28 #if defined(POLARSSL_SSL_CLI_C)
37 #if defined(POLARSSL_SHA4_C)
41 static int ssl_write_client_hello(
ssl_context *ssl )
44 size_t i, n, ext_len = 0;
48 unsigned char sig_alg_list[20];
49 size_t sig_alg_len = 0;
53 if( ssl->
f_rng == NULL )
88 *p++ = (
unsigned char)( t >> 24 );
89 *p++ = (
unsigned char)( t >> 16 );
90 *p++ = (
unsigned char)( t >> 8 );
91 *p++ = (
unsigned char)( t );
95 if( ( ret = ssl->
f_rng( ssl->
p_rng, p, 28 ) ) != 0 )
102 SSL_DEBUG_BUF( 3,
"client hello, random bytes", buf + 6, 32 );
120 *p++ = (
unsigned char) n;
122 for( i = 0; i < n; i++ )
125 SSL_DEBUG_MSG( 3, (
"client hello, session id len.: %d", n ) );
130 *p++ = (
unsigned char)( n >> 7 );
131 *p++ = (
unsigned char)( n << 1 );
143 SSL_DEBUG_MSG( 3, (
"client hello, got %d ciphersuites", n ) );
145 for( i = 0; i < n; i++ )
154 #if defined(POLARSSL_ZLIB_SUPPORT)
155 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 2 ) );
163 SSL_DEBUG_MSG( 3, (
"client hello, compress len.: %d", 1 ) );
172 SSL_DEBUG_MSG( 3, (
"client hello, prepping for server name extension: %s",
180 SSL_DEBUG_MSG( 3, (
"client hello, prepping for renegotiation extension" ) );
189 #if defined(POLARSSL_SHA4_C)
195 #if defined(POLARSSL_SHA2_C)
201 #if defined(POLARSSL_SHA1_C)
205 #if defined(POLARSSL_MD5_C)
209 ext_len += 6 + sig_alg_len;
212 SSL_DEBUG_MSG( 3, (
"client hello, total extension length: %d",
217 *p++ = (
unsigned char)( ( ext_len >> 8 ) & 0xFF );
218 *p++ = (
unsigned char)( ( ext_len ) & 0xFF );
241 SSL_DEBUG_MSG( 3, (
"client hello, adding server name extension: %s",
247 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) >> 8 ) & 0xFF );
248 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 5) ) & 0xFF );
250 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) >> 8 ) & 0xFF );
251 *p++ = (
unsigned char)( ( (ssl->
hostname_len + 3) ) & 0xFF );
254 *p++ = (
unsigned char)( ( ssl->
hostname_len >> 8 ) & 0xFF );
266 SSL_DEBUG_MSG( 3, (
"client hello, renegotiation info extension" ) );
298 SSL_DEBUG_MSG( 3, (
"client hello, adding signature_algorithms extension" ) );
303 *p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) >> 8 ) & 0xFF );
304 *p++ = (
unsigned char)( ( ( sig_alg_len + 2 ) ) & 0xFF );
306 *p++ = (
unsigned char)( ( sig_alg_len >> 8 ) & 0xFF );
307 *p++ = (
unsigned char)( ( sig_alg_len ) & 0xFF );
309 memcpy( p, sig_alg_list, sig_alg_len );
331 static int ssl_parse_renegotiation_info(
ssl_context *ssl,
339 if( len != 1 || buf[0] != 0x0 )
341 SSL_DEBUG_MSG( 1, (
"non-zero length renegotiated connection field" ) );
361 SSL_DEBUG_MSG( 1, (
"non-matching renegotiated connection field" ) );
373 static int ssl_parse_server_hello(
ssl_context *ssl )
375 #if defined(POLARSSL_DEBUG_C)
381 unsigned char *buf, *ext;
382 int renegotiation_info_seen = 0;
383 int handshake_failure = 0;
429 SSL_DEBUG_MSG( 1, (
"server only supports ssl smaller than minimum"
439 #if defined(POLARSSL_DEBUG_C)
440 t = ( (time_t) buf[6] << 24 )
441 | ( (time_t) buf[7] << 16 )
442 | ( (time_t) buf[8] << 8 )
443 | ( (time_t) buf[9] );
450 SSL_DEBUG_MSG( 3, (
"server hello, current time: %lu", t ) );
451 SSL_DEBUG_BUF( 3,
"server hello, random bytes", buf + 6, 32 );
469 ext_len = ( ( buf[42 + n] << 8 )
472 if( ( ext_len > 0 && ext_len < 4 ) ||
480 i = ( buf[39 + n] << 8 ) | buf[40 + n];
488 SSL_DEBUG_MSG( 3, (
"server hello, session id len.: %d", n ) );
523 SSL_DEBUG_MSG( 3, (
