Add a handshake action sent handler and use it for client finished.

The write traffic key needs to be changed to the client application traffic
key after the client finished message has been sent. The send handler
generates the client finished message, however we cannot switch keys at
this stage since the client finished message has not yet been protected
by the record layer.

ok tb@

1 files changed, 14 insertions, 9 deletions

diff --git a/lib/libssl/tls13_client.c b/lib/libssl/tls13_client.c
index 5071507bbd6..728d1a00c86 100644
--- a/lib/libssl/tls13_client.c
+++ b/lib/libssl/tls13_client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls13_client.c,v 1.11 2019/02/25 16:39:14 jsing Exp $ */
+/* $OpenBSD: tls13_client.c,v 1.12 2019/02/25 16:46:17 jsing Exp $ */
 /*
  * Copyright (c) 2018, 2019 Joel Sing <jsing@openbsd.org>
  *
@@ -687,14 +687,6 @@ tls13_client_finished_send(struct tls13_ctx *ctx)
 	if (!tls13_handshake_msg_finish(ctx->hs_msg))
 		goto err;
 
-	/*
-	 * Any records following the client finished message must be encrypted
-	 * using the client application traffic keys.
-	 */
-	if (!tls13_record_layer_set_write_traffic_key(ctx->rl,
-	    &secrets->client_application_traffic))
-		goto err;
-
 	ret = 1;
 
  err:
@@ -702,3 +694,16 @@ tls13_client_finished_send(struct tls13_ctx *ctx)
 
 	return ret;
 }
+
+int
+tls13_client_finished_sent(struct tls13_ctx *ctx)
+{
+	struct tls13_secrets *secrets = ctx->hs->secrets;
+
+	/*
+	 * Any records following the client finished message must be encrypted
+	 * using the client application traffic keys.
+	 */
+	return tls13_record_layer_set_write_traffic_key(ctx->rl,
+	    &secrets->client_application_traffic);
+}