Merge pull request #7353 from xkqian/tls13_fix_code_style
Improve code styles for tls13 related files
This commit is contained in:
commit
22d9ff6d3c
4 changed files with 362 additions and 315 deletions
|
@ -117,7 +117,8 @@ static int ssl_tls13_parse_supported_versions_ext(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
if (&buf[2] != end) {
|
||||
MBEDTLS_SSL_DEBUG_MSG(1, ("supported_versions ext data length incorrect"));
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
1, ("supported_versions ext data length incorrect"));
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_DECODE_ERROR,
|
||||
MBEDTLS_ERR_SSL_DECODE_ERROR);
|
||||
return MBEDTLS_ERR_SSL_DECODE_ERROR;
|
||||
|
@ -227,8 +228,8 @@ static int ssl_tls13_get_default_group_id(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
for (; *group_list != 0; group_list++) {
|
||||
if ((mbedtls_ssl_get_psa_curve_info_from_tls_id(*group_list,
|
||||
NULL, NULL) == PSA_SUCCESS) &&
|
||||
if ((mbedtls_ssl_get_psa_curve_info_from_tls_id(
|
||||
*group_list, NULL, NULL) == PSA_SUCCESS) &&
|
||||
mbedtls_ssl_tls13_named_group_is_ecdhe(*group_list)) {
|
||||
*group_id = *group_list;
|
||||
return 0;
|
||||
|
@ -352,7 +353,8 @@ static int ssl_tls13_write_key_share_ext(mbedtls_ssl_context *ssl,
|
|||
/* Output the total length of key_share extension. */
|
||||
*out_len = p - buf;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF(3, "client hello, key_share extension", buf, *out_len);
|
||||
MBEDTLS_SSL_DEBUG_BUF(
|
||||
3, "client hello, key_share extension", buf, *out_len);
|
||||
|
||||
mbedtls_ssl_tls13_set_hs_sent_ext_mask(ssl, MBEDTLS_TLS_EXT_KEY_SHARE);
|
||||
|
||||
|
@ -402,8 +404,8 @@ static int ssl_tls13_parse_hrr_key_share_ext(mbedtls_ssl_context *ssl,
|
|||
* then the client MUST abort the handshake with an "illegal_parameter" alert.
|
||||
*/
|
||||
for (; *group_list != 0; group_list++) {
|
||||
if ((mbedtls_ssl_get_psa_curve_info_from_tls_id(*group_list,
|
||||
NULL, NULL) == PSA_ERROR_NOT_SUPPORTED) ||
|
||||
if ((mbedtls_ssl_get_psa_curve_info_from_tls_id(
|
||||
*group_list, NULL, NULL) == PSA_ERROR_NOT_SUPPORTED) ||
|
||||
*group_list != selected_group) {
|
||||
continue;
|
||||
}
|
||||
|
@ -472,8 +474,8 @@ static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl,
|
|||
/* Check that the chosen group matches the one we offered. */
|
||||
offered_group = ssl->handshake->offered_group_id;
|
||||
if (offered_group != group) {
|
||||
MBEDTLS_SSL_DEBUG_MSG(1,
|
||||
("Invalid server key share, our group %u, their group %u",
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
1, ("Invalid server key share, our group %u, their group %u",
|
||||
(unsigned) offered_group, (unsigned) group));
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE,
|
||||
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE);
|
||||
|
@ -488,8 +490,9 @@ static int ssl_tls13_parse_key_share_ext(mbedtls_ssl_context *ssl,
|
|||
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("ECDH curve: %s",
|
||||
mbedtls_ssl_get_curve_name_from_tls_id(group)));
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
2,
|
||||
("ECDH curve: %s", mbedtls_ssl_get_curve_name_from_tls_id(group)));
|
||||
|
||||
ret = mbedtls_ssl_tls13_read_public_ecdhe_share(ssl, p, end - p);
|
||||
if (ret != 0) {
|
||||
|
@ -1410,8 +1413,8 @@ static int ssl_server_hello_is_hrr(mbedtls_ssl_context *ssl,
|
|||
* } ServerHello;
|
||||
*
|
||||
*/
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR(buf, end,
|
||||
2 + sizeof(mbedtls_ssl_tls13_hello_retry_request_magic));
|
||||
MBEDTLS_SSL_CHK_BUF_READ_PTR(
|
||||
buf, end, 2 + sizeof(mbedtls_ssl_tls13_hello_retry_request_magic));
|
||||
|
||||
if (memcmp(buf + 2, mbedtls_ssl_tls13_hello_retry_request_magic,
|
||||
sizeof(mbedtls_ssl_tls13_hello_retry_request_magic)) == 0) {
|
||||
|
@ -1464,8 +1467,8 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl,
|
|||
*/
|
||||
ssl->keep_current_message = 1;
|
||||
ssl->tls_version = MBEDTLS_SSL_VERSION_TLS1_2;
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||
buf, (size_t) (end - buf)));
|
||||
|
||||
if (mbedtls_ssl_conf_tls13_some_ephemeral_enabled(ssl)) {
|
||||
|
@ -1492,14 +1495,15 @@ static int ssl_tls13_preprocess_server_hello(mbedtls_ssl_context *ssl,
|
|||
break;
|
||||
case SSL_SERVER_HELLO_HRR:
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("received HelloRetryRequest message"));
|
||||
/* If a client receives a second
|
||||
* HelloRetryRequest in the same connection (i.e., where the ClientHello
|
||||
* was itself in response to a HelloRetryRequest), it MUST abort the
|
||||
* handshake with an "unexpected_message" alert.
|
||||
/* If a client receives a second HelloRetryRequest in the same
|
||||
* connection (i.e., where the ClientHello was itself in response
|
||||
* to a HelloRetryRequest), it MUST abort the handshake with an
|
||||
* "unexpected_message" alert.
