xref: /openbsd-src/lib/libssl/man/SSL_get_finished.3 (revision 7027e52781a9063e49bd6c0c16b6671c0cf9fdde) 
1.\" $OpenBSD: SSL_get_finished.3,v 1.2 2021/01/30 10:48:15 tb Exp $
2.\"
3.\" Copyright (c) 2020 Theo Buehler <tb@openbsd.org>
4.\"
5.\" Permission to use, copy, modify, and distribute this software for any
6.\" purpose with or without fee is hereby granted, provided that the above
7.\" copyright notice and this permission notice appear in all copies.
8.\"
9.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16.\"
17.Dd $Mdocdate: January 30 2021 $
18.Dt SSL_GET_FINISHED 3
19.Os
20.Sh NAME
21.Nm SSL_get_finished ,
22.Nm SSL_get_peer_finished
23.Nd get last sent or last expected finished message
24.Sh SYNOPSIS
25.In openssl/ssl.h
26.Ft size_t
27.Fn SSL_get_finished "const SSL *ssl" "void *buf" "size_t count"
28.Ft size_t
29.Fn SSL_get_peer_finished "const SSL *ssl" "void *buf" "size_t count"
30.Sh DESCRIPTION
31.Fn SSL_get_finished
32and
33.Fn SSL_get_peer_finished
34copy
35.Fa count
36bytes from the last finished message sent to the peer
37or expected from the peer into the
38caller-provided buffer
39.Fa buf .
40.Pp
41The finished message is computed from a checksum of the handshake records
42exchanged with the peer.
43Its length depends on the ciphersuite in use and is at most
44.Dv EVP_MAX_MD_SIZE ,
45i.e., 64 bytes.
46.\" In TLSv1.3 the length is equal to the length of the hash algorithm
47.\" used by the hash-based message authentication code (HMAC),
48.\" which is currently either 32 bytes for SHA-256 or 48 bytes for SHA-384.
49.\" In TLSv1.2 the length defaults to 12 bytes, but it can explicitly be
50.\" specified by the ciphersuite to be longer.
51.\" In TLS versions 1.1 and 1.0, the finished message has a fixed length
52.\" of 12 bytes.
53.Sh RETURN VALUES
54.Fn SSL_get_finished
55and
56.Fn SSL_get_peer_finished
57return the number of bytes copied into
58.Fa buf .
59The return value is zero if the handshake has not reached the
60finished message.
61.Sh SEE ALSO
62.Xr ssl 3 ,
63.Xr SSL_get_session 3 ,
64.Xr SSL_set_session 3
65.Sh STANDARDS
66RFC 8446: The Transport Layer Security (TLS) Protocol Version 1.3,
67section 4.4.4: Finished.
68.Pp
69RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2,
70section 7.4.9: Finished.
71.Sh HISTORY
72.Fn SSL_get_finished
73and
74.Fn SSL_get_peer_finished
75first appeared in SSLeay 0.9.5
76and have been available since
77.Ox 2.7 .
78