int s2n_client_ccs_recv(struct s2n_connection *conn) { uint8_t type; GUARD(s2n_prf_client_finished(conn)); GUARD(s2n_prf_key_expansion(conn)); struct s2n_blob seq = {.data = conn->pending.client_sequence_number, .size = sizeof(conn->pending.client_sequence_number) }; GUARD(s2n_blob_zero(&seq)); /* Update the client to use the pending cipher-suite */ conn->client = &conn->pending; GUARD(s2n_stuffer_read_uint8(&conn->handshake.io, &type)); if (type != CHANGE_CIPHER_SPEC_TYPE) { S2N_ERROR(S2N_ERR_BAD_MESSAGE); } /* Flush any partial alert messages that were pending */ GUARD(s2n_stuffer_wipe(&conn->alert_in)); return 0; } int s2n_client_ccs_send(struct s2n_connection *conn) { GUARD(s2n_stuffer_write_uint8(&conn->handshake.io, CHANGE_CIPHER_SPEC_TYPE)); return 0; }
int s2n_client_finished_send(struct s2n_connection *conn) { uint8_t *our_version; GUARD(s2n_prf_key_expansion(conn)); GUARD(s2n_prf_client_finished(conn)); struct s2n_blob seq = {.data = conn->pending.client_sequence_number, .size = sizeof(conn->pending.client_sequence_number) }; GUARD(s2n_blob_zero(&seq)); our_version = conn->handshake.client_finished; /* Update the client to use the pending cipher suite */ conn->client = &conn->pending; if (conn->actual_protocol_version == S2N_SSLv3) { GUARD(s2n_stuffer_write_bytes(&conn->handshake.io, our_version, S2N_SSL_FINISHED_LEN)); } else { GUARD(s2n_stuffer_write_bytes(&conn->handshake.io, our_version, S2N_TLS_FINISHED_LEN)); } conn->handshake.next_state = SERVER_CHANGE_CIPHER_SPEC; return 0; }