|
||||
*/
|
||||
if (handshake->hello_retry_request_count > 0) {
|
||||
MBEDTLS_SSL_DEBUG_MSG(1, ("Multiple HRRs received"));
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE,
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_UNEXPECTED_MESSAGE,
|
||||
MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE);
|
||||
return MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE;
|
||||
}
|
||||
|
@ -1861,20 +1865,25 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl)
|
|||
* exchange mode is EPHEMERAL-only.
|
||||
*/
|
||||
switch (handshake->received_extensions &
|
||||
(MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) | MBEDTLS_SSL_EXT_MASK(KEY_SHARE))) {
|
||||
(MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) |
|
||||
MBEDTLS_SSL_EXT_MASK(KEY_SHARE))) {
|
||||
/* Only the pre_shared_key extension was received */
|
||||
case MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY):
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
handshake->key_exchange_mode =
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK;
|
||||
break;
|
||||
|
||||
/* Only the key_share extension was received */
|
||||
case MBEDTLS_SSL_EXT_MASK(KEY_SHARE):
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
handshake->key_exchange_mode =
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Both the pre_shared_key and key_share extensions were received */
|
||||
case (MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) | MBEDTLS_SSL_EXT_MASK(KEY_SHARE)):
|
||||
handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
case (MBEDTLS_SSL_EXT_MASK(PRE_SHARED_KEY) |
|
||||
MBEDTLS_SSL_EXT_MASK(KEY_SHARE)):
|
||||
handshake->key_exchange_mode =
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL;
|
||||
break;
|
||||
|
||||
/* Neither pre_shared_key nor key_share extension was received */
|
||||
|
@ -1917,14 +1926,14 @@ static int ssl_tls13_postprocess_server_hello(mbedtls_ssl_context *ssl)
|
|||
if (!mbedtls_ssl_conf_tls13_check_kex_modes(
|
||||
ssl, handshake->key_exchange_mode)) {
|
||||
ret = MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
|
||||
MBEDTLS_SSL_DEBUG_MSG(2,
|
||||
("Key exchange mode(%s) is not supported.",
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
2, ("Key exchange mode(%s) is not supported.",
|
||||
ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode)));
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(3,
|
||||
("Selected key exchange mode: %s",
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3, ("Selected key exchange mode: %s",
|
||||
ssl_tls13_get_kex_mode_str(handshake->key_exchange_mode)));
|
||||
|
||||
/* Start the TLS 1.3 key scheduling if not already done.
|
||||
|
@ -2009,9 +2018,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> %s", __func__));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO,
|
||||
&buf, &buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len));
|
||||
|
||||
ret = ssl_tls13_preprocess_server_hello(ssl, buf, buf + buf_len);
|
||||
if (ret < 0) {
|
||||
|
@ -2032,9 +2040,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl)
|
|||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_reset_transcript_for_hrr(ssl));
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO, buf,
|
||||
buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, buf, buf_len));
|
||||
|
||||
if (is_hrr) {
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_postprocess_hrr(ssl));
|
||||
|
@ -2043,8 +2050,8 @@ static int ssl_tls13_process_server_hello(mbedtls_ssl_context *ssl)
|
|||
* immediately before its second flight. This may either be before
|
||||
* its second ClientHello or before its encrypted handshake flight.
|
||||
*/
|
||||
mbedtls_ssl_handshake_set_state(ssl,
|
||||
MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO);
|
||||
mbedtls_ssl_handshake_set_state(
|
||||
ssl, MBEDTLS_SSL_CLIENT_CCS_BEFORE_2ND_CLIENT_HELLO);
|
||||
#else
|
||||
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_HELLO);
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE */
|
||||
|
@ -2124,7 +2131,8 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
|
|||
case MBEDTLS_TLS_EXT_ALPN:
|
||||
MBEDTLS_SSL_DEBUG_MSG(3, ("found alpn extension"));
|
||||
|
||||
if ((ret = ssl_tls13_parse_alpn_ext(ssl, p, (size_t) extension_data_len)) != 0) {
|
||||
if ((ret = ssl_tls13_parse_alpn_ext(
|
||||
ssl, p, (size_t) extension_data_len)) != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -2148,10 +2156,12 @@ static int ssl_tls13_parse_encrypted_extensions(mbedtls_ssl_context *ssl,
|
|||
case MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT:
|
||||
MBEDTLS_SSL_DEBUG_MSG(3, ("found record_size_limit extension"));
|
||||
|
||||
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(ssl, p, p + extension_data_len);
|
||||
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
|
||||
ssl, p, p + extension_data_len);
|
||||
|
||||
/* TODO: Return unconditionally here until we handle the record size limit correctly.
