mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-30 22:43:08 +03:00
Merge branch 'development' into 3649_move_constant_time_functions_into_separate_module
This commit is contained in:
Gabor Mezei
@ -384,7 +384,8 @@ static int ssl_parse_inner_plaintext( unsigned char const *content,
|
||||
static void ssl_extract_add_data_from_record( unsigned char* add_data,
|
||||
size_t *add_data_len,
|
||||
mbedtls_record *rec,
|
||||
unsigned minor_ver )
|
||||
unsigned minor_ver,
|
||||
size_t taglen )
|
||||
{
|
||||
/* Quoting RFC 5246 (TLS 1.2):
|
||||
*
|
||||
@ -403,15 +404,37 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
|
||||
*
|
||||
* For TLS 1.3, the record sequence number is dropped from the AAD
|
||||
* and encoded within the nonce of the AEAD operation instead.
|
||||
* Moreover, the additional data involves the length of the TLS
|
||||
* ciphertext, not the TLS plaintext as in earlier versions.
|
||||
* Quoting RFC 8446 (TLS 1.3):
|
||||
*
|
||||
* additional_data = TLSCiphertext.opaque_type ||
|
||||
* TLSCiphertext.legacy_record_version ||
|
||||
* TLSCiphertext.length
|
||||
*
|
||||
* We pass the tag length to this function in order to compute the
|
||||
* ciphertext length from the inner plaintext length rec->data_len via
|
||||
*
|
||||
* TLSCiphertext.length = TLSInnerPlaintext.length + taglen.
|
||||
*
|
||||
*/
|
||||
|
||||
unsigned char *cur = add_data;
|
||||
size_t ad_len_field = rec->data_len;
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
if( minor_ver != MBEDTLS_SSL_MINOR_VERSION_4 )
|
||||
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
|
||||
{
|
||||
/* In TLS 1.3, the AAD contains the length of the TLSCiphertext,
|
||||
* which differs from the length of the TLSInnerPlaintext
|
||||
* by the length of the authentication tag. */
|
||||
ad_len_field += taglen;
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
{
|
||||
((void) minor_ver);
|
||||
((void) taglen);
|
||||
memcpy( cur, rec->ctr, sizeof( rec->ctr ) );
|
||||
cur += sizeof( rec->ctr );
|
||||
}
|
||||
@ -431,15 +454,13 @@ static void ssl_extract_add_data_from_record( unsigned char* add_data,
|
||||
*cur = rec->cid_len;
|
||||
cur++;
|
||||
|
||||
cur[0] = ( rec->data_len >> 8 ) & 0xFF;
|
||||
cur[1] = ( rec->data_len >> 0 ) & 0xFF;
|
||||
MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 );
|
||||
cur += 2;
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
{
|
||||
cur[0] = ( rec->data_len >> 8 ) & 0xFF;
|
||||
cur[1] = ( rec->data_len >> 0 ) & 0xFF;
|
||||
MBEDTLS_PUT_UINT16_BE( ad_len_field, cur, 0 );
|
||||
cur += 2;
|
||||
}
|
||||
|
||||
@ -646,7 +667,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||
unsigned char mac[MBEDTLS_SSL_MAC_ADD];
|
||||
|
||||
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
|
||||
transform->minor_ver );
|
||||
transform->minor_ver,
|
||||
transform->taglen );
|
||||
|
||||
mbedtls_md_hmac_update( &transform->md_ctx_enc, add_data,
|
||||
add_data_len );
|
||||
@ -743,7 +765,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||
* This depends on the TLS version.
|
||||
*/
|
||||
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
|
||||
transform->minor_ver );
|
||||
transform->minor_ver,
|
||||
transform->taglen );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "IV used (internal)",
|
||||
iv, transform->ivlen );
|
||||
@ -897,7 +920,8 @@ int mbedtls_ssl_encrypt_buf( mbedtls_ssl_context *ssl,
|
||||
}
|
||||
|
||||
ssl_extract_add_data_from_record( add_data, &add_data_len,
|
||||
rec, transform->minor_ver );
|
||||
rec, transform->minor_ver,
|
||||
transform->taglen );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_MSG( 3, ( "using encrypt then mac" ) );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
|
||||
@ -1068,7 +1092,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
||||
* This depends on the TLS version.
