28 #if defined(POLARSSL_SSL_CLI_C)
37 #if defined(POLARSSL_SHA4_C)
41 static int ssl_write_client_hello(
ssl_context *ssl )
44 size_t i, n, ext_len = 0;
48 unsigned char sig_alg_list[20];
49 size_t sig_alg_len = 0;
82 *p++ = (
unsigned char)( t >> 24 );
83 *p++ = (
unsigned char)( t >> 16 );
84 *p++ = (
unsigned char)( t >> 8 );
85 *p++ = (
unsigned char)( t );
89 if( ( ret = ssl->
f_rng( ssl->
p_rng, p, 28 ) ) != 0 )
96 SSL_DEBUG_BUF( 3,
"client hello, random bytes", buf + 6, 32 );
114 *p++ = (
unsigned char) n;
116 for( i = 0; i < n; i++ )
119 SSL_DEBUG_MSG( 3, (
"client hello, session id len.: %d", n ) );
124 *p++ = (
unsigned char)( n >> 7 );
125 *p++ = (
unsigned char)( n << 1 );
137 SSL_DEBUG_MSG( 3, (
"client hello, got %d ciphersuites", n ) );
139 for( i = 0; i < n; i++ )
148 #if defined(POLARSSL_ZLIB_SUPPORT)
149 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 2 ) );
157 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 1 ) );
166 SSL_DEBUG_MSG( 3, (
"client hello, prepping for server name extension: %s",
174 SSL_DEBUG_MSG( 3, (
"client hello, prepping for renegotiation extension" ) );
183 #if defined(POLARSSL_SHA4_C)
189 #if defined(POLARSSL_SHA2_C)
195 #if defined(POLARSSL_SHA1_C)
199 #if defined(POLARSSL_MD5_C)
203 ext_len += 6 + sig_alg_len;
206 SSL_DEBUG_MSG( 3, (
"client hello, total extension length: %d",
209 *p++ = (
unsigned char)( ( ext_len >> 8 ) & 0xFF );
210 *p++ = (
unsigned char)( ( ext_len ) & 0xFF );
232 SSL_DEBUG_MSG( 3, (
"client hello, adding server name extension: %s",
238 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) >> 8 ) & 0xFF );
239 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) ) & 0xFF );
241 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) >> 8 ) & 0xFF );
242 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) ) & 0xFF );
245 *p++ = (
unsigned char)( ( ssl->
hostname_len >> 8 ) & 0xFF );
257 SSL_DEBUG_MSG( 3, (
"client hello, renegotiation info extension" ) );
289 SSL_DEBUG_MSG( 3, (
"client hello, adding signature_algorithms extension" ) );
294 *p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
295 *p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
297 *p++ = (
unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
298 *p++ = (
unsigned char)( ( sig_alg_len ) & 0xFF );
300 memcpy( p, sig_alg_list, sig_alg_len );
322 static int ssl_parse_renegotiation_info(
ssl_context *ssl,
330 if( len != 1 || buf[0] != 0x0 )
332 SSL_DEBUG_MSG( 1, (
"non-zero length renegotiated connection field" ) );
350 SSL_DEBUG_MSG( 1, (
"non-matching renegotiated connection field" ) );
362 static int ssl_parse_server_hello(
ssl_context *ssl )
364 #if defined(POLARSSL_DEBUG_C)
370 unsigned char *buf, *ext;
371 int renegotiation_info_seen = 0;
372 int handshake_failure = 0;
418 SSL_DEBUG_MSG( 1, (
"server only supports ssl smaller than minimum"
428 #if defined(POLARSSL_DEBUG_C)
429 t = ( (time_t) buf[6] << 24 )
430 | ( (time_t) buf[7] << 16 )
431 | ( (time_t) buf[8] << 8 )
432 | ( (time_t) buf[9] );
439 SSL_DEBUG_MSG( 3, (
"server hello, current time: %lu", t ) );
440 SSL_DEBUG_BUF( 3,
"server hello, random bytes", buf + 6, 32 );
458 ext_len = ( ( buf[42 + n] << 8 )
461 if( ( ext_len > 0 && ext_len < 4 ) ||
469 i = ( buf[39 + n] << 8 ) | buf[40 + n];
477 SSL_DEBUG_MSG( 3, (
"server hello, session id len.: %d", n ) );
512 SSL_DEBUG_MSG( 3, (