|
||||
* Once handled correctly, only return in case of errors. */
|
||||
/* TODO: Return unconditionally here until we handle the record
|
||||
* size limit correctly. Once handled correctly, only return in
|
||||
* case of errors. */
|
||||
return ret;
|
||||
|
||||
break;
|
||||
|
@ -2190,8 +2200,8 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse encrypted extensions"));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
&buf, &buf_len));
|
||||
|
||||
/* Process the message contents */
|
||||
|
@ -2205,8 +2215,8 @@ static int ssl_tls13_process_encrypted_extensions(mbedtls_ssl_context *ssl)
|
|||
}
|
||||
#endif
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
buf, buf_len));
|
||||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED)
|
||||
|
@ -2443,15 +2453,15 @@ static int ssl_tls13_process_certificate_request(mbedtls_ssl_context *ssl)
|
|||
unsigned char *buf;
|
||||
size_t buf_len;
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
&buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_request(ssl,
|
||||
buf, buf + buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_request(
|
||||
ssl, buf, buf + buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
buf, buf_len));
|
||||
} else if (ret == SSL_CERTIFICATE_REQUEST_SKIP) {
|
||||
ret = 0;
|
||||
|
@ -2614,8 +2624,8 @@ static int ssl_tls13_write_client_finished(mbedtls_ssl_context *ssl)
|
|||
|
||||
ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl);
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1,
|
||||
"mbedtls_ssl_tls13_compute_resumption_master_secret ", ret);
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "mbedtls_ssl_tls13_compute_resumption_master_secret ", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -2995,7 +3005,8 @@ int mbedtls_ssl_tls13_handshake_client_step(mbedtls_ssl_context *ssl)
|
|||
case MBEDTLS_SSL_CLIENT_CCS_AFTER_SERVER_FINISHED:
|
||||
ret = mbedtls_ssl_tls13_write_change_cipher_spec(ssl);
|
||||
if (ret == 0) {
|
||||
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
|
||||
mbedtls_ssl_handshake_set_state(
|
||||
ssl, MBEDTLS_SSL_CLIENT_CERTIFICATE);
|
||||
}
|
||||
break;
|
||||
|
||||
|
|
|
@ -247,15 +247,17 @@ static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl,
|
|||
|
||||
/* RFC 8446 section 4.4.3
|
||||
*
|
||||
* If the CertificateVerify message is sent by a server, the signature algorithm
|
||||
* MUST be one offered in the client's "signature_algorithms" extension unless
|
||||
* no valid certificate chain can be produced without unsupported algorithms
|
||||
* If the CertificateVerify message is sent by a server, the signature
|
||||
* algorithm MUST be one offered in the client's "signature_algorithms"
|
||||
* extension unless no valid certificate chain can be produced without
|
||||
* unsupported algorithms
|
||||
*
|
||||
* RFC 8446 section 4.4.2.2
|
||||
*
|
||||
* If the client cannot construct an acceptable chain using the provided
|
||||
* certificates and decides to abort the handshake, then it MUST abort the handshake
|
||||
* with an appropriate certificate-related alert (by default, "unsupported_certificate").
|
||||
* certificates and decides to abort the handshake, then it MUST abort the
|
||||
* handshake with an appropriate certificate-related alert
|
||||
* (by default, "unsupported_certificate").
|
||||
*
|
||||
* Check if algorithm is an offered signature algorithm.
|
||||
*/
|
||||
|
@ -350,14 +352,15 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
|
|||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse certificate verify"));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(
|
||||
mbedtls_ssl_tls13_fetch_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len));
|
||||
mbedtls_ssl_tls13_fetch_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf, &buf_len));
|
||||
|
||||
/* Need to calculate the hash of the transcript first
|
||||
* before reading the message since otherwise it gets
|
||||
* included in the transcript
|
||||
*/
|
||||
ret = mbedtls_ssl_get_handshake_transcript(ssl,
|
||||
ret = mbedtls_ssl_get_handshake_transcript(
|
||||
ssl,
|
||||
ssl->handshake->ciphersuite_info->mac,
|
||||
transcript, sizeof(transcript),
|
||||
&transcript_len);
|
||||
|
@ -380,12 +383,12 @@ int mbedtls_ssl_tls13_process_certificate_verify(mbedtls_ssl_context *ssl)
|
|||
MBEDTLS_SSL_IS_CLIENT);
|
||||
|
||||
/* Process the message contents */
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_verify(ssl, buf,
|
||||
buf + buf_len, verify_buffer,
|
||||
verify_buffer_len));
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_certificate_verify(
|
||||
ssl, buf, buf + buf_len,
|
||||
verify_buffer, verify_buffer_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
||||
buf, buf_len));
|
||||
|
||||
cleanup:
|
||||
|
@ -600,7 +603,8 @@ exit:
|
|||
return MBEDTLS_ERR_SSL_DECODE_ERROR;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate", ssl->session_negotiate->peer_cert);
|
||||
MBEDTLS_SSL_DEBUG_CRT(3, "peer certificate",
|
||||
ssl->session_negotiate->peer_cert);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
@ -666,7 +670,8 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
|
|||
if (authmode == MBEDTLS_SSL_VERIFY_OPTIONAL) {
|
||||
return 0;
|
||||
} else {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_NO_CERT,
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_NO_CERT,
|
||||
MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE);
|
||||
return MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE;
|
||||
}
|
||||
|
@ -754,7 +759,8 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
|
|||
Pick one and send the corresponding alert. Which alert to send
