Hello, I am currently working on implementing test cases of WolfSSL.
I've noticed a difference in the implementation of the SendFinished message in WolfSSL when compared to the RFC 5246 specification.
In RFC 5246, when constructing the Finished message, it specifies the calculation of the hash of the handshake messages. The definition of the handshake message is as follows:
handshake_messages
This encompasses all data from all messages within this handshake (excluding any HelloRequest messages) up to, but not including, the current message. This data is exclusively relevant at the handshake layer and does not encompass record layer headers. It represents the concatenation of all the Handshake structures as defined in Section 7.4, which have been exchanged thus far.
However, in the WolfSSL implementation, it seems that the hash is computed only for the most recently sent or received message, without considering the hash of the concatenated handshake messages, as specified in RFC 5246.
Could you kindly provide some clarification on this implementation approach in WolfSSL and explain if it aligns with the RFC 5246 specification? If there are variations from the RFC, could you also shed light on the specific reasons for this implementation choice? Your insights would be greatly appreciated."