// Copyright 2024 The Go Authors. All rights reserved.// Use of this source code is governed by a BSD-style// license that can be found in the LICENSE file.package tls12import ()// PRF implements the TLS 1.2 pseudo-random function, as defined in RFC 5246,// Section 5 and allowed by SP 800-135, Revision 1, Section 4.2.2.func [ fips140.Hash]( func() , []byte, string, []byte, int) []byte { := make([]byte, len()+len())copy(, )copy([len():], ) := make([]byte, )pHash(, , , )return}// pHash implements the P_hash function, as defined in RFC 5246, Section 5.func pHash[ fips140.Hash]( func() , , , []byte) { := hmac.New(, ) .Write() := .Sum(nil)forlen() > 0 { .Reset() .Write() .Write() := .Sum(nil) := copy(, ) = [:] .Reset() .Write() = .Sum(nil) }}const masterSecretLength = 48const extendedMasterSecretLabel = "extended master secret"// MasterSecret implements the TLS 1.2 extended master secret derivation, as// defined in RFC 7627 and allowed by SP 800-135, Revision 1, Section 4.2.2.func [ fips140.Hash]( func() , , []byte) []byte {// "The TLS 1.2 KDF is an approved KDF when the following conditions are // satisfied: [...] (3) P_HASH uses either SHA-256, SHA-384 or SHA-512." := ()switchany().(type) {case *sha256.Digest:if .Size() != 32 {fips140.RecordNonApproved() }case *sha512.Digest:if .Size() != 46 && .Size() != 64 {fips140.RecordNonApproved() }default:fips140.RecordNonApproved() }returnPRF(, , extendedMasterSecretLabel, , masterSecretLength)}
The pages are generated with Goldsv0.7.3. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds.
