Cleanup client_hello body.
cleanup `ssl_tls13_write_client_hello_body`, fix comments issues. And move ciphersuites to separate function Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
parent
67d4ed5b22
commit
6a64310002
1 changed files with 89 additions and 97 deletions
|
@ -115,8 +115,79 @@ static int ssl_tls13_write_key_shares_ext( mbedtls_ssl_context *ssl,
|
||||||
|
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
/* Functions for writing ClientHello message */
|
/* Write ciphersuites
|
||||||
|
* CipherSuite cipher_suites<2..2^16-2>;
|
||||||
|
*/
|
||||||
|
static int ssl_tls13_write_client_hello_ciphersuites(
|
||||||
|
mbedtls_ssl_context *ssl,
|
||||||
|
unsigned char *buf,
|
||||||
|
unsigned char *end,
|
||||||
|
size_t *olen )
|
||||||
|
{
|
||||||
|
/* Ciphersuite-related variables */
|
||||||
|
const int *ciphersuites;
|
||||||
|
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
||||||
|
/* ciphersuite_start points to the start of
|
||||||
|
the ciphersuite list, i.e. to the length field*/
|
||||||
|
unsigned char *ciphersuite_start, *ciphersuite_iter;
|
||||||
|
size_t buf_len;
|
||||||
|
|
||||||
|
*olen = 0 ;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Ciphersuite list
|
||||||
|
*
|
||||||
|
* This is a list of the symmetric cipher options supported by
|
||||||
|
* the client, specifically the record protection algorithm
|
||||||
|
* ( including secret key length ) and a hash to be used with
|
||||||
|
* HKDF, in descending order of client preference.
|
||||||
|
*/
|
||||||
|
ciphersuites = ssl->conf->ciphersuite_list;
|
||||||
|
|
||||||
|
/* Check available spaces for ciphersuite */
|
||||||
|
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 );
|
||||||
|
|
||||||
|
/* Write ciphersuites */
|
||||||
|
ciphersuite_start = buf + 2;
|
||||||
|
ciphersuite_iter = ciphersuite_start;
|
||||||
|
|
||||||
|
for ( size_t i = 0; ciphersuites[i] != 0; i++ )
|
||||||
|
{
|
||||||
|
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] );
|
||||||
|
|
||||||
|
if( ciphersuite_info == NULL )
|
||||||
|
continue;
|
||||||
|
|
||||||
|
if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ||
|
||||||
|
ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 )
|
||||||
|
continue;
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s",
|
||||||
|
(unsigned int) ciphersuites[i],
|
||||||
|
ciphersuite_info->name ) );
|
||||||
|
|
||||||
|
/* Check for available spaces */
|
||||||
|
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 );
|
||||||
|
|
||||||
|
MBEDTLS_PUT_UINT16_BE( ciphersuites[i], ciphersuite_iter, 0);
|
||||||
|
ciphersuite_iter += 2;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
buf_len = ciphersuite_iter - ciphersuite_start;
|
||||||
|
|
||||||
|
/* write ciphersuite buf length */
|
||||||
|
MBEDTLS_PUT_UINT16_BE( buf_len, buf, 0 );
|
||||||
|
|
||||||
|
|
||||||
|
MBEDTLS_SSL_DEBUG_MSG( 3,
|
||||||
|
( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites",
|
||||||
|
buf_len/2 ) );
|
||||||
|
|
||||||
|
return( 0 );
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Functions for writing ClientHello message */
|
||||||
static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *buf,
|
unsigned char *buf,
|
||||||
size_t buflen,
|
size_t buflen,
|
||||||
|
@ -139,13 +210,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
unsigned char *start = buf;
|
unsigned char *start = buf;
|
||||||
unsigned char *end = buf + buflen;
|
unsigned char *end = buf + buflen;
|
||||||
|
|
||||||
/* Ciphersuite-related variables */
|
*len_with_binders = 0;
|
||||||
const int *ciphersuites;
|
|
||||||
const mbedtls_ssl_ciphersuite_t *ciphersuite_info;
|
|
||||||
/* ciphersuite_start points to the start of
|
|
||||||
the ciphersuite list, i.e. to the length field*/
|
|
||||||
unsigned char *ciphersuite_start;
|
|
||||||
size_t ciphersuite_count;
|
|
||||||
|
|
||||||
/* Keeping track of the included extensions */
|
/* Keeping track of the included extensions */
|
||||||
ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
|
ssl->handshake->extensions_present = MBEDTLS_SSL_EXT_NONE;
|
||||||
|
@ -169,7 +234,9 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
ssl->major_ver = ssl->conf->min_major_ver;
|
ssl->major_ver = ssl->conf->min_major_ver;
|
||||||
ssl->minor_ver = ssl->conf->min_minor_ver;
|
ssl->minor_ver = ssl->conf->min_minor_ver;
|
||||||
|
|
||||||
/* For TLS 1.3 we use the legacy version number {0x03, 0x03}
|
/* Write legacy_version
|
||||||
|
* ProtocolVersion legacy_version = 0x0303; // TLS v1.2
|
||||||
|
* For TLS 1.3 we use the legacy version number {0x03, 0x03}
|
||||||
* instead of the true version number.
