• M
    Update state machine to be closer to TLS1.3 · 92760c21
    Matt Caswell 提交于
    This is a major overhaul of the TLSv1.3 state machine. Currently it still
    looks like TLSv1.2. This commit changes things around so that it starts
    to look a bit less like TLSv1.2 and bit more like TLSv1.3.
    
    After this commit we have:
    
    ClientHello
    + key_share          ---->
                               ServerHello
                               +key_share
                               {CertificateRequest*}
                               {Certificate*}
                               {CertificateStatus*}
                         <---- {Finished}
    {Certificate*}
    {CertificateVerify*}
    {Finished}           ---->
    [ApplicationData]    <---> [Application Data]
    
    Key differences between this intermediate position and the final TLSv1.3
    position are:
    - No EncryptedExtensions message yet
    - No server side CertificateVerify message yet
    - CertificateStatus still exists as a separate message
    - A number of the messages are still in the TLSv1.2 format
    - Still running on the TLSv1.2 record layer
    Reviewed-by: NRich Salz <rsalz@openssl.org>
    92760c21
tls13_enc.c 13.7 KB