|
||||
*/
|
||||
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
|
||||
transform->minor_ver );
|
||||
transform->minor_ver,
|
||||
transform->taglen );
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "additional data used for AEAD",
|
||||
add_data, add_data_len );
|
||||
|
||||
@ -1178,7 +1203,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
||||
* Further, we still know that data_len > minlen */
|
||||
rec->data_len -= transform->maclen;
|
||||
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
|
||||
transform->minor_ver );
|
||||
transform->minor_ver,
|
||||
transform->taglen );
|
||||
|
||||
/* Calculate expected MAC. */
|
||||
MBEDTLS_SSL_DEBUG_BUF( 4, "MAC'd meta-data", add_data,
|
||||
@ -1370,7 +1396,8 @@ int mbedtls_ssl_decrypt_buf( mbedtls_ssl_context const *ssl,
|
||||
*/
|
||||
rec->data_len -= transform->maclen;
|
||||
ssl_extract_add_data_from_record( add_data, &add_data_len, rec,
|
||||
transform->minor_ver );
|
||||
transform->minor_ver,
|
||||
transform->taglen );
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
|
||||
/*
|
||||
@ -1838,7 +1865,7 @@ void mbedtls_ssl_flight_free( mbedtls_ssl_flight_item *flight )
|
||||
static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
mbedtls_ssl_transform *tmp_transform;
|
||||
unsigned char tmp_out_ctr[8];
|
||||
unsigned char tmp_out_ctr[MBEDTLS_SSL_SEQUENCE_NUMBER_LEN];
|
||||
|
||||
if( ssl->transform_out == ssl->handshake->alt_transform_out )
|
||||
{
|
||||
@ -1854,9 +1881,11 @@ static int ssl_swap_epochs( mbedtls_ssl_context *ssl )
|
||||
ssl->handshake->alt_transform_out = tmp_transform;
|
||||
|
||||
/* Swap epoch + sequence_number */
|
||||
memcpy( tmp_out_ctr, ssl->cur_out_ctr, 8 );
|
||||
memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr, 8 );
|
||||
memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr, 8 );
|
||||
memcpy( tmp_out_ctr, ssl->cur_out_ctr, sizeof( tmp_out_ctr ) );
|
||||
memcpy( ssl->cur_out_ctr, ssl->handshake->alt_out_ctr,
|
||||
sizeof( ssl->cur_out_ctr ) );
|
||||
memcpy( ssl->handshake->alt_out_ctr, tmp_out_ctr,
|
||||
sizeof( ssl->handshake->alt_out_ctr ) );
|
||||
|
||||
/* Adjust to the newly activated transform */
|
||||
mbedtls_ssl_update_out_pointers( ssl, ssl->transform_out );
|
||||
@ -1990,13 +2019,13 @@ int mbedtls_ssl_flight_transmit( mbedtls_ssl_context *ssl )
|
||||
* Handshake headers: type(1) len(3) seq(2) f_off(3) f_len(3) */
|
||||
memcpy( ssl->out_msg, cur->p, 6 );
|
||||
|
||||
ssl->out_msg[6] = ( ( frag_off >> 16 ) & 0xff );
|
||||
ssl->out_msg[7] = ( ( frag_off >> 8 ) & 0xff );
|
||||
ssl->out_msg[8] = ( ( frag_off ) & 0xff );
|
||||
ssl->out_msg[6] = MBEDTLS_BYTE_2( frag_off );
|
||||
ssl->out_msg[7] = MBEDTLS_BYTE_1( frag_off );
|
||||
ssl->out_msg[8] = MBEDTLS_BYTE_0( frag_off );
|
||||
|
||||
ssl->out_msg[ 9] = ( ( cur_hs_frag_len >> 16 ) & 0xff );
|
||||
ssl->out_msg[10] = ( ( cur_hs_frag_len >> 8 ) & 0xff );
|
||||
ssl->out_msg[11] = ( ( cur_hs_frag_len ) & 0xff );
|
||||
ssl->out_msg[ 9] = MBEDTLS_BYTE_2( cur_hs_frag_len );
|
||||
ssl->out_msg[10] = MBEDTLS_BYTE_1( cur_hs_frag_len );
|
||||
ssl->out_msg[11] = MBEDTLS_BYTE_0( cur_hs_frag_len );
|
||||
|
||||
MBEDTLS_SSL_DEBUG_BUF( 3, "handshake header", ssl->out_msg, 12 );
|
||||
|
||||
@ -2124,7 +2153,8 @@ void mbedtls_ssl_send_flight_completed( mbedtls_ssl_context *ssl )
|
||||
* (including handshake headers but excluding record headers)
|
||||
* - ssl->out_msg: the record contents (handshake headers + content)
|
||||
*/
|
||||
