static enum ssl_hs_wait_t do_send_client_certificate_verify(SSL *ssl,
SSL_HANDSHAKE *hs,
int is_first_run) {
/* Don't send CertificateVerify if there is no certificate. */
if (!ssl_has_certificate(ssl)) {
hs->state = state_send_client_finished;
return ssl_hs_ok;
}
switch (tls13_prepare_certificate_verify(ssl, is_first_run)) {
case ssl_private_key_success:
hs->state = state_send_client_finished;
return ssl_hs_write_message;
case ssl_private_key_retry:
hs->state = state_complete_client_certificate_verify;
return ssl_hs_private_key_operation;
case ssl_private_key_failure:
return ssl_hs_error;
}
assert(0);
return ssl_hs_error;
}
static enum ssl_hs_wait_t do_send_server_certificate_verify(SSL *ssl,
SSL_HANDSHAKE *hs,
int is_first_run) {
switch (tls13_prepare_certificate_verify(ssl, is_first_run)) {
case ssl_private_key_success:
hs->state = state_send_server_finished;
return ssl_hs_write_message;
case ssl_private_key_retry:
hs->state = state_complete_server_certificate_verify;
return ssl_hs_private_key_operation;
case ssl_private_key_failure:
return ssl_hs_error;
}
assert(0);
return ssl_hs_error;
}
