mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 00:40:09 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix comments issues

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-08-31 12:51:25 +08:00
parent 08906d006b
commit 159c5a0e12
2 changed files with 35 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/ssl_misc.h
View File

@ -1412,14 +1412,14 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context *ssl,
}
/*
* Write tls13 handshake message header
* Write TLS 1.3 handshake message header
*/
int mbedtls_ssl_tls13_start_handshake_msg( mbedtls_ssl_context *ssl,
unsigned hs_type,
unsigned char **buf,
size_t *buflen );
/*
* Write tls13 handshake message tail
* Write TLS 1.3 handshake message tail
*/
int mbedtls_ssl_tls13_finish_handshake_msg( mbedtls_ssl_context *ssl,
size_t buf_len,
@ -1433,7 +1433,7 @@ void mbedtls_ssl_tls13_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
/*
* Write TLS1.3 Signature Algorithm extesion
* Write TLS 1.3 Signature Algorithm extension
*/
int mbedtls_ssl_tls13_write_sig_alg_ext( mbedtls_ssl_context *ssl,
unsigned char *buf,

42
library/ssl_tls13_client.c
View File

@ -51,17 +51,24 @@ static int ssl_tls13_write_supported_versions_ext( mbedtls_ssl_context *ssl,
*olen = 0;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported version extension" ) );
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, adding supported versions extension" ) );
/*
* ExtensionType 2
* ExtensionLength 2
* VersionSLength 1
* Version 2
*/
MBEDTLS_SSL_CHK_BUF_PTR( p, end, 7 );
/* Write Extension Type */
MBEDTLS_PUT_UINT16_BE( MBEDTLS_TLS_EXT_SUPPORTED_VERSIONS, p, 0 );
/* total length */
/* Write Extension Length */
MBEDTLS_PUT_UINT16_BE( 3, p, 2);
p += 4;
/* length of next field */
/* Length of the SupportedVersions field data */
*p++ = 0x2;
/* This implementation only supports a single TLS version, and only
@ -108,7 +115,7 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl,
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
/* Functions for ClientHello */
/* Functions for writing ClientHello message */
static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
unsigned char *buf,
@ -319,11 +326,13 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
buf += cur_ext_len;
/* We need to send the key shares under three conditions:
* 1 ) A certificate-based ciphersuite is being offered. In this case
* supported_groups and supported_signature extensions have been successfully added.
* 2 ) A PSK-based ciphersuite with ECDHE is offered. In this case the
* 1) A certificate-based ciphersuite is being offered. In this case
* supported_groups and supported_signature extensions have been
* successfully added.
* 2) A PSK-based ciphersuite with ECDHE is offered. In this case the
* psk_key_exchange_modes has been added as the last extension.
* 3 ) Or, in case all ciphers are supported ( which includes #1 and #2 from above )
* 3) Or, in case all ciphers are supported ( which includes #1 and #2
* from above )
*/
ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len );
@ -377,8 +386,21 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl )
}
/*
* ClientHello Main entry point.
* orchestrates the other functions.
* Write ClientHello handshake message.
*
* Structure of this message:
*
* uint16 ProtocolVersion;
* opaque Random[32];
* uint8 CipherSuite[2]; // Cryptographic suite selector
* struct {
* ProtocolVersion legacy_version = 0x0303; // TLS v1.2
* Random random;
* opaque legacy_session_id<0..32>;
* CipherSuite cipher_suites<2..2^16-2>;
* opaque legacy_compression_methods<1..2^8-1>;
* Extension extensions<8..2^16-1>;
* } ClientHello;
*/
static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl )
{