"server hello, chosen ciphersuite: %d", i ) );
513 SSL_DEBUG_MSG( 3, (
"server hello, compress alg.: %d", buf[41 + n] ) );
529 #
if defined(POLARSSL_ZLIB_SUPPORT)
543 unsigned int ext_id = ( ( ext[0] << 8 )
545 unsigned int ext_size = ( ( ext[2] << 8 )
548 if( ext_size + 4 > ext_len )
558 renegotiation_info_seen = 1;
560 if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ) ) != 0 )
566 SSL_DEBUG_MSG( 3, (
"unknown extension found: %d (ignoring)",
570 ext_len -= 4 + ext_size;
573 if( ext_len > 0 && ext_len < 4 )
586 SSL_DEBUG_MSG( 1, (
"legacy renegotiation, breaking off handshake" ) );
587 handshake_failure = 1;
591 renegotiation_info_seen == 0 )
593 SSL_DEBUG_MSG( 1, (
"renegotiation_info extension missing (secure)" ) );
594 handshake_failure = 1;
601 handshake_failure = 1;
605 renegotiation_info_seen == 1 )
607 SSL_DEBUG_MSG( 1, (
"renegotiation_info extension present (legacy)" ) );
608 handshake_failure = 1;
611 if( handshake_failure == 1 )
624 static int ssl_parse_server_key_exchange(
ssl_context *ssl )
626 #if defined(POLARSSL_DHM_C)
629 unsigned char *p, *end;
630 unsigned char hash[64];
634 unsigned int hashlen = 0;
657 #if !defined(POLARSSL_DHM_C)
695 SSL_DEBUG_MSG( 2, (
"DHM Read Params returned -0x%x", -ret ) );
704 SSL_DEBUG_MSG( 2, (
"server used unsupported SignatureAlgorithm %d", p[1] ) );
711 #if defined(POLARSSL_MD5_C)
716 #if defined(POLARSSL_SHA1_C)
721 #if defined(POLARSSL_SHA2_C)
729 #if defined(POLARSSL_SHA4_C)
738 SSL_DEBUG_MSG( 2, (
"Server used unsupported HashAlgorithm %d", p[0] ) );
743 SSL_DEBUG_MSG( 2, (
"Server used SignatureAlgorithm %d", p[1] ) );
744 SSL_DEBUG_MSG( 2, (
"Server used HashAlgorithm %d", p[0] ) );
748 n = ( p[0] << 8 ) | p[1];
757 if( (
unsigned int)( end - p ) !=
789 n = ssl->
in_hslen - ( end - p ) - 6;
807 #if defined(POLARSSL_SHA4_C)
811 n = ssl->
in_hslen - ( end - p ) - 8;
822 #if defined(POLARSSL_MD5_C)
831 #if defined(POLARSSL_SHA1_C)
840 #if defined(POLARSSL_SHA2_C)
856 #if defined(POLARSSL_SHA4_C)
879 hash_id, hashlen, hash, p ) ) != 0 )
893 static int ssl_parse_certificate_request(
ssl_context *ssl )
896 unsigned char *buf, *p;
898 size_t cert_type_len = 0, sig_alg_len = 0, dn_len = 0;
945 cert_type_len = buf[4];
955 while( cert_type_len > 0 )
975 sig_alg_len = ( ( buf[5 + n] << 8 )
989 dn_len = ( ( buf[5 + m + n] << 8 )
990 | ( buf[6 + m + n] ) );
1005 static int ssl_parse_server_hello_done(
ssl_context *ssl )
1040 static int ssl_write_client_key_exchange(
ssl_context *ssl )
1060 #if !defined(POLARSSL_DHM_C)
1069 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
1070 ssl->
out_msg[5] = (
unsigned char)( n );
1119 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
1120 ssl->
out_msg[5] = (
unsigned char)( n );
1159 static int ssl_write_certificate_verify(
ssl_context *ssl )
1162 size_t n = 0, offset = 0;
1163 unsigned char hash[48];
1165 unsigned int hashlen = 36;
1243 ssl->
out_msg[4 + offset] = (
unsigned char)( n >> 8 );
1244 ssl->
out_msg[5 + offset] = (
unsigned char)( n );
1250 hashlen, hash, ssl->
out_msg + 6 + offset );
1291 switch( ssl->
state )
1301 ret = ssl_write_client_hello( ssl );
1312 ret = ssl_parse_server_hello( ssl );
1320 ret = ssl_parse_server_key_exchange( ssl );
1324 ret = ssl_parse_certificate_request( ssl );
1328 ret = ssl_parse_server_hello_done( ssl );
1343 ret = ssl_write_client_key_exchange( ssl );
1347 ret = ssl_write_certificate_verify( ssl );