xref: /third_party/mbedtls/library/ssl_tls13_generic.c

49 int mbedtls_ssl_tls13_fetch_handshake_msg(mbedtls_ssl_context *ssl,
56     if ((ret = mbedtls_ssl_read_record(ssl, 0)) != 0) {
61     if (ssl->in_msgtype != MBEDTLS_SSL_MSG_HANDSHAKE ||
62         ssl->in_msg[0]  != hs_type) {
77     *buf = ssl->in_msg   + 4;
78     *buf_len = ssl->in_hslen - 4;
86     mbedtls_ssl_context *ssl,
212 static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl,
260     if (!mbedtls_ssl_sig_alg_is_offered(ssl, algorithm)) {
284     if (!mbedtls_pk_can_do(&ssl->session_negotiate->peer_cert->pk, sig_alg)) {
316                                      &ssl->session_negotiate->peer_cert->pk,
336 int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
352             ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len));
359         ssl,
360         (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac,
377                                       (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) ?
383                              ssl, buf, buf + buf_len,
387                              ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
396     ((void) ssl);
440 int mbedtls_ssl_tls13_parse_certificate(mbedtls_ssl_context *ssl,
449     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
468     if (ssl->session_negotiate->peer_cert != NULL) {
469         mbedtls_x509_crt_free(ssl->session_negotiate->peer_cert);
470         mbedtls_free(ssl->session_negotiate->peer_cert);
474         ssl->session_negotiate->peer_cert = NULL;
479     if ((ssl->session_negotiate->peer_cert =
488     mbedtls_x509_crt_init(ssl->session_negotiate->peer_cert);
513         ret = mbedtls_x509_crt_parse_der(ssl->session_negotiate->peer_cert,
572                 ssl, MBEDTLS_SSL_HS_CERTIFICATE, extension_type,
603                           ssl->session_negotiate->peer_cert);
610 int mbedtls_ssl_tls13_parse_certificate(mbedtls_ssl_context *ssl,
614     ((void) ssl);
626 static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
639     if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
641         if (ssl->handshake->sni_authmode != MBEDTLS_SSL_VERIFY_UNSET) {
642             authmode = ssl->handshake->sni_authmode;
645         authmode = ssl->conf->authmode;
656     if (ssl->session_negotiate->peer_cert == NULL) {
660         if (ssl->conf->endpoint == MBEDTLS_SSL_IS_SERVER) {
665             ssl->session_negotiate->verify_result = MBEDTLS_X509_BADCERT_MISSING;
678         if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
687     if (ssl->handshake->sni_ca_chain != NULL) {
688         ca_chain = ssl->handshake->sni_ca_chain;
689         ca_crl = ssl->handshake->sni_ca_crl;
693         ca_chain = ssl->conf->ca_chain;
694         ca_crl = ssl->conf->ca_crl;
701         ssl->session_negotiate->peer_cert,
703         ssl->conf->cert_profile,
704         ssl->hostname,
706         ssl->conf->f_vrfy, ssl->conf->p_vrfy);
715     if (ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT) {
724              ssl->session_negotiate->peer_cert,
727              ssl->session_negotiate->peer_cert,
792     ssl->session_negotiate->verify_result = verify_result;
797 static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
799     ((void) ssl);
805 int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl)
815                              ssl, MBEDTLS_SSL_HS_CERTIFICATE,
819     MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_parse_certificate(ssl, buf,
822     MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl));
825                              ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len));
829     (void) ssl;
861 static int ssl_tls13_write_certificate_body(mbedtls_ssl_context *ssl,
866     const mbedtls_x509_crt *crt = mbedtls_ssl_own_cert(ssl);
869         ssl->handshake->certificate_request_context;
871         ssl->handshake->certificate_request_context_len;
920         3, MBEDTLS_SSL_HS_CERTIFICATE, ssl->handshake->sent_extensions);
925 int mbedtls_ssl_tls13_write_certificate(mbedtls_ssl_context *ssl)
934                              ssl, MBEDTLS_SSL_HS_CERTIFICATE, &buf, &buf_len));
936     MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_body(ssl,
942                              ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, msg_len));
945                              ssl, buf_len, msg_len));
1000 static int ssl_tls13_write_certificate_verify_body(mbedtls_ssl_context *ssl,
1014     uint16_t *sig_alg = ssl->handshake->received_sig_algs;
1019     own_key = mbedtls_ssl_own_key(ssl);
1026         ssl, (mbedtls_md_type_t) ssl->handshake->ciphersuite_info->mac,
1038                                       ssl->conf->endpoint);
1059         if (!mbedtls_ssl_sig_alg_is_offered(ssl, *sig_alg)) {
1092                                        ssl->conf->f_rng, ssl->conf->p_rng)) != 0) {
1126 int mbedtls_ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl)
1135                              ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
1139                              ssl, buf, buf + buf_len, &msg_len));
1142                              ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
1146                              ssl, buf_len, msg_len));
1165 static int ssl_tls13_preprocess_finished_message(mbedtls_ssl_context *ssl)
1170         ssl,
1171         ssl->handshake->state_local.finished_in.digest,
1172         sizeof(ssl->handshake->state_local.finished_in.digest),
1173         &ssl->handshake->state_local.finished_in.digest_len,
1174         ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ?