|
||||
may be a subject of debate in some cases. */
|
||||
if (verify_result & MBEDTLS_X509_BADCERT_OTHER) {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED, ret);
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED, ret);
|
||||
} else if (verify_result & MBEDTLS_X509_BADCERT_CN_MISMATCH) {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_BAD_CERT, ret);
|
||||
} else if (verify_result & (MBEDTLS_X509_BADCERT_KEY_USAGE |
|
||||
|
@ -762,15 +768,19 @@ static int ssl_tls13_validate_certificate(mbedtls_ssl_context *ssl)
|
|||
MBEDTLS_X509_BADCERT_NS_CERT_TYPE |
|
||||
MBEDTLS_X509_BADCERT_BAD_PK |
|
||||
MBEDTLS_X509_BADCERT_BAD_KEY)) {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT, ret);
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT, ret);
|
||||
} else if (verify_result & MBEDTLS_X509_BADCERT_EXPIRED) {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED, ret);
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED, ret);
|
||||
} else if (verify_result & MBEDTLS_X509_BADCERT_REVOKED) {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED, ret);
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED, ret);
|
||||
} else if (verify_result & MBEDTLS_X509_BADCERT_NOT_TRUSTED) {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA, ret);
|
||||
} else {
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN, ret);
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN, ret);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -815,9 +825,8 @@ int mbedtls_ssl_tls13_process_certificate(mbedtls_ssl_context *ssl)
|
|||
/* Validate the certificate chain and set the verification results. */
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_validate_certificate(ssl));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE, buf,
|
||||
buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, buf_len));
|
||||
|
||||
cleanup:
|
||||
#endif /* MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED */
|
||||
|
@ -923,18 +932,16 @@ int mbedtls_ssl_tls13_write_certificate(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate"));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE, &buf,
|
||||
&buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE, &buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_body(ssl,
|
||||
buf,
|
||||
buf + buf_len,
|
||||
&msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE, buf,
|
||||
msg_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE, buf, msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||
ssl, buf_len, msg_len));
|
||||
|
@ -1017,11 +1024,9 @@ static int ssl_tls13_write_certificate_verify_body(mbedtls_ssl_context *ssl,
|
|||
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_get_handshake_transcript(ssl,
|
||||
ssl->handshake->ciphersuite_info->mac,
|
||||
handshake_hash,
|
||||
sizeof(handshake_hash),
|
||||
&handshake_hash_len);
|
||||
ret = mbedtls_ssl_get_handshake_transcript(
|
||||
ssl, ssl->handshake->ciphersuite_info->mac,
|
||||
handshake_hash, sizeof(handshake_hash), &handshake_hash_len);
|
||||
if (ret != 0) {
|
||||
return ret;
|
||||
}
|
||||
|
@ -1128,16 +1133,16 @@ int mbedtls_ssl_tls13_write_certificate_verify(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write certificate verify"));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, &buf,
|
||||
&buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
||||
&buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_verify_body(
|
||||
ssl, buf, buf + buf_len, &msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_VERIFY, buf,
|
||||
msg_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_VERIFY,
|
||||
buf, msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||
ssl, buf_len, msg_len));
|
||||
|
@ -1163,10 +1168,10 @@ static int ssl_tls13_preprocess_finished_message(mbedtls_ssl_context *ssl)
|
|||
{
|
||||
int ret;
|
||||
|
||||
ret = mbedtls_ssl_tls13_calculate_verify_data(ssl,
|
||||
ret = mbedtls_ssl_tls13_calculate_verify_data(
|
||||
ssl,
|
||||
ssl->handshake->state_local.finished_in.digest,
|
||||
sizeof(ssl->handshake->state_local.finished_in.
|
||||
digest),
|
||||
sizeof(ssl->handshake->state_local.finished_in.digest),
|
||||
&ssl->handshake->state_local.finished_in.digest_len,
|
||||
ssl->conf->endpoint == MBEDTLS_SSL_IS_CLIENT ?
|
||||
MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT);
|
||||
|
@ -1228,17 +1233,17 @@ int mbedtls_ssl_tls13_process_finished_message(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> parse finished message"));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_FINISHED,
|
||||
&buf, &buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_tls13_fetch_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_FINISHED, &buf, &buf_len));
|
||||
|
||||
/* Preprocessing step: Compute handshake digest */
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_preprocess_finished_message(ssl));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(ssl, buf, buf + buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_parse_finished_message(
|
||||
ssl, buf, buf + buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(ssl,
|
||||
MBEDTLS_SSL_HS_FINISHED, buf, buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_FINISHED, buf, buf_len));
|
||||
|
||||
cleanup:
|
||||
|
||||
|
@ -1526,9 +1531,8 @@ int mbedtls_ssl_tls13_generate_and_write_ecdh_key_exchange(
|
|||
MBEDTLS_SSL_DEBUG_MSG(1, ("Perform PSA-based ECDH computation."));
|
||||
|
||||
/* Convert EC's TLS ID to PSA key type. */
|
||||
if (mbedtls_ssl_get_psa_curve_info_from_tls_id(named_group,
|
||||
&ec_psa_family,
|
||||
&ec_bits) == PSA_ERROR_NOT_SUPPORTED) {
