Stowage/go
2
0
Fork 0
mirror of https://github.com/golang/go.git synced 2025-12-08 06:10:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

crypto/tls: use inner hello for earlyData when using QUIC and ECH

Browse source 
I don't think we have good QUIC ECH tests. BoGo has some for this, but
I'm not sure how easy it would be to enable those for QUIC.

Fixes #76283

Change-Id: I0ffa535fd89a624b7f9bfd73441ce2a1683e0549
Reviewed-on: https://go-review.googlesource.com/c/go/+/720920
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
This commit is contained in:
Roland Shoemaker 2025-11-16 16:09:16 -08:00 committed by Gopher Robot
parent d68aec8db1
commit 31aa9f800b
1 changed files with 5 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/crypto/tls/handshake_client.go
View file

@ -308,7 +308,11 @@ func (c *Conn) clientHandshake(ctx context.Context) (err error) {
if hello.earlyData { if hello.earlyData {
suite := cipherSuiteTLS13ByID(session.cipherSuite) suite := cipherSuiteTLS13ByID(session.cipherSuite)
transcript := suite.hash.New() transcript := suite.hash.New()
if err := transcriptMsg(hello, transcript); err != nil { transcriptHello := hello
if ech != nil {
transcriptHello = ech.innerHello
}
if err := transcriptMsg(transcriptHello, transcript); err != nil {
return err return err
} }
earlyTrafficSecret := earlySecret.ClientEarlyTrafficSecret(transcript) earlyTrafficSecret := earlySecret.ClientEarlyTrafficSecret(transcript)