1185 static int ssl_tls13_parse_finished_message(mbedtls_ssl_context *ssl,
1195         ssl->handshake->state_local.finished_in.digest;
1197         ssl->handshake->state_local.finished_in.digest_len;
1226 int mbedtls_ssl_tls13_process_finished_message(mbedtls_ssl_context *ssl)
1235                              ssl, MBEDTLS_SSL_HS_FINISHED, &buf, &buf_len));
1238     MBEDTLS_SSL_PROC_CHK(ssl_tls13_preprocess_finished_message(ssl));
1241                              ssl, buf, buf + buf_len));
1244                              ssl, MBEDTLS_SSL_HS_FINISHED, buf, buf_len));
1262 static int ssl_tls13_prepare_finished_message(mbedtls_ssl_context *ssl)
1267     ret = mbedtls_ssl_tls13_calculate_verify_data(ssl,
1268                                                   ssl->handshake->state_local.finished_out.digest,
1269                                                   sizeof(ssl->handshake->state_local.finished_out.
1271                                                   &ssl->handshake->state_local.finished_out.digest_len,
1272                                                   ssl->conf->endpoint);
1283 static int ssl_tls13_write_finished_message_body(mbedtls_ssl_context *ssl,
1288     size_t verify_data_len = ssl->handshake->state_local.finished_out.digest_len;
1296     memcpy(buf, ssl->handshake->state_local.finished_out.digest,
1304 int mbedtls_ssl_tls13_write_finished_message(mbedtls_ssl_context *ssl)
1312     MBEDTLS_SSL_PROC_CHK(ssl_tls13_prepare_finished_message(ssl));
1314     MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
1318                              ssl, buf, buf + buf_len, &msg_len));
1320     MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
1324                              ssl, buf_len, msg_len));
1331 void mbedtls_ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl)
1337     mbedtls_ssl_set_inbound_transform(ssl, ssl->transform_application);
1340     mbedtls_ssl_set_outbound_transform(ssl, ssl->transform_application);
1345     if (ssl->session) {
1346         mbedtls_ssl_session_free(ssl->session);
1347         mbedtls_free(ssl->session);
1349     ssl->session = ssl->session_negotiate;
1350     ssl->session_negotiate = NULL;
1362 static int ssl_tls13_write_change_cipher_spec_body(mbedtls_ssl_context *ssl,
1367     ((void) ssl);
1376 int mbedtls_ssl_tls13_write_change_cipher_spec(mbedtls_ssl_context *ssl)
1383     if (ssl->handshake->ccs_sent) {
1390                              ssl, ssl->out_msg,
1391                              ssl->out_msg + MBEDTLS_SSL_OUT_CONTENT_LEN,
1392                              &ssl->out_msglen));
1394     ssl->out_msgtype = MBEDTLS_SSL_MSG_CHANGE_CIPHER_SPEC;
1397     MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_write_record(ssl, 0));
1399     ssl->handshake->ccs_sent = 1;
1420 int mbedtls_ssl_tls13_write_early_data_ext(mbedtls_ssl_context *ssl,
1444         MBEDTLS_PUT_UINT32_BE(ssl->conf->max_early_data_size, p, 4);
1447                 (unsigned int) ssl->conf->max_early_data_size));
1453     mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_EARLY_DATA);
1459 int mbedtls_ssl_tls13_check_early_data_len(mbedtls_ssl_context *ssl,
1467     if (ssl->session_negotiate == NULL) {
1481         (ssl->session_negotiate->max_early_data_size -
1482          ssl->total_early_data_size)) {
1486                 ssl->total_early_data_size, early_data_len,
1487                 ssl->session_negotiate->max_early_data_size));
1500     ssl->total_early_data_size += (uint32_t) early_data_len;
1518 int mbedtls_ssl_reset_transcript_for_hrr(mbedtls_ssl_context *ssl)
1524         ssl->handshake->ciphersuite_info;
1528     ret = mbedtls_ssl_get_handshake_transcript(ssl, (mbedtls_md_type_t) ciphersuite_info->mac,
1548     ret = mbedtls_ssl_reset_checksum(ssl);
1553     ret = ssl->handshake->update_checksum(ssl, hash_transcript, hash_len);
1564 int mbedtls_ssl_tls13_read_public_xxdhe_share(mbedtls_ssl_context *ssl,
1570     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1635     mbedtls_ssl_context *ssl,
1645     mbedtls_ssl_handshake_params *handshake = ssl->handshake;
1676     ssl->handshake->xxdh_psa_bits = bits;
1719     mbedtls_ssl_context *ssl,
1739     ssl->handshake->received_extensions |= extension_mask;
1750             if ((ssl->handshake->sent_extensions & extension_mask) != 0) {
1775 int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
1816     ssl->session_negotiate->record_size_limit = record_size_limit;
1822 int mbedtls_ssl_tls13_write_record_size_limit_ext(mbedtls_ssl_context *ssl,
1846     mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT);

Indexes created Thu Nov 07 10:32:03 CST 2024