kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add OCSP stapling and SCT list support to 1.3 servers in Go.

Browse Source 
Change-Id: Iee1ff6032ea4188440e191f98f07d84fed7ac36d
Reviewed-on: https://boringssl-review.googlesource.com/8630
Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
David Benjamin 2016-07-06 19:22:55 -07:00
parent 728eed8277
commit 615119a9e9
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ssl/test/runner/handshake_server.go
View File

@ -391,6 +391,15 @@ Curves:
c.out.updateKeys(deriveTrafficAEAD(c.vers, hs.suite, handshakeTrafficSecret, handshakePhase, serverWrite), c.vers) c.out.updateKeys(deriveTrafficAEAD(c.vers, hs.suite, handshakeTrafficSecret, handshakePhase, serverWrite), c.vers)
c.in.updateKeys(deriveTrafficAEAD(c.vers, hs.suite, handshakeTrafficSecret, handshakePhase, clientWrite), c.vers) c.in.updateKeys(deriveTrafficAEAD(c.vers, hs.suite, handshakeTrafficSecret, handshakePhase, clientWrite), c.vers)
if hs.suite.flags&suitePSK != 0 {
if hs.clientHello.ocspStapling {
encryptedExtensions.extensions.ocspResponse = hs.cert.OCSPStaple
}
if hs.clientHello.sctListSupported {
encryptedExtensions.extensions.sctList = hs.cert.SignedCertificateTimestampList
}
}
// Send EncryptedExtensions. // Send EncryptedExtensions.
hs.writeServerHash(encryptedExtensions.marshal()) hs.writeServerHash(encryptedExtensions.marshal())
c.writeRecord(recordTypeHandshake, encryptedExtensions.marshal()) c.writeRecord(recordTypeHandshake, encryptedExtensions.marshal())