Esempio n. 1
0
int s2n_client_ccs_recv(struct s2n_connection *conn)
{
    uint8_t type;

    GUARD(s2n_prf_client_finished(conn));
    GUARD(s2n_prf_key_expansion(conn));

    struct s2n_blob seq = {.data = conn->pending.client_sequence_number, .size = sizeof(conn->pending.client_sequence_number) };
    GUARD(s2n_blob_zero(&seq));

    /* Update the client to use the pending cipher-suite */
    conn->client = &conn->pending;

    GUARD(s2n_stuffer_read_uint8(&conn->handshake.io, &type));
    if (type != CHANGE_CIPHER_SPEC_TYPE) {
        S2N_ERROR(S2N_ERR_BAD_MESSAGE);
    }

    /* Flush any partial alert messages that were pending */
    GUARD(s2n_stuffer_wipe(&conn->alert_in));

    return 0;
}

int s2n_client_ccs_send(struct s2n_connection *conn)
{
    GUARD(s2n_stuffer_write_uint8(&conn->handshake.io, CHANGE_CIPHER_SPEC_TYPE));

    return 0;
}
int s2n_client_finished_send(struct s2n_connection *conn)
{
    uint8_t *our_version;

    GUARD(s2n_prf_key_expansion(conn));
    GUARD(s2n_prf_client_finished(conn));

    struct s2n_blob seq = {.data = conn->pending.client_sequence_number, .size = sizeof(conn->pending.client_sequence_number) };
    GUARD(s2n_blob_zero(&seq));
    our_version = conn->handshake.client_finished;

    /* Update the client to use the pending cipher suite */
    conn->client = &conn->pending;

    if (conn->actual_protocol_version == S2N_SSLv3) {
        GUARD(s2n_stuffer_write_bytes(&conn->handshake.io, our_version, S2N_SSL_FINISHED_LEN));
    } else {
        GUARD(s2n_stuffer_write_bytes(&conn->handshake.io, our_version, S2N_TLS_FINISHED_LEN));
    }

    conn->handshake.next_state = SERVER_CHANGE_CIPHER_SPEC;

    return 0;
}