|
* instead of the true version number.
|
||||||
*
|
*
|
||||||
* For DTLS 1.3 we use the legacy version number
|
* For DTLS 1.3 we use the legacy version number
|
||||||
|
@ -180,16 +247,16 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN );
|
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_LEGACY_VERSION_LEN );
|
||||||
MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0);
|
MBEDTLS_PUT_UINT16_BE( 0x0303, buf, 0);
|
||||||
buf += CLIENT_HELLO_LEGACY_VERSION_LEN;
|
buf += CLIENT_HELLO_LEGACY_VERSION_LEN;
|
||||||
buflen -= CLIENT_HELLO_LEGACY_VERSION_LEN;
|
|
||||||
|
|
||||||
/* Write random bytes */
|
/* Write random bytes
|
||||||
|
Random random
|
||||||
|
*/
|
||||||
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RANDOM_LEN );
|
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, CLIENT_HELLO_RANDOM_LEN );
|
||||||
memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN );
|
memcpy( buf, ssl->handshake->randbytes, CLIENT_HELLO_RANDOM_LEN );
|
||||||
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes",
|
MBEDTLS_SSL_DEBUG_BUF( 3, "client hello, random bytes",
|
||||||
buf, CLIENT_HELLO_RANDOM_LEN );
|
buf, CLIENT_HELLO_RANDOM_LEN );
|
||||||
|
|
||||||
buf += CLIENT_HELLO_RANDOM_LEN;
|
buf += CLIENT_HELLO_RANDOM_LEN;
|
||||||
buflen -= CLIENT_HELLO_RANDOM_LEN;
|
|
||||||
|
|
||||||
/* Versions of TLS before TLS 1.3 supported a
|
/* Versions of TLS before TLS 1.3 supported a
|
||||||
* "session resumption" feature which has been merged with pre-shared
|
* "session resumption" feature which has been merged with pre-shared
|
||||||
|
@ -203,74 +270,14 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
* ossification ). Otherwise, it MUST be set as a zero-length vector
|
* ossification ). Otherwise, it MUST be set as a zero-length vector
|
||||||
* ( i.e., a zero-valued single byte length field ).
|
* ( i.e., a zero-valued single byte length field ).
|
||||||
*/
|
*/
|
||||||
if( buflen < 1 )
|
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 1 );
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
|
||||||
}
|
|
||||||
|
|
||||||
*buf++ = 0; /* session id length set to zero */
|
*buf++ = 0; /* session id length set to zero */
|
||||||
buflen -= 1;
|
|
||||||
|
|
||||||
/*
|
/* Write ciphersuites */
|
||||||
* Ciphersuite list
|
ret = ssl_tls13_write_client_hello_ciphersuites( ssl, buf, end, &cur_ext_len );
|
||||||
*
|
if( ret != 0)
|
||||||
* This is a list of the symmetric cipher options supported by
|
return( ret );
|
||||||
* the client, specifically the record protection algorithm
|
buf += cur_ext_len;
|
||||||
* ( including secret key length ) and a hash to be used with
|
|
||||||
* HKDF, in descending order of client preference.
|
|
||||||
*/
|
|
||||||
ciphersuites = ssl->conf->ciphersuite_list;
|
|
||||||
|
|
||||||
if( buflen < 2 /* for ciphersuite list length */ )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Skip writing ciphersuite length for now */
|
|
||||||
ciphersuite_count = 0;
|
|
||||||
ciphersuite_start = buf;
|
|
||||||
buf += 2;
|
|
||||||
buflen -= 2;
|
|
||||||
|
|
||||||
for ( size_t i = 0; ciphersuites[i] != 0; i++ )
|
|
||||||
{
|
|
||||||
ciphersuite_info = mbedtls_ssl_ciphersuite_from_id( ciphersuites[i] );
|
|
||||||
|
|
||||||
if( ciphersuite_info == NULL )
|
|
||||||
continue;
|
|
||||||
|
|
||||||
if( ciphersuite_info->min_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 ||
|
|
||||||
ciphersuite_info->max_minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 )
|
|
||||||
continue;
|
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, add ciphersuite: %04x, %s",
|
|
||||||
(unsigned int) ciphersuites[i],
|
|
||||||
ciphersuite_info->name ) );
|
|
||||||
|
|
||||||
ciphersuite_count++;
|
|
||||||
|
|
||||||
if( buflen < 2 /* for ciphersuite list length */ )
|
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
|
||||||
}
|
|
||||||
|
|
||||||
MBEDTLS_PUT_UINT16_BE( ciphersuites[i], buf, 0);
|
|
||||||
|
|
||||||
buf += 2;
|
|
||||||
buflen -= 2;
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
/* write ciphersuite length now */
|
|
||||||
MBEDTLS_PUT_UINT16_BE( ciphersuite_count*2, ciphersuite_start, 0 );
|
|
||||||
ciphersuite_start += 2;
|
|
||||||
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3,
|
|
||||||
( "client hello, got %" MBEDTLS_PRINTF_SIZET " ciphersuites",
|
|
||||||
ciphersuite_count ) );
|
|
||||||
|
|
||||||
/* For every TLS 1.3 ClientHello, this vector MUST contain exactly
|
/* For every TLS 1.3 ClientHello, this vector MUST contain exactly
|
||||||
* one byte set to zero, which corresponds to the 'null' compression
|
* one byte set to zero, which corresponds to the 'null' compression
|
||||||
|
@ -278,20 +285,13 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
*
|
*
|
||||||
* For cTLS this field is elided.