int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||
int mbedtls_ssl_write_handshake_msg_ext( mbedtls_ssl_context *ssl,
|
||||
int update_checksum )
|
||||
{
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const size_t hs_len = ssl->out_msglen - 4;
|
||||
@ -2185,9 +2215,9 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||
*/
|
||||
if( ssl->out_msgtype == MBEDTLS_SSL_MSG_HANDSHAKE )
|
||||
{
|
||||
ssl->out_msg[1] = (unsigned char)( hs_len >> 16 );
|
||||
ssl->out_msg[2] = (unsigned char)( hs_len >> 8 );
|
||||
ssl->out_msg[3] = (unsigned char)( hs_len );
|
||||
ssl->out_msg[1] = MBEDTLS_BYTE_2( hs_len );
|
||||
ssl->out_msg[2] = MBEDTLS_BYTE_1( hs_len );
|
||||
ssl->out_msg[3] = MBEDTLS_BYTE_0( hs_len );
|
||||
|
||||
/*
|
||||
* DTLS has additional fields in the Handshake layer,
|
||||
@ -2215,8 +2245,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||
/* Write message_seq and update it, except for HelloRequest */
|
||||
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
||||
{
|
||||
ssl->out_msg[4] = ( ssl->handshake->out_msg_seq >> 8 ) & 0xFF;
|
||||
ssl->out_msg[5] = ( ssl->handshake->out_msg_seq ) & 0xFF;
|
||||
MBEDTLS_PUT_UINT16_BE( ssl->handshake->out_msg_seq, ssl->out_msg, 4 );
|
||||
++( ssl->handshake->out_msg_seq );
|
||||
}
|
||||
else
|
||||
@ -2233,7 +2262,7 @@ int mbedtls_ssl_write_handshake_msg( mbedtls_ssl_context *ssl )
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
|
||||
/* Update running hashes of handshake messages seen */
|
||||
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST )
|
||||
if( hs_type != MBEDTLS_SSL_HS_HELLO_REQUEST && update_checksum != 0 )
|
||||
ssl->handshake->update_checksum( ssl, ssl->out_msg, ssl->out_msglen );
|
||||
}
|
||||
|
||||
@ -2295,13 +2324,18 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
|
||||
#endif
|
||||
/* Skip writing the record content type to after the encryption,
|
||||
* as it may change when using the CID extension. */
|
||||
int minor_ver = ssl->minor_ver;
|
||||
#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL)
|
||||
/* TLS 1.3 still uses the TLS 1.2 version identifier
|
||||
* for backwards compatibility. */
|
||||
if( minor_ver == MBEDTLS_SSL_MINOR_VERSION_4 )
|
||||
minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
|
||||
#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */
|
||||
mbedtls_ssl_write_version( ssl->major_ver, minor_ver,
|
||||
ssl->conf->transport, ssl->out_hdr + 1 );
|
||||
|
||||
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
|
||||
ssl->conf->transport, ssl->out_hdr + 1 );
|
||||
|
||||
memcpy( ssl->out_ctr, ssl->cur_out_ctr, 8 );
|
||||
ssl->out_len[0] = (unsigned char)( len >> 8 );
|
||||
ssl->out_len[1] = (unsigned char)( len );
|
||||
memcpy( ssl->out_ctr, ssl->cur_out_ctr, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
|
||||
MBEDTLS_PUT_UINT16_BE( len, ssl->out_len, 0);
|
||||
|
||||
if( ssl->transform_out != NULL )
|
||||
{
|
||||
@ -2312,8 +2346,8 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
|
||||
rec.data_len = ssl->out_msglen;
|
||||
rec.data_offset = ssl->out_msg - rec.buf;
|
||||
|
||||
memcpy( &rec.ctr[0], ssl->out_ctr, 8 );
|
||||
mbedtls_ssl_write_version( ssl->major_ver, ssl->minor_ver,
|
||||
memcpy( &rec.ctr[0], ssl->out_ctr, sizeof( rec.ctr ) );
|
||||
mbedtls_ssl_write_version( ssl->major_ver, minor_ver,
|
||||
ssl->conf->transport, rec.ver );
|
||||
rec.type = ssl->out_msgtype;
|
||||
|
||||
@ -2341,8 +2375,7 @@ int mbedtls_ssl_write_record( mbedtls_ssl_context *ssl, uint8_t force_flush )
