28 #if defined(POLARSSL_SSL_CLI_C)
37 #if defined(POLARSSL_SHA4_C)
41 static int ssl_write_client_hello(
ssl_context *ssl )
44 size_t i, n, ext_len = 0;
48 unsigned char sig_alg_list[20];
49 size_t sig_alg_len = 0;
53 if( ssl->
f_rng == NULL )
88 *p++ = (
unsigned char)( t >> 24 );
89 *p++ = (
unsigned char)( t >> 16 );
90 *p++ = (
unsigned char)( t >> 8 );
91 *p++ = (
unsigned char)( t );
95 if( ( ret = ssl->
f_rng( ssl->
p_rng, p, 28 ) ) != 0 )
102 SSL_DEBUG_BUF( 3,
"client hello, random bytes", buf + 6, 32 );
120 *p++ = (
unsigned char) n;
122 for( i = 0; i < n; i++ )
125 SSL_DEBUG_MSG( 3, (
"client hello, session id len.: %d", n ) );
130 *p++ = (
unsigned char)( n >> 7 );
131 *p++ = (
unsigned char)( n << 1 );
143 SSL_DEBUG_MSG( 3, (
"client hello, got %d ciphersuites", n ) );
145 for( i = 0; i < n; i++ )
154 #if defined(POLARSSL_ZLIB_SUPPORT)
155 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 2 ) );
163 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 1 ) );
172 SSL_DEBUG_MSG( 3, (
"client hello, prepping for server name extension: %s",
180 SSL_DEBUG_MSG( 3, (
"client hello, prepping for renegotiation extension" ) );
189 #if defined(POLARSSL_SHA4_C)
195 #if defined(POLARSSL_SHA2_C)
201 #if defined(POLARSSL_SHA1_C)
205 #if defined(POLARSSL_MD5_C)
209 ext_len += 6 + sig_alg_len;
212 SSL_DEBUG_MSG( 3, (
"client hello, total extension length: %d",
217 *p++ = (
unsigned char)( ( ext_len >> 8 ) & 0xFF );
218 *p++ = (
unsigned char)( ( ext_len ) & 0xFF );
241 SSL_DEBUG_MSG( 3, (
"client hello, adding server name extension: %s",
247 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) >> 8 ) & 0xFF );
248 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) ) & 0xFF );
250 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) >> 8 ) & 0xFF );
251 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) ) & 0xFF );
254 *p++ = (
unsigned char)( ( ssl->
hostname_len >> 8 ) & 0xFF );
266 SSL_DEBUG_MSG( 3, (
"client hello, renegotiation info extension" ) );
298 SSL_DEBUG_MSG( 3, (
"client hello, adding signature_algorithms extension" ) );
303 *p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
304 *p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
306 *p++ = (
unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
307 *p++ = (
unsigned char)( ( sig_alg_len ) & 0xFF );
309 memcpy( p, sig_alg_list, sig_alg_len );
331 static int ssl_parse_renegotiation_info(
ssl_context *ssl,
339 if( len != 1 || buf[0] != 0x0 )
341 SSL_DEBUG_MSG( 1, (
"non-zero length renegotiated connection field" ) );
361 SSL_DEBUG_MSG( 1, (
"non-matching renegotiated connection field" ) );
373 static int ssl_parse_server_hello(
ssl_context *ssl )
375 #if defined(POLARSSL_DEBUG_C)
381 unsigned char *buf, *ext;
382 int renegotiation_info_seen = 0;
383 int handshake_failure = 0;
429 SSL_DEBUG_MSG( 1, (
"server only supports ssl smaller than minimum"
439 #if defined(POLARSSL_DEBUG_C)
440 t = ( (time_t) buf[6] << 24 )
441 | ( (time_t) buf[7] << 16 )
442 | ( (time_t) buf[8] << 8 )
443 | ( (time_t) buf[9] );
450 SSL_DEBUG_MSG( 3, (
"server hello, current time: %lu", t ) );
451 SSL_DEBUG_BUF( 3,
"server hello, random bytes", buf + 6, 32 );
469 ext_len = ( ( buf[42 + n] << 8 )
472 if( ( ext_len > 0 && ext_len < 4 ) ||
489 i = ( buf[39 + n] << 8 ) | buf[40 + n];
497 SSL_DEBUG_MSG( 3, (
"server hello, session id len.: %d", n ) );
532 SSL_DEBUG_MSG( 3, (