"server hello, chosen ciphersuite: %d", i ) );
524 SSL_DEBUG_MSG( 3, (
"server hello, compress alg.: %d", buf[41 + n] ) );
540 #
if defined(POLARSSL_ZLIB_SUPPORT)
554 unsigned int ext_id = ( ( ext[0] << 8 )
556 unsigned int ext_size = ( ( ext[2] << 8 )
559 if( ext_size + 4 > ext_len )
569 renegotiation_info_seen = 1;
571 if( ( ret = ssl_parse_renegotiation_info( ssl, ext + 4, ext_size ) ) != 0 )
577 SSL_DEBUG_MSG( 3, (
"unknown extension found: %d (ignoring)",
581 ext_len -= 4 + ext_size;
584 if( ext_len > 0 && ext_len < 4 )
597 SSL_DEBUG_MSG( 1, (
"legacy renegotiation, breaking off handshake" ) );
598 handshake_failure = 1;
602 renegotiation_info_seen == 0 )
604 SSL_DEBUG_MSG( 1, (
"renegotiation_info extension missing (secure)" ) );
605 handshake_failure = 1;
612 handshake_failure = 1;
616 renegotiation_info_seen == 1 )
618 SSL_DEBUG_MSG( 1, (
"renegotiation_info extension present (legacy)" ) );
619 handshake_failure = 1;
622 if( handshake_failure == 1 )
635 static int ssl_parse_server_key_exchange(
ssl_context *ssl )
637 #if defined(POLARSSL_DHM_C)
640 unsigned char *p, *end;
641 unsigned char hash[64];
645 unsigned int hashlen = 0;
668 #if !defined(POLARSSL_DHM_C)
706 SSL_DEBUG_MSG( 2, (
"DHM Read Params returned -0x%x", -ret ) );
715 SSL_DEBUG_MSG( 2, (
"server used unsupported SignatureAlgorithm %d", p[1] ) );
722 #if defined(POLARSSL_MD5_C)
727 #if defined(POLARSSL_SHA1_C)
732 #if defined(POLARSSL_SHA2_C)
740 #if defined(POLARSSL_SHA4_C)
749 SSL_DEBUG_MSG( 2, (
"Server used unsupported HashAlgorithm %d", p[0] ) );
754 SSL_DEBUG_MSG( 2, (
"Server used SignatureAlgorithm %d", p[1] ) );
755 SSL_DEBUG_MSG( 2, (
"Server used HashAlgorithm %d", p[0] ) );
759 n = ( p[0] << 8 ) | p[1];
768 if( (
unsigned int)( end - p ) !=
800 n = ssl->
in_hslen - ( end - p ) - 6;
818 #if defined(POLARSSL_SHA4_C)
822 n = ssl->
in_hslen - ( end - p ) - 8;
833 #if defined(POLARSSL_MD5_C)
842 #if defined(POLARSSL_SHA1_C)
851 #if defined(POLARSSL_SHA2_C)
867 #if defined(POLARSSL_SHA4_C)
890 hash_id, hashlen, hash, p ) ) != 0 )
904 static int ssl_parse_certificate_request(
ssl_context *ssl )
907 unsigned char *buf, *p;
909 size_t cert_type_len = 0, sig_alg_len = 0, dn_len = 0;
956 cert_type_len = buf[4];
966 while( cert_type_len > 0 )
986 sig_alg_len = ( ( buf[5 + n] << 8 )
1000 dn_len = ( ( buf[5 + m + n] << 8 )
1001 | ( buf[6 + m + n] ) );
1016 static int ssl_parse_server_hello_done(
ssl_context *ssl )
1051 static int ssl_write_client_key_exchange(
ssl_context *ssl )
1071 #if !defined(POLARSSL_DHM_C)
1080 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
1081 ssl->
out_msg[5] = (
unsigned char)( n );
1130 ssl->
out_msg[4] = (
unsigned char)( n >> 8 );
1131 ssl->
out_msg[5] = (
unsigned char)( n );
1170 static int ssl_write_certificate_verify(
ssl_context *ssl )
1173 size_t n = 0, offset = 0;
1174 unsigned char hash[48];
1176 unsigned int hashlen = 36;
1254 ssl->
out_msg[4 + offset] = (
unsigned char)( n >> 8 );
1255 ssl->
out_msg[5 + offset] = (
unsigned char)( n );
1261 hashlen, hash, ssl->
out_msg + 6 + offset );
1302 switch( ssl->
state )
1312 ret = ssl_write_client_hello( ssl );
1323 ret = ssl_parse_server_hello( ssl );
1331 ret = ssl_parse_server_key_exchange( ssl );
1335 ret = ssl_parse_certificate_request( ssl );
1339 ret = ssl_parse_server_hello_done( ssl );
1354 ret = ssl_write_client_key_exchange( ssl );
1358 ret = ssl_write_certificate_verify( ssl );