mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-29 12:32:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tls13: add dummy state machine handler

Browse Source 
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-09-14 16:03:56 +08:00
parent aafb21f320
commit 687101b2e6
4 changed files with 162 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
include/mbedtls/debug.h
View File

@ -108,6 +108,13 @@
#define MBEDTLS_PRINTF_ATTRIBUTE(string_index, first_to_check)
#endif
/* MSVC support __func__ from visual studio 2015( 1900 )
Use MSVC predefine macro to avoid name check fail.
*/
#if (defined(_MSC_VER) && ( _MSC_VER <= 1900 ))
#define __func__ __FUNCTION__
#endif
/**
* \def MBEDTLS_PRINTF_SIZET
*

1
include/mbedtls/ssl.h
View File

@ -623,6 +623,7 @@ typedef enum
MBEDTLS_SSL_SERVER_HELLO_VERIFY_REQUEST_SENT,
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
MBEDTLS_SSL_ENCRYPTED_EXTENSIONS,
MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY,
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
}
mbedtls_ssl_states;

155
library/ssl_tls13_client.c
View File

@ -701,6 +701,7 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl )
/*
* Write ClientHello handshake message.
* Handler for MBEDTLS_SSL_CLIENT_HELLO
*/
static int ssl_tls13_write_client_hello( mbedtls_ssl_context *ssl )
{
@ -736,6 +737,116 @@ cleanup:
return ret;
}
/*
* Handler for MBEDTLS_SSL_SERVER_HELLO
*/
static int ssl_tls1_3_read_server_hello( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_ENCRYPTED_EXTENSIONS
*/
static int ssl_tls1_3_read_encrypted_extensions( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_REQUEST );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_CERTIFICATE_REQUEST
*/
static int ssl_tls1_3_read_certificate_request( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_SERVER_CERTIFICATE
*/
static int ssl_tls1_3_read_server_certificate( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CERTIFICATE_VERIFY );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_CERTIFICATE_VERIFY
*/
static int ssl_tls1_3_read_certificate_verify( mbedtls_ssl_context *ssl )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_FINISHED );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_SERVER_FINISHED
*/
static int ssl_tls1_3_read_server_finished( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE
*/
static int ssl_tls1_3_write_client_certificate( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY
*/
static int ssl_tls1_3_write_client_certificate_verify( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_CLIENT_FINISHED );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_CLIENT_FINISHED
*/
static int ssl_tls1_3_write_client_finished( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_FLUSH_BUFFERS );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_FLUSH_BUFFERS
*/
static int ssl_tls1_3_flush_buffers( mbedtls_ssl_context *ssl )
{
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP );
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
return( 0 );
}
/*
* Handler for MBEDTLS_SSL_HANDSHAKE_WRAPUP
*/
static int ssl_tls1_3_handshake_wrapup( mbedtls_ssl_context *ssl )
{
((void) ssl);
MBEDTLS_SSL_DEBUG_MSG( 1, ( "%s hasn't been implemented", __func__ ) );
return( MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE );
}
int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
{
int ret = 0;
@ -754,9 +865,47 @@ int mbedtls_ssl_tls13_handshake_client_step( mbedtls_ssl_context *ssl )
break;
case MBEDTLS_SSL_SERVER_HELLO:
// Stop here : we haven't finished whole flow
ret = MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_ENCRYPTED_EXTENSIONS );
ret = ssl_tls1_3_read_server_hello( ssl );
break;
case MBEDTLS_SSL_ENCRYPTED_EXTENSIONS:
ret = ssl_tls1_3_read_encrypted_extensions( ssl );
break;
case MBEDTLS_SSL_CERTIFICATE_REQUEST:
ret = ssl_tls1_3_read_certificate_request( ssl );
break;
case MBEDTLS_SSL_SERVER_CERTIFICATE:
ret = ssl_tls1_3_read_server_certificate( ssl );
break;
case MBEDTLS_SSL_CERTIFICATE_VERIFY:
ret = ssl_tls1_3_read_certificate_verify( ssl );
break;
case MBEDTLS_SSL_SERVER_FINISHED:
ret = ssl_tls1_3_read_server_finished( ssl );
break;
case MBEDTLS_SSL_CLIENT_CERTIFICATE:
ret = ssl_tls1_3_write_client_certificate( ssl );
break;
case MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY:
ret = ssl_tls1_3_write_client_certificate_verify( ssl );
break;
case MBEDTLS_SSL_CLIENT_FINISHED:
ret = ssl_tls1_3_write_client_finished( ssl );
break;
case MBEDTLS_SSL_FLUSH_BUFFERS:
ret = ssl_tls1_3_flush_buffers( ssl );
break;
case MBEDTLS_SSL_HANDSHAKE_WRAPUP:
ret = ssl_tls1_3_handshake_wrapup( ssl );
break;
default:

2
library/ssl_tls13_server.c
View File

@ -23,6 +23,8 @@
#if defined(MBEDTLS_SSL_SRV_C)
#include "mbedtls/debug.h"
#include "ssl_misc.h"
int mbedtls_ssl_tls13_handshake_server_step( mbedtls_ssl_context *ssl )