Previously there where two methods used for key agreemnt
tls.Conn::generateKeyShare and tls.Conn::deriveDHESecret. Both were
used on client and server side. Boolean flag is used in order to
differentiate between key agreement performed on client and on server
side. Which sucks badly.
In order to implement shared secret agreement with KEM it is better to
add method which implements server specific key agreement and provide
default implementation which reuses tls.Conn::generateKeyShare followed
by tls.Conn::deriveDHESecret.
Now, it is possible for most of the DH-style key agreements to reuse
default implementation and for KEM-style key agreement to provide server
specific implementation.
Previously there where two methods used for key agreemnt tls.Conn::generateKeyShare and tls.Conn::deriveDHESecret. Both were used on client and server side. Boolean flag is used in order to differentiate between key agreement performed on client and on server side. Which sucks badly. In order to implement shared secret agreement with KEM it is better to add method which implements server specific key agreement and provide default implementation which reuses tls.Conn::generateKeyShare followed by tls.Conn::deriveDHESecret. Now, it is possible for most of the DH-style key agreements to reuse default implementation and for KEM-style key agreement to provide server specific implementation.