X-Git-Url: https://www.bearssl.org/gitweb//home/git/?p=BearSSL;a=blobdiff_plain;f=src%2Fssl%2Fssl_engine.c;h=be78c5dd7fd863037c286bfc49cbb0109f5e50b6;hp=32bc406269151d1e839d7da1c622a1a6c606e93f;hb=44c79c1add4cd4a217b1dd77c8421c1d3a08dcef;hpb=d16eee962a72a600c370f18f2ae25b36b4f532df

diff --git a/src/ssl/ssl_engine.c b/src/ssl/ssl_engine.c
index 32bc406..be78c5d 100644
--- a/src/ssl/ssl_engine.c
+++ b/src/ssl/ssl_engine.c
@@ -1091,6 +1091,9 @@ jump_handshake(br_ssl_engine_context *cc, int action)
 		cc->hlen_out = hlen_out;
 		cc->action = action;
 		cc->hsrun(&cc->cpu);
+		if (br_ssl_engine_closed(cc)) {
+			return;
+		}
 		if (cc->hbuf_out != cc->saved_hbuf_out) {
 			sendpld_ack(cc, cc->hbuf_out - cc->saved_hbuf_out);
 		}
@@ -1474,3 +1477,44 @@ br_ssl_engine_switch_gcm_out(br_ssl_engine_context *cc,
 	cc->igcm_out->init(&cc->out.gcm.vtable.out,
 		bc_impl, cipher_key, cipher_key_len, cc->ighash, iv);
 }
+
+/* see inner.h */
+void
+br_ssl_engine_switch_chapol_in(br_ssl_engine_context *cc,
+	int is_client, int prf_id)
+{
+	unsigned char kb[88];
+	unsigned char *cipher_key, *iv;
+
+	compute_key_block(cc, prf_id, 44, kb);
+	if (is_client) {
+		cipher_key = &kb[32];
+		iv = &kb[76];
+	} else {
+		cipher_key = &kb[0];
+		iv = &kb[64];
+	}
+	cc->ichapol_in->init(&cc->in.chapol.vtable.in,
+		cc->ichacha, cc->ipoly, cipher_key, iv);
+	cc->incrypt = 1;
+}
+
+/* see inner.h */
+void
+br_ssl_engine_switch_chapol_out(br_ssl_engine_context *cc,
+	int is_client, int prf_id)
+{
+	unsigned char kb[88];
+	unsigned char *cipher_key, *iv;
+
+	compute_key_block(cc, prf_id, 44, kb);
+	if (is_client) {
+		cipher_key = &kb[0];
+		iv = &kb[64];
+	} else {
+		cipher_key = &kb[32];
+		iv = &kb[76];
+	}
+	cc->ichapol_out->init(&cc->out.chapol.vtable.out,
+		cc->ichacha, cc->ipoly, cipher_key, iv);
+}