|
||||
if (mbedtls_ssl_get_psa_curve_info_from_tls_id(
|
||||
named_group, &ec_psa_family, &ec_bits) == PSA_ERROR_NOT_SUPPORTED) {
|
||||
return MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE;
|
||||
}
|
||||
handshake->ecdh_psa_type = PSA_KEY_TYPE_ECC_KEY_PAIR(ec_psa_family);
|
||||
|
@ -1638,7 +1642,8 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
|
|||
uint16_t record_size_limit;
|
||||
const size_t extension_data_len = end - buf;
|
||||
|
||||
if (extension_data_len != MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH) {
|
||||
if (extension_data_len !=
|
||||
MBEDTLS_SSL_RECORD_SIZE_LIMIT_EXTENSION_DATA_LENGTH) {
|
||||
MBEDTLS_SSL_DEBUG_MSG(2,
|
||||
("record_size_limit extension has invalid length: %"
|
||||
MBEDTLS_PRINTF_SIZET " Bytes",
|
||||
|
@ -1668,9 +1673,8 @@ int mbedtls_ssl_tls13_parse_record_size_limit_ext(mbedtls_ssl_context *ssl,
|
|||
return MBEDTLS_ERR_SSL_ILLEGAL_PARAMETER;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2,
|
||||
(
|
||||
"record_size_limit extension is still in development. Aborting handshake."));
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
2, ("record_size_limit extension is still in development. Aborting handshake."));
|
||||
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT,
|
||||
|
|
|
@ -455,7 +455,8 @@ int mbedtls_ssl_tls13_derive_early_secrets(
|
|||
*/
|
||||
|
||||
/* Create client_early_traffic_secret */
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
early_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_e_traffic),
|
||||
transcript, transcript_len,
|
||||
|
@ -467,7 +468,8 @@ int mbedtls_ssl_tls13_derive_early_secrets(
|
|||
}
|
||||
|
||||
/* Create early exporter */
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
early_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(e_exp_master),
|
||||
transcript, transcript_len,
|
||||
|
@ -515,7 +517,8 @@ int mbedtls_ssl_tls13_derive_handshake_secrets(
|
|||
* Derive-Secret( ., "c hs traffic", ClientHello...ServerHello )
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
handshake_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_hs_traffic),
|
||||
transcript, transcript_len,
|
||||
|
@ -531,7 +534,8 @@ int mbedtls_ssl_tls13_derive_handshake_secrets(
|
|||
* Derive-Secret( ., "s hs traffic", ClientHello...ServerHello )
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
handshake_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(s_hs_traffic),
|
||||
transcript, transcript_len,
|
||||
|
@ -578,7 +582,8 @@ int mbedtls_ssl_tls13_derive_application_secrets(
|
|||
*
|
||||
*/
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
application_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(c_ap_traffic),
|
||||
transcript, transcript_len,
|
||||
|
@ -589,7 +594,8 @@ int mbedtls_ssl_tls13_derive_application_secrets(
|
|||
return ret;
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
application_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(s_ap_traffic),
|
||||
transcript, transcript_len,
|
||||
|
@ -600,7 +606,8 @@ int mbedtls_ssl_tls13_derive_application_secrets(
|
|||
return ret;
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
application_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(exp_master),
|
||||
transcript, transcript_len,
|
||||
|
@ -633,7 +640,8 @@ int mbedtls_ssl_tls13_derive_resumption_master_secret(
|
|||
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
application_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(res_master),
|
||||
transcript, transcript_len,
|
||||
|
@ -675,7 +683,8 @@ static int ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl)
|
|||
/*
|
||||
* Compute MasterSecret
|
||||
*/
|
||||
ret = mbedtls_ssl_tls13_evolve_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_evolve_secret(
|
||||
hash_alg,
|
||||
handshake->tls13_master_secrets.handshake,
|
||||
NULL, 0,
|
||||
handshake->tls13_master_secrets.app);
|
||||
|
@ -684,7 +693,8 @@ static int ssl_tls13_key_schedule_stage_application(mbedtls_ssl_context *ssl)
|
|||
return ret;
|
||||
}
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF(4, "Master secret",
|
||||
MBEDTLS_SSL_DEBUG_BUF(
|
||||
4, "Master secret",
|
||||
handshake->tls13_master_secrets.app, PSA_HASH_LENGTH(hash_alg));
|
||||
|
||||
return 0;
|
||||
|
@ -810,7 +820,8 @@ int mbedtls_ssl_tls13_calculate_verify_data(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
MBEDTLS_SSL_DEBUG_BUF(4, "handshake hash", transcript, transcript_len);
|
||||
|
||||
ret = ssl_tls13_calc_finished_core(hash_alg, base_key, transcript, dst, actual_len);
|
||||
ret = ssl_tls13_calc_finished_core(hash_alg, base_key,
|
||||
transcript, dst, actual_len);
|
||||
if (ret != 0) {
|
||||
goto exit;
|
||||
}
|
||||
|
@ -873,14 +884,16 @@ int mbedtls_ssl_tls13_create_psk_binder(mbedtls_ssl_context *ssl,
|
|||
early_secret, hash_len);
|
||||
|
||||
if (psk_type == MBEDTLS_SSL_TLS1_3_PSK_RESUMPTION) {
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
early_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(res_binder),
|
||||
NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
|
||||
binder_key, hash_len);
|
||||
MBEDTLS_SSL_DEBUG_MSG(4, ("Derive Early Secret with 'res binder'"));
|
||||
} else {
|
||||
ret = mbedtls_ssl_tls13_derive_secret(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_derive_secret(
|
||||
hash_alg,
|
||||
early_secret, hash_len,
|
||||
MBEDTLS_SSL_TLS1_3_LBL_WITH_LEN(ext_binder),
|
||||
NULL, 0, MBEDTLS_SSL_TLS1_3_CONTEXT_UNHASHED,
|
||||
|
@ -913,9 +926,9 @@ exit:
|
|||
return ret;
|
||||
}
|
||||
|
||||
int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform,
|
||||
int endpoint,
