mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-24 10:43:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add dummy stages for client_hello_process

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-08-18 16:38:40 +08:00
parent a13c7e739c
commit 65dd2ccfe6
5 changed files with 160 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
library/CMakeLists.txt
View File

@ -106,6 +106,7 @@ set(src_tls
ssl_tls13_keys.c ssl_tls13_keys.c
ssl_tls13_server.c ssl_tls13_server.c
ssl_tls13_client.c ssl_tls13_client.c
ssl_tls13_generic.c
) )
if(CMAKE_COMPILER_IS_GNUCC) if(CMAKE_COMPILER_IS_GNUCC)

1
library/Makefile
View File

@ -169,6 +169,7 @@ OBJS_TLS= \
ssl_tls13_keys.o \ ssl_tls13_keys.o \
ssl_tls13_client.o \ ssl_tls13_client.o \
ssl_tls13_server.o \ ssl_tls13_server.o \
ssl_tls13_generic.o \
# This line is intentionally left blank # This line is intentionally left blank
.SILENT: .SILENT:

37
library/ssl_misc.h
View File

@ -26,6 +26,7 @@
#include "mbedtls/ssl.h" #include "mbedtls/ssl.h"
#include "mbedtls/cipher.h" #include "mbedtls/cipher.h"
#include "mbedtls/debug.h"
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO)
#include "psa/crypto.h" #include "psa/crypto.h"
@ -102,6 +103,30 @@
#define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */ #define MBEDTLS_SSL_RENEGOTIATION_DONE 2 /* Done or aborted */
#define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */ #define MBEDTLS_SSL_RENEGOTIATION_PENDING 3 /* Requested (server only) */
#define MBEDTLS_SSL_PROC_STRIP_PARENS( ... ) __VA_ARGS__
#define MBEDTLS_SSL_PROC_CHK( fn, args ) \
do { \
ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \
if( ret != 0 ) \
{ \
if( ret > 0 ) \
ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; \
MBEDTLS_SSL_DEBUG_RET( 1, #fn, ret ); \
goto cleanup; \
} \
} while( 0 )
#define MBEDTLS_SSL_PROC_CHK_NEG( fn, args ) \
do { \
ret = fn(MBEDTLS_SSL_PROC_STRIP_PARENS args); \
if( ret < 0 ) \
{ \
MBEDTLS_SSL_DEBUG_RET( 1, #fn, ret ); \
goto cleanup; \
} \
} while( 0 )
/* /*
* DTLS retransmission states, see RFC 6347 4.2.4 * DTLS retransmission states, see RFC 6347 4.2.4
* *
@ -1331,6 +1356,18 @@ static inline void mbedtls_ssl_handshake_set_state( mbedtls_ssl_context* ssl,
ssl->state = state; ssl->state = state;
} }
int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl,
unsigned hs_type,
unsigned char **buf,
size_t *buflen );
int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl,
size_t buf_len,
size_t msg_len );
void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
unsigned hs_type,
size_t total_hs_len );
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* ssl_misc.h */ #endif /* ssl_misc.h */

54
library/ssl_tls13_client.c
View File

@ -28,6 +28,7 @@
#include "ssl_misc.h" #include "ssl_misc.h"
#include <mbedtls/debug.h> #include <mbedtls/debug.h>
/* Main entry point; orchestrates the other functions */
static int ssl_client_hello_process( mbedtls_ssl_context* ssl ); static int ssl_client_hello_process( mbedtls_ssl_context* ssl );
int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl ) int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl )
@ -66,20 +67,73 @@ int mbedtls_ssl_handshake_client_step_tls1_3( mbedtls_ssl_context *ssl )
return( ret ); return( ret );
} }
static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl );
static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl,
unsigned char* buf, size_t buflen,
size_t* len_without_binders,
size_t* len_with_binders );
static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl );
static int ssl_client_hello_process( mbedtls_ssl_context* ssl ) static int ssl_client_hello_process( mbedtls_ssl_context* ssl )
{ {
int ret = 0; int ret = 0;
unsigned char *buf;
size_t buf_len, msg_len;
size_t len_without_binders = 0;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write client hello" ) );
MBEDTLS_SSL_PROC_CHK( ssl_client_hello_prepare, ( ssl ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg, ( ssl,
MBEDTLS_SSL_HS_CLIENT_HELLO, &buf, &buf_len ) );
MBEDTLS_SSL_PROC_CHK( ssl_client_hello_write_partial, ( ssl, buf, buf_len,
&len_without_binders,
&msg_len ) );
mbedtls_ssl_add_hs_hdr_to_checksum( ssl, MBEDTLS_SSL_HS_CLIENT_HELLO,
msg_len );
ssl->handshake->update_checksum( ssl, buf, len_without_binders );
MBEDTLS_SSL_PROC_CHK( ssl_client_hello_postprocess, ( ssl ) );
MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg, ( ssl, buf_len, msg_len ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO ); mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_HELLO );
cleanup:
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) ); MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write client hello" ) );
/* client_hello_process haven't finished */ /* client_hello_process haven't finished */
ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE; ret=MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
return ret; return ret;
} }
static int ssl_client_hello_prepare( mbedtls_ssl_context* ssl )
{
((void) ssl);
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
static int ssl_client_hello_write_partial( mbedtls_ssl_context* ssl,
unsigned char* buf, size_t buflen,
size_t* len_without_binders,
size_t* len_with_binders )
{
((void) ssl);
((void) buf);
((void) buflen);
((void) len_without_binders);
((void) len_with_binders);
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
static int ssl_client_hello_postprocess( mbedtls_ssl_context* ssl )
{
((void) ssl);
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
#endif /* MBEDTLS_SSL_CLI_C */ #endif /* MBEDTLS_SSL_CLI_C */
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ #endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */

67
library/ssl_tls13_generic.c Normal file
View File

@ -0,0 +1,67 @@
/*
* TLS 1.3 functionality shared between client and server
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "common.h"
#if defined(MBEDTLS_SSL_TLS_C)
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
#include "ssl_misc.h"
int mbedtls_ssl_start_handshake_msg( mbedtls_ssl_context *ssl,
unsigned hs_type,
unsigned char **buf,
size_t *buflen )
{
((void) ssl);
((void) hs_type);
((void) buf);
((void) buflen);
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
int mbedtls_ssl_finish_handshake_msg( mbedtls_ssl_context *ssl,
size_t buf_len,
size_t msg_len )
{
((void) ssl);
((void) buf_len);
((void) msg_len);
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
void mbedtls_ssl_add_hs_hdr_to_checksum( mbedtls_ssl_context *ssl,
unsigned hs_type,
size_t total_hs_len )
{
unsigned char hs_hdr[4];
/* Build HS header for checksum update. */
hs_hdr[0] = hs_type;
hs_hdr[1] = (unsigned char)( total_hs_len >> 16 );
hs_hdr[2] = (unsigned char)( total_hs_len >> 8 );
hs_hdr[3] = (unsigned char)( total_hs_len >> 0 );
ssl->handshake->update_checksum( ssl, hs_hdr, sizeof( hs_hdr ) );
}
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
#endif /* MBEDTLS_SSL_TLS_C */