|
||||
memcpy( ssl->out_cid, rec.cid, rec.cid_len );
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->out_msglen = len = rec.data_len;
|
||||
ssl->out_len[0] = (unsigned char)( rec.data_len >> 8 );
|
||||
ssl->out_len[1] = (unsigned char)( rec.data_len );
|
||||
MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->out_len, 0 );
|
||||
}
|
||||
|
||||
protected_record_size = len + mbedtls_ssl_out_hdr_len( ssl );
|
||||
@ -2914,12 +2947,11 @@ static int ssl_check_dtls_clihlo_cookie(
|
||||
/* Go back and fill length fields */
|
||||
obuf[27] = (unsigned char)( *olen - 28 );
|
||||
|
||||
obuf[14] = obuf[22] = (unsigned char)( ( *olen - 25 ) >> 16 );
|
||||
obuf[15] = obuf[23] = (unsigned char)( ( *olen - 25 ) >> 8 );
|
||||
obuf[16] = obuf[24] = (unsigned char)( ( *olen - 25 ) );
|
||||
obuf[14] = obuf[22] = MBEDTLS_BYTE_2( *olen - 25 );
|
||||
obuf[15] = obuf[23] = MBEDTLS_BYTE_1( *olen - 25 );
|
||||
obuf[16] = obuf[24] = MBEDTLS_BYTE_0( *olen - 25 );
|
||||
|
||||
obuf[11] = (unsigned char)( ( *olen - 13 ) >> 8 );
|
||||
obuf[12] = (unsigned char)( ( *olen - 13 ) );
|
||||
MBEDTLS_PUT_UINT16_BE( *olen - 13, obuf, 11 );
|
||||
|
||||
return( MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED );
|
||||
}
|
||||
@ -3389,9 +3421,12 @@ static int ssl_prepare_record_content( mbedtls_ssl_context *ssl,
|
||||
#endif
|
||||
{
|
||||
unsigned i;
|
||||
for( i = 8; i > mbedtls_ssl_ep_len( ssl ); i-- )
|
||||
for( i = MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
|
||||
i > mbedtls_ssl_ep_len( ssl ); i-- )
|
||||
{
|
||||
if( ++ssl->in_ctr[i - 1] != 0 )
|
||||
break;
|
||||
}
|
||||
|
||||
/* The loop goes to its end iff the counter is wrapping */
|
||||
if( i == mbedtls_ssl_ep_len( ssl ) )
|
||||
@ -4299,8 +4334,7 @@ static int ssl_get_next_record( mbedtls_ssl_context *ssl )
|
||||
ssl->in_hdr[0] = rec.type;
|
||||
ssl->in_msg = rec.buf + rec.data_offset;
|
||||
ssl->in_msglen = rec.data_len;
|
||||
ssl->in_len[0] = (unsigned char)( rec.data_len >> 8 );
|
||||
ssl->in_len[1] = (unsigned char)( rec.data_len );
|
||||
MBEDTLS_PUT_UINT16_BE( rec.data_len, ssl->in_len, 0 );
|
||||
|
||||
return( 0 );
|
||||
}
|
||||
@ -4532,7 +4566,7 @@ int mbedtls_ssl_parse_change_cipher_spec( mbedtls_ssl_context *ssl )
|
||||
}
|
||||
else
|
||||
#endif /* MBEDTLS_SSL_PROTO_DTLS */
|
||||
memset( ssl->in_ctr, 0, 8 );
|
||||
memset( ssl->in_ctr, 0, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
|
||||
|
||||
mbedtls_ssl_update_in_pointers( ssl );
|
||||
|
||||
@ -4568,12 +4602,12 @@ void mbedtls_ssl_update_out_pointers( mbedtls_ssl_context *ssl,
|
||||
{
|
||||
ssl->out_ctr = ssl->out_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->out_cid = ssl->out_ctr + 8;
|
||||
ssl->out_cid = ssl->out_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
|
||||
ssl->out_len = ssl->out_cid;
|
||||
if( transform != NULL )
|
||||
ssl->out_len += transform->out_cid_len;
|
||||
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->out_len = ssl->out_ctr + 8;
|
||||
ssl->out_len = ssl->out_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->out_iv = ssl->out_len + 2;
|
||||
}
|
||||
@ -4622,17 +4656,17 @@ void mbedtls_ssl_update_in_pointers( mbedtls_ssl_context *ssl )
|
||||
* ssl_parse_record_header(). */
|
||||
ssl->in_ctr = ssl->in_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->in_cid = ssl->in_ctr + 8;
|
||||
ssl->in_cid = ssl->in_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
|
||||