|
||||
int ciphersuite,
|
||||
int mbedtls_ssl_tls13_populate_transform(
|
||||
mbedtls_ssl_transform *transform,
|
||||
int endpoint, int ciphersuite,
|
||||
mbedtls_ssl_key_set const *traffic_keys,
|
||||
mbedtls_ssl_context *ssl /* DEBUG ONLY */)
|
||||
{
|
||||
|
@ -1044,7 +1057,8 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform,
|
|||
&alg,
|
||||
&key_type,
|
||||
&key_bits)) != PSA_SUCCESS) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_cipher_to_psa", PSA_TO_MBEDTLS_ERR(status));
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "mbedtls_ssl_cipher_to_psa", PSA_TO_MBEDTLS_ERR(status));
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
|
||||
|
@ -1059,7 +1073,8 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform,
|
|||
key_enc,
|
||||
PSA_BITS_TO_BYTES(key_bits),
|
||||
&transform->psa_key_enc)) != PSA_SUCCESS) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1, "psa_import_key", PSA_TO_MBEDTLS_ERR(status));
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "psa_import_key", PSA_TO_MBEDTLS_ERR(status));
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
|
||||
|
@ -1069,7 +1084,8 @@ int mbedtls_ssl_tls13_populate_transform(mbedtls_ssl_transform *transform,
|
|||
key_dec,
|
||||
PSA_BITS_TO_BYTES(key_bits),
|
||||
&transform->psa_key_dec)) != PSA_SUCCESS) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1, "psa_import_key", PSA_TO_MBEDTLS_ERR(status));
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "psa_import_key", PSA_TO_MBEDTLS_ERR(status));
|
||||
return PSA_TO_MBEDTLS_ERR(status);
|
||||
}
|
||||
}
|
||||
|
@ -1134,7 +1150,8 @@ static int ssl_tls13_generate_early_key(mbedtls_ssl_context *ssl,
|
|||
mbedtls_ssl_tls13_early_secrets tls13_early_secrets;
|
||||
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
handshake->ciphersuite_info;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_generate_early_key"));
|
||||
|
||||
|
@ -1333,8 +1350,10 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
|
|||
size_t iv_len;
|
||||
|
||||
mbedtls_ssl_handshake_params *handshake = ssl->handshake;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info = handshake->ciphersuite_info;
|
||||
mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets = &handshake->tls13_hs_secrets;
|
||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info =
|
||||
handshake->ciphersuite_info;
|
||||
mbedtls_ssl_tls13_handshake_secrets *tls13_hs_secrets =
|
||||
&handshake->tls13_hs_secrets;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> ssl_tls13_generate_handshake_keys"));
|
||||
|
||||
|
@ -1360,8 +1379,8 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
|
|||
return ret;
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_handshake_secrets(hash_alg,
|
||||
handshake->tls13_master_secrets.handshake,
|
||||
ret = mbedtls_ssl_tls13_derive_handshake_secrets(
|
||||
hash_alg, handshake->tls13_master_secrets.handshake,
|
||||
transcript, transcript_len, tls13_hs_secrets);
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_ssl_tls13_derive_handshake_secrets",
|
||||
|
@ -1380,7 +1399,8 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
|
|||
* Export client handshake traffic secret
|
||||
*/
|
||||
if (ssl->f_export_keys != NULL) {
|
||||
ssl->f_export_keys(ssl->p_export_keys,
|
||||
ssl->f_export_keys(
|
||||
ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_HANDSHAKE_TRAFFIC_SECRET,
|
||||
tls13_hs_secrets->client_handshake_traffic_secret,
|
||||
hash_len,
|
||||
|
@ -1388,7 +1408,8 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
|
|||
handshake->randbytes + MBEDTLS_CLIENT_HELLO_RANDOM_LEN,
|
||||
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */);
|
||||
|
||||
ssl->f_export_keys(ssl->p_export_keys,
|
||||
ssl->f_export_keys(
|
||||
ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_HANDSHAKE_TRAFFIC_SECRET,
|
||||
tls13_hs_secrets->server_handshake_traffic_secret,
|
||||
hash_len,
|
||||
|
@ -1397,7 +1418,8 @@ static int ssl_tls13_generate_handshake_keys(mbedtls_ssl_context *ssl,
|
|||
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: FIX! */);
|
||||
}
|
||||
|
||||
ret = mbedtls_ssl_tls13_make_traffic_keys(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_make_traffic_keys(
|
||||
hash_alg,
|
||||
tls13_hs_secrets->client_handshake_traffic_secret,
|
||||
tls13_hs_secrets->server_handshake_traffic_secret,
|
||||
hash_len, key_len, iv_len, traffic_keys);
|
||||
|
@ -1510,8 +1532,8 @@ static int ssl_tls13_key_schedule_stage_handshake(mbedtls_ssl_context *ssl)
|
|||
/*
|
||||
* Compute the Handshake Secret
|
||||
*/
|
||||
ret = mbedtls_ssl_tls13_evolve_secret(hash_alg,
|
||||
handshake->tls13_master_secrets.early,
|
||||
ret = mbedtls_ssl_tls13_evolve_secret(
|
||||
hash_alg, handshake->tls13_master_secrets.early,
|
||||
shared_secret, shared_secret_len,
|
||||
handshake->tls13_master_secrets.handshake);
|
||||
if (ret != 0) {
|
||||
|
@ -1601,19 +1623,19 @@ static int ssl_tls13_generate_application_keys(
|
|||
|
||||
/* Compute application secrets from master secret and transcript hash. */
|
||||
|
||||
ret = mbedtls_ssl_tls13_derive_application_secrets(hash_alg,
|
||||
handshake->tls13_master_secrets.app,
|
||||
transcript, transcript_len,
|
||||
app_secrets);
|
||||
ret = mbedtls_ssl_tls13_derive_application_secrets(
|
||||
hash_alg, handshake->tls13_master_secrets.app,
|
||||
transcript, transcript_len, app_secrets);
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1,
|
||||
"mbedtls_ssl_tls13_derive_application_secrets", ret);
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "mbedtls_ssl_tls13_derive_application_secrets", ret);
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
