OpenBSD manual page server

NAME

SSL_get_finished, SSL_get_peer_finished — get last sent or last expected finished message

SYNOPSIS

#include <openssl/ssl.h>

size_t
SSL_get_finished(const SSL *ssl, void *buf, size_t count);

size_t
SSL_get_peer_finished(const SSL *ssl, void *buf, size_t count);

DESCRIPTION

SSL_get_finished() and SSL_get_peer_finished() copy count bytes from the last finished message sent to the peer or expected from the peer into the caller-provided buffer buf.

The finished message is computed from a checksum of the handshake records exchanged with the peer. Its length depends on the ciphersuite in use and is at most EVP_MAX_MD_SIZE, i.e., 64 bytes.

RETURN VALUES

SSL_get_finished() and SSL_get_peer_finished() return the number of bytes copied into buf. The return value is zero if the handshake has not reached the finished message.

SEE ALSO

ssl(3), SSL_get_session(3), SSL_set_session(3)

STANDARDS

RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3, section 4.4.4: Finished.

RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2, section 7.4.9: Finished.

HISTORY

SSL_get_finished() and SSL_get_peer_finished() first appeared in SSLeay 0.9.5 and have been available since OpenBSD 2.7.