"server hello, chosen ciphersuite: %d", i ) );
533 SSL_DEBUG_MSG( 3, (
"server hello, compress alg.: %d", buf[41 + n] ) );
549 #
if defined(POLARSSL_ZLIB_SUPPORT)
563 unsigned int ext_id = ( ( ext[0] << 8 )
565 unsigned int ext_size = ( ( ext[2] << 8 )
568 if( ext_size + 4 > ext_len )
578 renegotiation_info_seen = 1;
580 if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ) ) != 0 )
586 SSL_DEBUG_MSG( 3, (
"unknown extension found: %d (ignoring)",
590 ext_len -= 4 + ext_size;
593 if( ext_len > 0 && ext_len < 4 )
606 SSL_DEBUG_MSG( 1, (
"legacy renegotiation, breaking off handshake" ) );
607 handshake_failure = 1;
611 renegotiation_info_seen == 0 )
613 SSL_DEBUG_MSG( 1, (
"renegotiation_info extension missing (secure)" ) );
614 handshake_failure = 1;
621 handshake_failure = 1;
625 renegotiation_info_seen == 1 )
627 SSL_DEBUG_MSG( 1, (
"renegotiation_info extension present (legacy)" ) );
628 handshake_failure = 1;
631 if( handshake_failure == 1 )
644 static int ssl_parse_server_key_exchange(
ssl_context *ssl )
646 #if defined(POLARSSL_DHM_C)
649 unsigned char *p, *end;
650 unsigned char hash[64];
654 unsigned int hashlen = 0;
677 #if !defined(POLARSSL_DHM_C)
715 SSL_DEBUG_MSG( 2, (
"DHM Read Params returned -0x%x", -ret ) );
724 SSL_DEBUG_MSG( 2, (
"server used unsupported SignatureAlgorithm %d", p[1] ) );
731 #if defined(POLARSSL_MD5_C)
736 #if defined(POLARSSL_SHA1_C)
741 #if defined(POLARSSL_SHA2_C)
749 #if defined(POLARSSL_SHA4_C)
758 SSL_DEBUG_MSG( 2, (
"Server used unsupported HashAlgorithm %d", p[0] ) );
763 SSL_DEBUG_MSG( 2, (
"Server used SignatureAlgorithm %d", p[1] ) );
764 SSL_DEBUG_MSG( 2, (
"Server used HashAlgorithm %d", p[0] ) );
768 n = ( p[0] << 8 ) | p[1];
777 if( (
unsigned int)( end - p ) !=
809 n = ssl->
in_hslen - ( end - p ) - 6;
827 #if defined(POLARSSL_SHA4_C)
831 n = ssl->
in_hslen - ( end - p ) - 8;
842 #if defined(POLARSSL_MD5_C)
851 #if defined(POLARSSL_SHA1_C)
860 #if defined(POLARSSL_SHA2_C)
876 #if defined(POLARSSL_SHA4_C)
899 hash_id, hashlen, hash, p ) ) != 0 )
913 static int ssl_parse_certificate_request(
ssl_context *ssl )
916 unsigned char *buf, *p;
918 size_t cert_type_len = 0, sig_alg_len = 0, dn_len = 0;
965 cert_type_len = buf[4];
975 while( cert_type_len > 0 )
995 sig_alg_len = ( ( buf[5 + n] << 8 )
1009 dn_len = ( ( buf[5 + m + n] << 8 )
1010 | ( buf[6 + m + n] ) );
1025 static int ssl_parse_server_hello_done(
ssl_context *ssl )
1060 static int ssl_write_client_key_exchange(
ssl_context *ssl )
1080 #if !defined(POLARSSL_DHM_C)
1089 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
1090 ssl->
out_msg[5] = (
unsigned char)( n );
1139 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
1140 ssl->
out_msg[5] = (
unsigned char)( n );
1179 static int ssl_write_certificate_verify(
ssl_context *ssl )
1182 size_t n = 0, offset = 0;
1183 unsigned char hash[48];
1185 unsigned int hashlen = 36;
1263 ssl->
out_msg[4 + offset] = (
unsigned char)( n >> 8 );
1264 ssl->
out_msg[5 + offset] = (
unsigned char)( n );
1270 hashlen, hash, ssl->
out_msg + 6 + offset );
1311 switch( ssl->
state )
1321 ret = ssl_write_client_hello( ssl );
1332 ret = ssl_parse_server_hello( ssl );
1340 ret = ssl_parse_server_key_exchange( ssl );
1344 ret = ssl_parse_certificate_request( ssl );
1348 ret = ssl_parse_server_hello_done( ssl );
1363 ret = ssl_write_client_key_exchange( ssl );
1367 ret = ssl_write_certificate_verify( ssl );