const resumptionBinderLabel … const clientEarlyTrafficLabel … const clientHandshakeTrafficLabel … const serverHandshakeTrafficLabel … const clientApplicationTrafficLabel … const serverApplicationTrafficLabel … const exporterLabel … const resumptionLabel … const trafficUpdateLabel … // expandLabel implements HKDF-Expand-Label from RFC 8446, Section 7.1. func (c *cipherSuiteTLS13) expandLabel(secret []byte, label string, context []byte, length int) []byte { … } // deriveSecret implements Derive-Secret from RFC 8446, Section 7.1. func (c *cipherSuiteTLS13) deriveSecret(secret []byte, label string, transcript hash.Hash) []byte { … } // extract implements HKDF-Extract with the cipher suite hash. func (c *cipherSuiteTLS13) extract(newSecret, currentSecret []byte) []byte { … } // nextTrafficSecret generates the next traffic secret, given the current one, // according to RFC 8446, Section 7.2. func (c *cipherSuiteTLS13) nextTrafficSecret(trafficSecret []byte) []byte { … } // trafficKey generates traffic keys according to RFC 8446, Section 7.3. func (c *cipherSuiteTLS13) trafficKey(trafficSecret []byte) (key, iv []byte) { … } // finishedHash generates the Finished verify_data or PskBinderEntry according // to RFC 8446, Section 4.4.4. See sections 4.4 and 4.2.11.2 for the baseKey // selection. func (c *cipherSuiteTLS13) finishedHash(baseKey []byte, transcript hash.Hash) []byte { … } // exportKeyingMaterial implements RFC5705 exporters for TLS 1.3 according to // RFC 8446, Section 7.5. func (c *cipherSuiteTLS13) exportKeyingMaterial(masterSecret []byte, transcript hash.Hash) func(string, []byte, int) ([]byte, error) { … } type keySharePrivateKeys … // kyberDecapsulate implements decapsulation according to Kyber Round 3. func kyberDecapsulate(dk *mlkem768.DecapsulationKey, c []byte) ([]byte, error) { … } // kyberEncapsulate implements encapsulation according to Kyber Round 3. func kyberEncapsulate(ek []byte) (c, ss []byte, err error) { … } func kyberSharedSecret(K, c []byte) []byte { … } const x25519PublicKeySize … // generateECDHEKey returns a PrivateKey that implements Diffie-Hellman // according to RFC 8446, Section 4.2.8.2. func generateECDHEKey(rand io.Reader, curveID CurveID) (*ecdh.PrivateKey, error) { … } func curveForCurveID(id CurveID) (ecdh.Curve, bool) { … } func curveIDForCurve(curve ecdh.Curve) (CurveID, bool) { … }
Codebase Browser
go