int s2n_client_ccs_recv(struct s2n_connection *conn) { uint8_t type; GUARD(s2n_prf_client_finished(conn)); struct s2n_blob seq = {.data = conn->secure.client_sequence_number,.size = sizeof(conn->secure.client_sequence_number) }; GUARD(s2n_blob_zero(&seq)); /* Update the client to use the cipher-suite */ conn->client = &conn->secure; GUARD(s2n_stuffer_read_uint8(&conn->handshake.io, &type)); S2N_ERROR_IF(type != CHANGE_CIPHER_SPEC_TYPE, S2N_ERR_BAD_MESSAGE); /* Flush any partial alert messages that were pending */ GUARD(s2n_stuffer_wipe(&conn->alert_in)); return 0; } int s2n_client_ccs_send(struct s2n_connection *conn) { GUARD(s2n_stuffer_write_uint8(&conn->handshake.io, CHANGE_CIPHER_SPEC_TYPE)); return 0; }
int s2n_client_finished_send(struct s2n_connection *conn) { uint8_t *our_version; GUARD(s2n_prf_key_expansion(conn)); GUARD(s2n_prf_client_finished(conn)); struct s2n_blob seq = {.data = conn->pending.client_sequence_number, .size = sizeof(conn->pending.client_sequence_number) }; GUARD(s2n_blob_zero(&seq)); our_version = conn->handshake.client_finished; /* Update the client to use the pending cipher suite */ conn->client = &conn->pending; if (conn->actual_protocol_version == S2N_SSLv3) { GUARD(s2n_stuffer_write_bytes(&conn->handshake.io, our_version, S2N_SSL_FINISHED_LEN)); } else { GUARD(s2n_stuffer_write_bytes(&conn->handshake.io, our_version, S2N_TLS_FINISHED_LEN)); } conn->handshake.next_state = SERVER_CHANGE_CIPHER_SPEC; return 0; }