func runBeginSessionTestCase()

in cmd/conformance/main.go [195:244]

• 41 lines of code
• 12 McCabe index (conditional complexity)

func runBeginSessionTestCase(ctx context.Context, t beginSessionTest) error {
	var c ekmClient
	if t.altCipherSuites != nil {
		c = newEKMClientWithSuites(ctx, unprotectedKey, t.altCipherSuites)
	} else {
		c = newEKMClient(ctx, unprotectedKey)
	}

	req := &sspb.BeginSessionRequest{
		TlsRecords: c.shim.DrainSendBuf(),
	}

	// Mutate the request TLS records.
	records := req.TlsRecords
	if t.mutateTLSRecords != nil {
		records = t.mutateTLSRecords(records)
	}
	req.TlsRecords = records

	if t.mutateJWT != nil {
		newToken, err := t.mutateJWT(ctx, c.client.GetJWTToken())
		if err != nil {
			glog.Fatalf("Error mutating JWT: %v", err)
		}
		c.client.SetJWTToken(newToken)
	}

	resp, err := c.client.BeginSession(ctx, req)
	if err != nil {
		return err
	}

	records = resp.GetTlsRecords()
	if len(records) < 6 {
		return fmt.Errorf("length of record (%d) too short to be a Server Hello", len(records))
	}

	if records[0] != recordHeaderHandshake {
		return fmt.Errorf("handshake record not received")
	}

	if records[5] != handshakeHeaderServerHello {
		return fmt.Errorf("response is not Server Hello")
	}

	if records[1] == 3 && records[2] == 3 && t.altCipherSuites != nil {
		return errors.New("fake error to match the TLS 1.2 test")
	}
	return nil
}