extract handleResumption()

flight3handler.go

@@ -82,44 +82,7 @@ func flight3Parse(ctx context.Context, c flightConn, state *State, cache *handsh
 
 		if len(h.SessionID) > 0 {
 			if bytes.Equal(state.SessionID, h.SessionID) {
-				if err := state.initCipherSuite(); err != nil {
-					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
-				}
-
-				// Now, encrypted packets can be handled
-				if err := c.handleQueuedPackets(ctx); err != nil {
-					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
-				}
-
-				_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence+1,
-					handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
-				)
-				if !ok {
-					// No valid message received. Keep reading
-					return 0, nil, nil
-				}
-
-				var finished *handshake.MessageFinished
-				if finished, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
-					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
-				}
-				plainText := cache.pullAndMerge(
-					handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
-					handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
-				)
-
-				expectedVerifyData, err := prf.VerifyDataServer(state.masterSecret, plainText, state.cipherSuite.HashFunc())
-				if err != nil {
-					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
-				}
-				if !bytes.Equal(expectedVerifyData, finished.VerifyData) {
-					return 0, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errVerifyDataMismatch
-				}
-
-				clientRandom := state.localRandom.MarshalFixed()
-				cfg.writeKeyLog(keyLogLabelTLS12, clientRandom[:], state.masterSecret)
-
-				return flight5b, nil, nil
+				return handleResumption(ctx, c, state, cache, cfg)
 			}
 
 			if cfg.sessionStore != nil && len(state.SessionID) > 0 {
@@ -173,6 +136,47 @@ func flight3Parse(ctx context.Context, c flightConn, state *State, cache *handsh
 	return flight5, nil, nil
 }
 
+func handleResumption(ctx context.Context, c flightConn, state *State, cache *handshakeCache, cfg *handshakeConfig) (flightVal, *alert.Alert, error) {
+	if err := state.initCipherSuite(); err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+
+	// Now, encrypted packets can be handled
+	if err := c.handleQueuedPackets(ctx); err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+
+	_, msgs, ok := cache.fullPullMap(state.handshakeRecvSequence+1,
+		handshakeCachePullRule{handshake.TypeFinished, cfg.initialEpoch + 1, false, false},
+	)
+	if !ok {
+		// No valid message received. Keep reading
+		return 0, nil, nil
+	}
+
+	var finished *handshake.MessageFinished
+	if finished, ok = msgs[handshake.TypeFinished].(*handshake.MessageFinished); !ok {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, nil
+	}
+	plainText := cache.pullAndMerge(
+		handshakeCachePullRule{handshake.TypeClientHello, cfg.initialEpoch, true, false},
+		handshakeCachePullRule{handshake.TypeServerHello, cfg.initialEpoch, false, false},
+	)
+
+	expectedVerifyData, err := prf.VerifyDataServer(state.masterSecret, plainText, state.cipherSuite.HashFunc())
+	if err != nil {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.InternalError}, err
+	}
+	if !bytes.Equal(expectedVerifyData, finished.VerifyData) {
+		return 0, &alert.Alert{Level: alert.Fatal, Description: alert.HandshakeFailure}, errVerifyDataMismatch
+	}
+
+	clientRandom := state.localRandom.MarshalFixed()
+	cfg.writeKeyLog(keyLogLabelTLS12, clientRandom[:], state.masterSecret)
+
+	return flight5b, nil, nil
+}
+
 func handleServerKeyExchange(_ flightConn, state *State, cfg *handshakeConfig, h *handshake.MessageServerKeyExchange) (*alert.Alert, error) {
 	var err error
 	if cfg.localPSKCallback != nil {