def generate(self, status):
"""Create a Finished message"""
if self.protocol is None:
self.protocol = status.version
if self.protocol in ((0, 2), (2, 0)):
finished = ClientFinished()
verify_data = status.session_id
# in SSLv2 we're using it as a CCS-of-sorts too
status.msg_sock.changeWriteState()
status.msg_sock.changeReadState()
else:
finished = Finished(self.protocol)
verify_data = calcFinished(status.version, status.master_secret,
status.cipher, status.handshake_hashes,
status.client)
status.client_verify_data = verify_data
finished.create(verify_data)
self.msg = finished
return finished
def generate(self, status):
"""Create a Finished message."""
if self.protocol is None:
self.protocol = status.version
if self.protocol in ((0, 2), (2, 0)):
finished = ClientFinished()
verify_data = status.session_id
# in SSLv2 we're using it as a CCS-of-sorts too
status.msg_sock.changeWriteState()
status.msg_sock.changeReadState()
elif self.protocol <= (3, 3):
finished = Finished(self.protocol)
verify_data = calcFinished(status.version,
status.key['master_secret'],
status.cipher, status.handshake_hashes,
status.client)
else: # TLS 1.3
finished = Finished(self.protocol, status.prf_size)
finished_key = HKDF_expand_label(
status.key['client handshake traffic secret'], b'finished',
b'', status.prf_size, status.prf_name)
self.server_finish_hh = status.handshake_hashes.copy()
verify_data = secureHMAC(
finished_key, self.server_finish_hh.digest(status.prf_name),
status.prf_name)
status.key['client_verify_data'] = verify_data
finished.create(verify_data)
self.msg = finished
return finished