The GnuTLS handshake protocol is implemented as a state machine that waits for input or returns immediately when the non-blocking transport layer functions are used. The main idea is shown in Figure 11.2.
Also the way the input is processed varies per ciphersuite. Several
implementations of the internal handlers are available and
gnutls_handshake only multiplexes the input to the appropriate
handler. For example a PSK ciphersuite has a different
implementation of the
process_client_key_exchange than a
certificate ciphersuite. We illustrate the idea in Figure 11.3.