]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: beaa571)
crypto/tls: remove unused hashForClientCertificate param
authorMike Faraponov <mikefaraponov@gmail.com>
Wed, 13 Apr 2022 12:58:29 +0000 (12:58 +0000)
committerGopher Robot <gobot@golang.org>
Sun, 14 Aug 2022 00:26:03 +0000 (00:26 +0000)
Change-Id: I86af2508a31ea1e79d362c22ff4fac8900536761
GitHub-Last-Rev: d2a1ddccbd32499d7c379941daff528e7f2017c3
GitHub-Pull-Request: golang/go#52328
Reviewed-on: https://go-review.googlesource.com/c/go/+/399829
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Daniel Martí <mvdan@mvdan.cc>
Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
src/crypto/tls/handshake_client.go patch | blob | history
src/crypto/tls/handshake_server.go patch | blob | history
src/crypto/tls/prf.go patch | blob | history

diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go
index f5e24cbc6d5175130e49ee4ff5b869601dc5627a..721143cb7567f50b80e527f2d4a87f2a6d708c18 100644 (file)
--- a/src/crypto/tls/handshake_client.go
+++ b/src/crypto/tls/handshake_client.go
@@ -629,7 +629,7 @@ func (hs *clientHandshakeState) doFullHandshake() error {
                        }
                }
 
-               signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+               signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash)
                signOpts := crypto.SignerOpts(sigHash)
                if sigType == signatureRSAPSS {
                        signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
diff --git a/src/crypto/tls/handshake_server.go b/src/crypto/tls/handshake_server.go
index 844e887af3d677dc35a2734124d97ad041daed09..cf6dfad3a72fd6e3d6cfdcc6cd1a7216eb99ccae 100644 (file)
--- a/src/crypto/tls/handshake_server.go
+++ b/src/crypto/tls/handshake_server.go
@@ -660,7 +660,7 @@ func (hs *serverHandshakeState) doFullHandshake() error {
                        }
                }
 
-               signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+               signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash)
                if err := verifyHandshakeSignature(sigType, pub, sigHash, signed, certVerify.signature); err != nil {
                        c.sendAlert(alertDecryptError)
                        return errors.New("tls: invalid signature by the client certificate: " + err.Error())
diff --git a/src/crypto/tls/prf.go b/src/crypto/tls/prf.go
index 13bfa009ca4a134e66f87e2e5ac651644e05f8ab..b60166dee3945181488d9b3ee4943b5f058a84b9 100644 (file)
--- a/src/crypto/tls/prf.go
+++ b/src/crypto/tls/prf.go
@@ -215,7 +215,7 @@ func (h finishedHash) serverSum(masterSecret []byte) []byte {
 
 // hashForClientCertificate returns the handshake messages so far, pre-hashed if
 // necessary, suitable for signing by a TLS client certificate.
-func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash, masterSecret []byte) []byte {
+func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash) []byte {
        if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil {
                panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer")
        }
Go GOST TLS 1.3