/* Derive first epoch of IV + Key for application traffic. */
|
||||
|
||||
ret = mbedtls_ssl_tls13_make_traffic_keys(hash_alg,
|
||||
ret = mbedtls_ssl_tls13_make_traffic_keys(
|
||||
hash_alg,
|
||||
app_secrets->client_application_traffic_secret_N,
|
||||
app_secrets->server_application_traffic_secret_N,
|
||||
hash_len, key_len, iv_len, traffic_keys);
|
||||
|
@ -1634,7 +1656,8 @@ static int ssl_tls13_generate_application_keys(
|
|||
* Export client/server application traffic secret 0
|
||||
*/
|
||||
if (ssl->f_export_keys != NULL) {
|
||||
ssl->f_export_keys(ssl->p_export_keys,
|
||||
ssl->f_export_keys(
|
||||
ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_CLIENT_APPLICATION_TRAFFIC_SECRET,
|
||||
app_secrets->client_application_traffic_secret_N, hash_len,
|
||||
handshake->randbytes,
|
||||
|
@ -1642,7 +1665,8 @@ static int ssl_tls13_generate_application_keys(
|
|||
MBEDTLS_SSL_TLS_PRF_NONE /* TODO: this should be replaced by
|
||||
a new constant for TLS 1.3! */);
|
||||
|
||||
ssl->f_export_keys(ssl->p_export_keys,
|
||||
ssl->f_export_keys(
|
||||
ssl->p_export_keys,
|
||||
MBEDTLS_SSL_KEY_EXPORT_TLS1_3_SERVER_APPLICATION_TRAFFIC_SECRET,
|
||||
app_secrets->server_application_traffic_secret_N, hash_len,
|
||||
handshake->randbytes,
|
||||
|
@ -1729,8 +1753,8 @@ int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl)
|
|||
unsigned char transcript[MBEDTLS_TLS1_3_MD_MAX_SIZE];
|
||||
size_t transcript_len;
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2,
|
||||
("=> mbedtls_ssl_tls13_compute_resumption_master_secret"));
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
2, ("=> mbedtls_ssl_tls13_compute_resumption_master_secret"));
|
||||
|
||||
md_type = handshake->ciphersuite_info->mac;
|
||||
|
||||
|
@ -1754,12 +1778,13 @@ int mbedtls_ssl_tls13_compute_resumption_master_secret(mbedtls_ssl_context *ssl)
|
|||
mbedtls_platform_zeroize(&handshake->tls13_master_secrets,
|
||||
sizeof(handshake->tls13_master_secrets));
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF(4, "Resumption master secret",
|
||||
MBEDTLS_SSL_DEBUG_BUF(
|
||||
4, "Resumption master secret",
|
||||
ssl->session_negotiate->app_secrets.resumption_master_secret,
|
||||
PSA_HASH_LENGTH(mbedtls_psa_translate_md(md_type)));
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2,
|
||||
("<= mbedtls_ssl_tls13_compute_resumption_master_secret"));
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
2, ("<= mbedtls_ssl_tls13_compute_resumption_master_secret"));
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
|
|
@ -317,11 +317,10 @@ static int ssl_tls13_offered_psks_check_identity_match(
|
|||
}
|
||||
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_offered_psks_check_binder_match(mbedtls_ssl_context *ssl,
|
||||
const unsigned char *binder,
|
||||
size_t binder_len,
|
||||
int psk_type,
|
||||
psa_algorithm_t psk_hash_alg)
|
||||
static int ssl_tls13_offered_psks_check_binder_match(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *binder, size_t binder_len,
|
||||
int psk_type, psa_algorithm_t psk_hash_alg)
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
|
@ -490,7 +489,8 @@ static int ssl_tls13_session_copy_ticket(mbedtls_ssl_session *dst,
|
|||
* } PreSharedKeyExtension;
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
||||
static int ssl_tls13_parse_pre_shared_key_ext(
|
||||
mbedtls_ssl_context *ssl,
|
||||
const unsigned char *pre_shared_key_ext,
|
||||
const unsigned char *pre_shared_key_ext_end,
|
||||
const unsigned char *ciphersuites,
|
||||
|
@ -621,8 +621,8 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
|||
mbedtls_ssl_session_free(&session);
|
||||
#endif
|
||||
MBEDTLS_SSL_DEBUG_MSG(3, ("Invalid binder."));
|
||||
MBEDTLS_SSL_DEBUG_RET(1,
|
||||
"ssl_tls13_offered_psks_check_binder_match", ret);
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "ssl_tls13_offered_psks_check_binder_match", ret);
|
||||
MBEDTLS_SSL_PEND_FATAL_ALERT(
|
||||
MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR,
|
||||
MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE);
|
||||
|
@ -656,9 +656,8 @@ static int ssl_tls13_parse_pre_shared_key_ext(mbedtls_ssl_context *ssl,
|
|||
}
|
||||
|
||||
/* Update the handshake transcript with the binder list. */
|
||||
ret = ssl->handshake->update_checksum(ssl,
|
||||
identities_end,
|
||||
(size_t) (binders_end - identities_end));
|
||||
ret = ssl->handshake->update_checksum(
|
||||
ssl, identities_end, (size_t) (binders_end - identities_end));
|
||||
if (0 != ret) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1, ("update_checksum"), ret);
|
||||
return ret;
|
||||
|
@ -840,13 +839,14 @@ static int ssl_tls13_parse_supported_groups_ext(mbedtls_ssl_context *ssl,
|
|||
#if defined(PSA_WANT_ALG_ECDH)
|
||||
/*
|
||||
* ssl_tls13_parse_key_shares_ext() verifies whether the information in the
|
||||
* extension is correct and stores the first acceptable key share and its associated group.
|
||||
* extension is correct and stores the first acceptable key share and its
|
||||
* associated group.
|
||||
*
|
||||
* Possible return values are:
|
||||
* - 0: Successful processing of the client provided key share extension.
|
||||
* - SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH: The key shares provided by the client
|
||||
* does not match a group supported by the server. A HelloRetryRequest will
|
||||
* be needed.
|
||||
* - SSL_TLS1_3_PARSE_KEY_SHARES_EXT_NO_MATCH: The key shares provided by
|
||||
* the client does not match a group supported by the server. A
|
||||
* HelloRetryRequest will be needed.
|
||||
* - A negative value for fatal errors.
