHandshakeMethod · 0.80

Tested by

no test coverage detected