ssl->in_len = ssl->in_cid; /* Default: no CID */
|
||||
#else /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->in_len = ssl->in_ctr + 8;
|
||||
ssl->in_len = ssl->in_ctr + MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
|
||||
#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
|
||||
ssl->in_iv = ssl->in_len + 2;
|
||||
}
|
||||
else
|
||||
#endif
|
||||
{
|
||||
ssl->in_ctr = ssl->in_hdr - 8;
|
||||
ssl->in_ctr = ssl->in_hdr - MBEDTLS_SSL_SEQUENCE_NUMBER_LEN;
|
||||
ssl->in_len = ssl->in_hdr + 3;
|
||||
#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
|
||||
ssl->in_cid = ssl->in_len;
|
||||
@ -4806,9 +4840,11 @@ static int ssl_check_ctr_renegotiate( mbedtls_ssl_context *ssl )
|
||||
}
|
||||
|
||||
in_ctr_cmp = memcmp( ssl->in_ctr + ep_len,
|
||||
ssl->conf->renego_period + ep_len, 8 - ep_len );
|
||||
out_ctr_cmp = memcmp( ssl->cur_out_ctr + ep_len,
|
||||
ssl->conf->renego_period + ep_len, 8 - ep_len );
|
||||
&ssl->conf->renego_period[ep_len],
|
||||
MBEDTLS_SSL_SEQUENCE_NUMBER_LEN - ep_len );
|
||||
out_ctr_cmp = memcmp( &ssl->cur_out_ctr[ep_len],
|
||||
&ssl->conf->renego_period[ep_len],
|
||||
sizeof( ssl->cur_out_ctr ) - ep_len );
|
||||
|
||||
if( in_ctr_cmp <= 0 && out_ctr_cmp <= 0 )
|
||||
{
|
||||
@ -5292,6 +5328,20 @@ void mbedtls_ssl_transform_free( mbedtls_ssl_transform *transform )
|
||||
mbedtls_platform_zeroize( transform, sizeof( mbedtls_ssl_transform ) );
|
||||
}
|
||||
|
||||
void mbedtls_ssl_set_inbound_transform( mbedtls_ssl_context *ssl,
|
||||
mbedtls_ssl_transform *transform )
|
||||
{
|
||||
ssl->transform_in = transform;
|
||||
memset( ssl->in_ctr, 0, MBEDTLS_SSL_SEQUENCE_NUMBER_LEN );
|
||||
}
|
||||
|
||||
void mbedtls_ssl_set_outbound_transform( mbedtls_ssl_context *ssl,
|
||||
mbedtls_ssl_transform *transform )
|
||||
{
|
||||
ssl->transform_out = transform;
|
||||
memset( ssl->cur_out_ctr, 0, sizeof( ssl->cur_out_ctr ) );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_SSL_PROTO_DTLS)
|
||||
|
||||
void mbedtls_ssl_buffering_free( mbedtls_ssl_context *ssl )
|
||||
@ -5380,4 +5430,48 @@ void mbedtls_ssl_read_version( int *major, int *minor, int transport,
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Send pending fatal alert.
|
||||
* 0, No alert message.
|
||||
* !0, if mbedtls_ssl_send_alert_message() returned in error, the error code it
|
||||
* returned, ssl->alert_reason otherwise.
|
||||
*/
|
||||
int mbedtls_ssl_handle_pending_alert( mbedtls_ssl_context *ssl )
|
||||
{
|
||||
int ret;
|
||||
|
||||
/* No pending alert, return success*/
|
||||
if( ssl->send_alert == 0 )
|
||||
return( 0 );
|
||||
|
||||
ret = mbedtls_ssl_send_alert_message( ssl,
|
||||
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||
ssl->alert_type );
|
||||
|
||||
/* If mbedtls_ssl_send_alert_message() returned with MBEDTLS_ERR_SSL_WANT_WRITE,
|
||||
* do not clear the alert to be able to send it later.
|
||||
*/
|
||||
if( ret != MBEDTLS_ERR_SSL_WANT_WRITE )
|
||||
{
|
||||
ssl->send_alert = 0;
|
||||
}
|
||||
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
return( ssl->alert_reason );
|
||||
}
|
||||
|
||||
/*
|
||||
* Set pending fatal alert flag.
|
||||
*/
|
||||
void mbedtls_ssl_pend_fatal_alert( mbedtls_ssl_context *ssl,
|
||||
unsigned char alert_type,
|
||||
int alert_reason )
|
||||
{
|
||||
ssl->send_alert = 1;
|
||||
ssl->alert_type = alert_type;
|
||||
ssl->alert_reason = alert_reason;
|
||||
}
|
||||
|
||||
#endif /* MBEDTLS_SSL_TLS_C */
|
||||
|
||||
Reference in New Issue
Block a user