diff --git a/library/ssl_tls13_server.c b/library/ssl_tls13_server.c index 01dff8c9c4..ac6d40e90e 100644 --- a/library/ssl_tls13_server.c +++ b/library/ssl_tls13_server.c @@ -748,11 +748,6 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) { int authmode; - if( mbedtls_ssl_tls13_some_psk_enabled( ssl ) ) - { - MBEDTLS_SSL_DEBUG_MSG( 3, ( "<= skip write certificate request" ) ); - return( SSL_CERTIFICATE_REQUEST_SKIP ); - } authmode = ssl->conf->authmode; if( authmode == MBEDTLS_SSL_VERIFY_NONE ) @@ -760,104 +755,6 @@ static int ssl_tls13_certificate_request_coordinate( mbedtls_ssl_context *ssl ) return( SSL_CERTIFICATE_REQUEST_SEND_REQUEST ); } - -/* - * struct { - * opaque certificate_request_context<0..2^8-1>; - * Extension extensions<2..2^16-1>; - * } CertificateRequest; - * - */ -static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl, - unsigned char *buf, - const unsigned char *end, - size_t *out_len ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - unsigned char *p = buf; - size_t extensions_len = 0; - unsigned char *p_extensions_len; - - *out_len = 0; - - /* Check if we have enough space: - * - certificate_request_context (1 byte) - * - extensions length (2 bytes) - */ - MBEDTLS_SSL_CHK_BUF_PTR( p, end, 3 ); - - /* - * Write certificate_request_context - */ - /* - * We use a zero length context for the normal handshake - * messages. For post-authentication handshake messages - * this request context would be set to a non-zero value. - */ - *p++ = 0x0; - - /* - * Write extensions - */ - /* The extensions must contain the signature_algorithms. */ - p_extensions_len = p; - p += 2; - ret = mbedtls_ssl_write_sig_alg_ext( ssl, p, end, &extensions_len ); - if( ret != 0 ) - return( ret ); - - /* length field for all extensions */ - MBEDTLS_PUT_UINT16_BE( extensions_len, p_extensions_len, 0 ); - p += extensions_len; - - *out_len = p - buf; - - return( 0 ); -} - -static int ssl_tls13_write_certificate_request( mbedtls_ssl_context *ssl ) -{ - int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); - - MBEDTLS_SSL_PROC_CHK_NEG( ssl_tls13_certificate_request_coordinate( ssl ) ); - - if( ret == SSL_CERTIFICATE_REQUEST_SEND_REQUEST ) - { - unsigned char *buf; - size_t buf_len, msg_len; - - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg( ssl, - MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, &buf, &buf_len ) ); - - MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_certificate_request_body( - ssl, buf, buf + buf_len, &msg_len ) ); - - mbedtls_ssl_add_hs_msg_to_checksum( - ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, msg_len ); - - MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg( - ssl, buf_len, msg_len ) ); - } - else if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) - { - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); - ret = 0; - } - else - { - MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); - ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; - goto cleanup; - } - - mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE ); -cleanup: - - MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); - return( ret ); -} #endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ /* @@ -1292,6 +1189,106 @@ cleanup: return( ret ); } +#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED) +/* + * struct { + * opaque certificate_request_context<0..2^8-1>; + * Extension extensions<2..2^16-1>; + * } CertificateRequest; + * + */ +static int ssl_tls13_write_certificate_request_body( mbedtls_ssl_context *ssl, + unsigned char *buf, + const unsigned char *end, + size_t *out_len ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + unsigned char *p = buf; + size_t extensions_len = 0; + unsigned char *p_extensions_len; + + *out_len = 0; + + /* Check if we have enough space: + * - certificate_request_context (1 byte) + * - extensions length (2 bytes) + */ + MBEDTLS_SSL_CHK_BUF_PTR( p, end, 3 ); + + /* + * Write certificate_request_context + */ + /* + * We use a zero length context for the normal handshake + * messages. For post-authentication handshake messages + * this request context would be set to a non-zero value. + */ + *p++ = 0x0; + + /* + * Write extensions + */ + /* The extensions must contain the signature_algorithms. */ + p_extensions_len = p; + p += 2; + ret = mbedtls_ssl_write_sig_alg_ext( ssl, p, end, &extensions_len ); + if( ret != 0 ) + return( ret ); + + /* length field for all extensions */ + MBEDTLS_PUT_UINT16_BE( extensions_len, p_extensions_len, 0 ); + p += extensions_len; + + *out_len = p - buf; + + return( 0 ); +} + +static int ssl_tls13_write_certificate_request( mbedtls_ssl_context *ssl ) +{ + int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "=> write certificate request" ) ); + + MBEDTLS_SSL_PROC_CHK_NEG( ssl_tls13_certificate_request_coordinate( ssl ) ); + + if( ret == SSL_CERTIFICATE_REQUEST_SEND_REQUEST ) + { + unsigned char *buf; + size_t buf_len, msg_len; + + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_start_handshake_msg( ssl, + MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, &buf, &buf_len ) ); + + MBEDTLS_SSL_PROC_CHK( ssl_tls13_write_certificate_request_body( + ssl, buf, buf + buf_len, &msg_len ) ); + + mbedtls_ssl_add_hs_msg_to_checksum( + ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, msg_len ); + + MBEDTLS_SSL_PROC_CHK( mbedtls_ssl_finish_handshake_msg( + ssl, buf_len, msg_len ) ); + } + else if( ret == SSL_CERTIFICATE_REQUEST_SKIP ) + { + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= skip write certificate request" ) ); + ret = 0; + } + else + { + MBEDTLS_SSL_DEBUG_MSG( 1, ( "should never happen" ) ); + ret = MBEDTLS_ERR_SSL_INTERNAL_ERROR; + goto cleanup; + } + + mbedtls_ssl_handshake_set_state( ssl, MBEDTLS_SSL_SERVER_CERTIFICATE ); +cleanup: + + MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= write certificate request" ) ); + return( ret ); +} +#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */ + /* * TLS 1.3 State Machine -- server side */