static enum ssl_hs_wait_t do_process_client_finished(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; if (!ssl_check_message_type(ssl, SSL3_MT_FINISHED) || /* If early data was accepted, we've already computed the client Finished * and derived the resumption secret. */ !tls13_process_finished(hs, ssl->early_data_accepted) || /* evp_aead_seal keys have already been switched. */ !tls13_set_traffic_key(ssl, evp_aead_open, hs->client_traffic_secret_0, hs->hash_len)) { return ssl_hs_error; } ssl->method->received_flight(ssl); if (!ssl->early_data_accepted) { if (!ssl_hash_current_message(hs) || !tls13_derive_resumption_secret(hs)) { return ssl_hs_error; } /* We send post-handshake tickets as part of the handshake in 1-RTT. */ hs->tls13_state = state_send_new_session_ticket; return ssl_hs_ok; } hs->tls13_state = state_done; return ssl_hs_ok; }
static enum ssl_hs_wait_t do_process_client_finished(SSL *ssl, SSL_HANDSHAKE *hs) { if (!tls13_check_message_type(ssl, SSL3_MT_FINISHED) || !tls13_process_finished(ssl) || !ssl->method->hash_current_message(ssl) || /* evp_aead_seal keys have already been switched. */ !tls13_set_traffic_key(ssl, type_data, evp_aead_open, hs->traffic_secret_0, hs->hash_len) || !tls13_finalize_keys(ssl)) { return ssl_hs_error; } ssl->method->received_flight(ssl); hs->state = state_send_new_session_ticket; return ssl_hs_ok; }
static enum ssl_hs_wait_t do_process_server_finished(SSL *ssl, SSL_HANDSHAKE *hs) { static const uint8_t kZeroes[EVP_MAX_MD_SIZE] = {0}; if (!tls13_check_message_type(ssl, SSL3_MT_FINISHED) || !tls13_process_finished(ssl) || !ssl->method->hash_current_message(ssl) || /* Update the secret to the master secret and derive traffic keys. */ !tls13_advance_key_schedule(ssl, kZeroes, hs->hash_len) || !tls13_derive_traffic_secret_0(ssl)) { return ssl_hs_error; } hs->state = state_certificate_callback; return ssl_hs_ok; }
static enum ssl_hs_wait_t do_process_client_finished(SSL_HANDSHAKE *hs) { SSL *const ssl = hs->ssl; if (!ssl_check_message_type(ssl, SSL3_MT_FINISHED) || !tls13_process_finished(hs) || !ssl_hash_current_message(ssl) || /* evp_aead_seal keys have already been switched. */ !tls13_set_traffic_key(ssl, evp_aead_open, hs->client_traffic_secret_0, hs->hash_len) || !tls13_derive_resumption_secret(hs)) { return ssl_hs_error; } ssl->method->received_flight(ssl); /* Rebase the session timestamp so that it is measured from ticket * issuance. */ ssl_session_rebase_time(ssl, ssl->s3->new_session); hs->tls13_state = state_send_new_session_ticket; return ssl_hs_ok; }