+ // Verify length of the HELLO record
+ if(len != 1 + 32 + ECDH_SIZE)
+ return error(s, EIO, "Invalid KEX record length");
+
+ // Ignore version number for now.
+
+ // Make a copy of the KEX message, send_sig() and receive_sig() need it
+ s->hiskex = realloc(s->hiskex, len);
+ if(!s->hiskex)
+ return error(s, errno, strerror(errno));
+
+ memcpy(s->hiskex, data, len);
+
+ return send_sig(s);
+}
+
+// Receive a SIGnature record, verify it, if it passed, compute the shared secret and calculate the session keys.
+static bool receive_sig(sptps_t *s, const char *data, uint16_t len) {