|
* For cTLS this field is elided.
|
||||||
*/
|
*/
|
||||||
if( buflen < 2 /* for ciphersuite list length */ )
|
MBEDTLS_SSL_CHK_BUF_PTR( buf, end, 2 );
|
||||||
{
|
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "buffer too small to hold ClientHello" ) );
|
|
||||||
return( MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
|
||||||
}
|
|
||||||
|
|
||||||
*buf++ = 1;
|
*buf++ = 1;
|
||||||
*buf++ = MBEDTLS_SSL_COMPRESS_NULL;
|
*buf++ = MBEDTLS_SSL_COMPRESS_NULL;
|
||||||
|
|
||||||
buflen -= 2;
|
|
||||||
|
|
||||||
/* First write extensions, then the total length */
|
/* First write extensions, then the total length */
|
||||||
extension_start = buf;
|
extension_start = buf;
|
||||||
total_ext_len = 0;
|
|
||||||
buf += 2;
|
buf += 2;
|
||||||
|
|
||||||
/* Supported Versions Extension is mandatory with TLS 1.3.
|
/* Supported Versions Extension is mandatory with TLS 1.3.
|
||||||
|
@ -302,7 +302,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len );
|
ret = ssl_tls13_write_supported_versions_ext( ssl, buf, end, &cur_ext_len );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
total_ext_len += cur_ext_len;
|
|
||||||
buf += cur_ext_len;
|
buf += cur_ext_len;
|
||||||
|
|
||||||
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
|
||||||
|
@ -312,8 +311,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &cur_ext_len );
|
ret = ssl_tls13_write_supported_groups_ext( ssl, buf, end, &cur_ext_len );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
total_ext_len += cur_ext_len;
|
|
||||||
buf += cur_ext_len;
|
buf += cur_ext_len;
|
||||||
|
|
||||||
/* The supported_signature_algorithms extension is REQUIRED for
|
/* The supported_signature_algorithms extension is REQUIRED for
|
||||||
|
@ -321,8 +318,6 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len );
|
ret = mbedtls_ssl_tls13_write_sig_alg_ext( ssl, buf, end, &cur_ext_len );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
total_ext_len += cur_ext_len;
|
|
||||||
buf += cur_ext_len;
|
buf += cur_ext_len;
|
||||||
|
|
||||||
/* We need to send the key shares under three conditions:
|
/* We need to send the key shares under three conditions:
|
||||||
|
@ -338,13 +333,13 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len );
|
ret = ssl_tls13_write_key_shares_ext( ssl, buf, end, &cur_ext_len );
|
||||||
if( ret != 0 )
|
if( ret != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
total_ext_len += cur_ext_len;
|
|
||||||
buf += cur_ext_len;
|
buf += cur_ext_len;
|
||||||
|
|
||||||
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
|
||||||
|
|
||||||
/* Add more extensions here */
|
/* Add more extensions here */
|
||||||
|
|
||||||
|
total_ext_len = buf - extension_start - 2;
|
||||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET ,
|
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, total extension length: %" MBEDTLS_PRINTF_SIZET ,
|
||||||
total_ext_len ) );
|
total_ext_len ) );
|
||||||
|
|
||||||
|
@ -354,7 +349,7 @@ static int ssl_tls13_write_client_hello_body( mbedtls_ssl_context *ssl,
|
||||||
MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0 );
|
MBEDTLS_PUT_UINT16_BE( total_ext_len, extension_start, 0 );
|
||||||
extension_start += 2;
|
extension_start += 2;
|
||||||
|
|
||||||
*len_with_binders = ( extension_start + total_ext_len ) - start;
|
*len_with_binders = buf - start;
|
||||||
return( 0 );
|
return( 0 );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -390,9 +385,6 @@ static int ssl_tls13_prepare_client_hello( mbedtls_ssl_context *ssl )
|
||||||
*
|
*
|
||||||
* Structure of this message:
|
* Structure of this message:
|
||||||
*
|
*
|
||||||
* uint16 ProtocolVersion;
|
|
||||||
* opaque Random[32];
|
|
||||||
* uint8 CipherSuite[2]; // Cryptographic suite selector
|
|
||||||
* struct {
|
* struct {
|
||||||
* ProtocolVersion legacy_version = 0x0303; // TLS v1.2
|
* ProtocolVersion legacy_version = 0x0303; // TLS v1.2
|
||||||
* Random random;
|
* Random random;
|
||||||
|
|
Loading…
Reference in a new issue