|
||||
*/
|
||||
MBEDTLS_CHECK_RETURN_CRITICAL
|
||||
|
@ -1042,7 +1042,8 @@ static int ssl_tls13_determine_key_exchange_mode(mbedtls_ssl_context *ssl)
|
|||
* 3 ) Plain PSK Mode ( psk )
|
||||
*/
|
||||
|
||||
ssl->handshake->key_exchange_mode = MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE;
|
||||
ssl->handshake->key_exchange_mode =
|
||||
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_NONE;
|
||||
|
||||
if (ssl_tls13_check_psk_ephemeral_key_exchange(ssl)) {
|
||||
ssl->handshake->key_exchange_mode =
|
||||
|
@ -1552,8 +1553,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
ret = ssl_tls13_parse_supported_groups_ext(
|
||||
ssl, p, extension_data_end);
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1,
|
||||
"mbedtls_ssl_parse_supported_groups_ext", ret);
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "ssl_tls13_parse_supported_groups_ext", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
@ -1593,7 +1594,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
|
||||
#if defined(MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_SOME_PSK_ENABLED)
|
||||
case MBEDTLS_TLS_EXT_PSK_KEY_EXCHANGE_MODES:
|
||||
MBEDTLS_SSL_DEBUG_MSG(3, ("found psk key exchange modes extension"));
|
||||
MBEDTLS_SSL_DEBUG_MSG(
|
||||
3, ("found psk key exchange modes extension"));
|
||||
|
||||
ret = ssl_tls13_parse_key_exchange_modes_ext(
|
||||
ssl, p, extension_data_end);
|
||||
|
@ -1645,10 +1647,8 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
ret = mbedtls_ssl_parse_sig_alg_ext(
|
||||
ssl, p, extension_data_end);
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_MSG(1,
|
||||
(
|
||||
"ssl_parse_supported_signature_algorithms_server_ext ( %d )",
|
||||
ret));
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "mbedtls_ssl_parse_sig_alg_ext", ret);
|
||||
return ret;
|
||||
}
|
||||
break;
|
||||
|
@ -1658,10 +1658,14 @@ static int ssl_tls13_parse_client_hello(mbedtls_ssl_context *ssl,
|
|||
case MBEDTLS_TLS_EXT_RECORD_SIZE_LIMIT:
|
||||
MBEDTLS_SSL_DEBUG_MSG(3, ("found record_size_limit extension"));
|
||||
|
||||
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(ssl, p, extension_data_end);
|
||||
ret = mbedtls_ssl_tls13_parse_record_size_limit_ext(
|
||||
ssl, p, extension_data_end);
|
||||
|
||||
/* TODO: Return unconditionally here until we handle the record size limit correctly.
|
||||
* Once handled correctly, only return in case of errors. */
|
||||
/*
|
||||
* TODO: Return unconditionally here until we handle the record
|
||||
* size limit correctly.
|
||||
* Once handled correctly, only return in case of errors.
|
||||
*/
|
||||
return ret;
|
||||
|
||||
break;
|
||||
|
@ -2239,9 +2243,8 @@ static int ssl_tls13_write_server_hello(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_prepare_server_hello(ssl));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_SERVER_HELLO, &buf,
|
||||
&buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_SERVER_HELLO, &buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_server_hello_body(ssl, buf,
|
||||
buf + buf_len,
|
||||
|
@ -2413,15 +2416,16 @@ static int ssl_tls13_write_encrypted_extensions(mbedtls_ssl_context *ssl)
|
|||
|
||||
MBEDTLS_SSL_DEBUG_MSG(2, ("=> write encrypted extensions"));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, &buf,
|
||||
&buf_len));
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
&buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_encrypted_extensions_body(
|
||||
ssl, buf, buf + buf_len, &msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS, buf, msg_len));
|
||||
ssl, MBEDTLS_SSL_HS_ENCRYPTED_EXTENSIONS,
|
||||
buf, msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||
ssl, buf_len, msg_len));
|
||||
|
@ -2546,15 +2550,16 @@ static int ssl_tls13_write_certificate_request(mbedtls_ssl_context *ssl)
|
|||
unsigned char *buf;
|
||||
size_t buf_len, msg_len;
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
&buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_certificate_request_body(
|
||||
ssl, buf, buf + buf_len, &msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_add_hs_msg_to_checksum(
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST, buf, msg_len));
|
||||
ssl, MBEDTLS_SSL_HS_CERTIFICATE_REQUEST,
|
||||
buf, msg_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_finish_handshake_msg(
|
||||
ssl, buf_len, msg_len));
|
||||
|
@ -2665,8 +2670,8 @@ static int ssl_tls13_process_client_finished(mbedtls_ssl_context *ssl)
|
|||
|
||||
ret = mbedtls_ssl_tls13_compute_resumption_master_secret(ssl);
|
||||
if (ret != 0) {
|
||||
MBEDTLS_SSL_DEBUG_RET(1,
|
||||
"mbedtls_ssl_tls13_compute_resumption_master_secret", ret);
|
||||
MBEDTLS_SSL_DEBUG_RET(
|
||||
1, "mbedtls_ssl_tls13_compute_resumption_master_secret", ret);
|
||||
}
|
||||
|
||||
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_WRAPUP);
|
||||
|
@ -2691,7 +2696,8 @@ static int ssl_tls13_handshake_wrapup(mbedtls_ssl_context *ssl)
|
|||
*/
|
||||
/* Sent NewSessionTicket message only when client supports PSK */
|
||||
if (mbedtls_ssl_tls13_some_psk_enabled(ssl)) {
|
||||
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
|
||||
mbedtls_ssl_handshake_set_state(
|
||||
ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
|
||||
} else
|
||||
#endif
|
||||
{
|
||||
|
@ -2954,8 +2960,8 @@ static int ssl_tls13_write_new_session_ticket(mbedtls_ssl_context *ssl)
|
|||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_prepare_new_session_ticket(
|
||||
ssl, ticket_nonce, sizeof(ticket_nonce)));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(ssl,
|
||||
MBEDTLS_SSL_HS_NEW_SESSION_TICKET,
|
||||
MBEDTLS_SSL_PROC_CHK(mbedtls_ssl_start_handshake_msg(
|
||||
ssl, MBEDTLS_SSL_HS_NEW_SESSION_TICKET,
|
||||
&buf, &buf_len));
|
||||
|
||||
MBEDTLS_SSL_PROC_CHK(ssl_tls13_write_new_session_ticket_body(
|
||||
|
@ -3124,7 +3130,8 @@ int mbedtls_ssl_tls13_handshake_server_step(mbedtls_ssl_context *ssl)
|
|||
if (ssl->handshake->new_session_tickets_count == 0) {
|
||||
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_HANDSHAKE_OVER);
|
||||
} else {
|
||||
mbedtls_ssl_handshake_set_state(ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
|
||||
mbedtls_ssl_handshake_set_state(
|
||||
ssl, MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET);
|
||||
}
|
||||
break;
|
||||
|
||||
|
|
Loading…
Reference in a new issue