static enum ssl_hs_wait_t do_send_client_certificate_verify(SSL *ssl, SSL_HANDSHAKE *hs, int is_first_run) { /* Don't send CertificateVerify if there is no certificate. */ if (!ssl_has_certificate(ssl)) { hs->state = state_send_client_finished; return ssl_hs_ok; } switch (tls13_prepare_certificate_verify(ssl, is_first_run)) { case ssl_private_key_success: hs->state = state_send_client_finished; return ssl_hs_write_message; case ssl_private_key_retry: hs->state = state_complete_client_certificate_verify; return ssl_hs_private_key_operation; case ssl_private_key_failure: return ssl_hs_error; } assert(0); return ssl_hs_error; }
static enum ssl_hs_wait_t do_send_server_certificate_verify(SSL *ssl, SSL_HANDSHAKE *hs, int is_first_run) { switch (tls13_prepare_certificate_verify(ssl, is_first_run)) { case ssl_private_key_success: hs->state = state_send_server_finished; return ssl_hs_write_message; case ssl_private_key_retry: hs->state = state_complete_server_certificate_verify; return ssl_hs_private_key_operation; case ssl_private_key_failure: return ssl_hs_error; } assert(0); return ssl_hs_error; }